►
From YouTube: IETF93-L3SM-20150722-1550
Description
L3SM meeting session at IETF93
2015/07/22 1550
A
Easy
in
fact,
within
the
module
we
have
a
list
of
VPN
VPN
is
belonging
to
one
customer,
but
for
sure
one
customer
can
have
multiple
VPN.
So
we
have
some
reference
to
the
customer
mome
within
the
VPN
service.
We
are
also
some
naming
or
IDs
that
can
be
used
for
internal
purpose
from
service
provider.
The
wrong
pattern
points
is
the
topology
of
the
VPN,
so
we
have
today
free
type
of
topology
any
to
any
urban
spoken
urban
spoke
design,
so
wealthy
hub
cannot
talk
between
each
other.
A
It
can
easily
be
extended
as
well
using
some
identity
for
service.
Then
we
in
the
IP
VPN
we
are
selling
it
I
think
there
was
a
consensus
between
via
operators.
Now
we
are
no
more
selling
just
an
idea.
There
is
a
lot
of
services
on
it
and
one
of
the
famous
one
is
selling
attachment
to
some
clouds,
so
private
clouds
public
cloud.
So
this
is
something
that
wishing
is
necessary
to
include
where
to
include
it.
A
Is
it
the
right
way
to
weather
it
or
not
be
something
that
we
need
to
discuss,
but
at
least
we
have
some
proposal
here.
So
we
can
refer
a
list
of
clouds
at
the
VPN
must
access,
or
we
are
sort
of
cloud
identifier
which
is
purely
internal
to
the
service
provider
to
say.
Ok,
this
code
is
associated,
for
example,
to
access
to
Microsoft
or
to
Amazon
or
two
just
to
internet,
and
we
can
define
the
list
of
sites
that
can
access
our
not
access
to
add
to
this
cloud.
A
There
also,
we
also
provide
the
ability
to
provide
some
network
address
translation
required
and
especially
if
the
customer
is
providing
SVP
be
captured
by
storm
to
perform
the
net.
Very
our
system,
parameters
regarding
multicast
the
cast
is
a
bit
tricky,
because
sometimes
we
absolutely
need
to
discuss
some
parameters
with
the
customers.
So,
for
example,
is
a
type
of
a
tree
that
to
be
used
when
it's
a
sm,
for
example,
multicasts.
We
need
to
to
discuss
what
would
be
the
position
of
the
rendezvous
point
if
the
customer
want
to
specific
setup.
C
A
So
within
the
side
we
have
a
sort
of
identifiers
also
which
is
purely
internal
to
the
service
provider,
to
identify
the
sites
uniquely
and
then
there
are
a
lot
of
parameters.
I
will
detach
some
of
them
after
the
one
of
the
first
one
is
a
size
type
which
will
represent
the
whole
of
the
site
within
the
topology.
So
especially
for
urban
spoke,
so
is
recited
spoken
in
Sita
easy
to
ABBA.
A
So
then
we
have
a
lot
of
parameter,
location,
/,
customer
side
of
your
city
and
so
on.
I
will
detail
it
in
the
next
slide.
So
if
you
can
skip
to
the
next,
so
the
side,
education,
so
if
in
the
backbone
network,
so
we
have
to
film
pups
and
when
the
customer
is
asking
for
a
new
site,
we
need
to
be
able
to
locate
what
is
the
best
place
to
mesh
this
customer.
A
So
the
parameters
that
are
requiring
from
the
question
are
really
simple:
just
via
rise
of
the
site,
so
straight
city
country,
the
usual
addressing
parameters,
and
then
we
are
expecting
the
orchestration
to
take
those
parameters.
Maybe
have
some
interconnexion
with
some
OSS
to
be
able
to
find
the
best
machine
point
which,
in
the
provider
network
next
slide
side
diversity.
Yet.
B
D
A
This
is
site
diversity,
so
in
some
specific
cases,
see
I.
Think
one
of
the
most
simple
example
is
he
ebensburg
ish.
You
have
two
connections,
and
so
if
you're
up
site
is
a
medium
to
the
network,
you
don't
want
to
add
the
two
connections
to
be
on
the
same
model.
Otherwise,
where
is
a
single
point
of
failure?
So
we
need
to
be
able
to
provide
some
diversity
service
to
my
customer,
so
we
are
proposing
to
thin
arrows.
A
So
one
of
the
first
one
is
to
be
able
to
provide
a
puppy
diversity,
so
the
other
side,
part
of
the
group,
must
be
provision
on
another
prop.
Oh
just
we
call
this
p
diversity,
so
it's
really
focused
on
bgp
based
real
food
chain,
but
we
may
change
the
naming
like
it's,
not
diversity,
don't
mesh
society
of
a
common
group
on
the
same
null.
A
So
this
is
useful
for
primary
backup
scenario,
but
this
is
also
useful
from,
for
example,
if
you
have
some
bank
that
has
a
lot
of
agents
affiliates
within
a
specific
region-
and
you
are
many
notes-
you
don't
want
to
add,
for
example,
100
of
connections
for
a
single
customer.
On
the
same
that
so
you
need.
We
need
to
split
the
connections.
A
Next
one
so
site
either
availability,
so
it's
between
to
the
previous
one.
So
if
I
have
a
site
which
requires
some
redundancy,
I
need
to
be
able
to
create
with
redundancies
and
I,
also
adding
two
attachments
or
three
attachments
or
attachments
or
whatever,
so
we
are
proposing
free
options
that
can
also
easy.
It's
easy
to
augment
it.
So
the
first
option
is
a
single,
so
no
redundancy
basic
scenario,
the
other
one
is
primary
backup.
A
So
when
defining
the
site,
I
know
the
availability
options,
or
is
it
part
of
a
primary
backup
or
load
sharing,
and
then
I
have
also
a
kind
of
hole
of
the
site
within
this
availability
service,
so
easy
to
primary?
Or
is
it
the
backup?
So
we
have
both
informations
next
site
the
site
attachment.
So
we
need
to
be
able
yet
jetty.
C
A
So
sight
attachment,
so
this
container
will
describe
ow
what
are
the
parameters
to
mesh
with
customer
site
on
the
provider
network.
So
there
are
multiple
parameters,
so
we
have
a
container
for
the
bureau,
so
maybe
the
physical
realm
or
whatever
attachment.
So
today,
so
it's
quite
empty.
We
just
provide
some
some
strings
to
give
some
external
reference
or
whatever,
but
we
don't
really
see
what
what
to
put
inside.
So,
if
someone
has
some
ideas,
it's
necessary
to
put
some
parameters
feel
free.
E
C
A
A
We
need
a
parameter
to
say:
okay,
how
are
we
addressing
will
be
done
each
static?
Is
it
dhcp
or
whatever?
So
we
have
the
multiple
options.
Well
also,
is
there
a
need
for
routing
protocol,
because
this
is
something
that
we
need
to
agree
with
the
customer,
because
if
the
customer
is
running
ospf
and
we
buy,
if
we
by
default
configure
is,
is
it
will
not
work?
I
vanish
is:
is
it's
not
a
pc
protocol?
A
So
we
can
decide
what
type
of
protocol
is
is
used,
but
there
is
no
much
parameter
to
put
here
because
it's
as
we
mentioned,
it's,
not
a
configuration
device
configuration
model,
we
just
need
to
say:
okay,
I
won't
be
a
bgp
session,
but
to
build
this
BG
possession
I,
don't
need
to
say
I
want
to
establish
a
neighbor,
because
my
orchestration
can
vary.
The
neighbor
address
directly
from
the
ipv4
address
that
has
been
allocated.
So
that's
why
there
is
no
a
lot
of
parameters
to
describe
here
for
some
protocols,
like
always
be
I.
A
A
Next
slide
now,
on
top
of
this
attachment,
we
will
provide
some
with
a
services.
So
we
call
these
services,
as
the
services
that
we
are
proposing
is
four
examples
of
quality
options
being
able
to
decide
or
okay.
What
has
a
class
of
service
that
I
want
to
propose
to
the
customer
and
what
will
be
the
age
or
surveys
for
the
creative
service
based
two
options.
The
first
options,
which
is
easy
one,
is
to
propose
to
the
customer
some
well-known
define
profit,
so
silver
or
gold,
platinum
and
so
on.
A
So
we
can
use
just
a
string,
so
standard
cost
profile
using
a
string
to
say.
