Internet Engineering Task Force (IETF)                     D. Allan, Ed.
Request for Comments: 7734                                   J. Tantsura
Category: Standards Track                                       Ericsson
ISSN: 2070-1721                                                 D. Fedyk
                                                                     HPE
                                                              A. Sajassi
                                                                   Cisco
                                                            January 2016
        
Internet Engineering Task Force (IETF)                     D. Allan, Ed.
Request for Comments: 7734                                   J. Tantsura
Category: Standards Track                                       Ericsson
ISSN: 2070-1721                                                 D. Fedyk
                                                                     HPE
                                                              A. Sajassi
                                                                   Cisco
                                                            January 2016
        

Support for Shortest Path Bridging MAC Mode over Ethernet VPN (EVPN)

支持以太网VPN(EVPN)上的最短路径桥接MAC模式

Abstract

摘要

This document describes how Ethernet Shortest Path Bridging MAC mode (SPBM) can be combined with Ethernet VPN (EVPN) to interwork with Provider Backbone Bridging Provider Edges (PBB PEs) as described in the PBB-EVPN solution (RFC 7623). This is achieved via operational isolation of each Ethernet network attached to an EVPN core while supporting full interworking between the different variations of Ethernet networks.

本文档描述了如何将以太网最短路径桥接MAC模式(SPBM)与以太网VPN(EVPN)结合,以与PBB-EVPN解决方案(RFC 7623)中所述的提供商主干桥接提供商边缘(PBB PE)互通。这是通过连接到EVPN核心的每个以太网的操作隔离实现的,同时支持以太网不同变体之间的完全互通。

Status of This Memo

关于下段备忘

This is an Internet Standards Track document.

这是一份互联网标准跟踪文件。

This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741.

本文件是互联网工程任务组(IETF)的产品。它代表了IETF社区的共识。它已经接受了公众审查,并已被互联网工程指导小组(IESG)批准出版。有关互联网标准的更多信息,请参见RFC 5741第2节。

Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7734.

有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc7734.

Copyright Notice

版权公告

Copyright (c) 2016 IETF Trust and the persons identified as the document authors. All rights reserved.

版权所有(c)2016 IETF信托基金和确定为文件作者的人员。版权所有。

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.

本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。从本文件中提取的代码组件必须包括信托法律条款第4.e节中所述的简化BSD许可证文本,并提供简化BSD许可证中所述的无担保。

Table of Contents

目录

   1. Introduction ....................................................3
      1.1. Requirements Language ......................................3
   2. Conventions Used in This Document ...............................3
      2.1. Terminology ................................................3
   3. Solution Overview ...............................................4
   4. Elements of Procedure ...........................................5
      4.1. PE Configuration ...........................................5
      4.2. DF Election ................................................6
      4.3. Control-Plane Interworking ISIS-SPB to EVPN ................6
      4.4. Control-Plane Interworking EVPN to ISIS-SPB ................7
      4.5. Data-Plane Interworking SPBM Island or PBB PE to EVPN ......8
      4.6. Data-Plane Interworking EVPN to SPBM Island ................8
      4.7. Data-Plane Interworking EVPN to PBB PE .....................8
      4.8. Multicast Support ..........................................8
   5. Other Aspects ...................................................8
      5.1. Transit ....................................................8
   6. Security Considerations .........................................9
   7. References .....................................................10
      7.1. Normative References ......................................10
      7.2. Informative References ....................................10
   Acknowledgments ...................................................11
   Authors' Addresses ................................................11
        
   1. Introduction ....................................................3
      1.1. Requirements Language ......................................3
   2. Conventions Used in This Document ...............................3
      2.1. Terminology ................................................3
   3. Solution Overview ...............................................4
   4. Elements of Procedure ...........................................5
      4.1. PE Configuration ...........................................5
      4.2. DF Election ................................................6
      4.3. Control-Plane Interworking ISIS-SPB to EVPN ................6
      4.4. Control-Plane Interworking EVPN to ISIS-SPB ................7
      4.5. Data-Plane Interworking SPBM Island or PBB PE to EVPN ......8
      4.6. Data-Plane Interworking EVPN to SPBM Island ................8
      4.7. Data-Plane Interworking EVPN to PBB PE .....................8
      4.8. Multicast Support ..........................................8
   5. Other Aspects ...................................................8
      5.1. Transit ....................................................8
   6. Security Considerations .........................................9
   7. References .....................................................10
      7.1. Normative References ......................................10
      7.2. Informative References ....................................10
   Acknowledgments ...................................................11
   Authors' Addresses ................................................11
        
