IETF Logo Mail Archive

Re: [trill] WG Last Call: draft-ietf-trill-fine-labeling-02.txt

Donald Eastlake <d3e3e3@gmail.com> Wed, 28 November 2012 03:01 UTC

Return-Path: <d3e3e3@gmail.com>
X-Original-To: trill@ietfa.amsl.com
Delivered-To: trill@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E7E121E8030 for <trill@ietfa.amsl.com>; Tue, 27 Nov 2012 19:01:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.066
X-Spam-Level:
X-Spam-Status: No, score=-103.066 tagged_above=-999 required=5 tests=[AWL=0.533, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DugsEQVv2WYj for <trill@ietfa.amsl.com>; Tue, 27 Nov 2012 19:01:14 -0800 (PST)
Received: from mail-ie0-f172.google.com (mail-ie0-f172.google.com [209.85.223.172]) by ietfa.amsl.com (Postfix) with ESMTP id 9B01E21F85FE for <trill@ietf.org>; Tue, 27 Nov 2012 19:01:14 -0800 (PST)
Received: by mail-ie0-f172.google.com with SMTP id c13so12986994ieb.31 for <trill@ietf.org>; Tue, 27 Nov 2012 19:01:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding; bh=ZoEVctJ2r0zo0ymY1bEST+ZxGDy0IuoWs18uthf0UgQ=; b=PgaNCbFkjBnOmViuIUDI1d2LMJ7MWBYbdaIjm/MmWhYFEEHZEYvvXQpHYWmZLRu68I uaYLEwRBw6++7UNBCMajLcebD8c+a333MF/5GKQqNn94wzXxBToKtDCnz2sWOLbnt9CZ Mmy1wsAV2bwKMkC6z7EylZOOFi9z984WbNg/Eo56Wez4KxtvOlyPf2oYJyFnxvENcuxS 20cxESFDnQfyQ1TnA0cWcDv0dmjZS97BIUNzU6vWbiGAUYfJfvXONZDymeYhXa+0YXrS 9vR4KQ0G1B/qT4emkInmOMoGfsa+AaV770a4SQTJRPJDZXskCfPJzI95Iv+6Aq8xWiUk 6lGQ==
Received: by 10.50.34.201 with SMTP id b9mr17707754igj.55.1354071671928; Tue, 27 Nov 2012 19:01:11 -0800 (PST)
MIME-Version: 1.0
Received: by 10.64.28.209 with HTTP; Tue, 27 Nov 2012 19:00:51 -0800 (PST)
In-Reply-To: <A3C4E51A53661B4EBEE7C5F5E6FCDEB5026F93353CCA@USEXCHANGE.corp.extremenetworks.com>
References: <CAF4+nEE+rT9x_MgiWLCx7xut4SgDJ7=pRK1L_PovrwBCg3OaVw@mail.gmail.com> <CCCE73BA.C6A2%ostokes@extremenetworks.com> <CAF4+nEFioN3TmDj7sGchr4atPijRNiGCwiBLe8ROB79fqA0kAg@mail.gmail.com> <201211200140.qAK1eSD0011029@cichlid.raleigh.ibm.com> <CAF4+nEEckNenUBnMwbDH7o-cvf029aP2dGZjDiNnhJu3vj2JJw@mail.gmail.com> <CAFOuuo57RKAA1Z7akyQ3kGtmvPDvBmDDjdijiFzmck==A5H8pw@mail.gmail.com> <CAF4+nEEkKffy_c_qD-LAjgfECmjCgVSJ+F6zZePScZP4G3EZ1Q@mail.gmail.com> <CA+-tSzwc1yC0oJ3ermyuEFbqXACHyPLwv-M0Rbk5PW5A4BFVgg@mail.gmail.com> <6895EAE0CA8DEE40B92D7CA88BB521F32413DAE82F@HQ1-EXCH02.corp.brocade.com> <CAF4+nEGaoACysoAaHE-4_Mi8PVBNcVu-Wbeenz4XXZo4aQOiKg@mail.gmail.com> <A3C4E51A53661B4EBEE7C5F5E6FCDEB5026F93353CCA@USEXCHANGE.corp.extremenetworks.com>
From: Donald Eastlake <d3e3e3@gmail.com>
Date: Tue, 27 Nov 2012 22:00:51 -0500
Message-ID: <CAF4+nEF9w5_=+imRbjXnputj=-wKvk2pNd9ZNKw6VJTsc8KU0w@mail.gmail.com>
To: Olen Stokes <ostokes@extremenetworks.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: "trill@ietf.org" <trill@ietf.org>
Subject: Re: [trill] WG Last Call: draft-ietf-trill-fine-labeling-02.txt
X-BeenThere: trill@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Developing a hybrid router/bridge." <trill.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trill>, <mailto:trill-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trill>
List-Post: <mailto:trill@ietf.org>
List-Help: <mailto:trill-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trill>, <mailto:trill-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Nov 2012 03:01:15 -0000

Hi Olen,

On Mon, Nov 26, 2012 at 10:09 AM, Olen Stokes
<ostokes@extremenetworks.com> wrote:
> From Donald below:
>
> "If an RBridge has been modified from existing legacy VL RBridge so that you can safely use it as a transit node, then it *is* an FGL RBridge (even if it is a limited FGL RBridge that can't do FGL ingress and egress). If it has not been so modified, then it remains a VL RBridge and will likely mishandle or discard and FGL frames it receives."
>
> We seem to be moving in the direction where RBridges with differing capabilities are all considered to be FGL RBridges.  Do we need to consider advertising the differences in capabilities in the ISIS extensions for FGL?

I don't think so in this case.

