Re: WGLC comments on draft-ietf-bfd-vxlan
Greg Mirsky <gregimirsky@gmail.com> Tue, 13 November 2018 19:34 UTC
Return-Path: <gregimirsky@gmail.com>
X-Original-To: rtg-bfd@ietfa.amsl.com
Delivered-To: rtg-bfd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC3F1128CB7; Tue, 13 Nov 2018 11:34:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.018
X-Spam-Level:
X-Spam-Status: No, score=-1.018 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_FONT_FACE_BAD=0.981, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ncz3jA4ogAxw; Tue, 13 Nov 2018 11:34:43 -0800 (PST)
Received: from mail-lf1-x12f.google.com (mail-lf1-x12f.google.com [IPv6:2a00:1450:4864:20::12f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C437B128B14; Tue, 13 Nov 2018 11:34:42 -0800 (PST)
Received: by mail-lf1-x12f.google.com with SMTP id u18so9716837lff.10; Tue, 13 Nov 2018 11:34:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=NknxPabRecgeOgzN3INKfZ5VfHXga/G8+xuikKComKc=; b=ZKdsj4HNSC085UJXSaLExpVYZg3hNm6uKVNu1+sQFaLf/efoJ5V5Q+8vRE5NZHB+wN Woozh1omh3aoWUwp/n7vLKUvViUl5EGhh36/hpyoTKsLFLxFmKLdg4SyQ6m/mjHRNH7j gJz6f43gIUGUCS/0dO7Ug7Q7rkHrzF/TKX+wi0ajI1KRDO3tbwXB8umShXKmR7pbmIWh o23frZva4uu6ggV4X99nXr9HQEPOdW6p66IZm6LepAxA7NUOjPNNSUeH18jlZZe85vck IJiqpchsr7qMuwFa8s7wX7R+9xafH4hmhc7PZbe+DxxM9bH2sIKRdYY177aY25aIDFc2 CA9g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=NknxPabRecgeOgzN3INKfZ5VfHXga/G8+xuikKComKc=; b=VlvjKVgoGqe04oGTWAFQp0XfaRVvp7fswpFeOYZxcWVBF4PEcpysO96f5M1l5PuBwO I14w/rpWEZAY3Y6mT1lCjwggl0F3KrA+UPo4RAuzNOxdBhcmNHH3CTqaVqyuPpLFUVG9 hB5XUrFomjsCUKxMVTZycXrwYA7ABy5vk21KtRcuhNXaamIqu43rOCbJCPYhYUfCxx+H 9v8yIKY8RV3NduHisJC2oSFHDAPHAYcyktZNHIZpn+5elt52pBSA8DDTu9rTPA6hKiDv X6C1igrWYfR+9U7UYsOj+GVMzrx5s+yDjp1gv14CTOPmD/8nwtSsdgq7CCm4BFfsbGa+ KQGw==
X-Gm-Message-State: AGRZ1gLaKRJyaqKW+dzDT8OIcbKdETHRfO3k1hwubroILeIzsT6TRoQQ l6pGxCIedaxjxafkNIbv3kXVVnjKOUnwbnEfMyBb9/n6
X-Google-Smtp-Source: AJdET5c4RXkAvoR9ZbqO/lh/yBqbX0qL99V/0a6KMmM1KB6NRyoPfQqmNl0T/GJSFLRvGATOSjD+WENbYryG21ioeJc=
X-Received: by 2002:a19:a149:: with SMTP id k70mr3601008lfe.5.1542137680733; Tue, 13 Nov 2018 11:34:40 -0800 (PST)
MIME-Version: 1.0
References: <CA+-tSzxFxtVo6NbfSw4wzb--fSuN4zsSvX7R58iiYFgVF5cA6Q@mail.gmail.com>
In-Reply-To: <CA+-tSzxFxtVo6NbfSw4wzb--fSuN4zsSvX7R58iiYFgVF5cA6Q@mail.gmail.com>
From: Greg Mirsky <gregimirsky@gmail.com>
Date: Tue, 13 Nov 2018 11:34:30 -0800
Message-ID: <CA+RyBmVXeCYAZhWTy-g6U_EJ7NOFQwV4twJaJ-7_LT5_wKFGFw@mail.gmail.com>
Subject: Re: WGLC comments on draft-ietf-bfd-vxlan
To: Anoop Ghanwani <anoop@alumni.duke.edu>
Cc: rtg-bfd WG <rtg-bfd@ietf.org>, NVO3 <nvo3@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000a7ac7a057a90e83b"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtg-bfd/iWqfbNOgyTBjVy_Axwhbyootawk>
X-BeenThere: rtg-bfd@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <rtg-bfd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtg-bfd/>
List-Post: <mailto:rtg-bfd@ietf.org>
List-Help: <mailto:rtg-bfd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Nov 2018 19:34:54 -0000
