Hi David, Can you tell us, in the presence of multi-tenancy where each tenant can have its own DHCP server, how the PE knows the identify of each tenant’s DHCP server for initiating Active Lease Query. It should be noted that one or more PEs in the multi-homing group can be completely oblivious to DORA exchanges. It should also be noted that minimizing configuration and auto-deriving information has been one of the main EVPN objectives since its gensis including auto-derivation of Route Targets, ESIs, etc.
Cheers, Ali From: David 'equinox' Lamparter <equi...@diac24.net> Date: Friday, November 8, 2024 at 3:24 AM To: bess@ietf.org <bess@ietf.org>, draft-sajassi-bess-evpn-first-hop-secur...@ietf.org <draft-sajassi-bess-evpn-first-hop-secur...@ietf.org> Cc: dh...@ietf.org <dh...@ietf.org> Subject: evpn-first-hop-security vs. DHCP Active Leasequery Hi all, as just noted on mic in BESS, I believe the EVPN First Hop Security draft is pretty much redundant with doing Active Leasequery (RFCs 7653 and 7724). Additionally, Leasequery is superior to synchronizing state acquired from snooping since the DHCP servers can actively push changes and ensure consistency, e.g. when the PE reboots. (Used together with Bulk Leasequery.) Further clarified on mic / referring to Figure 2 in the draft, in a multihomed scenario all PEs perform leasequery and acquire the same DHCP state, i.e. PE2 and PE3 both have the same information even if only one of them carries the DHCP exchange. Did I miss something that is needed for EVPN that DHCP Active Leasequery cannot provide? Cheers, equi (David)
_______________________________________________ BESS mailing list -- bess@ietf.org To unsubscribe send an email to bess-le...@ietf.org
