Re: [Teas] Comments on draft-bestbar-teas-ns-packet-00

["Dongjie (Jimmy)" <jie.dong@huawei.com>]

Hi Tarek,

Please see some further replies inline with [Jie2]:

From: Tarek Saad [mailto:tsaad.net@gmail.com]
Sent: Saturday, November 21, 2020 1:35 PM
To: Dongjie (Jimmy) <jie.dong@huawei.com>; teas@ietf.org
Cc: draft-bestbar-teas-ns-packet@ietf.org
Subject: Re: [Teas] Comments on draft-bestbar-teas-ns-packet-00

Thanks, Jie. Please see further response inline.

Hi Tarek,

Thanks a lot for your reply. Please see some further comments inline with [Jie]:

From: Teas [mailto:teas-bounces@ietf.org] On Behalf Of Tarek Saad
Sent: Sunday, November 15, 2020 1:24 PM
To: Dongjie (Jimmy) <jie.dong@huawei.com<mailto:jie.dong@huawei.com>>; teas@ietf.org<mailto:teas@ietf.org>
Cc: draft-bestbar-teas-ns-packet@ietf.org<mailto:draft-bestbar-teas-ns-packet@ietf.org>
Subject: Re: [Teas] Comments on draft-bestbar-teas-ns-packet-00

Thanks Jie for your review and your comments. Please see inline for some responses from the authors.

From: Teas <teas-bounces@ietf.org<mailto:teas-bounces@ietf.org>> on behalf of "Dongjie (Jimmy)" <jie.dong@huawei.com<mailto:jie.dong@huawei.com>>
Date: Thursday, November 12, 2020 at 2:52 AM
To: "teas@ietf.org<mailto:teas@ietf.org>" <teas@ietf.org<mailto:teas@ietf.org>>
Cc: "draft-bestbar-teas-ns-packet@ietf.org<mailto:draft-bestbar-teas-ns-packet@ietf.org>" <draft-bestbar-teas-ns-packet@ietf.org<mailto:draft-bestbar-teas-ns-packet@ietf.org>>
Subject: [Teas] Comments on draft-bestbar-teas-ns-packet-00

Hi authors,

I've read draft-bestbar-teas-ns-packet-00, please find some review comments from my side:

To my understanding, the mechanism described in this document aligns with the VPN+ framework described in draft-ietf-teas-enhanced-vpn. More specifically, this document describes different approaches of reserving dedicated or shared network resources for logical (or virtual) networks to provide network slicing. It also describes the mechanisms to steer traffic on the specific network resources allocated for the network slices. Thus it would be reasonable to reference draft-ietf-teas-enhanced-vpn in this document.
[TS]: the draft proposes a solution on how shared network resource(s) can be allocated to different slice(s) - in control and/or data plane. This solution would be able to cater to enhanced VPN when a slice is mapped to 1 VPN. However, the solution the draft present covers other variant ranging from (M VPNs mapping to N slices). We can add some text highlighting how this solution can be used to realize an enhanced VPN service in a later version.

[Jie] From this description, it shows that the a consistent view about the relationship between the terms VPN, network slice and enhanced VPN is needed. There is some description about this in the introduction of draft-ietf-teas-enhanced-vpn, review and suggestion are welcome.

[TS]: We agree the terminology needs to be consistent with that produced by the network slicing design team, and we'll make sure we're aligned with it as it progresses.

[Jie2]: As this document is about the realization of network slice, more specifically about the underlay network resource layer, while the NS-DT work is about the abstract view of network slice which is realization agnostic, my suggestion is the terminology alignment with enhanced VPN framework is also considered.

Section 4 describes three approaches for resource partitioning. First please note that the list a), b) and c) is not in the same order as sections 4.1, 4.2 and 4.3. Then I'm a little confused with this classification. If my understanding is correct, The difference is whether the resource is reserved in data plane or not (i.e. hard or soft isolation).
[TS]: thanks, we will fix the list order to be in line with the TOC.

While no matter which approach is used, the resource reservation state needs to be maintained in control plane (either in a central controller or in the control plane of devices). And the resource sharing described in 4.2 between multiple slices within a group is also possible with the data plane based resource partitioning. Thus I'm not sure "data plane only" and "control plane only" are the appropriate terms here. How about using "data plane resource partitioning" and "control plane resource reservation" instead?

After reading section 4.3, my understanding is this subsection actually talks about two things of a network slice: resource reservation and topology customization. Then perhaps it should not be listed as the third approach for resource partitioning/reservation. The combination of the resource and topology attributes may be described in a separate section.
[TS] In the "Data Plane Network Resource Slicing" (Section 4.1) approach, there is no per-slice resource reservation state maintained in the control-plane. In fact, some path placement techniques would select the best path without consideration to the network state or utilization (e.g. IGP based path selection, SR flex-algo path, or LDP).. Those would map traffic on the best selected path (usually leveraging ECMP) but without any network state reservations. Section 4.1 covers enhancing those usecases to enable data-plane slicing along such paths. In the "Control Plane Network Resource Slicing" (Section 4.2) approach, the control-plane (be it on the devices or on some central controller) maintains per-slice resource reservation state. And this facilitates Slice-aware TE path placement. The approach discussed in Section 4.3 ties both of the approaches together.

