Internet DRAFT - draft-xia-nvo3-l2gw
draft-xia-nvo3-l2gw
Network working group L. Xia
Internet Draft L. Yong
Category: Standard Track Weiguo Hao
Huawei
Anoop Ghanwani
Dell
Ram Krishnan
Brocade
Expires: April 2015 October 27, 2014
Layer 2 Gateway (L2GW)
draft-xia-nvo3-l2gw-02
Abstract
A Layer 2 Gateway (L2GW) is used for interconnecting a Layer 2
overlay network [NVO3FRWK] and a Layer 2 bridged network [IEEE802.1Q]
to form a single Layer 2 virtual network. This draft describes data
plane interconnection and control plane interworking at the L2GW.
Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with
the provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other documents
at any time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on April 27, 2015.
Xia, et al. [Page 1]
�
Internet-Draft Layer 2 Gateway (L2GW) April, 2015
Copyright Notice
Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document.
Table of Contents
1. Introduction ................................................ 3
1.1. Conventions used in this document ...................... 3
1.2. Terminology ............................................ 3
2. L2GW Reference Model......................................... 4
3. General L2GW Operation Procedures ........................... 5
3.1. MAC Learning ........................................... 5
3.2. ARP Handling ........................................... 6
3.3. Dual L2GWs ............................................. 6
4. L2CP Review and Applicability to L2 Overlay Network ......... 8
4.1. STP/RSTP/MSTP ......................................... 10
4.2. PAUSE ................................................. 11
4.3. LACP/LAMP ............................................. 11
4.4. Link OAM .............................................. 12
4.5. Port Authentication ................................... 12
4.6. E-LMI ................................................. 13
4.7. LLDP .................................................. 13
4.8. PTP Peer Delay ........................................ 13
4.9. ESMC .................................................. 13
4.10. GARP/MRP Block........................................ 14
5. L2CP Processing in L2GWs ................................... 14
5.1. L2CP Frames Filtered (Peered or Discarded) in L2GW .... 14
5.2. L2CP Frames Passed through L2GW ....................... 15
6. Other Interworking Cases ................................... 15
7. Security Considerations .................................... 16
8. IANA Considerations ........................................ 16
9. References ................................................. 16
9.1. Normative References .................................. 16
9.2. Informative References ................................ 16
Xia, et al. [Page 2]
�
Internet-Draft Layer 2 Gateway (L2GW) April, 2015
1. Introduction
Cloud computing and network virtualization are evolving in the
direction of using network virtualization overlays over Layer 3
(NVO3). Some of the goals of NVO3 are -- fast and easy creation of
tenant networks, support tenant system mobility, and improved
manageability of all virtualized resources in the data center (DC).
Layer 2 (L2) overlay network in NVO3 means tenant systems are
interconnected at L2, while the NVEs are interconnected using Layer
3 (L3). As a result, it forms a full mesh topology of overlay
network, i.e. only one L2 hop between any pair of NVEs. On the other
hand, L2 bridged network is used to refer to the L2 network as
specified in IEEE 802.1Q [IEEE 802.1Q] in this draft.
In the first use case, involving DC network migration from physical
tenant systems to virtual tenant systems, it is expected that the L2
overlay network may be used along with an existing L2 bridged
network in a DC, and communication between them would be required.
In the last use case, a L2 bridged network would be used to connect
physical (non-virtualized) systems. These devices need to
communicate to virtualized networks for information exchange. Some
CPU-intensive applications such as big data analytics typically use
physical servers rather than making of use of server virtualization.
To interconnect two networks that are implemented with different
technologies (NVO3 and a bridged network), gateway functions are
needed on the device(s)/system(s) that interconnect them. This
device is referred to as a Layer 2 Gateway (L2GW) in this draft. The
device can be thought of as implementing an NVE that connects the
tenant systems in the L2 bridged network to tenant systems in the
NVO3 network.
1.1. Conventions used in this document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC-2119 [RFC2119].
1.2. Terminology
This document uses the terms defined in NVO3 framework [NVO3FRWK]
and architecture [NVO3ARCH] documents.
Xia, et al. [Page 3]
�
Internet-Draft Layer 2 Gateway (L2GW) April, 2015
2. L2GW Reference Model
The following figure shows a reference model where an L2GW provides
an interconnection between an L2 overlay network and an L2 bridged
network. It shows the case where two different technologies are
used to implement a single L2 network.
