Internet Engineering Task Force X. Chen Internet-Draft Huawei Technologies Intended status: Informational T. Tsou Expires: August 22, 2013 Huawei Technologies (USA) E. Roch Huawei Technologies February 18, 2013 NVO3 Requirements Versus Available Protocol Capabilities draft-chen-nvo3-gap-analysis-00 Abstract This document matches candidate protocols against the NVO3 requirements. Based on the results, gaps are identified and further protocol work is recommended. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on August 22, 2013. Copyright Notice Copyright (c) 2013 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as Chen, et al. Expires August 22, 2013 [Page 1] Internet-Draft NVO3 Gap Analysis February 2013 described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 1.2. Abbreviations . . . . . . . . . . . . . . . . . . . . . . 3 2. Management Requirements . . . . . . . . . . . . . . . . . . . 4 3. Control Plane Requirements . . . . . . . . . . . . . . . . . . 4 4. Data Plane Requirements . . . . . . . . . . . . . . . . . . . 4 5. Summary and Conclusions . . . . . . . . . . . . . . . . . . . 10 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 10 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 8. Security Considerations . . . . . . . . . . . . . . . . . . . 10 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 10 9.1. Normative References . . . . . . . . . . . . . . . . . . . 10 9.2. Informative References . . . . . . . . . . . . . . . . . . 11 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 11 Chen, et al. Expires August 22, 2013 [Page 2] Internet-Draft NVO3 Gap Analysis February 2013 1. Introduction The charter of the NVO3 Working Group requires it to identify any gaps between the requirements it has identified and the available protocol solutions as a prerequisite to rechartering or concluding the Working Group if no gaps exist. The present document is intended to provide the required analysis. It provides a tabulation of the candidate protocols' ability to satisfy each requirement identified by the Working Group. Areas where further work is required to ensure that the requirements are met are identified. Since the Working Group has yet to adopt documents describing requirements for the management and control planes, they are absent from the present version of this document. The data plane requirements are taken from [I_D.dataplane_requirements]. The initial candidate protocols are NVGRE [I_D.NVGRE], VxLAN [I_D.VxLAN], L2VPN [reference?], and L3VPN [reference?]. 1.1. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. 1.2. Abbreviations This document uses the following abbreviations: NVO3: Network virtualization overlays L2VPN Layer 2 virtual private network L3VPN Layer 3 virtual private network NVE: Network virtualization edge VAP: Virtual access point VNI: Virtual network instance LAG: Link aggregation group ECMP: Equal cost multi-path DSCP: Differentiated services code point Chen, et al. Expires August 22, 2013 [Page 3] Internet-Draft NVO3 Gap Analysis February 2013 ECN: Explicit congestion notification [RFC3168] 2. Management Requirements To come. 3. Control Plane Requirements To come. 4. Data Plane Requirements In this section, the numbering of requirement headings is taken from the corresponding section numbers in [I_D.dataplane_requirements]. 3.1. Virtual Access Points (VAPs) +-------------------------------+--------+--------+--------+--------+ | Requirement | NVGRE | VxLAN | L2VPN | L3VPN | +-------------------------------+--------+--------+--------+--------+ | MUST support VAP | | | | | | identification | | | | | | - | - | - | - | - | | 1) Local interface | YES | | | | | - | - | - | - | - | | 2) Local interface + fields | YES | | | | | in frame header | | | | | +-------------------------------+--------+--------+--------+--------+ Table 1: VAP Identification Requirements 3.2. Virtual Network Instance (VNI) +-------------------------------+--------+--------+--------+--------+ | Requirement | NVGRE | VxLAN | L2VPN | L3VPN | +-------------------------------+--------+--------+--------+--------+ | VAP are associated with a | YES | | | | | specific VNI at service | | | | | | instantiation time. | | | | | +-------------------------------+--------+--------+--------+--------+ Table 2: VAP-VNI Association 3.2.1. L2 VNI Chen, et al. Expires August 22, 2013 [Page 4] Internet-Draft NVO3 Gap Analysis February 2013 +-------------------------------+--------+--------+--------+--------+ | Requirement | NVGRE | VxLAN | L2VPN | L3VPN | +-------------------------------+--------+--------+--------+--------+ | L2 VNI MUST provide an | NO | | | | | emulated Ethernet multipoint | | | | | | service as if Tenant Systems | | | | | | are interconnected by a | | | | | | bridge (but instead by using | | | | | | a set of NVO3 tunnels). | | | | | | - | - | - | - | - | | Loop avoidance capability | | | | | | MUST be provided. | | | | | | - | - | - | - | - | | In the absence of a | | | | | | management or control plane, | | | | | | data plane learning MUST be | | | | | | used to populate