idnits 2.17.1 draft-ietf-bess-evpn-vpws-13.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (May 4, 2017) is 2550 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFCXXXX' is mentioned on line 533, but not defined ** Obsolete normative reference: RFC 5226 (Obsoleted by RFC 8126) ** Downref: Normative reference to an Informational RFC: RFC 7348 Summary: 2 errors (**), 0 flaws (~~), 2 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 INTERNET-DRAFT Sami Boutros 3 Intended Status: Standard Track VMware 4 Ali Sajassi 5 Samer Salam 6 Cisco Systems 7 John Drake 8 Juniper Networks 9 J. Rabadan 10 Nokia 12 Expires: November 5, 2017 May 4, 2017 14 VPWS support in EVPN 15 draft-ietf-bess-evpn-vpws-13.txt 17 Abstract 19 This document describes how EVPN can be used to support Virtual 20 Private Wire Service (VPWS) in MPLS/IP networks. EVPN enables the 21 following characteristics for VPWS: single-active as well as all- 22 active multi-homing with flow-based load-balancing, eliminates the 23 need for Pseudowire (PW) signaling, and provides fast protection 24 convergence upon node or link failure. 26 Status of this Memo 28 This Internet-Draft is submitted to IETF in full conformance with the 29 provisions of BCP 78 and BCP 79. 31 Internet-Drafts are working documents of the Internet Engineering 32 Task Force (IETF), its areas, and its working groups. Note that 33 other groups may also distribute working documents as 34 Internet-Drafts. 36 Internet-Drafts are draft documents valid for a maximum of six months 37 and may be updated, replaced, or obsoleted by other documents at any 38 time. It is inappropriate to use Internet-Drafts as reference 39 material or to cite them other than as "work in progress." 41 The list of current Internet-Drafts can be accessed at 42 http://www.ietf.org/1id-abstracts.html 44 The list of Internet-Draft Shadow Directories can be accessed at 45 http://www.ietf.org/shadow.html 47 Copyright and License Notice 48 Copyright (c) 2017 IETF Trust and the persons identified as the 49 document authors. All rights reserved. 51 This document is subject to BCP 78 and the IETF Trust's Legal 52 Provisions Relating to IETF Documents 53 (http://trustee.ietf.org/license-info) in effect on the date of 54 publication of this document. Please review these documents 55 carefully, as they describe your rights and restrictions with respect 56 to this document. Code Components extracted from this document must 57 include Simplified BSD License text as described in Section 4.e of 58 the Trust Legal Provisions and are provided without warranty as 59 described in the Simplified BSD License. 61 Table of Contents 63 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 64 1.1 Terminology . . . . . . . . . . . . . . . . . . . . . . . . 4 65 2 Service interface . . . . . . . . . . . . . . . . . . . . . . . 6 66 2.1 VLAN-Based Service Interface . . . . . . . . . . . . . . . . 6 67 2.2 VLAN Bundle Service Interface . . . . . . . . . . . . . . . 6 68 2.2.1 Port-Based Service Interface . . . . . . . . . . . . . . 6 69 2.3 VLAN-Aware Bundle Service Interface . . . . . . . . . . . . 6 70 3. BGP Extensions . . . . . . . . . . . . . . . . . . . . . . . . 7 71 3.1 EVPN Layer 2 attributes extended community . . . . . . . . . 7 72 4 Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 73 5 EVPN Comparison to PW Signaling . . . . . . . . . . . . . . . . 10 74 6 Failure Scenarios . . . . . . . . . . . . . . . . . . . . . . . 11 75 6.1 Single-Homed CEs . . . . . . . . . . . . . . . . . . . . . . 11 76 6.2 Multi-Homed CEs . . . . . . . . . . . . . . . . . . . . . . 11 77 7 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 12 78 8 Security Considerations . . . . . . . . . . . . . . . . . . . . 12 79 9 IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 12 80 10 References . . . . . . . . . . . . . . . . . . . . . . . . . . 12 81 10.1 Normative References . . . . . . . . . . . . . . . . . . . 12 82 10.2 Informative References . . . . . . . . . . . . . . . . . . 