1 © 2004 Cisco Systems, Inc. All rights reserved. L2VPN RADIUS - IETF 61 L2VPN RADIUS Auto-discovery and provisioning Mark Townsley, Greg Weber, Wei Luo,

Slides:



Advertisements
Similar presentations
History of VPLS at IETF Ali Sajassi November 12, 2002.
Advertisements

Copyright © 2004 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 BGP based Virtual Private Multicast Service Auto-Discovery and Signaling.
1 Analysis of VPLS Deployment R. Gu, J. Dong, M. Chen, Q. Zeng (Huawei) Z. Liu (China Telecom) IETF80 L2VPN Mar Prague draft-gu-l2vpn-vpls-analysis-00.
Pseudowire freeze mechanism draft-jin-pwe3-pw-freeze-00 Lizhong Jin Bhumip. Khasnabish.
Leaf discovery mechanism for mLDP based P2MP/MP2MP LSP
LDP extensions for Explicit Pseudowire to transport LSP mapping draft-cao-pwe3-mpls-tp-pw-over-bidir-lsp-02.txt Mach Chen Wei Cao.
Identifying MPLS Applications
BGP L2VPN Auto-discovery and Signaling
Copyright © 2004 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Multicast in BGP/MPLS VPNs and VPLS draft-raggarwa-l3vpn-mvpn-vpls-mcast-
Juniper Networks, Inc. Copyright © L2 MPLS VPNs Hector Avalos Technical Director-Southern Europe
Copyright © 2004 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Point-to-Multipoint Pseudowire Signaling and Auto-Discovery in Layer.
All Rights Reserved © Alcatel-Lucent 2006, ##### Scalability of IP/MPLS networks Lieven Levrau 30 th April, 2008 France Telecom, Cisco Systems, uawei Technologies,
Classical Ethernet Services, Evolution to VPLS (an L2VPN), VPLS Operation Vishal Sharma, Ph.D. Metanoia, Inc. Web:
Pseudowire Endpoint Fast Failure Protection draft-shen-pwe3-endpoint-fast-protection-00 Rahul Aggarwal Yimin Shen
Benchmarking Carrier Ethernet Technologies Workshop Session MI.1: PW/MPLS Krakow, Poland Lieven Levrau 30 th April 2008.
IETF 59, March 2004Mustapha AïssaouiSlide 1 OAM Procedures for VPWS Interworking draft-aissaoui-l2vpn-vpws-iw-oam-00 Mustapha Aïssaoui, Matthew Bocci,
Draft-li-l2vpn-ccvpn-arch-00IETF 88 L2VPN1 An Architecture of Central Controlled Layer 2 Virtual Private Network (L2VPN) draft-li-l2vpn-ccvpn-arch-00 Zhenbin.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—6-1 Complex MPLS VPNs Introducing Managed CE Router Service.
Requirements for MEF E-Tree Support in VPLS draft-key-l2vpn-vpls-etree-reqt-00 Presenter: Frederic Jounay IETF78, July 2010 Authors: Raymond Key Simon.
SMUCSE 8344 MPLS Virtual Private Networks (VPNs).
Copyright © 2004 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 77th IETF - Anahaim VPLS PE Model with E-Tree Support Yuanlong Jiang.
Network based IP VPN Architecture using Virtual Routers Jessica Yu CoSine Communications, Inc. Feb. 19 th, 2001.
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—5-1 MPLS VPN Implementation Using MPLS VPN Mechanisms of Cisco IOS Platforms.
1 © 2002, Cisco Systems, Inc. All rights reserved. Robert Raszuk – VPLS – Feb 2002 VPLS/TLS/DTLS/VPSN…. Robert Raszuk IOS Engineering – MPLS Development.
Encapsulating MPLS in UDP draft-xu-mpls-in-udp-02 Xiaohu Xu (Huawei) Marshall Eubanks (AmericaFree.TV) Lucy Yong (Huawei) Nischal Sheth.
© 2009 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 IETF 84 – Vancouver August 2012 LSP Ping Support for P2MP PWs (draft-jain-pwe3-p2mp-pw-lsp-ping-00.txt)
1 © 2002, Cisco Systems, Inc. All rights reserved. draft-nadeau-pwe3-vccv-00.txt IETF #56 San Francisco, CA USA Thomas D. Nadeau Monique.
Virtual Private Networks Juha Heinänen Song Networks.
72nd IETF Dublin July 2008 Framework and Requirements for Virtual Private Multicast Service (VPMS) draft-kamite-l2vpn-vpms-frmwk-requirements-01.txt Yuji.
1 © 2004 Cisco Systems, Inc. All rights reserved. L2VPN RADIUS - IETF 62 L2VPN RADIUS Auto-discovery and provisioning draft-ietf-l2vpn-radius-pe-discovery-01.
Signaling Root-Initiated Point-to-Multipoint Pseudowires using LDP draft-martini-pwe3-p2mp-pw-01.txt Frederic Journay (France Telecom)
Draft-jounay-pwe3-p2mp-pw-requirements-00.txt IETF 68 PWE3 Working Group Prague, March 2007 F. Jounay, P. Niger, France Telecom Y. Kamite, NTT Communications.
A Snapshot on MPLS Reliability Features Ping Pan March, 2002.
BGP L3VPN Virtual CE draft-fang-l3vpn-virtual-ce-01 Luyuan Fang Cisco John Evans Cisco David Ward Cisco Rex Fernando Cisco John Mullooly Cisco Ning So.
1MPLS QOS 10/00 © 2000, Cisco Systems, Inc. rfc2547bis VPN Alvaro Retana Alvaro Retana
Copyright © 2004 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Setup and Maintenance of Pseudo- Wires Using RSVP-TE Draft-raggarwa-rsvpte-pw-01.txt.
11/27/2015 draft-bocci-bryant-ms-pw-architecture-00.txt An Architecture for Multi-Segment Pseudo Wire Emulation Edge-to-Edge draft-bocci-bryant-pwe3-ms-pw-architecture-00.txt.
IETF 66 L1VPN Basic Mode Draft draft-ietf-l1vpn-basic-mode-00.txt Don Fedyk (Editor) Yakov Rekhter (Editor)
IETF 68, Prague 2007 Update on “BGP-based Auto- Discovery for L1VPNs” draft-ietf-l1vpn-bgp-auto-discovery-01.txt Don Fedyk Hamid Ould-Brahim.
Draft-boutros-l2vpn-evpn-vpws-00.txt Sami Boutros Ali Sajassi Samer Salam IETF 84, July 2012 Vancouver, Canada.
LDP autodiscovery Slide 1 IETF63 Paris L2VPN WG LDP Autodiscovery LDP-based Autodiscovery draft-stein-ldp-auto-00.txt joint work with Simon Delord.
MULTI-PROTOCOL LABEL SWITCHING Brandon Wagner. Lecture Outline  Precursor to MPLS  MPLS Definitions  The Forwarding Process  MPLS VPN  MPLS Traffic.
1 IETF 901draft-keyupate-l2vpn-fat-pw-bgp-01 Extensions to BGP Signaled Pseudowires to support Flow-Aware Transport Labels draft-keyupate-l2vpn-fat-pw-bgp-01.
PG 1 Multi-Segment Pseudowire Setup & Maintenance using LDP draft-balus-mh-pw-control-protocol-02.txt Authors David McDysan (MCI), Mike Duckett (Bellsouth),
73rd IETF Minneapolis Nov Framework and Requirements for Virtual Private Multicast Service (VPMS) draft-kamite-l2vpn-vpms-frmwk-requirements-02.txt.
