Re: [Teas-ns-dt] Network Slicing and Enhanced VPN Drafts
"Rokui, Reza (Nokia - CA/Ottawa)" <reza.rokui@nokia.com> Mon, 13 January 2020 13:59 UTC
Return-Path: <reza.rokui@nokia.com>
X-Original-To: teas-ns-dt@ietfa.amsl.com
Delivered-To: teas-ns-dt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1])
by ietfa.amsl.com (Postfix) with ESMTP id 25C4212010D
for <teas-ns-dt@ietfa.amsl.com>; Mon, 13 Jan 2020 05:59:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1,
DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001,
SPF_PASS=-0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key)
header.d=nokia.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44])
by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id roh4MxIao8l5 for <teas-ns-dt@ietfa.amsl.com>;
Mon, 13 Jan 2020 05:59:23 -0800 (PST)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com
(mail-eopbgr50131.outbound.protection.outlook.com [40.107.5.131])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by ietfa.amsl.com (Postfix) with ESMTPS id 30B6E120111
for <teas-ns-dt@ietf.org>; Mon, 13 Jan 2020 05:59:23 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=MUDsfhoYaBk73SJGBbeooCbZc3tUVMO02GWsOQeJZqpgqyFFLUgwcGeynrp8deSHmAWCzuMzymnn8Lyw7nM/W49qiLVAtyupJksNvLExxrFmnLqVrPBGkUc7Zs51EVcGbvC9+ElCN8FODZJwypx3E9N5ymw5ALE2y/NbixWkhZ4gsAKXDMlHeoMAfjUGizine/7AxLUpK/Eglm3ZJm7Rcin+LTtPU9NYf8GlrInmxrnaLp4biLMy938GV3OaSZBaUnlMKHi8R4lN/UdsoMcEKMxiUhsMJvvKAGDvOnpvJXy9hDSS2wshChgmOjAwt8g4IXqO6F2mKeM7TvSX9F+3rA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=/1rdZ2OpKKqrjGldYg2/Ot5s9VujahWXLIIUfWeiZN0=;
b=ht+sjWIV+MST5uNK54k45GzyRcubjlmSkwDybNUM6w4cOEZ3kB10PM/I9FWCudNRnTgQBd5lKEy2KNtOMekJC2iFTY1pv85ytXjjSbxh7IDISDFjEsvb2hZPn6ckFMpmyqqiH3M3JNRJnHnap+qx4q9cWA6JVj5vJFUf6gCbtsqmvOcKzQCAIHDGwT/HTXg6x0dUHGOnHHRmVGI541zanCOM6cvu2UgXYkoYAcm1AM9kya9AQnVOyjX6j5CsH2fIEeUx2efuGQIJgbVYSiZRCdolSwIv3c0jvCxyxHrfbpquvhNQfIP2xt5Akh4yDw/4rLTIPimhJ1Xz7wnKl0572w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
smtp.mailfrom=nokia.com; dmarc=pass action=none header.from=nokia.com;
dkim=pass header.d=nokia.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nokia.onmicrosoft.com;
s=selector1-nokia-onmicrosoft-com;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=/1rdZ2OpKKqrjGldYg2/Ot5s9VujahWXLIIUfWeiZN0=;
b=EG6ZaUcPX3Wox+c8PU0ERULsLrQVqBLMG+txfUQ+Ad/Ke9CfACCvRszY+D2XInZClJjOG36zEFdrTwyf5uL9u6mTYE7P4TLttNNoHH1D97l0/RcUjhdPx9BzJgfJOW1J2znqfaOIsDAoYz4gtUQypmmfrl2q2DHRiuKJDK/ZfI4=
Received: from AM0PR07MB6098.eurprd07.prod.outlook.com (20.178.112.202) by
AM0PR07MB5155.eurprd07.prod.outlook.com (20.178.19.18) with Microsoft SMTP
Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
15.20.2644.12; Mon, 13 Jan 2020 13:59:20 +0000
Received: from AM0PR07MB6098.eurprd07.prod.outlook.com
([fe80::6020:4a8b:616d:83bb]) by AM0PR07MB6098.eurprd07.prod.outlook.com
([fe80::6020:4a8b:616d:83bb%3]) with mapi id 15.20.2644.015; Mon, 13 Jan 2020
13:59:20 +0000
From: "Rokui, Reza (Nokia - CA/Ottawa)" <reza.rokui@nokia.com>
To: Xufeng Liu <xufeng.liu.ietf@gmail.com>, John E Drake
<jdrake=40juniper.net@dmarc.ietf.org>, Stewart Bryant
<stewart.bryant@gmail.com>, "teas-ns-dt@ietf.org" <teas-ns-dt@ietf.org>,
"adrian@olddog.co.uk" <adrian@olddog.co.uk>
CC: "Rokui, Reza (Nokia - CA/Ottawa)" <reza.rokui@nokia.com>
