Re: [nvo3] New draft: Path Detection in VXLAN Overlay Network

[Deepak Kumar (dekumar)]

Hi Shahram,

In large scale overlay network with multiple ecmp path, one of the solution 
draft proposes is also Path Traversal (which is all the path between 2 Vteps).
In this scenario efficiency of OAM message is very important and also OAM 
packets shouldn’t be high that it start taking bandwidth out of Fabric.

In controller based method, single OAM message is only going in the Datapath.
In TTL expiry without controller we have x number of hope generation and same 
number of reply in in-band data traffic.
Now this process is repeated for all ECMPs and all Vteps this number will 
become high and it will take more time for this whole process to complete.

Thanks,
Deepak

From: Shahram Davari <dav...@broadcom.com<mailto:dav...@broadcom.com>>
Date: Friday, July 17, 2015 at 6:46 AM
To: Dacheng Zhang 
<dacheng....@alibaba-inc.com<mailto:dacheng....@alibaba-inc.com>>
Cc: maxpassion <maxpass...@gmail.com<mailto:maxpass...@gmail.com>>, dekumar 
<deku...@cisco.com<mailto:deku...@cisco.com>>, tom 
<t...@herbertland.com<mailto:t...@herbertland.com>>, nvo3 
<nvo3@ietf.org<mailto:nvo3@ietf.org>>, 
"lizho....@gmail.com<mailto:lizho....@gmail.com>" 
<lizho....@gmail.com<mailto:lizho....@gmail.com>>, 
"draft-pang-nvo3-vxlan-path-detect...@tools.ietf.org<mailto:draft-pang-nvo3-vxlan-path-detect...@tools.ietf.org>"
 
<draft-pang-nvo3-vxlan-path-detect...@tools.ietf.org<mailto:draft-pang-nvo3-vxlan-path-detect...@tools.ietf.org>>,
 Li Yizhou <liyiz...@huawei.com<mailto:liyiz...@huawei.com>>
Subject: Re: [nvo3] New draft: Path Detection in VXLAN Overlay Network

Hi

Why is efficient important? I am assuming trace route is used for diagnostic 
purpose. So a DC manager will probably run only a few of these trace routes at 
a time.

Regards,
Shahram


On Jul 8, 2015, at 9:11 PM, Dacheng Zhang 
<dacheng....@alibaba-inc.com<mailto:dacheng....@alibaba-inc.com>> wrote:

Hi， Shahram：

According to the feedback from the DC manager, this solution is more efficient. 
Assume a scenario, there are n paths and the length of each path is l. Using 
TTL, n*l packets needs to be generated to check all the paths while n packets 
needs to be generated in our solution.



发件人: nvo3 <nvo3-boun...@ietf.org<mailto:nvo3-boun...@ietf.org>> on behalf of 
"Deepak Kumar (dekumar)" <deku...@cisco.com<mailto:deku...@cisco.com>>
日期: 2015年7月7日 星期二 上午6:49
至: Shahram Davari <dav...@broadcom.com<mailto:dav...@broadcom.com>>, 
"lizho....@gmail.com<mailto:lizho....@gmail.com>" 
<lizho....@gmail.com<mailto:lizho....@gmail.com>>, liyizhou 
<liyiz...@huawei.com<mailto:liyiz...@huawei.com>>, tom 
<t...@herbertland.com<mailto:t...@herbertland.com>>
抄送: 
"draft-pang-nvo3-vxlan-path-detect...@tools.ietf.org<mailto:draft-pang-nvo3-vxlan-path-detect...@tools.ietf.org>"
 
<draft-pang-nvo3-vxlan-path-detect...@tools.ietf.org<mailto:draft-pang-nvo3-vxlan-path-detect...@tools.ietf.org>>,
 nvo3 <nvo3@ietf.org<mailto:nvo3@ietf.org>>, maxpassion 
<maxpass...@gmail.com<mailto:maxpass...@gmail.com>>
主题: Re: [nvo3] New draft: Path Detection in VXLAN Overlay Network

