#opendaylight-group-policy: gbp_arch

Meeting summary

1. 1. dlenrow thinks of virtual functions as EPGs, which can have contracts with other EPGs (tbachman, 17:13:36)
   2. an example contract can be send IP traffic to the internet, and service chain EPG would provide a contract to handle the chain to send to the internet (tbachman, 17:14:40)
   3. dlenrow asks whether EPGs can support sEPGs (tbachman, 17:14:58)
   4. recursion in the model is modeled as a linked list (tbachman, 17:15:10)
   5. due to a yang limitation (tbachman, 17:15:16)
   6. dlenrow thinks of chains as an ordered list of EPGs (tbachman, 17:15:39)
   7. dvorkinista says that the goal here is to provide intent, (tbachman, 17:16:08)
   8. and he thinks that enforcing the EPG in the hypervisor might not be the right thing to do. (tbachman, 17:16:22)
   9. b/c you might not be able to satisfy the constraints in the hypervisor (tbachman, 17:16:36)
   10. it would be nicer if we can think of a service chain as an ordered graph to which traffic is subjected (tbachman, 17:17:06)
   11. like filters or transformers (tbachman, 17:17:13)
   12. dvorkinista says these are functions you subject traffic to (tbachman, 17:17:30)
   13. (i.e. apply subject or set of subjects to the conversation) (tbachman, 17:17:53)
   14. dlenrow says that the job of assigning which EP in an EPG to send the traffic through is a job of the renderer (tbachman, 17:19:14)
   15. dvorkinista says this is essentially correct, but w/o a network address involved (tbachman, 17:19:44)
   16. paulq says that as long as you have a locator, that’s enough, regardless of locator (tbachman, 17:20:16)
   17. dvorkinista says that locator is an implementation detail. (tbachman, 17:20:25)
   18. as an example, a firewall followed by a load balancer, he doesn’t care what device, IP address, etc. (tbachman, 17:20:56)
   19. b/c the goal is to capture the intent in a portable way (tbachman, 17:21:08)
   20. dlenrow says that there’s still a policy that says that you want to go through something (e.g. firewall) (tbachman, 17:24:26)
   21. dvorkinista says it’s not a EP abstraction (tbachman, 17:24:39)
   22. where the abstraction is a service graph of logical functions, which can map 1:1 to a box, or N:N (tbachman, 17:24:57)
   23. dlenrow asks if we agree that from the network’s perspective, a function is something that we have to send packets throuugh (tbachman, 17:25:31)
   24. dvorkinista says not necesarrily (tbachman, 17:25:38)
   25. if it’s done in a hypervisor, you don’t redirect anything (tbachman, 17:25:49)
   26. b/c it’s all confined to the virtual switch (tbachman, 17:25:56)
   27. dlenrow says that the virtual function still has an IP address (tbachman, 17:26:10)
   28. dvorkinista says this can be enforced right in the hypervisor, like nicria/NSX zone-based security (tbachman, 17:26:42)
   29. dlenrow says that in an SDN domain, this is all enforced by a controller (tbachman, 17:27:05)
   30. https://cisco.webex.com/mw0401l/mywebex/default.do?siteurl=cisco&service=1&main_url=%2Fmc0901l%2Fmeetingcenter%2Fdefault.do%3Fsiteurl%3Dcisco%26main_url%3D%252Fmc0901l%252Fmeetingcenter%252Fmeetingend%252Flandingpage.do%253Fsiteurl%253Dcisco%2526ishost%253Dtrue%2526NM%253Dkrb%2526AD%253Dkrb%2540cisco.com%2526STD%253D1&rnd=-2133996819 (alagalah, 17:29:09)
   31. ACTION: dvorkinista will write up a sketch of the model he’s thinking, which can be discussed on monday or some other meeting (tbachman, 17:29:14)
   32. dlenrow says This is the nature of GBP hierarchical model. Operator admin defines some VFs and EPGs. tenant user is aware of EPGs like internet and engineering. Operator guy is aware of EPGs that are VFs. One simple uniform concept for all reqardless of sophistication (tbachman, 17:37:57)

Action items

1. dvorkinista will write up a sketch of the model he’s thinking, which can be discussed on monday or some other meeting

People present (lines said)

1. tbachman (57)
2. dlenrow (14)
3. paulq (4)
4. mickey_spiegel (4)
5. odl_meetbot (3)
6. dconde (2)
7. s3wong (2)
8. hemanthravi (2)
9. alagalah (1)