......... .........
+---+ ... .... . +------+
TSs-+NVE| +---------+ +-+Server|
+---+ L2 Overlay | | L2 Bridge . +------+
. Network | L2GW | Network .
. | | . +------+
..+---+ +---------+ +-+Server|
TSs-+NVE| ... .... ... +------+
+---+......... ........
Figure 1: L2GW Reference Model
The L2GW can reside at the edge of the network providing direct
connection to tenant systems, or reside at aggregation or core where
the tenant systems attach to L2 switches. To connect with an L2
overlay network, an L2GW device physically connects to the underlay
network on which the L2 overlay network is implemented and it
functions as an NVE, providing termination for the L2 overlay
network .
To provide node failure resilience, the reference model can further
be shown as in Figure 2, where two L2GWs interconnect the two
networks.
......... .........
+---+ ... .... . +------+
TSs-+NVE| +---------+ +-+Server|
+---+ L2 Overlay | L2GW | L2 Bridge . +------+
. Network +---------+ Network .
. . +------+
..+---+ +---------+ +-+Server|
TSs-+NVE| ...| L2GW |.... ... +------+
+---+......... +---------+ ........
Figure 2: Redundant L2GW Model
Note that this draft assumes that L2GW device embeds an L2 NVE as
well as IEEE802.1Q bridge functions.
Xia, et al. [Page 4]
�
Internet-Draft Layer 2 Gateway (L2GW) April, 2015
3. General L2GW Operation Procedures
3.1. MAC Learning
The MAC addresses for an L2 virtual network created by
interconnecting the two networks (the L2 overlay network and the L2
bridged network) needs to be distributed and/or learned at all NVEs
that participate in that L2 virtual network. If NVE-NVA architecture
is used, when an L2GW learns the MAC addresses from the bridged
network, the L2GW should notify NVA of the MAC addresses. The NVA
maintains the mapping of these MAC addresses from the L2GW, and
informs the other NVEs of the mappings.
Similarly, if the NVA maintains the mappings between a tenant
system's MAC address and NVE for an L2 virtual network, the NVA
would be expected to inform those mappings of MAC addresses to NVEs
to the L2GWs because the L2GWs also implement the functions of an
NVE. The L2GW maintains the mapping of VNID from the L2 overlay
network and VLAN ID in the bridged network. These mappings may be
manually configured at the L2GW or may be configured via the NVA.
The L2GW maintains a forwarding table per virtual network which has
all the MAC addresses learned from the bridged network as well as
all of the MAC addresses it received from the NVA for that virtual
network.
Upon receiving a packet from the overlay network, the L2GW
decapsulates the packet, performs the table lookup, and may insert a
VLAN ID (if the decapsulated frame doesn't already have one) or
modify the VLAN ID (if one is already present) prior to forwarding
it to the bridged network. If the destination MAC address of the
decapsulated packet is unknown (i.e. not present in the forwarding
table), the L2GW may choose to discard the packet or flood it on the
VLAN depending on the configured policy.
Upon receiving a frame from the L2 bridge network, the L2GW
encapsulates the frame prior to forwarding it to the remote NVE. If
the frame's MAC DA is unknown to L2GW, it will be discarded or
flooded to all the remote NVEs depending on the configured policy.
Note that the outer VLAN ID on the packet may be removed before the
encapsulation.
The two networks which are interconnected to form a single L2
virtual network MUST NOT have any overlapping MAC addresses; i.e.
the same MAC address cannot appear in the both the L2 overlay
network as well as the L2 bridged network.
Xia, et al. [Page 5]
�
Internet-Draft Layer 2 Gateway (L2GW) April, 2015
3.2. ARP Handling
To avoid ARP flooding in the L2 overlay network, the L2GW may
maintain an ARP cache locally and/or rely on NVA to maintain the ARP
table. For the purpose of maintaining the ARP cache locally, the
L2GW can snoop ARP requests from the bridged network and send ARP
replies back.
If the L2 overlay network supports ARP flooding, the L2GW can simply
flood ARP requests from one network to another.
3.3. Dual L2GWs
Two L2GWs may be used for network interconnection to support a
network that is resilient to node failures. These two L2GWs may
further operate in Active/Standby or Active/Active mode. In
Active/Standby mode, only one of the L2GWs is actively passing
traffic from one network to the other for a given L2 virtual network.
In Active/Active mode, both L2GWs pass traffic from one network to
the other for a given virtual network.
