Re: [trill] Thoughts on active-active edge

[zhai.hongjun@zte.com.cn]

Hi Radia

Thanks for your answering.


> Why it is necessary to have a different pseuonode nickname if the upllnk 
is to 
> different sets of RBridges:

> If hypervisor H1 has uplinks to R1, R2, and R3, and uses pseudonode 
nickname P1, 
> and hypervisor H2 has uplinks to R1 and R2 (or even had uplinks to R1, 
R2, and R3, 
> but its link to R3 fails), then if H1 and H2 use the same nickname, say 
P1, 
> then traffic for H2's MAC addresses might get sent to R3 (since R3 has 
to claim to 
> be connected to P1 because it is, for H1).  But it is no longer attached 
to H2 
> because H2's uplink to R3 failed.

I think you are right if member RBriges of an RBv do not share their 
learned addresses 
(of local attathed end nodes and remote nodes) among the RBv. If they 
share the learned 
addresses, RB3 will know it can reach H2 via RB1 or RB2. Since H2 has 
uplinks to RB1 
and RB2, the two RBridges can learn H2's MAC address by oberving H2's 
native frames. 
Then RB1 and RB2 can share H2's MAC within the RBv, so RB3 will know (from 
the shared 
information) that it can reach H2 via RB1 or RB2. On receipt of traffic 
for H2's 
MAC addresses, RB3 will tunnel the traffic to RB1 or RB2 and the latter RB 
egress 
the traffic to H2.

As for the traffic tunneling, it has been specified in 
draft-ietf-trill-clear-correct-06.txt
(Section 2.4.2.1 in Page 9 and Section 2.4.2.3 in Pag2 10). The tunneling 
is simple, 
RB3 replaces the egress nickname in the TRILL header of the traffic with 
RB1 or RB2's nickname, 
then transmits the re-encapsultion traffic to RB1 or RB2.

Therefore, After the MAC sharing among member Rbridges of an RBv and the 
traffic tunneling 
are support, it is not necessary one nickname per hypervisor.

The safest thing would be for every hypervisor to have a nickname.

> So, how many hypervisors are there likely to be?  How usual would it be 
for all of 
> them to attach to the same set of uplinks, so that we can use the same 
pseuodnode nickname?

I do not know how many hypervisors there likely be, but I know one RBridge 
usually has 
24 or 48 down-links that can acts as uplinks for several hypervisors. So 
about 10 or 20 
hypervisors can be dual-homed to the same two of such Rbridges. If those 
hypervisors use 
same a pseudo-nickname, it not only saves nicknames but also decreases the 
RPFC entries 
on the RBriges in the TRILL campus scope.

> Do we care about the case of one of a hypervisor's uplinks failing, in 
which case, 
> would the RBridges know? If R3 (the one to which the uplink failed) 
know?  Would R1 and R2 know?

I think the member RBridge SHOULD know the uplink failure and tell other 
member RBridges 
the failure, if that Rbridge is directly connected to hypervisor which 
uplink fails. Otherwise, 
we can make sure the multi-destination traffic can be properly egressed to 
the hypervisor.


> So the main sort of configuration that I can think of, off the top of my 
head, 
> is which pseudonodes go with which hypervisors. 

If hypervisors do not make TRILL-encapsulation/decapsulation, they do not 
need to know 
which pseudonodes go with them. But if they do the 
encapsulation/decapsultion, they really need to know.

> I don't know how R1 can know that a particular port is to "H1" so that 
it can inform R2 
> (via LSPs?) that R1 is attached to H1, and R2 can notice that it, 
indeed, is also attached to H1.

If I not misunderstood your meaning, I think R1 can learn H1's MAC 
addresses by observing H1's 
native frames. Then it will know which particular port is to H1. R2 can 
also do the learning. 
If R2 has not learned H1's MAC addresses, R1 can share the addressed with 
it via ESADI PDU. 

