IETF Logo Mail Archive

Re: [trill] Thoughts on active-active edge

Radia Perlman <radiaperlman@gmail.com> Thu, 13 December 2012 18:10 UTC

Return-Path: <radiaperlman@gmail.com>
X-Original-To: trill@ietfa.amsl.com
Delivered-To: trill@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB2E421F8B56; Thu, 13 Dec 2012 10:10:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.675
X-Spam-Level:
X-Spam-Status: No, score=-1.675 tagged_above=-999 required=5 tests=[AWL=-1.923, BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_CHARSET_FARAWAY=2.45, RCVD_IN_DNSWL_LOW=-1, WEIRD_QUOTING=1.396]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ItOkcl7f2Jpa; Thu, 13 Dec 2012 10:10:40 -0800 (PST)
Received: from mail-vc0-f172.google.com (mail-vc0-f172.google.com [209.85.220.172]) by ietfa.amsl.com (Postfix) with ESMTP id 6A75421F8B55; Thu, 13 Dec 2012 10:10:39 -0800 (PST)
Received: by mail-vc0-f172.google.com with SMTP id fw7so2761857vcb.31 for <multiple recipients>; Thu, 13 Dec 2012 10:10:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=CNUE5iERhQtgwPQTH9Rgap9YP1OggUoXhmOyO0GR9To=; b=z6Xz9fQiNp1PnjpRPKA3doscRdbCJTHFfAolQZrF+GJ/k4G9iW9/HVR6vkjyFmsyzV GDvZcYzs1UCeewFS1W/Fo31wU+VszEddew4bREIIwlYV3iKNtNY58uEiuo3KfBdH585m 5qIokCwSU+6dVpHTu9HmI/GQZqbJfOBEE0Sl01w6ZWcwkUgsDtJH+5nRKNgF8Q8fZM5x /DaQ0QW+W/rTtffn1z7KXBqRVqP3CD1lInjaxjMEO7AVlmSewRkW9CGfBCMRQvuc+bby LMSSp1qJBbUfjWoTaBPWr/EoeJtYSGyenI8+fLh4KHDPmspuH5uH29A4jsPi1KE2fONG qavg==
MIME-Version: 1.0
Received: by 10.220.150.84 with SMTP id x20mr4888539vcv.73.1355422238761; Thu, 13 Dec 2012 10:10:38 -0800 (PST)
Received: by 10.58.207.138 with HTTP; Thu, 13 Dec 2012 10:10:38 -0800 (PST)
In-Reply-To: <OF91CA02ED.06B3BB81-ON48257AD3.00405487-48257AD3.0042706D@zte.com.cn>
References: <CAFOuuo4wfJDfbshPa14ruK-SPrxU4W-Pu9uRY2to0KBaKjt5JA@mail.gmail.com> <OF91CA02ED.06B3BB81-ON48257AD3.00405487-48257AD3.0042706D@zte.com.cn>
Date: Thu, 13 Dec 2012 10:10:38 -0800
Message-ID: <CAFOuuo5o+=YT3TOVRp1Kxm_M3vL1Ko_1enb5fg2HuKjiUFRrKQ@mail.gmail.com>
From: Radia Perlman <radiaperlman@gmail.com>
To: zhai.hongjun@zte.com.cn
Content-Type: multipart/alternative; boundary="f46d043c7c080fe31504d0bfd504"
Cc: Thomas Narten <narten@us.ibm.com>, trill-bounces@ietf.org, Sam Aldrin <aldrin.ietf@gmail.com>, Mingui Zhang <zhangmingui@huawei.com>, "trill@ietf.org" <trill@ietf.org>, "Tissa Senevirathne (tsenevir)" <tsenevir@cisco.com>
Subject: Re: [trill] Thoughts on active-active edge
X-BeenThere: trill@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Developing a hybrid router/bridge." <trill.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trill>, <mailto:trill-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trill>
List-Post: <mailto:trill@ietf.org>
List-Help: <mailto:trill-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trill>, <mailto:trill-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Dec 2012 18:10:42 -0000

Answering Zhai Hongjun's questions:

Why it is necessary to have a different pseuonode nickname if the upllnk is
to different sets of RBridges:

If hypervisor H1 has uplinks to R1, R2, and R3, and uses pseudonode
nickname P1, and hypervisor H2 has uplinks to R1 and R2 (or even had
uplinks to R1, R2, and R3, but its link to R3 fails), then if H1 and H2 use
the same nickname, say P1, then traffic for H2's MAC addresses might get
sent to R3 (since R3 has to claim to be connected to P1 because it is, for
H1).  But it is no longer attached to H2 because H2's uplink to R3 failed.

The safest thing would be for every hypervisor to have a nickname.

So, how many hypervisors are there likely to be?  How usual would it be for
all of them to attach to the same set of uplinks, so that we can use the
same pseuodnode nickname?  Do we care about the case of one of a
hypervisor's uplinks failing, in which case, would the RBridges know?  If
R3 (the one to which the uplink failed) know?  Would R1 and R2 know?  Even
if R3 knew, how could it alert R1 and R2 to now use a different pseudonode
nickname for H2?  Would it be obvious to them which of the hypervisors that
have uplinks to R1, R2, and R3 they are referring to?

