**Session Date/Time:** 09 Nov 2021 12:00

# bess

## Summary
The bess session at IETF 112 began with a status update, highlighting the publication of four new RFCs related to EVPN routing, and progress on numerous drafts across various stages including RFC Editor queue, IESG review, shepherd review, and Working Group Last Call. Several drafts are nearing or are ready for Working Group adoption. The session then moved into presentations covering a range of technical topics: MVPN seamless interop, EVPN fast reroute, securing EVPN with IPsec, extending BGP Domain Path for EVPN L2, IP aliasing, MVPN regional segmentation, controller-based MVPN provider tunnel discovery, SRv6 BGP services coexistence with MPLS, secure SLAAC integration with EVPN, advertising SPF discriminators in BGP, and distributed BUM forwarding in EVPN. Discussions focused on technical details, use cases, potential issues, and paths forward for these documents.

## Key Discussion Points

*   **Working Group Status Updates:**
    *   **Published RFCs:** Four new RFCs published, including two on EVPN routing (VRF IRB and IP prefix advertisement).
    *   **RFC Editor Queue:** One RFC (Proxy ARP/ND).
    *   **IESG/Shepherd Review:** Several drafts are under review, including EVPN LSP Ping (Matthew to write up) and Unequal Load Balancing (awaiting dependencies).
    *   **Working Group Last Call Queue:** EVPN Fast DF Recovery, Multicast Flow DF Election (soon ready for WGLC), Monotony Split Horizon (ready for WGLC), BGP Multicast (ready after update).
    *   **Working Group Last Call:** VSI-ETREE MAC Flash (low feedback, Routing Directorate review requested), EVPN VPWS FXC (missing IPR reply).
    *   **Working Group Adoption:** BGP EVGP DMZ (missing IPR response).
    *   **Document Updates:** MHPS BUM Protect (comments addressed, needs verification), EVPN Genies (comments to address), EVPN IPVPN Interworking (pending questions with IDR chairs).
    *   **EVPN SD-WAN Usage:** Request for WG Last Call. Clarified no normative dependency on IDR companion work (which is adopted, but requires two implementations in IDR).
    *   **RFC 7432bis:** Mechanical update incorporating auto-extract route targets (from RFC 8534) and specifying DF election behavior for IPv4 and IPv5.
    *   **YANG Models:** Mostly on hold.

*   **MVPN Seamless Interop (Cason):**
    *   Draft describes seamless interop between EVPN and MP-BGP (PE-PE), including optimized inter-subnet forwarding.
    *   Proposes using gateway devices (CPE) to reinterpret L2 EVPN in the MP-BGP domain, with DF election.
    *   Discussed four use cases based on IGMP/MLD proxy support and DF actions (learning L2 multicast state, acting as Latcher/FR, using BUM/MVPN tunnels).
    *   Proposed new flags (bit 12 and 13) in the EVPN Multicast Extended Community.
    *   *Discussion:* Luke Henry noted that bits 12 and 13 are already allocated in the OISM draft (in WG Last Call), advising removal from this draft. He also asked about consideration of OISM L2 multicast procedures.

*   **EVPN Fast Reroute (Luke Henry):**
    *   Addressed limitations of control plane-driven EVPN convergence (scale, topology dependent) and issues with using peer service label for edge redirect (loops, load balancing incompatibility).
    *   Proposed a local failure detection/restoration approach using a specially allocated *downstream "reroute label"* at the PE receiving the rerouted traffic.
    *   The reroute label's disposition is terminal (forward/drop regardless of AC state) to prevent loops and bypass DF election during reconvergence, achieving ~50ms restoration.
    *   *Discussion:* Bo Liu noted a similar prior draft. Greg Mirsky raised concerns about VLAN-aware bundle services, label allocation schemes (per BD/MAC/VRF), and forwarding model at egress PE.

*   **Secure EVPN (Ali):**
    *   Rev05 merges the companion IPsec NMM Control IKE draft, providing a comprehensive solution for rekeying, framework, architecture, and BGP routes.
    *   Key changes include new sections on IPsec SA generation, rekeying, and IPsec database generation (SPD/SAD/PAD).
    *   *Discussion:* Sue Hares inquired about the dependence of the Web of Trust in BGP for security associations and how section 4 of the draft relates, with Ali clarifying that BGP sessions (PE-RR/PE-PE) must be fully secured as a baseline.

*   **Domain Path for EVPN L2 Interconnect (Jorge):**
    *   Proposed extending the BGP Domain Path attribute (from EVPN IPVPN interworking) for EVPN Layer 2 routes, using SAFY type 70 for EVPN.
    *   This enables gateways to modify the D-path for loop detection, route traceability, and best path selection in scenarios like RFC 9014 interconnects.
    *   *Discussion:* Ali indicated the draft enhances RFC 9014 for multi-domain loop prevention and best path selection.

*   **IP Aliasing (Jorge):**
    *   Updated draft to include an example for interfaceless host routes and clarifications on using an Ethernet Segment Identifier (ESI) as a Layer 3 construct (set of L3 links, Type 4 ESI, router ID of multi-home SE).
    *   Added a section on compatibility with the unequal ECMP draft.

*   **MVPN Regional Segmentation (Jeffrey):**
    *   Extended RFC 7524's inter-area segmentation concept to inter-region and intra-region (within a single AS), utilizing BGP neighbor groups and border routers modifying tunnel attributes/segmented next-hop communities.
    *   Proposed "butt-node" support to stitch segments and handle local IP forwarding by replicating incoming packets.
    *   Introduced an optional procedure for ABRs to request an extra copy for local IP forwarding through tunnel encapsulation attributes in Leaf-AD routes.
    *   *Discussion:* Ali asked for clarification on redundancy and DF election aspects for multiple gateways, which Jeffrey stated is covered by RFC 7524 procedures.