1. Introduction
1. 介绍

This document describes how Ethernet Shortest Path Bridging MAC mode (SPBM) [IEEE.802.1Q] along with Provider Backbone Bridging Provider Edges (PBB PEs) and Provider Backbone Bridged Networks (PBBNs) can be supported by Ethernet VPNs (EVPNs) such that each SPBM island is operationally isolated while providing full L2 connectivity between the different types of PBBNs where desired. Each SPBM island uses its own control-plane instance and multipathing design, be it multiple equal-cost tree sets or multiple spanning trees.

本文档描述了以太网VPN(EVPN)如何支持以太网最短路径桥接MAC模式(SPBM)[IEEE.802.1Q]以及提供商主干桥接提供商边缘(PBB PE)和提供商主干桥接网络(PBBN)这样,每个SPBM岛在操作上是隔离的,同时根据需要在不同类型的PBBN之间提供完整的L2连接。每个SPBM岛使用自己的控制平面实例和多路径设计,可以是多个等成本树集或多个生成树。

The intention is to permit past, current, and emerging future versions of Ethernet to be seamlessly interconnected to permit large-scale, geographically diverse numbers of Ethernet end systems to be fully supported with EVPN as the unifying system.

其目的是允许过去、现在和未来出现的以太网版本无缝互连,以允许大规模、地理位置不同的以太网终端系统完全支持EVPN作为统一系统。

1.1. Requirements Language
1.1. 需求语言

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119].

本文件中的关键词“必须”、“不得”、“要求”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照RFC 2119[RFC2119]中所述进行解释。

2. Conventions Used in This Document
2. 本文件中使用的公约
2.1. Terminology
2.1. 术语

Terms used in this document are used as specified in IEEE 802.1Q-2014, which incorporates earlier IEEE 802.1 projects.

本文件中使用的术语按照IEEE 802.1Q-2014中的规定使用,其中包括早期的IEEE 802.1项目。

BEB: Backbone Edge Bridge BGP: Border Gateway Protocol B-MAC: Backbone MAC B-VID: Backbone VLAN ID CE: Customer Edge DA: Destination Address DF: Designated Forwarder ESI: Ethernet Segment Identifier EVPN: Ethernet VPN IB-BEB: A BEB that has both an I-component (customer-layer VLAN-aware bridge) and a B-component (backbone-layer VLAN-aware bridge) ISIS-SPB: IS-IS as extended for SPB I-SID: Backbone Service Instance Identifier NLRI: Network Layer Reachability Information PBB: Provider Backbone Bridging as in Clauses 25 and 26 of [IEEE.802.1Q] PBBN: Provider Backbone Bridged Network PBB PE: Co-located BEB and EVPN PE PE: Provider Edge

BEB:主干边缘网桥BGP:边界网关协议B-MAC:主干MAC B-VID:主干VLAN ID CE:客户边缘DA:目标地址DF:指定转发器ESI:以太网段标识符EVPN:以太网VPN IB-BEB:同时具有I组件(客户层VLAN感知网桥)和B组件(主干层VLAN感知网桥)的BEBISIS-SPB:IS-IS扩展为SPB I-SID:主干服务实例标识符NLRI:网络层可达性信息PBB:提供商主干桥接,如[IEEE.802.1Q]PBBN:提供商主干桥接网络PBB PE:共址BEB和EVPN PE:提供商边缘第25和26条所述

SPB: Shortest Path Bridging SPBM: Shortest Path Bridging MAC mode as in Clauses 27 and 28 of [IEEE.802.1Q] SPBM-PE: Co-located SPBM<->EVPN interworking function and EVPN PE

SPB:最短路径桥接SPBM:最短路径桥接MAC模式,如[IEEE.802.1Q]SPBM-PE第27条和第28条所述:位于同一位置的SPBM<->EVPN互通功能和EVPN PE

3. Solution Overview
3. 解决方案概述

The EVPN solution for SPBM, as specified in [IEEE.802.1Q], incorporates control-plane interworking in the PE to map ISIS-SPB [RFC6329] information elements into the EVPN Next Layer Reachability Information (NLRI) and vice versa. This requires each PE to act both as an EVPN BGP speaker and as an ISIS-SPB edge node. Associated with this are procedures for configuring the forwarding operations of the PE such that an arbitrary number of EVPN-attached SPBM islands can be interconnected without any topological or multipathing dependencies. This model also permits PBB PEs as defined in [RFC7623] to seamlessly communicate with the SPBM islands.

