Network Working Group J. Dong Internet-Draft S. Bryant Intended status: Standards Track Huawei Technologies Expires: April 25, 2019 Z. Li China Mobile T. Miyasaka KDDI Corporation October 22, 2018 Segment Routing for Enhanced VPN Service draft-dong-spring-sr-for-enhanced-vpn-02 Abstract Enhanced VPN (VPN+) is an enhancement to VPN technology to enable it to support the needs of new applications, particularly applications that are associated with 5G services. These applications require better isolation from both control and data plane's perspective and have more stringent performance requirements than can be provided with overlay VPNs. The characteristics of an enhanced VPN as perceived by its tenant needs to be comparable to those of a dedicated private network. This requires tight integration between the overlay VPN and the underlay network resources in a scalable manner. An enhanced VPN may form the underpinning of 5G network slicing, but will also be of use in its own right. This document describes the use of segment routing based mechanisms to provide the enhanced VPN service with dedicated network resources. The proposed mechanism is applicable to both SR with MPLS data plane and SR with IPv6 data plane (SRv6). Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on April 25, 2019. Dong, et al. Expires April 25, 2019 [Page 1] Internet-Draft SR for VPN+ October 2018 Copyright Notice Copyright (c) 2018 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Requirements Notation . . . . . . . . . . . . . . . . . . . . 4 3. Segment Routing with Resource Awareness . . . . . . . . . . . 4 4. Control Plane . . . . . . . . . . . . . . . . . . . . . . . . 5 5. Procedures . . . . . . . . . . . . . . . . . . . . . . . . . 5 5.1. Topology and Resource Computation . . . . . . . . . . . . 6 5.2. Network Resource and SID Allocation . . . . . . . . . . . 6 5.3. Construction of SR Virtual Networks . . . . . . . . . . . 8 5.4. VPN Service to SR Virtual Network Mapping . . . . . . . . 9 5.5. Network Visibility to Customer . . . . . . . . . . . . . 9 6. Benefits of the Proposed Mechanism . . . . . . . . . . . . . 9 6.1. MPLS-TP . . . . . . . . . . . . . . . . . . . . . . . . . 10 6.2. RSVP-TE . . . . . . . . . . . . . . . . . . . . . . . . . 10 6.3. Basic SR . . . . . . . . . . . . . . . . . . . . . . . . 10 6.4. SR with Resource Awareness . . . . . . . . . . . . . . . 11 7. Service Assurance . . . . . . . . . . . . . . . . . . . . . . 11 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 9. Security Considerations . . . . . . . . . . . . . . . . . . . 12 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 12 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 12 11.1. Normative References . . . . . . . . . . . . . . . . . . 12 11.2. Informative References . . . . . . . . . . . . . . . . . 13 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 15 1. Introduction Driven largely by needs arising from the 5G mobile network design, the concept of network slicing has gained traction [NGMN-NS-Concept] [TS23501][TS28530] [BBF-SD406]. Network slicing requires the transport network to support partitioning the network resources to provide the client with dedicated (private) networking, computing, Dong, et al. Expires April 25, 2019 [Page 2] Internet-Draft SR for VPN+ October 2018 and storage resources drawn from a shared pool. The slices may be seen as (and operated as) virtual networks. Thus there is a need to create virtual networks with enhanced characteristics. The tenant of such a virtual network can require a degree of isolation and performance that previously could only be satisfied by dedicated networks. Additionally the tenant may ask for some level of control to their virtual network e.g. to customize the service paths in the network slice. The enhanced VPN service (VPN+) as described in [I-D.dong-teas-enhanced-vpn] is targeted at new applications which require better isolation from both control plane and data plane's perspective and have more stringent performance requirements than can be provided with existing overlay VPNs. An enhanced VPN may form the underpinning of network slicing, but will also be of use in its own right. Although each VPN can be associated with a set of dedicated RSVP-TE [RFC3209] LSPs with bandwidth reservation to provide some guarantee to service performance, such mechanisms would introduce per-VPN per- path states into the network, which is known to have scalability issues [RFC5439] and has not been widely adopted in production networks. Segment Routing (SR) [I-D.ietf-spring-segment-routing] specifies a mechanism to steer packets through an ordered list of segments. It can achieve explicit source routing without introducing per-path state into the network. Like RSVP-TE, SR also supports source specification of the packet path. However, currently SR does not have the capability of reserving or identifying different network resources for different services or customers. Although the controller can have global view of network state and can provision different services onto different SR paths, in the data plane it still relies on traditional DiffServ QoS model to provide coarse- grained traffic differentiation in the