13 83 Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 84 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 13 86 1 Introduction 88 This document describes how EVPN can be used to support Virtual 89 Private Wire Service (VPWS) in MPLS/IP networks. The use of EVPN 90 mechanisms for VPWS (EVPN-VPWS) brings the benefits of EVPN to P2P 91 services. These benefits include single-active redundancy as well as 92 all-active redundancy with flow-based load-balancing. Furthermore, 93 the use of EVPN for VPWS eliminates the need for traditional way of 94 PW signaling for P2P Ethernet services, as described in section 4. 96 [RFC7432] provides the ability to forward customer traffic to/from a 97 given customer Attachment Circuit (AC), without any MAC lookup. This 98 capability is ideal in providing P2P services (aka VPWS services). 99 [MEF] defines Ethernet Virtual Private Line (EVPL) service as P2P 100 service between a pair of ACs (designated by VLANs) and Ethernet 101 Private Line (EPL) service, in which all traffic flows are between a 102 single pair of ports, that in EVPN terminology would mean a single 103 pair of Ethernet Segments ES(es). EVPL can be considered as a VPWS 104 with only two ACs. In delivering an EVPL service, the traffic 105 forwarding capability of EVPN is based on the exchange of a pair of 106 Ethernet Auto-discovery (A-D) routes; whereas, for more general VPWS 107 as per [RFC4664], traffic forwarding capability of EVPN is based on 108 the exchange of a group of Ethernet AD routes (one Ethernet AD route 109 per AC/ES). In a VPWS service, the traffic from an originating 110 Ethernet Segment can be forwarded only to a single destination 111 Ethernet Segment; hence, no MAC lookup is needed and the MPLS label 112 associated with the per EVPN instance (EVI) Ethernet A-D route can be 113 used in forwarding user traffic to the destination AC. 115 For both EPL and EVPL services, a specific VPWS service instance is 116 identified by a pair of per-EVI Ethernet A-D routes which together 117 identify the VPWS service instance endpoints and the VPWS service 118 instance. In the control plane the VPWS service instance is 119 identified using the VPWS service instance identifiers advertised by 120 each PE. In the data plane the value of the MPLS label advertised by 121 one PE is used by the other PE to send traffic for that VPWS service 122 instance. As with the Ethernet Tag in standard EVPN, the VPWS service 123 instance identifier has uniqueness within an EVPN instance. 125 For EVPN routes, the Ethernet Tag IDs are set to zero for Port-based, 126 VLAN-based, and VLAN-bundle interface mode and set to non-zero 127 Ethernet Tag IDs for VLAN-aware bundle mode. Conversely, for EVPN- 128 VPWS, the Ethernet Tag ID in the Ethernet A-D route MUST be set to a 129 non-zero value for all four service interface types. 131 In terms of route advertisement and MPLS label lookup behavior, EVPN- 132 VPWS resembles the VLAN-aware bundle mode of [RFC7432] such that when 133 a PE advertises per-EVI Ethernet A-D route, the VPWS service instance 134 serves as a 32-bit normalized Ethernet Tag ID. The value of the MPLS 135 label in this route represents both the EVI and the VPWS service 136 instance, so that upon receiving an MPLS encapsulated packet, the 137 disposition PE can identify the egress AC from the MPLS label and 138 subsequently perform any required tag translation. For EVPL service, 139 the Ethernet frames transported over an MPLS/IP network SHOULD remain 140 tagged with the originating VLAN-ID (VID) and any VID translation 141 MUST be performed at the disposition PE. For EPL service, the 142 Ethernet frames are transported as is and the tags are not altered. 144 The MPLS label value in the Ethernet A-D route can be set to the 145 Virtual Extensible LAN (VXLAN) Network Identifier (VNI) for VXLAN 146 encap as per [RFC7348], and this VNI will have a local scope per PE 147 and may also be equal to the VPWS service instance identifier set in 148 the Ethernet A-D route. When using VXLAN encap, the BGP Encapsulation 149 extended community is included in the Ethernet A-D route as described 150 in [ietf-evpn-overlay]. The VXLAN VNI like the MPLS label that will 151 be set in the tunnel header used to tunnel Ethernet packets from all 152 the service interface types defined in section 2. The EVPN-VPWS 153 techniques defined in this document has no dependency on the 154 tunneling technology. 