如[IEEE.802.1Q]中所述,SPBM的EVPN解决方案将PE中的控制平面互通结合起来,以将ISIS-SPB[RFC6329]信息元素映射到EVPN下一层可达性信息(NLRI)中,反之亦然。这要求每个PE同时充当EVPN BGP扬声器和ISIS-SPB边缘节点。与此相关联的是用于配置PE的转发操作的过程,以便可以在没有任何拓扑或多路径依赖的情况下互连任意数量的EVPN连接的SPBM岛。该模型还允许[RFC7623]中定义的PBB PE与SPBM岛无缝通信。

                            +--------------+ +----+   +---+
                            |              | |PBB |---|CE2|
                            |              | |PE3 |   +---+
         +-----+     +----+ |              | +----+
         |     |-----|SPBM| |              |
         |SPBM |     |PE1 | |   IP/MPLS    |
   +---+ |NTWK1|     +----+ |   Network    |
   |CE1|-|     |            |              |
   +---+ |     |     +----+ |              |
         |     |-----|SPBM| |              | +----+   +-----+
         +-----+     |PE2 | |              | |SPBM|   |SPBM | +---+
                     +----+ |              | |PE5 |---|NTWK2|-|CE3|
                            +--------------+ +----+   +-----+ +---+
        
                            +--------------+ +----+   +---+
                            |              | |PBB |---|CE2|
                            |              | |PE3 |   +---+
         +-----+     +----+ |              | +----+
         |     |-----|SPBM| |              |
         |SPBM |     |PE1 | |   IP/MPLS    |
   +---+ |NTWK1|     +----+ |   Network    |
   |CE1|-|     |            |              |
   +---+ |     |     +----+ |              |
         |     |-----|SPBM| |              | +----+   +-----+
         +-----+     |PE2 | |              | |SPBM|   |SPBM | +---+
                     +----+ |              | |PE5 |---|NTWK2|-|CE3|
                            +--------------+ +----+   +-----+ +---+
        

Figure 1: PBB and SPBM EVPN Network

图1:PBB和SPBM EVPN网络

Figure 1 illustrates the generalized space addressed by this memo. SPBM networks may be multihomed onto an IP/MPLS network that implements EVPN for the purpose of interconnecting with other SPBM networks and/or PBB PEs. The multipathing configuration of each SPBM network can be unique as the backbone VLAN ID (B-VID) configuration (how multipathing is performed in SPBM) is not propagated across the IP/MPLS network implementing EVPN. As with PBB networking, the B-VID is local to the SPBM network, so in SPBM a B-MAC associated with the B-VID is advertised with the supported I-SIDs at the PBB gateway.

图1说明了本备忘录所涉及的通用空间。为了与其他SPBM网络和/或PBB PE互连,SPBM网络可以多宿在实现EVPN的IP/MPLS网络上。每个SPBM网络的多路径配置可以是唯一的,因为主干VLAN ID(B-VID)配置(在SPBM中执行多路径的方式)不会在实现EVPN的IP/MPLS网络中传播。与PBB网络一样,B-VID是SPBM网络的本地设备,因此在SPBM中,与B-VID相关联的B-MAC在PBB网关上通过受支持的I-SID进行广告。

Each EVPN is identified by a route target. I-SID-based load-balancing as specified in [RFC7623] allows multiple gateways per B-VID (each with different I-SIDs) across the EVPN; it is supported by the interworking between PBBNs and SPBM networks. However, SPBM

每个EVPN由一个路由目标标识。[RFC7623]中规定的基于I-SID的负载平衡允许每个B-VID有多个网关(每个网关具有不同的I-SID),跨越EVPN;它由PBBNs和SPBM网络之间的互通提供支持。然而,SPBM

only allows a single active designated forwarder (DF) per B-VID as described below. The route target identifies the set of SPBM islands and PBB PEs that are allowed to communicate. Each SPBM island is administered to have an Ethernet Segment ID (ESI) Label extended community associated with it.