forwarding | | | | | | tables. | | | | | | - | - | - | - | - | | When flooding is required, | | | | | | either to deliver unknown | | | | | | unicast, or broadcast or | | | | | | multicast traffic, the NVE | | | | | | MUST either support ingress | | | | | | replication or multicast. | | | | | | - | - | - | - | - | | In this latter case, the NVE | | | | | | MUST be able to build at | | | | | | least a default flooding tree | | | | | | per VNI. | | | | | +-------------------------------+--------+--------+--------+--------+ Table 3: L2 VNI Service 3.2.2. L3 VNI +-------------------------------+--------+--------+--------+--------+ | Requirement | NVGRE | VxLAN | L2VPN | L3VPN | +-------------------------------+--------+--------+--------+--------+ | L3 VNIs MUST provide | YES | | | | | virtualized IP routing and | | | | | | forwarding. | | | | | | - | - | - | - | - | Chen, et al. Expires August 22, 2013 [Page 5] Internet-Draft NVO3 Gap Analysis February 2013 | L3 VNIs MUST support | YES | | | | | per-tenant forwarding | | | | | | instance with IP addressing | | | | | | isolation and L3 tunneling | | | | | | for interconnecting instances | | | | | | of the same VNI on NVEs. | | | | | +-------------------------------+--------+--------+--------+--------+ Table 4: L3 VNI Service 3.3.1. NVO3 overlay header +-------------------------------+--------+--------+--------+--------+ | Requirement | NVGRE | VxLAN | L2VPN | L3VPN | +-------------------------------+--------+--------+--------+--------+ | An NVO3 overlay header MUST | YES | | | | | be included after the | | | | | | underlay tunnel header when | | | | | | forwarding tenant traffic. | | | | | +-------------------------------+--------+--------+--------+--------+ Table 5: Overlay Header 3.3.1.1. Virtual Network Context Identification +-------------------------------+--------+--------+--------+--------+ | Requirement | NVGRE | VxLAN | L2VPN | L3VPN | +-------------------------------+--------+--------+--------+--------+ | The overlay encapsulation | YES | | | | | header MUST contain a field | | | | | | which allows the encapsulated | | | | | | frame to be delivered to the | | | | | | appropriate virtual network | | | | | | endpoint by the egress NVE. | | | | | +-------------------------------+--------+--------+--------+--------+ Table 6: Virtual Network Context Identification 3.3.1.2. Service QoS identifier Chen, et al. Expires August 22, 2013 [Page 6] Internet-Draft NVO3 Gap Analysis February 2013 +-------------------------------+--------+--------+--------+--------+ | Requirement | NVGRE | VxLAN | L2VPN | L3VPN | +-------------------------------+--------+--------+--------+--------+ | Traffic flows originating | NO | | | | | from different applications | | | | | | could rely on differentiated | | | | | | forwarding treatment to meet | | | | | | end-to-end availability and | | | | | | performance objectives. | | | | | +-------------------------------+--------+--------+--------+--------+ Table 7: QoS Service Identification 3.3.2.1. LAG and ECMP +-------------------------------+--------+--------+--------+--------+ | Requirement | NVGRE | VxLAN | L2VPN | L3VPN | +-------------------------------+--------+--------+--------+--------+ | For performance reasons, | YES | | | | | multipath over LAG and ECMP | | | | | | paths SHOULD be supported. | | | | | +-------------------------------+--------+--------+--------+--------+ Table 8: Multipath Support 3.3.2.2. DiffServ and ECN marking +-------------------------------+--------+--------+--------+--------+ | Requirement | NVGRE | VxLAN | L2VPN | L3VPN | +-------------------------------+--------+--------+--------+--------+ | [RFC2983] defines two modes | NO | | | | | for mapping the DSCP markings | | | | | | from inner to outer headers | | | | | | and vice versa. Both models | | | | | | SHOULD be supported. | | | | | | - | - | - | - | - | | ECN marking MUST be performed | NO | | | | | according to [RFC6040] which | | | | | | describes the correct ECN | | | | | | behavior for IP tunnels. | | | | | +-------------------------------+--------+--------+--------+--------+ Table 9: DSCP and ECN Marking 3.3.2.3. Handling of broadcast, unknown unicast, and multicast traffic Chen, et al. Expires August 22, 2013 [Page 7] Internet-Draft NVO3 Gap Analysis February 2013 +-------------------------------+--------+--------+--------+--------+ | Requirement | NVGRE | VxLAN | L2VPN | L3VPN | +-------------------------------+--------+--------+--------+--------+ | NVO3 data plane support for | YES | | | | | either ingress replication or | | | | | | point-to- multipoint tunnels | | | | | | is required to send traffic | | | | | | destined to multiple | | | | | | locations on a per-VNI basis | | | | | | (e.g. L2/L3 multicast | | | | | | traffic, L2 broadcast and | | | | | | unknown unicast traffic). | | | | | +-------------------------------+--------+--------+--------+--------+ Table 10: Handling of Broadcast, Unknown Unicast, and Multicast Traffic 3.4. External NVO3 connectivity +-------------------------------+--------+--------+--------+--------+ | Requirement | NVGRE | VxLAN | L2VPN | L3VPN | +-------------------------------+--------+--------+--------+--------+ | NVO3 services MUST | YES | | | | | interoperate with current VPN | | | | | | and Internet services. This | | | | | | may happen inside one DC | | | | | | during a migration phase or | | | | | | as NVO3 services are | | | | | | delivered to the outside | | | | | | world via Internet or VPN | | | | | | gateways. | | | | | +-------------------------------+--------+--------+--------+--------+ Table 11: Interoperation 3.5. Path MTU +-------------------------------+--------+--------+--------+--------+ | Requirement | NVGRE | VxLAN | L2VPN | L3VPN | +-------------------------------+--------+--------+--------+--------+ | Classical ICMP-based MTU Path | NO | | | | | Discovery ([RFC1191], | | | | | | [RFC1981]) or Extended MTU | | | | | | Path Discovery techniques | | | | | | such as defined in [RFC4821]. | | | | | | - | - | - | - | - | Chen, et al. Expires August 22, 2013 [Page 8] Internet-Draft NVO3 Gap Analysis February 2013 | Segmentation and reassembly | YES | | | | | support from the overlay | | | | | | layer operations without | | | | | | relying on the Tenant Systems | | | | | | to know about the end-to-end | | | | | | MTU. | | | | | +-------------------------------+--------+--------+--------+--------+ Table 12: Path MTU 3.7. NVE Multi-Homing Requirements +-------------------------------+--------+--------+--------+--------+ | Requirement | NVGRE | VxLAN | L2VPN | L3VPN | +-------------------------------+--------+--------+--------+--------+ | Multi-homing techniques | NO | | | | | SHOULD be used to increase | | | | | | the reliability of an NVO3 | | | | | | network. | | | | | +-------------------------------+--------+--------+--------+--------+ Table 13: Multihoming 3.8. OAM +-------------------------------+--------+--------+--------+--------+ | Requirement | NVGRE | VxLAN | L2VPN | L3VPN | +-------------------------------+--------+--------+--------+--------+ | NVE MAY be able to | NO | | | | | originate/terminate OAM | | | | | | messages for connectivity | | | | | | verification, performance | | | | | | monitoring, statistic | | | | | | gathering and fault | | | | | | isolation. Depending on | | | | | | configuration, NVEs SHOULD be | | | | | | able to process or | | | | | | transparently tunnel OAM | | | | | | messages, as well as | | | | | | supporting alarm propagation | | | | | | capabilities. | | | | | +-------------------------------+--------+--------+--------+--------+ Table 14: OAM Messaging Chen, et al. Expires August 22, 2013 [Page 9] Internet-Draft NVO3 Gap Analysis February 2013 5. Summary and Conclusions To come. 6. Acknowledgements Peter Ashwood-Smith and Rangaraju Iyengar are acknowledged for their technical contributions to this document. Tom Taylor served as XML2RFC guru to produce it. 7. IANA Considerations This memo includes no request to IANA. 8. Security Considerations All drafts are required to have a security considerations section. 9. References 9.1. Normative References [I_D.NVGRE] Sridharan, M., Greenberg, A., Venkataramiah, N., Wang, Y., Duda, K., Ganga, I., Lin, G., Pearson, M., Thaler, P., and C. Tumuluri, "NVGRE: Network Virtualization using Generic Routing Encapsulation (Work in progress)", July 2012. [I_D.VxLAN] Mahalingam, M., Dutt, D., Duda, K., Agarwal, P., Kreeger, L., Sridhar, T., Bursell, M., and C. Wright, "VXLAN: A Framework for Overlaying Virtualized Layer 2 Networks over Layer 3 Networks (Work in progress)", August 2012. [I_D.dataplane_requirements] Bitar, N., Lasserre, M., Balus, F., Morin, T., Jin, L., and B. Khasnabish, "NVO3 Data Plane Requirements (Work in progress)", December 2012. [RFC1191] Mogul, J. and S. Deering, "Path MTU discovery", RFC 1191, November 1990. [RFC1981] McCann, J., Deering, S., and J. Mogul, "Path MTU Discovery for IP version 6", RFC 1981, August 1996. Chen, et al. Expires August 22, 2013 [Page 10] Internet-Draft NVO3 Gap Analysis February 2013 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2983] Black, D., "Differentiated Services and Tunnels", RFC 2983, October 2000. [RFC4821] Mathis, M. and J. Heffner, "Packetization Layer Path MTU Discovery", RFC 4821, March 2007. [RFC6040] Briscoe, B., "Tunnelling of Explicit Congestion Notification", RFC 6040, November 2010. 9.2. Informative References [RFC3168] Ramakrishnan, K., Floyd, S., and D. Black, "The Addition of Explicit Congestion Notification (ECN) to IP", RFC 3168, September 2001. Authors' Addresses Xiaoming Chen Huawei Technologies Phone: Email: ming.chen@huawei.com Tina Tsou Huawei Technologies (USA) 2330 Central Expressway Santa Clara, CA 95050 USA Phone: +1 408 330 4424 Email: Tina.Tsou.Zouting@huawei.com URI: http://tinatsou.weebly.com/contact.html Chen, et al. Expires August 22, 2013 [Page 11] Internet-Draft NVO3 Gap Analysis February 2013 Evelyne Roch Huawei Technologies 303 Terry Fox Drive, Suite 400 Kanata, Ontario K2K 3J1 Canada Phone: +1 613 595 1900 x1612 Email: evelyne.roch@huawei.com Chen, et al. Expires August 22, 2013 [Page 12]