IETF Logo Mail Archive

Re: [nvo3] enhancing VXLAN/NVGRE vs creating an new encap

Dino Farinacci <farinacci@gmail.com> Wed, 19 March 2014 05:26 UTC

Return-Path: <farinacci@gmail.com>
X-Original-To: nvo3@ietfa.amsl.com
Delivered-To: nvo3@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5A1221A0375 for <nvo3@ietfa.amsl.com>; Tue, 18 Mar 2014 22:26:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qw1K4ytt7Azs for <nvo3@ietfa.amsl.com>; Tue, 18 Mar 2014 22:26:24 -0700 (PDT)
Received: from mail-pd0-x236.google.com (mail-pd0-x236.google.com [IPv6:2607:f8b0:400e:c02::236]) by ietfa.amsl.com (Postfix) with ESMTP id B9CDA1A031E for <nvo3@ietf.org>; Tue, 18 Mar 2014 22:26:24 -0700 (PDT)
Received: by mail-pd0-f182.google.com with SMTP id y10so8096270pdj.41 for <nvo3@ietf.org>; Tue, 18 Mar 2014 22:26:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=XqsBCn4QGWHKRemClGiej/Iwpz4sz8TwbTzL11j7xuk=; b=qOugEcPkQxByLdhgX4kZIv1IL3sIs8DbfW4MbwZqUeMxgnOy8PCZY79lbBeVAC7IE8 kCmib193wF+PA4CR7iELTX9W+nHAiW5E+USxZaj3X/xXQ2J+6fzyW3Iop+DS5DOMxevq Mwr0Z4XRD9o/ggzQZ4kwJJnUjvCIgi7LAThTQZQysqXyVf0LW9VmFdICOWcT96LoQfE5 aO1MD3yWhAc3f7tfMffDaDUVnc6aV1Lxkkadg4PUw4IK3D9nLikVcd6mfXgR4iG6iYFA tMV9OP2Sg9UxwsVDpxQcVfZmy3+U2SNC7E6Wa+nriyqYOexA6HdkuQRxQkr0+RhM1AeD w+fA==
X-Received: by 10.66.119.172 with SMTP id kv12mr37640285pab.34.1395206776331; Tue, 18 Mar 2014 22:26:16 -0700 (PDT)
Received: from [192.168.1.16] (173-8-188-29-SFBA.hfc.comcastbusiness.net. [173.8.188.29]) by mx.google.com with ESMTPSA id lh13sm98014345pab.4.2014.03.18.22.26.14 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 18 Mar 2014 22:26:15 -0700 (PDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (1.0)
From: Dino Farinacci <farinacci@gmail.com>
X-Mailer: iPhone Mail (11D167)
In-Reply-To: <9F56174078B48B459268EFF1DAB66B1A790386@DEN-EXDDA-S32.corp.ebay.com>
Date: Tue, 18 Mar 2014 22:26:15 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <0A318155-45EC-4529-B8FC-FE170884DA6A@gmail.com>
References: <2691CE0099834E4A9C5044EEC662BB9D45354603@dfweml701-chm.china.huawei.com> <48E1A67CB9CA044EADFEAB87D814BFF632A2BAD1@eusaamb107.ericsson.se> <026b01cf4108$9e58b070$db0a1150$@riw.us> <F10451DB-7C6E-4ED1-ABC0-37E8B3CD80FD@gmail.com> <5C5D3148-261D-4428-AC6B-AAAD4436D048@lucidvision.com> <E6C17D2345AC7A45B7D054D407AA205C39241E6A@eusaamb105.ericsson.se> <7AE6A4247B044C4ABE0A5B6BF427F8E20A369E6A@dfweml703-chm.china.huawei.com> <9F56174078B48B459268EFF1DAB66B1A790386@DEN-EXDDA-S32.corp.ebay.com>
To: "Zhou, Han" <hzhou8@ebay.com>
Archived-At: http://mailarchive.ietf.org/arch/msg/nvo3/KJq-G7sAQhosoPp71TKRUc1eih0
Cc: Thomas D Nadeau <tnadeau@lucidvision.com>, David Allan I <david.i.allan@ericsson.com>, "<draft-gross-geneve@tools.ietf.org>" <draft-gross-geneve@tools.ietf.org>, "<nvo3@ietf.org>" <nvo3@ietf.org>, Lucy yong <lucy.yong@huawei.com>, Russ White <russw@riw.us>, AshwoodsmithPeter <Peter.AshwoodSmith@huawei.com>, Eric Gray <eric.gray@ericsson.com>
Subject: Re: [nvo3] enhancing VXLAN/NVGRE vs creating an new encap
X-BeenThere: nvo3@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Network Virtualization Overlays \(NVO3\) Working Group" <nvo3.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nvo3>, <mailto:nvo3-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/nvo3/>
List-Post: <mailto:nvo3@ietf.org>
List-Help: <mailto:nvo3-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nvo3>, <mailto:nvo3-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Mar 2014 05:26:27 -0000

You don't need more header space for service chaining. 

An EID can identify a service. And you can assign as many as you want to a physical or virtual system. And EIDs could even be IPv6 addresses where there are plenty of bits to encode all sorts if things. 

