Re:[nvo3] BFD over VXLAN: Trapping BFD Control packet at VTEP

[<xiao.min2@zte.com.cn>]

Hi Anoop,






Thanks for your comments.


Considering a scenario where TS1 has an MPLS access (i.e. MPLS-Packet over Tunnel between NVEs) to VNI1, TS3 has an Ethernet access (i.e. MAC-Frame over Tunnel between NVEs) to VNI1, then how can TS1 and TS3 share one VAP?






Best Regards,


Xiao Min










原始邮件



发件人：AnoopGhanwani <anoop@alumni.duke.edu>
收件人：肖敏10093570;
抄送人：Greg Mirsky <gregimirsky@gmail.com>;didutt@gmail.com <didutt@gmail.com>;draft-ietf-bfd-vxlan@ietf.org <draft-ietf-bfd-vxlan@ietf.org>;nvo3@ietf.org <nvo3@ietf.org>;santosh.pallagatti@gmail.com <santosh.pallagatti@gmail.com>;rtg-bfd WG <rtg-bfd@ietf.org>;Joel M. Halpern <jmh@joelhalpern.com>;tsridhar@vmware.com <tsridhar@vmware.com>;bfd-chairs@ietf.org <bfd-chairs@ietf.org>;
日 期 ：2019年09月26日 08:36
主 题 ：Re: [nvo3] BFD over VXLAN: Trapping BFD Control packet at VTEP




_______________________________________________
nvo3 mailing list
nvo3@ietf.org
https://www.ietf.org/mailman/listinfo/nvo3



>>>

Some people may argue that all Tenant Systems connecting to the same Virtual Network MUST share one VAP, if that's true, then VAP1 and VAP3 should merge into one VAP and my explanation doesn't work. Copying to NVO3 WG to involve more experts, hope for your clarifications and comments.  


>>>



I would be one of those that would argue that they MUST share on VAP if they connect to the same Virtual Network.  IMO, the NVO3 arch doc should have been clearer about this.


Thanks,
Anoop




On Tue, Sep 24, 2019 at 7:40 PM <xiao.min2@zte.com.cn> wrote:



Hi Santosh,






With regard to the question whether we should allow multiple BFD sessions for the same VNI or not, IMHO we should allow it, more explanation as follows...


Below is a figure derived from figure 2 of RFC8014 (An Architecture for Data-Center Network Virtualization over Layer 3 (NVO3)).




 | Data Center Network (IP) |
 | |
 +-----------------------------------------+
 | |
 | Tunnel Overlay |
 +------------+---------+ +---------+------------+
 | +----------+-------+ | | +-------+----------+ |
 | | Overlay Module | | | | Overlay Module | |
 | +---------+--------+ | | +---------+--------+ |
 | | | | | |
 NVE1 | | | | | | NVE2
 | +--------+-------+ | | +--------+-------+ |
 | |VNI1 VNI2 VNI1 | | | | VNI1 VNI2 VNI1 | |
 | +-+-----+----+---+ | | +-+-----+-----+--+ |
 |VAP1| VAP2| | VAP3 | |VAP1| VAP2| | VAP3|
 +----+-----+----+------+ +----+-----+-----+-----+
 | | | | | |
 | | | | | |
 | | | | | |
 -------+-----+----+-------------------+-----+-----+-------
 | | | Tenant | | |
 TSI1 | TSI2| | TSI3 TSI1| TSI2| |TSI3
 +---+ +---+ +---+ +---+ +---+ +---+
 |TS1| |TS2| |TS3| |TS4| |TS5| |TS6|
 +---+ +---+ +---+ +---+ +---+ +---+
To my understanding, the BFD sessions between NVE1 and NVE2 are actually initiated and terminated at VAP of NVE.


If the network operator want to set up one BFD session between VAP1 of NVE1 and VAP1of NVE2, at the same time another BFD session between VAP3 of NVE1 and VAP3 of NVE2, although the two BFD sessions are for the same VNI1, I believe it's reasonable, so that's why I think we should allow it.






Of course, in RFC8014 it also says:

"Note that two different Tenant Systems (and TSIs) attached to a common NVE can share a VAP (e.g., TS1 and TS2 in Figure 2) so long as they connect to the same Virtual Network."
Some people may argue that all Tenant Systems connecting to the same Virtual Network MUST share one VAP, if that's true, then VAP1 and VAP3 should merge into one VAP and my explanation doesn't work. Copying to NVO3 WG to involve more experts, hope for your clarifications and comments.






Best Regards,


Xiao Min