如下所述,每个B-VID仅允许一个活动的指定转发器(DF)。路由目标标识允许通信的一组SPBM岛和PBB PE。每个SPBM岛的管理都有一个与之关联的以太网段ID(ESI)标签扩展社区。

BGP acts as a common repository of the I-Component Service ID (I-SID) attachment points for the set of attached PEs / SPBM islands. This is in the form of {B-MAC address, I-SID, Tx-Rx-attribute} tuples. BGP distributes I-SID information into each SPBM island on the basis of locally registered interest. If an SPBM island has no Backbone Edge Bridges (BEBs) registering interest in a particular I-SID, information about that I-SID from other SPBM islands, PBB PEs, or PBBNs MUST NOT be leaked into the local ISIS-SPB routing system. For each B-VID in an SPBM island, a single SPBM-PE MUST be elected the DF for the B-VID. An SPBM-PE can be a DF for more than one B-VID. This is described further in Section 4.2. The SPBM-PE originates IS-IS advertisements as if it were an IB-BEB that proxies for the other SPBM islands and PBB PEs in the EVPN defined by the route target, but the PE typically will not actually host any I-components.

BGP充当连接的PEs/SPBM岛集的I组件服务ID(I-SID)连接点的公共存储库。这是以{B-MAC地址、I-SID、Tx-Rx属性}元组的形式出现的。BGP根据本地注册的兴趣向每个SPBM岛分发I-SID信息。如果SPBM岛没有在特定I-SID中注册兴趣的主干边缘网桥(BEB),则不得将来自其他SPBM岛、PBB PE或PBBN的有关该I-SID的信息泄漏到本地ISIS-SPB路由系统中。对于SPBM岛中的每个B-VID,必须选择一个SPBM-PE作为B-VID的DF。SPBM-PE可以是多个B-VID的DF。第4.2节对此作了进一步说明。SPBM-PE发起IS-IS广告,就好像它是代理路由目标定义的EVPN中其他SPBM岛和PBB PE的IB-BEB一样,但PE通常不会实际承载任何I组件。

An SPBM-PE that is a DF for a B-VID MUST strip the B-VID tag information from frames relayed towards the EVPN. The DF MUST also insert the appropriate B-VID tag information into frames relayed towards the SPBM island on the basis of the local I-SID/B-VID bindings advertised in ISIS-SPB.

作为B-VID DF的SPBM-PE必须从向EVPN中继的帧中剥离B-VID标签信息。DF还必须根据ISIS-SPB中公布的本地I-SID/B-VID绑定,将适当的B-VID标签信息插入到向SPBM岛中继的帧中。

4. Elements of Procedure
4. 程序要素

A PE MUST implement and perform the following procedures.

PE必须执行以下程序。

4.1. PE Configuration
4.1. PE配置

At SPBM island commissioning a PE is configured with:

在SPBM岛调试时,PE配置有:

1) The route target for the service instance. Where a route target is defined as identifying the set of SPBM islands, PBBNs and PBB PEs are to be interconnected by the EVPN.

1) 服务实例的路由目标。如果路由目标定义为识别SPBM岛集,则PBBN和PBB PE将由EVPN互连。

2) The unique ESI for the SPBM island. Mechanisms for deriving a unique ESI for the SPBM island are out of scope.

2) SPBM岛的独特ESI。推导SPBM岛独特ESI的机制超出范围。

The following is configured as part of commissioning an ISIS-SPB node:

以下配置是调试ISIS-SPB节点的一部分:

1) A Shortest Path Source ID (SPSourceID) used for algorithmic construction of multicast addresses. Note this is required for SPBM BEB operation independent of the EVPN operation.

1) 用于多播地址算法构造的最短路径源ID(SPSourceID)。注:这是SPBM BEB运行独立于EVPN运行所必需的。

2) The set of B-VIDs used in the SPBM island and multipathing algorithm IDs to use for each. The set of B-VIDs and multipathing algorithms used can be different in different domains. Therefore, the B-VID is local to an SPBM domain and is removed for frames carried over the IP/MPLS network.

2) SPBM岛中使用的B-VID集,以及用于每个岛的多路径算法ID。使用的B-VID和多路径算法集在不同的域中可能不同。因此,B-VID对于SPBM域是本地的,并且对于通过IP/MPLS网络承载的帧被移除。

A Type 1 Route Distinguisher for the node can be auto-derived. The actual procedure is out of scope for this document.

节点的1型路由识别器可以自动派生。实际程序超出了本文件的范围。

4.2. DF Election
4.2. DF选举

PEs self-appoint themselves for the role of DF for a B-VID for a given SPBM island. The procedure used is as per Section 8.5 (Designated Forwarder Election) of [RFC7432].

