draft-ietf-bess-evpn-overlay-11.txt   draft-ietf-bess-evpn-overlay-12.txt 
skipping to change at page 1, line 16 skipping to change at page 1, line 16
Juniper Juniper
N. Bitar N. Bitar
Nokia Nokia
R. Shekhar R. Shekhar
Juniper Juniper
J. Uttaro J. Uttaro
AT&T AT&T
W. Henderickx W. Henderickx
Nokia Nokia
Expires: July 12, 2018 January 12, 2018 Expires: August 9, 2018 February 9, 2018
A Network Virtualization Overlay Solution using EVPN A Network Virtualization Overlay Solution using EVPN
draft-ietf-bess-evpn-overlay-11 draft-ietf-bess-evpn-overlay-12
Abstract Abstract
This document specifies how Ethernet VPN (EVPN) can be used as a This document specifies how Ethernet VPN (EVPN) can be used as a
Network Virtualization Overlay (NVO) solution and explores the Network Virtualization Overlay (NVO) solution and explores the
various tunnel encapsulation options over IP and their impact on the various tunnel encapsulation options over IP and their impact on the
EVPN control-plane and procedures. In particular, the following EVPN control-plane and procedures. In particular, the following
encapsulation options are analyzed: Virtual Extensible LAN (VXLAN), encapsulation options are analyzed: Virtual Extensible LAN (VXLAN),
Network Virtualization using Generic Routing Encapsulation (NVGRE), Network Virtualization using Generic Routing Encapsulation (NVGRE),
and MPLS over Generic Routing Encapsulation (GRE). This specification and MPLS over Generic Routing Encapsulation (GRE). This specification
skipping to change at page 3, line 30 skipping to change at page 3, line 30
10.1 DCI using GWs . . . . . . . . . . . . . . . . . . . . . . . 23 10.1 DCI using GWs . . . . . . . . . . . . . . . . . . . . . . . 23
10.2 DCI using ASBRs . . . . . . . . . . . . . . . . . . . . . . 24 10.2 DCI using ASBRs . . . . . . . . . . . . . . . . . . . . . . 24
10.2.1 ASBR Functionality with Single-Homing NVEs . . . . . . 25 10.2.1 ASBR Functionality with Single-Homing NVEs . . . . . . 25
10.2.2 ASBR Functionality with Multi-Homing NVEs . . . . . . . 25 10.2.2 ASBR Functionality with Multi-Homing NVEs . . . . . . . 25
11 Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . 27 11 Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . 27
12 Security Considerations . . . . . . . . . . . . . . . . . . . 27 12 Security Considerations . . . . . . . . . . . . . . . . . . . 27
13 IANA Considerations . . . . . . . . . . . . . . . . . . . . . 28 13 IANA Considerations . . . . . . . . . . . . . . . . . . . . . 28
14 References . . . . . . . . . . . . . . . . . . . . . . . . . . 28 14 References . . . . . . . . . . . . . . . . . . . . . . . . . . 28
14.1 Normative References . . . . . . . . . . . . . . . . . . . 28 14.1 Normative References . . . . . . . . . . . . . . . . . . . 28
14.2 Informative References . . . . . . . . . . . . . . . . . . 29 14.2 Informative References . . . . . . . . . . . . . . . . . . 29
Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 30 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 30
1 Introduction 1 Introduction
This document specifies how Ethernet VPN (EVPN) [RFC7432] can be used This document specifies how Ethernet VPN (EVPN) [RFC7432] can be used
as a Network Virtualization Overlay (NVO) solution and explores the as a Network Virtualization Overlay (NVO) solution and explores the
various tunnel encapsulation options over IP and their impact on the various tunnel encapsulation options over IP and their impact on the
EVPN control-plane and procedures. In particular, the following EVPN control-plane and procedures. In particular, the following
encapsulation options are analyzed: Virtual Extensible LAN (VXLAN) encapsulation options are analyzed: Virtual Extensible LAN (VXLAN)
[RFC7348], Network Virtualization using Generic Routing Encapsulation [RFC7348], Network Virtualization using Generic Routing Encapsulation
skipping to change at page 14, line 5 skipping to change at page 14, line 5
bundle service in [RFC7432]. Such setting must be done consistently bundle service in [RFC7432]. Such setting must be done consistently
on all PE devices participating in that EVI within a given domain. on all PE devices participating in that EVI within a given domain.
