Use Cases for Data Center Network Virtualization Overlay Networks
draft-ietf-nvo3-use-case-17

= Section 1 =

s/in Section 4.1)/in Section 4: 1)/

This draft doesn't seem to be aimed at requirements, so my no objection is on that basis.  I would expect a completely different document if requirements were included.

Thanks for adressing the tsv-art review and my additional comments. Thanks again to David!

I still agree with Alvaro and Suresh that this document doesn't seem to be very useful as a stand alone document, given that it does not state requirements clearly. To me it is still not clear if nvo3 networks are actually that much different compared to existing virtual networks such that any additional protocol work is needed.

------------------
For you convince, I post David's full review here:

Review result: Has Issues

I've reviewed this document as part of TSV-ART's ongoing effort to
review key IETF documents. These comments were written primarily for
the transport area directors, but are copied to the document's authors
for their information and to allow them to address any issues raised.
Please always CC tsv-art at ietf.org if you reply to or forward this
review.

This draft describes use cases for Data-Center Network Virtualization over
Layer 3 (NVO3) technology being worked on the NVO3 WG.

I should apologize for this review coming relatively late - the desirability
of a TSV-ART review of this draft was not discovered until after IETF Last
Call had concluded, and actually not until after an initial TSV-ART decision
had been made to not review this draft.

In the spirit of full disclosure, I have been an active member of the NVO3
WG, and an author of two of its three published RFCs, RFC 7364 and RFC
8014.  I have not seen much value in this use case draft, and for that
reason I did not carefully review it in the WG.   I have no fundamental
objection to RFC publication of this draft, but having reviewed it in detail
now, I believe it needs some serious attention before being approved for
RFC publication, and hope that the IESG concurs.

-- TSV-ART review comments:

[T-1] There's one minor transport issue in this draft that requires correction
in Section 2. Basic NVO3 Networks:

  The TS reachability update mechanisms need be fast enough so that
  the updates do not cause any communication disruption/interruption.

That requirement is overstated.  NVO3 technology can and does disrupt
communication by dropping packets when a TS (e.g., a virtual machine)
moves to a different network attachment point (i.e., NVE).

This requirement should be restated in terms of disruption to transport
protocols - it's ok to drop a packet or two thereby causing a TCP or SCTP
retransmission, but dropping enough packets to cause termination of
a TCP connection or SCTP association is clearly unacceptable.
In contrast, UDP-based applications will see packet drops in this (and other)
scenarios, but avoidance of that is not an NVO3 goal - while the U in UDP
does not stand for Unreliable, in NVO3 context, this is a good way to
think about that letter .

-- Other review comments

- Major Issue

[A] Section 2 of the draft is a problem.   While Section 1 characterizes
Section 2 as describing a use case referred to as "DC East-West traffic," that
use case is not to be found in Section 2 (e.g., nothing in Section 2 appears
to distinguish East-West traffic from North-South traffic).  In its current
form, Section 2 is really an NVO3 Background section, as it describes
NVO3 terminology in general terms - while it uses different text, nearly
all of the material that it contains can be found elsewhere, e.g., RFC 8014
on NVO3 Architecture (NB: This reviewer is an author of RFC 8014).  Section
2's title should be changed to "NVO3 Background" or something similar,
and Section 1 changed accordingly.

- Minor issues

[1] The draft's use of the term "NVO3 network" is sloppy and imprecise.
This is actually an NVO3 Virtual Network or VN - the word "virtual"
should be inserted in all cases.

[2] This text in section 3 is vague on what a VPN is:

   This, in turn,
   becomes the case of interconnecting an NVO3 network and the virtual
   private network (VPN) on the Internet or wide-area networks (WAN).
   Note that a VPN is not implemented by NVO3 solution.

By itself, the latter sentence is incorrect, however, reading onward, one
discovers that not all forms of VPNs are intended - section 3.1 uses an
IPsec VPN, and section 3.2 uses a BGP/MPLS L3VPN.  I would suggest
deleting the second sentence and rewriting the first to use these two
technologies as an example, e.g.:

   WAN connectivity to the virtual gateway can be provided by VPN
   technologies such as IPsec VPNs [RFC4301] and BGP/MPLS IP
   VPNs [RFC 4364].

[3] The first paragraph in section 3.2 is very hard to understand for someone
who is not already an expert in BGP/MPLS VPNs (RFC 4364 & RFC 7432) - e.g.,
it contains many unexpanded acronyms from that domain - ASBR, PE, SP, etc.,
none of which appear in this draft's terminology section.  It is not reasonable
for a general use case draft such as this to assume that degree of expertise
in another technical domain.

[4] As written, this sentence in Section 4.2 is incorrect:

   As a result, a tunnel carrying NVO3
   network traffic must be terminated at the GW/firewall where the NVO3
   traffic is processed.

as there are deployed "running code" counterexamples.