Okay,
I
just
want
this
profile,
but
send
your
confession
knows
the
parameters
associated
with
this
profiles,
but
as
a
service
provider,
there
are
a
lot
of
customers
that
are
requesting
your
lady,
flexible
quality
of
service
parameters.
So
we
are
ready
asking
some
to
define
their
own
class
of
services
on
their
own
constraints.
A
So
we
need
to
provide
this
ability
to
power
to
configure
flexible
profiles
and
then
it's
more
complex
to
abstract,
and
this
is
something
that
is
quite
similar
to
a
device
configuration
because
we
need
to
dish
to
configure
the
different
class
and
what
is
a
behavior
of
the
class.
So
what
is
the
bandwidth
or
gadget
bandwidth
that
is
necessary?
What
is
a
priority
of
the
class
compared
to
a
two-hour
awesome?
It's
a
bit
more
tricky
traps
right,
so
those
system
parameters
regarding
the
IP
bandwidth
we
are
committing
on.
A
F
A
F
A
So
far,
traffic
protection,
as
usual,
very
slim
production,
not
protection
or
some
fancy
options.
Whatever
forsand
question.
Ok,
ok
for
some
specific
customers
were
also
some
requirements
of
running
NP
RS
with
the
customer
side.
So
this
is
a
motion
that
we
are
supporting
and
also
submerging
s-parameter,
so
easy
to
receiver
side
heat
source
site,
or
is
it
both.
C
Question
so
on
curity
kampala,
I
had
to
answer
your
question
on
the
email.
These
are
the
things
I
think
not
the
last
one
but
the
rest
of
them.
You
could
put
in
VPN
services
as
it
default
for
all
the
sites
unless
is
overridden
by
the
site.
So
typically
you
know
the
qos.
I
mean
it
can
change.
The
bandwidth
can
change
from
side
to
side,
but
you
could
say
this
the
default
and
then
you
can
put
it
for
a
site.
The
way
you
have
it
right
now
for
every
side
you
have
to
define
it
ago.
C
A
A
A
Easy
next
slide.
What
we
are
proposing
here
in
the
current
version
does
with
for
sure.
This
is
something
that
we
need
to
discuss
is
to
introduce
the
notion
of
native
VPN,
because
I
don't
have
a
crime
number,
but
I
number
of
ipg
piensa,
just
any
2000
burns
work.
So
there
is
no
need
to
define
fancy
policies
to
say:
I
want
to
import,
is
VPN
or
export
the
same,
video
hey!
We
can
abstract
this
just
by
taking
into
account
the
topology
that
we
provided
in
the
VPN
configuration
as
if
I
went,
would
use
this
natively
p.m.
A
so
native
VPN
is
the
basic
rule
that
will
be
applied
for
the
communication
of
this
site,
so
if
it's
any
to
any,
it
will
access
to
all
the
other
site
within
the
VPN.
So
we
expect
the
orchestration
to
the
read
this
behavior
to
the
appropriator,
a
high
target
import
export
policy.
But
here
we
are
not
talking
about
how
targets
or
whatever
complex
policies.
A
So
that's
why
a
site
kadon
belong
only
to
a
single
native
European,
so
single
native
Rypien,
but
this
does
not
mean
that
it
cannot
be
part
of
multiple
olympians.
We
will
see
this
a
little
bit
after
so
in
societies
belonging
to
180,
VPN
VPN
policy
will
be
derived
from
the
topology
of
the
PPN
that
we
defined
in
the
VPN
container
22
under
the
complex
scenario
that
I
described
before
next
slide.
A
So
why
not
allowing
for
multiple
native
VPNs?
If
we
consider
urban's
book
there
may
be
some
tricky
scenario
where
a
site
is
a
spoke
for
a
VPN
and
a
hub
for
another
VPN.
So
here
comes
in
complexity.
That's
why
I
was
not
willing
favorite
to
put
just
a
list
of
VPN.
We
need
something
that
is
more
flexible
in
term
of
modeling
attachment
to
view
/
VPNs,
so
next
slide,
so
the
proposal
that
we
are
doing
now,
but
I'm
not
completely.
A
Finally,
this
proposal
I
find
that
it's
a
bit
complex
and
maybe
two
it's
not
enough
obstructed
for
me.
