Network Space definition and aliases

[dshcherb]

There are already several definitions from different standard bodies and vendors to describe an "object" that contains set of things: an L3 address space, common routing mechanisms used by a single administrative entity, end hosts, routers, routing tables (FIBs) related to this particular object.

1. OSI model: routing domain (see 3.4.2):

A set of End Systems and Intermediate Systems which operate according to the same routeing procedures and which is wholly contained within a single Administrative Domain.

https://www.iso.org/obp/ui/#iso:std:25981:en
End Systems ~ hosts
Intermediate Systems ~ routers

2. Cisco, Cumulus Networks etc. and now the Linux kernel:

The VRF device combined with ip rules provides the ability to create virtual routing and forwarding domains (aka VRFs, VRF-lite to be specific) in the Linux network stack.

https://www.kernel.org/doc/Documentation/networking/vrf.txt

If you look close enough you will see a "virtual" OSI routing domain:

"... ability to create virtual routing ... domains (aka VRFs, VRF-lite to be specific) ..." ").

Routers participate in Routing and Forwarding hence the VRF name in my view.

3. Cisco: Virtual Network (VN):

The physical, ingress interface determines a virtual network identification of the data packet. The physical and virtual interfaces to a router are assigned to different virtual networks and therefore reside in their individual virtual routing tables. The router then associates a routing path or destination based on the virtual network the packet belongs to and makes a selection of an associated routing table to route the packet to its destination. Selection of the routing table according to its virtual network identification is referred to as Virtual Route Forwarding (VRF).

https://www.google.ch/patents/US8457117

4. Cisco: L3VPN:

A VPN is a collection of sites sharing a common routing table. A customer site is connected to the service provider network by one or more interfaces, and the service provider associates each interface with a VPN routing table. A VPN routing table is called a VPN routing/forwarding (VRF) table

VRF-lite uses input interfaces to distinguish routes for different VPNs and forms virtual packet-forwarding tables by associating one or more Layer 3 interfaces with each VRF. Interfaces in a VRF can be either physical, such as Ethernet ports, or logical, such as VLAN SVIs, but a Layer 3 interface cannot belong to more than one VRF at any time.

https://goo.gl/VRtW8f

In other words, L3 address space and routing table selection based on a set of physical or virtual interfaces.

5. OpenBSD: rdomain

completely independent routing table instance
assign 10.0.0.1/16 a dozen times
interfaces can be assigned to only one rdomain at a time
how we ’know’ which one incoming packets should use
rdomains always contain at least one rtable

https://man.openbsd.org/rdomain.4
https://www.openbsd.org/papers/eurobsdcon2014-rdomains.pdf

6. Huawei: vpn-instance

7. Juniper: Routing Instance (Virtual Router or VRF routing instances)
   ...

-) Canonical: Network Spaces
https://docs.ubuntu.com/maas/2.3/en/intro-concepts#spaces

A space is a logical grouping of VLANs whose subnets are able to communicate with one another. VLANs within each space need not belong to the same fabric. A default space is not created when MAAS is installed.

https://jujucharms.com/docs/2.3/network-spaces

Spaces represent sets of subnets that are available for running cloud instances that may span one or more availability zones ("zones"). There are a few simple considerations when using spaces:

Any given subnet can be part of one and only one space.
All subnets within a space are considered "equal" in terms of access control, firewall rules, and routing.
Communication between spaces will be subject to access restrictions and isolation, such as between instances running within subnets which are members of different spaces.

I suggest we modify the definition for network spaces in MAAS & Juju and give three aliases to it:

• Routing Domain (because this is the ISO standard term);
• VRF (because this has landed in the Linux kernel and is used by many vendors);
• L3 Virtual Network (and compare this to VLANs or even VXLANs) - it's simple to describe: "L3 is completely virtualized"

https://bugs.launchpad.net/juju/+bug/1737428 - the doc bug is in continuation of this feature request.

I think that having our own definition without any references to common terms only makes adoption harder for people who do not know our terms.

[degville]

Thanks for this, and for the detailed overview. We'll try to incorporate your suggestions into the Network Spaces definition.

[jamesbeedy]

Bump