1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
|
Internet Engineering Task Force (IETF) J. Rabadan, Ed.
Request for Comments: 9574 S. Sathappan
Category: Standards Track Nokia
ISSN: 2070-1721 W. Lin
Juniper Networks
M. Katiyar
Versa Networks
A. Sajassi
Cisco Systems
May 2024
Optimized Ingress Replication Solution for Ethernet VPNs (EVPNs)
Abstract
Network Virtualization Overlay (NVO) networks using Ethernet VPNs
(EVPNs) as their control plane may use trees based on ingress
replication or Protocol Independent Multicast (PIM) to convey the
overlay Broadcast, Unknown Unicast, or Multicast (BUM) traffic. PIM
provides an efficient solution that prevents sending multiple copies
of the same packet over the same physical link; however, it may not
always be deployed in the NVO network core. Ingress replication
avoids the dependency on PIM in the NVO network core. While ingress
replication provides a simple multicast transport, some NVO networks
with demanding multicast applications require a more efficient
solution without PIM in the core. This document describes a solution
to optimize the efficiency of ingress replication trees.
Status of This Memo
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by the
Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 7841.
Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
https://www.rfc-editor.org/info/rfc9574.
Copyright Notice
Copyright (c) 2024 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Revised BSD License text as described in Section 4.e of the
Trust Legal Provisions and are provided without warranty as described
in the Revised BSD License.
Table of Contents
1. Introduction
2. Terminology and Conventions
3. Solution Requirements
4. EVPN BGP Attributes for Optimized Ingress Replication
5. Non-selective Assisted Replication (AR) Solution Description
5.1. Non-selective AR-REPLICATOR Procedures
5.2. Non-selective AR-LEAF Procedures
5.3. RNVE Procedures
6. Selective Assisted Replication (AR) Solution Description
6.1. Selective AR-REPLICATOR Procedures
6.2. Selective AR-LEAF Procedures
7. Pruned Flooding Lists (PFLs)
7.1. Example of a Pruned Flooding List
8. AR Procedures for Single-IP AR-REPLICATORS
9. AR Procedures and EVPN All-Active Multihoming Split-Horizon
9.1. Ethernet Segments on AR-LEAF Nodes
9.2. Ethernet Segments on AR-REPLICATOR Nodes
10. Security Considerations
11. IANA Considerations
12. References
12.1. Normative References
12.2. Informative References
Acknowledgements
Contributors
Authors' Addresses
1. Introduction
Ethernet Virtual Private Networks (EVPNs) may be used as the control
plane for a Network Virtualization Overlay (NVO) network [RFC8365].
Network Virtualization Edge (NVE) and Provider Edge (PE) devices that
are part of the same EVPN Broadcast Domain (BD) use Ingress
Replication (IR) or PIM-based trees to transport the tenant's
Broadcast, Unknown Unicast, or Multicast (BUM) traffic.
In the ingress replication approach, the ingress NVE receiving a BUM
frame from the Tenant System (TS) will create as many copies of the
frame as the number of remote NVEs/PEs that are attached to the BD.
Each of those copies will be encapsulated into an IP packet where the
outer IP Destination Address (IP DA) identifies the loopback of the
egress NVE/PE. The IP fabric core nodes (also known as spines) will
simply route the IP-encapsulated BUM frames based on the outer IP DA.
If PIM-based trees are used instead of ingress replication, the NVEs/
PEs attached to the same BD will join a PIM-based tree. The ingress
NVE receiving a BUM frame will send a single copy of the frame,
encapsulated into an IP packet where the outer IP DA is the multicast
address that represents the PIM-based tree. The IP fabric core nodes
are part of the PIM tree and keep multicast state for the multicast
group, so that IP-encapsulated BUM frames can be routed to all the
NVEs/PEs that joined the tree.
The two approaches are illustrated in Figure 1. On the left-hand
side of the diagram, NVE1 uses ingress replication to send a BUM
frame (originated from Tenant System TS1) to the remote nodes
attached to the BD, i.e., NVE2, NVE3, and PE1. On the right-hand
side, the same example is depicted but using a PIM-based tree, i.e.,
(S1,G1), instead of ingress replication. While a single copy of the
tunneled BUM frame is generated in the latter approach, all the
routers in the fabric need to keep multicast state, e.g., the spine
keeps a PIM routing entry for (S1,G1) with an Incoming Interface
(IIF) and three Outgoing Interfaces (OIFs).
To WAN To WAN
^ ^
| |
+-----+ +-----+
+----------| PE1 |-----------+ +----------| PE1 |-----------+
| +--^--+ | | +--^--+ |
| | IP Fabric | | | IP Fabric |
| PE | | (S1,G1) |OIF to G1 |
| +----PE->+-----+ No State | | IIF +-----+ OIF to G1 |
| | +---2->|Spine|------+ | | +------>Spine|------+ |
| | | +-3->+-----+ | | | | +-----+ | |
| | | | 2 3 | | |PIM |OIF to G1| |
| | | |IR | | | | |tree | | |
|+-----+ +--v--+ +--v--+ | |+-----+ +--v--+ +--v--+ |
+| NVE1|---| NVE2|---| NVE3|-+ +| NVE1|---| NVE2|---| NVE3|-+
+--^--+ +-----+ +-----+ +--^--+ +-----+ +-----+
| | | | | |
| v v | v v
TS1 TS2 TS3 TS1 TS2 TS3
Figure 1: Ingress Replication vs. PIM-Based Trees in NVO Networks
In NVO networks where PIM-based trees cannot be used, ingress
replication is the only option. Examples of these situations are NVO
networks where the core nodes do not support PIM or the network
operator does not want to run PIM in the core.
In some use cases, the amount of replication for BUM traffic is kept
under control on the NVEs due to the following fairly common
assumptions:
a. Broadcast traffic is greatly reduced due to the proxy Address
Resolution Protocol (ARP) and proxy Neighbor Discovery (ND)
capabilities supported by EVPNs [RFC9161] on the NVEs. Some NVEs
can even provide Dynamic Host Configuration Protocol (DHCP)
server functions for the attached TSs, reducing the broadcast
traffic even further.
b. Unknown unicast traffic is greatly reduced in NVO networks where
all the Media Access Control (MAC) and IP addresses from the TSs
are learned in the control plane.
c. Multicast applications are not used.
If the above assumptions are true for a given NVO network, then
ingress replication provides a simple solution for multi-destination
traffic. However, statement c. above is not always true, and
multicast applications are required in many use cases.
When the multicast sources are attached to NVEs residing in
hypervisors or low-performance-replication Top-of-Rack (ToR)
switches, the ingress replication of a large amount of multicast
traffic to a significant number of remote NVEs/PEs can seriously
degrade the performance of the NVE and impact the application.
This document describes a solution that makes use of two ingress
replication optimizations:
1. Assisted Replication (AR)
2. Pruned Flooding Lists (PFLs)
Assisted Replication consists of a set of procedures that allows the
ingress NVE/PE to send a single copy of a broadcast or multicast
frame received from a TS to the BD without the need for PIM in the
underlay. Assisted Replication defines the roles of AR-REPLICATOR
and AR-LEAF routers. The AR-LEAF is the ingress NVE/PE attached to
the TS. The AR-LEAF sends a single copy of a broadcast or multicast
packet to a selected AR-REPLICATOR that replicates the packet
multiple times to remote AR-LEAF or AR-REPLICATOR routers and is
therefore "assisting" the ingress AR-LEAF in delivering the broadcast
or multicast traffic to the remote NVEs/PEs attached to the same BD.
Assisted Replication can use a single AR-REPLICATOR or two AR-
REPLICATOR routers in the path between the ingress AR-LEAF and the
remote destination NVEs/PEs. The procedures that use a single AR-
REPLICATOR (the non-selective Assisted Replication solution) are
specified in Section 5, whereas Section 6 describes how multi-stage
replication, i.e., two AR-REPLICATOR routers in the path between the
ingress AR-LEAF and destination NVEs/PEs, is accomplished (the
selective Assisted Replication solution). The procedures for
Assisted Replication do not impact unknown unicast traffic, which
follows the same forwarding procedures as known unicast traffic so
that packet reordering does not occur.