PEs自命担任给定SPBM岛B-VID的DF角色。使用的程序符合[RFC7432]第8.5节(指定货代选择)。

A PE that assumes the role of DF for a given B-VID is responsible for originating specific information into BGP from ISIS-SPB and vice versa. A PE that ceases to perform the role of DF for a given B-VID is responsible for withdrawing the associated information from BGP and ISIS-SPB, respectively. The actual information exchanged is outlined in the following sections.

担任给定B-VID DF角色的PE负责从ISIS-SPB向BGP发送特定信息,反之亦然。停止为给定B-VID执行DF角色的PE分别负责从BGP和ISIS-SPB中提取相关信息。以下各节概述了实际交换的信息。

4.3. Control-Plane Interworking ISIS-SPB to EVPN
4.3. 控制平面互通ISIS-SPB至EVPN

When a PE receives an SPBM service identifier and unicast address sub-TLV as part of an ISIS-SPB MT capability TLV, the PE checks if it is the DF for the B-VID in the sub-TLV.

当PE作为ISIS-SPB MT能力TLV的一部分接收到SPBM服务标识符和单播地址子TLV时,PE检查它是否是子TLV中B-VID的DF。

If it is the DF, and there is new or changed information, then a MAC/IP advertisement route NLRI is created for each new I-SID in the sub-TLV. Changed information that results in modification to existing NLRI is processed accordingly. NLRI creation/modification will ensure:

如果是DF,并且存在新的或更改的信息,则为子TLV中的每个新I-SID创建MAC/IP播发路由NLRI。相应地处理导致修改现有NLRI的更改信息。NLRI的创建/修改将确保:

- the Route Distinguisher is set to that of the PE.

- 路由识别器设置为PE的路由识别器。

- the ESI is that of the SPBM island.

- ESI是SPBM岛的ESI。

- the Ethernet Tag ID contains the I-SID (including the Tx/Rx attributes) copied from the SPBM service identifier and unicast address sub-TLV. The encoding of I-SID information is as per Figure 2. (See [RFC6329] for details on the T bit and R bit.)

- 以太网标签ID包含从SPBM服务标识符和单播地址子TLV复制的I-SID(包括Tx/Rx属性)。I-SID信息的编码如图2所示。(有关T位和R位的详细信息,请参阅[RFC6329])

       0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |T|R| Reserved  |                 I-SID                         |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
        
       0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |T|R| Reserved  |                 I-SID                         |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
        

Figure 2: I-SID Encoding in the Ethernet Tag ID Field

图2:Ethernet标记ID字段中的I-SID编码

- the MAC address is copied from the SPBM service identifier and unicast address sub-TLV

- MAC地址从SPBM服务标识符和单播地址子TLV复制

- a locally assigned MPLS label (which may be common with other NLRI originated by the PE and is used to map EVPN traffic to the SPBM network)

- 本地分配的MPLS标签(可能与PE发起的其他NLRI共用,用于将EVPN流量映射到SPBM网络)

Similarly, in the scenario where a PE became elected DF for a B-VID in an operating network, the IS-IS database would be processed in order to construct the NLRI associated with the new role of the PE.

类似地,在PE被选为运营网络中B-VID的DF的场景中,IS-IS数据库将被处理以构建与PE的新角色相关联的NLRI。

If the BGP database has NLRI for the I-SID, and this is the first instance of registration of interest in the I-SID from the SPBM island, the NLRI for the I-SID is processed to construct an updated set of SPBM service identifier and unicast address sub-TLVs to be advertised by the PE.

如果BGP数据库具有用于I-SID的NLRI,并且这是从SPBM岛注册I-SID中感兴趣的第一个实例,则处理用于I-SID的NLRI以构造一组更新的SPBM服务标识符和单播地址子TLV,以由PE播发。

The ISIS-SPB information is also used to keep current a local table indexed by I-SID to indicate the associated B-VID for processing of frames received from the EVPN. When an I-SID is associated with more than one B-VID, only one entry is allowed in the table. Rules for preventing this are out of scope for this memo.

