Re: [trill] Explaining three options for upgrading to FGL (fine-grained-labeling)

Jon Hudson <> Thu, 31 January 2013 07:16 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 3BA8921F86F4 for <>; Wed, 30 Jan 2013 23:16:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.818
X-Spam-Status: No, score=-0.818 tagged_above=-999 required=5 tests=[AWL=-1.385, BAYES_00=-2.599, FH_HOST_EQ_D_D_D_D=0.765, MIME_QP_LONG_LINE=1.396, RCVD_IN_PBL=0.905, RDNS_DYNAMIC=0.1]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id tH+iTEXgu64b for <>; Wed, 30 Jan 2013 23:16:16 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:4002:c01::236]) by (Postfix) with ESMTP id A735221F86EB for <>; Wed, 30 Jan 2013 23:16:14 -0800 (PST)
Received: by with SMTP id 29so2427yhr.13 for <>; Wed, 30 Jan 2013 23:16:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=x-received:references:mime-version:in-reply-to:content-type :content-transfer-encoding:message-id:cc:x-mailer:from:subject:date :to; bh=ITIV+EwkVWSAvtqt6ZK0aDb2Oo73XKCXUoJF+cD7dL8=; b=zujJORNR3Ky7zHjjBvfvwzjTAR01CJdETezAMF800Y3Uf9qsZ7S6FwzVGeS9yC93DK jD39+4gYBPT4/Xaa43tGtf4qfG6whaHz2hxwWYYOBPQokLbm9Sp1T1RCoQ/hLJS5rGuw P36tiq5d0kLQYbYIO90QRNnsdqRFCkaAa6wZ+mTUgooEvoq/Ip5TEnsOj1kH+0pqwNvG DOONbUWAGLdhBJX0jaFExZBzPooEs0m3GUJZHstJBiXrelO1ZmA1hg1vAwuqHXUIk/S5 cXkeE5OWiOj3WWlPN8gzDfkQF3NC3nTdSqUSUrYh4eKuD5nQrn5k4GhNbRWh/U1JzUPN 7Gxg==
X-Received: by with SMTP id h65mr8862101yhj.95.1359616573625; Wed, 30 Jan 2013 23:16:13 -0800 (PST)
Received: from [] ( []) by with ESMTPS id j1sm6597633yhn.3.2013. (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 30 Jan 2013 23:16:12 -0800 (PST)
References: <> <> <> <> <> <> <> <> <>
Mime-Version: 1.0 (1.0)
In-Reply-To: <>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
X-Mailer: iPhone Mail (10B143)
From: Jon Hudson <>
Date: Thu, 31 Jan 2013 16:16:01 +0900
To: Sam Aldrin <>
Cc: Donald Eastlake <>, Anoop Ghanwani <>, Radia Perlman <>, Ayan Banerjee <>, "" <>
Subject: Re: [trill] Explaining three options for upgrading to FGL (fine-grained-labeling)
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Developing a hybrid router/bridge." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 31 Jan 2013 07:16:17 -0000

Well most of my customers and bound by 3yr depreciation schedules. So any non-FGL devices they have when Full FGl devices ship will not be available for swap-pout. If they have been in service for 2hrs then maybe, but 2.5-3yrs ideal.

So we expect most scenarios to be the addition of net new full FGL rbridges. Then (hopefully) a software update to the existing non FGLs to some quasi FGL mode ( just so you can take some advantage of the new functionality. Then when the older rbridges run out on the books, then they can be replaced with shiny new full FGL rbridges and now have a full FGL compliant environment.

But that is just for the small number of customers already running non FGL compliant hardware. (~1000 for Brocade, and then probably more, but lets say 2,000for Cisco)

For a large majority it will be green field installs all net new. 