PFLs provide a method for the ingress NVE/PE to prune or remove
certain destination NVEs/PEs from a flooding list, depending on the
interest of those NVEs/PEs in receiving BUM traffic. As specified in
[RFC8365], an NVE/PE builds a flooding list for BUM traffic based on
the next hops of the received EVPN Inclusive Multicast Ethernet Tag
routes for the BD. While [RFC8365] states that the flooding list is
used for all BUM traffic, this document allows pruning certain next
hops from the list. As an example, suppose an ingress NVE creates a
flooding list with next hops PE1, PE2, and PE3. If PE2 and PE3 did
not signal any interest in receiving unknown unicast traffic in their
Inclusive Multicast Ethernet Tag routes, when the ingress NVE
receives an unknown unicast frame from a TS, it will replicate it
only to PE1. That is, PE2 and PE3 are "pruned" from the NVE's
flooding list for unknown unicast traffic. PFLs can be used with
ingress replication or Assisted Replication and are described in
Section 7.
Both optimizations -- Assisted Replication and PFLs -- may be used
together or independently so that the performance and efficiency of
the network to transport multicast can be improved. Both solutions
require some extensions to the BGP attributes used in [RFC7432]; see
Section 4 for details.
The Assisted Replication solution described in this document is
focused on NVO networks (hence its use of IP tunnels). MPLS
transport networks are out of scope for this document. The PFLs
solution MAY be used in NVO and MPLS transport networks.
Section 3 lists the requirements of the combined optimized ingress
replication solution, whereas Sections 5 and 6 describe the Assisted
Replication solution for non-selective and selective procedures,
respectively. Section 7 provides the PFLs solution.
2. Terminology and Conventions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
The following terminology is used throughout this document:
AR-IP: Assisted Replication - IP. Refers to an IP address owned by
the AR-REPLICATOR and used to differentiate the incoming traffic
that must follow the AR procedures. The AR-IP is also used in the
Tunnel Identifier and Next Hop fields of the Replicator-AR route.
AR-LEAF: Assisted Replication - LEAF. Refers to an NVE/PE that
sends all the BM traffic to an AR-REPLICATOR that can replicate
the traffic further on its behalf. An AR-LEAF is typically an
NVE/PE with poor replication performance capabilities.
AR-REPLICATOR: Assisted Replication - REPLICATOR. Refers to an NVE/
PE that can replicate broadcast or multicast traffic received on
overlay tunnels to other overlay tunnels and local Attachment
Circuits (ACs). This document defines the control and data plane
procedures that an AR-REPLICATOR needs to follow.
AR-VNI: Assisted Replication - VNI. Refers to a Virtual eXtensible
Local Area Network (VXLAN) Network Identifier (VNI) advertised by
the AR-REPLICATOR along with the Replicator-AR route. It is used
to identify the incoming packets that must follow the AR
procedures ONLY in the single-IP AR-REPLICATOR case (see
Section 8).
Assisted Replication forwarding mode: In the case of an AR-LEAF,
sending an AC Broadcast and Multicast (BM) packet to a single AR-
REPLICATOR with a tunnel destination address AR-IP. In the case
of an AR-REPLICATOR, this means sending a BM packet to a selected
number of, or all of, the overlay tunnels when the packet was
previously received from an overlay tunnel.
BD: Broadcast Domain, as defined in [RFC7432].
BD label: Defined as the MPLS label that identifies the BD and is
advertised in Regular-IR or Replicator-AR routes, when the
encapsulation is MPLS over GRE (MPLSoGRE) or MPLS over UDP
(MPLSoUDP).
BM traffic: Refers to broadcast and multicast frames (excluding
unknown unicast frames).
DF and NDF: Designated Forwarder and Non-Designated Forwarder.
These are roles defined in NVEs/PEs attached to multihomed TSs, as
per [RFC7432] and [RFC8365].
ES and ESI: Ethernet Segment and Ethernet Segment Identifier. EVPN
multihoming concepts as specified in [RFC7432].
EVI: EVPN Instance. A group of Provider Edge (PE) devices
participating in the same EVPN service, as specified in [RFC7432].
GRE: Generic Routing Encapsulation [RFC4023].
Ingress Replication forwarding mode: Refers to the ingress
replication behavior explained in [RFC7432]. In this mode, an AC
BM packet copy is sent to each remote PE/NVE in the BD, and an
overlay BM packet is sent only to the ACs and not to other overlay
tunnels.
IR-IP: Ingress Replication - IP. Refers to the local IP address of
an NVE/PE that is used for the ingress replication signaling and
procedures provided in [RFC7432]. Encapsulated incoming traffic
with an outer destination IP address matching the IR-IP will
follow the procedures for ingress replication and not the
procedures for Assisted Replication. The IR-IP is also used in
the Tunnel Identifier and Next Hop fields of the Regular-IR route.
IR-VNI: Ingress Replication - VNI. Refers to a VNI advertised along
with the Inclusive Multicast Ethernet Tag route for the ingress
replication tunnel type.
MPLS: Multi-Protocol Label Switching.
NVE: Network Virtualization Edge [RFC8365].
NVGRE: Network virtualization using Generic Routing Encapsulation
[RFC7637].
PE: Provider Edge.
PMSI: P-Multicast Service Interface. A conceptual interface for a
PE to send customer multicast traffic to all or some PEs in the
same VPN [RFC6513].
RD: Route Distinguisher.
Regular-IR route: An EVPN Inclusive Multicast Ethernet Tag route
[RFC7432] that uses the ingress replication tunnel type.
Replicator-AR route: An EVPN Inclusive Multicast Ethernet Tag route
that is advertised by an AR-REPLICATOR to signal its capabilities,
as described in Section 4.
RNVE: Regular NVE. Refers to an NVE that supports the procedures
provided in [RFC8365] and does not support the procedures provided
in this document. However, this document defines procedures to
interoperate with RNVEs.
ToR switch: Top-of-Rack switch.
TS and VM: Tenant System and Virtual Machine. In this document, TSs
and VMs are the devices connected to the ACs of the PEs and NVEs.
VNI: VXLAN Network Identifier. Used in VXLAN tunnels.
VSID: Virtual Segment Identifier. Used in NVGRE tunnels.
VXLAN: Virtual eXtensible Local Area Network [RFC7348].
3. Solution Requirements
The ingress replication optimization solution specified in this
document meets the following requirements:
a. The solution provides an ingress replication optimization for BM
traffic without the need for PIM while preserving the packet
order for unicast applications, i.e., unknown unicast traffic
should follow the same path as known unicast traffic. This
optimization is required in low-performance NVEs.
b. The solution reduces the flooded traffic in NVO networks where
some NVEs do not need broadcast/multicast and/or unknown unicast
traffic.
c. The solution is compatible with [RFC7432] and [RFC8365] and has
no impact on the Customer Edge (CE) procedures for BM traffic.
In particular, the solution supports the following EVPN
functions:
* All-active multihoming, including the split-horizon and DF
functions.
* Single-active multihoming, including the DF function.
* Handling of multi-destination traffic and processing of BM
traffic as per [RFC7432].
d. The solution is backward compatible with existing NVEs using a
non-optimized version of ingress replication. A given BD can
have NVEs/PEs supporting regular ingress replication and
optimized ingress replication.
e. The solution is independent of the NVO-specific data plane
encapsulation and the virtual identifiers being used, e.g., VXLAN
VNIs, NVGRE VSIDs, or MPLS labels, as long as the tunnel is IP
based.
4. EVPN BGP Attributes for Optimized Ingress Replication
The ingress replication optimization solution specified in this
document extends the Inclusive Multicast Ethernet Tag routes and
attributes described in [RFC7432] so that an NVE/PE can signal its
optimized ingress replication capabilities.
The Network Layer Reachability Information (NLRI) of the Inclusive
Multicast Ethernet Tag route [RFC7432] is shown in Figure 2 and is
used in this document without any modifications to its format. The
PMSI Tunnel Attribute's general format as provided in [RFC7432]
(which takes it from [RFC6514]) is used in this document; only a new
tunnel type and new flags are specified, as shown in Figure 3.