ISIS-SPB信息还用于保持由I-SID索引的本地表的当前状态,以指示用于处理从EVPN接收的帧的关联B-VID。当一个I-SID与多个B-VID关联时,表中只允许一个条目。防止这种情况发生的规则超出了本备忘录的范围。

4.4. Control-Plane Interworking EVPN to ISIS-SPB
4.4. 控制平面互通EVPN至ISIS-SPB

When a PE receives a BGP NLRI that has new information, the PE checks if it is the elected DF to communicate this information into ISIS-SPB by checking if the I-SID in the Ethernet Tag ID locally maps to the B-VID for which it is an elected DF. Note that if no BEBs in the SPB island have advertised any interest in the I-SID, it will not be associated with any B-VID locally, and therefore will not be of interest. If the I-SID is of local interest to the SPBM island and the PE is the DF for the B-VID to which the I-SID is locally mapped, a SPBM service identifier and unicast address sub-TLV are constructed/updated for advertisement into ISIS-SPB.

当PE接收到具有新信息的BGP NLRI时,PE通过检查以太网标签ID中的I-SID是否本地映射到其为所选DF的B-VID来检查其是否是将该信息传送到ISIS-SPB的所选DF。请注意,如果SPB岛上没有BEB公布对I-SID感兴趣,则它不会与本地的任何B-VID关联,因此不会引起兴趣。如果I-SID是SPBM岛本地感兴趣的,并且PE是I-SID本地映射到的B-VID的DF,则构建/更新SPBM服务标识符和单播地址子TLV,以便向ISIS-SPB播发。

The NLRI advertised into ISIS-SPB is also used to locally populate a forwarding table indexed by B-MAC + I-SID that points to the label stack to impose on the SPBM frame. The bottom label in the stack is that obtained from the NLRI.

播发到ISIS-SPB中的NLRI还用于本地填充由B-MAC+I-SID索引的转发表,该表指向要施加在SPBM帧上的标签堆栈。堆栈中的底部标签是从NLRI获得的标签。

4.5. Data-Plane Interworking SPBM Island or PBB PE to EVPN
4.5. 数据平面互通SPBM岛或PBB PE至EVPN

When a PE receives a frame from the SPBM island in a B-VID for which it is a DF, it looks up the B-MAC/I-SID information to determine the label stack to be added to the frame for forwarding in the EVPN. The PE strips the B-VID information from the frame, adds the label information to the frame, and forwards the resulting MPLS packet.

当PE在其为DF的B-VID中从SPBM岛接收到帧时,它会查找B-MAC/I-SID信息,以确定要添加到帧中以在EVPN中转发的标签堆栈。PE从帧中剥离B-VID信息,将标签信息添加到帧中,并转发生成的MPLS数据包。

4.6. Data-Plane Interworking EVPN to SPBM Island
4.6. EVPN与SPBM岛的数据平面互通

When a PE receives a packet from the EVPN, it can infer the B-VID to overwrite in the SPBM frame from the I-SID or by other means (such as via the bottom label in the MPLS stack).

当PE从EVPN接收到分组时,它可以从I-SID或通过其他方式(例如通过MPLS堆栈中的底部标签)推断B-VID在SPBM帧中覆盖。

If the frame has a local multicast destination address (DA), it overwrites the SPSourceID in the frame with the local SPSourceID.

如果帧具有本地多播目标地址(DA),它将用本地SPSourceID覆盖帧中的SPSourceID。

4.7. Data-Plane Interworking EVPN to PBB PE
4.7. 数据平面互通EVPN到PBB PE

A PBB PE actually has no attached PBBN nor concept of B-VID, so no frame processing is required.

PBB PE实际上没有附加的PBBN,也没有B-VID的概念,因此不需要帧处理。

A PBB PE is required to accept SPBM-encoded multicast DAs as if they were PBB-encoded (i.e., using the Backbone Service Instance Group address) for multicast DAs. The only information of interest is that it is a multicast frame and the I-SID encoded in the lower 24 bits.

PBB PE需要接受SPBM编码的多播DAs,就像它们是多播DAs的PBB编码(即,使用主干服务实例组地址)一样。唯一感兴趣的信息是,它是一个多播帧,并且以较低的24位编码I-SID。

4.8. Multicast Support
4.8. 多播支持

Within a PBBN domain, Ethernet unicast and multicast end services are supported. PBB can tunnel multicast traffic in unicast PBB frames when using head-end replication. This is the only form of multicast traffic interworking supported by this document. Native PBB multicast forwarding over EVPN, PE replication, or optimizing PBB multicast across the EVPN is not addressed by this memo.

在PBBN域内,支持以太网单播和多播终端服务。当使用头端复制时,PBB可以在单播PBB帧中隧道多播流量。这是本文档支持的唯一形式的多播通信互通。本备忘录不涉及EVPN上的本机PBB多播转发、PE复制或优化EVPN上的PBB多播。

5. Other Aspects
5. 其他方面
5.1. Transit
5.1. 运输

Any PE that does not need to participate in the tandem calculations at the B-MAC layer can use the IS-IS overload bit to exclude SPBM tandem paths and behave as a pure interworking platform.

任何不需要在B-MAC层参与串列计算的PE都可以使用IS-IS过载位来排除SPBM串列路径,并充当纯互通平台。

6. Security Considerations
6. 安全考虑

Security issues associated with incorrect interconnection of customer LANs cannot be directly addressed by implementations of this document, as it requires misconfiguration in the Shortest Path Bridging domains. The identifiers so administered have global significance to the larger system. They are relayed transparently by EVPN and only policed in the SPBM domains. Therefore, care is required in synchronization of identifiers that need to be common for inter-domain operation.

本文档的实施无法直接解决与客户LAN不正确互连相关的安全问题,因为它需要在最短路径桥接域中进行错误配置。如此管理的标识符对更大的系统具有全局意义。它们由EVPN透明中继,并且仅在SPBM域中进行策略。因此,需要注意域间操作所需的公共标识符的同步。

There are only two identifiers unique to this solution provisioned at an SPBM-PE at service turn-up: the route target and the ESI. The ESI needs to be unique and common to all SPBM-PEs connected to a common SPBM network or PBBN, else portions of the overall network will not share reachability. (The EVPN will assume that separate networks are interconnected by SPBM.) Security issues exist when SPBM domains are incorrectly cross-connected together via EVPN; this will result in black-holing or incorrect delivery of data with associated privacy issues. This error may occur by provisioning the incorrect RT value at an SPBM-PE or associating the RT with the wrong interface. This error can be avoided by consistency-checking the route target provisioning at SPBM-PEs when performing service additions and/or changes.

在SPBM-PE服务启动时,只有两个标识符是此解决方案独有的:路由目标和ESI。ESI对于连接到公共SPBM网络或PBBN的所有SPBM PE来说必须是唯一和通用的,否则整个网络的部分将不共享可达性。(EVPN将假设单独的网络由SPBM互连。)当SPBM域通过EVPN错误地交叉连接在一起时,存在安全问题;这将导致数据的黑洞或不正确传递,并伴随相关的隐私问题。此错误可能是由于在SPBM-PE上设置了不正确的RT值或将RT与错误接口关联而发生的。在执行服务添加和/或更改时,可以通过一致性检查SPBM PEs上的路由目标供应来避免此错误。

The behavior that is potentially most destructive to the overall system is frequent changes to the DF elections for a given ESI. This would occur if the SPBM-PEs continuously had their links go up and down in a such a way that the SPBM-PE was being severed from and reconnected to either the IP/MPLS network or the attached SPBM network. Either of these scenarios would result in significant control-plane traffic as DF associated information was advertised and withdrawn from both the SPBM and BGP control planes. Dual-homing of SPBM-PEs on both networks would minimize the likelihood of this scenario occurring.

对整个系统最具潜在破坏性的行为是频繁更改给定ESI的DF选举。如果SPBM PE的链路持续上下移动,导致SPBM-PE从IP/MPLS网络或连接的SPBM网络断开并重新连接,则会发生这种情况。这两种情况中的任何一种都会导致大量的控制飞机流量,因为在SPBM和BGP控制飞机上公布并撤回了与DF相关的信息。SPBM PEs在两个网络上的双重归宿将最大限度地降低这种情况发生的可能性。

The issues associated with securing the BGP control plane (independent of this particular memo) are reflected in the Security Considerations section of [RFC4761].

与保护BGP控制平面(独立于本备忘录)相关的问题反映在[RFC4761]的安全注意事项部分。

7. References
7. 工具书类
7.1. Normative References
7.1. 规范性引用文件

[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <http://www.rfc-editor.org/info/rfc2119>.

[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,DOI 10.17487/RFC2119,1997年3月<http://www.rfc-editor.org/info/rfc2119>.

[RFC4761] Kompella, K., Ed., and Y. Rekhter, Ed., "Virtual Private LAN Service (VPLS) Using BGP for Auto-Discovery and Signaling", RFC 4761, DOI 10.17487/RFC4761, January 2007, <http://www.rfc-editor.org/info/rfc4761>.