All of this must be configured, I assume, and if the configuration is
wrong, then who knows what happens..presumably that traffic may or may not
get delivered to a hypervisor.  And even if configured properly, what
happens when uplinks fail?  Again, presumably, traffic may or may not get
delivered to the hypervisor whose uplink fails.

-------------
As for VLANs...that actually is not a problem here, since we're not using
AFs.  The hypervisor determines which uplink to send something to.  And
which tree is being used for distribution determines which of R1, R2, or R3
will decapsulate the packet.

So the main sort of configuration that I can think of, off the top of my
head, is which pseudonodes go with which hypervisors.  And I do think
configuration is scary, especially if there's no "sanity check" whereby the
RBs can compare notes.  I don't know how R1 can know that a particular port
is to "H1" so that it can inform R2 (via LSPs?) that R1 is attached to H1,
and R2 can notice that it, indeed, is also attached to H1.

--------
And part of the description of the problem would be answering questions
like how many uplinks would need to be supported.  Two at most?  30?  If a
lot, then solutions that require a tree for every uplink would be
problematic if implementations don't want to support that many trees.  Or
is it OK to require lots of trees?

So I think there are lots of things that should be written down, as part of
describing the problem.



Radia





On Thu, Dec 13, 2012 at 4:03 AM, <zhai.hongjun@zte.com.cn> wrote:

>
> Hi Radia
>
> > This case is scary because the RBridges on the uplink cannot see Hellos
> from each other,
> > so if misconfigured, at the very least I could imagine multiple RBridges
> decapsulating
> > multicast from the campus to the hypervisor.
>
> > Anyway...how many uplinks do we need to support?  Do we care about
> problems due to misconfiguration?
>
> I don't know what the misconfiguration refers to. Is it the set of VLANs
> for which an Rbridge acts as AF?
>
>
> > Are there cases where there are lots of hypervisors, where they attach
> to different subsets of edge RBs?
> > In that case, we might eat up a lot of nicknames, since if one
> hypervisor is attached to {R1, R2},
> > and another is attached to {R1, R2, R3}, they cannot use the same
> pseudonode nickname.
>
> I don't know why the two sets of RBridges can not use the same
> pseudo-nickname. If the learned MAC addresses
> can be shared among member Rbridges of an RBv and TRILL data frames can be
> tunneled to another member Rbridge
> that can egress the frame, I think they can use the same pseudo-nickname.
>
> If I am wrong, please correct me.
>
>
> Best Regards,
> Zhai Hongjun
> """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
> Protocol Development Dept.VI, Central R&D Institute, ZTE Corporation
> No. 68, Zijinghua Road, Yuhuatai District, Nanjing, P.R.China, 210012
>
> Zhai Hongjun
>
> Tel: +86-25-52877345
> Email: zhai.hongjun@zte.com.cn
> """""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
>
>
>
>
>  *Radia Perlman <radiaperlman@gmail.com>*
> 发件人:  trill-bounces@ietf.org
>
> 2012-12-13 15:13
>   收件人
> Mingui Zhang <zhangmingui@huawei.com>
> 抄送
> Thomas Narten <narten@us.ibm.com>, Sam Aldrin <aldrin.ietf@gmail.com>,
> "Tissa Senevirathne \(tsenevir\)" <tsenevir@cisco.com>, "trill@ietf.org" <
> trill@ietf.org>
> 主题
> Re: [trill] Thoughts on active-active edge
>
>
>
>
> I think it would be good to have a document that explains the problem...I
> certainly don't believe I know all the cases that need to be solved.  I
> think I understand the hypervisor case...where the hypervisor decides which
> uplink to send things to, and never forwards between the up-links.
>
> This case is scary because the RBridges on the uplink cannot see Hellos
> from each other, so if misconfigured, at the very least I could imagine
> multiple RBridges decapsulating multicast from the campus to the hypervisor.
>
> Anyway...how many uplinks do we need to support?  Do we care about
> problems due to misconfiguration?
>
> In cases like this, is it common to also have pt-to-pt links between all
> the RBs attaching to the hypervisor?  If so, then it seems like it would be
> possible for them to coordinate to at least detect misconfiguration, and
> possibly play games with forwarding messages to each other (e.g., if one of
> them is not attached to a tree and needs to encapsulate a multidestination
> frame).
>
> How many trees does the campus need?
>
> Are there cases where there are lots of hypervisors, where they attach to
> different subsets of edge RBs?  In that case, we might eat up a lot of
> nicknames, since if one hypervisor is attached to {R1, R2}, and another is
> attached to {R1, R2, R3}, they cannot use the same pseudonode nickname.
>
> Are there cases other than hypervisors?  I think there are cases of
> bridges that have this behavior (a port with a bunch of endnodes, and
> several up-links, where the bridge does not forward between the up-links.
>
> If this has been written down anywhere, can anyone point me to it?  If
> not, it seems really prudent to answer these (and I'm sure other) questions
> before arguing about specific solutions.
>
> Radia
>
> _______________________________________________
> trill mailing list
> trill@ietf.org
> https://www.ietf.org/mailman/listinfo/trill
>
>

v2.23.0 | Report a Bug | By Email