1. draft-bitar-nvo3-vpn-applicability-00.txt Page - 1 Cloud Networking: Framework and VPN Applicability draft-bitar-nvo3-vpn-applicability-00.txt Nabil Bitar (Verizon) Florin Balus, Marc Lasserre, and Wim Henderickx (Alcatel-Lucent) Ali Sajassi and Luyuan Fang (Cisco) Yuichi Ikejiri (NTT Communications) Mircea Pisica (BT)

2. draft-bitar-nvo3-vpn-applicability-00.txt Page - 2 Scope n Applicability of existing and evolving Ethernet, L2VPN, and L3VPN technologies to multi-tenant cloud networking and tradeoffs: –Addressing requirements for large scale multi-tenant data centers and cloud-networks –Intra-Data Center networks –Inter-data center connectivity Data centers can belong to the same data center service provider, different data center providers, the tenant, and any hybrid –Tenant vpn and public access to data centers –Scenarios– cloud networks n Challenges/Gaps that still require work

3. draft-bitar-nvo3-vpn-applicability-00.txt n DC GW – gateway to the outside world providing DC Interconnect and connectivity to Internet and VPN customers. n Core Switch/Router – high capacity core node, usually a cost effective Ethernet switch; may support routing capabilities. n ToR or Top of Rack – hardware-based Ethernet switch; may perform IP routing. n VSw or virtual switch – software based Ethernet switch running inside the server blades Typical Cloud Networking Architecture IP/MPLS Network Storage DC FW LB VM-based Appliances NAT VMs on Server Blades VM Customers with Application Requirements VPN PEs/xGW Multi-tenant Data Center DC GW Core ToR VSw

4. draft-bitar-nvo3-vpn-applicability-00.txt n Layer 3 option BGP/MPLS IP VPN n Layer 2 options VLANs and L2VPN toolset PBB and L2VPN toolset TRILL and L2VPN toolset VPN applicability to Cloud Networking

5. draft-bitar-nvo3-vpn-applicability-00.txt n Use full fledge IP VPN for L3 Virtualization inside a DC n IP VPN advantages Interoperates with existing WAN VPN technology Deployment tested, provides a full networking toolset Scalable core routing – only one BGP-MP routing instance is required compared with one per customer/tenant in the Virtual Routing case Service Auto-discovery - automatic discovery and route distribution between related service instances Well defined and deployed Inter-Provider/Inter-AS models Supports a variety of VRF-to-VRF tunneling options accommodating different operational models: MPLS [RFC4364], IP or GRE [RFC4797] n Connectivity models for customer IP VPN instances located in the WAN DC GW may participate directly in the WAN IP VPN Inter-AS Options A, B or C - applicability to both Intra and Inter-Provider use cases Integrated routing and bridging provides for L2 and L3 services – bridge in same bridging domain & route across LAN segments for same tenant BGP/MPLS IP VPN Applicability to Cloud Networking

6. draft-bitar-nvo3-vpn-applicability-00.txt n 12b VLAN tag used for Tenant identification Standardized by IEEE – (QoS, OAM, control plane etc…) Supported in merchant silicon, proven vendor interoperability Limits the number of services depending on the extent of the VLAN and the location of the L2VPN PE functionality Very widely deployed n L2VPN (VPLS/E-VPN) provides for emulation of LAN technology over IP/MPLS core and provide for service scale 802.1q + L2VPN applicability to Cloud Networking

7. draft-bitar-nvo3-vpn-applicability-00.txt n 24b ISID tag vs. 12b VLAN tag used for Tenant identification Expands L2 domains from 4K VLANs to 16M ISIDs Standardized in 2008 by IEEE – inherits current and future IEEE specs (QoS, OAM, control plane etc…) Supported in merchant silicon, proven vendor interoperability Deployed in a number of large service provider networks n L2VPN (PBB-VPLS/PBB-E-VPN) provides for PBB transport over IP/MPLS core and provide for service scale PBB + L2VPN applicability to Cloud Networking

8. draft-bitar-nvo3-vpn-applicability-00.txt NV03 – VPLS Functional Mapping Page - 8

9. draft-bitar-nvo3-vpn-applicability-00.txt NV03 – IP VPN Functional Mapping Page - 9

10. draft-bitar-nvo3-vpn-applicability-00.txt NV03 – E-VPN Functional Mapping Page - 10

11. draft-bitar-nvo3-vpn-applicability-00.txt n VM Mobility and Optimal traffic forwarding based on E-VPN, BGP/MPLS IP VPN and IP routing – see draft-rekhter-vm-mobility- solutions –Request by authors to integrate into the vpn applicability draft n ARP suppression discussed in PBB-EVPN (draft-ietf-l2vpn-pbb- evpn) and EVPN (draft-ietf-l2vpn-evpn) n End-system support for BGP-signaled IP/VPNs, “draft-marques- l3vpn-end-system-02” n Handling ARP scale – armd drafts Other work in progress

12. draft-bitar-nvo3-vpn-applicability-00.txt Gaps/Considerations n Auto-discovery and dynamic network service instantiation end-to-end as a result of VM instantiation or move –Current VPN models do not address this requirement –New protocols/mechanisms n NVE Location and existing solutions’ practical applicability – scalability/complexity –Differences between the NVE being on the server vs. hardware appliance. It maybe argued as being an implementation issue but needs to be considered –Depending on the requirements, this may require new protocol(s) – gap n NVI: –Size: number of service instances supported – L2VPN and L3VPN practically do not limit the number of services supported –Globality of the identifier vs. locality for tenant and service identification and any Implication of mobility – consideration n Traffic path optimization and traffic loss minimization upon VM move – new mechanisms/BCP n New DC protocols (e.g., VXLAN) and interworking with existing WAN technologies (e.g., L2VPN and L3VPN) Page - 12

13. draft-bitar-nvo3-vpn-applicability-00.txt n Merge materials from draft-rekhter-vm-mobility-solutions addressing VM mobility with existing solutions n Address private comments from Sue Hares related to ARMD references n Include nvo3-vpn mapping functional mapping tables n Potential re-organization of some sections in the draft n New co-authors – Authors of draft-hy-nvo3-vpn-protocol-gap-analysis will be co- authoring/contribution to this draft and materials will be leveraged/merged as applicable – John Drake Next steps