(TBD: Does this need to be restricted to only two L2GWs?)
In Active/Standby mode, to protect node failure, some protocol is
necessary between the L2GWs to facilitate status exchange and
determine which of them will operate in Active mode. The
Active/Standby role may be configured or automatically selected
based on an algorithm or policy. An L2GW should inform NVA about its
role, i.e., Active or Standby, and the NVA should ensure that the
active L2GW IP address is used in the mapping of (inner) MAC
addresses to (outer) IP address.
In Active/Active mode, NVA/NVEs have two paths to the bridge network
and vise versa. The NVEs in an overlay can choose one based on the
policy.
The following presents the problems that need to be addressed and
related solutions for Active/Active connection scenarios:
1. MAC flip-flop on remote NVEs
MAC learning on an L2GW can be performed either in data plane or
control plane. When a local host h1 attaches to multiple L2GWs,
address learning at the remote NVEs for a given host h1 may
experience what we refer to as the MAC flip-flop problem where h1
appears behind the NVE of one L2GW and then subsequently appears
Xia, et al. [Page 6]
�
Internet-Draft Layer 2 Gateway (L2GW) April, 2015
behind the NVE of the other L2GW, going back and forth in this
manner.
In the data plane learning scenario, an anycast L2GW IP address that
is shared among L2GWs may be used to avoid MAC flip-flop on remote
devices (NVEs, L2GWs, etc). When a bridged network attaches to
multiple L2GWs, any L2GW should use the shared anycast IP address,
rather than its own IP address, as the ingress NVE IP address when
it forwards NVO3 data frames into overlay network. Use of an
anycast L2GW IP address makes the MAC addresses learnt by the remote
devices appear to be behind a single source IP address rather than
multiple different source IP addresses.
In the control plane learning scenario (i.e. when NVA-NVE is used to
learn address mappings), if an L2 bridged network is multi-homed to
multiple L2GWs in Active/Active mode, each edge L2GW should announce
the MAC addresses of its attached end systems to all other devices
through NVE-NVA control plane protocol. For MAC addresses that
originate from multiple L2GWs, remote devices will learn the MAC
addresses as being associated with multiple ingress IP addresses and
will generate multiple MAC forwarding entries in ECMP mode. All edge
L2GWs should disable the data plane MAC learning function in their
NVEs; they must still continue to learn MAC addresses from traffic
received from the L2 bridged network. MAC address to NVE IP address
association should be learned only through the control plane. The
control plane must be aware of edge ports that are multi-homed to
multiple L2GWs.
2. Duplicated traffic from remote device
Frame duplication may occur when BUM (broadcast, unknown unicast,
multicast) traffics are forwarded bidirectionally between an L2
bridged network and a NVO3 network which have an Active/Active
connection through multiple edge L2GWs. The Designated Forwarder (DF)
election mechanism defined in [EVPN] can be used to resolve this
issue. According to [EVPN], multi-homing functions cover two
scenarios. For the MHN (Multi-Homed Network) scenario, DF election
mechanism allows only one L2GW of an edge group to forward BUM
traffics between NVO3 network and the L2 bridged network by two
directions for each VN. The basic idea of DF is to elect one L2GW
per VN from an edge group to be responsible for forwarding the BUM
traffics. For the MHD (Multi-Homed Device) scenario, the only
difference with MHN scenario is at the L2 bridged network side, MC-
LAG mechanism guarantees BUM traffics coming from L2 bridged network
only goes to one L2GW. DF mechanism is not needed in this direction.
3. Loops
Xia, et al. [Page 7]
�
Internet-Draft Layer 2 Gateway (L2GW) April, 2015
Consider the case where a bridged network originates a frame that is
sent as a BUM frame to the NVO3 network via an L2GW, say L2GW1, that
is one of multiple gateways interconnecting the bridged network and
the NVO3 network. This frame will be encapsulated and then forwarded
through NVO3 network and reach the other L2GW, say L2GW2, that is
also connected to the bridged network. In this case, if L2GW2
decapsulates the NVO3 frame and forwards it into the bridged network
where the frame originated, the frame loops endlessly. This is why
it is important to have only single designated forwarder for
multicast traffic.
4. Unsynchronized information among member L2GWs
A local L2GW, say L2GW1 in an edge group, may have learned a VLAN
and MAC to IP correspondence for a remote end system ES1 when ES1
sends a packet to local bridge. The returning traffic from local
bridge may go to any other member L2GW of MC-LAG, for example L2GW2.
