Luyuan,
I think I'm going to have to agree to disagree, as WG charter text is
malleable - the IESG can change it, and I have plenty of experience with
that as a WG chair. As a consequence, I don't regard the use of the VPN
acronym in the current nvo3 charter as definitively settling the location
of all data-center-related VPN work for all time.
With you and a number of others suggesting that we have at least two
separate problems that need separate attention, I will observe that it
is possible for a single WG to accommodate multiple significant work
areas that have limited interaction/overlap/commonality, as I've chaired
a WG that did exactly that for three major areas of work:
http://www.ietf.org/wg/concluded/ips.html
OTOH, it wasn't easy - the material on technical coordinators at the end of
the WG description in that charter is an initial hint to what had to be put
in place to handle the work. There was a period of time where there were 3
WG co-chairs in addition to the 3 technical coordinators in order to stay on
top of everything ... and even so, it still felt like a 3-ring circus from
time to time :-). Nonetheless, I still think that keeping everything in one
WG was the right decision at the time because there were overriding transport
and security issues that needed common attention, and the list of RFCs at the
bottom of that charter indicates that the WG was effective.
Time will tell whether nvo3 has analogous common issues that favor keeping
everything in one place. Beyond the current framework and problem statement
adventures, there clearly needs to be exactly one virtual interface attach/
detach protocol (which might be VDP or XMPP or something else), and that
protocol has to carry interface and network identifiers that are sufficiently
general to support use by any of the approaches to overlays/VPNs/etc. In
contrast, if the VPN4DC work on BGP/MPLS VPNs requires BGP extensions, the
L3VPN WG seems like a better place for those because the BGP expertise is
already there, and any such BGP extensions will have to be coordinated with
the existing use of BGP for L3VPNs.
What's the current state of the VPN4DC draft wrt the L3VPN WG?
Thanks,
--David
> -----Original Message-----
> From: Luyuan Fang (lufang) [mailto:[email protected]]
> Sent: Thursday, July 05, 2012 11:33 PM
> To: Black, David
> Cc: [email protected]
> Subject: RE: NVO3 scope - VPN4DC
>
> David,
>
> Thanks for sharing your thought.
>
> Regarding overlay and VPN, Adrian posted the question asking the difference
> during the charter discussion, at the end, no good distinction could be made,
> therefore the term "DCVPN" was adopted in the charter.
>
> Regarding scope, I don't have much agree or disagree with you, we follow
> IETF/IESG directions. We would be happy to take the vpn4dc work in a separate
> new or existing group and progress it too. From the current charter write-up,
> nvo3 is indeed the place. We share the same concerns on scaling, you saw a few
> mails on the list too, from Pedro, Rob, Maria... We have several SPs really
> interested in the vpn solutions for DC, we started the initiative last year
> without knowing nvo3 effort was running in parallel. We need to continue
> progress it.
>
> Below is some quote from the current nvo3 charter. It seems to me: "NV03 =
> DCVPN". Next, what is the difference between DCVPN to VPN4DC? :-). OK, would
> not go there. :-)
>
> "An NVO3 solution (known here as a Data Center Virtual Private
> Network (DCVPN)) is a VPN that is viable across a scaling
> range of a few thousand VMs to several million VMs running on
> greater than one hundred thousand physical servers. It thus has
> good scaling properties from relatively small networks to
> networks with several million DCVPN endpoints and hundreds of
> thousands of DCVPNs within a single administrative domain.
>
> A DCVPN also supports VM migration between physical servers
> in a sub-second timeframe."
>
> Thanks,
> Luyuan
>
> > -----Original Message-----
> > From: [email protected] [mailto:[email protected]]
> > Sent: Thursday, July 05, 2012 9:31 PM
> > To: Luyuan Fang (lufang)
> > Cc: [email protected]
> > Subject: NVO3 scope - VPN4DC
> >
> > Luyuan,
> >
> > > If you followed the Taiwan meeting and all the activities going on in
> > Routing area around DC,
> > > this is the continued work for vpn4dc. In the last IETF in Paris, it
> > was said that nvo3
> > > would expand its original scope to include vpn, so we brought the
> > work here.
> >
> > I did follow the Taiwan meeting, and I'm aware of all of this, although
> > I was a bit surprised
> > to see the VPN4DC draft turn up in nvo3 rather than go back to l3vpn,
> > as I have a somewhat
> > different perspective, which dates back to before the Taipei meetings.
> >
> > The nvo3 effort started out as overlay-focused, and it was pointed out
> > that overlays are
> > a type of VPN. That observation is correct, as all three of "virtual",
> > "private" and
> > "network" apply to the overlay VNs in nvo3. One of the results was
> > that the first IETF
> > session devoted to nvo3 was held as the second l2vpn WG session in
> > Taipei, and another
> > result was use of the VPN acronym in the nvo3 WG charter.
> >
> > I think it's a bit of a stretch to jump from there to a conclusion that
> > all VPN work in
> > data centers is therefore within the scope of nvo3. To take an obvious
> > example, if there
> > was interest in data-center-specific work for IPsec VPNs, that work
> > would be done in the
> > Security Area's ipsecme WG, and attempts to do it in nvo3 would result
> > in long versions
> > of the work "No" from the Security ADs :-).
> >
> > I agree that the vpn4dc work is potentially in the scope of nvo3 (and I
> > believe I effectively
> > said so at the microphone in Paris in response to a question from
> > Thomas Morin), but I would
> > really like to better understand how and why this work moved to nvo3 as
> > the WG of primary
> > focus instead of where it started in the l3vpn WG back in Taipei.
> >
> > Thanks,
> > --David
> > ----------------------------------------------------
> > David L. Black, Distinguished Engineer
> > EMC Corporation, 176 South St., Hopkinton, MA 01748
> > +1 (508) 293-7953 FAX: +1 (508) 293-7786
> > [email protected] Mobile: +1 (978) 394-7754
> > ----------------------------------------------------
>
_______________________________________________
nvo3 mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/nvo3
