Technical Summary
Network virtualization involves the cooperation of devices with a
wide variety of capabilities such as software and hardware tunnel
endpoints, transit fabrics, and centralized control clusters. As a
result of their role in tying together different elements in the
system, the requirements on tunnels are influenced by all of these
components. Flexibility is therefore the most important aspect of a
tunnel protocol if it is to keep pace with the evolution of the
system. This document describes Geneve, an encapsulation protocol
designed to recognize and accommodate these changing capabilities and
needs.
Working Group Summary
The document describes the Geneve encapsulation format for NVO3. NVO3
has considered many different encapsulation formats, also including GUE
(draft-ietf-nvo3-gue-05 and draft-ietf-intarea-gue-07), and VXLAN-GPE
(draft-ietf-nvo3-vxlan-gpe-06). A design team was chartered to analyse
the available encapsulations and recommend one to go forward. The
result of this choice was Geneve, and the design team's conclusions
are documented in draft-dt-nvo3-encap-01. These conclusions were
accepted by the working group.
There are two IPR declarations on the draft. These were made in 2014 prior to
the draft being adopted as a working group draft, and the working group is
well aware of these.
Document Quality
No concerns about the quality of the document, it has been widely reviewed and discussed on the list over a
number of years. Few nits remains relating to outdated references.
The document has been the subject of early reviews by the Routing Area Directorate,
Transport Area Review Team, and the Security Area Directorate. Although all
of these review raise comments, they were all resolved with the agreement of
the reviewers.
The document also received a significant number of comments from the editor of
a number of security drafts in NVO3. Most of these were resolved, and all comments
were addressed on the list or as changes to the document. The most significant
outstanding comment related to the fact that Geneve recommends using DTLS and
IPSec for end to end security. This is not possible if transit devices that need to
inspect the packet header. This limitation is indicated in the draft. There was
also some discussion around the precise wording of restrictions on the order
of processing and dependencies between options in the Geneve header, but
no consensus to change the current text in the draft.
There was consensus to move forward with the draft.
Personnel
Document Shepherd: Matthew Bocci
Responsible Area Director: Martin Vigoureux