To avoid flooding unicast traffic on L2GW2, MAC address should be
synchronized among the edge L2GWs in an edge group.
Additionally, to ensure DF election consistency, dynamic joined VLAN
through VLAN registration protocol (VRP, [IEEE 802.1ak] amendment to
the [IEEE 802.1Q]) and dynamic joined multicast group through IGMP
or MLD protocol should be synchronized among all L2GWs in an edge
group.
4. L2CP Review and Applicability to L2 Overlay Network
This Section mainly discusses which L2CP (Layer 2 Control Protocol,
specified in [IEEE 802.1Q]) should be supported by L2 overlay
network and which should not, Section 5 specifies how L2GW should
deal with L2CP frames.
L2CP protocols defined in [IEEE 802.1Q] are listed in Table 1:
+------------------+----------+----------+---------------------+
|MAC DA |Assignment| Protocol | L2CP Action |
| | | Type +----------+----------+
| | | |VLAN-based|PORT-based|
| | | | L2 | L2 |
| | | | services | services |
+------------------+----------+----------+----------+----------+
|01-80-C2-00-00-00 |Nearest |STP/RSTP/M|Filter |Pass |
| |Customer |STP, | | |
| |Bridge |LACP/LAMP | | |
+------------------+----------+----------+----------+----------+
Xia, et al. [Page 8]
�
Internet-Draft Layer 2 Gateway (L2GW) April, 2015
|01-80-C2-00-00-01 |IEEE MAC |PAUSE |Filter |Filter |
| |Specific | | | |
| |Control | | | |
| |Protocols | | | |
+------------------+----------+----------+----------+----------+
|01-80-C2-00-00-02 |IEEE 802 |LACP/LAMP,|Filter |Filter |
| |Slow |Link OAM, | | |
| |Protocols |ESMC | | |
+------------------+----------+----------+----------+----------+
|01-80-C2-00-00-03 |Nearest |Port |Filter |Filter |
| |non-TPRM |Authentica| | |
| |Bridge |tion, | | |
| | |LACP/LAMP | | |
+------------------+----------+----------+----------+----------+
|01-80-C2-00-00-04 |IEEE MAC | |Filter |Filter |
| |Specific | | | |
| |Control | | | |
| |Protocols | | | |
+------------------+----------+----------+----------+----------+
|01-80-C2-00-00-05 |Reserved | |Filter |Filter |
| |for Future| | | |
|01-80-C2-00-00-06 |Standardiz| | | |
| |ation | | | |
|01-80-C2-00-00-09 | | | | |
| | | | | |
|01-80-C2-00-00-0A | | | | |
+------------------+----------+----------+----------+----------+
|01-80-C2-00-00-07 |MEF ELMI |E-LMI |Filter |Filter |
+------------------+----------+----------+----------+----------+
|01-80-C2-00-00-08 |Provide | |Filter |Filter |
| |Bridge | | | |
| |Group | | | |
+------------------+----------+----------+----------+----------+
|01-80-C2-00-00-0B |Reserved | |Filter |Pass |
| |for Future| | | |
|01-80-C2-00-00-0C |Standardiz| | | |
| |ation | | | |
+------------------+----------+----------+----------+----------+
|01-80-C2-00-00-0D |Provider | |Filter |Pass |
| |Bridge | | | |
| |MVRP | | | |
+------------------+----------+----------+----------+----------+
Xia, et al. [Page 9]
�
Internet-Draft Layer 2 Gateway (L2GW) April, 2015
|01-80-C2-00-00-0E |Nearest |LLDP, PTP |Filter |Filter |
| |Bridge, |Peer Delay| | |
| |Individual| | | |
| |LAN Scope | | | |
+------------------+----------+----------+----------+----------+
|01-80-C2-00-00-20 | |GARP/MRP |Pass |Pass |
| | |Block | | |
| through | | | | |
| | | | | |
|01-80-C2-00-00-2F | | | | |
+------------------+----------+----------+----------+----------+
Table 1 L2CP protocols specification
Note:
Different L2CP protocols can use the same MAC DA in above block of
32 addresses, but be differentiated by protocol identifier. MAC DA
determines the intended recipient device for the frame;
Filter represent the L2CP action of peer or discard;
Based on whether L2 interface is VLAN-aware, L2 services can
divided into two categories: VLAN-based L2 services, PORT-based L2
services. L2CP action (peer, discard, pass) for these two L2
services is also different;
Whether the L2CP frames are peered or discarded is further
determined by the configuration of L2 interface.
