Re: [trill] Explaining three options for upgrading to FGL (fine-grained-labeling)

Sam Aldrin <> Thu, 31 January 2013 07:31 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id A285821F86AE for <>; Wed, 30 Jan 2013 23:31:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.203
X-Spam-Status: No, score=-2.203 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_QP_LONG_LINE=1.396, RCVD_IN_DNSWL_LOW=-1]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id iI0OmADP4rM7 for <>; Wed, 30 Jan 2013 23:31:46 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id EAF9E21F869B for <>; Wed, 30 Jan 2013 23:31:45 -0800 (PST)
Received: by with SMTP id u36so1173499dak.2 for <>; Wed, 30 Jan 2013 23:31:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=x-received:references:mime-version:in-reply-to:content-type :content-transfer-encoding:message-id:cc:x-mailer:from:subject:date :to; bh=AiwPCSUL2zlX48FPLBYBjXKf/QAXuz6VuH+9NHN8Uhc=; b=VTIopOJdkeJJm3Qwa0XZq6BYkesXYc7xb94Uo9St+ioA3336tcUU/2UKdQiJ18KY9V Rsnt+AbSOGiPrB/rtSGpBnHUkLnSjzC3XsUCyJi2AVuD9/GvfSlaXeaCB3jts8D2GgPi MZx2S3nNJri3w9ElxL0JrbSR+0URleMjkSlaUWa0MBB/NX/Cj7oAWUUCiLDzk02c849g nqUEWwdFbZXK7ExHNvk5wLpydzgwbmZdJlhzC+oD+rJPvnPvuesHNrrVkbPNvJwH54Rw ImNAUJtuzN1PNI8AWVJEZARJCFxgyl5ylx9In2yynek11QMiSBG6zM/vts1cGC3QKMBk LUow==
X-Received: by with SMTP id pk2mr19709002pbb.125.1359617505693; Wed, 30 Jan 2013 23:31:45 -0800 (PST)
Received: from [] ( []) by with ESMTPS id wh4sm4197651pbc.18.2013. (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 30 Jan 2013 23:31:44 -0800 (PST)
References: <> <> <> <> <> <> <> <> <> <>
Mime-Version: 1.0 (1.0)
In-Reply-To: <>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
X-Mailer: iPad Mail (10B141)
From: Sam Aldrin <>
Date: Wed, 30 Jan 2013 23:31:43 -0800
To: Jon Hudson <>
Cc: Donald Eastlake <>, Anoop Ghanwani <>, Radia Perlman <>, Ayan Banerjee <>, "" <>
Subject: Re: [trill] Explaining three options for upgrading to FGL (fine-grained-labeling)
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Developing a hybrid router/bridge." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 31 Jan 2013 07:31:46 -0000


There are only couple of vendors who have actual deployments, and that includes you. As long as you and other vendors who deployed give nod, it is fairly ok to go ahead with model being chosen. For new deployments, which most other vendors likely to have, backward compatibility will not be an issue, w.r.t FGL.

True that it is difficult to get users to be on ietf lists. Atleast if those concerns are echoed, indirectly through channels like you, would help immensely.


Sent from my iPad

On Jan 30, 2013, at 11:16 PM, Jon Hudson <> wrote:

> Well most of my customers and bound by 3yr depreciation schedules. So any non-FGL devices they have when Full FGl devices ship will not be available for swap-pout. If they have been in service for 2hrs then maybe, but 2.5-3yrs ideal.
> So we expect most scenarios to be the addition of net new full FGL rbridges. Then (hopefully) a software update to the existing non FGLs to some quasi FGL mode ( just so you can take some advantage of the new functionality. Then when the older rbridges run out on the books, then they can be replaced with shiny new full FGL rbridges and now have a full FGL compliant environment.
> But that is just for the small number of customers already running non FGL compliant hardware. (~1000 for Brocade, and then probably more, but lets say 2,000for Cisco)
> For a large majority it will be green field installs all net new. 
> We just don't want to punish those ~3000ish early adopters 
> I have had MUCH difficultly getting customers involved in mail list discussions. So getting someone who is today and operator (as apposed to a recovering operator like myself) isn't super easy.  Needless to say the volume of emails and tone of emails scares a lot of folks away. ( not just a TRILL WG thing, an IETF in general thing)
> On Jan 31, 2013, at 8:25 AM, Sam Aldrin <> wrote:
>> Here is what I meant.
>> Deployment scenarios could be  upgrading to FGL RBridges via 1) new device insertion OR 2) replacing older devices with FGL supported RBridges OR 3) the so called upgrade to existing hardware to be FGL safe.
>> In each of those cases, the way to do it could differ for the reasons highlighted in various emails.
>> At the end of the day, by moving towards FGL based network, we cannot afford to disrupt existing TRILL network or force to forklift upgrade of non-FGL aware hardware.
>> Lastly, it would be good to hear from the actual user to understand the pain points in doing one way or the other.
>> -sam
>> On Jan 30, 2013, at 12:40 PM, Jon Hudson <> wrote:
>>> Can you clarify on what you mean by deploy?
>>> I ask because I have many customers waiting for this functionality. Everyone of the ~1000 installs we have, that also have multitenancy environments plan to deploy this as soon as possible. 
>>> But with no one have I gone through and done a Visio of how their Rbridges are wired up today and how FGL rbridges would be integrated gracefully into the environment.
>>> On Jan 31, 2013, at 3:55 AM, Sam Aldrin <> wrote:
>>>> [still catching up on email, so the delay]
>>>> When everyone says, upgrade RBridges, what is the upgrade model they have in mind?
>>>> How can one do software upgrade when hardware/silicon cannot support?
>>>> Secondly, any actual users, not vendors, commented on how they plan to deploy FGL?
>>>> -sam
>>>> On Jan 29, 2013, at 4:37 PM, Donald Eastlake <> wrote:
>>>>> Hi Anoop,
>>>>> On Tue, Jan 29, 2013 at 7:03 PM, Anoop Ghanwani <> wrote:
>>>>>> On Tue, Jan 29, 2013 at 12:49 PM, Donald Eastlake <> wrote:
>>>>>>> The general assumption is that you are migrating from VL to FGL. First
>>>>>>> you migrate to FGL-safe. Then you unleash the FGL traffic, by
>>>>>>> configuring FGL ports, which isolates any remaining (FGL-unsafe) VL
>>>>>>> switches while still being able to handle VL traffic between VL ports
>>>>>>> on FGL-safe switches.
>>>>>> Based on what is written so far, it looks like as long as there is even
>>>>>> one VL RBridge in it's database, an RBridge would not be able to start
>>>>>> sourcing FGL traffic.  It may start doing so only when all RBridges in
>>>>> Well, it can start sourcing FGL traffic but their are consequences as
>>>>> you note below.
>>>>>> its database are FGL-safe.  If we ever get into a condition where
>>>>>> an RBridge has started advertising FGL information, at that point,
>>>>>> does any other RBridge in the campus simply isolate any VL RBridge
>>>>>> (with the assumption that there was some kind of race condition?
>>>>> Yes. (This could just be due to some misconfiguration.)
>>>>>> The case I'm concerned about is we have 2 FGL RBridges, RB1 and RB2.
>>>>>> RB1 is connected to a campus of n RBs that are still VL only.  The VL link
>>>>>> Breaks, and RB1 starts advertising FGL information to RB2, but then
>>>>>> the link to the VL campus comes back up.  Does this mean RB1 and RB2
>>>>>> remain isolated from the campus (and operate as they own mini-campus)
>>>>>> until all the other RBridges are converted over to FGL-safe?
>>>>> Yes. But I don't think this as much of a problem given that I believe
>>>>> existing TRILL switches can be software upgraded to be FGL-safe. I
>>>>> view the configuration of FGL ports on RB1/RB2 and the consequent
>>>>> routing of actual FGL traffic to be an active network management
>>>>> decision, not something that might just happen because there appear to
>>>>> be no more VL TRILL switches in the topology.
>>>>> Thanks,
>>>>> Donald
>>>>> =============================
>>>>> Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
>>>>> 155 Beaver Street, Milford, MA 01757 USA
>>>>>> Anoop
>>>>> _______________________________________________
>>>>> trill mailing list
>>>> _______________________________________________
>>>> trill mailing list