Review for the document as per your request.
I would like to thanks the authors and the WG for this work.
In general this document is about data centres DCs, and using IP
architecture, so this document is an architecture of the overlays above
such network purpose. The management among both architectures is very
essential for the best DC performance. The IP architecture is implemented
in the network infrastructure but the NVO3 architecture is a Software
Defined Network SDN architecture. Furthermore, DC virtualization has many
advantages but increases complexity in all standard design. However, the
draft needs more defining of the connection between the both architectures
(i.e, implemented and software-defined) needs to be clarified in terms of
interactions in both planes (data and control).
My comments are as below, and suggestions are with the AB sign:-
Comment-1
The approach of the document needs to be more clear, as mentioned in the
introduction:-
introduction>
It should be possible to build and implement individual components in isolation
and have them work with other components with no changes to other
components.
AB>amend> It should be possible to standardize and implement individual
components in isolation and have them work with other components with no
changes to other components.
introduction> This document differs from the framework document in that it
doesn’t attempt to cover all possible approaches within the general design
space. Rather, it describes one particular approach.
AB> The introduction needs to answer:- Why you are having one such
approach as mentioned above?
AB> If this document is for special approach, this needs to be for special
use case which needs to be mentioned in title, because just saying '' an
architecture'' is not clear.
Comment-2
AB> When defining an architecture we need to define all general components,
connections, protocols, frames/packets, and services. VN and NV are
explained used in this document, but still not well defined in terms of
requirements, design-approaches, and network programming. The document does
not define general/special nodes, links, and interfaces of such virtualized
networks per control-data (d/c) plane approach. The document does not
include virtual DCs and SANs in the definitions. However, looking into
other documents under progress worked by the NVO3-WG, it is recommended
that this architecture document should be referencing such work in
progress.
Comment-3
The document needs to clarify the NVO3 architecture is it centralised,
distributed, or hierarchical distributed for each d/c plane.
Comment-4
How to identify each VM and configure its policy. or how to identify
virtual DCs which have SAN and LAN. How to configure, Links that have LAN
traffic and links that have SAN traffic, and links that do both traffic. Is
it using VN tagging only?
comment-5
Virtualization is for security, but why the nvo3-architecture addresses are
using MAC and IP which is not good for security. Also this node
identification was not mentioned in security consideration.
Comment-6
The ip architecture underlying needs to include IPv4 and/or IPv6, in one
section you mention TTL which is only for IPv4, but what about IPv6.
comment-7
Figure 1 must show the TSI as it showed the TS!!
Figure 1 should say: L3 overlay networks, instead of: L3 overlay network,
or mentioning that there may be VNs and NVDs. Also to show local and remote
TSs and remote NVE.
comment-8
section 3.1.1> To provide complete virtualization the network should
provide similar properties to the computing layer. The network
infrastructure should be able to support arbitrary network topologies and
addressing schemes. Each tenant should have the ability to configure both
the computing nodes and the network simultaneously.
AB> IPv6 cannot be used by the VMs of a tenant if the underlying physical
forwarding devices support only IPv4. The section should be clear about
this issue.
comment-9
section 3.1.1> Just as in the case with ports on Ethernet switches, a
number of settings could be imagined.
AB> why use the word, imagined. I suggest to change it.
comment-10
In security section, it was not taken consideration/recommendation of
using the IPsec technology, why.
Editorial comments:
draft>Tenant System Identifier
AB> amend> Tenant System Interface
draft>Domains be funneled through a particular device
AB> amend> Domains be Tunneled through a particular device
draft>Packets
AB>Change to> NVO3 packets
AB> You mention also TS packets. so that TS packet could be any protocol
packet.
Thank you, and sorry for the late submit of the date 12 August, it was due
to many electricity breaks.
best regards
AB
kk
On Sat, Jul 30, 2016 at 1:06 AM, The IESG <iesg-secretary(_at_)ietf(_dot_)org>
wrote:
The IESG has received a request from the Network Virtualization Overlays
WG (nvo3) to consider the following document:
- 'An Architecture for Data Center Network Virtualization Overlays
(NVO3)'
<draft-ietf-nvo3-arch-06.txt> as Informational RFC
The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf(_at_)ietf(_dot_)org mailing lists by 2016-08-12. Exceptionally, comments
may be
sent to iesg(_at_)ietf(_dot_)org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.
Abstract
This document presents a high-level overview architecture for
building data center network virtualization overlay (NVO3) networks.
The architecture is given at a high-level, showing the major
components of an overall system. An important goal is to divide the
space into individual smaller components that can be implemented
independently and with clear interfaces and interactions with other
components. It should be possible to build and implement individual
components in isolation and have them work with other components with
no changes to other components. That way implementers have
flexibility in implementing individual components and can optimize
and innovate within their respective components without requiring
changes to other components.
The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-nvo3-arch/
IESG discussion can be tracked via
https://datatracker.ietf.org/doc/draft-ietf-nvo3-arch/ballot/
The following IPR Declarations may be related to this I-D:
https://datatracker.ietf.org/ipr/2320/
https://datatracker.ietf.org/ipr/2538/