It seems to me that there isn't a need to distinguish a limited FGL
TRILL switch (FGL transit only) from a full FGL TRILL switch (FGL
ingress, transit, and egress) in the link state. A port doesn't
ingress to FGL unless it is configured to do so and you can't
configure a port of a limited FGL TRILL switch that way. And an FGL
TRILL Data frame can't be egressed at a port unless the port is
labeled with the same FGL label as the frame which can't be done with
a limited FLG TRILL switch.

Thanks,
Donald
=============================
 Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
 155 Beaver Street, Milford, MA 01757 USA
 d3e3e3@gmail.com

> Cheers,
> Olen
>
>
> -----Original Message-----
> From: trill-bounces@ietf.org [mailto:trill-bounces@ietf.org] On Behalf Of Donald Eastlake
> Sent: Friday, November 23, 2012 2:39 PM
> To: Phanidhar Koganti
> Cc: Anoop Ghanwani; trill@ietf.org
> Subject: Re: [trill] WG Last Call: draft-ietf-trill-fine-labeling-02.txt
>
> Hi Phanidhar,
>
> On Tue, Nov 20, 2012 at 2:29 PM, Phanidhar Koganti <pkoganti@brocade.com> wrote:
>> From: trill-bounces@ietf.org [mailto:trill-bounces@ietf.org] On
>   Behalf Of Anoop Ghanwani
>> Sent: Wednesday, November 21, 2012 12:50 AM
>> To: Donald Eastlake
>> Cc: Radia Perlman; trill@ietf.org
>> Subject: Re: [trill] WG Last Call:
>   draft-ietf-trill-fine-labeling-02.txt
>>
>>
>> On Mon, Nov 19, 2012 at 8:29 PM, Donald Eastlake <d3e3e3@gmail.com>
>   wrote:
>>
>> Hi Radia,
>>
>> On Mon, Nov 19, 2012 at 11:13 PM, Radia Perlman
>  <radiaperlman@gmail.com> wrote:
>>> Ah.  So the intent is that an FGL RBridge must be able to parse
>>> either VL or FGL, which would allow an edge RB that only supports VL
>>> to work OK, and to have some number of VLANs (4000 of them) that
>>> would be reachable via old edge RBs?  >
>>
>> <Donald> Yes on parsing. But it is hard to be sure no FGL frame can
>> get to a VL RBridge. Say you have VLRB1 connected to the campus
>> through FGLRB2.  And FGLRB2 is connected to FGLRB3. What if
>> connectivity appears between VLRB1 and FGLRB3 and perhaps the link
>> between FGLRB2 and FGLRB3 breaks? How can you stop FGL frames from
>> going between FGLRB2 and FGLRB3 via VLRB1 keeping in mind that you
>> have to assume no changes in the old VL RBridges? (Without
>> multi-topology. With multi-topology, it's relatively easy.)
>>
>> <Anoop> FGL frames should never be forwarded to an RB that doesn't
>> support FGL.  This is easy to figure out since IS-IS can tell us what
>> the capabilities of an RBridge are before forwarding to that RBridge
>> begins.  And as a result of this requirement, we should probably
>> disallow FGL and non-FGL RBridges being reachable from the same
>> RBridge port, otherwise it would be challenging to implement this
>> control for multicast frames.
>
> I am not sure what you mean by "disallow" but if some physical topology is trivially realizable by someone plugging in the wrong cables, you have to take it into account and say what happens. In this case, where FGL and non-FGL RBridges are on the same link, the FGL RBridges just refuse to report any adjacencies on the link, thus excommunicating the link for TRILL Data traffic.
>
>> [Phanidhar Koganti] Does this mean non-FGL RBridges cannot act as
>> transit nodes? Why can't the transit nodes just rely on TRILL SA/DA to
>> forward.  Agree there will be issues for multicast in terms of the
>> optimal pruned forwarding as a non-FGL RB will not have access to the
>> inner IP header or VLAN (FGL based). However isn't this an
>> optimization for multicast pruning?  The transit RBs can forward based
>> on the non-pruned multicast tree.
>
> If an RBridge has been modified from existing legacy VL RBridge so that you can safely use it as a transit node, then it *is* an FGL RBridge (even if it is a limited FGL RBridge that can't do FGL ingress and egress). If it has not been so modified, then it remains a VL RBridge and will likely mishandle or discard and FGL frames it receives.
>
>>> <Radia> And we're assuming that old edge RBs that only do VL will
>>> know to drop something tagged with FGL?
>
> I believe they should but it does not seem wise to depend on that.
>
>> <Donald> A VL RBridge should, in my opinion, drop an FGL frame based
>> on RFC 6325. However, if it did not, it would presumably mean it was
>> ignoring the 0x893B value where it should be requiring 0x8100. As a
>> result, it would believe the FGL frame was in some VLAN and might
>> egress it to the wrong end-stations, violating security policy.
>>
>> <Anoop> We need to make the spec clear on this aspect; i.e. FGL or
>> non-FGL RBridges must discard a received frame if the inner tag (FGL
>> or VLAN depending on what mode the port is operating in) is absent.
>
> In the draft, ports have an FGL/VL configuration "mode" for ingressing/egressing native frames but that don't have any "mode" for TRILL Data frames. If they are a VL RBridge, they can only handle VL TRILL Data frames. If they are an FGL RBridge, the can handle both VL and FGL TRILL Data frames.
>
>> Anoop
>
> Thanks,
> Donald
> =============================
>  Donald E. Eastlake 3rd   +1-508-333-2270 (cell)
>  155 Beaver Street, Milford, MA 01757 USA  d3e3e3@gmail.com _______________________________________________
> trill mailing list
> trill@ietf.org
> https://www.ietf.org/mailman/listinfo/trill

v2.23.0 | Report a Bug | By Email