Re: [Teas] A question about draft-ietf-teas-te-service-mapping-yang

[Adrian Farrel <adrian@olddog.co.uk>]

Hello again 😊

> But
> what was NOT included in the draft is any detail on a) how the network 
> is “traffic engineered” b) which charateristics must this traffic 
> engineering have and c) which traffic of the VPN goes into which 
> tunnel…. One of the main reasons to leave that out was to avoid the “boiling the ocean”
> problem and limit the scope to opsawg. TE… would be dealt of course in 
> TEAS ☺

OK, and those three objectives (a, b, c) are reasonable things to put into the network model. Just not, IMHO, into the customer service model.

[KO] As Adrian described below, when VN is a service and our customer uses the VN as a service, why is the VN put into the network model reasonable? Am I something misunderstanding?
 "In this case, in my opinion, the cooked topology delivered to the customer is in the form of a service already. It might be a VN or it might be a set of connectivity services (i.e., tunnels). In this case, the delivery of a service over a service is highly ambiguous and I don’t think it falls within the operator’s capabilities to achieve it. The cooked topology is for the customer to use as they see fit."

[AF] I think the key here is to understand the layering. So when you say *the* network model I think there may be some ambiguity.

I see...

VPN
------- LxSM model -- Customer ask for a VPN operated over the VN
------- LxNM model -- VN orchestrator plans and provisions the VPN over the VN VN
------- VN service model -- Customer asks for a VN over the operator network
------- VN network model -- Operator's network orchestrator provisions the VN

[KO2] If this layering is correct, meaning VN as a service is not commonly used by an end-customer like our current VPN users, I agree.

In this case, the LxNM is operating in the customer's management space. The operator is unaware of the VPN and is unaware of how the VN is being used by the customer.

We must be careful to not think that the LxSM is the interface between customer and operator. It is the interface between consumer and provider which, in this case, are both within the customer's control.

[KO2] What do you mean by "are both within the customer's control"? What "are both within the customer's control"

[AF2] When the VN is provided as a service to the consumer, the operation of the VN belongs to the consumer.
If the consumer decides to operate a VPN over the VN then the consumer is responsible for realising the VPN over the VN.
That means that the consumer runs the VN Orchestrator. In this case, the LxNM is present in the consumer's management space, and it is augmented by the mapping model to coordinate with the resources in the VN. But the LxSM is still unaware of the tunnels and network resources.

[AF2]Talking to someone else yesterday, they suggested that the VN may be created by the operator to enable services for a customer, but that the VN is not exposed to the customer. It is a way for the operator to "partition" their network and provide service guarantees to the customer.
I think this is OK, but in this case the consumer is entirely unaware of the VN. When the consumer asks for a VPN service they do not see any difference if there is a VN or no VN. That is, the LxSM model is not augmented by the mapping model.
The operator may need features to map the VPN service onto the VN, and this shows up in the LxNM via the mapping model.

>>> Now, perhaps we should consider the ACTN use case where a VN has 
>>> been built for and delivered to the customer. In this case, the 
>>> question arises as to whether the LxVPN is supported over the VN or 
>>> supported over the provider's network using the resources of the VN.
>>> In my view of this, the LxVPN is supported over the VN: it is the 
>>> VN's management system that realises the VPN using TE tunnels in the 
>>> VN, and the VN with it's management system and TE tunnels is treated 
>>> just like a real network.

[KO] I think this might be technically correct, but VN service and VN's management system have never commercially existed yet, and there are only LxVPN's management systems. Under this situation, operators should desire the existing LxVPN's management systems to utilize/map VN resources for the existing LxVPN service, when the VN service has emerged. Thus, I believe te-service-mapping-yang should exist.

[AF] I'm having trouble following this.
I think you are saying that (today) no one sells a VN, and (in consequence) there is no such thing as a management system for a VN. I can believe that.
But then you say that it is important to be able to map the VPN onto the VN resources. This I can't understand because a VN is a service, and you have said that service doesn't exist. In particular, the customer will not be aware of the VN resources because they are not aware of the VN service.

[KO2] You are right. I just indicated a possible next step, not current situation.
I may require a shortcut solution for a) and A,B,C,D), once VN service with actn-vn-yang , for example, emerges.
As you wrote, VN service should exist behind LxNM optimally and not be exposed to any end-customer. However, once we decide that VN service is exposed to an end-customer like a large enterprise user, this becomes a case.

[AF2] I think I still disagree ☹
When the VN is exposed as a service, it is the customer's job to manage that VN. In particular, it is the customer's job to orchestrate the VN to support the VPN service.
The LxSM is how the customer configures and requests a VPN service.
The LxNM is how the orchestrator operates the network to support the VPN service.
That means the LxNM is used by the VN orchestrator to manage the VN. 
In my opinion, that means that the LxSM never has knowledge of the underlying network resources, but the LxNM does have that knowledge.

Best,
Adrian