[Teas] A review of draft-ietf-teas-enhanced-vpn
Adrian Farrel <adrian@olddog.co.uk> Tue, 06 September 2022 14:21 UTC
Return-Path: <adrian@olddog.co.uk>
X-Original-To: teas@ietfa.amsl.com
Delivered-To: teas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 91934C1524B9; Tue, 6 Sep 2022 07:21:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.905
X-Spam-Level:
X-Spam-Status: No, score=-1.905 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BQvN5s2hmG1G; Tue, 6 Sep 2022 07:21:13 -0700 (PDT)
Received: from mta8.iomartmail.com (mta8.iomartmail.com [62.128.193.158]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 98AADC1533AB; Tue, 6 Sep 2022 07:21:09 -0700 (PDT)
Received: from vs1.iomartmail.com (vs1.iomartmail.com [10.12.10.121]) by mta8.iomartmail.com (8.14.7/8.14.7) with ESMTP id 286EL6C0002040; Tue, 6 Sep 2022 15:21:06 +0100
Received: from vs1.iomartmail.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 8D98A4604B; Tue, 6 Sep 2022 15:21:06 +0100 (BST)
Received: from vs1.iomartmail.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 8192E46050; Tue, 6 Sep 2022 15:21:06 +0100 (BST)
Received: from asmtp3.iomartmail.com (unknown [10.12.10.224]) by vs1.iomartmail.com (Postfix) with ESMTPS; Tue, 6 Sep 2022 15:21:06 +0100 (BST)
Received: from LAPTOPK7AS653V (152.197.bbplus.pte-ag1.dyn.plus.net [81.174.197.152] (may be forged)) (authenticated bits=0) by asmtp3.iomartmail.com (8.14.7/8.14.7) with ESMTP id 286EL5d6024655 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 6 Sep 2022 15:21:06 +0100
Reply-To: adrian@olddog.co.uk
From: Adrian Farrel <adrian@olddog.co.uk>
To: draft-ietf-teas-enhanced-vpn@ietf.org
Cc: teas@ietf.org
Date: Tue, 06 Sep 2022 15:21:06 +0100
Organization: Old Dog Consulting
Message-ID: <020801d8c1fb$e7376930$b5a63b90$@olddog.co.uk>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AdjB9Kja+SoQ/A3gQQ2fUltxim5Taw==
Content-Language: en-gb
X-Originating-IP: 81.174.197.152
X-Thinkmail-Auth: adrian@olddog.co.uk
X-TM-AS-GCONF: 00
X-TM-AS-Product-Ver: IMSVA-9.1.0.2090-9.0.0.1002-27124.000
X-TM-AS-Result: No--33.312-10.0-31-10
X-imss-scan-details: No--33.312-10.0-31-10
X-TMASE-Version: IMSVA-9.1.0.2090-9.0.1002-27124.000
X-TMASE-Result: 10--33.312100-10.000000
X-TMASE-MatchedRID: gL4NNSzpOgcOwAmmWH5kBAzrPeIO/OIHNi8L88UV9IC+y4Y487IcARg6 z/MzaOE8mMFHD38hdPs/oKDpdyJZNMg1QFikfL0tGqSG/c50XgPUoMiU4Mi75apJJeOmt6X/yzf 3DLrMc5JRjF+X+4Jeo4LRPgDkKAntSNIsvuv43x8sZAW16UOXi1IeMHlj6jlkRLQWlsj7XhMg3X psGU//P6y63UMrLqYMCHc91uq69Xq7PlxoJkviSD3stoORN7tb2FA7wK9mP9ekfxc014YHJ5wlb ZPQQ0yzQMOJEqjTDAC0lry9NEfvNww8Nmue9wz33nHtGkYl/VqbQfYveSNCCk9CJC/MWIZ4iCHx h6PvJSHoFXcVyziBPc2asBRP3dHx2yGIb79O9ChAL3S+E86WTeWzJnTmLPxvLaKzyzWK8GQ0VEy Og1y59FTZqaB7Kv7hGCW8ewGpztR4CGd3XYenF31JIA4rhsZ/dmWMDQajOiL9MbU3VPgLfaTv5H d+H8gBRgL8bfVL3cqf1Ex8EGm0AzN1VvnSogA6/cdhqO7KmN/zJ36EjZF4d3vHxBKEEz6gcxZ+a vxQRTzyjbtwo9mkpZJKigj9tWn2bVcsZW9h4CgEAUk+qoQrN5NOqMCawl2SmyiLZetSf8nJ4y0w P1A6ADMMszeAZpzJdB0ntd9Tzp6QZS2ujCtcuA==
X-TMASE-SNAP-Result: 1.821001.0001-0-1-22:0,33:0,34:0-0
Archived-At: <https://mailarchive.ietf.org/arch/msg/teas/Yfo9i4E3vpAR47O3kQY58D3r_Dc>
Subject: [Teas] A review of draft-ietf-teas-enhanced-vpn
X-BeenThere: teas@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Traffic Engineering Architecture and Signaling working group discussion list <teas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/teas>, <mailto:teas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/teas/>
List-Post: <mailto:teas@ietf.org>
List-Help: <mailto:teas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/teas>, <mailto:teas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Sep 2022 14:21:17 -0000
