Re: complete done (RE: comments on draft-ietf-rtgwg-net2cloud-problem-statement-4)
Linda Dunbar <linda.dunbar@futurewei.com> Mon, 15 July 2019 20:05 UTC
Return-Path: <linda.dunbar@futurewei.com>
X-Original-To: rtgwg@ietfa.amsl.com
Delivered-To: rtgwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D02F21202C5 for <rtgwg@ietfa.amsl.com>; Mon, 15 Jul 2019 13:05:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.988
X-Spam-Level:
X-Spam-Status: No, score=-1.988 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_NONE=0.001, T_KAM_HTML_FONT_INVALID=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=futurewei.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1oaOv1N1-zle for <rtgwg@ietfa.amsl.com>; Mon, 15 Jul 2019 13:05:36 -0700 (PDT)
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (mail-cys01nam02on0728.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe45::728]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 038751202C3 for <rtgwg@ietf.org>; Mon, 15 Jul 2019 13:05:35 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=U+J6k8uGPgUV1s8tOtT8fYV0X3R1pDhbhjdZ5k0j/+1mBwl+T9E+MbPyocZ2qydYaANo4GOd+TYgJIQ9LuuK3/y2eyUrpuWqhIHXGr2U2D+6nx5+WiEVQr5rbEgUybAk3YzYf9n/WzmhpDNSPFpmVENHtOW3vYPxP/HBmxDCRbcMlE1V/sszXo8AGiNw3b3+0EE2in1hkN/Pl8poQPp9ON5empOSW1lC2hgQhtBTkG1MWDAjctu1b/spl2eTQ/RsEnYn9HrWhj4wiN3mSq+xUz4zs8mCSLpRfif0DmiNxBBl+1/iiZamTi+cT840SmIeXhcmUywzeVzF7WrVPtnQjQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=HiMIHgUlrfrR5n1tS8n36gRZk85s/1kRxJOZpYUbwIw=; b=BxS0MFWnixh4eal3HJjqQyHQ4U/MZDm6rHHEGr5gOB0ib+gkTyXpwcCWvOXl44cFEIwp1MchKrkeU8EWm/F+eQAwFqxoiu8FeljCg/aL7BPpaAsN6zErrpvYO3icQHEESDI7Ao8ch0RpXjhGj9kv6dWc+P2/UWKXApHS6LdBSp2nAyEOdORi4xU+mm3dWv4U3rZAk6HUf+lU8nHpjGcVf4jE83oX9BNWEPPyyrYK3ivuCSMdhA+VSXEu2fTQS7x5GA02C6tXmIVhq3N39u4YXsNWz0gwvwuFxFFFJPSpFngZULupIgS2MYQxQRtXL1+p1Wrob1hVXxCrM+4hRQiP/w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=futurewei.com;dmarc=pass action=none header.from=futurewei.com;dkim=pass header.d=futurewei.com;arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Futurewei.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=HiMIHgUlrfrR5n1tS8n36gRZk85s/1kRxJOZpYUbwIw=; b=TH60kfYKJonaZIkPN3ytJyJ4JJDHrzzSbtEQ0QZd4cbYlD2Esovfs8SdZl7cbRDSvPkUwHo9r+y2W+/LE/1zj7D4ItPAncf9r0nU7UJ+XlUjOWYNzU961W1ybUIXNjsuA1fazHGnYtJCO+4M+NmKd8u0u4Kxa2Jh4BiYrMkaSAw=
Received: from MN2PR13MB3582.namprd13.prod.outlook.com (10.255.238.139) by MN2PR13MB2637.namprd13.prod.outlook.com (20.178.251.91) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2094.7; Mon, 15 Jul 2019 20:05:32 +0000
Received: from MN2PR13MB3582.namprd13.prod.outlook.com ([fe80::e068:8461:62d7:e0c1]) by MN2PR13MB3582.namprd13.prod.outlook.com ([fe80::e068:8461:62d7:e0c1%7]) with mapi id 15.20.2094.009; Mon, 15 Jul 2019 20:05:32 +0000
From: Linda Dunbar <linda.dunbar@futurewei.com>
To: Chris Bowers <chrisbowers.ietf@gmail.com>, RTGWG <rtgwg@ietf.org>
Subject: Re: complete done (RE: comments on draft-ietf-rtgwg-net2cloud-problem-statement-4)
Thread-Topic: Re: complete done (RE: comments on draft-ietf-rtgwg-net2cloud-problem-statement-4)
Thread-Index: AdU7SJKnASvu7eHPQLGrTAxqvNlewQ==
Date: Mon, 15 Jul 2019 20:05:31 +0000
Message-ID: <MN2PR13MB358293F01D21C0362DE6682D85CF0@MN2PR13MB3582.namprd13.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=linda.dunbar@futurewei.com;
x-originating-ip: [12.111.81.80]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 7d62bac9-858e-4fe8-6826-08d7095fcab6
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:MN2PR13MB2637;
x-ms-traffictypediagnostic: MN2PR13MB2637:
x-ms-exchange-purlcount: 5
x-microsoft-antispam-prvs: <MN2PR13MB2637175FE3B0B4486C1B590885CF0@MN2PR13MB2637.namprd13.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 00997889E7