> And part of the description of the problem would be answering questions 
like 
> how many uplinks would need to be supported.  Two at most?  30?  If a 
lot, 
> then solutions that require a tree for every uplink would be problematic 
if 
> implementations don't want to support that many trees.  Or is it OK to 
require 
> lots of trees?

In my mind, some vendors say their proprietary MC-LAG technologies can 
support at most 8 member 
devices in theory. But in practical deployment, two or three member 
devices in a MAC-LAG 
group are OK. So I think 8 trees is supported is OK at current. It can 
meet the practical 
requirements and does not make mass RPFC entries.

If I am wrong, please correcte me.


Best Regards,
Zhai Hongjun
""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
 Protocol Development Dept.VI, Central R&D Institute, ZTE Corporation
 No. 68, Zijinghua Road, Yuhuatai District, Nanjing, P.R.China, 210012
 
 Zhai Hongjun
 
 Tel: +86-25-52877345
 Email: zhai.hongjun@zte.com.cn
"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""





Radia Perlman <radiaperlman@gmail.com> 
发件人:  trill-bounces@ietf.org
2012-12-14 02:10

收件人
zhai.hongjun@zte.com.cn
抄送
Thomas Narten <narten@us.ibm.com>, trill-bounces@ietf.org, Sam Aldrin 
<aldrin.ietf@gmail.com>, Mingui Zhang <zhangmingui@huawei.com>, 
"trill@ietf.org" <trill@ietf.org>, "Tissa Senevirathne \(tsenevir\)" 
<tsenevir@cisco.com>
主题
Re: [trill] Thoughts on active-active edge






Answering Zhai Hongjun's questions:

Why it is necessary to have a different pseuonode nickname if the upllnk 
is to different sets of RBridges:

If hypervisor H1 has uplinks to R1, R2, and R3, and uses pseudonode 
nickname P1, and hypervisor H2 has uplinks to R1 and R2 (or even had 
uplinks to R1, R2, and R3, but its link to R3 fails), then if H1 and H2 
use the same nickname, say P1, then traffic for H2's MAC addresses might 
get sent to R3 (since R3 has to claim to be connected to P1 because it is, 
for H1).  But it is no longer attached to H2 because H2's uplink to R3 
failed.

The safest thing would be for every hypervisor to have a nickname.

So, how many hypervisors are there likely to be?  How usual would it be 
for all of them to attach to the same set of uplinks, so that we can use 
the same pseuodnode nickname?  Do we care about the case of one of a 
hypervisor's uplinks failing, in which case, would the RBridges know?  If 
R3 (the one to which the uplink failed) know?  Would R1 and R2 know?  Even 
if R3 knew, how could it alert R1 and R2 to now use a different pseudonode 
nickname for H2?  Would it be obvious to them which of the hypervisors 
that have uplinks to R1, R2, and R3 they are referring to?

All of this must be configured, I assume, and if the configuration is 
wrong, then who knows what happens..presumably that traffic may or may not 
get delivered to a hypervisor.  And even if configured properly, what 
happens when uplinks fail?  Again, presumably, traffic may or may not get 
delivered to the hypervisor whose uplink fails.

-------------
As for VLANs...that actually is not a problem here, since we're not using 
AFs.  The hypervisor determines which uplink to send something to.  And 
which tree is being used for distribution determines which of R1, R2, or 
R3 will decapsulate the packet.

So the main sort of configuration that I can think of, off the top of my 
head, is which pseudonodes go with which hypervisors.  And I do think 
configuration is scary, especially if there's no "sanity check" whereby 
the RBs can compare notes.  I don't know how R1 can know that a particular 
port is to "H1" so that it can inform R2 (via LSPs?) that R1 is attached 
to H1, and R2 can notice that it, indeed, is also attached to H1.

--------
And part of the description of the problem would be answering questions 
like how many uplinks would need to be supported.  Two at most?  30?  If a 
lot, then solutions that require a tree for every uplink would be 
problematic if implementations don't want to support that many trees.  Or 
is it OK to require lots of trees?

