Hi all, Just use this thread to notify that we have post a new draft on this requirement.Please follow the below link to reach it.You comments are warmly welcomed. After discussed with experts from China Mobile(Liang Geng)and China Telecom(ChongfengXie),we have refined the requirement description and provide a rough idea on how to build a E2E deployment model of muliple domain/technologies network which provide L2/L3VPN service. The title of the draft(YANG Data Model for Composite VPN Service Delivery) should be intepreted as "A Data Model for Composite Delivery purpose of VPN Service", It's not a model of new VPN service, It's just a model used by a one-stop delivery interface to multiple domian network ,so it could simplify the fulfilment of VPN service. You could find more backguand and discussion in this thread. That's why we don't change the title too much for your convenience to track its context.
Thanks. Richard ________________________________________ 发件人: internet-dra...@ietf.org [internet-dra...@ietf.org] 发送时间: 2016年10月27日 19:26 收件人: Chenrui (Richard); DENG Hui; Liang Geng; 4c 67; Chongfeng Xie; Hui Deng; zhangliya 主题: New Version Notification for draft-chen-opsawg-composite-vpn-dm-00.txt A new version of I-D, draft-chen-opsawg-composite-vpn-dm-00.txt has been successfully submitted by Rui Chen and posted to the IETF repository. Name: draft-chen-opsawg-composite-vpn-dm Revision: 00 Title: YANG Data Model for Composite VPN Service Delivery Document date: 2016-10-24 Group: Individual Submission Pages: 47 URL: https://www.ietf.org/internet-drafts/draft-chen-opsawg-composite-vpn-dm-00.txt Status: https://datatracker.ietf.org/doc/draft-chen-opsawg-composite-vpn-dm/ Htmlized: https://tools.ietf.org/html/draft-chen-opsawg-composite-vpn-dm-00 Abstract: The operator facing data model is valuable to reduce the operations and management. This document describes the YANG data model of the composite VPN for operators to provision, optimize, monitor and diagnose the end to end PE-based VPN services across multiple autonomous systems (ASes). The model from this document are limited to multiple ASes within one service provider. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat ________________________________ 发件人: Lucy yong 发送时间: 2016年10月17日 22:12 收件人: Chenrui (Richard); Hui Deng 抄送: opsawg-cha...@ietf.org; opsawg@ietf.org; Songxiaolin; zhangliya 主题: RE: [OPSAWG] ??: draft-deng-opsawg-composed-vpn-sm-requirements-01.txt From: Chenrui (Richard) Sent: Monday, October 17, 2016 2:17 AM To: Lucy yong; Hui Deng Cc: opsawg-cha...@ietf.org; opsawg@ietf.org; Songxiaolin; zhangliya Subject: ??: [OPSAWG] ??: draft-deng-opsawg-composed-vpn-sm-requirements-01.txt Hi Lucy Thanks for these clarifications. From the Abstract section of L3SM draft(https://tools.ietf.org/html/draft-ietf-l3sm-l3vpn-service-model-17), I understand L3SM is a customer-facing service model used“between customers and network operators to deliver a Layer 3 Provider Provisioned VPN service”. It’s not used for providing a end-2-end deployment view of existing L2/L3VPN service crossing multiple operator domains. [Lucy] L3SM covers customer-face service model, which covers e2e L3 service aspect. L3SM models AC and providers backbone interworking, etc. The end-to-end deployment involves multiple domains and multiple layers. So I understand your meaning is that maybe we could use similar methodology(hierarchical approach) to define the e2e deployment model, which has the L2/L3VPN basic service information and attributes reference to multiple segments(AC,backbone,etc) information. [Lucy] I think that we are on the same page here. I am not an expert on YANG. How to use YANG to model these hierarchical relationship? If a service orchestrator has the knowledge of individual domains and domain capability, when getting a L3 service request (e2e), it can figure out which domains to use for the service instance, and send a domain service request to each individual domain controllers. Am I mistaken something? [Lucy] we have the same understanding now. Lucy Thanks, Richard ________________________________ 华为技术有限公司 Huawei Technologies Co., Ltd. [Company_logo]地址:深圳市龙岗区坂田华为基地 邮编:518129 Huawei Technologies Co., Ltd. Bantian, Longgang District,Shenzhen 518129, P.R.China http://www.huawei.com ________________________________ 本邮件及其附件含有华为公司的保密信息,仅限于发送给上面地址中列出的个人或群组。