IETF Logo Mail Archive

Re: draft-ietf-l3vpn-gre-ip-2547-04.txt

Robert Raszuk <raszuk@cisco.com> Fri, 29 July 2005 20:22 UTC

Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DybNY-0007Mr-25; Fri, 29 Jul 2005 16:22:48 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1DybNW-0007LF-0L for l3vpn@megatron.ietf.org; Fri, 29 Jul 2005 16:22:46 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA06998 for <l3vpn@ietf.org>; Fri, 29 Jul 2005 16:22:43 -0400 (EDT)
Received: from ams-iport-1.cisco.com ([144.254.224.140]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1DybtB-0004p6-U3 for l3vpn@ietf.org; Fri, 29 Jul 2005 16:55:33 -0400
Received: from ams-core-1.cisco.com (144.254.224.150) by ams-iport-1.cisco.com with ESMTP; 29 Jul 2005 22:22:32 +0200
Received: from xbh-ams-331.cisco.com (xbh-ams-331.cisco.com [144.254.231.71]) by ams-core-1.cisco.com (8.12.10/8.12.6) with ESMTP id j6TKMSDg015190; Fri, 29 Jul 2005 22:22:28 +0200 (MEST)
Received: from xfe-ams-332.cisco.com ([144.254.231.73]) by xbh-ams-331.cisco.com with Microsoft SMTPSVC(6.0.3790.211); Fri, 29 Jul 2005 22:22:27 +0200
Received: from [10.10.10.52] ([10.25.90.226]) by xfe-ams-332.cisco.com with Microsoft SMTPSVC(6.0.3790.211); Fri, 29 Jul 2005 22:22:23 +0200
Message-ID: <42EA8FF9.6020708@cisco.com>
Date: Fri, 29 Jul 2005 13:22:17 -0700
From: Robert Raszuk <raszuk@cisco.com>
Organization: Signature: http://www.employees.org/~raszuk/sig/
User-Agent: Mozilla Thunderbird 1.0.2 (Windows/20050317)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Scott Wainner <swainner@cisco.com>
References: <42EA8107.1010104@cisco.com>
In-Reply-To: <42EA8107.1010104@cisco.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 29 Jul 2005 20:22:24.0370 (UTC) FILETIME=[3B1EF520:01C5947B]
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 287c806b254c6353fcb09ee0e53bbc5e
Content-Transfer-Encoding: 7bit
Cc: l3vpn@ietf.org
Subject: Re: draft-ietf-l3vpn-gre-ip-2547-04.txt
X-BeenThere: l3vpn@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: raszuk@cisco.com
List-Id: l3vpn.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/l3vpn>, <mailto:l3vpn-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:l3vpn@ietf.org>
List-Help: <mailto:l3vpn-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/l3vpn>, <mailto:l3vpn-request@ietf.org?subject=subscribe>
Sender: l3vpn-bounces@ietf.org
Errors-To: l3vpn-bounces@ietf.org

Scott,

The question is valid and the automated solution to the problem has been 
proposed many times :)

Just for the reference please look at the below draft:

http://community.roxen.com/developers/idocs/drafts/draft-raggarwa-ppvpn-tunnel-encap-sig-01.html

Before we finalize the automated way the provisioning tools are 
responsible for selecting the encapsulation of choice.

Cheers,
R.



> In reviewing draft-ietf-l3vpn-gre-ip-2547-04.txt, I noted the following 
> that requires some clarification:
> 
>> 4.1  MPLS-in-IP/MPLS-in-GRE Encapsulation by Ingress PE
>>
>>   The following description is not meant to specify an implementation
>>   strategy; any implementation procedure which produces the same result
>>   is acceptable.
>>
>>   When an ingress PE router receives a packet from a CE router, it
>>   looks up the packet's destination IP address in a VRF that is
>>   associated with packet's ingress attachment circuit.  This enables
>>   the (ingress) PE router to find a VPN-IP route.  The VPN-IP route
>>   will have an associated VPN route label and an associated BGP Next
>>   Hop. The label is pushed on the packet.  Then an IP (or IP+GRE)
>>   encapsulation header is prepended to the packet, creating an
>>   MPLS-in-IP (or MPLS-in-GRE) encapsulated packet.
> 
> 
> It appears that the ingress PE can choose to use MPLS-in-IP or MPLS-in-
> GRE implying that the egress MUST be able to perform both forms of
> decapsulation.  If the egress PE can only perform one form of 
> decapsulation,
> how does the ingress PE determine which form of encapsulation is preferred
> or required?
> 
>                                                       The IP source
> 
>>   address field of the encapsulation header will be an address of the
>>   ingress PE router itself.  The IP destination address field of the
>>   encapsulation header will contain the value of the associated BGP
>>   Next Hop; this will be an IP address of the egress PE router.  QoS
>>   information can be copied from the VPN packet to the GRE/IP tunnel
>>   header so that required forwarding behaviors can be maintained at
>>   each hop along the forwarding path.
> 
> 
>>   The effect is to dynamically create an IP (or GRE) tunnel between the
>>   ingress and egress PE routers.
> 
> 
> Presumably, the ingress PE and/or egress PE are also capable of forwarding
> packets via label switched paths (either between themselves or to other
> PE's or ASBR's).  In a mixed environment, its conceivable that two PE's
> could only communicate via GRE or IP while a third could use an LSP to the
> one or the other PE.   What means does the ingress PE use to determine
> that the LSP should be used verses the GRE or IP encap?
> 
>>                                     No apriori configuration of the
>>   remote tunnel endpoints is needed.  Note that these tunnels SHOULD
>>   NOT be IGP-visible links, and routing adjacencies SHOULD NOT be
>>   supported across these tunnel.  Note also that the set of remote
>>   tunnel endpoints is not known in advance, but is learned dynamically
>>   via the BGP distribution of VPN-IP routes.  The IP address of the
>>   remote tunnel endpoints is carried in the Network Address of the Next
>>   Hop field of the MP_REACH_NLRI BGP attribute [4]
> 
> 
> This model assumes that the Network Address of the Next Hop field is the
> destination tunnel address.  This may or may not be true.  The provider
> may in fact want the externally accessible tunnel address to be distinct
> from the Next Hop address for a variety of reasons including security,
> transitive tunnels, etc.  How does the egress PE indicate to the ingress
> PE that the tunnel should NOT be built to the Next Hop address, but to
> a designated tunnel address assigned on the egress PE?  Likewise, how
> does an ASBR determine that traffic to prefixes to a peer ASBR should
> not be tunneled while prefixes to a peer PE should be tunneled.
> 
> Seems that some form of signaling is required which is not defined in this
> draft.
> 
> Scott Wainner
> 
> 
> 
> Message: 1
> Date: Fri, 22 Jul 2005 17:31:30 -0700 (PDT)
> From: Rick Wilder <rick@rhwilder.net>
> Subject: draft-ietf-l3vpn-gre-ip-2547-04.txt.
> To: l3vpn@ietf.org
> Message-ID: <20050723003130.30954.qmail@web308.biz.mail.mud.yahoo.com>
> Content-Type: text/plain; charset="iso-8859-1"
> 
> L3VPN participants,
> 
> 
> This begins a two-week last call for comments on 
> draft-ietf-l3vpn-gre-ip-2547-04.txt.
> 
> Rick
> 
> 
>

v2.23.0 | Report a Bug | By Email