Thread-Topic: [Teas-ns-dt] Network Slicing and Enhanced VPN Drafts
Thread-Index: AQHVyhmneRDImlcszkCNOzhfE2x+2g==
Date: Mon, 13 Jan 2020 13:59:20 +0000
Message-ID: <4F8DE6E7-BFE8-40A4-9AFC-E7C105EDDB1B@nokia.com>
References: <DM6PR05MB6426EA8E0057C889E8CC9A8CC7390@DM6PR05MB6426.namprd05.prod.outlook.com>
<CAEz6PPRmKZbo8nQ-ODCCbPnoOkJy-APb829K8ESBGO7VOv+wQg@mail.gmail.com>
In-Reply-To: <CAEz6PPRmKZbo8nQ-ODCCbPnoOkJy-APb829K8ESBGO7VOv+wQg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.20.0.191208
authentication-results: spf=none (sender IP is )
smtp.mailfrom=reza.rokui@nokia.com;
x-originating-ip: [131.228.48.84]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: 279d3c2c-70c1-41c2-d1ae-08d79830c9ec
x-ms-traffictypediagnostic: AM0PR07MB5155:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <AM0PR07MB5155B572D975364F11F0AB499F350@AM0PR07MB5155.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273;
x-forefront-prvs: 028166BF91
x-forefront-antispam-report: SFV:NSPM;
SFS:(10019020)(4636009)(39860400002)(136003)(376002)(346002)(366004)(396003)(189003)(199004)(66556008)(91956017)(76116006)(6486002)(186003)(4326008)(8936002)(6506007)(64756008)(66446008)(478600001)(66476007)(66946007)(81156014)(81166006)(53546011)(26005)(8676002)(6512007)(5660300002)(316002)(86362001)(110136005)(36756003)(2906002)(33656002)(2616005)(966005)(107886003)(71200400001);
DIR:OUT; SFP:1102; SCL:1; SRVR:AM0PR07MB5155;
H:AM0PR07MB6098.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en;
PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: nokia.com does not designate
permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: ZW18KUxPHPtC7sNVdIq38Mb5HDwqxBg9Kgs6AfIhZgK2S80FCv6znF/tOYIiyrrFmJBJrrCk0zdk5msfuUbd1mLcm03Oi4tEcvcrDl+h3TXPg+joTPk72pXIbS0W/Denw1Q+yiSrB25AjZS70Q3IdPDBPBmh5BKLUFeDNFUUch6RWv8dQvSADaAYQVaJFQhazieoafdiwfKbAuBynbUvQRToT1yDBDcrFHXZSIBhtW8losE8ex6gGQ08eYO6pD4ExFa8oiL2+5gwHMxpPqmydw+ckNP43Tv8M65Al/Cyj9Y2JopN3MQRn+MPPhwU6p/e7kohmHucTMaQm3Nlx8ktlb2OleY+G3PH23zqmRPWL5QtSgtfxo/3kdEsbLNOtmSfEx2DgdOZEB7AT4fzz5JMuY10z0B4aHOboIYu5BzFeC9NVhP8lSanuNU4kBzvwaZ5yYzlI2+JWLnKq+ur7ouuh2vHkMoQsCo1k9nqZvAh69bBfehNYTS1OlCOJLHb5xfvSpgLuHMd6aefd27YmjFXHQ==
Content-Type: multipart/alternative;
boundary="_000_4F8DE6E7BFE840A49AFCE7C105EDDB1Bnokiacom_"
MIME-Version: 1.0
X-OriginatorOrg: nokia.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 279d3c2c-70c1-41c2-d1ae-08d79830c9ec
X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Jan 2020 13:59:20.7658 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5d471751-9675-428d-917b-70f44f9630b0
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Q2eUnmKd9ae/hTBQXPQKhO8YqdwGsO9GKhiuYPldTavNQviFt8KZ5qpJmvD/xxGD+Q4z3ilzhQdZHyEwDMYaWA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR07MB5155
Archived-At: <https://mailarchive.ietf.org/arch/msg/teas-ns-dt/eSXQg5rloZkybKvg1lVl3NG7KIc>
Subject: Re: [Teas-ns-dt] Network Slicing and Enhanced VPN Drafts
X-BeenThere: teas-ns-dt@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: TEAS Network Slicing Design Team <teas-ns-dt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teas-ns-dt>,
<mailto:teas-ns-dt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teas-ns-dt/>
List-Post: <mailto:teas-ns-dt@ietf.org>