For global VNIs, the value advertised in the Ethernet Tag field For global VNIs, the value advertised in the Ethernet Tag field
SHOULD be set to a VNI as long as it matches the existing semantics SHOULD be set to a VNI as long as it matches the existing semantics
of the Ethernet Tag, i.e., it identifies a bridge table within a MAC- of the Ethernet Tag, i.e., it identifies a bridge table within a MAC-
VRF and the set of VNIs are configured consistently on each PE in VRF and the set of VNIs are configured consistently on each PE in
that EVI. that EVI.
In order to indicate which type of data plane encapsulation (i.e., In order to indicate which type of data plane encapsulation (i.e.,
VXLAN, NVGRE, MPLS, or MPLS in GRE) is to be used, the BGP VXLAN, NVGRE, MPLS, or MPLS in GRE) is to be used, the BGP
Encapsulation extended community defined in [TUNNEL-ENCAP] is Encapsulation extended community defined in [RFC5512] is included
included with all EVPN routes (i.e. MAC Advertisement, Ethernet AD with all EVPN routes (i.e. MAC Advertisement, Ethernet AD per EVI,
per EVI, Ethernet AD per ESI, Inclusive Multicast Ethernet Tag, and Ethernet AD per ESI, Inclusive Multicast Ethernet Tag, and Ethernet
Ethernet Segment) advertised by an egress PE. Five new values have Segment) advertised by an egress PE. Five new values have been
been assigned by IANA to extend the list of encapsulation types assigned by IANA to extend the list of encapsulation types defined in
defined in [TUNNEL-ENCAP] and they are listed in section 13. [RFC5512] and they are listed in section 13.
The MPLS encapsulation tunnel type, listed in section 13, is needed The MPLS encapsulation tunnel type, listed in section 13, is needed
in order to distinguish between an advertising node that only in order to distinguish between an advertising node that only
supports non-MPLS encapsulations and one that supports MPLS and non- supports non-MPLS encapsulations and one that supports MPLS and non-
MPLS encapsulations. An advertising node that only supports MPLS MPLS encapsulations. An advertising node that only supports MPLS
encapsulation does not need to advertise any encapsulation tunnel encapsulation does not need to advertise any encapsulation tunnel
types; i.e., if the BGP Encapsulation extended community is not types; i.e., if the BGP Encapsulation extended community is not
present, then either MPLS encapsulation or a statically configured present, then either MPLS encapsulation or a statically configured
encapsulation is assumed. encapsulation is assumed.
skipping to change at page 15, line 8 skipping to change at page 15, line 8
GRE key; otherwise, the GRE header SHOULD NOT include the GRE key. GRE key; otherwise, the GRE header SHOULD NOT include the GRE key.
The Checksum and Sequence Number fields MUST NOT be included and the The Checksum and Sequence Number fields MUST NOT be included and the
corresponding C and S bits in the GRE Packet Header MUST be set to corresponding C and S bits in the GRE Packet Header MUST be set to
zero. A PE capable of supporting this encapsulation, SHOULD advertise zero. A PE capable of supporting this encapsulation, SHOULD advertise
its EVPN routes along with the Tunnel Encapsulation extended its EVPN routes along with the Tunnel Encapsulation extended
community indicating MPLS over GRE encapsulation as described in community indicating MPLS over GRE encapsulation as described in
previous section. previous section.
6 EVPN with Multiple Data Plane Encapsulations 6 EVPN with Multiple Data Plane Encapsulations
The use of the BGP Encapsulation extended community per [TUNNEL- The use of the BGP Encapsulation extended community per [RFC5512]
ENCAP] allows each NVE in a given EVI to know each of the allows each NVE in a given EVI to know each of the encapsulations
encapsulations supported by each of the other NVEs in that EVI. supported by each of the other NVEs in that EVI. i.e., each of the
i.e., each of the NVEs in a given EVI may support multiple data plane NVEs in a given EVI may support multiple data plane encapsulations.
encapsulations. An ingress NVE can send a frame to an egress NVE An ingress NVE can send a frame to an egress NVE only if the set of
only if the set of encapsulations advertised by the egress NVE forms encapsulations advertised by the egress NVE forms a non-empty
a non-empty intersection with the set of encapsulations supported by intersection with the set of encapsulations supported by the ingress
the ingress NVE, and it is at the discretion of the ingress NVE which NVE, and it is at the discretion of the ingress NVE which
encapsulation to choose from this intersection. (As noted in encapsulation to choose from this intersection. (As noted in
section 5.1.3, if the BGP Encapsulation extended community is not section 5.1.3, if the BGP Encapsulation extended community is not
present, then the default MPLS encapsulation or a locally configured present, then the default MPLS encapsulation or a locally configured
encapsulation is assumed.) encapsulation is assumed.)
When a PE advertises multiple supported encapsulations, it MUST When a PE advertises multiple supported encapsulations, it MUST
advertise encapsulations that use the same EVPN procedures including advertise encapsulations that use the same EVPN procedures including
procedures associated with split-horizon filtering described in procedures associated with split-horizon filtering described in
section 8.3.1. For example, VXLAN and NVGRE (or MPLS and MPLS over section 8.3.1. For example, VXLAN and NVGRE (or MPLS and MPLS over
GRE) encapsulations use the same EVPN procedures and thus a PE can GRE) encapsulations use the same EVPN procedures and thus a PE can
skipping to change at page 28, line 11 skipping to change at page 28, line 11
Jakob Heitz for his contribution on section 10.2. Jakob Heitz for his contribution on section 10.2.
12 Security Considerations 12 Security Considerations
This document uses IP-based tunnel technologies to support data This document uses IP-based tunnel technologies to support data
plane transport. Consequently, the security considerations of those plane transport. Consequently, the security considerations of those
tunnel technologies apply. This document defines support for VXLAN tunnel technologies apply. This document defines support for VXLAN
[RFC7348] and NVGRE [RFC7637] encapsulations. The security [RFC7348] and NVGRE [RFC7637] encapsulations. The security
considerations from those RFCs apply to the data plane aspects of considerations from those RFCs apply to the data plane aspects of
this document. this document.
As with [TUNNEL-ENCAP], any modification of the information that is As with [RFC5512], any modification of the information that is used
used to form encapsulation headers, to choose a tunnel type, or to to form encapsulation headers, to choose a tunnel type, or to choose
choose a particular tunnel for a particular payload type may lead to a particular tunnel for a particular payload type may lead to user
user data packets getting misrouted, misdelivered, and/or dropped. data packets getting misrouted, misdelivered, and/or dropped.
More broadly, the security considerations for the transport of IP More broadly, the security considerations for the transport of IP
reachability information using BGP are discussed in [RFC4271] and reachability information using BGP are discussed in [RFC4271] and
[RFC4272], and are equally applicable for the extensions described [RFC4272], and are equally applicable for the extensions described
in this document. in this document.
13 IANA Considerations 13 IANA Considerations
This document requests the following BGP Tunnel Encapsulation This document requests the following BGP Tunnel Encapsulation
Attribute Tunnel Types from IANA and they have already been Attribute Tunnel Types from IANA and they have already been
skipping to change at page 29, line 8 skipping to change at page 29, line 8
[RFC7432] Sajassi et al., "BGP MPLS Based Ethernet VPN", RFC 7432, [RFC7432] Sajassi et al., "BGP MPLS Based Ethernet VPN", RFC 7432,
February 2014 February 2014
[RFC7348] Mahalingam, M., et al, "VXLAN: A Framework for Overlaying [RFC7348] Mahalingam, M., et al, "VXLAN: A Framework for Overlaying
Virtualized Layer 2 Networks over Layer 3 Networks", RFC 7348, August Virtualized Layer 2 Networks over Layer 3 Networks", RFC 7348, August
2014 2014
[RFC7637] Garg, P., et al., "NVGRE: Network Virtualization using [RFC7637] Garg, P., et al., "NVGRE: Network Virtualization using
Generic Routing Encapsulation", RFC 7637, September, 2015 Generic Routing Encapsulation", RFC 7637, September, 2015
[TUNNEL-ENCAP] Rosen et al., "The BGP Tunnel Encapsulation [RFC5512] Mohapatra, P. and E. Rosen, "The BGP Encapsulation
Attribute", draft-ietf-idr-tunnel-encaps-08, work in progress, Subsequent Address Family Identifier (SAFI) and the BGP Tunnel
January 11, 2018. Encapsulation Attribute", RFC 5512, April 2009.