Hi Shahram,

From: Shahram Davari <dav...@broadcom.com<mailto:dav...@broadcom.com>>
Date: Monday, July 6, 2015 at 1:46 PM
To: dekumar <deku...@cisco.com<mailto:deku...@cisco.com>>, 
"lizho....@gmail.com<mailto:lizho....@gmail.com>" 
<lizho....@gmail.com<mailto:lizho....@gmail.com>>, Li Yizhou 
<liyiz...@huawei.com<mailto:liyiz...@huawei.com>>, tom 
<t...@herbertland.com<mailto:t...@herbertland.com>>
Cc: 
"draft-pang-nvo3-vxlan-path-detect...@tools.ietf.org<mailto:draft-pang-nvo3-vxlan-path-detect...@tools.ietf.org>"
 
<draft-pang-nvo3-vxlan-path-detect...@tools.ietf.org<mailto:draft-pang-nvo3-vxlan-path-detect...@tools.ietf.org>>,
 nvo3 <nvo3@ietf.org<mailto:nvo3@ietf.org>>, maxpassion 
<maxpass...@gmail.com<mailto:maxpass...@gmail.com>>
Subject: RE: [nvo3] New draft: Path Detection in VXLAN Overlay Network

Deepak,

If TTL works then why invent a new method. Also this draft is very different 
from ETH Link Trace, since in Ethernet Link-Trace it is the MAC address that 
triggers the MIP lookup, while this draft requires deep packet inspection.

Agreed. Yes ETH-LT is generated with multicast class2 DA and etype so any of 
these fields can be used to identify oam packet, In this scenario as we are 
inside tunnel and to track the packet, Deep packet inspection is required to 
identify OAM frame if we want to keep it flowing in hardware and identify 
ingress and egress interface without involving the cpu.

Thanks,
Deepak


UP-MIP (that resides in egress interface) that uses TTL expiry is already 
defined for MPLS in RFC 7054 and can be used in IP tunnels as well.

Thx
Shahram



From: Deepak Kumar (dekumar) [mailto:deku...@cisco.com]
Sent: Monday, July 06, 2015 1:31 PM
To: Shahram Davari; lizho....@gmail.com<mailto:lizho....@gmail.com>; liyizhou; 
tom
Cc: 
draft-pang-nvo3-vxlan-path-detect...@tools.ietf.org<mailto:draft-pang-nvo3-vxlan-path-detect...@tools.ietf.org>;
 nvo3; maxpassion
Subject: Re: [nvo3] New draft: Path Detection in VXLAN Overlay Network

TTL use is fine and it works with existing hardware, but what this document is 
trying to provide another alternate approach where all devices are OAM capable 
and can look at O bit.
In carrier Ethernet, CFM also generates Link trace message (single message) and 
all mip reply with link trace reply from both ingress and egress MIP along the 
path.

As per my understanding what this draft is adding MIP in the ip network as 
whole network is OAM capable (especially datacenters), and the MIP are copying 
the packet and  cpu is filling the ingress and egress interface from actual 
forwarding copy of packet, along the path and redirect to controller but packet 
keeps forwarding like normal data packet.

R1 —— R2—— R3

Now if packet keeps forwarded in hardware in R2, and MIPs are placed on all 
interfaces, then you get correct ingress interface when R2 ingress mip is hit 
and correct egress interfce when R2 egress mip is hit and thus ingress and 
egress interface is provided.

With TTL approach, once packet is punted to cpu, we can also  figure out egress 
interface by calling hardware forwarding hashing algorithm, but then it’s cpu 
driven and not hardware copy of the exact data frame. Now forwarding hashing 
algorithm should be able to find the exact physical link if virtual links are 
present.

Thanks,
Deepak

From: Shahram Davari <dav...@broadcom.com<mailto:dav...@broadcom.com>>
Date: Monday, July 6, 2015 at 12:01 PM
To: "lizho....@gmail.com<mailto:lizho....@gmail.com>" 
<lizho....@gmail.com<mailto:lizho....@gmail.com>>, Li Yizhou 
<liyiz...@huawei.com<mailto:liyiz...@huawei.com>>, tom 
<t...@herbertland.com<mailto:t...@herbertland.com>>, dekumar 
<deku...@cisco.com<mailto:deku...@cisco.com>>
Cc: 
"draft-pang-nvo3-vxlan-path-detect...@tools.ietf.org<mailto:draft-pang-nvo3-vxlan-path-detect...@tools.ietf.org>"
 
<draft-pang-nvo3-vxlan-path-detect...@tools.ietf.org<mailto:draft-pang-nvo3-vxlan-path-detect...@tools.ietf.org>>,
 nvo3 <nvo3@ietf.org<mailto:nvo3@ietf.org>>, maxpassion 
<maxpass...@gmail.com<mailto:maxpass...@gmail.com>>
Subject: RE: [nvo3] New draft: Path Detection in VXLAN Overlay Network

I agree. You should use TTL. TTL use will also solve layer violation issue.

