<html>
  <head>
    <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <div class="moz-cite-prefix">Hi everyone,<br>
      <br>
      2017-03-18, Vincent Jardin:<br>
    </div>
    <blockquote
      cite="mid:15ae0f94d18.27fc.bb328046f2889bc8f44aafa891a44dd2@6wind.com"
      type="cite">
      <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
      <div style="color: black;">
        <div style="color: black;">
          <p style="margin: 0 0 1em 0; color: black;">+Thomas to be on
            track.</p>
        </div>
      </div>
    </blockquote>
    <br>
    Vincent, you'll tell if what is below helped or not :)<br>
    <br>
    <blockquote
      cite="mid:15ae0f94d18.27fc.bb328046f2889bc8f44aafa891a44dd2@6wind.com"
      type="cite">
      <div style="color: black;">
        <div style="color: black;">
        </div>
        <div style="color: black;">
          <p style="color: black; font-size: 10pt; font-family: Arial,
            sans-serif; margin: 10pt 0;">
            Le 18 mars 2017 06:19:47 Vivek Venkatraman
            <a class="moz-txt-link-rfc2396E" href="mailto:vivek@cumulusnetworks.com"><vivek@cumulusnetworks.com></a> a écrit :</p>
          <blockquote type="cite" class="gmail_quote" style="margin: 0 0
            0 0.75ex; border-left: 1px solid #808080; padding-left:
            0.75ex;">
            <div dir="ltr">This is correct. By definition, if a router
              is the penultimate hop, it means the actual egress is
              downstream and has signaled (advertised) an implicit-null
              label to this router. The router doing the PHP knows the
              next hop to forward to (the egress) without doing any
              additional lookup.
            </div>
          </blockquote>
        </div>
      </div>
    </blockquote>
    <br>
    (Note that with BGP/MPLS VPNs this is the typical behavior, but it
    is not a mandatory behavior: the egress router may have advertise a
    real label (i.e. not implicit null) in which case the penultimate
    router will swap the topmost label of the stack, not seeing/touching
    the vpn label. This is also a behavior that relates to the use of
    MPLS for transit, but with MPLS-over-GRE or MPLS-over-UDP, MPLS can
    be used with IP transit, in which case this behavior is not used).<br>
    <br>
    <blockquote
      cite="mid:15ae0f94d18.27fc.bb328046f2889bc8f44aafa891a44dd2@6wind.com"
      type="cite">
      <div style="color: black;">
        <div style="color: black;">
          <blockquote type="cite" class="gmail_quote" style="margin: 0 0
            0 0.75ex; border-left: 1px solid #808080; padding-left:
            0.75ex;">
            <div dir="ltr">
              <div><br>
              </div>
              <div>This behavior should already be supported.</div>
            </div>
          </blockquote>
        </div>
      </div>
    </blockquote>
    <br>
    Yes, I can confirm that forwarding via a neighbor on an interface
    based on the incoming MPLS label is supported.<br>
    This is what we use in bagpipe IP VPN 'linux' driver [1].<br>
    <br>
    <blockquote
      cite="mid:15ae0f94d18.27fc.bb328046f2889bc8f44aafa891a44dd2@6wind.com"
      type="cite">
      <div style="color: black;">
        <div style="color: black;">
          <blockquote type="cite" class="gmail_quote" style="margin: 0 0
            0 0.75ex; border-left: 1px solid #808080; padding-left:
            0.75ex;">
            <div dir="ltr">
              <div><br>
              </div>
              <div>What is not supported (if I remember right) is the
                ability on the egress to terminate a label and perform a
                (route) lookup.  That is needed to really be able to
                support any L2/L3 VPN service properly.</div>
            </div>
          </blockquote>
        </div>
      </div>
    </blockquote>
    <br>
    I think it is a requirement to have something efficient to trigger a
    lookup in any {routing table, vrf interface, netns}.<br>
    <br>
    I hadn't tried (because no need). I thought we might achieve
    something like that by forwarding the packet on 'lo', or on a vrf
    interface, or on a veth device: wouldn't this kind of next hop
    specification trigger a re-enter of the packet in the IP stack after
    the pop operation ?<br>
    <br>
    -Thomas<br>
    <br>
    [1]
<a class="moz-txt-link-freetext" href="http://git.openstack.org/cgit/openstack/networking-bagpipe/tree/networking_bagpipe/bagpipe_bgp/vpn/ipvpn/mpls_linux_dataplane.py#n194">http://git.openstack.org/cgit/openstack/networking-bagpipe/tree/networking_bagpipe/bagpipe_bgp/vpn/ipvpn/mpls_linux_dataplane.py#n194</a><br>
    <br>
    <br>
    <br>
    <blockquote
      cite="mid:15ae0f94d18.27fc.bb328046f2889bc8f44aafa891a44dd2@6wind.com"