Dino

> On Mar 18, 2014, at 7:41 PM, "Zhou, Han" <hzhou8@ebay.com> wrote:
> 
> Hi,
> 
> So let's face the reality: how to enhance VXLAN with the scarce space
> left in the header? Extend it with optional fields following the
> original header? Would it create similar problems of introducing a new
> protocol?
> 
> If the fixed 8 bytes size is still preferred, would it be better that
> the extension proposals co-work together to make the best use of the
> header space? E.g. VXLAN-GPE protocol type doesn't really needs 16 bits
> for the possible 3 (or more in the future, but not that huge) values.
> 
> Best regards,
> Han
> 
>> On Tue, 2014-03-18 at 20:32 +0000, AshwoodsmithPeter wrote:
>> I agree enhancing rather than inventing new is a good idea. For example CR-LDP did not create a new encapsulation (it is normal MPLS) nor did it create a new control protocol (its LDP) although it did add some TLV's to LDP of course for the ERO and QOS. It was a simple idea with very small code delta over LPD ... ..oh wait .. I guess that's a bad example ;)
>> 
>> As Dave points out politics is far from impotent here, let's not kid ourselves.
>> 
>> Peter
>> 
>> -----Original Message-----
>> From: nvo3 [mailto:nvo3-bounces@ietf.org] On Behalf Of David Allan I
>> Sent: Sunday, March 16, 2014 3:57 PM
>> To: Thomas D Nadeau; Dino Farinacci
>> Cc: Russ White; <draft-gross-geneve@tools.ietf.org>; <nvo3@ietf.org>; Lucy yong; Eric Gray
>> Subject: Re: [nvo3] enhancing VXLAN/NVGRE vs creating an new encap
>> 
>> The actual examples cited are artifacts of an industry power structure that may not apply in this case, as far as past performance predicting future outcomes....
>> 
>> D
>> 
>> -----Original Message-----
>> From: nvo3 [mailto:nvo3-bounces@ietf.org] On Behalf Of Thomas D Nadeau
>> Sent: Sunday, March 16, 2014 9:10 AM
>> To: Dino Farinacci
>> Cc: Russ White; <draft-gross-geneve@tools.ietf.org>; <nvo3@ietf.org>; Lucy yong; Eric Gray
>> Subject: Re: [nvo3] enhancing VXLAN/NVGRE vs creating an new encap
>> 
>> This road is littered with many examples in recent history of new alternatives presenting the dream of "a new encap/protocol will fix everything" such as crldp, PBT and PBB-TE. let's not make this mistake if we can help it...
>> 
>> Tom 
>> 
>> 
>>> On Mar 16, 2014, at 11:48, Dino Farinacci <farinacci@gmail.com> wrote:
>>> 
>>> Decades of experience tells us what Russ says below. Those who choose to ignore are bound to repeat ...
>>> 
>>> Dino
>>> 
>>>> On Mar 16, 2014, at 4:12 AM, "Russ White" <russw@riw.us> wrote:
>>>> 
>>>> 
>>>>> 3) create a new encapsulation that meets requirements - and find out 
>>>>> that the
>>>>>   industry doesn't entirely switch over to the new (read untried 
>>>>> and
>>>> possibly
>>>>>   immature) encapsulation, existing deployed alternatives are
>>>> documented
>>>>> in
>>>>>   some (possibly non-standard) way and we incur the costs 
>>>>> associated
>>>> with
>>>>>   living with three alternatives additional encapsulations until 
>>>>> such
>>>> time (if
>>>>> ever)
>>>>>   when the DCN industry settles on fewer (possibly as few as one)
>>>> choices,
>>>>> and
>>>>>   we move on.
>>>> 
>>>> This is, in fact, the most likely result... Vendors would need to 
>>>> remove support for the old encaps over time, which isn't going to 
>>>> happen so long as someone is actually using them, which means support 
>>>> will still be in code, which means new people will start using them, which means...
>>>> 
>>>> There is also a cost in security when it comes to defining new encap 
>>>> types we often don't consider -- it's one more tunnel type that needs 
>>>> to be accounted for by middle boxes, network hardening routines, etc.
>>>> For every new encap we create, we also create a lot of work in the 
>>>> security world in tracking vulnerabilities, understanding the semantics of the protocol, etc.
>>>> 
>>>> The right answer, IMHO, is to modify, rather than creating a new encap.
>>>> 
>>>> :-)
>>>> 
>>>> Russ
>>>> 
>>>> _______________________________________________
>>>> nvo3 mailing list
>>>> nvo3@ietf.org
>>>> https://www.ietf.org/mailman/listinfo/nvo3
>>> 
>>> _______________________________________________
>>> nvo3 mailing list
>>> nvo3@ietf.org
>>> https://www.ietf.org/mailman/listinfo/nvo3
>>> 
>> 
>> _______________________________________________
>> nvo3 mailing list
>> nvo3@ietf.org
>> https://www.ietf.org/mailman/listinfo/nvo3
>> 
>> _______________________________________________
>> nvo3 mailing list
>> nvo3@ietf.org
>> https://www.ietf.org/mailman/listinfo/nvo3
>> 
>> _______________________________________________
>> nvo3 mailing list
>> nvo3@ietf.org
>> https://www.ietf.org/mailman/listinfo/nvo3
>

v2.23.0 | Report a Bug | By Email