E-VPN - leverage or discourage?

[asedeno]

At IETF-118 it was suggested we should take a solid stance on whether or not this should be used as a transport for E-VPN. Traditionally, E-VPN goes over VXLAN or NVGRE, which are not authenticated. This could provide a strongly encrypted and authenticated transport for data center interconnect.

I don't have an opinion here yet beyond thinking that E-VPN looks big and outside of my own scope of experience. I would want to understand more about where and how it is used.

https://en.wikipedia.org/wiki/Ethernet_VPN RFC 7209 - Requirements for Ethernet VPN (EVPN)

From the l2vpn final charter^1:

Ethernet VPN (E-VPN) - An enhanced Layer-2 service that emulates an Ethernet (V)LAN across a PSN. E-VPN supports load-sharing across multiple connections from a Layer-2 site to an L2VPN service. E-VPN is primarily targeted to support large-scale L2VPNs with resiliency requirements not satisfied by other L2VPN solutions.

[achernya]

I believe E-VPN can also use Geneve (RFC 8926 Geneve: Generic Network Virtualization Encapsulation, https://www.rfc-editor.org/rfc/rfc8926.html)

I also agree that I think E-VPN is probably out-of-scope initially? But nothing stops a future draft from developing E-VPN over connect-ethernet.

[dabernie]

Personally, I would have a tendency NOT to try and match EVPN architecture. Use case for connect-ethernet would be more around "how to leverage Application/QUIC based approach on doing tunnelling" instead of current model.

[asedeno]

I don't think we need to say anything about E-VPN in this draft.