Hi Saku, Let me provide some of my comments ...
- External VPN forwarder at page 12 appears not to support QinQ, should it? > Do you have in mind sort of CSC analogy that tenants internally have their own demux based on bottom 802.1Q tag while top one would be used just like a single VLAN tag as described ? - Draft seems IPv4 centric, with static /32 often appearing, while > IPv6 support is explicitly mentioned. > I think you can build IPv6 DC virtualization services while still using IPv4 only DC core. > - Draft mentions GRE and MPLS supported, but most examples speak as if > it's always GRE encapsulated. > It's not clear to me how VPN forwarder would connect via MPLS to a > P or PE node, where would IGP label come. > Or should end-system route server<->PE have OptB? (Would also give > label security, so VPN forwarder would not need to be fully trusted) > The translation happens at the option B ASBR. I would not really run MPLS LDP + IGP or IGP with extension to carry labels or other form of tags in the DC. In fact having high speed IP core which is non blocking should be basic principle of the design. Personally I like Petr's draft: http://tools.ietf.org/html/draft-lapukhov-bgp-routing-large-dc-03 Best, R.