[RFC4761]Kompella,K.,Ed.,和Y.Rekhter,Ed.,“使用BGP进行自动发现和信令的虚拟专用LAN服务(VPLS)”,RFC 4761,DOI 10.17487/RFC4761,2007年1月<http://www.rfc-editor.org/info/rfc4761>.

[RFC6329] Fedyk, D., Ed., Ashwood-Smith, P., Ed., Allan, D., Bragg, A., and P. Unbehagen, "IS-IS Extensions Supporting IEEE 802.1aq Shortest Path Bridging", RFC 6329, DOI 10.17487/RFC6329, April 2012, <http://www.rfc-editor.org/info/rfc6329>.

[RFC6329]Fedyk,D.,Ed.,Ashwood Smith,P.,Ed.,Allan,D.,Bragg,A.,和P.Unbehagen,“支持IEEE 802.1aq最短路径桥接的IS-IS扩展”,RFC 6329,DOI 10.17487/RFC6329,2012年4月<http://www.rfc-editor.org/info/rfc6329>.

[RFC7432] Sajassi, A., Ed., Aggarwal, R., Bitar, N., Isaac, A., Uttaro, J., Drake, J., and W. Henderickx, "BGP MPLS-Based Ethernet VPN", RFC 7432, DOI 10.17487/RFC7432, February 2015, <http://www.rfc-editor.org/info/rfc7432>.

[RFC7432]Sajassi,A.,Ed.,Aggarwal,R.,Bitar,N.,Isaac,A.,Uttaro,J.,Drake,J.,和W.Henderickx,“基于BGP MPLS的以太网VPN”,RFC 7432,DOI 10.17487/RFC7432,2015年2月<http://www.rfc-editor.org/info/rfc7432>.

7.2. Informative References
7.2. 资料性引用

[IEEE.802.1Q] IEEE, "IEEE Standard for Local and metropolitan area networks--Bridges and Bridged Networks", IEEE 802.1Q-2014, DOI 10.1109/ieeestd.2014.6991462, December 2014.

[IEEE.802.1Q]IEEE,“局域网和城域网的IEEE标准——网桥和桥接网络”,IEEE 802.1Q-2014,DOI 10.1109/ieeestd.2014.6991462,2014年12月。

[RFC7623] Sajassi, A., Ed., Salam, S., Bitar, N., Isaac, A., and W. Henderickx, "Provider Backbone Bridging Combined with Ethernet VPN (PBB-EVPN)", RFC 7623, DOI 10.17487/RFC7623, September 2015, <http://www.rfc-editor.org/info/rfc7623>.

[RFC7623]Sajassi,A.,Ed.,Salam,S.,Bitar,N.,Isaac,A.,和W.Henderickx,“提供商主干桥接与以太网VPN(PBB-EVPN)相结合”,RFC 7623,DOI 10.17487/RFC7623,2015年9月<http://www.rfc-editor.org/info/rfc7623>.

Acknowledgments

致谢

The authors would like to thank Peter Ashwood-Smith, Martin Julien, and Janos Farkas for their detailed reviews of this document.

作者感谢Peter Ashwood Smith、Martin Julien和Janos Farkas对本文件的详细评论。

Authors' Addresses

作者地址

Dave Allan (editor) Ericsson 300 Holger Way San Jose, CA 95134 United States

戴夫·艾伦(编辑)爱立信加利福尼亚州圣何塞霍尔格路300号,邮编95134

   Email: david.i.allan@ericsson.com
        
   Email: david.i.allan@ericsson.com
        

Jeff Tantsura Ericsson 300 Holger Way San Jose, CA 95134 United States

Jeff Tantsura Ericsson美国加利福尼亚州圣何塞霍尔格大道300号,邮编95134

   Email: jeff.tantsura@ericsson.com
        
   Email: jeff.tantsura@ericsson.com
        

Don Fedyk Hewlett-Packard Enterprise 153 Taylor Street Littleton, MA 01460 United States

美国马萨诸塞州利特尔顿泰勒街153号Don Fedyk Hewlett-Packard Enterprise 01460

   Email: don.fedyk@hpe.com
        
   Email: don.fedyk@hpe.com
        

Ali Sajassi Cisco 170 West Tasman Drive San Jose, CA 95134 United States

美国加利福尼亚州圣何塞西塔斯曼大道170号,邮编95134

   Email: sajassi@cisco.com
        
   Email: sajassi@cisco.com