Further analysis about whether a L2CP protocol is necessary and how
it is processed in NVO3 supported L2 VN, is provided in the
following sub sections.
4.1. STP/RSTP/MSTP
The Spanning Tree Protocol (STP) is a L2 protocol that ensures a
loop-free topology for any bridged Ethernet local area network. The
basic function of STP is to prevent bridge loops and the broadcast
storm that results from them. Rapid spanning Tree Protocol (RSTP)
and Multiple Spanning Tree Protocol (MSTP) are all the enhanced xSTP
protocols.
L2 overlay network does not need xSTP protocols to prevent bridge
loops because it has its own mechanism for it, i.e., NVA, control
Xia, et al. [Page 10]
�
Internet-Draft Layer 2 Gateway (L2GW) April, 2015
plane mechanisms, full mesh + split horizon, etc. So, the process of
xSTP frames in L2 VN is:
Be in line with L2CP protocols' specification of Table 1 from IEEE
in the L2 sub-networks attached to L2 NVEs;
xSTP frames are filtered in L2 NVEs and should not go into L2
overlay network.
4.2. PAUSE
[IEEE 802.3-2005] has specified a L2 flow control mechanism through
using the PAUSE frame. This frame uses L2CP MAC DA of 01-80-C2-00-
00-01 to be sent to the node at the other end of the link for
informing it to halt the frame transmission for a specified period
of time.
When L2 NVE is co-located in Hypervisor, PAUSE frame is not
necessary in one device. When they are separated, PAUSE frame is
only used in layer 2 network between L2 NVE and Hypervisor, there is
no need to overlay PAUSE frame between L2 NVEs. For the underlay
network of NVO3 network, L2 PAUSE mechanism is still used between
two adjacent switches for flow control.
4.3. LACP/LAMP
Link Aggregation [IEEE 802.1AXbk-2012] is a mechanism for making
multiple point-to-point links between a pair of devices appear to be
a single logical link between those devices. Link Aggregation
Control Protocol (LACP) and Link Marker Control Protocol (LAMP)
operate between exactly two peer devices for the purpose of creating,
verifying, and monitoring the logical link created by aggregating
individual links. Specific L2CP frames, known as Link Aggregation
Control Protocol Data Units (LACPDUs), are exchanged between the
peer devices on each individual link in the aggregation. The
protocol identifier used by LACP is an Ethertype with a value of
0x8809 (the ''Slow Protocols'' Ethertype) and subtype values 01 (for
LACP) and 02 (for LAMP). Note that LACP is used to represent LACP
and LAMP in the following text.
LACP uses 3 different L2CP MAC DAs to determine the scope of
propagation of LACPDUs within a bridged LAN, as Table 2 follows:
+----------------+------------------+-----------------------------+
|Assignment | L2CP MAC DA |Peered or discarded by |
Xia, et al. [Page 11]
�
Internet-Draft Layer 2 Gateway (L2GW) April, 2015
+----------------+------------------+-----------------------------+
|Nearest Customer| 01-80-C2-00-00-00|End Station, Customer Bridge,|
|Bridge | |Provider Edge Bridge |
+----------------+------------------+-----------------------------+
|IEEE 802 Slow | 01-80-C2-00-00-02|End Station, Customer Bridge,|
|Protocols | |Provider Edge Bridge, |
| | |Provider Bridge |
+----------------+------------------+-----------------------------+
|Nearest non-TPRM| 01-80-C2-00-00-03|Bridges except for Two Port |
|Bridge | |MAC Relay |
+----------------+------------------+-----------------------------+
Table 2 LACP specification of L2CP MAC DAs
Base on the summary of Table 2, LACPDUs with the L2CP MAC DA of 01-
80-C2-00-00-02 are peered or discarded by every node, so this kind
of LACPDUs will not be overlaid across the L2 overlay network. For
01-80-C2-00-00-00, it is possible that LACPDUs need to be overlaid
across Provider Bridge and L2 NVEs of L2 overlay network to reach
the other end Custom Bridge, L2 overlay network maybe need to
support to overlay this kind of LACP frame between L2 NVEs. How the
L2 overlay network support LACP frame of 01-80-C2-00-00-03 is TBD.