We just don't want to punish those ~3000ish early adopters 

I have had MUCH difficultly getting customers involved in mail list discussions. So getting someone who is today and operator (as apposed to a recovering operator like myself) isn't super easy.  Needless to say the volume of emails and tone of emails scares a lot of folks away. ( not just a TRILL WG thing, an IETF in general thing)

On Jan 31, 2013, at 8:25 AM, Sam Aldrin <> wrote:

> Here is what I meant.
> Deployment scenarios could be  upgrading to FGL RBridges via 1) new device insertion OR 2) replacing older devices with FGL supported RBridges OR 3) the so called upgrade to existing hardware to be FGL safe.
> In each of those cases, the way to do it could differ for the reasons highlighted in various emails.
> At the end of the day, by moving towards FGL based network, we cannot afford to disrupt existing TRILL network or force to forklift upgrade of non-FGL aware hardware.
> Lastly, it would be good to hear from the actual user to understand the pain points in doing one way or the other.
> -sam
> On Jan 30, 2013, at 12:40 PM, Jon Hudson <> wrote:
>> Can you clarify on what you mean by deploy?
>> I ask because I have many customers waiting for this functionality. Everyone of the ~1000 installs we have, that also have multitenancy environments plan to deploy this as soon as possible. 
>> But with no one have I gone through and done a Visio of how their Rbridges are wired up today and how FGL rbridges would be integrated gracefully into the environment.
>> On Jan 31, 2013, at 3:55 AM, Sam Aldrin <> wrote:
>>> [still catching up on email, so the delay]
>>> When everyone says, upgrade RBridges, what is the upgrade model they have in mind?
>>> How can one do software upgrade when hardware/silicon cannot support?
>>> Secondly, any actual users, not vendors, commented on how they plan to deploy FGL?
>>> -sam
>>> On Jan 29, 2013, at 4:37 PM, Donald Eastlake <> wrote:
>>>> Hi Anoop,
>>>> On Tue, Jan 29, 2013 at 7:03 PM, Anoop Ghanwani <> wrote:
>>>>> On Tue, Jan 29, 2013 at 12:49 PM, Donald Eastlake <> wrote:
>>>>>> The general assumption is that you are migrating from VL to FGL. First
>>>>>> you migrate to FGL-safe. Then you unleash the FGL traffic, by
>>>>>> configuring FGL ports, which isolates any remaining (FGL-unsafe) VL
>>>>>> switches while still being able to handle VL traffic between VL ports
>>>>>> on FGL-safe switches.
>>>>> Based on what is written so far, it looks like as long as there is even
>>>>> one VL RBridge in it's database, an RBridge would not be able to start
>>>>> sourcing FGL traffic.  It may start doing so only when all RBridges in
>>>> Well, it can start sourcing FGL traffic but their are consequences as
>>>> you note below.
>>>>> its database are FGL-safe.  If we ever get into a condition where
>>>>> an RBridge has started advertising FGL information, at that point,
>>>>> does any other RBridge in the campus simply isolate any VL RBridge
>>>>> (with the assumption that there was some kind of race condition?
>>>> Yes. (This could just be due to some misconfiguration.)
>>>>> The case I'm concerned about is we have 2 FGL RBridges, RB1 and RB2.
>>>>> RB1 is connected to a campus of n RBs that are still VL only.  The VL link
>>>>> Breaks, and RB1 starts advertising FGL information to RB2, but then
>>>>> the link to the VL campus comes back up.  Does this mean RB1 and RB2
>>>>> remain isolated from the campus (and operate as they own mini-campus)
>>>>> until all the other RBridges are converted over to FGL-safe?
>>>> Yes. But I don't think this as much of a problem given that I believe
>>>> existing TRILL switches can be software upgraded to be FGL-safe. I
>>>> view the configuration of FGL ports on RB1/RB2 and the consequent
>>>> routing of actual FGL traffic to be an active network management
>>>> decision, not something that might just happen because there appear to
>>>> be no more VL TRILL switches in the topology.
>>>> Thanks,
>>>> Donald
>>>> =============================
>>>> Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
>>>> 155 Beaver Street, Milford, MA 01757 USA
>>>>> Anoop
>>>> _______________________________________________
>>>> trill mailing list
>>> _______________________________________________
>>> trill mailing list