Thx
SD

From: nvo3 [mailto:nvo3-boun...@ietf.org] On Behalf Of 
lizho....@gmail.com<mailto:lizho....@gmail.com>
Sent: Monday, July 06, 2015 6:21 AM
To: liyizhou; tom; dekumar
Cc: 
draft-pang-nvo3-vxlan-path-detect...@tools.ietf.org<mailto:draft-pang-nvo3-vxlan-path-detect...@tools.ietf.org>;
 nvo3; maxpassion
Subject: Re: [nvo3] New draft: Path Detection in VXLAN Overlay Network

If we use TTL, at least we could say the path between ingress and egress node 
is OK if OAM is OK. Because the OAM packet goes through exactly the same 
forwarding behavior as the data packets. But for the mechanims in this 
document, if OAM is OK, we could not say the data path is OK. We could only get 
to know that the link between the nodes along the path is OK. That's the 
difference between this new OAM and other OAM mechanism (e.g., TTL based).

________________________________
Regards
Lizhong

From: Liyizhou<mailto:liyiz...@huawei.com>
Date: 2015-07-06 14:58
To: Lizhong Jin<mailto:lizho....@gmail.com>; 'Tom 
Herbert'<mailto:t...@herbertland.com>; 'Deepak Kumar 
(dekumar)'<mailto:deku...@cisco.com>
CC: nvo3@ietf.org<mailto:nvo3@ietf.org>; 'Dapeng 
Liu'<mailto:maxpass...@gmail.com>; 
draft-pang-nvo3-vxlan-path-detect...@tools.ietf.org<mailto:draft-pang-nvo3-vxlan-path-detect...@tools.ietf.org>
Subject: RE: [nvo3] New draft: Path Detection in VXLAN Overlay Network
Hi Lizhong,

No matter which way we use to capture a packet for further diagnose, it always 
involves additional operations. Here following real data path is guaranteed.

If we take receiving packet along the path as positive, there may be little 
chance of false negative, e.g. data path is ok but replication of frame at some 
node is not working so that the central sever misinterprets it as a loss of the 
packet. However the next node will receive that packet and report it correctly 
in most of the cases. In extreme corner case, there is no more node along the 
path or all nodes have breaking replication function. Then it might be a false 
negative. I kind of think it happens in almost all the OAM mechanisms. Little 
chance like TTL=0 is not handled correctly, the response of ping is not 
generated correctly, etc.

I do not see a chance for false positive.

Thanks,
Yizhou

-----Original Message-----
From: Lizhong Jin [mailto:lizho....@gmail.com]
Sent: Monday, July 06, 2015 12:29 PM
To: Liyizhou; 'Tom Herbert'; 'Deepak Kumar (dekumar)'
Cc: nvo3@ietf.org<mailto:nvo3@ietf.org>; 'Dapeng Liu'
Subject: RE: [nvo3] New draft: Path Detection in VXLAN Overlay Network

Hi Yizhou,
The OAM packet with "copy/replicate" action will have different logic in the 
chip with the normal data packet (e.g., the OAM packet will generate 
"copy/replicate" action by special logic, and replicate one copy from original 
packet, but normal data packet may not have these logic in some design). That 
means they will have different data path in the chip. And loss of OAM packet 
could not be ensured that normal data packet is also data, and normal packet 
loss could not infer that OAM packet will also be lost.