156 The Ethernet Segment identifier encoded in the Ethernet A-D per-EVI 157 route is not used to identify the service. However it can be used for 158 flow-based load-balancing and mass withdraw functions as per the 159 [RFC7432] baseline. 161 As with standard EVPN, the Ethernet A-D per-ES route is used for fast 162 convergence upon link or node failure. The Ethernet Segment route is 163 used for auto-discovery of the PEs attached to a given multi-homed CE 164 and to synchronize state between them. 166 1.1 Terminology 168 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 169 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 170 document are to be interpreted as described in RFC 2119 [RFC2119]. 172 MAC: Media Access Control 174 MPLS: Multi Protocol Label Switching. 176 OAM: Operations, Administration and Maintenance. 178 PE: Provide Edge Node. 180 ASBR: Autonomous System Border Router 182 CE: Customer Edge device e.g., host or router or switch. 184 EVPL: Ethernet Virtual Private Line. 186 EPL: Ethernet Private Line. 188 EP-LAN: Ethernet Private LAN. 190 EVP-LAN: Ethernet Virtual Private LAN. 192 S-VLAN: Service VLAN identifier. 194 C-VLAN: Customer VLAN identifier. 196 VID: VLAN-ID. 198 VPWS: Virtual Private Wire Service. 200 EVI: EVPN Instance. 202 P2P: Point to Point. 204 VXLAN: Virtual Extensible LAN. 206 ES: Ethernet Segment on a PE refers to the link attached to it, this 207 link can be part of a set of links attached to different PEs in multi 208 homed cases, or could be a single link in single homed cases. 210 ESI: Ethernet Segment Identifier. 212 Single-Active Mode: When a device or a network is multi-homed to two 213 or more PEs and when only a single PE in such redundancy group can 214 forward traffic to/from the multi-homed device or network for a given 215 VLAN, then such multi-homing or redundancy is referred to as "Single- 216 Active". 218 All-Active: When a device is multi-homed to two or more PEs and when 219 all PEs in such redundancy group can forward traffic to/from the 220 multi-homed device for a given VLAN, then such multi-homing or 221 redundancy is referred to as "All-Active". 223 VPWS Service Instance: It is represented by a pair of EVPN service 224 labels associated with a pair of endpoints. Each label is downstream 225 assigned and advertised by the disposition PE through an Ethernet A-D 226 per-EVI route. The downstream label identifies the endpoint on the 227 disposition PE. A VPWS service instance can be associated with only 228 one VPWS service identifier. 230 2 Service interface 232 2.1 VLAN-Based Service Interface 234 With this service interface, a VPWS instance identifier corresponds 235 to only a single VLAN on a specific interface. Therefore, there is a 236 one-to-one mapping between a VID on this interface and the VPWS 237 service instance identifier. The PE provides the cross-connect 238 functionality between an MPLS LSP identified by the VPWS service 239 instance identifier and a specific . If the VLAN is 240 represented by different VIDs on different PEs and different ES(es), 241 (e.g., a different VID per Ethernet segment per PE), then each PE 242 needs to perform VID translation for frames destined to its Ethernet 243 segment. In such scenarios, the Ethernet frames transported over an 244 MPLS/IP network SHOULD remain tagged with the originating VID, and a 245 VID translation MUST be supported in the data path and MUST be 246 performed on the disposition PE. 248 2.2 VLAN Bundle Service Interface 250 With this service interface, a VPWS service instance identifier 251 corresponds to multiple VLANs on a specific interface. The PE 252 provides the cross-connect functionality between the MPLS label 253 identified by the VPWS service instance identifier and a group of 254 VLANs on a specific interface. For this service interface, each VLAN 255 is presented by a single VID which means no VLAN translation is 256 allowed. The receiving PE, can direct the traffic based on EVPN label 257 alone to a specific port. The transmitting PE can cross-connect 258 traffic from a group of VLANs on a specific port to the MPLS label. 