network. While this may be sufficient for some traditional services, it cannot meet the requirement of the enhanced VPN service. This document extends the SR paradigm by allocating different Segment Identifiers (SIDs) to represent the different subset of resources allocated on each network elements (links or nodes). The SIDs associated with particular network resources can be used to construct customized virtual networks for different services, the SID can also be used to steer the service traffic to be processed with the corresponding allocated resources. This mechanism can be used to provide the enhanced VPN service with dedicated network resources. Dong, et al. Expires April 25, 2019 [Page 3] Internet-Draft SR for VPN+ October 2018 The proposed mechanism is applicable to both SR with MPLS data plane and SR with IPv6 data plane (SRv6). 2. Requirements Notation The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 RFC 2119 [RFC2119] RFC8174 [RFC8174][when, and only when, they appear in all capitals, as shown here. 3. Segment Routing with Resource Awareness In segment routing, several types of segments are defined to represent either topological elements or service instructions. A topological segment may be a node segment or an adjacency segment. Some other types of segments may be associated with specific service functions for service chaining purpose. However, so far non of the SR segments are associated with network resources for the QoS purpose. In order to support the enhanced VPNs which require guaranteed performance and isolation from other services in the network, the overlay VPN needs to been integrated with underlay networks. Some dedicated network resources need to be allocated for enhanced VPN. When segment routing is used to build enhanced VPNs, it is necessary to associate the segments with network resources. By extending the segment routing paradigm, different set of network resources are allocated by network elements, and associated with dedicated SIDs. On one particular link, multiple adjacency segment identifiers (Adj-SIDs) can be allocated, each of which is associated with a subset of the link resource allocated, such as bandwidth, queues, etc. For one particular node, multiple node-SIDs can be allocated, each of which may be associated with a subset of resource allocated from the node, such as the processing resources. Per- segment resource allocation complies to the SR paradigm, which avoids introducing per-path state into the network. Different groups of SIDs associated with network resources can be used to build virtual networks for different enhanced VPNs, this provides the required isolation between enhanced VPNs. The adj-SIDs are used to steer traffic of different enhanced VPNs into different set of link resources. The node SIDs can be used to steer traffic of different enhanced VPNs into different node resources. The node SIDs can also be used to build loose SR paths for different enhanced VPNs. In this case, the node-SIDs are used by transit nodes to steer traffic into the local link resources allocated for the corresponding Dong, et al. Expires April 25, 2019 [Page 4] Internet-Draft SR for VPN+ October 2018 enhanced VPN. Note in this case Penultimate Hop Popping (PHP) [RFC3031] MUST be disabled, as the node-SID is used to identify the SR virtual network and the corresponding network resources allocated to the enhanced VPN. 4. Control Plane The architecture described in this document makes use of a centralized controller that collects the information about the network (configuration, state, routing databases, etc.) as well as the service information (traffic matrix, performance statistics, etc). The controller is also responsible for the centralized computation and optimization of the virtual network used for enhanced VPN. A distributed control plane is needed for the collection and distribution of the network topology and state information. Distributed routing computation for some services in the enhanced VPNs is also possible. 5. Procedures This section describes the procedures of provisioning an enhanced VPN service based on segment routing with resource awareness. According to the requirement of an enhanced VPN service, a centralized network controller calculates a subset of the underlay network topology to support this enhanced VPN. Within this topology, the network resources needed on each network element can also be determined. The network resources are allocated in a per-segment manner, and are associated with different node-SIDs and adj-SIDs. The group of the node-SIDs and adj-SIDs allocated for the enhanced VPN will be used by network nodes and the network controller to build a SR virtual topology, which is used as the logical underlay of the enhanced VPN service. The extensions to IGP protocol to distribute the SIDs and the associated resources allocated for a virtual network topology is specified in [I-D.dong-lsr-sr-enhanced-vpn]. Suppose that customer requests for an enhanced VPN service from the network operator. The fundamental requirement is that customer A's service does not experience interference from other services in the network, such as other customers' VPN services, or the non-VPN services in the network. The detailed requirements can be described with characteristics such as the following: o Service topology: the service sites and the connectivity between them o Service bandwidth: the bandwidth requirement between service sites Dong, et al. Expires April 25, 2019 [Page 5] Internet-Draft SR for VPN+ October 2018 o Isolation: the level of isolation from other services in the network o Reliability: whether fast repair or end-to-end protection is needed or not. o Latency o Jitter o Visibility: the customer may want to have some form of visibility of the network deliversing the service. 