So I think there are lots of things that should be written down, as part 
of describing the problem.



Radia





On Thu, Dec 13, 2012 at 4:03 AM, <zhai.hongjun@zte.com.cn> wrote:

Hi Radia 

> This case is scary because the RBridges on the uplink cannot see Hellos 
from each other, 
> so if misconfigured, at the very least I could imagine multiple RBridges 
decapsulating 
> multicast from the campus to the hypervisor. 

> Anyway...how many uplinks do we need to support?  Do we care about 
problems due to misconfiguration? 

I don't know what the misconfiguration refers to. Is it the set of VLANs 
for which an Rbridge acts as AF? 


> Are there cases where there are lots of hypervisors, where they attach 
to different subsets of edge RBs? 
> In that case, we might eat up a lot of nicknames, since if one 
hypervisor is attached to {R1, R2}, 
> and another is attached to {R1, R2, R3}, they cannot use the same 
pseudonode nickname. 

I don't know why the two sets of RBridges can not use the same 
pseudo-nickname. If the learned MAC addresses 
can be shared among member Rbridges of an RBv and TRILL data frames can be 
tunneled to another member Rbridge 
that can egress the frame, I think they can use the same pseudo-nickname. 

If I am wrong, please correct me.


Best Regards,
Zhai Hongjun
""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
Protocol Development Dept.VI, Central R&D Institute, ZTE Corporation
No. 68, Zijinghua Road, Yuhuatai District, Nanjing, P.R.China, 210012

Zhai Hongjun

Tel: +86-25-52877345
Email: zhai.hongjun@zte.com.cn
"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""





Radia Perlman <radiaperlman@gmail.com> 
发件人:  trill-bounces@ietf.org 
2012-12-13 15:13 


收件人
Mingui Zhang <zhangmingui@huawei.com> 
抄送
Thomas Narten <narten@us.ibm.com>, Sam Aldrin <aldrin.ietf@gmail.com>, 
"Tissa Senevirathne \(tsenevir\)" <tsenevir@cisco.com>, "trill@ietf.org" <
trill@ietf.org> 
主题
Re: [trill] Thoughts on active-active edge








I think it would be good to have a document that explains the problem...I 
certainly don't believe I know all the cases that need to be solved.  I 
think I understand the hypervisor case...where the hypervisor decides 
which uplink to send things to, and never forwards between the up-links. 

This case is scary because the RBridges on the uplink cannot see Hellos 
from each other, so if misconfigured, at the very least I could imagine 
multiple RBridges decapsulating multicast from the campus to the 
hypervisor. 

Anyway...how many uplinks do we need to support?  Do we care about 
problems due to misconfiguration? 

In cases like this, is it common to also have pt-to-pt links between all 
the RBs attaching to the hypervisor?  If so, then it seems like it would 
be possible for them to coordinate to at least detect misconfiguration, 
and possibly play games with forwarding messages to each other (e.g., if 
one of them is not attached to a tree and needs to encapsulate a 
multidestination frame). 

How many trees does the campus need? 

Are there cases where there are lots of hypervisors, where they attach to 
different subsets of edge RBs?  In that case, we might eat up a lot of 
nicknames, since if one hypervisor is attached to {R1, R2}, and another is 
attached to {R1, R2, R3}, they cannot use the same pseudonode nickname. 

Are there cases other than hypervisors?  I think there are cases of 
bridges that have this behavior (a port with a bunch of endnodes, and 
several up-links, where the bridge does not forward between the up-links.  


If this has been written down anywhere, can anyone point me to it?  If 
not, it seems really prudent to answer these (and I'm sure other) 
questions before arguing about specific solutions. 

Radia 

_______________________________________________
trill mailing list
trill@ietf.org
https://www.ietf.org/mailman/listinfo/trill

_______________________________________________
trill mailing list
trill@ietf.org
https://www.ietf.org/mailman/listinfo/trill