Hi, Anoop. Anoop Ghanwani wrote:
Let me try and see if I understand this.
Everything I know about VDP was learned by reading the draft. So it's rather possible that I don't understand. :) But let me try to clarify my comments here:
Basically what you're asking for is for the Group ID to remain a proxy for the VLAN ID, but not necessarily for the VNID.
Yes, that's what I mean. But to be explicit, I'm talking about the VLAN ID that is tagged on the wire between the tNVE and nNVE (using the draft's terminology).
In the draft, that tag is used to identify a VN. If there are multiple VMs (on the same hypervisor) attached to the same VN, they may have local switching inside the tNVE.
My suggestion is that, for some use-cases, the tag could be used to identify a VAP rather than a VN. Therefore e.g. a specific VM interface would be mapped to a tNVE-nNVE VLAN tag, so that the nNVE would be used for all switching (and filtering etc) of inter-VM traffic even if they're on the same hypervisor.
In the case of an L2VPN, VNID=VLAN. But in the case of L3VPN a VNID may actually represent a group of VLANs.
This is where I'm not sure if we are saying the same thing... Whether or not the VN is used to carry L2 or L3 traffic is orthogonal. In either case (L2 or L3) we may or may not want local tNVE switching. If not then we want the tNVE-nNVE VLAN tag to represent a VAP rather than VN.
Cheers, -Benson
If so, I agree with your assessment. Anoop On Sat, Mar 21, 2015 at 5:38 PM, Benson Schliesser <[email protected] <mailto:[email protected]>> wrote: Speaking as an individual contributor to NVO3: In reviewing draft-ietf-nvo3-hpvr2nve-cp-__req-02, it seems to me that there is an assumption that a tNVE will perform local switching of e.g. inter-VM packets. Based on this assumption, the recommendation seems to be that the VDP GroupID is mapped to the VNID for a given VN. I don't see anything wrong with that particular mode of operation. But I do also think it would be valuable to decouple things a bit further... Specifically, I can imagine two modes of operation. One of them is as described in the draft, where GroupID == VNID. The other might be described as GroupID == VAP. This latter mode might be useful in cases where the nNVE is responsible for filtering of some kind, in cases where there are network services that must be processed for inter-TS traffic, etc. In fact it seems to me that we may want this latter mode to be the default behavior of a split NVE. It's not clear to me how these different modes might be communicated via VDP, and/or via the NVE-NVA control plane, if they need to be communicated... I'd be interested to hear feedback from the authors and any other WG contributors that have thought about this topic. Thanks, -Benson _________________________________________________ nvo3 mailing list [email protected] <mailto:[email protected]> https://www.ietf.org/mailman/__listinfo/nvo3 <https://www.ietf.org/mailman/listinfo/nvo3>
_______________________________________________ nvo3 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nvo3
