< draft-dunbar-bess-bgp-sdwan-usage-00.txt   draft-dunbar-bess-bgp-sdwan-usage-01.txt >
skipping to change at page 1, line 16 skipping to change at page 1, line 16
Cisco Cisco
J. Drake J. Drake
Juniper Juniper
Ayan Barnerjee Ayan Barnerjee
D. Carrel D. Carrel
Cisco Cisco
July 8, 2019 July 8, 2019
BGP Usage for SDWAN Overlay Networks BGP Usage for SDWAN Overlay Networks
draft-dunbar-bess-bgp-sdwan-usage-00 draft-dunbar-bess-bgp-sdwan-usage-01
Abstract Abstract
The document describes three distinct SDWAN scenarios and discusses The document describes three distinct SDWAN scenarios and discusses
the applicability of BGP for each of those scenarios. The goal of the applicability of BGP for each of those scenarios. The goal of
the document is to make it easier for future SDWAN control plane the document is to make it easier for future SDWAN control plane
protocols discussion. protocols discussion.
SDWAN edge nodes are commonly interconnected by multiple underlay SDWAN edge nodes are commonly interconnected by multiple underlay
networks that are owned and managed by different network providers. networks that are owned and managed by different network providers.
skipping to change at page 3, line 5 skipping to change at page 3, line 5
1. Introduction...................................................3 1. Introduction...................................................3
2. Conventions used in this document..............................4 2. Conventions used in this document..............................4
3. Use Case Scenario Description and Requirements.................5 3. Use Case Scenario Description and Requirements.................5
3.1. Requirements..............................................6 3.1. Requirements..............................................6
3.1.1. Client Service Requirement...........................6 3.1.1. Client Service Requirement...........................6
3.1.2. SDWAN Node Provisioning..............................6 3.1.2. SDWAN Node Provisioning..............................6
3.2. Scenarios #1: Homogeneous WAN.............................8 3.2. Scenarios #1: Homogeneous WAN.............................8
3.3. Scenario #2: SDWAN WAN ports to VPN's PEs and to Internet.9 3.3. Scenario #2: SDWAN WAN ports to VPN's PEs and to Internet.9
3.4. Scenario #3: SDWAN WAN ports to MPLS VPN and the Internet12 3.4. Scenario #3: SDWAN WAN ports to MPLS VPN and the Internet12
4. Provisioning Model............................................13 4. Provisioning Model............................................14
4.1. Client Service Provisioning Model........................13 4.1. Client Service Provisioning Model........................14
4.2. WAN Ports Provisioning Model.............................14 4.2. WAN Ports Provisioning Model.............................14
4.2.1. Why BGP as Control Plane for SDWAN WAN Ports 4.2.1. Why BGP as Control Plane for SDWAN WAN Ports
Registration?..............................................14 Registration?..............................................15
5. SDWAN Traffic Forwarding Walk Through.........................15 5. SDWAN Traffic Forwarding Walk Through.........................16
5.1. SDWAN Network Startup Procedures.........................15 5.1. SDWAN Network Startup Procedures.........................16
5.2. Packet Walk-Through for Scenario #1......................16 5.2. Packet Walk-Through for Scenario #1......................16
5.3. Packet Walk-Through for Scenario #2......................16 5.3. Packet Walk-Through for Scenario #2......................17
5.3.1. SDWAN node WAN Ports Properties Registration........18 5.3.1. SDWAN node WAN Ports Properties Registration........19
5.3.2. Controller Facilitated IPsec SA & NAT management....19 5.3.2. Controller Facilitated IPsec SA & NAT management....19
5.3.3. BGP Based SDWAN client routes.......................20 5.3.3. BGP Based SDWAN client routes.......................21
5.4. Packet Walk-Through for Scenario #3......................21 5.4. Packet Walk-Through for Scenario #3......................22
6. Manageability Considerations..................................22 6. Manageability Considerations..................................23
7. Security Considerations.......................................22 7. Security Considerations.......................................23
8. IANA Considerations...........................................22 8. IANA Considerations...........................................23
9. References....................................................22 9. References....................................................23
9.1. Normative References.....................................22 9.1. Normative References.....................................23
9.2. Informative References...................................23 9.2. Informative References...................................24
10. Acknowledgments..............................................24 10. Acknowledgments..............................................25
1. Introduction 1. Introduction
An "SDWAN" network consists of many segments of parallel paths over An "SDWAN" network consists of many segments of parallel paths over
different underlay networks, some of which are private networks over different underlay networks, some of which are private networks over
which traffic can traverse without encryption, others require which traffic can traverse without encryption, others require
encryption over untrusted public networks. encryption over untrusted public networks.
[Net2Cloud-Problem] describes the network related problems that [Net2Cloud-Problem] describes the network related problems that
enterprises face today in transitioning their IT infrastructure to enterprises face today in transitioning their IT infrastructure to
skipping to change at page 6, line 36 skipping to change at page 6, line 36
can include many areas, but from network connectivity perspective, can include many areas, but from network connectivity perspective,
ZTP should include the following: ZTP should include the following:
- Upon power up, an SDWAN node can reach a central SDWAN - Upon power up, an SDWAN node can reach a central SDWAN
Controller (which can be burned or preconfigured in the device) Controller (which can be burned or preconfigured in the device)
via a TLS or SSL secure channel. via a TLS or SSL secure channel.
- The Central SDWAN Controller can designate a Local Network - The Central SDWAN Controller can designate a Local Network
Controller in the proximity of the SDWAN node; the Local Network Controller in the proximity of the SDWAN node; the Local Network
Controller and the SDWAN nodes might be connected by third party Controller and the SDWAN nodes might be connected by third party
untrusted network. In the context of using BGP to control the untrusted network. The Local controller does all the following 4
SDWAN overlay network, a Route Reflector (RR) [RFC4456] can act as tasks:
a Local Network Controller. The SDWAN node can establish a secure
connection (TLS, SSL, etc) to the Local Network Controller (RR). 1) ZTP
2) Auto-discovery of Network
3) (Auto)-Provisioning for IPsec SAs (initial provisioning
part)
4) Signaling of tenant's routes/info
BGP is well suited for (4), using Route Reflector (RR) [RFC4456]
to propagate network information among SDWAN edge nodes. The SDWAN
node can establish a secure connection (TLS, SSL, etc) to the
Local Network Controller (RR).
+---+ +---+
Peer Group 1 |RR | Peer Group 2 Peer Group 1 |RR | Peer Group 2
+======+====+=+ +======+====+=====+ +======+====+=+ +======+====+=====+
/ / | +---+ | \ \ / / | +---+ | \ \
/ / | | \ \ / / | | \ \
+-+--+ +-+--+ +-+--+ +-+--+ +-+--+ +-+--+ +-+--+ +-+--+ +-+--+ +-+--+ +-+--+ +-+--+
|C-PE| |C-PE|--|C-PE| |C-PE| |C-PE| |C-PE| |C-PE| |C-PE|--|C-PE| |C-PE| |C-PE| |C-PE|
| 1 | | 2 | | 3 | |4 | | 5 | | 6 | | 1 | | 2 | | 3 | |4 | | 5 | | 6 |
+----+ +----+ +----+ +----+ +----+ +----+ +----+ +----+ +----+ +----+ +----+ +----+
 End of changes. 6 change blocks. 
21 lines changed or deleted 29 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/