INTERNET-DRAFT Mingui Zhang Intended Status: Standards Track Jinwei Xia Huawei Fu Qiao China Mobile Muhammad Durrani Brocade Zu Qiang Ericsson Sujay Gupta IP Infusion Expires: June 18, 2016 December 16, 2015 YANG Data Model for Active-Active NVEs Configuration draft-zhang-nvo3-yang-active-active-cfg-03.txt Abstract When a Tenant System is not collocated with Network Virtualization Edges (NVEs), it's possible for this Tenant System to connect to a group of NVEs or a single NVE with multiple underlay IP addresses to use the active-active multihoming L2/L3 service provided by these NVEs. This document defines the YANG data model that can be used to configure NVEs of a NVO3 network to achieve active-active multi- homing. Status of this Memo This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/1id-abstracts.html The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html Mingui Zhang, et al Expires June 18, 2016 [Page 1] INTERNET-DRAFT YANG Data Model for Active-Active NVEsDecember 16, 2015 Copyright and License Notice Copyright (c) 2015 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Acronyms and Terminology . . . . . . . . . . . . . . . . . . . 3 2.1. Acronyms . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . 3 3. The YANG Model for NVO3 Configuration . . . . . . . . . . . . . 3 3.1. The Configuration Values . . . . . . . . . . . . . . . . . 3 3.1.1. The End Device ID . . . . . . . . . . . . . . . . . . . 3 3.1.2. The NVE IP List . . . . . . . . . . . . . . . . . . . . 4 3.1.2.1. The Priority . . . . . . . . . . . . . . . . . . . 4 3.1.2.2. The Virtual Access Points List . . . . . . . . . . 4 3.1.4. The Virtual Network Instance . . . . . . . . . . . . . 4 3.1.3. The Attached Tenant System Address List . . . . . . . . 4 3.2. Model Structure . . . . . . . . . . . . . . . . . . . . . . 5 3.3. YANG Module Code . . . . . . . . . . . . . . . . . . . . . 5 4. Security Considerations . . . . . . . . . . . . . . . . . . . . 8 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 8 6. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8 6.1. Normative References . . . . . . . . . . . . . . . . . . . 8 6.2. Informative References . . . . . . . . . . . . . . . . . . 9 Author's Addresses . . . . . . . . . . . . . . . . . . . . . . . . 10 Mingui Zhang, et al Expires June 18, 2016 [Page 2] INTERNET-DRAFT YANG Data Model for Active-Active NVEsDecember 16, 2015 1. Introduction Network virtualization over Layer 3 tunnels (NOV3) is a promising way for large scale data center network provision. In NVO3 architecture, the Network Virtualization Edge (NVE) sits at the edge of an overlay network of NVO3 and provides virtualized L2 and/or L3 service to the Tenant Systems (TS). At the Split-NVE scenario, where the NVE and the TS are not located in the same server (for example, the NVE resides on an adjacent switch to which the server is attached), it is possible that a Tenant System is multihomed to various NVEs or a single NVE with multiple under IP addresses. In that case, it's desirable that these NVEs provide the Tenant System with active- active multihoming. This document provides the YANG model for configuring NVEs to offer Tenant Systems with active-active L2 and/or L3 access, which admits centralized provisioning of virtualization (i.e. NVA based). 2. Acronyms and Terminology 2.1. Acronyms NVO3: Network Virtualization Overlays NVE: Network Virtualization Edge NVA: Network Authority Virtualization VNI: Virtual Network Instance VAP: Virtual Access Points [RFC7365] AANVE: Active-Active NVEs. The AANVE denotes the group of NVEs that offer active-active multi-homing VAPs to Tenant Systems. 2.2. Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. Familiarity with [RFC7364], [RFC7365], [I-D.ietf-nvo3-dataplane- requirements] and [RFC7348] is assumed in this document. 3. The YANG Model for NVO3 Configuration 3.1. The Configuration Values 3.1.1. The End Device ID The 'end-id' is the identification of an end device [RFC7365] which can either be an L2 (a LAN) or L3 (a subnetwork) network device. This ID also identifies the redundant group of NVEs that offers the L2/L3 Mingui Zhang, et al Expires June 18, 2016 [Page 3] INTERNET-DRAFT YANG Data Model for Active-Active NVEsDecember 16, 2015 active-active access to the NVO3 overlay network. This ID may be shared among different Virtual Networks (a.k.a, Closed User Groups, CUGs [RFC7365]). 3.1.2. The NVE IP List The 'nve-ip', which is the underlay IP address, can either be IPV4 or IPv6 [RFC7365]. If the network is configured according to the YANG model defined in this document, NVEs in an AANVE will discover each other's 'nve-ip' while remote NVEs learn the grouping of NVE IPs that are offering multi-homing to an end device. 3.1.2.1. The Priority For a BUM packet, the AANVE MUST determine a unique egress NVE otherwise the multi-homed Tenant System will see frame duplication. The 'priority' describes the primary and backup NVEs in an AANVE per VNI. For the BUM packet, the primary in the AANVE is supposed to act as the unique outgoing NVE. Other backup NVEs MUST NOT egress the BUM packet onto the end device. 3.1.2.2. The Virtual Access Points List The 'vap-list' specifies the interfaces that a NVE uses to connect to the multi-homed end device. For those VAPs listed in the 'vap-list', packets with ingress NVEs which are listed in the same AANVE as the VAPs' hosted NVE MUST NOT be egressed. This embodies the split- horizon. When a NVE is configured to have more than one VAPs for a given AANVE, the NVE MUST determine a unique VAP to deliver a received packet to the local tenant system. 3.1.4. The Virtual Network Instance The 'vni' specifies the identification of Virtual Network Instance [RFC7365]. The 'multi-attached-info' configuration is valid per VNI. 3.1.3. The Attached Tenant System Address List The 'attached-ts-addresses' given in the model is used to configure NVEs within a VNI the Tenant System MAC/IP addresses attached to the multi-homed end device. From the configuration, remote NVEs learn these addresses are multi-homed to the nve-ip listed in the 'nve-ip- list', therefore packet destined to these addresses are reachable via any of the listed NVEs. One of the learned NVEs will be installed Mingui Zhang, et al Expires June 18, 2016 [Page 4] INTERNET-DRAFT YANG Data Model for Active-Active NVEsDecember 16, 2015 into the data plane as the egress NVE on a per-VNI or per-ts-address basis. For L2 service, the MAC list in the configuration is prone to be more unstable than other part. Control protocols can be used to push the update of the MAC list per VNI. For example, [I-D.dunbar-nvo3-nva- mapping-distribution] can be used to distribute the MAC address of Tenant Systems. When the updated MAC list is pushed, it's REQUIRED that the 'end-id' is taken along. Through hearing the 'end-id', remote NVEs can identify the AANVE to which the pushed MAC addresses are attached. 3.2. Model Structure module: ietf-nvo3-aanve +--rw active-active-nve-groups* [end-id] +--rw end-id END-DEVICE-ID +--rw multi-attached-info +--rw nve-ip-list* [nve-ip] | +--rw nve-ip NVE-IP | +--rw priority? enumeration | +--rw vap-list* if:interface-ref +--rw vni? VNI +--rw attached-ts-addresses* TS-ADDRESS Figure 3.1. The tree of YANG module for active-active configuration 3.3. YANG Module Code file "ietf-nvo3-aanve@2015-12-16.yang" module ietf-nvo3-aanve { namespace "urn:ietf:params:xml:ns:yang:ietf-nvo3-aanve"; prefix ietf-nvo3-aanve; import ietf-inet-types { prefix "inet"; } import ietf-interfaces { prefix if; } import ietf-yang-types { prefix yang; } organization "IETF NVO3 Working Group"; contact "zhangmingui@huawei.com"; description "The module for nvo3 active-active edge configuration"; Mingui Zhang, et al Expires June 18, 2016 [Page 5] INTERNET-DRAFT YANG Data Model for Active-Active NVEsDecember 16, 2015 revision 2015-12-16 { description "Initial revision."; reference "RFC 7364"; } typedef NVE-IP { type union { type inet:ipv4-address; type inet:ipv6-address; } description "Defines addresses of different nves, IPv4 or IPv6"; } typedef END-DEVICE-ID{ type string; description "The identification of the end device that is multi-attached to those NVEs given by the 'nve-ip-list'; If the end device is an MC-LAG, it's an 8-octet value ID according to Section 5.3.2 in 802.1ax-2008"; } typedef VNI { type uint32{ range "1 .. 