4.4. Link OAM
Lin OAM defined is defined in [IEEE 802.3ah], as mechanisms for
monitoring and troubleshooting Ethernet access links. Specifically
it defines tools for discovery, remote failure indication, remote
and local loopbacks and status and performance monitoring.
The Link OAM frames using L2CP MAC DA of 01-80-C2-00-00-02 are
peered or discarded by every node, so this kind of frame will not be
overlaid across the L2 overlay network.
4.5. Port Authentication
[IEEE 802.1X] is an IEEE Standard for Port-based Network Access
Control (PNAC). It is part of the IEEE 802.1 group of networking
protocols. It provides an authentication mechanism to devices
wishing to attach to a LAN or WLAN.
Whether or not the L2 overlay network needs to overlay this L2CP
frames is TBD.
Xia, et al. [Page 12]
�
Internet-Draft Layer 2 Gateway (L2GW) April, 2015
4.6. E-LMI
Ethernet Local Management Interface (E-LMI) [MEF-16] is a protocol
between the customer edge (CE) device and the provider edge (PE)
device. It runs only on the PE-CE UNI link and notifies the CE of
connectivity status and configuration parameters of Ethernet
services available on the CE port. E-LMI interoperates with an OAM
protocol, such as Connectivity Fault Management (CFM), that runs
within the provider network to collect OAM status. CFM runs at the
provider maintenance level (UPE to UPE with inward-facing MEPs at
the UNI). E-LMI relies on the OAM Ethernet Infrastructure (EI) to
interwork with CFM for end-to-end status of Ethernet virtual
connections (EVCs) across CFM domains.
The LLDP frames using L2CP MAC DA of 01-80-C2-00-00-07 are peered or
discarded by every node except for the Two Port MAC Relay (TPMR)
bridge, so this kind of frame will not be overlaid across the L2
overlay network.
4.7. LLDP
The Link Layer Discovery Protocol (LLDP) is a vendor-neutral link
layer protocol in the Internet Protocol Suite used by network
devices for advertising their identity, capabilities, and neighbors
on an IEEE 802 local area network, principally wired Ethernet. The
protocol is formally referred to by the IEEE as Station and Media
Access Control Connectivity Discovery specified in standards
document [IEEE 802.1AB].
The LLDP frames using L2CP MAC DA of 01-80-C2-00-00-0E are peered or
discarded by every node, so this kind of frame will not be overlaid
across the L2 overlay network.
4.8. PTP Peer Delay
PTP Peer Delay frame is specified in [IEEE 1588-2008] to carry PTP
peer time information. It uses L2CP MAC DA of 01-80-C2-00-00-0E and
peered or discarded by every node, so this kind of frame will not be
overlaid across the L2 overlay network.
4.9. ESMC
Ethernet Synchronization Messaging Channel (ESMC) is specified in
[ITU-T Rec. G.8264] for conveying clock information between
Synchronous Ethernet (SyncE) bridges.
Xia, et al. [Page 13]
�
Internet-Draft Layer 2 Gateway (L2GW) April, 2015
The ESMC frames using L2CP MAC DA of 01-80-C2-00-00-02 are peered or
discarded by every node, so this kind of frame will not be overlaid
across the L2 overlay network.
4.10. GARP/MRP Block
Multiple Registration Protocol (MRP), which replaced Generic
Attribute Registration Protocol (GARP), is a generic registration
framework defined by the [IEEE 802.1ak] amendment to the [IEEE
802.1Q] standard. MRP allows bridges, switches or other similar
devices to be able to register and de-register attribute values,
such as VLAN identifiers and multicast group membership across a
large LAN. MRP operates at the Data Link Layer.
The block of L2CP MAC DA from 01-80-C2-00-00-20 to 01-80-C2-00-00-2F
is used for MRP protocol. Now, only 01-80-C2-00-00-20 is for
Multiple MAC Registration Protocol (MMRP) and 01-80-C2-00-00-21 is
for Multiple VLAN Registration Protocol (MVRP), other L2CP MAC DA of
the block are all reserved for future use. Protocol using one
address of this block is passed by all the intervening bridges that
does not participate in the protocol using this address, and peered
or discarded by the bridge that participate in the protocol at last.
In order to send the MRP frames to all related nodes (i.e., NVEs,
bridges, etc) in one L2 overlay network, the MRP frames may require
to be overlaid across the L2 overlay network.