We
need
to
model
the
communication
over,
so
we
need
to
have
something
that
is
as
flexible
as
the
VPN
policy
we
are
currently
defining
and
when
you
are
out
of
the
network,
so
we
have
the
ability
to
save
our
side,
okay,
in
which
VPN
I'm,
which
the
peanuts
are
interesting,
and
what
do
I
try
to
export
my
edition
online,
so
I
can
say
this
line
will
discuss
with
this
VPN
and
vislon
will
discuss
with
another
vision.
A
A
A
So
next
slide,
so
in
the
slide
you
will
see
that
I
providing
an
example
of
sight
configuration.
So
we
will
not
review
it
because
it's
a
a
bit
long
and
maybe
the
front
will
be
too
small.
So
next
slide.
So
you
will
see
here
you
have
the
xml
configuration
of
a
particular
site
and
I'll.
What
is
real,
cisco
router
configuration
that
can
be
direct
from
this
just.
A
Next
slide
site
templates,
so
charity,
as
you
pointed
the
configuration
of
the
site,
can
be
really
really
complex
and
within
a
VPN
for
example,
urban
spoke
also
xpac
site
may
add
the
same
configuration
so
tool
immediately
over
whether
we
are
operating
to
create
some
site
template.
So
when
you
are
creating
the
site,
there
is
a
next
I
place.
Where
is
the
special
leaf,
which
is
template?
If
you
put
it
to
true,
you
are
it's
not
really?
It's
not
a
real
site,
it's
just
a
template,
so
you
can
define
some
parameters.
A
Not
all
you
can
shine
what
you
want
I'm,
what
section
you
want,
so
you
can
define
just
a
conspiracy
or
an
entire
site
or
just
availability,
information,
also
security
parameters
and
then
within
a
regular
site.
You
can
decide
to
apply
these
templates
at
a
specific
point,
so
a
top
level
service
level
at
attachment
level
security
section.
So
we
have
multiple
points
of
attachment
for
templates.
So
it's
making
the
confidence
of
modeling
and
configuration
easier.
A
B
B
B
A
B
A
So
for
sure
the
world
is
not
finished
yet
from
some
things
to
look
at.
So
there
were
some
comments
from
the
lease
term.
I
did
not
list
an
exhaustive
list
of
a
comment,
but
there
was
some
point
about
what
why
putting
via
cloud
configuration
regions
of
areas
a
VPN
may
be
creating
with
top-level
container
and
then
early
freshers?
Why
not
I'm
not
against
these?
Are
some
rewarding
to
be
a
to
be
change,
especially
if
you
want
to
generalize
this
to
any
child
of
lower
3gp
annum.
A
A
So
if
we
want
to
extend
it
to
any
kind
of
VPN,
visor
proofreading
to
be
done
to
go
to
ensure
that
everything
user
is
on
track
operational
States,
this
was
the
point
that
was
raised.
Maybe
the
first
edition
of
the
draft.
We
don't
know
if
there
is
something
more
to
do.
If
we
think
that
there
is
a
need
for
operational
States
we
can
discuss,
but
for
sure
we
don't
really
want
to
go
into
too
much
detail
about
the
operation
of
of
the
service.
A
Some
question
also
about
entire
yes,
is
it
working
fine
when
one
of
the
connection
is
all
the
VPN
is
coming
from
another
network,
so
partner,
for
example,
and
I
need
to
attach
some
site
on
my
local
network?
This
is
something
that
we
need
to
a
tourniquet
or
so
on.
I
braid
VPNs,
which
is
quite
a
bit
in
the
in
these
days
at
service
providers,
so
having
some
part
of
a
VPN
which
is
mpls
layer,
free
and
some
part
which
are
built
about
ipsec.
A
H
That
gives
us
a
sort
of
an
operational
question,
you're
tracking
some
issues
here
on
slide.
Where
there's
some
emails
on
the
list.
They've
been
some
comments
in
this
meeting.
There
will
be
more
issues.
How
shall
we,
as
a
as
a
team,
keep
on
top
of
that?
Would
you
like
to
use
the
tools
issue
tracker?
Would
you
like
to
a
wiki
page?
A
H
C
Need
a
bigger
room
so
cheery
to
compare
one.