16777215"; } description "Virtual Network Instance (VNI)"; } typedef TS-ADDRESS{ type union{ type yang:mac-address; type inet:ipv4-address; type inet:ipv6-address; } description "The address of the Tenant System"; } list active-active-nve-groups{ key "end-id"; leaf end-id{ type END-DEVICE-ID; description "The identification of the end device that is Mingui Zhang, et al Expires June 18, 2016 [Page 6] INTERNET-DRAFT YANG Data Model for Active-Active NVEsDecember 16, 2015 multi-attached to the NVEs given in the 'nve-ip-list'."; } container multi-attached-info{ list nve-ip-list{ key "nve-ip"; leaf nve-ip{ type NVE-IP; description "The IP address of the NVE."; } description "Any NVE can deliver traffic of any VNI in the 'vni-list' in this container"; leaf priority { type enumeration { enum primary { value "1"; description "Primary egress NVE."; } enum backup { value "2"; description "Backup egress NVE."; } } description "Simple priority for distinguishing between primary and backup egress NVEs in an AANVE for BUM packets. Backup egress NVEs MUST NOT egress a BUM packet."; } leaf-list vap-list{ type if:interface-ref; description "This nve uses these interfaces to attach the end device link identified by the 'end-id'. These interfaces MUST NOT egress any packet whose source NVE is listed in the 'nve-ip-list'";//split horizon } } leaf vni { type VNI; description "A VNI enabled for the end device identified by the Mingui Zhang, et al Expires June 18, 2016 [Page 7] INTERNET-DRAFT YANG Data Model for Active-Active NVEsDecember 16, 2015 'end-id'"; } leaf-list attached-ts-addresses{ type TS-ADDRESS; description "The list of the Tenant System Addresses that are connected to the end device identified by the 'end-id'. For any address in this list, the remote nve can sent traffic towards it within the 'vni' via any nve given in the nve-ip-list'"; } description "The information about the multi-attached NVE group."; } description "The information for the group of NVEs that are multiply attached by a TS."; } } 4. Security Considerations This document raises no new security issues. 5. IANA Considerations The namespace URI defined in Section 3.3 need be registered in the IETF XML registry [RFC3688]. This document need to register the 'ietf-nvo3-aanve' YANG module in the YANG Module Names registry [RFC6020]. 6. References 6.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, January 2004. [RFC6020] Bjorklund, M., Ed., "YANG - A Data Modeling Language for the Network Configuration Protocol (NETCONF)", RFC 6020, October 2010. Mingui Zhang, et al Expires June 18, 2016 [Page 8] INTERNET-DRAFT YANG Data Model for Active-Active NVEsDecember 16, 2015 6.2. Informative References [I-D.ietf-nvo3-arch] D. Black, J. Hudson, et al, "An Architecture for Overlay Networks (NVO3)", draft-ietf-nvo3-arch, work in progress. [RFC7364] Narten, T., Ed., Gray, E., Ed., Black, D., Fang, L., Kreeger, L., and M. Napierala, "Problem Statement: Overlays for Network Virtualization", RFC 7364, October 2014. [RFC7365] Lasserre, M., Balus, F., Morin, T., Bitar, N., and Y. Rekhter, "Framework for Data Center (DC) Network Virtualization", RFC 7365, October 2014. [RFC7348] Mahalingam, M., Dutt, D., Duda, K., Agarwal, P., Kreeger, L., Sridhar, T., Bursell, M., and C. Wright, "Virtual eXtensible Local Area Network (VXLAN): A Framework for Overlaying Virtualized Layer 2 Networks over Layer 3 Networks", RFC 7348, August 2014. [I-D.ietf-nvo3-dataplane-requirements] Nabil Bitar, Marc Lasserre, et al, "NVO3 Data Plane Requirements", draft-ietf-nvo3- dataplane-requirements, working in progress. [I-D.dunbar-nvo3-nva-mapping-distribution] L. Dunbar, D. Eastlake, "NVA Address Mapping Distribution (NAMD) Protocol", draft- dunbar-nvo3-nva-mapping-distribution, work in progress. Mingui Zhang, et al Expires June 18, 2016 [Page 9] INTERNET-DRAFT YANG Data Model for Active-Active NVEsDecember 16, 2015 Author's Addresses Mingui Zhang Huawei Technologies No. 156 Beiqing Rd. Haidian District, Beijing 100095 P.R. China EMail: zhangmingui@huawei.com Jinwei Xia Huawei Technologies No. 101 Software Rd. YuHua District, Nanjing 210012 P.R. China EMail: xiajinwei@huawei.com Fu Qiao China Mobile EMail: fuqiao@chinamobile.com Muhammad Durrani Brocade 130 Holger Way San Jose, CA 95134 EMail: mdurrani@brocade.com Zu Qiang Ericsson 8400, boul. Decarie Ville Mont-Royal, QC, Canada EMail: Zu.Qiang@Ericsson.com Sujay Gupta IP Infusion, RMZ Centennial Mahadevapura Post Mingui Zhang, et al Expires June 18, 2016 [Page 10] INTERNET-DRAFT YANG Data Model for Active-Active NVEsDecember 16, 2015 Bangalore - 560048 India EMail: sujay.gupta@ipinfusion.com Mingui Zhang, et al Expires June 18, 2016 [Page 11]