5. L2CP Processing in L2GWs
For all L2CP protocols, several differences exist between L2 overlay
network and L2 bridge network on how to process them. As the
demarcation point between L2 overlay network and L2 bridge network,
L2GW keeps the same action to all L2CP frames as before at the L2
bridge network side on the one hand, but maybe processes some L2CP
frames differently at the L2 overlay network side on the other hand.
The following sub sections will describe the L2CP process in L2GW.
5.1. L2CP Frames Filtered (Peered or Discarded) in L2GW
Although xSTP protocols using Nearest Customer Bridge address of 01-
80-C2-00-00-00 indicate that it can be overlaid across L2 overlay
network, they still are not necessary for L2 overlay network because
L2 overlay network has its own mechanism to prevent bridge loops. So
xSTP frames will be filtered by the L2GW and not go into the L2
overlay network.
Based on the analysis of section 3.3, LACP/LAMP frames using IEEE
802 Slow Protocols of 01-80-C2-00-00-02 are not necessary for L2
Xia, et al. [Page 14]
�
Internet-Draft Layer 2 Gateway (L2GW) April, 2015
overlay network. So, LACP/LAMP frames will be filtered by the L2GW
and not go into the L2 overlay network. ESMC frames using the same
MAC DA will also be filtered by L2GW.
For Link OAM frames, if OAM functions are necessary for the whole L2
network which interconnects L2 bridge network and L2 overlay network,
L2GW needs to support the interworking of OAM as well. This means
that L2GW should peer the Link OAM frames of L2 bridge network and
perform some actions between NVEs in L2 overlay network. The
detailed operation is TBD.
Other L2CP protocols that are filtered by L2GW and do not go into L2
overlay network include PAUSE, E-LMI, LLDP, PTP Peer Delay. The
basic reason is that they all require to be processed hop by hop in
L2 network strictly, but overlay network breaks this rule.
The action of ''filter'' can be ''peer'', or ''discard''. It depends on
the specific service requirement, i.e., does L2GW need to
participate in the L2CP protocol, etc. How to determine the specific
action is TBD.
5.2. L2CP Frames Passed through L2GW
Excepting for the aforementioned L2CP protocols filtered by L2GW,
the left L2CP protocols need to be passed through L2GW. They include:
LACP/LAMP frames using IEEE 802 Slow Protocols of 01-80-C2-00-00-
00;
GARP/MRP series protocols (i.e., MMRP, MVRP) using the MAC DA
block of 01-80-C2-00-00-20 through 01-80-C2-00-00-2F.
All these kinds of L2CP frames are passed through L2GW and traverse
across the L2 overlay network and L2 bridge network to arrive the
bridges that participate in the L2CP protocols. For MRP protocols,
another necessary operation of L2GW is to use the pre-provisioned
VLAN to virtual network instance (VNI) mappings in NVE locally or by
getting from NVA to map these MRP frames into corresponding VNIs.
6. Other Interworking Cases
There are other L2 bridge network technologies that use L2 Control
Plane protocols such as Provider Bridge [IEEE802.1AD] or Provider
Backbone Bridge [PBB] [IEEE802.1AH]. The use case of L2 Overlay
Xia, et al. [Page 15]
�
Internet-Draft Layer 2 Gateway (L2GW) April, 2015
Network interworking with these types of bridge networks is for the
further study.
Note that VPLS [RFC4761] [RFC4762], EVPN [EVPN], Shortest Path
Bridging [IEEE SPB] and TRILL [RFC6325] are also technologies for L2
private network implementation. These technologies rely on the
control plane protocol and aim for service provider network. SDN
controller interworking with such control plane protocol will be
addressed in separate draft.
7. Security Considerations
TBD.
8. IANA Considerations
The document does not require any IANA action.
9. References
9.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC2119, March 1997.
[RFC4761] Kompella, K. and Rekhter, Y. (Editors), "Virtual Private
LAN Service (VPLS) Using BGP for Auto-Discovery and Signaling", RFC
4761, January 2007
[RFC4762] Lasserre, M. and Kompella, V. (Editors), "Virtual Private
LAN Service (VPLS) Using Label Distribution Protocol (LDP)
Signaling", RFC 4762, January 2007.
[RFC6325] Perlman, R., "RBridges: Base Protocol Specification",
July 2011.