Hi Anoop, many thanks for the thorough review and detailed comments. Please find my answers, this time for real, in-line tagged GIM>>. Regards, Greg On Thu, Nov 8, 2018 at 1:58 AM Anoop Ghanwani <anoop@alumni.duke.edu> wrote: > > Here are my comments. > > Thanks, > Anoop > > == > > Philosophical > > Since VXLAN is not an IETF standard, should we be defining a standard for > running BFD on it? Should we define BFD over Geneve instead which is the > official WG selection? Is that going to be a separate document? > GIM>> IS-IS is not on the Standard track either but that had not prevented > IETF from developing tens of standard track RFCs using RFC 1142 as the > normative reference until RFC 7142 re-classified it as historical. A > similar path was followed with IS-IS-TE by publishing RFC 3784 until it was > obsoleted by RFC 5305 four years later. I understand that Down Reference, > i.e., using informational RFC as the normative reference, is not an unusual > situation. > > > Technical > > Section 1: > > This part needs to be rewritten: > >>> > The individual racks may be part of a different Layer 3 network, or they > could be in a single Layer 2 network. The VXLAN segments/overlays are > overlaid on top of Layer 3 network. A VM can communicate with another VM > only if they are on the same VXLAN segment. > >>> > It's hard to parse and, given IRB, > GIM>> Would the following text be acceptable: OLD TEXT: VXLAN is typically deployed in data centers interconnecting virtualized hosts, which may be spread across multiple racks. The individual racks may be part of a different Layer 3 network, or they could be in a single Layer 2 network. The VXLAN segments/overlays are overlaid on top of Layer 3 network. NEW TEXT: VXLAN is typically deployed in data centers interconnecting virtualized hosts of a tenant. VXLAN addresses requirements of the Layer 2 and Layer 3 data center network infrastructure in the presence of VMs in a multi-tenant environment, discussed in section 3 [RFC7348], by providing Layer 2 overlay scheme on a Layer 3 network. A VM can communicate with another VM only if they are on the same VXLAN segment. > > the last sentence above is wrong. > GIM>> Section 4 in RFC 7348 states: Only VMs within the same VXLAN segment can communicate with each other. Section 3: > >>> > Most deployments will have VMs with only L2 capabilities that > may not support L3. > >>> > Are you suggesting most deployments have VMs with no IP > addresses/configuration? > GIM>> Would re-word as follows: OLD TEXT: Most deployments will have VMs with only L2 capabilities that may not support L3. NEW TEXT: Deployments may have VMs with only L2 capabilities that do not support L3. > > >>> > Having a hierarchical OAM model helps localize faults though it requires > additional consideration. > >>> > What are the additional considerations? > GIM>> For example, coordination of BFD intervals across the OAM layers. > > Would be useful to add a reference to RFC 8293 in case the reader would > like to know more about service nodes. > GIM>> I have to admit that I don't find how RFC 8293 A Framework for Multicast in Network Virtualization over Layer 3 is related to this document. Please help with additional reference to the text of the document. > > Section 4 > >>> > Separate BFD sessions can be established between the VTEPs (IP1 and IP2) > for monitoring each of the VXLAN tunnels (VNI 100 and 200). > >>> > IMO, the document should mention that this could lead to scaling issues > given that VTEPs can support well in excess of 4K VNIs. Additionally, we > should mention that with IRB, a given VNI may not even exist on the > destination VTEP. Finally, what is the benefit of doing this? There may > be certain corner cases where it's useful (vs a single BFD session between > the VTEPs for all VNIs) but it would be good to explain what those are. > GIM>> Will add text in the Security Considerations section that VTEPs should have limit on number of BFD sessions. > > Sections 5.1 and 6.1 > > In 5.1 we have > >>> > The inner MAC frame carrying the BFD payload has the > following format: > ... Source IP: IP address of the originating VTEP. Destination IP: IP > address of the terminating VTEP. > >>> > > In 6.1 we have > >>> > > Since multiple BFD sessions may be running between two > VTEPs, there needs to be a mechanism for demultiplexing received BF > > packets to the proper session. The procedure for demultiplexing > packets with Your Discriminator equal to 0 is different from[RFC5880 <https://tools.ietf.org/html/rfc5880>]. > > *For such packets, the BFD session MUST be identified* > > *using the inner headers, i.e., the source IP and the destination IP > present in the IP header carried by the payload of the VXLAN* > > *encapsulated packet.* > > > >>> > How does this work if the source IP and dest IP are the same as specified > in 5.1? > GIM>> You're right, Destination and source IP addresses likely are the same in this case. Will add that the source UDP port number, along with the pair of IP addresses, MUST be used to demux received BFD control packets. Would you agree that will be sufficient? > > Editorial > > - Terminology section should be renamed to acronyms. > GIM>> Accepted > - Document would benefit from a thorough editorial scrub, but maybe that > will happen once it gets to the RFC editor. > GIM>> Will certainly have helpful comments from ADs and RFC editor. > > Section 1 > >>> > "Virtual eXtensible Local Area Network" (VXLAN) [RFC7348 > <https://tools.ietf.org/html/rfc7348>]. provides an encapsulation scheme > that allows virtual machines (VMs) to communicate in a data center network. > >>> > This is not accurate. VXLAN allows you to implement an overlay to > decouple the address space of the attached hosts from that of the network. > GIM>> Thank you for the suggested text. Will change as follows: OLD TEXT: "Virtual eXtensible Local Area Network" (VXLAN) [RFC7348]. provides an encapsulation scheme that allows virtual machines (VMs) to communicate in a data center network. NEW TEXT: "Virtual eXtensible Local Area Network" (VXLAN) [RFC7348]. provides an encapsulation scheme that allows building an overlay network by decoupling the address space of the attached virtual hosts from that of the network. > > Section 7 > > VTEP's -> VTEPs > GIM>> Yes, thank you.
- WGLC comments on draft-ietf-bfd-vxlan Anoop Ghanwani
- Re: WGLC comments on draft-ietf-bfd-vxlan Greg Mirsky
- Re: WGLC comments on draft-ietf-bfd-vxlan Greg Mirsky
- Re: WGLC comments on draft-ietf-bfd-vxlan Greg Mirsky
- Re: WGLC comments on draft-ietf-bfd-vxlan Anoop Ghanwani
- Re: WGLC comments on draft-ietf-bfd-vxlan Greg Mirsky
- Re: WGLC comments on draft-ietf-bfd-vxlan Anoop Ghanwani
- Re: WGLC comments on draft-ietf-bfd-vxlan Greg Mirsky
- Re: WGLC comments on draft-ietf-bfd-vxlan Anoop Ghanwani
- Re: WGLC comments on draft-ietf-bfd-vxlan Greg Mirsky
- Re: WGLC comments on draft-ietf-bfd-vxlan Anoop Ghanwani
- Re: WGLC comments on draft-ietf-bfd-vxlan Greg Mirsky
- Re: WGLC comments on draft-ietf-bfd-vxlan Anoop Ghanwani
- Re: WGLC comments on draft-ietf-bfd-vxlan Greg Mirsky
- Re: WGLC comments on draft-ietf-bfd-vxlan Anoop Ghanwani
- Re: WGLC comments on draft-ietf-bfd-vxlan Greg Mirsky