+------------------------------------+
| RD (8 octets) |
+------------------------------------+
| Ethernet Tag ID (4 octets) |
+------------------------------------+
| IP Address Length (1 octet) |
+------------------------------------+
| Originating Router's IP Address |
| (4 or 16 octets) |
+------------------------------------+
Figure 2: EVPN Inclusive Multicast Ethernet Tag Route's NLRI
0 1 2 3 4 5 6 7
+---------------------------------+ +--+--+--+--+--+--+--+--+
| Flags (1 octet) | -> |x |E |x | T |BM|U |L |
+---------------------------------+ +--+--+--+--+--+--+--+--+
| Tunnel Type (1 octet) | T = Assisted Replication Type
+---------------------------------+ BM = Broadcast and Multicast
| MPLS Label (3 octets) | U = Unknown (unknown unicast)
+---------------------------------+ x = unassigned
| Tunnel Identifier (variable) |
+---------------------------------+
Figure 3: PMSI Tunnel Attribute
The Flags field in Figure 3 is 8 bits long as per [RFC7902]. The
Extension (E) flag was allocated by [RFC7902], and the Leaf
Information Required (L) flag was allocated by [RFC6514]. This
document defines the use of 4 bits of this Flags field:
* Bits 3 and 4, which together form the Assisted Replication Type
(T) field
* Bit 5, called the Broadcast and Multicast (BM) flag
* Bit 6, called the Unknown (U) flag
Bits 5 and 6 are collectively referred to as the Pruned Flooding
Lists (PFLs) flags.
The T field and PFLs flags are defined as follows:
* T is the Assisted Replication Type field (2 bits), which defines
the AR role of the advertising router:
- 00 (decimal 0) = RNVE (non-AR support)
- 01 (decimal 1) = AR-REPLICATOR
- 10 (decimal 2) = AR-LEAF
- 11 (decimal 3) = RESERVED
* The PFLs flags define the desired behavior of the advertising
router for the different types of traffic:
- Broadcast and Multicast (BM) flag. BM = 1 means "prune me from
the BM flooding list". BM = 0 indicates regular behavior.
- Unknown (U) flag. U = 1 means "prune me from the Unknown
flooding list". U = 0 indicates regular behavior.
* The L flag (bit 7) is defined in [RFC6514] and will be used only
in the selective AR solution.
Please refer to Section 11 for the IANA considerations related to the
PMSI Tunnel Attribute flags.
In this document, the above Inclusive Multicast Ethernet Tag route
(Figure 2) and PMSI Tunnel Attribute (Figure 3) can be used in two
different modes for the same BD:
Regular-IR route: In this route, Originating Router's IP Address,
Tunnel Type (0x06), MPLS Label, and Tunnel Identifier MUST be used
as described in [RFC7432] when ingress replication is in use. The
NVE/PE that advertises the route will set the Next Hop to an IP
address that we denominate IR-IP in this document. When
advertised by an AR-LEAF node, the Regular-IR route MUST be
advertised with the T field set to 10 (AR-LEAF).
Replicator-AR route: This route is used by the AR-REPLICATOR to
advertise its AR capabilities, with the fields set as follows:
* Originating Router's IP Address MUST be set to an IP address of
the advertising router that is common to all the EVIs on the PE
(usually this is a loopback address of the PE).
- The Tunnel Identifier and Next Hop fields SHOULD be set to
the same IP address as the Originating Router's IP Address
field when the NVE/PE originates the route -- that is, when
the NVE/PE is not an ASBR; see Section 10.2 of [RFC8365].
Irrespective of the values in the Tunnel Identifier and
Originating Router's IP Address fields, the ingress NVE/PE
will process the received Replicator-AR route and will use
the IP address setting in the Next Hop field to create IP
tunnels to the AR-REPLICATOR.
- The Next Hop address is referred to as the AR-IP and MUST be
different from the IR-IP for a given PE/NVE, unless the
procedures provided in Section 8 are followed.
* Tunnel Type MUST be set to Assisted Replication Tunnel.
Section 11 provides the allocated type value.
* T (Assisted Replication type) MUST be set to 01 (AR-
REPLICATOR).
* L (Leaf Information Required) MUST be set to 0 for non-
selective AR and MUST be set to 1 for selective AR.
An NVE/PE configured as an AR-REPLICATOR for a BD MUST advertise a
Replicator-AR route for the BD and MAY advertise a Regular-IR route.
The advertisement of the Replicator-AR route will indicate to the AR-
LEAFs which outer IP DA, i.e., which AR-IP, they need to use for IP-
encapsulated BM frames that use Assisted Replication forwarding mode.
The AR-REPLICATOR will forward an IP-encapsulated BM frame in
Assisted Replication forwarding mode if the outer IP DA matches its
AR-IP but will forward in Ingress Replication forwarding mode if the
outer IP DA matches its IR-IP.
In addition, this document also uses the Leaf Auto-Discovery (Leaf
A-D) route defined in [RFC9572] in cases where the selective AR mode
is used. An AR-LEAF MAY send a Leaf A-D route in response to
reception of a Replicator-AR route whose L flag is set. The Leaf A-D
route is only used for selective AR, and the fields of such a route
are set as follows:
* Originating Router's IP Address is set to the advertising router's
IP address (the same IP address used by the AR-LEAF in Regular-IR
routes). The Next Hop address is set to the IR-IP, which SHOULD
be the same IP address as the advertising router's IP address,
when the NVE/PE originates the route, i.e., when the NVE/PE is not
an ASBR; see Section 10.2 of [RFC8365].
* Route Key [RFC9572] is the "Route Type Specific" NLRI of the
Replicator-AR route for which this Leaf A-D route is generated.
* The AR-LEAF constructs an IP-address-specific Route Target,
analogously to [RFC9572], by placing the IP address carried in the
Next Hop field of the received Replicator-AR route in the Global
Administrator field of the extended community, with the Local
Administrator field of this extended community set to 0, and
setting the Extended Communities attribute of the Leaf A-D route
to that extended community. The same IP-address-specific import
Route Target is auto-configured by the AR-REPLICATOR that sent the
Replicator-AR route, in order to control the acceptance of the
Leaf A-D routes.
* The Leaf A-D route MUST include the PMSI Tunnel Attribute with
Tunnel Type set to Assisted Replication Tunnel (Section 11), T
(Assisted Replication type) set to AR-LEAF, and Tunnel Identifier
set to the IP address of the advertising AR-LEAF. The PMSI Tunnel
Attribute MUST carry a downstream-assigned MPLS label or VNI that
is used by the AR-REPLICATOR to send traffic to the AR-LEAF.
Each AR-enabled node understands and processes the T (Assisted
Replication type) field in the PMSI Tunnel Attribute (Flags field) of
the routes and MUST signal the corresponding type (AR-REPLICATOR or
AR-LEAF type) according to its administrative choice. An NVE/PE
following this specification is not expected to set the Assisted
Replication Type field to decimal 3 (which is a RESERVED value). If
a route with the Assisted Replication Type field set to decimal 3 is
received by an AR-REPLICATOR or AR-LEAF, the router will process the
route as a Regular-IR route advertised by an RNVE.
Each node attached to the BD may understand and process the BM/U
flags (PFLs flags). Note that these BM/U flags may be used to
optimize the delivery of multi-destination traffic; their use SHOULD
be an administrative choice and independent of the AR role. When the
PFL capability is enabled, the BM/U flags can be used with the
Regular-IR, Replicator-AR, and Leaf A-D routes.
Non-optimized ingress replication NVEs/PEs will be unaware of the new
PMSI Tunnel Attribute flag definition as well as the new tunnel type
(AR), i.e., non-upgraded NVEs/PEs will ignore the information
contained in the Flags field or an unknown tunnel type (type AR in
this case) for any Inclusive Multicast Ethernet Tag route.
5. Non-selective Assisted Replication (AR) Solution Description
Figure 4 illustrates an example NVO network where the non-selective
AR function is enabled. Three different roles are defined for a
given BD: AR-REPLICATOR, AR-LEAF, and RNVE. The solution is called
"non-selective" because the chosen AR-REPLICATOR for a given flow
MUST replicate the BM traffic to all the NVEs/PEs in the BD except
for the source NVE/PE. NVO tunnels, i.e., IP tunnels, exist among
all the PEs and NVEs in the diagram. The PEs and NVEs in the diagram
have TSs or VMs connected to their ACs.
