< draft-boutros-l2vpn-evpn-vpws-02.txt   draft-boutros-l2vpn-evpn-vpws-03.txt >
skipping to change at page 1, line 13 skipping to change at page 1, line 13
INTERNET-DRAFT Sami Boutros INTERNET-DRAFT Sami Boutros
Intended Status: Standard Track Ali Sajassi Intended Status: Standard Track Ali Sajassi
Samer Salam Samer Salam
Cisco Systems Cisco Systems
John Drake John Drake
Juniper Networks Juniper Networks
Jeff Tantsura Jeff Tantsura
Ericsson Ericsson
Expires: April 24, 2014 October 21, 2013
Dirk Steinberg
Steinberg Consulting
Expires: August 18, 2014 February 14, 2014
VPWS support in E-VPN VPWS support in E-VPN
draft-boutros-l2vpn-evpn-vpws-02.txt draft-boutros-l2vpn-evpn-vpws-03.txt
Abstract Abstract
This document describes how E-VPN can be used to support virtual This document describes how E-VPN can be used to support virtual
private wire service (VPWS) in MPLS/IP networks. E-VPN enables the private wire service (VPWS) in MPLS/IP networks. E-VPN enables the
following characteristics for VPWS: single-active as well as all- following characteristics for VPWS: single-active as well as all-
active multi-homing with flow-based load-balancing, eliminates the active multi-homing with flow-based load-balancing, eliminates the
need for single-segment and multi-segment PW signaling, and provides need for single-segment and multi-segment PW signaling, and provides
fast protection using data-plane prefix independent convergence upon fast protection using data-plane prefix independent convergence upon
node or link failure. node or link failure.
skipping to change at page 1, line 45 skipping to change at page 2, line 4
other groups may also distribute working documents as other groups may also distribute working documents as
Internet-Drafts. Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/1id-abstracts.html http://www.ietf.org/1id-abstracts.html
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html http://www.ietf.org/shadow.html
Copyright and License Notice Copyright and License Notice
Copyright (c) 2013 IETF Trust and the persons identified as the Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1 Terminology . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1 Terminology . . . . . . . . . . . . . . . . . . . . . . . . 3
2. BGP Extensions . . . . . . . . . . . . . . . . . . . . . . . . 4 1.2 Requirements . . . . . . . . . . . . . . . . . . . . . . . . 4
3 Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 2. BGP Extensions . . . . . . . . . . . . . . . . . . . . . . . . 5
4 EVPN Comparison to PW Signaling . . . . . . . . . . . . . . . . 5 3 Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
5 ESI Bandwidth . . . . . . . . . . . . . . . . . . . . . . . . . 6 4 EVPN Comparison to PW Signaling . . . . . . . . . . . . . . . . 6
6 ESI value derivation . . . . . . . . . . . . . . . . . . . . . . 6 5 ESI Bandwidth . . . . . . . . . . . . . . . . . . . . . . . . . 7
7 VPWS with multiple sites . . . . . . . . . . . . . . . . . . . . 6 6 ESI value derivation and Eth-tag setting . . . . . . . . . . . . 7
8 Security Considerations . . . . . . . . . . . . . . . . . . . . 6 7 VPWS with multiple sites . . . . . . . . . . . . . . . . . . . . 8
9 IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 7 8 Security Considerations . . . . . . . . . . . . . . . . . . . . 8
10 References . . . . . . . . . . . . . . . . . . . . . . . . . . 7 9 IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 8
10.1 Normative References . . . . . . . . . . . . . . . . . . . 7 10 References . . . . . . . . . . . . . . . . . . . . . . . . . . 8
10.2 Informative References . . . . . . . . . . . . . . . . . . 7 10.1 Normative References . . . . . . . . . . . . . . . . . . . 8
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 7 10.2 Informative References . . . . . . . . . . . . . . . . . . 8
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 9
1 Introduction 1 Introduction
This document describes how EVPN can be used to support virtual This document describes how EVPN can be used to support virtual
private wire service (VPWS) in MPLS/IP networks. The use of EVPN private wire service (VPWS) in MPLS/IP networks. The use of EVPN
mechanisms for VPWS brings the benefits of EVPN to p2p services. mechanisms for VPWS brings the benefits of EVPN to p2p services.
These benefits include single-active redundancy as well as all-active These benefits include single-active redundancy as well as all-active
redundancy with flow-based load-balancing. Furthermore, the use of redundancy with flow-based load-balancing. Furthermore, the use of
EVPN for VPWS eliminates the need for signaling single-segment and EVPN for VPWS eliminates the need for signaling single-segment and
multi-segment PWs for p2p Ethernet services. multi-segment PWs for p2p Ethernet services.
skipping to change at page 4, line 22 skipping to change at page 4, line 22
or more PEs and when only a single PE in such redundancy group can or more PEs and when only a single PE in such redundancy group can
forward traffic to/from the multi-homed device or network for a given forward traffic to/from the multi-homed device or network for a given
VLAN, then such multi-homing or redundancy is referred to as "Single- VLAN, then such multi-homing or redundancy is referred to as "Single-
Active". Active".
