David, Thanks for sharing your thought.
Regarding overlay and VPN, Adrian posted the question asking the difference during the charter discussion, at the end, no good distinction could be made, therefore the term "DCVPN" was adopted in the charter. Regarding scope, I don't have much agree or disagree with you, we follow IETF/IESG directions. We would be happy to take the vpn4dc work in a separate new or existing group and progress it too. From the current charter write-up, nvo3 is indeed the place. We share the same concerns on scaling, you saw a few mails on the list too, from Pedro, Rob, Maria... We have several SPs really interested in the vpn solutions for DC, we started the initiative last year without knowing nvo3 effort was running in parallel. We need to continue progress it. Below is some quote from the current nvo3 charter. It seems to me: "NV03 = DCVPN". Next, what is the difference between DCVPN to VPN4DC? :-). OK, would not go there. :-) "An NVO3 solution (known here as a Data Center Virtual Private Network (DCVPN)) is a VPN that is viable across a scaling range of a few thousand VMs to several million VMs running on greater than one hundred thousand physical servers. It thus has good scaling properties from relatively small networks to networks with several million DCVPN endpoints and hundreds of thousands of DCVPNs within a single administrative domain. A DCVPN also supports VM migration between physical servers in a sub-second timeframe." Thanks, Luyuan > -----Original Message----- > From: [email protected] [mailto:[email protected]] > Sent: Thursday, July 05, 2012 9:31 PM > To: Luyuan Fang (lufang) > Cc: [email protected] > Subject: NVO3 scope - VPN4DC > > Luyuan, > > > If you followed the Taiwan meeting and all the activities going on in > Routing area around DC, > > this is the continued work for vpn4dc. In the last IETF in Paris, it > was said that nvo3 > > would expand its original scope to include vpn, so we brought the > work here. > > I did follow the Taiwan meeting, and I'm aware of all of this, although > I was a bit surprised > to see the VPN4DC draft turn up in nvo3 rather than go back to l3vpn, > as I have a somewhat > different perspective, which dates back to before the Taipei meetings. > > The nvo3 effort started out as overlay-focused, and it was pointed out > that overlays are > a type of VPN. That observation is correct, as all three of "virtual", > "private" and > "network" apply to the overlay VNs in nvo3. One of the results was > that the first IETF > session devoted to nvo3 was held as the second l2vpn WG session in > Taipei, and another > result was use of the VPN acronym in the nvo3 WG charter. > > I think it's a bit of a stretch to jump from there to a conclusion that > all VPN work in > data centers is therefore within the scope of nvo3. To take an obvious > example, if there > was interest in data-center-specific work for IPsec VPNs, that work > would be done in the > Security Area's ipsecme WG, and attempts to do it in nvo3 would result > in long versions > of the work "No" from the Security ADs :-). > > I agree that the vpn4dc work is potentially in the scope of nvo3 (and I > believe I effectively > said so at the microphone in Paris in response to a question from > Thomas Morin), but I would > really like to better understand how and why this work moved to nvo3 as > the WG of primary > focus instead of where it started in the l3vpn WG back in Taipei. > > Thanks, > --David > ---------------------------------------------------- > David L. Black, Distinguished Engineer > EMC Corporation, 176 South St., Hopkinton, MA 01748 > +1 (508) 293-7953 FAX: +1 (508) 293-7786 > [email protected] Mobile: +1 (978) 394-7754 > ---------------------------------------------------- _______________________________________________ nvo3 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nvo3
