Re: [trill] WG LC on draft-ietf-trill-over-ip-14.txt - Consensus reached

"Susan Hares" <> Tue, 20 February 2018 00:36 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id A98041241F3; Mon, 19 Feb 2018 16:36:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: 0.947
X-Spam-Status: No, score=0.947 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DOS_OUTLOOK_TO_MX=2.845, HTML_MESSAGE=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 4aokvE3XC-kk; Mon, 19 Feb 2018 16:36:04 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id A2E951204DA; Mon, 19 Feb 2018 16:36:03 -0800 (PST)
X-Default-Received-SPF: pass (skip=loggedin (res=PASS)) x-ip-name=;
From: "Susan Hares" <>
To: "'Joe Touch'" <>
Cc: "'trill IETF mailing list'" <>, <>, "'Alia Atlas'" <>
References: <03b401d3a9c5$8ebe3d40$ac3ab7c0$> <>
In-Reply-To: <>
Date: Mon, 19 Feb 2018 19:35:59 -0500
Message-ID: <053501d3a9e2$c7b57f60$57207e20$>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0536_01D3A9B8.DEDF7760"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQGrFMUzDytrP++//rAof6pDDeuNWQJp5Yiso+of9jA=
Content-Language: en-us
Archived-At: <>
Subject: Re: [trill] WG LC on draft-ietf-trill-over-ip-14.txt - Consensus reached
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Developing a hybrid router/bridge." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 20 Feb 2018 00:36:06 -0000



Thank you for the post on cavium’s and Cisco’s GRE.   I hope the vendors with TRILL products and these hardware devices will investigate this solution.  However, the suggestion IPSEC + upper layers came from those vendors with TRILL products.  


As to the name, I acknowledge the issue.  If you have a proposed solution that you think fits,  we’re listening (Alia, Jon, I and the authors) are listening.  The document title can change during the IETF LC process.    




From: Joe Touch [] 
Sent: Monday, February 19, 2018 4:40 PM
To: Susan Hares
Cc: trill IETF mailing list;; Alia Atlas
Subject: Re: [trill] WG LC on draft-ietf-trill-over-ip-14.txt - Consensus reached



On Feb 19, 2018, at 1:06 PM, Susan Hares <> wrote:




Thank you for your comments on the draft-ietfd-trill-over-ip-xx.txt   The WG has reached consensus on the draft, and it will be sent forward to the IESG. 


I want to thank Magnus Westlund, Ines Robles, and Joe Touch for their targeted reviews.  


Joe asked two important questions that I want to chat about in announcing the result.  

1)      Why IPSEC + TCP/UDP tunnels 

2)      Why the name TRILL over IP? – it is really TRILL over IP enabled Transport port protocols 



During this WG LC, I spent time looking back into my notes to check our evaluation of the alternatives GRE, TLS, or DLTS.  I also asked the  WG leadership team (Jon, Sue, and Donald with Alia Atlas help) to discuss these points that Joe raised.     Here’s what I found. 


1)      Why IPSEC and TCP/UDP tunnels


After I walked through the WG archives, I found that over several IETFs we debated TLS, DTLS, and GRE.   Our most substantive debate was at IETF 91.   The WG had settle on utilizing GRE, TLS, or DLTS – until hardware vendors implementing TRILL came to chat with the WG at IETF 91.   The hardware vendors asked that we would utilize IPSEC and higher layer tunnels (TCP/UDP) so that TRILL switches could operate at line speed using these IPSEC processing chips off board.  The WG decided to listen to vendor creating and deploying TRILL capable devices. 


The hardware vendors reasoning still seems valid to the WG chairs and the WGs.   If in the future hardware comes up with TLS, DTLS or GRE at Ethernet switch line rates and vendors want a TRILL product with these tunnels, I’m sure that a Routing AD or  the RTGWG draft will sponsor such a draft.



2)      Is the name TRILL over IP valid? 


Now as to the name, Joe was correct the name should be changed since it is really TRILL over IPSEC + Transport.   Donald’s make the change to the title of the document, and in the document.   


“IP transport” implies using IP as a tunneling layer, which is not part of this document’s proposed approach.


Further, the description of how it interacts with TCP is incoherent to anyone familiar with TCP transport (“slicing” packets and claiming to place them directly into TCP payloads).