259 The MPLS-encapsulated frames MUST remain tagged with the originating 260 VID. 262 2.2.1 Port-Based Service Interface 264 This service interface is a special case of the VLAN bundle service 265 interface, where all of the VLANs on the port are mapped to the same 266 VPWS service instance identifier. The procedures are identical to 267 those described in Section 2.2. 269 2.3 VLAN-Aware Bundle Service Interface 271 Contrary to EVPN, in EVPN-VPWS this service interface maps to a VLAN- 272 based service interface (defined in section 2.1) and thus this 273 service interface is not used in EVPN-VPWS. In other words, if one 274 tries to define data plane and control plane behavior for this 275 service interface, one would realize that it is the same as that of 276 VLAN-based service. 278 3. BGP Extensions 280 This document specifies the use of the per-EVI Ethernet A-D route to 281 signal VPWS services. The Ethernet Segment Identifier field is set to 282 the customer ES and the Ethernet Tag ID 32-bit field MUST be set to 283 the VPWS service instance identifier value. The VPWS service instance 284 identifier value MAY be set to a 24-bit value and when a 24-bit value 285 is used, it MUST be right aligned. For both EPL and EVPL services 286 using a given VPWS service instance, the pair of PEs instantiating 287 that VPWS service instance will each advertise a per-EVI Ethernet A-D 288 route with its VPWS service instance identifier and will each be 289 configured with the other PE's VPWS service instance identifier. When 290 each PE has received the other PE's per-EVI Ethernet A-D route, the 291 VPWS service instance is instantiated. It should be noted that the 292 same VPWS service instance identifier may be configured on both PEs. 294 The Route-Target (RT) extended community with which the per-EVI 295 Ethernet A-D route is tagged identifies the EVPN instance in which 296 the VPWS service instance is configured. It is the operator's choice 297 as to how many and which VPWS service instances are configured in a 298 given EVPN instance. However, a given EVPN instance MUST NOT be 299 configured with both VPWS service instances and standard EVPN multi- 300 point services. 302 3.1 EVPN Layer 2 attributes extended community 304 This document defines a new extended community [RFC4360], to be 305 included with per-EVI Ethernet A-D routes. This attribute is 306 mandatory if multihoming is enabled. 308 +------------------------------------+ 309 | Type(0x06)/Sub-type(0x04)(2 octet)| 310 +------------------------------------+ 311 | Control Flags (2 octets) | 312 +------------------------------------+ 313 | L2 MTU (2 octets) | 314 +------------------------------------+ 315 | Reserved (2 octets) | 316 +------------------------------------+ 318 Figure 1: EVPN Layer 2 attributes extended community 320 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 321 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 322 | MBZ |C|P|B| (MBZ = MUST Be Zero) 323 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 325 Figure 2: EVPN Layer 2 attributes Control Flags 327 The following bits in the Control Flags are defined; the remaining 328 bits MUST be set to zero when sending and MUST be ignored when 329 receiving this community. 331 Name Meaning 333 P If set to 1 in multihoming single-active scenarios, it 334 indicates that the advertising PE is the Primary PE. 335 MUST be set to 1 for multihoming all-active scenarios by 336 all active PE(s). 338 B If set to 1 in multihoming single-active scenarios, it 339 indicates that the advertising PE is the Backup PE. 341 C If set to 1, a Control word [RFC4448] MUST be present 342 when sending EVPN packets to this PE. It is recommended to 343 include the control word in the absence of Entropy Label. 