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(979002)(4636009)(396003)(346002)(136003)(366004)(376002)(39850400004)(189003)(199004)(54896002)(53936002)(6306002)(102836004)(53946003)(33656002)(68736007)(236005)(9686003)(8936002)(66066001)(26005)(55016002)(25786009)(71200400001)(99286004)(71190400001)(74316002)(6436002)(7736002)(81166006)(81156014)(186003)(6506007)(52536014)(229853002)(8676002)(66476007)(486006)(476003)(66446008)(256004)(64756008)(66556008)(2906002)(606006)(86362001)(45080400002)(76116006)(14454004)(44832011)(6246003)(316002)(110136005)(66946007)(7696005)(14444005)(478600001)(5660300002)(3846002)(6116002)(790700001)(969003)(989001)(999001)(1009001)(1019001); DIR:OUT; SFP:1102; SCL:1; SRVR:MN2PR13MB2637; H:MN2PR13MB3582.namprd13.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: futurewei.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: +kW0gz29Yokh1ZS5wRKZEULVNiVjRuF/CBgOs/PioU0qJKP/btfwOgulTNZ97mYH5+DGEfrvzdHetjBiIABiA/4awmamw3OM6YgXH1meOtOrXE7WrNS2eHh8i+OLQ/61bW3gIP6ezhQnS0nL9AdC/jK9Eoc54FlCLqSmFFOAlNBiMghUSAQcv++yI6555CLEZd55mSi9tlZh96R9Zic0LiXNAOBZ8U+PpQq1//Bmzw4OGW6LmranBKJxw4kID2KEN4M/IFgOdoQPaLuLtwwaskCZj+1sD0taEyhw0te9xMqJ6CV8/Wb4tK/IueZzTo4hLL03nNkrd+SCfWiVSQiMERHc7+VhfP6sygUqFmVhRLmmPq1iJOrVIs5oKdMsYW+96hwoDqd87EsyGf8k8gLqXHY80FX2K05h5UkTezZCk/o=
Content-Type: multipart/alternative; boundary="_000_MN2PR13MB358293F01D21C0362DE6682D85CF0MN2PR13MB3582namp_"
MIME-Version: 1.0
X-OriginatorOrg: Futurewei.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 7d62bac9-858e-4fe8-6826-08d7095fcab6
X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Jul 2019 20:05:32.1940 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 0fee8ff2-a3b2-4018-9c75-3a1d5591fedc
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: ldunbar@futurewei.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR13MB2637
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtgwg/Eda7Rs--dMwHv-8OOLK9nwNbFR0>
X-BeenThere: rtgwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Routing Area Working Group <rtgwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtgwg/>
List-Post: <mailto:rtgwg@ietf.org>
List-Help: <mailto:rtgwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtgwg>, <mailto:rtgwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Jul 2019 20:05:40 -0000
Chris, Can you suggest what "more details" you are looking for on the VPC description? It is the description from cloud providers: > *"Virtual Private Cloud is a virtual network dedicated to one client > account. It is logically isolated from other virtual networks in a Cloud > DC. Each client can launch his/her desired resources, such as compute, > storage, or network functions into his/her VPC. In Microsoft Azure, the > term "Virtual Network (VNet)" is used for Virtual Private Cloud. Most Cloud > Operators' VPCs only support private addresses, some support IPv4 only, > others support IPv4/IPv6 dual stack."* > > > [CB2] I think this is an improvement, but I still think the description of the VPC in the document needs much more detail. Please see below in [Linda2] as reply to your comments: ---------------------------------------------------------- Re: complete done (RE: comments on draft-ietf-rtgwg-net2cloud-problem-statement-01 Chris Bowers <chrisbowers.ietf@gmail.com> Thu, 11 July 2019 21:10 UTCShow header<https://mailarchive.ietf.org/arch/msg/rtgwg/A7jAg_U17jCQIdqL3zgRN0K42us> Thanks. Please see inline with [CB2]. [Snipped] > > -------------------------------------------------------------------------- > > > > [Linda] I see many comments are related to not