      type="cite">
      <div style="color: black;">
        <div style="color: black;">
          <blockquote type="cite" class="gmail_quote" style="margin: 0 0
            0 0.75ex; border-left: 1px solid #808080; padding-left:
            0.75ex;">
            <div dir="ltr">
            </div>
            <div class="gmail_extra"><br>
              <div class="gmail_quote">On Thu, Mar 16, 2017 at 10:45 AM,
                Jeff Tantsura <span dir="ltr">
                  <<a moz-do-not-send="true"
                    href="mailto:jefftant@gmail.com" target="_blank">jefftant@gmail.com</a>></span>
                wrote:<br>
                <blockquote class="gmail_quote" style="margin:0 0 0
                  .8ex;border-left:1px #ccc solid;padding-left:1ex">
                  Donald,<br>
                  <br>
                  Wrt PHP, this is incorrect, PHP node MUST not perform
                  IP lookup, or in fact any lookup after POP. In most
                  cases (labeled services, L2/L3 VPN) there's another
                  label(s) in the stack, looking it up would be fatal.<br>
                  <br>
                  Regards,<br>
                  Jeff<br>
                  <br>
                  > On Mar 15, 2017, at 08:05, Donald Sharp <<a
                    moz-do-not-send="true"
                    href="mailto:sharpd@cumulusnetworks.com">sharpd@cumulusnetworks.com</a>>
                  wrote:<br>
                  ><br>
                  > David/Roopa -<br>
                  ><br>
                  > Olivier asked me about these two issues yesterday
                  in the FRR Technical<br>
                  > Meeting.  I just wanted to make sure I didn't
                  loose track of these<br>
                  > questions that he had:<br>
                  ><br>
                  > 1) More than 2 labels in the kernel at a time,
                  when will this be<br>
                  > allowed in the kernel?<br>
                  ><br>
                  >   -> David is currently working on this
                  issue.  When he is done it<br>
                  > will be upstreamed.  So soonish(tm).<br>
                  ><br>
                  > 2) PenUltimate Hop Popping:<br>
                  ><br>
                  > I know this issue is not trivial to solve. In
                  fact, once the POP<br>
                  > instruction perform, the packet must re-enter in
                  the IP packet<br>
                  > processing to determine what action must apply. A
                  possible solution<br>
                  > would be to process this packet as a new incoming
                  IP packet when<br>
                  > output interface is the loopback disregarding the
                  IP address value.<br>
                  > But, this issue is less urgent than the first
                  one. Our OSPF Segment<br>
                  > Routing implementation could announce if the
                  router works in<br>
                  > PenUltimate Hop Poping mode or not. So, for the
                  moment, the option is<br>
                  > force to yes.<br>
                  ><br>
                  > thanks!<br>
                  ><br>
                  > donald<br>
                  ><br>
                  > ______________________________<wbr>_________________<br>
                  > frr mailing list<br>
                  > <a moz-do-not-send="true"
                    href="mailto:frr@lists.nox.tf">frr@lists.nox.tf</a><br>
                  > <a moz-do-not-send="true"
                    href="https://lists.nox.tf/listinfo/frr"
                    rel="noreferrer" target="_blank">https://lists.nox.tf/listinfo/<wbr>frr</a><br>
                  <br>
                  ______________________________<wbr>_________________<br>
                  frr mailing list<br>
                  <a moz-do-not-send="true"
                    href="mailto:frr@lists.nox.tf">frr@lists.nox.tf</a><br>
                  <a moz-do-not-send="true"
                    href="https://lists.nox.tf/listinfo/frr"
                    rel="noreferrer" target="_blank">https://lists.nox.tf/listinfo/<wbr>frr</a><br>
                </blockquote>
              </div>
              <br>
            </div>
            _______________________________________________<br>
            frr mailing list<br>
            <a moz-do-not-send="true" class="aqm-autolink aqm-autowrap"
              href="mailto:frr%40lists.nox.tf">frr@lists.nox.tf</a><br>
            <a moz-do-not-send="true" class="aqm-autolink aqm-autowrap"
              href="https://lists.nox.tf/listinfo/frr">https://lists.nox.tf/listinfo/frr</a><br>
          </blockquote>
        </div>
      </div>
    </blockquote>
    <p><br>
    </p>
  </body>
</html>