Lizhong

> -----Original Message-----
> From: Liyizhou [mailto:liyiz...@huawei.com]
> Sent: 2015年7月6日 11:12
> To: Lizhong Jin; 'Tom Herbert'; 'Deepak Kumar (dekumar)'
> Cc: nvo3@ietf.org<mailto:nvo3@ietf.org>; 'Dapeng Liu'
> Subject: RE: [nvo3] New draft: Path Detection in VXLAN Overlay Network
>
> Hi Lizhong,
>
> I believe "copy" here means replicate. The original data packet will
> be keeping going to the final destination.
>
> Thank,
> Yizhou
>
> -----Original Message-----
> From: nvo3 [mailto:nvo3-boun...@ietf.org] On Behalf Of Lizhong Jin
> Sent: Monday, July 06, 2015 9:59 AM
> To: 'Tom Herbert'; 'Deepak Kumar (dekumar)'
> Cc: nvo3@ietf.org<mailto:nvo3@ietf.org>; 'Dapeng Liu'
> Subject: Re: [nvo3] New draft: Path Detection in VXLAN Overlay Network
>
> Hi guys,
> In the draft, it says:
> Each network device receives the Path Tracking packet from its
> upstream device, makes a copy of it and passes the copy to its CPU.
>
> That means the OAM packet will have different data path with the
> normal packet. The normal packet will not have "copy" action in the
> datapath. Then how could the OAM packet detect the liveness of the
> datapath? Did I missed something?
>
> Regards
> Lizhong
>
> > -----Original Message-----
> > From: Tom Herbert [mailto:t...@herbertland.com]
> > Sent: 2015年6月29日 23:37
> > To: Deepak Kumar (dekumar)
> > Cc: nvo3@ietf.org<mailto:nvo3@ietf.org>; Dapeng Liu
> > Subject: Re: [nvo3] New draft: Path Detection in VXLAN Overlay
> > Network
> >
> > On Mon, Jun 29, 2015 at 6:48 AM, Deepak Kumar (dekumar)
> > <deku...@cisco.com<mailto:deku...@cisco.com>> wrote:
> > > Hi Dapeng Liu,
> > >
> > > I support idea of hardware and controller based Path detection and
> > > tracking where whole network is OAM capable and packet keeps
> > > forwarding
> > in hardware.
> > > I believe you guys presented this solution in ONS summit also.
> > > You should explicitly call out in draft that this solution is not
> > > backward compatible and all switches require to be OAM capable in
> > > hardware to look at new bit to punt and copy the packet even in underlay.
> > >
> > VXLAN-GPE already defines an OAM bit. If all the hardware needs to
> > be updated anyway, why not just move to that and avoid having to
> > worry about the compatibility problem?
> >
> > Thanks,
> > Tom
> >
> > > Thanks,
> > > Deepak
> > >
> > > From: Dapeng Liu <maxpass...@gmail.com<mailto:maxpass...@gmail.com>>
> > > Date: Saturday, June 20, 2015 at 10:04 AM
> > > To: <nvo3@ietf.org<mailto:nvo3@ietf.org>>
> > > Subject: [nvo3] New draft: Path Detection in VXLAN Overlay Network
> > >
> > > Hello all,
> > >
> > > We have submitted a draft for path detection in VXLAN  overlay network.
> > > http://datatracker.ietf.org/doc/draft-pang-nvo3-vxlan-path-detecti
> > > on
> > > /
> > >
> > > The draft proposes a method for path detection in VXLAN network
> > > and it defines the path detection packet format by using one
> > > reserve bit in the VXLAN header.
> > >
> > > Comments & suggestions are welcomed.
> > >
> > >
> > > --
> > > Dapeng Liu
> > >
> > >
> > > _______________________________________________
> > > nvo3 mailing list
> > > nvo3@ietf.org<mailto:nvo3@ietf.org>
> > > https://www.ietf.org/mailman/listinfo/nvo3
> > >
> >
>
>
> _______________________________________________
> nvo3 mailing list
> nvo3@ietf.org<mailto:nvo3@ietf.org>
> https://www.ietf.org/mailman/listinfo/nvo3

_______________________________________________ nvo3 mailing list 
nvo3@ietf.org<mailto:nvo3@ietf.org> https://www.ietf.org/mailman/listinfo/nvo3
_______________________________________________
nvo3 mailing list
nvo3@ietf.org<mailto:nvo3@ietf.org>
https://www.ietf.org/mailman/listinfo/nvo3

_______________________________________________
nvo3 mailing list
nvo3@ietf.org
https://www.ietf.org/mailman/listinfo/nvo3