List-Help: <mailto:teas-ns-dt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teas-ns-dt>,
<mailto:teas-ns-dt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Jan 2020 13:59:27 -0000
All, See my comment below Reza From: Teas-ns-dt <teas-ns-dt-bounces@ietf.org> on behalf of Xufeng Liu <xufeng.liu.ietf@gmail.com> Date: Monday, January 13, 2020 at 8:20 AM To: John E Drake <jdrake=40juniper.net@dmarc.ietf.org> Cc: Stewart Bryant <stewart.bryant@gmail.com>om>, "teas-ns-dt@ietf.org" <teas-ns-dt@ietf.org>rg>, "adrian@olddog.co.uk" <adrian@olddog.co.uk> Subject: Re: [Teas-ns-dt] Network Slicing and Enhanced VPN Drafts While I feel that the text VPN+ document is too technology specific, I'd like to propose the following annotations: # Introduction .. Refer to [definitions] ... ... Relation to existing IETF technologies ... [Reza] Discuss how the transport slot relates to e2e network slice (and mention that the focus of IETF is transport slice) [Reza] include a couple of diagram to clarify this # Requirements ... ... clarify scoping is only networking ... [Reza] one scope is NBI to transport slice controller to address creation, monitoring and optimization of the transport slices [Reza] Other scope is to define the NBI data model [Reza] other scope is the guideline for mapping the NBI to SBI (with a few use-case for clarity) ... add some discussion of scalability ... ... [Xufeng] Transport Slice As a Service - Slice is configurable - Configurations can be negotiated ... [Xufeng] Elasticity ... [Xufeng] Survivability ... [Xufeng] Manageability ….[Reza] SLO/SLA discussion of transport slices # Framework ... [Xufeng] Abstraction ... [Xufeng] Network layers (Layer hierarchy) ... [Xufeng] Overlay and underlay (Abstraction hierarchy) ... [Xufeng] Network domains ... [Xufeng] Control mechanisms and interfaces ... [Xufeng] Measurement, monitoring, and recovery systems ….[Reza] discuss the transport slice controller ... diagram ... ## Applications ... the transport slice system is used by an application. in most likely, that application is just another level slice orchestrator, e.g., the end-to-end slice orchestrator. but in theory it could also be an actual application that wants to manage some specific connectivity through the transport slice system. ... ## Expressing connectivity intents ... northbound interface .... ... data models ... ... SLOs as intents ... ... (most of this comes from the definitions draft) ... ## Mapping .... the requirements get mapped by a piece of software, the controller, to concrete technologies and the connectivity is set up ... ## Controller ... ## Underlying technology ... such as MPLS or VPNs or even physical cables ... # Considerations ## Monitoring ... we need to instrument the slice realisation to know how it is doing + update the slice as situation changes + dynamic reconfig... ## How to deal with hierarchy ... ## Security model ... accidental or malicous interaction between slices raises new security concerns ... Thanks, - Xufeng On Thu, Jan 9, 2020 at 2:52 PM John E Drake <jdrake=40juniper.net@dmarc.ietf.org<mailto:40juniper.net@dmarc.ietf.org>> wrote: Dear Network Slicing Design Team, Stewart, and Adrian, The current definition of a network slice is, I think, an underlay network MP2MP connection