[RFC4023] T. Worster et al., "Encapsulating MPLS in IP or Generic [RFC4023] T. Worster et al., "Encapsulating MPLS in IP or Generic
Routing Encapsulation (GRE)", RFC 4023, March 2005 Routing Encapsulation (GRE)", RFC 4023, March 2005
14.2 Informative References 14.2 Informative References
[RFC7209] Sajassi et al., "Requirements for Ethernet VPN (EVPN)", RFC [RFC7209] Sajassi et al., "Requirements for Ethernet VPN (EVPN)", RFC
7209, May 2014 7209, May 2014
[RFC4272] S. Murphy, "BGP Security Vulnerabilities Analysis.", [RFC4272] S. Murphy, "BGP Security Vulnerabilities Analysis.",
January 2006. January 2006.
[RFC7364] Narten et al., "Problem Statement: Overlays for Network [RFC7364] Narten et al., "Problem Statement: Overlays for Network
Virtualization", RFC 7364, October 2014. Virtualization", RFC 7364, October 2014.
[RFC7365] Lasserre et al., "Framework for DC Network Virtualization", [RFC7365] Lasserre et al., "Framework for DC Network Virtualization",
RFC 7365, October 2014. RFC 7365, October 2014.
[DCI-EVPN-OVERLAY] Rabadan et al., "Interconnect Solution for EVPN [DCI-EVPN-OVERLAY] Rabadan et al., "Interconnect Solution for EVPN
Overlay networks", draft-ietf-bess-dci-evpn-overlay-05, work in Overlay networks", draft-ietf-bess-dci-evpn-overlay-08, work in
progress, July 18, 2017. progress, February 8, 2018.
[RFC4271] Y. Rekhter, Ed., T. Li, Ed., S. Hares, Ed., "A Border [RFC4271] Y. Rekhter, Ed., T. Li, Ed., S. Hares, Ed., "A Border
Gateway Protocol 4 (BGP-4)", January 2006. Gateway Protocol 4 (BGP-4)", January 2006.
[RFC4364] Rosen, E., et al, "BGP/MPLS IP Virtual Private Networks [RFC4364] Rosen, E., et al, "BGP/MPLS IP Virtual Private Networks
(VPNs)", RFC 4364, February 2006. (VPNs)", RFC 4364, February 2006.
[TUNNEL-ENCAP] Rosen et al., "The BGP Tunnel Encapsulation
Attribute", draft-ietf-idr-tunnel-encaps-08, work in progress,
January 11, 2018.
[RFC6514] R. Aggarwal et al., "BGP Encodings and Procedures for [RFC6514] R. Aggarwal et al., "BGP Encodings and Procedures for
Multicast in MPLS/BGP IP VPNs", RFC 6514, February 2012 Multicast in MPLS/BGP IP VPNs", RFC 6514, February 2012
[VXLAN-GPE] Maino et al., "Generic Protocol Extension for VXLAN", [VXLAN-GPE] Maino et al., "Generic Protocol Extension for VXLAN",
draft-ietf-nvo3-vxlan-gpe-05, work in progress October 30, 2017. draft-ietf-nvo3-vxlan-gpe-05, work in progress October 30, 2017.
[GENEVE] J. Gross et al., "Geneve: Generic Network Virtualization [GENEVE] J. Gross et al., "Geneve: Generic Network Virtualization
Encapsulation", draft-ietf-nvo3-geneve-05, September 2017 Encapsulation", draft-ietf-nvo3-geneve-05, September 2017
[EVPN-GENEVE] S. Boutros et al., "EVPN control plane for Geneve", [EVPN-GENEVE] S. Boutros et al., "EVPN control plane for Geneve",
 End of changes. 9 change blocks. 
26 lines changed or deleted 30 lines changed or added

This html diff was produced by rfcdiff 1.46. The latest version is available from http://tools.ietf.org/tools/rfcdiff/