Other
question
is:
how
do
you
get
consensus
from
other
providers
that
this
model
covers
what
they
need,
so
there's
a
list
of
providers
already
co-authors
and
you
don't
have
to
make
every
provider
in
the
world
a
quarter.
But
how
do
you
get
your
sort
of
fav,
it's
okay
from
them?
It's.
A
H
C
I
There's
an
exercise
that
you
could
go
through
for
some
subset
of
your
customers,
fill
out
this
yang
data
module
and
then
try
to
configure
the
routers.
If
you
can
do
it
with
only
the
information
in
the
data
model,
you
win
the
conversations
over
the
middle
if
you
exercise
at
the
recital
it's
working
for
price.
So
this
is
the
next
question
is
next
week
your
marketing
guys
will
dream
up
a
new
service.
I
H
A
I
would
cease
without
Envy
syntax
I
think
we
are
almost
good.
There
is
nothing
special
to
race,
but
we
regarding
the
question
from
maturity
about
some
modernization.
I
think
were
some
things
that
we
can
run
makes
the
Explorer
as
groupings.
So
it
may,
if
you
tap
a
knowledge
whatever,
but
these
machines
more
reusable,
even
if
it's
not
shoes
after
but
whatever
so
exercise
is
not
too
complex.
So
at
least
for
some
parameters
that
are
easy.
Okay,.
G
But
while
speaking
so
I
was
kind
of
expecting
this
question
right.
The
point
is
that
six
months
and
nine
months
ago
one
of
our
routing,
80s
and
Adriana
was
one
of
them
and
myself.
We
wanted
the
operators
and
we
asked
and
only
operators
by
the
way-
and
we
asked
them,
do
you
believe
in
two
communities
for
an
l3v
p.m.
service
servicing
model,
and
they
said
we
think
we
do
but
you're
not
sure
yet.
So
what
happened?
G
The
background
is
a
couple
of
WebEx
calls
with
only
those
operators
and
every
and
I
we
monitor
a
couple
of
those,
but
not
the
details,
and
they
said
Indian.
Yes,
we
have
committees.
This
was
a
starting
point
to
create
this
working
group.
Now
we
might
be
thinking
there
is
energy.
We've
got
a
good
draft.
Next
step
is
enough
to
sm
right
the
thing
which
is
slightly,
which
might
be
more
difficulty
that
l
to
ascend
better
technology,
so
it
we
will
have
to
ask
ourself
if
there
are
communities
for
them
to
sm
as
well.
G
You
know
we've
did
that
in
phases.
We
are
the
face
where
it
start
to
be
good
work.
If
we
might
be
thinking
about
their
to
sm,
if
there
is
communities,
actually
I
was
asking
one
of
the
operators.
Yesterday
is
exact
question
that
you
asked
for
l
three
sm
is
there,
amongst
you,
guys
and
math
humanities
for
l2
sm
home
work
to
be
done.
I
would
like
the
operators
to
do
this
homework,
but
we're
asking
a
lot
of
deep
from
these
operators
these
days
riding
the
ITF
so.
E
A
No
I
will
bring
your
point
three
layer.
Two
VPNs
are
simple
in
tariffs.
I
would
say,
features
but
we're
getting
some
times
where
the
service
you
are
providing
is
really
dependent
to
the
technology.
You
are
choosing.
Should
you
use
a
VPN
or
VPS
or
bgp
based
layer,
2
VPNs?
You
will
have
a
lot
of
limitation
depending
on
what
you
are,
so
the
service
is
defined
by
the
technology.
A
C
Qt
Compellent,
so
I
agree
with
you
the
VPN
service
part,
but
if
you
factor
out
the
qos,
if
you
factor
out
the
bandwidth,
the
availability,
more
EVP
n,
then
vpls,
because
we
never
did
your
active
active
multihoming.
We
thought
about
it,
but
for
EVP
and
supposedly
you
have
a
key
rack,
you
want
a
homing
and,
of
course,
active
backup,
so
I
think
that's
why
you're
extracting
these
waiting
furthers
answer
from
the
providers
on
alto
sm
will
be
ready
and.
G
H
I
think
what
I
heard
is
here
is
that
the
committee
is
volunteering
to
go
away
and
do
some
analysis
right.