禁 止任何其他人以任何形式使用(包括但不限于全部或部分地泄露、复制、或散发)本邮件中 的信息。如果您错收了本邮件,请您立即电话或邮件通知发件人并删除本邮件! This e-mail and its attachments contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it! 发件人: Lucy yong 发送时间: 2016年10月14日 22:23 收件人: Chenrui (Richard); Hui Deng 抄送: opsawg-cha...@ietf.org<mailto:opsawg-cha...@ietf.org>; opsawg@ietf.org<mailto:opsawg@ietf.org>; Songxiaolin; zhangliya 主题: RE: [OPSAWG] ??: draft-deng-opsawg-composed-vpn-sm-requirements-01.txt From: Chenrui (Richard) Sent: Friday, October 14, 2016 2:45 AM To: Lucy yong; Hui Deng Cc: opsawg-cha...@ietf.org<mailto:opsawg-cha...@ietf.org>; opsawg@ietf.org<mailto:opsawg@ietf.org>; Songxiaolin; zhangliya Subject: ??: [OPSAWG] ??: draft-deng-opsawg-composed-vpn-sm-requirements-01.txt Hi Lucy, Very good comments and suggestions. I believe I can understand the requirement from China Mobile but I haven’t reached as deep understanding as you. I understand it’s indeed none business with a new VPN service. It’s just how operator could specify the end-2-end deployment view of existing L2/L3VPN service crossing multiple operator domains. [Lucy] Good. I hope this is the case. That can simplify the service activation or deployment progress to some extent due to orchestration capability. Right? So I believe it ,though not sure if it’s common needs from operators. I’m looking for more comments. Please Hui correct me if I’m mistaken the intent from you draft. BTW,in your sentence of “do operator need a hierarchical operator VPN service model or a flat one?” .I’m not sure the meaning of “ hierarchical” or “flat”, are they the same solutions for this requirement or different solutions? Are they existing work in IETF for this requirement? [Lucy] The based L2/L3VPN architecture is: CE-(AC)-PE-(provider backbone networks)-PE-(AC)-CE. L3SM already addresses that the provider backbone networks can include multiple domains that are interconnected via PE-PE or ASBR-ASBR. Another part is the AC that can be constructed through another network domain such as access network. In this case, the access network provides an L2VPN service to the end-to-end VPN service; from the end-to-end VPN service perspective, it uses the access network to provide a link for AC. What I means here, if SP operator (i.e. end-to-end VPN operator) wants a service model including the access network domain/l2vpn (flat model) or a service model with AC that AC reference to another L2VPN service. (hierarchical model) This is what I want to express. L3SM uses hierarchical approach. Thanks, Lucy Thanks. Richard ________________________________ 华为技术有限公司 Huawei Technologies Co., Ltd. [Company_logo]地址:深圳市龙岗区坂田华为基地 邮编:518129 Huawei Technologies Co., Ltd. Bantian, Longgang District,Shenzhen 518129, P.R.China http://www.huawei.com ________________________________ 本邮件及其附件含有华为公司的保密信息,仅限于发送给上面地址中列出的个人或群组。禁 止任何其他人以任何形式使用(包括但不限于全部或部分地泄露、复制、或散发)本邮件中 的信息。如果您错收了本邮件,请您立即电话或邮件通知发件人并删除本邮件! This e-mail and its attachments contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it! 发件人: Lucy yong 发送时间: 2016年10月14日 3:15 收件人: Hui Deng; Chenrui (Richard); opsawg@ietf.org<mailto:opsawg@ietf.org> 抄送: opsawg-cha...@ietf.org<mailto:opsawg-cha...@ietf.org> 主题: RE: [OPSAWG] ??: draft-deng-opsawg-composed-vpn-sm-requirements-01.txt Hi Hui and Rui, The draft introduction starts that ISPs have interest on providing Provider Edge (PE) based virtual private network (VPN) service and names it as composed VPN service and intends to specify the service model requirements for the composed VPN. Then it states that this service model is from operator perspective. My comments and suggestions: * Is this a brand new VPN service offered by Internet Service Providers or a use case for existing VPN services specified in [RFC4364] [RFC6742][RFC7432]? If this is a new service, please make that very clear in the beginning and describe what is the new service, service architecture, and architecture components. If this is a use case for existing VPN services; please do not call it composed VPN service (make a lot of confusions.) * Assume this is for existing VPNs and draft wants to specify the operator view of e-2-e VPNs that may across multiple operator domains. Suggests to start with existing