Re: [trill] Explaining three options for upgrading to FGL (fine-grained-labeling)

"Tissa Senevirathne (tsenevir)" <> Thu, 31 January 2013 15:18 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id CF71421F85C6 for <>; Thu, 31 Jan 2013 07:18:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -10.299
X-Spam-Status: No, score=-10.299 tagged_above=-999 required=5 tests=[AWL=0.300, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id IIkNku4JDhL5 for <>; Thu, 31 Jan 2013 07:18:52 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 916D621F84F9 for <>; Thu, 31 Jan 2013 07:18:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;;; l=7106; q=dns/txt; s=iport; t=1359645532; x=1360855132; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=BE+KZR+6mDQ9ttnlKQl8rO4I5a9AE2D0Xs2awt1GILw=; b=CdPFGzU1/Ag7q37s6W/AUKddDOMxX0R3vXn0X303T+xKLePSijen/My2 4kxgstITYY5Rn+/Dzb3fEEra96pabuGynSPoFRF+cyMRJp1LB0PCVbrJB Axbqm3yZApbMPQQ0BNuxoYuxaySowz0RG0UX1uO56J8oEnx5W+YFSz57k I=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="4.84,577,1355097600"; d="scan'208";a="168144406"
Received: from ([]) by with ESMTP; 31 Jan 2013 15:18:46 +0000
Received: from ( []) by (8.14.5/8.14.5) with ESMTP id r0VFIjrj031925 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Thu, 31 Jan 2013 15:18:45 GMT
Received: from ([]) by ([]) with mapi id 14.02.0318.004; Thu, 31 Jan 2013 09:18:45 -0600
From: "Tissa Senevirathne (tsenevir)" <>
To: Jon Hudson <>, Sam Aldrin <>
Thread-Topic: [trill] Explaining three options for upgrading to FGL (fine-grained-labeling)
Date: Thu, 31 Jan 2013 15:18:44 +0000
Message-ID: <>
References: <> <> <> <> <> <> <> <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: Donald Eastlake <>, Anoop Ghanwani <>, Radia Perlman <>, Ayan Banerjee <>, "" <>
Subject: Re: [trill] Explaining three options for upgrading to FGL (fine-grained-labeling)
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Developing a hybrid router/bridge." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 31 Jan 2013 15:18:53 -0000


You brought up the most import element. Questions Sam asked are extremely valid. What do you mean by "safe FGL", how can you make sure all of the so called "Safe FGL" have consistent behavior, what about some devices who are not "safe FGL" and so on, are we saying do not buy no safe FGL devices, if you do that you cannot get FGL interop ? We are not talking about control plane we are talking about Hardware.

Based on your point and with the analogy (though not the exact numbers :) ), we are looking at a limited install base here. For that Do you agree if we say, FGL will always be core of the network, and VL will be at the edge of the network ?


-----Original Message-----
From: [] On Behalf Of Jon Hudson
Sent: Wednesday, January 30, 2013 11:16 PM
To: Sam Aldrin
Cc: Donald Eastlake; Anoop Ghanwani; Radia Perlman; Ayan Banerjee;
Subject: Re: [trill] Explaining three options for upgrading to FGL (fine-grained-labeling)

Well most of my customers and bound by 3yr depreciation schedules. So any non-FGL devices they have when Full FGl devices ship will not be available for swap-pout. If they have been in service for 2hrs then maybe, but 2.5-3yrs ideal.

So we expect most scenarios to be the addition of net new full FGL rbridges. Then (hopefully) a software update to the existing non FGLs to some quasi FGL mode ( just so you can take some advantage of the new functionality. Then when the older rbridges run out on the books, then they can be replaced with shiny new full FGL rbridges and now have a full FGL compliant environment.

But that is just for the small number of customers already running non FGL compliant hardware. (~1000 for Brocade, and then probably more, but lets say 2,000for Cisco)

For a large majority it will be green field installs all net new. 