345 L2 MTU (Maximum Transmission Unit) is a 2-octet value indicating the 346 MTU in bytes. 348 A received L2 MTU of zero means no MTU checking against local MTU is 349 needed. A received non-zero MTU MUST be checked against local MTU and 350 if there is a mismatch, the local PE MUST NOT add the remote PE as 351 the EVPN destination for the corresponding VPWS service instance. 353 The usage of the Per ES Ethernet A-D route is unchanged from its 354 usage in [RFC7432], i.e., the "Single-Active" bit in the flags of the 355 ESI Label extended community will indicate if single-active or all- 356 active redundancy is used for this ES. 358 In multihoming scenarios, the B and P flags MUST be cleared. A PE 359 that receives an update with both B and P flags set MUST treat the 360 route as a withdrawal. If the PE receives a route with both B and P 361 clear, it MUST treat the route as a withdrawal from the sender PE. 363 In a multihoming all-active scenario, there is no DF election, and 364 all the PEs in the ES that are active and ready to forward traffic 365 to/from the CE will set the P Flag. A remote PE will do per-flow 366 load-balancing to the PEs that set the P Flag for the same Ethernet 367 Tag and ESI. The B Flag in control flags SHOULD NOT be set in the 368 multihoming all-active scenario and MUST be ignored by receiving 369 PE(s) if set. 371 In multihoming single-active scenario for a given VPWS service 372 instance, the DF election should result in the Primary-elected PE for 373 the VPWS service instance advertising the P Flag set and the B Flag 374 clear, the Backup elected PE should advertise the P Flag clear and 375 the B Flag set, and the rest of the PEs in the same ES should signal 376 both P and B Flags clear. When the primary PE/ES fails, the primary 377 PE will withdraw the associated Ethernet A-D routes for the VPWS 378 service instance from the remote PE and the remote PEs should then 379 send traffic associated with the VPWS instance to the backup PE. DF 380 re-election will happen between the PE(s) in the same ES, and there 381 will be a newly elected primary PE and newly elected backup PE that 382 will signal the P and B Flags as described. A remote PE SHOULD 383 receive the P Flag set from only one Primary PE and the B Flag set 384 from only one Backup PE. However during transient situations, a 385 remote PE receiving a P Flag set from more than one PE will select 386 the last advertising PE as the primary PE when forwarding traffic. A 387 remote PE receiving a B Flag set from more than one PE will select 388 the last advertising PE as the backup PE. A remote PE MUST receive P 389 Flag set from at least one PE before forwarding traffic. 391 If a network uses entropy labels per [RFC6790] then the C Flag MUST 392 NOT be set and control word MUST NOT be used when sending EVPN- 393 encapsulated packets over a P2P LSP. 395 4 Operation 397 The following figure shows an example of a P2P service deployed with 398 EVPN. 399 Ethernet Ethernet 400 Native |<--------- EVPN Instance ----------->| Native 401 Service | | Service 402 (AC) | |<-PSN1->| |<-PSN2->| | (AC) 403 | V V V V V V | 404 | +-----+ +-----+ +-----+ +-----+ | 405 +----+ | | PE1 |======|ASBR1|==|ASBR2|===| PE3 | | +----+ 406 | |-------+-----+ +-----+ +-----+ +-----+-------| | 407 | CE1| | | |CE2 | 408 | |-------+-----+ +-----+ +-----+ +-----+-------| | 409 +----+ | | PE2 |======|ASBR3|==|ASBR4|===| PE4 | | +----+ 410 ^ +-----+ +-----+ +-----+ +-----+ ^ 411 | Provider Edge 1 ^ Provider Edge 2 | 412 | | | 413 | | | 414 | EVPN Inter-provider point | 415 | | 416 |<---------------- Emulated Service -------------------->| 418 Figure 3: EVPN-VPWS Deployment Model 419 iBGP sessions are established between PE1, PE2, ASBR1 and ASBR3, 420 possibly via a BGP route-reflector. Similarly, iBGP sessions are 421 established between PE3, PE4, ASBR2 and ASBR4. eBGP sessions are 422 established among ASBR1, ASBR2, ASBR3, and ASBR4. 