[bess] Comments on draft-sajassi-bess-evpn-ip-aliasing-02

[wang.yubao2]

Hi Jorge,






This is the detailed explanation of the question I asked in the IETF 111 
meeting. 


In page 7 of slides-111-bess-sessa-evpn-ip-aliasing, when leaf-5 send traffic 
to leaf-2,  how does leaf-2 find the corresponding ARP entry for 20.0.0.2 or 
20.0.0.1 or 20.1.1.3 ?


I guess the GW-IP 1.1.1.1 will be advertised as overlay index along with the 
ESI.



But the draft-ietf-bess-evpn-prefix-advertisement-11 does not define an IP 
Prefix Advertisement Route with both GW-IP and ESI both as overlay index.


I suggest that this should be updated if you want to do so.


And the preference of ESI overlay index should be considered higher than GW-IP 
overlay index for Leaf-5's sake.


But the preference of ESI overlay index should be considered lower than (or 
maybe they should both be used? ) GW-IP overlay index for Leaf-2's sake


These are new rules that can't be found in 
draft-ietf-bess-evpn-prefix-advertisement-11 .






But on the contary,  if the IP Prefix Advertisement Route has a GW-IP overlay 
index,


It can support the same protection procedures without any ESI overlay index.


( The details to do such protection using GW-IP overlay index I have described 
in draft-wang-bess-evpn-arp-nd-synch-without-irb-06. )


So I don't get the point why we need two redundant overlay index?


Can you clearify it?






Maybe an IP Prefix Route Style with a GW-IP overlay index is engough here.


And such Route Style is in compliance with  
draft-ietf-bess-evpn-prefix-advertisement-11 already.






Another question is that: If the ESI overlay index is advertised, when will the 
IP A-D per EVI route of Leaf-2 be withdrawn?


When the IRB interface on Leaf-2 fails?


When one of the three ACs fails?


When all of the three ACs fails?


If you want to do so, I suggest that the ESI-1 to be configured onto the IRB 
interfaces,


But in Figure 2 of  draft-sajassi-bess-evpn-ip-aliasing-02, I see the ESI is 
configured on the ACs of the BDs.






Is anything I have misunderstood?






Best,


Yubao___
BESS mailing list
BESS@ietf.org
https://www.ietf.org/mailman/listinfo/bess

[bess] Review of draft-ietf-bess-evpn-ipvpn-interworking-05.txt

[Susan Hares]

Bess chairs reminded me that IDR WG was requested at IETF 110 to review
draft-ietf-bess-evpn-ipvpn-interworking-05.txt. Since we did not receive
reviews from the IDR WG, the IDR chairs have taken on the task of reviewing
this document. 

 

Full review is at: 

https://trac.ietf.org/trac/idr/wiki/Hares-review-draft-ietf-bess-evpn-ipvpn-
internetworking-05

High level points at: 

https://trac.ietf.org/trac/idr/wiki/draft-ietf-bess-evpn-ipvpn-interworking

 

Summary Review: 



The desire of users to have gateways between EVPNs and IPVPNs is evident due
to the deployment of these technologies in the market place.  The BESS
chairs request is due to the changes made to BGP in addition of a BGP
Attribute and changes to RFC4271's route selection.  In addition, the IDR
and BESS chairs have begun to discuss additional BGP error handling for
embedded NRLIs beyond RFC7606.  

 

This email is about 6 high-level issues in this draft and major editing
issues.  It does not consider editorial issues in the text.  

 

Deployment information on this draft draft-ietf-bess-evpn-ipvpn-interworking
would help in the consideration of solutions to these high-level issues.  If
this specification has 2 implementations, then these implementation teams
may be able to quickly fill in the missing pieces of the document.

 

===

High level technical issues: 

 

1) Lack of error handling for NLRIs which carry semantics beyond prefixes. 

 

RFC7606 focused on the error handling for prefixes accompanied by attributes
and 

Communities (basic and extended) specified by RFCs 4271, 4360, 4456, 4760,

5543, 5701, 6368. 

 

The embedded prefixes which combine prefixes with external information 

(RD, EVI, ET, MPLS label, Domain, SID, and other tags) create a new  class
of errors where the packet can be well-formed and invalid.   The handling of
this information requires

careful consideration of the error handling.  The technology specified in
this draft does

not consider the error cases of well-formed and invalid. 

 

The IDR chairs suggest that this type of error handling should be defined as
a general BGP functionality to expand RFC7606 to the embedded prefixes by
the IDR WG.  This general functionality will then need to be applied to the
handling of embedded prefixes. 

 

This draft and existing RFCs (e.g. RFC7432) would be updated with the new
error handling. 

 

2) Domain BGP Path Attribute (section 4) debugging and scaling 

 

Domain Path IDs provide parallel numbering scheme that does not have a
universal definition.  Debugging these Domain IDs in the Internet wild
without this definition seems difficult at best.  It is unclear why the
Domain IDs did settle on ASN (4 byte) plus some identifier.  There are
numerous private AS numbers that can be used for DC tenants. 

 

The automatic generation of AS numbers based on the starting point of
private as numbers should take care of most Data Center automation tools.
Why does this specification stick with AS numbers? 

 

Error handling: (section 4 - pages 11-14) 

The error handling of the DPATH seeks to define: 

(4.a) add/delete/change conditions for transit routes and locally generated
routes

(4.b) malformed DPATH attributes. 

 

It does not define error conditions if the syntax conditions 

cause (4.a) to fail.  

 

3) Route selection process modifies the RFC4271 and may not scale

 

This draft modifies the RFC4271 to include D-PATH (page 17) without
providing a solid

reasoning why it is necessary and why it scales.  Proof of the scalability
may be included in another document or by public reports. As the topics of
the ANRW indicates, BGP research for scalability of an application is always
a "hot" research topic. 

 

The definition of the BGP route selection changes (page 17)  #3 and 4 is not
tightly defined using an example rather that specification. Any proposed
changes to the BGP route selection should be done in formal language for
changes to the text. 

 

Language such as "could possible leave" or "by default" is not specific
(page 17) is not specific enough.  

 

4) Error handling in Gateway PE (section 8)  between different AFI/SAFI
prefixes is unclear 

 

This draft defines translation between certain embedded prefixes see table
below.  The interworking of the embedded prefix depends the basic error
handling working correctly for embedded prefixes (#1) and the Domain Path
(#2). Since these two items are unclear AND

I do not see definitions "well-formed but invalid" case is not covered for
this draft. 

 

AFI with SAFIs

1 - 1, 128

2 -  1, 128

25 - 70   

 

Section 8 attempts to provide this rules as an example.  However section 8
requires the following syntax validity checks beyond well-formed:  

1) It must be a ISF route from AFI/SAFI pairs + allowed by policy (?)

2) for gateway PE advertising ISF routes, must 

a) include a D-PATH attribute

b) EVPN to other VPNS must append Domain with 

2) The domain inside D-PATH must