Draft-jounay-pwe3-p2mp-pw-requirements-01.txt IETF 70 PWE3 Working Group Vancouver, December 2007 F. Jounay, P. Niger, France Telecom Y. Kamite, NTT Communications.
BGP-based Auto-discovery mechanism for l1vpns draft-ouldbrahim-l1vpn-bgp-autodiscovery-00.txt Hamid Ould-Brahim Don Fedyk Yakov Rekhter IETF 64, 11/05,
August 2004draft-bocci-2vpn-pnni-mpls-iw-01.txt Signalling Interworking for ATM VPWS draft-bocci-l2vpn-pnni-mpls-iw-01 Matthew Bocci, Mustapha Aissaoui,
VPLS Applicability Draft draft-lasserre-l2vpn-vpls-ldp-applic-00 Marc Lasserre - Riverstone Xipeng Xiao – Riverstone Yetik Serbest – SBC Cesar Garrido.
Copyright © 2004 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 draft-ietf-l2vpn-evpn-vpls-integration- 00.txt A. Sajassi (Cisco),
Yaakov (J) Stein RAD Data Communications, Ltd. PW usage nits.
Applicability of Existing Solutions to the Problem Space draft-takeda-l1vpn-applicability-03.txt.
PG 1 Multi-hop Pseudowire Setup and Maintenance using LDP draft-balus-mh-pw-control-protocol-00.txt David McDysan, MCI Florin Balus, Nortel.
Copyright © 2004 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Multicast in VPLS draft-raggarwa-l2vpn-vpls-mcast-00.txt Rahul Aggarwal.
Pseudo Wire (PW) Virtual Circuit Connection Verification (VCCV) Update Thomas D. Nadeau Cisco Systems, Inc Rahul Aggarwal (Presenter) Juniper Networks.
VS (Virtual Subnet) draft-xu-virtual-subnet-03 Xiaohu Xu IETF 79, Beijing.
BGP-based Auto-Discovery for L2VPNs draft-hlmu-l2vpn-bgp-discovery-00.txt Sue Hares - Vasile Radoaca -
25 July Pseudowire Communities draft-pkwok-pwe3-pw-communities-01 Paul Kwok Pranjal Dutta Frederic Jounay draft-pkwok-pwe3-pw-communities-01 IETF-81.
IETF YANG models for VLAN interface classification draft-wilton-netmod-intf-vlan-yang Robert Wilton (Cisco)
Supporting Advanced Scientific Computing Research Basic Energy Sciences Biological and Environmental Research Fusion Energy Sciences High Energy Physics.
Copyright © 2004 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Multicast in VPLS draft-raggarwa-l2vpn-vpls-mcast-01.txt draft-raggarwa-l2vpn-vpls-mcast-ctrl-00.txt.
Copyright © 2004 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 draft-sajassi-bess-evpn-vpls-seamless- integ-00.txt A. Sajassi (Cisco),
1 RST _05_2001_c1 © 2001, Cisco Systems, Inc. All rights reserved. SPVC Service Spanning ATM & PWE3/PSN George Swallow
IETF 67, Nov 2006Slide 1 VCCV Extensions for Multi- Segment Pseudo-Wire draft-hart-pwe3-segmented-pw-vccv-01.txt draft-ietf-pwe3-segmented-pw-04.txt Mustapha.
L2VPN Provisioning & Signaling
Point-to-Multipoint Pseudo-Wire Encapsulation draft-raggarwa-pwe3-p2mp-pw-encaps-00.txt R. Aggarwal (Juniper)
Yimin Shen (Juniper) Rahul Aggarwal (Arktan Inc)
78th IETF Meeting - Maastricht 27th, July 2010
Kireeti Kompella Juniper Networks
EVPN a very short introduction
Presentation transcript:

1 © 2004 Cisco Systems, Inc. All rights reserved. L2VPN RADIUS - IETF 61 L2VPN RADIUS Auto-discovery and provisioning Mark Townsley, Greg Weber, Wei Luo, Skip Booth (Juha Heinanen) IETF 61

222 © 2004 Cisco Systems, Inc. All rights reserved. L2VPN RADIUS – IETF 61 Some issues with current version of draft-ietf-l2vpn-radius-pe-discovery Good document, but… Narrowly focused, targeted primarily at VPLS Does not take advantage of newly defined RADIUS CoA extensions (RFC3576), instead requiring periodic polling of the RADIUS server to detect changes in provisioning Requires stateful extension to RADIUS servers, e.g., advertising PE identity via attributes in access request messages rather than relying on a centralized configuration database

333 © 2004 Cisco Systems, Inc. All rights reserved. L2VPN RADIUS – IETF 61 L2VPN RADIUS - Goals for Updating Document Generalize RADIUS PE discovery to be applicable to a wider range of L2VPN models (e.g., allow VPWS and VPLS) Better align with L2VPN terminology and architecture More alignment with existing RADIUS server capabilities: Stateless operation (no “polling” by the PE, etc.) Centralized configuration Strive for “Zero-Touch” provisioning. i.e., new CEs to be deployable with little to no impact on PE configuration. Applicable to MPLS or L2TPv3

444 © 2004 Cisco Systems, Inc. All rights reserved. L2VPN RADIUS – IETF 61 L2VPN Authorization Steps 1. CE/AC Authorization – Attachment Circuit to VPN ID 2. VPN Authorization – VPN ID to PE Membership 3. PW Authorization – PE Membership to PW signaling CE PE Each step is independent and may be performed by any combination of local configuration, RADIUS, BGP, etc.

555 © 2004 Cisco Systems, Inc. All rights reserved. L2VPN RADIUS – IETF 61 L2VPN Authorization Schema Defined using “Single-Sided Signaling” nomenclature Normalized for MPLS or L2TPv3 PWs Likely no need for draft-ietf-l2vpn-l2tp-radius-vpls-00.txt 3 records in schema does not necessarily imply 3 off-box transactions AC Record SAI (AGI+SAII) Service Type (VPLS, VPWS, IPLS, etc) Circuit-specific Parameters (QoS, etc) VPN Record PE Router ID + SAII, PE Router ID + SAII Pseudowire Record PW-specific parameters (TE Tunnel mapping, DSCP Setting, etc). Router ID + SAIIAGI (VPN ID) Router ID + Interface name, SAI, or CE Identity

666 © 2004 Cisco Systems, Inc. All rights reserved. L2VPN RADIUS – IETF 61 PE Router ID + SAII PW-specific parameters (Preferred-path, DSCP Setting, etc). PE Router ID + SAII PW-specific parameters (Preferred-path, DSCP Setting, etc). Collapsed Schema Parameters collapsed into single record to reduce the quantity of RADIUS transactions Particularly suited for VPWS, or VPLS with a limited number of PEs. Generic rule for PW setup: If Router ID from Auth Record is different from the local Router ID, use SAI as TAI in PW signaling (LDP or L2TPv3) Auth Record SAI (AGI+SAII) Service Type Circuit-specific Parameters (QoS, etc) PE Router ID + SAII PW-specific parameters (Preferred-path, DSCP Setting, etc). Router ID + Interface name, SAI, or CE identity

777 © 2004 Cisco Systems, Inc. All rights reserved. L2VPN RADIUS – IETF 61 VPWS Example AC Record Bandwidth: 40% Cell-packing: 1 Members: VPN-ID: atm1/0 1/100 AC Record Bandwidth: 40% Cell-packing: 1 Members: VPN-ID: atm2/0 2/100 Control Plane = LDP EXP = 0x03 Control Plane = LDP EXP = 0x03

888 © 2004 Cisco Systems, Inc. All rights reserved. L2VPN RADIUS – IETF 61 VPLS example AC Record AGI: foo.com VPN Record Members: , , , VPN-ID: 100 Pseudowire Record Preferred-path: tun1 Exp-setting: 0x :100 foo.com fe1/0.100 AC Record AGI: foo.com fe1/1.100 AC Record AGI: bar.com VPN Record Members: , , , VPN-ID: 200 Pseudowire Record Preferred-path: tun2 Exp-setting: 0x :200 bar.com fe2/0.100 AC Record AGI: bar.com fe2/1.100

999 © 2004 Cisco Systems, Inc. All rights reserved. L2VPN RADIUS – IETF 61 RADIUS Accounting RADIUS Accounting messages may be used for logging and billing Really makes sense only at the AC and PW, accounting on VPN PE-membership is not very useful

10 © 2004 Cisco Systems, Inc. All rights reserved. L2VPN RADIUS – IETF 61 Next Steps? Comments/suggestions? Update draft-ietf-l2vpn-radius-pe-discovery with something along the lines of what is in this presentation? Let draft-ietf-l2vpn-l2tp-radius-vpls-00.txt expire?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.