424 All PEs and ASBRs are enabled for the EVPN SAFI and exchange per-EVI 425 Ethernet A-D routes, one route per VPWS service instance. For inter- 426 AS option B, the ASBRs re-advertise these routes with the NEXT_HOP 427 attribute set to their IP addresses as per [RFC4271]. The link 428 between the CE and the PE is either a C-tagged or S-tagged interface, 429 as described in [802.1Q], that can carry a single VLAN tag or two 430 nested VLAN tags and it is configured as a trunk with multiple VLANs, 431 one per VPWS service instance. It should be noted that the VLAN ID 432 used by the customer at either end of a VPWS service instance to 433 identify that service instance may be different and EVPN doesn't 434 perform that translation between the two values. Rather, the MPLS 435 label will identify the VPWS service instance and if translation is 436 needed, it should be done by the Ethernet interface for each service. 438 For single-homed CE, in an advertised per-EVI Ethernet A-D route the 439 ESI field is set to 0 and the Ethernet Tag ID is set to the VPWS 440 service instance identifier that identifies the EVPL or EPL service. 442 For a multi-homed CE, in an advertised per-EVI Ethernet A-D route the 443 ESI field is set to the CE's ESI and the Ethernet Tag ID is set to 444 the VPWS service instance identifier, which MUST have the same value 445 on all PEs attached to that ES. This allows an ingress PE in a 446 multihoming all-active scenario to perform flow-based load-balancing 447 of traffic flows to all of the PEs attached to that ES. In all cases 448 traffic follows the transport paths, which may be asymmetric. 450 The VPWS service instance identifier encoded in the Ethernet Tag ID 451 in an advertised per-EVI Ethernet A-D route MUST either be unique 452 across all ASs, or an ASBR needs to perform a translation when the 453 per-EVI Ethernet A-D route is re-advertised by the ASBR from one AS 454 to the other AS. 456 A per-ES Ethernet A-D route can be used for mass withdraw to withdraw 457 all per-EVI Ethernet A-D routes associated with the multi-home site 458 on a given PE. 460 5 EVPN Comparison to PW Signaling 462 In EVPN, service endpoint discovery and label signaling are done 463 concurrently using BGP. Whereas, with VPWS based on [RFC4448], label 464 signaling is done via LDP and service endpoint discovery is either 465 through manual provisioning or through BGP. 467 In existing implementations of VPWS using pseudowires(PWs), 468 redundancy is limited to single-active mode, while with EVPN 469 implementation of VPWS both single-active and all-active redundancy 470 modes can be supported. 472 In existing implementations with PWs, backup PWs are not used to 473 carry traffic, while with EVPN, traffic can be load-balanced among 474 different PEs multi-homed to a single CE. 476 Upon link or node failure, EVPN can trigger failover with the 477 withdrawal of a single BGP route per EVPL service or multiple EVPL 478 services, whereas with VPWS PW redundancy, the failover sequence 479 requires exchange of two control plane messages: one message to 480 deactivate the group of primary PWs and a second message to activate 481 the group of backup PWs associated with the access link. 483 Finally, EVPN may employ data plane egress link protection mechanisms 484 not available in VPWS. This can be done by the primary PE (on local 485 AC down) using the label advertised in the per-EVI Ethernet A-D route 486 by the backup PE to encapsulate the traffic and direct it to the 487 backup PE. 489 6 Failure Scenarios 491 On a link or port failure between the CE and the PE for both single 492 and multi-homed CEs, unlike [RFC7432] the PE MUST withdraw all the 493 associated Ethernet A-D routes for the VPWS service instances on the 494 failed port or link. 496 6.1 Single-Homed CEs 498 Unlike [RFC7432], EVPN-VPWS uses Ethernet A-D route advertisements 499 for single-homed Ethernet Segments. Therefore, upon a link/port 500 failure of this single-homed Ethernet Segment, the PE MUST withdraw 501 the associated per-EVI Ethernet A-D routes. 