All-Active: When a device is multi-homed to two or more PEs and when All-Active: When a device is multi-homed to two or more PEs and when
all PEs in such redundancy group can forward traffic to/from the all PEs in such redundancy group can forward traffic to/from the
multi-homed device for a given VLAN, then such multi-homing or multi-homed device for a given VLAN, then such multi-homing or
redundancy is referred to as "All-Active". redundancy is referred to as "All-Active".
1.2 Requirements
1. EPL service access circuit maps to the whole Ethernet port.
2. EVPL service access circuits are VLANs on single or double tagged
trunk ports. Each VLAN individually will be considered to be an
endpoint for an EVPL service, without any direct dependency on any
other VLANs on the trunk. Other VLANs on the same trunk could also be
used for EVPL services, but could also be associated with other
services.
3. If multiple VLANs on the same trunk are associated with EVPL
services, the respective remote endpoints of these EVPLs could be
dispersed across any number of PEs, i.e. different VLANs may lead to
different destinations.
4. The VLAN tag on the access trunk only has PE-local significance.
The VLAN tag on the remote end could be different, and could also be
double tagged when the other side is single tagged.
5. Also, multiple EVPL service VLANs on the same trunk could belong
to the same EVPN instance (EVI), or they could belong to different
EVIs. This should be purely an administrative choice of the network
operator.
6. A given access trunk could have hundreds of EVPL services, and a
given PE could have thousands of EVPLs configured. It must be
possible to configure multiple EVPL services within the same EVI.
7. Local access circuits configured to belong to a given EVPN
instance could also belong to different physical access trunks.
2. BGP Extensions 2. BGP Extensions
[EVPN] defines a new BGP NLRI for advertising different route types [EVPN] defines a new BGP NLRI for advertising different route types
for EVPN operation. This document does not define any new BGP for EVPN operation. This document does not define any new BGP
messages, but rather re-purposes one of the routes as described next. messages, but rather re-purposes one of the routes as described next.
This document proposes the use of the per EVI Ethernet AD route to This document proposes the use of the per EVI Ethernet AD route to
signal P2P services. The Ethernet Segment Identifier field is set to signal P2P services. The Ethernet Segment Identifier field is set to
the ESI of the attachment circuit of the VPWS service instance. The the ESI of the attachment circuit of the VPWS service instance. The
Ethernet Tag field is set to 0 in the case of an Ethernet Private Ethernet Tag field is set to 0 in the case of an Ethernet Private
Wire service, and to the VLAN identifier associated with the service Wire service, and to the VLAN identifier associated with the service
for Ethernet Virtual Private Wire service. The route is associated for Ethernet Virtual Private Wire service. The Route-Target (RT)
with a Route-Target (RT) extended community attribute that identifies extended community that identifies the VPN associated with the p2p
the service instance (together with the Ethernet Tag field when non- EVPLs where each EVPL is identified by <ESI,Eth tag>.
zero).
3 Operation 3 Operation
The following figure shows an example of a P2P service deployed with The following figure shows an example of a P2P service deployed with
EVPN. EVPN.
Ethernet Ethernet Ethernet Ethernet
Native |<--------- EVPN Instance ----------->| Native Native |<--------- EVPN Instance ----------->| Native
Service | | Service Service | | Service
(AC) | |<-PSN1->| |<-PSN2->| | (AC) (AC) | |<-PSN1->| |<-PSN2->| | (AC)
| V V V V V V | | V V V V V V |
skipping to change at page 5, line 32 skipping to change at page 6, line 14
addresses. The link between the CE and the PE is either a C-tagged or addresses. The link between the CE and the PE is either a C-tagged or
S-tagged interface, as described in [802.1Q], that can carry a single S-tagged interface, as described in [802.1Q], that can carry a single
VLAN tag or two nested VLAN tags. This interface is set up as a trunk VLAN tag or two nested VLAN tags. This interface is set up as a trunk
with multiple VLANs. with multiple VLANs.
A VPWS with multiple sites or multiple EVPL services on the same CE A VPWS with multiple sites or multiple EVPL services on the same CE
port can be included in one EVI between 2 or more PEs. An Ethernet port can be included in one EVI between 2 or more PEs. An Ethernet
Tag corresponding to each P2P connection and known to both PEs is Tag corresponding to each P2P connection and known to both PEs is
used to identify the services multiplexed in the same EVI. used to identify the services multiplexed in the same EVI.
