See my comment below From: [email protected] [mailto:[email protected]] On Behalf Of Larry Kreeger (kreeger) Sent: Friday, August 30, 2013 3:43 PM To: Zu Qiang; [email protected]; Thomas Narten; Black, David Subject: Re: [nvo3] Comment on draft-kreeger-nvo3-hypervisor-nve-cp-01
Hi Zu, See my responses inline. - Larry From: Zu Qiang <[email protected]<mailto:[email protected]>> Date: Friday, August 30, 2013 12:30 PM To: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>>, Larry Kreeger <[email protected]<mailto:[email protected]>>, Thomas Narten <[email protected]<mailto:[email protected]>>, David Black <[email protected]<mailto:[email protected]>> Subject: Comment on draft-kreeger-nvo3-hypervisor-nve-cp-01 <snip> * 4.2: The two ways of TS address discovery is for MAC address discovery? IP address discovery or both? Do we allow the VM to inform the NVE directly at VN address association? Can we cover it in the text as well? LK> Our goal is the make the implementation of the VN completely hidden from the TS (VM). There should be no requirement to modify the TS to participate in address advertisement. There is also an issue of trust, we should try to avoid trusting a TS to advertise its address. <PAT> Larry, I agree, but the NVO3 Security draft which has the following in 5.1 isn't consistent with this: "Apart from data traffics, the NVE and the TSes also need to exchange signaling messages in order to facilitate, e.g., VM online detection, VM migration detection, or auto-provisioning/ service discovery [I-D.ietf-nvo3-framework]." The messages for these purposes should be between the NVE and the hypervisor, not the NVE and the TS. <snip> Have a nice day Zu Qiang
_______________________________________________ nvo3 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nvo3