( )
(_ WAN _)
+---(_ _)----+
| (_ _) |
PE1 | PE2 |
+------+----+ +----+------+
TS1--+ (BD-1) | | (BD-1) +--TS2
|REPLICATOR | |REPLICATOR |
+--------+--+ +--+--------+
| |
+--+----------------+--+
| |
| |
+----+ VXLAN/NVGRE/MPLSoGRE +----+
| | IP Fabric | |
| | | |
NVE1 | +-----------+----------+ | NVE3
Hypervisor| ToR | NVE2 |Hypervisor
+---------+-+ +-----+-----+ +-+---------+
| (BD-1) | | (BD-1) | | (BD-1) |
| LEAF | | RNVE | | LEAF |
+--+-----+--+ +--+-----+--+ +--+-----+--+
| | | | | |
VM11 VM12 TS3 TS4 VM31 VM32
Figure 4: Non-selective AR Scenario
In AR BDs, such as BD-1 in Figure 4, BM traffic between two NVEs may
follow a different path than unicast traffic. This solution
recommends the replication of BM traffic through the AR-REPLICATOR
node, whereas unknown/known unicast traffic will be delivered
directly from the source node to the destination node without being
replicated by any intermediate node.
Note that known unicast forwarding is not impacted by this solution,
i.e., unknown unicast traffic SHALL follow the same path as known
unicast traffic.
5.1. Non-selective AR-REPLICATOR Procedures
An AR-REPLICATOR is defined as an NVE/PE capable of replicating
incoming BM traffic received on an overlay tunnel to other overlay
tunnels and local ACs. The AR-REPLICATOR signals its role in the
control plane and understands where the other roles (AR-LEAF nodes,
RNVEs, and other AR-REPLICATORs) are located. A given AR-enabled BD
service may have zero, one, or more AR-REPLICATORs. In our example
in Figure 4, PE1 and PE2 are defined as AR-REPLICATORs. The
following considerations apply to the AR-REPLICATOR role:
a. The AR-REPLICATOR role SHOULD be an administrative choice in any
NVE/PE that is part of an AR-enabled BD. This administrative
option to enable AR-REPLICATOR capabilities MAY be implemented as
a system-level option as opposed to a per-BD option.
b. An AR-REPLICATOR MUST advertise a Replicator-AR route and MAY
advertise a Regular-IR route. The AR-REPLICATOR MUST NOT
generate a Regular-IR route if it does not have local ACs. If
the Regular-IR route is advertised, the Assisted Replication Type
field of the Regular-IR route MUST be set to 0.
c. The Replicator-AR and Regular-IR routes are generated according
to Section 4. The AR-IP and IR-IP are different IP addresses
owned by the AR-REPLICATOR.
d. When a node defined as an AR-REPLICATOR receives a BM packet on
an overlay tunnel, it will do a tunnel destination IP address
lookup and apply the following procedures:
* If the destination IP address is the AR-REPLICATOR IR-IP
address, the node will process the packet normally as
discussed in [RFC7432].
* If the destination IP address is the AR-REPLICATOR AR-IP
address, the node MUST replicate the packet to local ACs and
overlay tunnels (excluding the overlay tunnel to the source of
the packet). When replicating to remote AR-REPLICATORs, the
tunnel destination IP address will be an IR-IP. This will
indicate to the remote AR-REPLICATOR that it MUST NOT
replicate to overlay tunnels. The tunnel source IP address
used by the AR-REPLICATOR MUST be its IR-IP when replicating
to AR-REPLICATOR or AR-LEAF nodes.
An AR-REPLICATOR MUST follow a data path implementation compatible
with the following rules:
* The AR-REPLICATORs will build a flooding list composed of ACs and
overlay tunnels to remote nodes in the BD. Some of those overlay
tunnels MAY be flagged as non-BM receivers based on the BM flag
received from the remote nodes in the BD.
* When an AR-REPLICATOR receives a BM packet on an AC, it will
forward the BM packet to its flooding list (including local ACs
and remote NVEs/PEs), skipping the non-BM overlay tunnels.
* When an AR-REPLICATOR receives a BM packet on an overlay tunnel,
it will check the destination IP address of the underlay IP header
and:
- If the destination IP address matches its IR-IP, the AR-
REPLICATOR will skip all the overlay tunnels from the flooding
list, i.e., it will only replicate to local ACs. This is the
regular ingress replication behavior described in [RFC7432].
- If the destination IP address matches its AR-IP, the AR-
REPLICATOR MUST forward the BM packet to its flooding list (ACs
and overlay tunnels), excluding the non-BM overlay tunnels.
The AR-REPLICATOR will ensure that the traffic is not sent back
to the originating AR-LEAF.
- If the encapsulation is MPLSoGRE or MPLSoUDP and the received
BD label that the AR-REPLICATOR advertised in the Replicator-AR
route is not at the bottom of the stack, the AR-REPLICATOR MUST
copy all the labels below the BD label and propagate them when
forwarding the packet to the egress overlay tunnels.
* The AR-REPLICATOR/LEAF nodes will build an unknown unicast
flooding list composed of ACs and overlay tunnels to the IR-IP
addresses of the remote nodes in the BD. Some of those overlay
tunnels MAY be flagged as non-U (unknown unicast) receivers based
on the U flag received from the remote nodes in the BD.
- When an AR-REPLICATOR/LEAF receives an unknown unicast packet
on an AC, it will forward the unknown unicast packet to its
flooding list, skipping the non-U overlay tunnels.
- When an AR-REPLICATOR/LEAF receives an unknown unicast packet
on an overlay tunnel, it will forward the unknown unicast
packet to its local ACs and never to an overlay tunnel. This
is the regular ingress replication behavior described in
[RFC7432].
5.2. Non-selective AR-LEAF Procedures
An AR-LEAF is defined as an NVE/PE that, given its poor replication
performance, sends all the BM traffic to an AR-REPLICATOR that can
replicate the traffic further on its behalf. It MAY signal its AR-
LEAF capability in the control plane and understands where the other
roles are located (AR-REPLICATORs and RNVEs). A given service can
have zero, one, or more AR-LEAF nodes. In Figure 4, NVE1 and NVE3
(both residing in hypervisors) act as AR-LEAF nodes. The following
considerations apply to the AR-LEAF role:
a. The AR-LEAF role SHOULD be an administrative choice in any NVE/PE
that is part of an AR-enabled BD. This administrative option to
enable AR-LEAF capabilities MAY be implemented as a system-level
option as opposed to a per-BD option.
b. In this non-selective AR solution, the AR-LEAF MUST advertise a
single Regular-IR Inclusive Multicast Ethernet Tag route as
described in [RFC7432]. The AR-LEAF SHOULD set the Assisted
Replication Type field to AR-LEAF. Note that although this field
does not affect the remote nodes when creating an EVPN
destination to the AR-LEAF, this field is useful from the
standpoint of ease of operation and troubleshooting of the BD.
c. In a BD where there are no AR-REPLICATORs due to the AR-
REPLICATORs being down or reconfigured, the AR-LEAF MUST use
regular ingress replication based on the remote Regular-IR
Inclusive Multicast Ethernet Tag routes as described in
[RFC7432]. This may happen in the following cases:
* The AR-LEAF has a list of AR-REPLICATORs for the BD, but it
detects that all the AR-REPLICATORs for the BD are down (via
next-hop tracking in the IGP or some other detection
mechanism).
* The AR-LEAF receives updates from all the former AR-
REPLICATORs containing a non-REPLICATOR AR type in the
Inclusive Multicast Ethernet Tag routes.
* The AR-LEAF never discovered an AR-REPLICATOR for the BD.
d. In a service where there are one or more AR-REPLICATORs (based on
the received Replicator-AR routes for the BD), the AR-LEAF can
locally select which AR-REPLICATOR it sends the BM traffic to:
* A single AR-REPLICATOR MAY be selected for all the BM packets
received on the AR-LEAF ACs for a given BD. This selection is
a local decision and does not have to match other AR-LEAFs'
selections within the same BD.
* An AR-LEAF MAY select more than one AR-REPLICATOR and do
either per-flow or per-BD load balancing.
* In the case of failure of the selected AR-REPLICATOR, another
AR-REPLICATOR SHOULD be selected by the AR-LEAF.
* When an AR-REPLICATOR is selected for a given flow or BD, the
AR-LEAF MUST send all the BM packets targeted to that AR-
REPLICATOR using the forwarding information given by the
Replicator-AR route for the chosen AR-REPLICATOR, with Tunnel
Type = 0x0A (AR tunnel). The underlay destination IP address
MUST be the AR-IP advertised by the AR-REPLICATOR in the
Replicator-AR route.
* An AR-LEAF MAY change the selection of AR-REPLICATOR(s)
dynamically due to an administrative or policy configuration
change.
* AR-LEAF nodes SHALL send service-level BM control plane
packets, following the procedures for regular ingress
replication. An example would be IGMP, Multicast Listener
Discovery (MLD), or PIM packets, and, in general, any packets
using link-local scope multicast IPv4 or IPv6 packets. The
AR-REPLICATORs MUST NOT replicate these control plane packets
to other overlay tunnels, since they will use the IR-IP
address.
e. The use of an AR-REPLICATOR-activation-timer (in seconds, with a
default value of 3) on the AR-LEAF nodes is RECOMMENDED. Upon
receiving a new Replicator-AR route where the AR-REPLICATOR is
selected, the AR-LEAF will run a timer before programming the new
AR-REPLICATOR. In the case of a newly added AR-REPLICATOR or if
an AR-REPLICATOR reboots, this timer will give the AR-REPLICATOR
some time to program the AR-LEAF nodes before the AR-LEAF sends
BM traffic. The AR-REPLICATOR-activation-timer SHOULD be
configurable in seconds, and its value needs to account for the
time it takes for the AR-LEAF Regular-IR Inclusive Multicast
Ethernet Tag route to get to the AR-REPLICATOR and be programmed.
While the AR-REPLICATOR-activation-timer is running, the AR-LEAF
node will use regular ingress replication.
f. If the AR-LEAF has selected an AR-REPLICATOR, whether or not to
change to a new preferred AR-REPLICATOR for the existing BM
traffic flows is a matter of local policy.
An AR-LEAF MUST follow a data path implementation compatible with the
following rules:
* The AR-LEAF nodes will build two flooding lists:
Flooding list #1: Composed of ACs and an AR-REPLICATOR-set of
overlay tunnels. The AR-REPLICATOR-set is defined as one or
more overlay tunnels to the AR-IP addresses of the remote AR-
REPLICATOR(s) in the BD. The selection of more than one AR-
REPLICATOR is described in item d. above and is a local AR-LEAF
decision.
Flooding list #2: Composed of ACs and overlay tunnels to the
remote IR-IP addresses.
* When an AR-LEAF receives a BM packet on an AC, it will check the
AR-REPLICATOR-set:
- If the AR-REPLICATOR-set is empty, the AR-LEAF MUST send the
packet to flooding list #2.
- If the AR-REPLICATOR-set is NOT empty, the AR-LEAF MUST send
the packet to flooding list #1, where only one of the overlay
tunnels of the AR-REPLICATOR-set is used.
* When an AR-LEAF receives a BM packet on an overlay tunnel, it will
forward the BM packet to its local ACs and never to an overlay
tunnel. This is the regular ingress replication behavior
described in [RFC7432].
* AR-LEAF nodes process unknown unicast traffic in the same way AR-
REPLICATORS do, as described in Section 5.1.
5.3. RNVE Procedures
An RNVE is defined as an NVE/PE without AR-REPLICATOR or AR-LEAF
capabilities that does ingress replication as described in [RFC7432].
The RNVE does not signal any AR role and is unaware of the AR-
REPLICATOR/LEAF roles in the BD. The RNVE will ignore the flags in
the Regular-IR routes and will ignore the Replicator-AR routes (due
to an unknown tunnel type in the PMSI Tunnel Attribute) and the Leaf
A-D routes (due to the IP-address-specific Route Target).
This role provides EVPNs with the backward compatibility required in
optimized ingress replication BDs. In Figure 4, NVE2 acts as an
RNVE.
6. Selective Assisted Replication (AR) Solution Description
Figure 5 is used to describe the selective AR solution.
( )
(_ WAN _)
+---(_ _)----+
| (_ _) |
PE1 | PE2 |
+------+----+ +----+------+
TS1--+ (BD-1) | | (BD-1) +--TS2
|REPLICATOR | |REPLICATOR |
+--------+--+ +--+--------+
| |
+--+----------------+--+
| |
| |
+----+ VXLAN/NVGRE/MPLSoGRE +----+
| | IP Fabric | |
| | | |
NVE1 | +-----------+----------+ | NVE3
Hypervisor| ToR | NVE2 |Hypervisor
+---------+-+ +-----+-----+ +-+---------+
| (BD-1) | | (BD-1) | | (BD-1) |
|LEAF-set-1 | |LEAF-set-1 | |LEAF-set-2 |
+--+-----+--+ +--+-----+--+ +--+-----+--+
| | | | | |
VM11 VM12 TS3 TS4 VM31 VM32
Figure 5: Selective AR Scenario
The solution is called "selective" because a given AR-REPLICATOR MUST
replicate the BM traffic to only the AR-LEAFs that requested the
replication (as opposed to all the AR-LEAF nodes) and MUST replicate
the BM traffic to the RNVEs (if there are any). The same AR roles as
those defined in Sections 4 and 5 are used here; however, the
procedures are different.
The selective AR procedures create multiple AR-LEAF-sets in the EVPN
BD and build single-hop trees among AR-LEAFs of the same set (AR-
LEAF->AR-REPLICATOR->AR-LEAF) and two-hop trees among AR-LEAFs of
different sets (AR-LEAF->AR-REPLICATOR->AR-REPLICATOR->AR-LEAF).
Compared to the selective solution, the non-selective AR method
assumes that all the AR-LEAFs of the BD are in the same set and
always creates single-hop trees among AR-LEAFs. While the selective
solution is more efficient than the non-selective solution in multi-
stage IP fabrics, the trade-off is additional signaling and an
additional outer source IP address lookup.
The following subsections describe the differences in the procedures
for AR-REPLICATORs/LEAFs compared to the non-selective AR solution.
There are no changes applicable to RNVEs.
6.1. Selective AR-REPLICATOR Procedures
In our example in Figure 5, PE1 and PE2 are defined as selective AR-
REPLICATORs. The following considerations apply to the selective AR-
REPLICATOR role:
a. The selective AR-REPLICATOR role SHOULD be an administrative
choice in any NVE/PE that is part of an AR-enabled BD. This
administrative option MAY be implemented as a system-level option
as opposed to a per-BD option.
b. Each AR-REPLICATOR will build a list of AR-REPLICATOR, AR-LEAF,
and RNVE nodes. In spite of the "selective" administrative
option, an AR-REPLICATOR MUST NOT behave as a selective AR-
REPLICATOR if at least one of the AR-REPLICATORs has the L flag
NOT set. If at least one AR-REPLICATOR sends a Replicator-AR
route with L = 0 (in the BD context), the rest of the AR-
REPLICATORs will fall back to non-selective AR mode.
c. The selective AR-REPLICATOR MUST follow the procedures described
in Section 5.1, except for the following differences:
* The AR-REPLICATOR MUST have the L flag set to 1 when
advertising the Replicator-AR route. This flag is used by the
AR-REPLICATORs to advertise their "selective" AR-REPLICATOR
capabilities. In addition, the AR-REPLICATOR auto-configures
its IP-address-specific import Route Target as described in
the third bullet of the procedures for Leaf A-D routes in
Section 4.
* The AR-REPLICATOR will build a "selective" AR-LEAF-set with
the list of nodes that requested replication to its own AR-IP.
For instance, assuming that NVE1 and NVE2 advertise a Leaf A-D
route with PE1's IP-address-specific Route Target and NVE3
advertises a Leaf A-D route with PE2's IP-address-specific
Route Target, PE1 will only add NVE1/NVE2 to its selective AR-
LEAF-set for BD-1 and exclude NVE3. Likewise, PE2 will only
add NVE3 to its selective AR-LEAF-set for BD-1 and exclude
NVE1/NVE2.
* When a node defined and operating as a selective AR-REPLICATOR
receives a packet on an overlay tunnel, it will do a tunnel
destination IP lookup, and if the destination IP address is
the AR-REPLICATOR AR-IP address, the node MUST replicate the
packet to:
- Local ACs.
- Overlay tunnels in the selective AR-LEAF-set, excluding the
overlay tunnel to the source AR-LEAF.
- Overlay tunnels to the RNVEs if the tunnel source IP
address is the IR-IP of an AR-LEAF. In any other case, the
AR-REPLICATOR MUST NOT replicate the BM traffic to remote
RNVEs. In other words, only the first-hop selective AR-
REPLICATOR will replicate to all the RNVEs.
- Overlay tunnels to the remote selective AR-REPLICATORs if
the tunnel source IP address (of the encapsulated packet
that arrived on the overlay tunnel) is an IR-IP of its own
AR-LEAF-set. In any other case, the AR-REPLICATOR MUST NOT
replicate the BM traffic to remote AR-REPLICATORs. When
doing this replication, the tunnel destination IP address
is the AR-IP of the remote selective AR-REPLICATOR. The
tunnel destination address AR-IP will indicate to the
remote selective AR-REPLICATOR that the packet needs
further replication to its AR-LEAFs.
A selective AR-REPLICATOR data path implementation MUST be compatible
with the following rules:
* The selective AR-REPLICATORs will build two flooding lists:
Flooding list #1: Composed of ACs and overlay tunnels to the
remote nodes in the BD, always using the IR-IPs in the tunnel
destination IP addresses.
Flooding list #2: Composed of ACs, a selective AR-LEAF-set, and a
selective AR-REPLICATOR-set, where:
- The selective AR-LEAF-set is composed of the overlay tunnels
to the AR-LEAFs that advertise a Leaf A-D route for the
local AR-REPLICATOR. This set is updated with every Leaf
A-D route received/withdrawn from a new AR-LEAF.
- The selective AR-REPLICATOR-set is composed of the overlay
tunnels to all the AR-REPLICATORs that send a Replicator-AR
route with L = 1. The AR-IP addresses are used as tunnel
destination IP addresses.
* Some of the overlay tunnels in the flooding lists MAY be flagged
as non-BM receivers based on the BM flag received from the remote
nodes in the routes.
* When a selective AR-REPLICATOR receives a BM packet on an AC, it
MUST forward the BM packet to its flooding list #1, skipping the
non-BM overlay tunnels.
* When a selective AR-REPLICATOR receives a BM packet on an overlay
tunnel, it will check the destination and source IPs of the
underlay IP header and:
- If the destination IP address matches its AR-IP and the source
IP address matches an IP of its own selective AR-LEAF-set, the
AR-REPLICATOR MUST forward the BM packet to its flooding list
#2, unless some AR-REPLICATOR within the BD has advertised L =
0. In the latter case, the node reverts to Non-selective mode,
and flooding list #1 MUST be used. Non-BM overlay tunnels are
skipped when sending BM packets.
- If the destination IP address matches its AR-IP and the source
IP address does not match any IP address of its selective AR-
LEAF-set, the AR-REPLICATOR MUST forward the BM packet to
flooding list #2, skipping the AR-REPLICATOR-set. Non-BM
overlay tunnels are skipped when sending BM packets.
- If the destination IP address matches its IR-IP, the AR-
REPLICATOR MUST use flooding list #1 but MUST skip all the
overlay tunnels from the flooding list, i.e., it will only
replicate to local ACs. This is the regular ingress
replication behavior described in [RFC7432]. Non-BM overlay
tunnels are skipped when sending BM packets.
* In any case, the AR-REPLICATOR ensures that the traffic is not
sent back to the originating source. If the encapsulation is
MPLSoGRE or MPLSoUDP and the received BD label (the label that the
AR-REPLICATOR advertised in the Replicator-AR route) is not at the
bottom of the stack, the AR-REPLICATOR MUST copy the rest of the
labels when forwarding them to the egress overlay tunnels.
6.2. Selective AR-LEAF Procedures
A selective AR-LEAF chooses a single selective AR-REPLICATOR per BD
and:
* Sends all the BD's BM traffic to that AR-REPLICATOR and
* Expects to receive all the BM traffic for a given BD from the same
AR-REPLICATOR (except for the BM traffic from the RNVEs, which
comes directly from the RNVEs)
In the example in Figure 5, we consider NVE1/NVE2/NVE3 as selective
AR-LEAFs. NVE1 selects PE1 as its selective AR-REPLICATOR. If that
is so, NVE1 will send all its BM traffic for BD-1 to PE1. If other
AR-LEAFs/REPLICATORs send BM traffic, NVE1 will receive that traffic
from PE1. A selective AR-LEAF and a non-selective AR-LEAF behave
differently, as follows:
a. The selective AR-LEAF role SHOULD be an administrative choice in
any NVE/PE that is part of an AR-enabled BD. This administrative
option to enable AR-LEAF capabilities MAY be implemented as a
system-level option as opposed to a per-BD option.
b. The AR-LEAF MAY advertise a Regular-IR route if there are RNVEs
in the BD. The selective AR-LEAF MUST advertise a Leaf A-D route
after receiving a Replicator-AR route with L = 1. It is
RECOMMENDED that the selective AR-LEAF wait for a period
specified by an AR-LEAF-join-wait-timer (in seconds, with a
default value of 3) before sending the Leaf A-D route, so that
the AR-LEAF can collect all the Replicator-AR routes for the BD
before advertising the Leaf A-D route. If the Replicator-AR
route with L = 1 is withdrawn, the corresponding Leaf A-D route
is withdrawn too.
c. In a service where there is more than one selective AR-
REPLICATOR, the selective AR-LEAF MUST locally select a single
selective AR-REPLICATOR for the BD. Once selected:
* The selective AR-LEAF MUST send a Leaf A-D route, including
the route key and IP-address-specific Route Target of the
selected AR-REPLICATOR.
* The selective AR-LEAF MUST send all the BM packets received on
the ACs for a given BD to that AR-REPLICATOR.
* In the case of failure of the selected AR-REPLICATOR (detected
when the Replicator-AR route becomes infeasible as a result of
any of the underlying BGP mechanisms), another AR-REPLICATOR
will be selected and a new Leaf A-D update will be issued for
the new AR-REPLICATOR. This new route will update the
selective list in the new selective AR-REPLICATOR. In the
case of failure of the active selective AR-REPLICATOR, it is
RECOMMENDED that the selective AR-LEAF revert to ingress
replication behavior for an AR-REPLICATOR-activation-timer (in
seconds, with a default value of 3) to mitigate the traffic
impact. When the timer expires, the selective AR-LEAF will
resume its AR mode with the new selective AR-REPLICATOR. The
AR-REPLICATOR-activation-timer MAY be the same configurable
parameter as the parameter discussed in Section 5.2.
* A selective AR-LEAF MAY change the selection of AR-
REPLICATOR(s) dynamically due to an administrative or policy
configuration change.
All the AR-LEAFs in a BD are expected to be configured as either
selective or non-selective. A mix of selective and non-selective AR-
LEAFs SHOULD NOT coexist in the same BD. If a non-selective AR-LEAF
is present, its BM traffic sent to a selective AR-REPLICATOR will not
be replicated to other AR-LEAFs that are not in its selective AR-
LEAF-set.
A selective AR-LEAF MUST follow a data path implementation compatible
with the following rules:
* The selective AR-LEAF nodes will build two flooding lists:
Flooding list #1: Composed of ACs and the overlay tunnel to the
selected AR-REPLICATOR (using the AR-IP as the tunnel
destination IP address).
Flooding list #2: Composed of ACs and overlay tunnels to the
remote IR-IP addresses.
* Some of the overlay tunnels in the flooding lists MAY be flagged
as non-BM receivers based on the BM flag received from the remote
nodes in the routes.
* When an AR-LEAF receives a BM packet on an AC, it will check to
see if an AR-REPLICATOR was selected; if one is found, flooding
list #1 MUST be used. Otherwise, flooding list #2 MUST be used.
Non-BM overlay tunnels are skipped when sending BM packets.
* When an AR-LEAF receives a BM packet on an overlay tunnel, it MUST
forward the BM packet to its local ACs and never to an overlay
tunnel. This is the regular ingress replication behavior
described in [RFC7432].
7. Pruned Flooding Lists (PFLs)
In addition to AR, the second optimization supported by the ingress
replication optimization solution specified in this document is the
ability of all the BD nodes to signal PFLs. As described in
Section 4, an EVPN node can signal a given value for the BM and U
PFLs flags in the Regular-IR, Replicator-AR, or Leaf A-D routes,
where:
* BM is the Broadcast and Multicast flag. BM = 1 means "prune me
from the BM flooding list". BM = 0 indicates regular behavior.
* U is the Unknown flag. U = 1 means "prune me from the Unknown
flooding list". U = 0 indicates regular behavior.
