FYI For everyone else’s benefit, Ali and a bunch of us discussed offline and we agreed that the use of the sticky-bit and a non-zero sequence number in the same mac mobility extended community has to be optionally permitted in the pbb-evpn draft. So if the user decides to advertise a given shared BMAC as ‘sticky’, if a new update is advertised to indicate a CMAC flush for that given BMAC, the PE will add both, a non-zero sequence number and the sticky bit in the same mac mobility extended community.
Ali, feel free to add/comment. Thank you. Jorge From: "Ali Sajassi (sajassi)" <[email protected]<mailto:[email protected]>> Date: Monday, April 6, 2015 at 11:16 PM To: Jorge Rabadan <[email protected]<mailto:[email protected]>>, "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Cc: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Subject: Re: [bess] PBB-EVPN draft - use of sticky bit in mac mobility ext. com. Hi Jorge, The current text in pbb-evpn draft doesn’t prohibit the use of “sticky-bit”. The initial advertisement for a BMAC can be sent with this bit set (where the sequence # is zero). For flushing CMAC addresses in PBB-EVPN, MAC mobility extended community is used with sequence number incremented (for shared BMACs). These two functions are separate and are two different things (learning BMAC versus flushing CMACs). Are you concern about a scenario where right after configuration of the shared BMAC, there is a failure for Single-Active MHD/MHN, where another BMAC advertisement with MAC mobility is sent, and the RR only sends the latter advertisement? Cheers, Ali From: <Rabadan>, "Jorge (Jorge)" <[email protected]<mailto:[email protected]>> Date: Tuesday, March 31, 2015 at 7:28 PM To: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Cc: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> Subject: [bess] PBB-EVPN draft - use of sticky bit in mac mobility ext. com. Dear authors, In PBB-EVPN we advertise PE shared BMACs or dedicated (per-ES) BMACs. Either way, I believe it is a good practice to advertise them as ’static’ i.e. along with the ’sticky’ bit. That provides a natural protection against BMACs that might be learnt locally and are not ‘managed’. In RFC7432, when the sticky bit is set, the sequence number is zero. For PBB-EVPN, that means that when shared BMACs are used and per-ISID load balancing multihoming is in place, the shared BMACs cannot be advertised as static (since the sequence number is used as a CMAC flush notification). Since the PE BMACs are not subject to mobility procedures and are by nature ‘static’ and managed, would it be possible to explicitly allow in the pbb-evpn draft the advertisement of the sticky bit along with a sequence number, when the mac-mobility extended community is used for CMAC flush notification? This can be optional and would allow an extra level of security in a PBB-EVPN network. If you agree with that, I can provide a text if needed. Looking forward to your feedback. Thank you. Jorge
_______________________________________________ BESS mailing list [email protected] https://www.ietf.org/mailman/listinfo/bess