The underlying problem appears to be that the use case in section 4.2 includes
an implicit, but unstated, requirement for physical network segmentation/
isolation via physical GW/firewall network nodes.  That requirement needs to
be stated, and I suggest changing the section title to somehow convey this
physical segmentation/isolation requirement.

- Editorial

In Section 1. Introduction:

   The goal of
   data center network virtualization overlay (NVO3) networks is to
   decouple the communication among tenant systems from DC physical
   infrastructure networks and to allow one physical network
   infrastructure:

Pluralize and edit to "The goals of ... are ... infrastructure to:" and edit
the bulleted list so that each list item is a grammatically correct
completion of this sentence in the singular (i.e., "The goal of ... is to:").

The paragraph about gateways in the Introduction ("An NVO3 network
may interconnect ..." seems out of place - try moving it to somewhere
 in Section 2, e.g., so that it comes after the definition of the vGW
acronym in the terminology section.

In Section 1.1 Terminology:

- DMZ definition should use the relative terms "more trusted" and
  "less trusted" in place of the absolute terms "trusted" and "untrusted"

- In DC Operator definition: "A role who" -> "An entity that"  That wording
   should also be used instead of "A company that" in the definition of
   DC Provider.

Some usage of NVO3 terminology, while correct, makes this draft less
accessible to those not familiar with the NVO3 WG.   TS (Tenant System)
is a particular problem although this sentence near the start of Section 2
that introduces the term is fine:

   A TS can be a physical server/device or a virtual machine (VM)
   on a server, i.e., end-device [RFC7365].

I would suggest that the draft be written in terms of Virtual Machines
beyond this point, with a sentence added after the above sentence to
say that the draft is written in terms of virtual machines as a motivating
example of TSs for clarity, but the use cases apply to TSs in general, not
just VMs.

In section 4.1, use "physical servers" instead of "metal servers."    The
latter isn't even a good term - "bare metal servers" was probably intended,
but "physical servers" is the better term.

In section 5 Summary, remove the following paragraph:

   DC services may vary, from infrastructure as a service (IaaS), to
   platform as a service (PaaS), to software as a service (SaaS).
   In these services, NVO3 networks are just a portion of such services.

as those *aaS terms occur nowhere else in the draft, and hence this text
doesn't summarize any prior material.

Thanks, --David

I agree with Mirja that David Black's TSV-ART review (included as a Comment in Mirja's ballot) is worth a look before the draft goes to the RFC Editor.

To the IESG: I don't object to the publication of this document, but my impression was that much of the text is describing use cases for NVO3 products, with less attention being paid to unique requirements of each use case for protocol work in the IETF, which is why IETF working groups need to think about use cases in the first place. Maybe that's worth keeping in mind for any future use case drafts that the IESG will be evaluating?

Additional comment: I'm getting the following error message from my ballot e-mail, just FYI.

<vishwas@ionosnetworks.com> (expanded from
    <expand-draft-ietf-nvo3-use-case@virtual.ietf.org>): host
    aspmx.l.google.com[173.194.208.26] said: 550-5.1.1 The email account that
    you tried to reach does not exist. Please try 550-5.1.1 double-checking the
    recipient's email address for typos or 550-5.1.1 unnecessary spaces. Learn
    more at 550 5.1.1  https://support.google.com/mail/?p=NoSuchUser
    z201si2542080qkz.244 - gsmtp (in reply to RCPT TO command)

The security considerations text is pretty trite and not very
useful. The secdir review [1] makes some good points that
ought be reflected in the draft. An author seems to agree to
that's probably fine. 

In addition as a use-cases draft, the use-case of hiring a VM
in order to attack other VMs in the DC ought be at least
mentioned, and there has been substantial work on such attacks,
e.g., [2] is a new instance of such and [3] has links to many
published papers.

Presumably NVO3 intends to at least consider such attacks and
that probably warrants a mention here or else we risk building
new networks that are highly vulnerable to other VMs in the
DC. (Whether or not such consideration leads to changes in
NVO3 protocols is an open question for me, but I do hope that
the WG consider the issues and that the IESG check that that
has happened at the relevant time.)

[1] https://www.ietf.org/mail-archive/web/secdir/current/msg07055.html 
[2] https://media.ccc.de/v/33c3-8044-what_could_possibly_go_wrong_with_insert_x86_instruction_here
[3] https://scholar.google.com/scholar?as_ylo=2013&q=virtual+machine+cache+side+covert+channel+&hl=en&as_sdt=0,5

I strongly agree with Alvaro that there is not much value in publishing this document independently. e.g. I do not see why this use case content cannot be included as a part of the NVO3 architecture (draft-ietf-nvo3-arch) draft if it needs to be published at all. One of the main issues that I have is that it is not clear who the audience of this document is (other than the WG in its initial stages).