503 6.2 Multi-Homed CEs 505 For a faster convergence in multi-homed scenarios with either Single- 506 Active Redundancy or All-active redundancy, a mass withdraw technique 507 is used. A PE previously advertising a per-ES Ethernet A-D route, can 508 withdraw this route by signaling to the remote PEs to switch all the 509 VPWS service instances associated with this multi-homed ES to the 510 backup PE. 512 7 Acknowledgements 514 The authors would like to acknowledge Jeffrey Zhang, Wen Lin, Nitin 515 Singh, Senthil Sathappan, Vinod Prabhu, Himanshu Shah, Iftekhar 516 Hussain, Alvaro Retana and Acee Lindem for their feedback and 517 contributions to this document. 519 8 Security Considerations 521 The mechanisms in this document use EVPN control plane as defined in 522 [RFC7432]. Security considerations described in [RFC7432] are equally 523 applicable. 525 This document uses MPLS and IP-based tunnel technologies to support 526 data plane transport. Security considerations described in [RFC7432] 527 and in [ietf-evpn-overlay] are equally applicable. 529 9 IANA Considerations 531 IANA has allocated the following EVPN Extended Community sub-type: 532 SUB-TYPE VALUE NAME Reference 533 0x04 EVPN Layer 2 Attributes [RFCXXXX] 535 This document creates a registry called "EVPN Layer 2 Attributes 536 Control Flags". New registrations will be made through the "RFC 537 Required" procedure defined in [RFC5226]. 539 Initial registrations are as follows: 541 P Advertising PE is the Primary PE. 542 B Advertising PE is the Backup PE. 543 C Control word [RFC4448] MUST be present. 545 10 References 547 10.1 Normative References 549 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 550 Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 551 1997, . 553 [RFC7432] Sajassi, A., Ed., Aggarwal, R., Bitar, N., Isaac, A., 554 Uttaro, J., Drake, J., and W. Henderickx, "BGP MPLS-Based Ethernet 555 VPN", RFC 7432, DOI 10.17487/RFC7432, February 2015, . 558 [RFC4448] Martini, L., Rosen, E., El-Aawar, N., and G. Heron, 559 "Encapsulation Methods for Transport of Ethernet over MPLS Networks", 560 RFC 4448, April 2006. 562 [RFC6790] Kompella, K., Drake, J., Amante, S., Henderickx, W., and L. 563 Yong, "The Use of Entropy Labels in MPLS Forwarding", November 2012. 565 [RFC4271] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A Border 566 Gateway Protocol 4 (BGP-4)", RFC 4271, January 2006, . 569 [RFC4360] Sangli, S., Tappan, D., and Y. Rekhter, "BGP Extended 570 Communities Attribute", RFC 4360, February 2006, . 573 [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an 574 IANA Considerations Section in RFCs", BCP 26, RFC 5226, May 2008, 575 . 577 [RFC7348] Mahalingam, M., et al, "VXLAN: A Framework for Overlaying 578 Virtualized Layer 2 Networks over Layer 3 Networks", RFC 7348, August 579 2014 581 10.2 Informative References 583 [MEF] Metro Ethernet Forum, "Ethernet Services Definitions - Phase 584 2", Technical Specification MEF 6.1, April 2008, 585 https://www.mef.net/Assets/Technical_Specifications/PDF/MEF_6.1.pdf 587 [RFC4664] Andersson, L., Ed., and E. Rosen, Ed., "Framework for 588 Layer 2 Virtual Private Networks (L2VPNs)", RFC 4664, September 2006, 589 . 591 [ietf-evpn-overlay] Sajassi-Drake et al., "A Network Virtualization 592 Overlay Solution using EVPN", draft-ietf-bess-evpn-overlay-07.txt, 593 work in progress, December, 2016 595 Contributors 597 In addition to the authors listed on the front page, the following 598 co-authors have also contributed to this document: 600 Daniel Voyer Bell Canada 602 Authors' Addresses 604 Sami Boutros 605 VMware, Inc. 606 Email: sboutros@vmware.com 608 Ali Sajassi 609 Cisco 610 Email: sajassi@cisco.com 612 Samer Salam 613 Cisco 614 Email: ssalam@cisco.com 616 John Drake 617 Juniper Networks 618 Email: jdrake@juniper.net 620 Jeff Tantsura 621 Individual 622 Email: jefftant@gmail.com 624 Dirk Steinberg 625 Steinberg Consulting 626 Email: dws@steinbergnet.net 628 Patrice Brissette 629 Cisco 630 Email: pbrisset@cisco.com 632 Thomas Beckhaus 633 Deutsche Telecom 634 Email: Thomas.Beckhaus@telekom.de 636 Jorge Rabadan 637 Nokia 638 Email: jorge.rabadan@nokia.com 640 Ryan Bickhart 641 Juniper Networks 642 Email: rbickhart@juniper.net