For CE single-homing the ESI field must be set to 0 in the Ethernet
AD route, the <Eth-tag> field will be set to the AC-ID of the EVPL or
EPL service.
For CE multi-homing, the Ethernet AD Route encodes the ESI associated For CE multi-homing, the Ethernet AD Route encodes the ESI associated
with the CE. This allows flow-based load-balancing of traffic between with the CE. This allows flow-based load-balancing of traffic between
PEs connected to the same multi-homed CE. The VPN ID MUST be the same PEs connected to the same multi-homed CE. The AC ID encoded in the
on both PEs attached to the site. The Ethernet Segment route may be tag field MUST be the same on both PEs attached to the site. The
used too, for discovery of multi-homed CEs. In all cases traffic Ethernet Segment route may be used too, for discovery of multi-homed
follows the transport paths, which may be asymmetric. CEs. In all cases traffic follows the transport paths, which may be
asymmetric.
The <Eth-tag> field of the EVI EAD route represents the AC-ID of the
EPL and EVPL service.
EPL service need to be identified by a non 0 <Eth-tag> field in the
Ethernet AD route.
The <Eth-tag> field value representing the AC-ID of the EPL/EVPL
service of the remote side may be equal to the local side.
An operator may choose to associate many per EVI EAD routes with
different ESIs and tags to the same Route-Target (RT) extended
community attribute. As such, the association of per EVI EAD routes
to the same RT is a network operator design choice.
Per ES EAD route can be used for mass withdraw to withdraw all per
EVI EAD routes associated with the multi-home site on a given PE.
The VLANs on the two ACs of a given EVPL service may have different
VLANs. EVPN doesn't perform that translation, and that it should be
handled by the Ethernet interface.
4 EVPN Comparison to PW Signaling 4 EVPN Comparison to PW Signaling
In EVPN, service endpoint discovery and label signaling are done In EVPN, service endpoint discovery and label signaling are done
concurrently using BGP. Whereas, with VPWS based on [RFC4448], label concurrently using BGP. Whereas, with VPWS based on [RFC4448], label
signaling is done via LDP and service endpoint discovery is either signaling is done via LDP and service endpoint discovery is either
through manual provisioning or through BGP. In existing through manual provisioning or through BGP.
implementation of VPWS using pseudowires(PWs), redundancy is limited
to single-active mode, while with EVPN implementation of VPWS both In existing implementation of VPWS using pseudowires(PWs), redundancy
single-active and all-active redundancy modes can be supported. In is limited to single-active mode, while with EVPN implementation of
existing implementation with PWs, backup PWs are not used to carry VPWS both single-active and all-active redundancy modes can be
traffic, while with EVPN, traffic can be load-balanced among primary supported.
and secondary PEs. Upon link or node failure, EVPN can trigger
failover with the withdrawal of a single BGP route per service, In existing implementation with PWs, backup PWs are not used to carry
whereas with VPWS PW redundancy, the failover sequence requires traffic, while with EVPN, traffic can be load-balanced among
exchange of two control plane messages: one message to deactivate the different PEs multi-homed to a single CE.
group of primary PWs and a second message to activate the group of
backup PWs associated with the access link. Finally, EVPN may employ Upon link or node failure, EVPN can trigger failover with the
data plane local repair mechanisms not available in VPWS. withdrawal of a single BGP route per EVPL service or multiple EVPL
services, whereas with VPWS PW redundancy, the failover sequence
requires exchange of two control plane messages: one message to
deactivate the group of primary PWs and a second message to activate
the group of backup PWs associated with the access link. Finally,
EVPN may employ data plane local repair mechanisms not available in
VPWS.
5 ESI Bandwidth 5 ESI Bandwidth
The ESI Bandwidth will be encoded using the Link Bandwidth Extended The ESI Bandwidth will be encoded using the Link Bandwidth Extended
community defined in [draft-ietf-idr-link-bandwidth] and associated community defined in [draft-ietf-idr-link-bandwidth] and associated
with the Ethernet AD route used to realize the EVPL services. with the Ethernet AD route used to realize the EVPL services.
When a PE receives this attribute for a given EVPL it MUST request When a PE receives this attribute for a given EVPL it MUST request
the required bandwidth from the PSN towards the other EVPL service the required bandwidth from the PSN towards the other EVPL service
destination PE originating the message. When resources are allocated destination PE originating the message. When resources are allocated
from the PSN for a given EVPL service, then the PSN SHOULD account from the PSN for a given EVPL service, then the PSN SHOULD account
for the Bandwidth requested by this EVPL service. for the Bandwidth requested by this EVPL service.
In the case where PSN resources are not available, the PE receiving In the case where PSN resources are not available, the PE receiving
this attribute MUST re-send its local Ethernet AD routes for this this attribute MUST re-send its local Ethernet AD routes for this
EVPL service with the ESI Bandwidth = All FFs to declare that the EVPL service with the ESI Bandwidth = All FFs to declare that the
"PSN Resources Unavailable". "PSN Resources Unavailable".
6 ESI value derivation The scope of the ESI Bandwidth is limited to only one Autonomous
System.
The 10 bytes ESI value will contain:- 6 ESI value derivation and Eth-tag setting
1) 6-byte System-ID that is globally unique. These 6 bytes can be The ESI value is set per [EVPN] procedures - e.g., it is set to 0
auto derived using a mechanism similar to the one used for for single home sites and can be manually configured or auto-derived
automating B-MAC Address Assignment in [PBB-EVPN]. for multi-homed sites.
2) 4-byte Local-AC-ID that is unique within each PE. The <Eth-tag> field in the Ethernet A-D per EVI route is set to the
AC-ID representing the EPL or EVPL service. This is different from
the baseline [EVPN] Where <Eth-tag> field is set only for VLAN-aware
bundle service.
The combination of System-ID and Local-AC-ID makes the associated AC- The AC-ID value SHOULD be the same at both sides of the EPL or EVPL
ID globally unique. A pair of such globally unique AC-ID identifies a service and it SHOULD be unique within an AS.
point-to-point service (EVPL or EPL) uniquely in the provider
network. "EVI" for VPWS services MUST be different from multipoint services
specified in baseline [EVPN]. This implies the corresponding RTs for
VPWS and multipoint services needs to be different.
AC-IDs in the <Eth-tag> field MUST be unique within one AS, an ASBR
MAY be required to perform AC-IDs translations if the AC-IDs are not
unique across multiple ASs.
Local and remote AC-IDs of a given EVPL or EPL service, are
configured by an operator to connect the 2 sides of the EPL/EVPL
services at both sides of the services.
7 VPWS with multiple sites 7 VPWS with multiple sites
The future revision of this draft will describe how a VPWS among The VPWS among multiple sites (full mesh of P2P connections - one per
multiple sites (full mesh of P2P connections - one per pair of sites) pair of sites) that can be setup automatically without any explicit
can be setup automatically without any explicit provisioning of P2P provisioning of P2P connections among the sites is outside the scope
connections among the sites. of this document.
8 Security Considerations 8 Security Considerations
This document does not introduce any additional security constraints. This document does not introduce any additional security constraints.
9 IANA Considerations 9 IANA Considerations
TBD TBD
10 References 10 References
10.1 Normative References 10.1 Normative References
[KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate [KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate
skipping to change at page 7, line 34 skipping to change at page 9, line 15
[PBB-EVPN] A. Sajassi et. al., "PBB-EVPN", draft-ietf-l2vpn-pbb-evpn- [PBB-EVPN] A. Sajassi et. al., "PBB-EVPN", draft-ietf-l2vpn-pbb-evpn-
05.txt. 05.txt.
[draft-ietf-idr-link-bandwidth] P. Mohapatra, R. Fernando, "BGP Link [draft-ietf-idr-link-bandwidth] P. Mohapatra, R. Fernando, "BGP Link
Bandwidth Extended Community", draft-ietf-idr-link-bandwidth-06.txt Bandwidth Extended Community", draft-ietf-idr-link-bandwidth-06.txt
Authors' Addresses Authors' Addresses
Sami Boutros Sami Boutros
Cisco Cisco
170 West Tasman Drive
San Jose, CA 95134, US
Email: sboutros@cisco.com Email: sboutros@cisco.com
Ali Sajassi Ali Sajassi
Cisco Cisco
170 West Tasman Drive
San Jose, CA 95134, US
Email: sajassi@cisco.com Email: sajassi@cisco.com
Samer Salam Samer Salam
Cisco Cisco
595 Burrard Street, Suite 2123
Vancouver, BC V7X 1J1, Canada
Email: ssalam@cisco.com Email: ssalam@cisco.com
John Drake John Drake
Juniper Networks Juniper Networks
Email: jdrake@juniper.net Email: jdrake@juniper.net
Jeff Tantsura Jeff Tantsura
Ericsson Ericsson
Email: jeff.tantsura@ericsson.com Email: jeff.tantsura@ericsson.com
Dirk Steinberg
Steinberg Consulting
Email: dws@steinbergnet.net
Patrice Brissette
Cisco
Email: pbrisset@cisco.com
 End of changes. 22 change blocks. 
57 lines changed or deleted 133 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/