The ability to signal and process these PFLs flags SHOULD be an
administrative choice. If a node is configured to process the PFLs
flags, upon receiving a non-zero PFLs flag for a route, an NVE/PE
will add the corresponding flag to the created overlay tunnel in the
flooding list. When replicating a BM packet in the context of a
flooding list, the NVE/PE will skip the overlay tunnels marked with
the flag BM = 1, since the NVEs/PEs at the end of those tunnels are
not expecting BM packets. Similarly, when replicating unknown
unicast packets, the NVE/PE will skip the overlay tunnels marked with
U = 1.
An NVE/PE not following this document or not configured for this
optimization will ignore any of the received PFLs flags. An AR-LEAF
or RNVE receiving BUM traffic on an overlay tunnel MUST replicate the
traffic to its local ACs, regardless of the BM/U flags on the overlay
tunnels.
This optimization MAY be used along with the Assisted Replication
solution.
7.1. Example of a Pruned Flooding List
In order to illustrate the use of the PFLs solution, we will assume
that BD-1 in Figure 4 is optimized ingress replication enabled and:
* PE1 and PE2 are administratively configured as AR-REPLICATORs due
to their high-performance replication capabilities. PE1 and PE2
will send a Replicator-AR route with BM/U flags = 00.
* NVE1 and NVE3 are administratively configured as AR-LEAF nodes due
to their low-performance software-based replication capabilities.
They will advertise a Regular-IR route with type AR-LEAF.
Assuming that both NVEs advertise all of the attached VMs' MAC and
IP addresses in EVPNs as soon as they come up and these NVEs do
not have any VMs interested in multicast applications, they will
be configured to signal BM/U flags = 11 for BD-1. That is,
neither NVE1 nor NVE3 is interested in receiving BM or unknown
unicast traffic, since:
- Their attached VMs (VM11, VM12, VM31, VM32) do not support
multicast applications.
- Their attached VMs will not receive ARP Requests. Proxy ARP
[RFC9161] on the remote NVEs/PEs will reply to ARP Requests
locally, and no other broadcast traffic is expected.
- Their attached VMs will not receive unknown unicast traffic,
since the VMs' MAC and IP addresses are always advertised by
EVPNs as long as the VMs are active.
* NVE2 is optimized ingress replication unaware; therefore, it takes
on the RNVE role in BD-1.
Based on the above assumptions, the following forwarding behavior
will take place:
1. Any BM packets sent from VM11 will be sent to VM12 and PE1. PE1
will then forward the BM packets on to TS1, the WAN link, PE2,
and NVE2 but not to NVE3. PE2 and NVE2 will replicate the BM
packets to their local ACs, but NVE3 will be prevented from
having to replicate those BM packets to VM31 and VM32
unnecessarily.
2. Any BM packets received on PE2 from the WAN will be sent to PE1
and NVE2 but not to NVE1 and NVE3, sparing the two hypervisors
from replicating unnecessarily to their local VMs. PE1 and NVE2
will replicate to their local ACs only.
3. Any unknown unicast packet sent from VM31 will be forwarded by
NVE3 to NVE2, PE1, and PE2 but not to NVE1. The solution
prevents unnecessary replication to NVE1, since the destination
of the unknown traffic cannot be NVE1.
4. Any unknown unicast packet sent from TS1 will be forwarded by PE1
to the WAN link, PE2, and NVE2 but not to NVE1 and NVE3, since
the target of the unknown traffic cannot be NVE1 or NVE3.
8. AR Procedures for Single-IP AR-REPLICATORS
The procedures explained in Sections 5 and 6 assume that the AR-
REPLICATOR can use two local routable IP addresses to terminate and
originate NVO tunnels, i.e., IR-IP and AR-IP addresses. This is
usually the case for PE-based AR-REPLICATOR nodes.
In some cases, the AR-REPLICATOR node does not support more than one
IP address to terminate and originate NVO tunnels, i.e., the IR-IP
and AR-IP are the same IP addresses. This may be the case in some
software-based or low-end AR-REPLICATOR nodes. If this is the case,
the procedures provided in Sections 5 and 6 MUST be modified in the
following way:
* The Replicator-AR routes generated by the AR-REPLICATOR use an AR-
IP that will match its IR-IP. In order to differentiate the data
plane packets that need to use ingress replication from the
packets that must use Assisted Replication forwarding mode, the
Replicator-AR route MUST advertise a different VNI/VSID than the
one used by the Regular-IR route. For instance, the AR-REPLICATOR
will advertise an AR-VNI along with the Replicator-AR route and an
IR-VNI along with the Regular-IR route. Since both routes have
the same key, different Route Distinguishers are needed in each
route.
* An AR-REPLICATOR will perform Ingress Replication forwarding mode
or Assisted Replication forwarding mode for the incoming overlay
packets based on an ingress VNI lookup as opposed to the tunnel IP
DA lookup. Note that when replicating to remote AR-REPLICATOR
nodes, the use of the IR-VNI or AR-VNI advertised by the egress
node will determine whether Ingress Replication forwarding mode or
Assisted Replication forwarding mode is used at the subsequent AR-
REPLICATOR.
The rest of the procedures will follow those described in Sections 5
and 6.
9. AR Procedures and EVPN All-Active Multihoming Split-Horizon
This section extends the procedures for the cases where two or more
AR-LEAF nodes are attached to the same ES and two or more AR-
REPLICATOR nodes are attached to the same ES in the BD. The mixed
case -- where an AR-LEAF node and an AR-REPLICATOR node are attached
to the same ES -- would require extended procedures that are out of
scope for this document.
9.1. Ethernet Segments on AR-LEAF Nodes
If a VXLAN or NVGRE is used and if the split-horizon is based on the
tunnel source IP address and "local bias" as described in [RFC8365],
the split-horizon check will not work if an ES is shared between two
AR-LEAF nodes, and the AR-REPLICATOR replaces the tunnel source IP
address of the packets with its own AR-IP.
In order to be compatible with the source IP address split-horizon
check, the AR-REPLICATOR MAY keep the original received tunnel source
IP address when replicating packets to a remote AR-LEAF or RNVE.
This will allow AR-LEAF nodes to apply split-horizon check procedures
for BM packets before sending them to the local ES. Even if the AR-
LEAF's source IP address is preserved when replicating to AR-LEAFs or
RNVEs, the AR-REPLICATOR MUST always use its IR-IP as the source IP
address when replicating to other AR-REPLICATORs.
When EVPNs are used for MPLSoGRE or MPLSoUDP, the ESI-label-based
split-horizon procedure provided in [RFC7432] will not work for
multihomed ESs defined on AR-LEAF nodes. Local bias is recommended
in this case, as it is in the case of a VXLAN or NVGRE as explained
above. The local-bias and tunnel source IP address preservation
mechanisms provide the required split-horizon behavior in non-
selective or selective AR.
Note that if the AR-REPLICATOR implementation keeps the received
tunnel source IP address, the use of unicast Reverse Path Forwarding
(uRPF) checks in the IP fabric based on the tunnel source IP address
MUST be disabled.
9.2. Ethernet Segments on AR-REPLICATOR Nodes
AR-REPLICATOR nodes attached to the same all-active ES will follow
local-bias procedures [RFC8365] as follows:
a. For BUM traffic received on a local AR-REPLICATOR's AC, local-
bias procedures as provided in [RFC8365] MUST be followed.
b. For BUM traffic received on an AR-REPLICATOR overlay tunnel with
AR-IP as the IP DA, local bias MUST also be followed. That is,
traffic received with AR-IP as the IP DA will be treated as
though it had been received on a local AC that is part of the ES
and will be forwarded to all local ESs, irrespective of their DF
or NDF state.
c. BUM traffic received on an AR-REPLICATOR overlay tunnel with IR-
IP as the IP DA will follow regular local-bias rules [RFC8365]
and will not be forwarded to local ESs that are shared with the
AR-LEAF or AR-REPLICATOR originating the traffic.
d. In cases where the AR-REPLICATOR supports a single IP address,
the IR-IP and the AR-IP are the same IP address, as discussed in
Section 8. The received BUM traffic will be treated as specified
in item b above if the received VNI is the AR-VNI and as
specified in item c if the VNI is the IR-VNI.
10. Security Considerations
The security considerations in [RFC7432] and [RFC8365] apply to this
document. The security considerations related to the Leaf A-D route
in [RFC9572] apply too.