5.1. Topology and Resource Computation As described in section 4, a centralized network controller is responsible for the provisioning of enhanced VPNs. The controller needs to determine the information of network connectivity, network resources, network performance and other relevant network state of the underlay network. This is often done using either IGP [RFC5305] [RFC3630] [RFC7471] [RFC7810] or BGP-LS [RFC7752] [I-D.ietf-idr-te-pm-bgp]. Based on the network information collected from the underlay network, the controller computes the underlay topology (possibly using multiple algorithms) and knows the resources that are available and allocated. When a request is received from a tenant, the controller computes the subgraph of the underlay network, along with the resources to be allocated on each network element (e.g. links and nodes) in the topology to meet the tenant's requirements, whilst maintaining the needs of the existing tenants that are using the same network. 5.2. Network Resource and SID Allocation According to the output of computation, the network controller instructs the network devices involved in the subgraph to allocate the required network resources for the enhanced VPN. This can be done with either PCEP [RFC5440] or Netconf/YANG [RFC6241] [RFC7950] with necessary extensions. The network resources are allocated in a per-segment manner. In addition, dedicated segment identifiers, e.g. node-SIDs and adj-SIDs are also allocated to represent the network resources allocated for the enhanced VPN on each network segment. In the forwarding plane, there are multiple ways of allocating or reserving network resources to different enhanced VPNs. For example, FlexE may be used to partition the link resource into different sub- channels to achieve hard isolation between each other. The candidate Dong, et al. Expires April 25, 2019 [Page 6] Internet-Draft SR for VPN+ October 2018 data plane technologies of enhanced VPN can be found in [I-D.dong-teas-enhanced-vpn]. The SR SIDs are used as a good abstraction of the various types of network resource reservation mechanisms in the forwarding plane. Node-SIDs: Node-SIDs: r:101 r:102 g:201 Adj-SIDs: g:202 b:301 r:1001:1G r:1001:1G b:302 +-----+ g:2001:2G g:2001:2G +-----+ | A | b:3001:1G b:3001:1G | B |Adj-SIDs: | +------------------------+ + r:1003:1G Adj-SIDs +--+--+ +--+--+\g:2003:2G r:1002:1G| r:1002:1G| \ g:2002:2G| g:2002:2G| \ r:1001:1G b:3002:3G| b:3002:2G| \g:2001:2G | | \ +-----+ Node-SIDs: | | \+ E | r:105 | | /+ | g:205 r:1001:1G| r:1002:1G| / +-----+ g:2001:2G| g:2002:2G| /r:1002:1G b:3001:3G| b:3002:2G| / g:2002:2G +--+--+ +--+--+ / | | | |/r:1003:1G | C +------------------------+ D + g:2003:2G +-----+ r:1002:1G r:1001:1G +-----+ Node-SIDs: g:2002:1G g:2001:1G Node-SIDs: r:103 b:3002:2G b:3001:2G r:104 g:203 g:204 b:303 b:304 Figure 1. SIDs identify resources allocated to different virtual networks Figure 1 shows a network fragment of enhanced VPN supported by SR. Note that the format of the SIDs in this figure are for illustration, both SR-MPLS and SRv6 can be utilized as the data plane. In this example, there are three virtual topologies created for enhanced VPNs red (r) , green (g) and blue (b). The red and green topologies consist of nodes A, B, C, D, and E with all their interconnecting links, whilst the blue topology only consists of nodes A, B, C and D with all their interconnecting links. Each node allocates a dedicated adjacency SID for each link participating in a particular topology. Each node is also allocated with a dedicated node SID for each topology it participates in. The adj-SIDs are associated with the link resources (e.g. bandwidth) allocated to each topology, so that the adj-SIDs can be used to steer service of different enhanced VPNs into different set of reserved resources in the data plane. The node-SIDs can be associated with dedicated nodal resources allocated Dong, et al. Expires April 25, 2019 [Page 7] Internet-Draft SR for VPN+ October 2018 for each topology. In addition, the node-SIDs of different topologies can be used to build loose SR path within each virtual topology, and steer service of different enhanced VPNs into the different set of reserved resources in the data plane. In Figure 1, the notation x:nnnn:y that in topology colour x, the adj-SID nnnn will steer the packet over that link which has a total bandwidth of y assigned to that topology. Thus the note r:1002:1G in link C->D says that the red topology over link C->D has a reserved bandwidth of 1Gb/s and will be used by packets arriving at node C with an adj-SID 1002 at the top of the label stack. 