*   **MVPN Controller for Provider Tunnel Discovery (Jeffrey):**
    *   Explored the role of a controller in MVPN/EVPN networks for provider tunnel discovery, specifically focusing on the controller participating in MVPN signaling to collect tree information.
    *   Described how the controller can learn leaf information (from Leaf-AD routes directed to the controller's address via an extended community) and set up trees.
    *   Proposed the controller advertising PIM-AD routes on behalf of ingress PEs, simplifying configuration and Distributed Common Block (DCB) label allocation.

*   **SRv6 BGP Services Coexistence with MPLS (Yao):**
    *   Identified issues with SRv6 BGP services coexisting with legacy MPLS VPNs, where legacy PEs might misinterpret SRv6 VPN routes as MPLS VPN routes, leading to traffic loss or misdirection.
    *   Proposed a new BGP capability code for SRv6 BGP Service. BGP speakers would only send SRv6 Service TLVs if this capability has been exchanged in the OPEN message, preventing misinterpretation by incapable devices.

*   **Secure Stateless Address Autoconfiguration (Pascal):**
    *   New draft highlighting the unreliability and insecurity of IPv6 SLAAC snooping for building EVPN state (silent nodes, stale addresses, uncertain location, DDoS vulnerability).
    *   Proposed integrating IETF's stateful and secure approaches for address configuration (RFC 505 / 8928) into EVPN.
    *   This would involve EVPN acting as a distributed database for 6LVR, and modifying the MAC Mobility Extended Community to include "proof of ownership" (hash) and a Transaction ID (TID) for secure movement detection.
    *   *Discussion:* Ali questioned why RFC 9047 (for ARP/ND extended community) wasn't used instead of extending the MAC Mobility Extended Community.

*   **Advertising SPF Discriminators in BGP (Youbo):**
    *   Addressed the manual configuration burden and IGP flooding limitations of SPF discriminators (RFC 7880) for SRv6/IPv6 networks.
    *   Proposed reusing the BFD Discriminator attribute (RFC 9026) in BGP to advertise local discriminators.
    *   Introduced two new BFD modes: one for SRv6 Locator sessions and another for common sessions (detecting route nexthops), using optional TLVs for source addresses.
    *   *Discussion:* Greg Mirsky asked for clarification on BFD control message encapsulation (SRv6 policy or other), noted BFD's limitation in differentiating path vs. node failure, and raised concerns about potential BFD session duplication in EVPN. Matthew requested clarity on the draft's scope and whether it belongs in BESS or BFD WG, with BFD chair Jeff Haas indicating BFD WG would review the scope.

*   **Distributed BUM Forwarding in EVPN with L3 Out (Youbo):**
    *   Proposed enhancing RFC 9136 to support distributed BUM forwarding for intra-subnet communication, reducing pressure on centralized gateways (DGWs), especially when access switches (AWs) have FPVR flooding capability.
    *   Suggested configuring IP-VRF instances on host mobility endpoints (HMEs) and modifying RT1 advertisements with explicit targets for distributed inter-subnet forwarding.
    *   Addressed issues with distinguishing RT1s for the same ESI/Ethernet Tag ID by using the Ethernet Circuit ID (ECID) for the Ethernet Tag ID in a secondary RT advertisement specifically for FPVR forwarding.
    *   Proposed a new BGP extended community "Super Limited ESI Index" for RT5 routes for recursive route resolution in the SPF.

## Decisions and Action Items

*   **MVPN Seamless Interop:** The presenter (Cason) will re-check the proposed bits 12 and 13 in the EVPN Multicast Extended Community as they are noted to be taken. Further discussion on the draft will take place on the mailing list.
*   **EVPN SD-WAN Usage:** A Routing Directorate Review will be initiated for this draft. The working group is encouraged to review the draft and send comments to the list.
*   **Secure EVPN:** The draft is considered ready for a Working Group Adoption Call. Remaining comments will be sent via the mailing list.
*   **Secure SLAAC:** The presenter (Pascal) will examine the use of RFC 9047's extended community for ARP/ND related matters as an alternative to extending the MAC Mobility Extended Community. Further discussion on this will occur on the mailing list.
*   **Advertising SPF Discriminators in BGP:** The authors (Youbo) will clarify the encapsulation of BFD control messages in the draft. The BFD Working Group chairs will review the scope of this draft, with a possibility of it moving to the BFD WG.
*   **Working Group Adoption:** The following drafts are ready for or awaiting Working Group Adoption calls:
    *   Secure EVPN
    *   IP Aliasing
*   **IPR Responses:** Two drafts, EVPN VPWS FXC and BGP EVGP DMZ, are awaiting IPR responses before they can progress. Authors are urged to respond.
*   **Shepherd Review:** Matthew will do a write-up for EVPN LSP Ping.
*   **Working Group Document Updates:** The chairs will check if all comments have been resolved for MHPS BUM Protect and if comments for EVPN Genies have been addressed.

## Next Steps

*   **Mailing List Discussions:** Several drafts require continued discussion and feedback on the mailing list, including MVPN Seamless Interop, EVPN Fast Reroute, Secure SLAAC, and Advertising SPF Discriminators in BGP.
*   **Working Group Adoption Calls:** Secure EVPN and IP Aliasing are expected to have Working Group adoption calls soon.
*   **Working Group Last Calls:** Multicast Flow DF Election, Monotony Split Horizon, and BGP Multicast (after an update) are anticipated to enter Working Group Last Call.
*   **Routing Directorate Reviews:** These will be initiated for EVPN SD-WAN Usage and VSI-ETREE MAC Flash.
*   **Future Meetings:** Hope for a physical IETF meeting for the next session.