[Jie] Thanks for your explanation. Then my understanding is with "data plane network resource slicing" in this document, path computation and selection is based on a common topology (constraints), which means the network slices need to share the same topology attribute. This presumption may be true for some of the slices, while it may be difficult to ensure that all the network slices have the same topology. Thus a more generic approach is to allow either topology sharing or customization between network slices, and the data plane resource can be either dedicated or shared. Then "data plane resource slicing" and "control plane slicing" in this document can be seen as the special cases.

[TS]: No, the proposed model is generic enough to allow a set of slices to share a topology, while another set of slices share a different topology.

[JIe2]: Thanks for the clarification. The approach of allowing a set of network slices to share a topology, and another set of slices to share a different topology can help to improve the scalability, thus can support more network slices underlays (i.e. VTN in VPN+ framework) in a network. This has been described in section 4.1 of dong-teas-enhanced-vpn-vtn-scalability. The sharing of resources between a set of VTNs is also described there. In summary, all is about using the combination of either dedicated or shared resources with either different or shared topology to build different VTNs. Thus IMO these two documents are talking about the same thing in different languages.

In section 5.1, it mentions a network slice may be realized using a network slice service Layer, and a device/resource Layer. In management plane, this separation of functionality can be seen in the context of RFC 8309 by considering that the NBI described here is a customer service interface, which is mapped down to network and device configuration interfaces. The term network slice service layer aligns with the NS-DT documents that a network slice is a service provided to a consumer. Then one question is: can the device/resource layer also be called a network slice? Using the same term for both the service layer and the resource layer may cause ambiguity. Maybe it is better to provide a dedicated term for the resource layer in the network slice context? For example, in draft-ietf-teas-enhanced-vpn, the virtual underlay network is called a VTN.
[TS] The service definition of the "network slice" is outside the scope of this document and (as you are well aware) is discussed in detail in various other documents. The only assumption that this document makes is that there is some controller(s) that would translate this service layer intent to a network wide consistent slice per-hop definition that is provisioned on slice-capable nodes. The slice per-hop definition is required to enforce the proper per slice treatment onto slice traffic on each hop.

[Jie] I think we agree that in NS-DT the term "network slice" refers to the service layer. I understand the functions described in this document and its relationship with the network slice service layer, I'm just not sure whether the same term could be used for both the service layer and the resource layer, as they may have different characteristics and granularity.

[TS]: The "network slice service" used on the NBI is clearly different from the "network slice" used on the SBI for realization on a shared network. Our network slice per-hop definition includes the 4 key elements that are required to instantiate a network slice on a shared network: 1) Slice Selector, 2) Data-plane resources, 3) Control plane resources, and 4) the topology (refer to draft-bestbar-teas-yang-ns-phd for more details).

[Jie2]: Totally agree with the difference in functionality between the NBI for network slice service request and the SBI for the network slice underlay realization. My point was normally the "network slice" realized using the SBI described in this document will not be provided to the customer directly as a network slice service, this just shows that a different term is needed for the virtual underlay network realized using the mechanism in this document.

Best regards,
Jie

Regards,
Tarek

Section 5.2.1 describes two options for Slice data plane selector, and analyzed the scalability challenges with the first approach. This section is relevant to draft-dong-spring-sr-for-enhanced-vpn, which describes the mechanism of using different SR SIDs or SRv6 Locators to identify the nodes/links and the resources allocated to different VTNs. And the scalability considerations for VPN+ are described in draft-dong-teas-enhanced-vpn-vtn-scalability, which provides the scalability analysis and optimizations in both the control plane and the data plane. For IPv6 data plane, one approach to carry the VTN identifier in data packet is described in draft-dong-6man-enhanced-vpn-vtn-id. My understanding to this section is it may aim to cover the native IP and legacy MPLS cases? Anyway, some coordination between these drafts would be helpful.
TS] The primary motivation behind this document is to offer a solution that is agnostic to the path control technology used in the slicing domain and uses a model that caters to a variety of IP (including native IP and SRv6) and MPLS data-plane slice selectors to provide slice specific treatment on a given device. Operators can choose any specific slice selector that suits their deployment - section 5.2.1 provides the considerations for picking a suitable slice selector. And yes, always welcome to coordinate with relevant drafts.

[Jie] Understood. Look forward to the coordination with the data plane related drafts.

Section 6 provide some general considerations about routing protocol extensions. For this part you may refer to the VTN and VPN+ drafts in LSR and IDR WG, which provides the control plane solutions with different scalability and flexibility characteristics. Comments are always welcomed.

[TS] Ack, thanks. We will make sure that there is coordination with relevant drafts as we make progress on Slice-aware TE specific control plane enhancements.
Hope this helps.

[Jie] Good to know this, thanks.

Best regards,
Jie

Regards,
Tarek (for the authors)

Hope this helps.

Best regards,
Jie