Re: [bess] [Idr] Seeking feedback of draft-dunbar-idr-sdwan-port-safi using SDWAN SAFI to encode SDWAN Instance ID in the NLRI

Gyan: +1 to Roberts comments.Robert, Linda and I have taken this topic off line. If you are interested, ping. Sue From: Idr [mailto:idr-boun...@ietf.org] On Behalf Of Gyan Mishra Sent: Tuesday, March 31, 2020 9:52 PM To: Robert Raszuk Cc: i...@ietf.org; Linda Dunbar; Huaimo

Re: [bess] [Idr] Seeking feedback of draft-dunbar-idr-sdwan-port-safi using SDWAN SAFI to encode SDWAN Instance ID in the NLRI

Thanks Robert!!  For me to really comprehend I have to have to put the tire to the road and test in my Dev lab. Any caveats with Cisco XR? Ping me off list on cisco specific reply. Kind regards Gyan On Tue, Mar 31, 2020 at 6:43 AM Robert Raszuk wrote: > Hi Gyan, > > As topic 1 - Extended

Re: [bess] [Idr] Seeking feedback of draft-dunbar-idr-sdwan-port-safi using SDWAN SAFI to encode SDWAN Instance ID in the NLRI

Hi Gyan, As topic 1 - Extended community which is used for filtering incoming updates can be configured under BGP AF - there is nothing in the protocol which mandates that such RTs need to be configured under VRF section. As of topic 2 - This is huge misconception by many people who think that

Re: [bess] [Idr] Seeking feedback of draft-dunbar-idr-sdwan-port-safi using SDWAN SAFI to encode SDWAN Instance ID in the NLRI

Robert & Linda Sorry to inject myself into this thread. You stated that that RFC 4364 SAFI 128 for vpnv4 vpnv6 is the BGP control plane service layer overlay from PE to RR. Agreed. By default all PEs including the SDWAN PE have RT Filtering enabled by default and only import the RT into the

Re: [bess] [Idr] Seeking feedback of draft-dunbar-idr-sdwan-port-safi using SDWAN SAFI to encode SDWAN Instance ID in the NLRI

Robert, Want to confirm the following two points with you. Do I interpret your words correctly? * If a CPE supports traditional VPN with multiple VRFs, and supports multiple SDWAN instances, the traditional VRF configuration is still same which are carried by BGP Route Target Extended

Re: [bess] [Idr] Seeking feedback of draft-dunbar-idr-sdwan-port-safi using SDWAN SAFI to encode SDWAN Instance ID in the NLRI

Hi Linda, Nope you do not need VRFs. RT construct works at the control plane level. VRF may be useful for traffic separation purposes on multitenant CPEs or if you would like to relax requirements for unique IP across SDWAN sites - but not a must otherwise. My main point was that BGP SAFI 128

Re: [bess] [Idr] Seeking feedback of draft-dunbar-idr-sdwan-port-safi using SDWAN SAFI to encode SDWAN Instance ID in the NLRI

Robert, Thank you very much for the feedback. If using your suggested Route Target approach to represent the SDWAN Instance ID, does it mean that a SDWAN Edge has to use the same approach to configure the VRF for SDWAN instances? If the edge node supports both traditional VPN and SDWAN, will

Re: [bess] [Idr] Seeking feedback of draft-dunbar-idr-sdwan-port-safi using SDWAN SAFI to encode SDWAN Instance ID in the NLRI

Hi Linda, I think you are mixing data plane and control plane. In SDWAN data plane is of no issue as you are interconnecting sites in a given VPN over mesh of secure tunnels. You are asking how to keep control plane separate between VPN instances. This is precisely what RFC4364 does already and