9.2. Informative References
[NVO3ARCH] Black, D, Narten, T., et al, "An Architecture for Overlay
Networks (NVO3)", draft-narten-nvo3-arch-01, work in progress
[NVO3FRWK] LASSERRE, M., Motin, T., et al, "Framework for DC Network
Virtualization", draft-ietf-nvo3-framework-07, work in progress.
[NVGRE] Sridharan, M., et al, "NVGRE: Network Virtualization using
Generic Routing Encapsulation", draft-sridharan-virtualization-
nvgre-03, work in progress
Xia, et al. [Page 16]
�
Internet-Draft Layer 2 Gateway (L2GW) April, 2015
[VXLAN] Mahalingam, M., Dutt, D., etc, "VXLAN: A Framework for
Overlaying Virtualized Layer 2 Networks over Layer 3 Networks",
draft-mahalingam-dutt-dcops-vxlan-05.txt, work in progress
[EVPN] Sajassi, A. and R. Aggarwal, "BGP MPLS Based Ethernet VPN",
draft-ietf-l2vpn-evpn-07, May 2014
[EVPN-REQ] A. Sajassi, R. Aggarwal et. al., "Requirements for
Ethernet VPN", RFC7209
[EVPN-MHN] Weiguo, Hao, Yizhou, Li, et al, "Multi-homed network in
EVPN", draft-hao-l2vpn-evpn-mhn-00, work in progress
[802.1Q] IEEE, "Media Access Control (MAC) Bridges and Virtual
Bridged Local Area Networks", IEEE Std 802.1Q-2011, August, 2011.
[IEEE 802.3-2005] "Part 3: Carrier sense multiple access with
collision detection (CSMA/CD) access method and physical layer
specifications"
[IEEE 802.1AXbk-2012] "IEEE Standard for Local and metropolitan area
networks--Link Aggregation Amendment 1: Protocol Addressing"
[IEEE 802.3ah] "IEEE Standard for Information technology--Local and
metropolitan area networks--Part 3: CSMA/CD Access Method and
Physical Layer Specifications Amendment: Media Access Control
Parameters, Physical Layers, and Management Parameters for
Subscriber Access Networks"
[IEEE 802.1X] "IEEE Standard for Local and metropolitan Area
Networks. Port-based Network Access Control"
[IEEE 802.1AB] "IEEE Standard for Station and Media Access Control,
Connectivity Discovery"
[MEF-16] Metro Ethernet Forum, MEF 16, Ethernet Local Management
Interface (E-LMI), January 2006.
[IEEE 1588-2008] "IEEE Standard for a Precision Clock
Synchronization Protocol for Networked Measurement and Control
Systems"
[IEEE 802.1ak] "IEEE Standard for Local and metropolitan Area
Networks - Virtual Bridged Local Area Networks, Amendment 7:
Multiple Registration Protocol"
Xia, et al. [Page 17]
�
Internet-Draft Layer 2 Gateway (L2GW) April, 2015
[IEEE 802.1AD], "Virtual Bridged Local Area Networks - Amendment 4:
Provider Bridges", 2005
[PBB] Clauses 25 and 26 of "IEEE Standard for Local and metropolitan
area networks - Media Access Control (MAC) Bridges and Virtual
Bridged Local Area Networks", IEEE Std 802.1Q, 2013.
[IEEE802.1AH] IEEE Draft P802.1ah/D4.2 "Virtual Bridged Local Area
Networks, Amendment 6: Provider Backbone Bridges", 2008
[IEEE SPB] "IEEE standard for local and metropolitan area networks:
Media access control (MAC) bridges and virtual bridged local area
networks -- Amendment 20: Shortest path bridging", IEEE 802.1aq,
June 2012.
[ITU-T Rec. G.8264] "Distribution of Timing Through Packet Networks"
Authors' Addresses
Liang Xia (Frank)
Huawei Technologies
Email: frank.xialiang@huawei.com
Lucy Yong
Huawei Technologies, USA
Email: lucy.yong@huawei.com
Weiguo Hao
Huawei Technologies
101 Software Avenue,
Nanjing 210012
China
Phone: +86-25-56623144
EMail: haoweiguo@huawei.com
Anoop Ghanwani
Dell
Xia, et al. [Page 18]
�
Internet-Draft Layer 2 Gateway (L2GW) April, 2015
Email: anoop@alumni.duke.edu
Ram (Ramki) Krishnan
Brocade
Email: ramk@brocade.com
Xia, et al. [Page 19]
�
