Hi Joe, Please see inline. From: Joe Touch [mailto:[email protected]] Sent: Monday, August 29, 2016 8:04 PM To: Lucy yong; David Allan I; [email protected]; Bocci, Matthew (Nokia - GB) Subject: Re: Call for interest on NVO3 use case draft
Cutting this down to make it easier to track remaining issues... On 8/29/2016 3:42 PM, Lucy yong wrote: Some notes below, embedded in a copy of that text: 4.3. Tenant Network with Multiple Subnetworks A tenant network may be configured with multiple subnetworks. One change to: multiple Internet subnets, as defined in RFC1812. [Lucy] Do they have to be subnets, i.e. under one network mask? L3VN can learn the routes from DC, no reason to limit to all routes from a DC under one subnet although operator may design that way. Each subnet is under one net mask (by definition of subnet). [Lucy] yes That means one route per subnet AND that the L3VN needs to connect to each subnet. [Lucy] A operator can design in this way too. However, 4.3 is not targeted for this case. That was my description mistake. OK. If that's not the case, then you have a different model (more like BGP), but then you're no longer talking about subnets inside the DC anymore. [Lucy] Yes, BGP is what operator to use for this case. Sorry to make that confusion. Any suggestion to describe the case? That's not a subnet. That's creating an AS - otherwise, BGP won't peer with the DC network. [Lucy] Get it. ...The motivation for this configuration is that L2VN is a common way connecting VMs within a DC; however a big broadcast domain across multiple DC sites and WAN networks raises across multiple DC sites and spanning wide area distances over WAN networks raises security and scalability concerns. Alternative is to use an L3VN to interconnect these L2VNs at DC sites, I don't understand the above. That is the same solution as the first example you have given. You either have one L2VN that spans DCs or separate L2VNs. Those separate L2VNs are L3 subnets, which - by definition - need a gateway in order to be connected together as a network. [Lucy] From tenant perspective, it gets one L2VPN, however operator can construct multiple L2VNs and L3VN to achieve it. Make a sense? From a tenant perspective, if they get an L2VPN, they can neither see nor know how it happens. [Lucy] true, but here is to provide a use case to support a tenant network If it's L2 over L3, that creates a lot of problems - i.e., you're basically restoring exactly the broadcast domain you thought you were getting rid of. If the L2 involves multiple L2s, something has to tie them together (an L3) or you're layering (L2 over L2). The former is what I already described above (it's an L3 net, not an L2 net), and if it's the latter, it's still just one L2 net with all of the broadcast problems. So whatever this is, it needs to be explained more clearly IMO. [Lucy] OK, I see your point. Since we already has BGP AS case described in Section 3. Maybe good to remove this case from the draft. Lucy Joe
_______________________________________________ nvo3 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nvo3