VPN service architecture view and components: CE, PE, provider backbone networks, AC etc. and explain how operator may use multiple network domains to achieve it. For examples, PEs that customer sites attach to may exist in different ASes; the AC between CE-PE may be across an access network, etc. * Existing VPN service across multiple networks are not new and current solutions support that. * Text “Provider Edge (PE based virtual private network (VPN services, in which the tunnel endpoints are the PE devices” is very confuse. Will the tunnel is between PE-PE or PE-CE? Will this tunnel is different from current tunnel techniques in [RFC4364] [RFC6742][RFC7432]? * Existing VPN service PE and CE have its role. Text: “CE device do not need to have any special VPN capability” is confused too. * When an operator gets customer VPN service request that is an e2e service description (draft-ietf-l3sm-l3vpn-service-model), he will design individual segments (CE-PE and PE-PE) to meet the request. The result may mean that the VPN is implemented across several domains. * What values that a flat operator VPN service model provides? two segment VPNs may not even at the same layers. If one segment VPN just provides a transit link or access link to the VPN service, do operator need a hierarchical operator VPN service model or a flat one? * figure in page 5 very confusion. If this is for existing VPN service, please replace “Composed VPN” with “L3VPN” (or “L2VPN”), and replace AP with AC. * If this is a new VPN service, please define what is the composed VPN service and the architecture. Then clarify if current IETF has solutions for this service. Regards, Lucy From: OPSAWG [mailto:opsawg-boun...@ietf.org] On Behalf Of Hui Deng Sent: Wednesday, October 12, 2016 10:28 AM To: Chenrui (Richard); opsawg@ietf.org<mailto:opsawg@ietf.org> Cc: opsawg-cha...@ietf.org<mailto:opsawg-cha...@ietf.org> Subject: Re: [OPSAWG] ??: draft-deng-opsawg-composed-vpn-sm-requirements-01.txt Hi Richard, I agree with your point, in order to meet those operators expectation, the draft may need to be updated and reflect that architecture. Regarding to solution, that will be great, thanks a lot for your contribution to IETF if there is any proof of concept to this. thanks a lot for your suggestion Best regards, DENG Hui ________________________________ From: chen...@huawei.com<mailto:chen...@huawei.com> To: denghu...@hotmail.com<mailto:denghu...@hotmail.com>; opsawg@ietf.org<mailto:opsawg@ietf.org> CC: opsawg-cha...@ietf.org<mailto:opsawg-cha...@ietf.org> Subject: 答复: [OPSAWG] draft-deng-opsawg-composed-vpn-sm-requirements-01.txt Date: Tue, 11 Oct 2016 02:27:14 +0000 Hi Hui, Thanks for these clarifications. Maybe we can talk about it more in next meeting and we can provide a initial solution around these issues. BTW, if we talking about federation used in multiple operators scenarios, I suggest that there should be east-west interface between peer orchestration system in these operators. That ease-west interface is different with internal E2E service activation interface for some special requirement between operators, such as security, resource visualization,etc. Thanks, Richard ________________________________ 华为技术有限公司 Huawei Technologies Co., Ltd. 地址:深圳市龙岗区坂田华为基地 邮编:518129 Huawei Technologies Co., Ltd. Bantian, Longgang District,Shenzhen 518129, P.R.China http://www.huawei.com ________________________________ 本邮件及其附件含有华为公司的保密信息,仅限于发送给上面地址中列出的个人或群组。禁 止任何其他人以任何形式使用(包括但不限于全部或部分地泄露、复制、或散发)本邮件中 的信息。如果您错收了本邮件,请您立即电话或邮件通知发件人并删除本邮件! This e-mail and its attachments contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it! 发件人: Hui Deng [mailto:denghu...@hotmail.com] 发送时间: 2016年10月10日 23:15 收件人: Chenrui (Richard); opsawg@ietf.org<mailto:opsawg@ietf.org> 抄送: opsawg-cha...@ietf.org<mailto:opsawg-cha...@ietf.org> 主题: RE: [OPSAWG] draft-deng-opsawg-composed-vpn-sm-requirements-01.txt Hi Richard, Thanks a lot for your comments, I recalled that other two operators during last time f2f meeting had made some comments about federation issue, hope they can elaborate more detail comments here as well, inline with ==> ________________________________ From: chen...@huawei.com<mailto:chen...@huawei.com> To: opsawg@ietf.org<mailto:opsawg@ietf.org>; denghu...@hotmail.com<mailto:denghu...