We just don't want to punish those ~3000ish early adopters 

I have had MUCH difficultly getting customers involved in mail list discussions. So getting someone who is today and operator (as apposed to a recovering operator like myself) isn't super easy.  Needless to say the volume of emails and tone of emails scares a lot of folks away. ( not just a TRILL WG thing, an IETF in general thing)

On Jan 31, 2013, at 8:25 AM, Sam Aldrin <> wrote:

> Here is what I meant.
> Deployment scenarios could be  upgrading to FGL RBridges via 1) new device insertion OR 2) replacing older devices with FGL supported RBridges OR 3) the so called upgrade to existing hardware to be FGL safe.
> In each of those cases, the way to do it could differ for the reasons highlighted in various emails.
> At the end of the day, by moving towards FGL based network, we cannot afford to disrupt existing TRILL network or force to forklift upgrade of non-FGL aware hardware.
> Lastly, it would be good to hear from the actual user to understand the pain points in doing one way or the other.
> -sam
> On Jan 30, 2013, at 12:40 PM, Jon Hudson <> wrote:
>> Can you clarify on what you mean by deploy?
>> I ask because I have many customers waiting for this functionality. Everyone of the ~1000 installs we have, that also have multitenancy environments plan to deploy this as soon as possible. 
>> But with no one have I gone through and done a Visio of how their Rbridges are wired up today and how FGL rbridges would be integrated gracefully into the environment.
>> On Jan 31, 2013, at 3:55 AM, Sam Aldrin <> wrote:
>>> [still catching up on email, so the delay]
>>> When everyone says, upgrade RBridges, what is the upgrade model they have in mind?
>>> How can one do software upgrade when hardware/silicon cannot support?
>>> Secondly, any actual users, not vendors, commented on how they plan to deploy FGL?
>>> -sam
>>> On Jan 29, 2013, at 4:37 PM, Donald Eastlake <> wrote:
>>>> Hi Anoop,
>>>> On Tue, Jan 29, 2013 at 7:03 PM, Anoop Ghanwani <> wrote:
>>>>> On Tue, Jan 29, 2013 at 12:49 PM, Donald Eastlake <> wrote:
>>>>>> The general assumption is that you are migrating from VL to FGL. 
>>>>>> First you migrate to FGL-safe. Then you unleash the FGL traffic, 
>>>>>> by configuring FGL ports, which isolates any remaining 
>>>>>> (FGL-unsafe) VL switches while still being able to handle VL 
>>>>>> traffic between VL ports on FGL-safe switches.
>>>>> Based on what is written so far, it looks like as long as there is 
>>>>> even one VL RBridge in it's database, an RBridge would not be able 
>>>>> to start sourcing FGL traffic.  It may start doing so only when 
>>>>> all RBridges in
>>>> Well, it can start sourcing FGL traffic but their are consequences 
>>>> as you note below.
>>>>> its database are FGL-safe.  If we ever get into a condition where 
>>>>> an RBridge has started advertising FGL information, at that point, 
>>>>> does any other RBridge in the campus simply isolate any VL RBridge 
>>>>> (with the assumption that there was some kind of race condition?
>>>> Yes. (This could just be due to some misconfiguration.)
>>>>> The case I'm concerned about is we have 2 FGL RBridges, RB1 and RB2.
>>>>> RB1 is connected to a campus of n RBs that are still VL only.  The 
>>>>> VL link Breaks, and RB1 starts advertising FGL information to RB2, 
>>>>> but then the link to the VL campus comes back up.  Does this mean 
>>>>> RB1 and RB2 remain isolated from the campus (and operate as they 
>>>>> own mini-campus) until all the other RBridges are converted over to FGL-safe?
>>>> Yes. But I don't think this as much of a problem given that I 
>>>> believe existing TRILL switches can be software upgraded to be 
>>>> FGL-safe. I view the configuration of FGL ports on RB1/RB2 and the 
>>>> consequent routing of actual FGL traffic to be an active network 
>>>> management decision, not something that might just happen because 
>>>> there appear to be no more VL TRILL switches in the topology.
>>>> Thanks,
>>>> Donald
>>>> =============================
>>>> Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
>>>> 155 Beaver Street, Milford, MA 01757 USA
>>>>> Anoop
>>>> _______________________________________________
>>>> trill mailing list
>>> _______________________________________________
>>> trill mailing list
trill mailing list