so clear definition on > VPC. Do you think the following definition (quoted from a Cloud DC > documentation) is clear enough? > > > > *"Virtual Private Cloud is a virtual network dedicated to one client > account. It is logically isolated from other virtual networks in a Cloud > DC. Each client can launch his/her desired resources, such as compute, > storage, or network functions into his/her VPC. In Microsoft Azure, the > term "Virtual Network (VNet)" is used for Virtual Private Cloud. Most Cloud > Operators' VPCs only support private addresses, some support IPv4 only, > others support IPv4/IPv6 dual stack."* > > > [CB2] I think this is an improvement, but I still think the description of the VPC in the document needs much more detail. > > > > > *AWS Direct Connect, which allows enterprises to purchase direct connect > from network service providers to get a private leased line interconnecting > the enterprises gateway(s) and the AWS Direct Connect routers. In addition, > an AWS Transit Gateway (https://aws.amazon.com/transit-gateway/ > <https://aws.amazon.com/transit-gateway/<https://aws.amazon.com/transit-gateway/%3E)>>) can be used to interconnect > multiple VPCs in different Availability Zones. AWS Transit Gateway acts as > a hub that controls how traffic is routed among all the connected networks > which act like spokes.* > > > > [CB2] I don't think the text should reference this URL, since the URL > might go away in the future. [Linda2] Okay, I will remove the URL. The reference is primarily for you. [Snipped] > > - *Most of the cloud DCs do not expose their internal networks, so the > MPLS-based VPNs can only reach Cloud DC's Gateways, not to the workloads > hosted inside. Even with AWS DirectConnect, the connection only reaches the > AWS DirectConnect Gateway. AWS DirectConnect Gateway uses BGP to exchange > all routes behind the gateway, even routes which might be physically > located in different geographical locations. There is no visibility to how > the applications/workloads are interconnected within a Cloud DC or across > multiple Cloud DCs.* > > [CB2] If I understand correctly, the following problem is being highlighted. An enterprise with a hybrid cloud deployment can use an MPLS-VPN to connect to a Cloud provider at multiple locations. The connection locations often correspond to different Cloud DC locations from the Cloud provider. The different Cloud DCs are interconnected by the Cloud provider's own internal network. At each connection location, the Cloud provider uses BGP to advertise all of the prefixes in the enterprise's VPC, regardless of which Cloud DC a given prefix is actually in. This can result in inefficient routing for the end-to-end data path. Is this the problem that the text in the draft is trying to describe? If so, I suggest using something like the text provided here to make it clearer. [Linda2] Thank you very much for the suggestion. I change the text to the following: * Most of the cloud DCs do not expose their internal networks. An enterprise with a hybrid cloud deployment can use an MPLS-VPN to connect to a Cloud provider at multiple locations. The connection locations often correspond to gateways of different Cloud DC locations from the Cloud provider. The different Cloud DCs are interconnected by the Cloud provider's own internal network. At each connection location (gateway), the Cloud provider uses BGP to advertise all of the prefixes in the enterprise's VPC, regardless of which Cloud DC a given prefix is actually in. This can result in inefficient routing for the end-to-end data path. Linda
- Re: complete done (RE: comments on draft-ietf-rtgā¦ Linda Dunbar