In addition, the Assisted Replication method introduced by this
document may introduce some new risks that could affect the
successful delivery of BM traffic. Unicast traffic is not affected
by Assisted Replication (although unknown unicast traffic is affected
by the procedures for PFLs). The forwarding of BM traffic is
modified, and BM traffic from the AR-LEAF nodes will be drawn toward
AR-REPLICATORs in the BD. An AR-LEAF will forward BM traffic to its
selected AR-REPLICATOR; therefore, an attack on the AR-REPLICATOR
could impact the delivery of the BM traffic using that node. Also,
an attack on the AR-REPLICATOR and any change to the advertised AR
type will modify the selections made by the AR-LEAF nodes. If no
other AR-REPLICATOR is selected, the AR-LEAF nodes will be forced to
use Ingress Replication forwarding mode, which will impact their
performance, since the AR-LEAF nodes are usually NVEs/PEs with poor
replication performance.
This document introduces the ability of the AR-REPLICATOR to forward
traffic received on an overlay tunnel to another overlay tunnel. The
reader may determine that this introduces the risk of BM loops --
that is, an AR-LEAF receiving a BM-encapsulated packet that the AR-
LEAF originated in the first place due to one or two AR-REPLICATORs
"looping" the BM traffic back to the AR-LEAF. Following the
procedures provided in this document will prevent these BM loops,
since the AR-REPLICATOR will always forward the BM traffic using the
correct tunnel IP DA (or the correct VNI in the case of single-IP AR-
REPLICATORs), which instructs the remote nodes regarding how to
forward the traffic. This is true for both the Non-selective and
Selective modes defined in this document. However, incorrect
implementation of the procedures provided in this document may lead
to those unexpected BM loops.
The Selective mode provides a multi-stage replication solution, where
proper configuration of all the AR-REPLICATORs will prevent any
issues. A mix of mistakenly configured selective and non-selective
AR-REPLICATORs in the same BD could theoretically create packet
duplication in some AR-LEAFs; however, this document specifies a
fallback solution -- falling back to Non-selective mode in cases
where the AR-REPLICATORs advertised an inconsistent AR mode.
This document allows the AR-REPLICATOR to preserve the tunnel source
IP address of the AR-LEAF (as an option) when forwarding BM packets
from an overlay tunnel to another overlay tunnel. Preserving the AR-
LEAF source IP address makes the local-bias filtering procedures
possible for AR-LEAF nodes that are attached to the same ES. If the
AR-REPLICATOR does not preserve the AR-LEAF source IP address, AR-
LEAF nodes attached to all-active ESs will cause packet duplication
on the multihomed CE.
The AR-REPLICATOR nodes are, by design, using more bandwidth than PEs
[RFC7432] or NVEs [RFC8365] would use. Certain network events or
unexpected low performance may exceed the AR-REPLICATOR's local
bandwidth and cause service disruption.
Finally, PFLs (Section 7) should be used with care. Intentional or
unintentional misconfiguration of the BDs on a given leaf node may
result in the leaf not receiving the required BM or unknown unicast
traffic.
11. IANA Considerations
IANA has allocated the following Border Gateway Protocol (BGP)
parameters:
* Allocation in the "P-Multicast Service Interface Tunnel (PMSI
Tunnel) Tunnel Types" registry:
+=======+=============================+===========+
| Value | Meaning | Reference |
+=======+=============================+===========+
| 0x0A | Assisted Replication Tunnel | RFC 9574 |
+-------+-----------------------------+-----------+
Table 1
* Allocations in the "P-Multicast Service Interface (PMSI) Tunnel
Attribute Flags" registry:
+=======+===============================+===========+
| Value | Name | Reference |
+=======+===============================+===========+
| 3-4 | Assisted Replication Type (T) | RFC 9574 |
+-------+-------------------------------+-----------+
| 5 | Broadcast and Multicast (BM) | RFC 9574 |
+-------+-------------------------------+-----------+
| 6 | Unknown (U) | RFC 9574 |
+-------+-------------------------------+-----------+
Table 2
12. References
12.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
[RFC6513] Rosen, E., Ed. and R. Aggarwal, Ed., "Multicast in MPLS/
BGP IP VPNs", RFC 6513, DOI 10.17487/RFC6513, February
2012, <https://www.rfc-editor.org/info/rfc6513>.
[RFC6514] Aggarwal, R., Rosen, E., Morin, T., and Y. Rekhter, "BGP
Encodings and Procedures for Multicast in MPLS/BGP IP
VPNs", RFC 6514, DOI 10.17487/RFC6514, February 2012,
<https://www.rfc-editor.org/info/rfc6514>.
[RFC7432] Sajassi, A., Ed., Aggarwal, R., Bitar, N., Isaac, A.,
Uttaro, J., Drake, J., and W. Henderickx, "BGP MPLS-Based
Ethernet VPN", RFC 7432, DOI 10.17487/RFC7432, February
2015, <https://www.rfc-editor.org/info/rfc7432>.
[RFC7902] Rosen, E. and T. Morin, "Registry and Extensions for
P-Multicast Service Interface Tunnel Attribute Flags",
RFC 7902, DOI 10.17487/RFC7902, June 2016,
<https://www.rfc-editor.org/info/rfc7902>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8365] Sajassi, A., Ed., Drake, J., Ed., Bitar, N., Shekhar, R.,
Uttaro, J., and W. Henderickx, "A Network Virtualization
Overlay Solution Using Ethernet VPN (EVPN)", RFC 8365,
DOI 10.17487/RFC8365, March 2018,
<https://www.rfc-editor.org/info/rfc8365>.
[RFC9572] Zhang, Z., Lin, W., Rabadan, J., Patel, K., and A.
Sajassi, "Updates to EVPN Broadcast, Unknown Unicast, or
Multicast (BUM) Procedures", RFC 9572,
DOI 10.17487/RFC9572, May 2024,
<https://www.rfc-editor.org/info/rfc9572>.
12.2. Informative References
[RFC4023] Worster, T., Rekhter, Y., and E. Rosen, Ed.,
"Encapsulating MPLS in IP or Generic Routing Encapsulation
(GRE)", RFC 4023, DOI 10.17487/RFC4023, March 2005,
<https://www.rfc-editor.org/info/rfc4023>.
[RFC7348] Mahalingam, M., Dutt, D., Duda, K., Agarwal, P., Kreeger,
L., Sridhar, T., Bursell, M., and C. Wright, "Virtual
eXtensible Local Area Network (VXLAN): A Framework for
Overlaying Virtualized Layer 2 Networks over Layer 3
Networks", RFC 7348, DOI 10.17487/RFC7348, August 2014,
<https://www.rfc-editor.org/info/rfc7348>.
[RFC7637] Garg, P., Ed. and Y. Wang, Ed., "NVGRE: Network
Virtualization Using Generic Routing Encapsulation",
RFC 7637, DOI 10.17487/RFC7637, September 2015,
<https://www.rfc-editor.org/info/rfc7637>.
[RFC9161] Rabadan, J., Ed., Sathappan, S., Nagaraj, K., Hankins, G.,
and T. King, "Operational Aspects of Proxy ARP/ND in
Ethernet Virtual Private Networks", RFC 9161,
DOI 10.17487/RFC9161, January 2022,
<https://www.rfc-editor.org/info/rfc9161>.
Acknowledgements
The authors would like to thank Neil Hart, David Motz, Dai Truong,
Thomas Morin, Jeffrey Zhang, Shankar Murthy, and Krzysztof Szarkowicz
for their valuable feedback and contributions. Also, thanks to John
Scudder for his thorough review, which improved the quality of the
document significantly.
Contributors
In addition to the authors listed on the front page, the following
people also contributed to this document and should be considered
coauthors:
Wim Henderickx
Nokia
Kiran Nagaraj
Nokia
Ravi Shekhar
Juniper Networks
Nischal Sheth
Juniper Networks
Aldrin Isaac
Juniper
Mudassir Tufail
Citibank
Authors' Addresses
Jorge Rabadan (editor)
Nokia
777 Middlefield Road
Mountain View, CA 94043
United States of America
Email: jorge.rabadan@nokia.com
Senthil Sathappan
Nokia
Email: senthil.sathappan@nokia.com
Wen Lin
Juniper Networks
Email: wlin@juniper.net
Mukul Katiyar
Versa Networks
Email: mukul@versa-networks.com
Ali Sajassi
Cisco Systems
Email: sajassi@cisco.com
|