@hotmail.com> CC: opsawg-cha...@ietf.org<mailto:opsawg-cha...@ietf.org> Subject: Re: [OPSAWG] draft-deng-opsawg-composed-vpn-sm-requirements-01.txt Date: Sun, 9 Oct 2016 03:35:46 +0000 Hi Hui and all, When I went through the documents of IETF#96,I noticed that this draft has raised a interesting requirement in China Mobile of E2E deployment interface to a multiple VPNs composed infrastructure, such as L2+L3 network. So the interface could make the service fulfillment and management more easy. Is my understanding right? ==> Yes, current existing L3SM are mostly talking about customer facing service model. this requirement expects to help operators with large scale to mange the underlay network with a global view. (here could be a multiple operators, that is related to federation) an enterprise customer may simply request a L3 VPN service, but operator has to provision and mange the end to end underlay network constructed with multiple ASes and techniques, and further assure the service. this is the key issue for today's operators. I do believe this interface and its model are indeed helpful for operators to simplify operations and management. And I still have some questions need to be discussed and aligned with you and experts in email thread. 1.While referring to another draft at same meeting <<service model explained>> (https://tools.ietf.org/id/draft-wu-opsawg-service-model-explained-03.txt), I believe the above E2E deployment interface should be position between service orchestration and network orchestration(Figure 3). That mean it’s a internal interface in one operator and it acts not only to implement the customer facing model (i.e. L3SM),but also to maintain, monitor and diagnose the end to end PE-based VPN services crossing multiple technologies deployed network. Is it right? and should this interface need to support VPN service which maybe cross multiple operators? ==> good point, the future in the link is quite helpful, this should be updated in next revision. ==> for your questions about multiple operators, this is exactly the issue raised during the meeting, operator are interconnected each other through federation, the end to end service may go across multiple operators' access and core network. that is the reason why we define VPN segment within the composed VPN. this hasn't been consider in the document before, but the flexibility of composed VPN framework should be included. 2.Actually I’m new guy in IETF, so I’m not sure if there are existing works in IETF which could instruct or modeling the interface/E2E-view to manage a multiple technologies composed network, which I believe very common in operator’s deployment while still need to provide simple E2E service experience to their customers. Maybe we can improve something here. So if experts here have more background, please help me. Thanks. ==> although it is important, but I didn't see any e2e effort on the network yet. there is a related work in L3SM in customer service level and some dedicated VPN models in BESS. that's why I raise this topic. definitely welcome any effort to join the following data model design if you really have a strong background on it. 3.As I understand this interface/model should be internal in operators, so I’m not sure if there any other operators are interested it and need a IETF RFC? ==> I did hear two big operators showed the interest in this topic, hope they can join as well in our next revision. this may related to network orchestrator, OSS/BSS and even analytics system from different vendors. a standard model will definitely hep the diversity in one operator's production environment. Best regards, DENG Hui Thanks. Regards, Richard Chen ________________________________ 华为技术有限公司 Huawei Technologies Co., Ltd. 地址:深圳市龙岗区坂田华为基地 邮编:518129 Huawei Technologies Co., Ltd. Bantian, Longgang District,Shenzhen 518129, P.R.China http://www.huawei.com ________________________________ 本邮件及其附件含有华为公司的保密信息,仅限于发送给上面地址中列出的个人或群组。禁 止任何其他人以任何形式使用(包括但不限于全部或部分地泄露、复制、或散发)本邮件中 的信息。如果您错收了本邮件,请您立即电话或邮件通知发件人并删除本邮件! This e-mail and its attachments contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it!
_______________________________________________ OPSAWG mailing list OPSAWG@ietf.org https://www.ietf.org/mailman/listinfo/opsawg