Yes,
he's
not.
Volunteering
he's
required
to
go
away
and
do
some
analysis
of
of
what
the
commonalities
are
across
l2
and
l3,
and
maybe
a
one
since
that
was
his
fault
originated
and
also,
then
that
has
to
include
looking
at
the
MAF
and
the
work
they've
already
done
on
young
levels
and
fortunately
all
that
can
be
done
as
private
home
work
and
does
not
have
to
be
brought
back
to
this
working
road.
H
H
H
And
they're
very
shy
as
well
as
service
providers.
Okay,
thank
you
thank
you,
and
that
takes
us
to
the
piece
of
the
agenda
that
was
marked
any
other
business.
We
asked
for
a
60
minute
slot,
which
was
actually
turns
out
to
have
been
really
good
guesswork.
We've
got
given
90
minutes,
so
we
have
time
for
anybody
to
come
to
the
mic
and
say
anything
else
about
layer,
3,
certain
levels.
J
True
from
china,
telecom
I
had
some
thoughts
about
about
the
roller
controller.
Is
this
the
architecture
you
know
a
complaint
will
have
some
projects
to
control
the
network
resources
for
faster
service
programming.
You
know
that
work,
so
my
question
is
most
of
this
because,
as
far
as
we
know,
many
operators
are
drawing
some
open
source
project
which
is
focused
on
controller
such
as
open
tonight
on
us.
So
my
question
is:
what's
the
relationship
between
the
operation
here
and
the
open
sauce
controller?
H
And
I
think
you
could
certainly
make
an
argument
that
that
work
needs
to
be
done.
He
it
needs
to
be
done
somewhere
and
I
think
that
somewhere
is
not
in
this
room.
In
other
words,
it's
not
an
l,
three
sm
not
a
year
Sesma
rain,
but
it
has
to
be
informed
by
the
work
we
do
here,
because
the
thing
that
is
being
orchestrated
is
a
layer,
3,
VPN,
okay,.
D
H
Has
been
defined
using
our
service
model
and
it's
it's
mapping
through
to
all
the
other
young
models
that
are
being
done
elsewhere
in
the
IDF
and
I
sort
of
look
at
Benoit
who's,
a
maybe
avoiding
my
eyes
to
say
you
do
do!
Does
that
fit
that
that
I
suppose
it's
a
northbound
interface
towards
the
service
orchestrator
does
that
fit
anywhere
in
the
ops
area
at
the
moment.
C
Qt
compeller,
so
it
started
biter,
it's
not
a
unidirectional
thing.
You
might
think
of
it.
That
way
here,
but
Stefan
just
referred
to
a
small
part
of
this.
When
you
give
the
GPS
coordinates
for
where
the
site
is
up
to
us
orchestrator
what
to
do.
But
if
you
say
I
want
such
and
such
a
bandwidth,
you
might
have
one
arm.
H
I
am
I
my
the
picture
that
I
draw,
which
is
not
this
one,
has
actually
two
orchestrators:
it
has
a
service
orchestrator
and
a
network
orchestrator,
and
so
now
we've
got
even
more
interfaces
to
to
worry
about,
but
that
you're
right
starting
at
the
edges.
You
know
we
have
lots
of
stuff
for
talking
to
the
devices
and
now
we're
starting
at
the
top
edge
and
and
hopefully
somewhere
in
the
middle,
we'll
miss
completely.
G
Oh
thank
you,
but,
while
speaking
so
just
to
complement
that
I
think
that
the
only
common
thing
that
we've
got
here
is
a
data
model
in
a
same
language.
Si
Yang
and,
as
you
said,
we've
got
multiple
interfaces
because
we've
got
my
black
picture,
one
controller,
two
controllers
next
to
each
other,
orchestrator,
etc.
G
H
J
My
name
is
david
from
hobby.
We
think
the
s-phase
service
model
is
good
for
the
operator
to
enable
service,
agility
and
a
service
or
emotion.
So
we
made
a
early
demo,
would
choose,
show
or
direct
you
meditated
it
so,
and
we
will
shoot
a
demo
in
peace
and
device
on
Thursday
night.
So
if
you
are
into
ski
welcome
to
looks
at
mo
thanks
very
much.