Hi, As the slicing framework is queued for working group last call, I thought it would be helpful to do a review of this draft to get it ready for last call as well. As you might expect, I found a number of nits, and some small comments. My general view is that this document is in pretty good shape. Cheers, Adrian === Throughout You use "Layer-3", "layer-3", "Layer 3", and "layer 3" in this document. Need to pick one. --- Abstract s/over/beyond/ s/traditional/existing/ --- 1. s/a connectivity services/a connectivity service/ s/IETF network slices/IETF Network Slices/ s/"IETF network slice"/"IETF Network Slice"/ s/ [RFC7926] and/ [RFC7926], and/ s/underlay and the overlay/overlay and the underlay/ d/traditional/ twice s/enhanced data plane/data plane for enhanced VPNs/ --- 2. s/provides the/provides/ s/VTN has the/A VTN has the/ --- 2. List of terms Probably worth adding SLA, SLE, and SLO in this list with references to the slicing framework. VTN might be better to reference RFC 8453 rather than the YANG model. --- 3.1 s/This can be achieved/This could be achieved/ It is OK to say that per-VPN TE-LSPs are not widely deployed. But maybe also say, "...the more common approach of aggregating multiple VPNs onto common TE-LSPs results in shared bandwidth and so may reduce the assurance of bandwidth to any one service." s/provide these guarantees/provide a guaranteed upper bound to latency/ s/considered./considered when a guaranteed latency service is required./ s/attempts to deliver/attempts to deliver a copy of/ s/loss due to/loss in the event of/ --- 3.2 s/isolation./insolation within the underlay network./ --- 3.2.1 OLD resources, a significant economic advantage when compared to a dedicated, or a Time Division Multiplexing (TDM) network. NEW resources: a significant economic advantage when compared to a dedicated or a Time Division Multiplexing (TDM) network. END --- 3.2.1 Clearly, there is no need to provide more isolation than is required by the applications, ... Is "application" right? The service provider is unaware of the application. Perhaps... Clearly, there is no need for a customer to request more isolation than their applications require, and no need for a service provider to provide more isolation than requested by their customer, ... --- 3.2.1 s/in most cases/in most cases when hard isolation is requested/ --- 3.3 s/demanded by an/demanded of an/ --- 3.4 s/disruptive to that VPN,/disruptive to that VPN itself,/ s/Section 5.1,Section 5.2/Section 5.1, Section 5.3/ --- 3.4 Maybe the last two paragraphs would sit better as the 2nd and 3rd paragraphs of the section. --- 3.5 s/However, depends/However, depending/ --- 4. s/and a corresponding VTN/and mapped to a corresponding VTN/ --- 4.1 s/resource partitioning,/resource partitioning of the physical network infrastructure,/ s/and is associated/and each associated/ s/Thus VTN is/Thus the VTN is/ s/its customers/the service provider's customers/ --- 4.4 s/even in future/even in the future/ --- 5.1 s/which provide/which can provide/ --- 5.1.1 s/fixed- bandwidth/fixed-bandwidth/ --- 5.2.1 s/Virtual Transport Path (VTP)/ Virtual Transport Paths (VTPs)/ --- 5.2.3 The section should indicate MPLS and IPv6 data plane are both supported. --- 5.2.3 An SR traffic engineered path operates with a granularity of a link. Hints about priority are provided using the Traffic Class (TC) or Differentiated Services Code Point (DSCP) field in the packet header. I think the naming is wrong here. In both MPLS and IPv6 the field is called the Traffic Class field. --- 5.4 s/requirements on connectivity/requirements for connectivity/ --- 5.6 s/a SDN/an SDN/ --- 6. The framework has change the name from NBI to "IETF Network Slice Service Interface". --- 6.1 s/need to be created/need to be created to support the requested enhanced VPNs/ --- 6.4 s/by operator's policy/by the operator's policy/ --- 7. Maybe give some clue about what is coming next. Such as The sections that follow describe some of the scalability concerns that need to be considered. --- 7.2 s/traditional/established/ --- Perhaps sections 8 and 9 could be combined into a single section on "Management Considerations"? --- 11. d/traditional/ --- 12. Maybe add a final paragraph like... An enhanced VPN (even one with hard isolation requirements) does not provide any additional guarantees of privacy for customer traffic compared to regular VPNs: the traffic within the network may be intercepted and errors may lead to mis-delivery. Users who wish to ensure the privacy of their traffic must take their own precautions including end-to-end encryption. --- 16.2 I think [I-D.ietf-teas-actn-yang] is not used.
- [Teas] A review of draft-ietf-teas-enhanced-vpn Adrian Farrel
- Re: [Teas] A review of draft-ietf-teas-enhanced-v… Dongjie (Jimmy)