between a set of endpoints with an SLO which is met between any pair of endpoints. What I think we can then say is that a variety of services are provided to those endpoints. I.e., a network slice is strictly an underlay network construct over which a variety of overlay network services are offered to individual tenants. Currently, the IETF defines overlay network services such as EVPN, L3VPN, and SFC (either separately or in combination), but this underlay/overlay separation would allow us to easily incorporate other services including those that are 5G specific. So, what we might want to consider is moving the material which is underlay network specific from the VPN+ draft to the network slicing framework draft and recasting the VPN+ draft as defining how VPN overlay services use network slices. Annotations are preceded w/ .....JD Introduction .... Refer to [definitions] ... ..... Relation to existing IETF technologies ... .......JD https://tools.ietf.org/html/draft-ietf-teas-enhanced-vpn-03#section-1 Requirements ..... ..... clarify scoping is only networking ... ..... add some discussion of scalability ... .......JD https://tools.ietf.org/html/draft-ietf-teas-enhanced-vpn-03#section-2, https://tools.ietf.org/html/draft-ietf-teas-enhanced-vpn-03#section-5 Framework .......JD https://tools.ietf.org/html/draft-ietf-teas-enhanced-vpn-03#section-3 ..... diagram ... Applications ..... the transport slice system is used by an application. in most likely, that application is just another level slice orchestrator, e.g., the end-to-end slice orchestrator. but in theory it could also be an actual application that wants to manage some specific connectivity through the transport slice system. ... Expressing connectivity intents .......JD I would replace the term 'applications' w/ 'overlay services' ..... northbound interface ... ..... data models ... ..... SLOs as intents ... ..... (most of this comes from the definitions draft) ... Mapping ..... the requirements get mapped by a piece of software, the controller, to concrete technologies and the connectivity is set up ... Controller ..... Underlying technology ..... such as MPLS or VPNs or even physical cables ... .......JD https://tools.ietf.org/html/draft-ietf-teas-enhanced-vpn-03#section-4 Considerations Monitoring ..... we need to instrument the slice realisation to know how it is doing + update the slice as situation changes + dynamic reconfig... How to deal with hierarchy .......JD https://tools.ietf.org/html/draft-ietf-teas-enhanced-vpn-03#section-6, https://tools.ietf.org/html/draft-ietf-teas-enhanced-vpn-03#section-7, https://tools.ietf.org/html/draft-ietf-teas-enhanced-vpn-03#section-8 ..... Security model ..... accidental or malicous interaction between slices raises new security concerns ... .......JD https://tools.ietf.org/html/draft-ietf-teas-enhanced-vpn-03#section-10 Yours Irrespectively, John Juniper Business Use Only -- Teas-ns-dt mailing list Teas-ns-dt@ietf.org<mailto:Teas-ns-dt@ietf.org> https://www.ietf.org/mailman/listinfo/teas-ns-dt
- [Teas-ns-dt] Network Slicing and Enhanced VPN Dra… John E Drake
- Re: [Teas-ns-dt] Network Slicing and Enhanced VPN… Xufeng Liu
- Re: [Teas-ns-dt] Network Slicing and Enhanced VPN… Rokui, Reza (Nokia - CA/Ottawa)