5.3. Construction of SR Virtual Networks Each node MUST advertise its set of resources (allocated and available) and the associated SIDs both to the centralized controller and into the network. This can be achieve by many different means such as (non-exhaustive list) IGP extensions [I-D.dong-lsr-sr-enhanced-vpn], BGP-LS [RFC7752] with possible extensions, NETCONF/YANG [RFC6241] [RFC7950]. With the collected network resource and SIDs information, the controller and network nodes are able to construct the SR virtual topologies and forwarding entries using the node-SIDs and adj-SIDs allocated for each enhanced VPN. Unlike classic segment routing in which network resources are shared by all services and customers, the SR virtual networks are associated with dedicated resource allocated in the underlay, so that they can be used to meet the service requirement of enhanced VPN and provide the required isolation from other services in the same network. Figure 2 shows the virtual SR topologies created from the underlay network in Figure 1. 1001 1001 2001 2001 3001 3001 101---------102 201---------202 301---------302 | | \1003 | | \2003 | | 1002| 1002| \ 1001 2002| 2002| \ 2001 3002| 3002| | | 105 | | 205 | | 1001| 1002| / 1002 2001| 2002| / 2002 3001| 3002| | | / 1003 | | / 2003 | | 103---------104 203---------204 303---------304 1002 1001 1002 2001 3002 3001 Topology Red Topology Green Topology Blue Figure 2. SR virtual topologies using different groups of SIDs Dong, et al. Expires April 25, 2019 [Page 8] Internet-Draft SR for VPN+ October 2018 5.4. VPN Service to SR Virtual Network Mapping The services of an enhanced VPN customer can be provisioned using the customized SR virtual network as the underlay. In this way, services of different enhanced VPNs will only use the network resources allocated and will not interfere with each other. For each enhanced VPN customer, the service paths can be customized for different services within the SR virtual topology, and the allocated network resources are shared by different services of the same enhanced VPN customer. For example, to create a strict path along the path A-B-D-E in the red topology in Figure 2, the SR segment list in the service packet would be (1001, 1002, 1003). For the same strict path in green topology, the SR segment list would be (2001, 2002, 2003). In the case where we wish to construct a loose path A-D-E in the green topology, the service packet SHOULD be set with the SR segment list (201, 204, 205). At node A the packet is sent towards D via either node B or C using the link and node resources allocated for the green topology. At node D the packet is forwarded to E using the link and node resource allocated for the green topology. Similarly, a packet for the loose path A-D-E in the red topology would arrive at node A with the SID list (101, 104, 105). 5.5. Network Visibility to Customer The tenants of enhanced VPNs may request different granularity of visibility to the network which deliver the service. Depending on the requirement, the network can be exposed to the tenant either as a virtual network topology, or a set of computed paths with transit nodes, or simply the connectivity between endpoints without any path information. The visibility can be delivered through different possible mechanisms, such as IGPs (e.g. IS-IS, OSPF) or BGP-LS. In addition, the network operator may want to restrict the visibility of the information it delivers to the tenant by either hiding the transit nodes between sites (and only delivering the endpoints connectivity) or by hiding portions of the transit nodes (summarizing the path into fewer nodes). Mechanisms such as BGP-LS allow the flexibility of the advertisement of aggregated network information. 6. Benefits of the Proposed Mechanism The proposed mechanism provides several key characteristics: o Flexibility o Scalability Dong, et al. Expires April 25, 2019 [Page 9] Internet-Draft SR for VPN+ October 2018 o Resource isolation In addition to isolation, the proposed mechanism allows resource sharing between different services of the same enhanced VPN customer. This gives the customer more flexibility and control in service planning and provisioning, the experience would be similar to using a dedicated private network. The performance of critical services flows in a particular enhanced VPN can be further ensured using the mechanisms defined in [DetNet]. The detailed comparison with other candidates technologies are given in the following subsections. 6.1. MPLS-TP MPLS-TP could be enhanced to include the allocation of specific resources along the path to a specific LSP. This would require that the SDN system set up and maintain every resource at every path for every customer, and map this to the LSP in the data plane, hence at every hop unique LSP label is needed for each path. Whilst this would be a way to produce a proof of concept for network slicing of an MPLS underlay, delegation would be difficult, resulting in a high overhead and a system needing too much administration. This leads to scaling concerns. The number of labels needed at any node would be the total number of services passing through that node. Experience with early pseudowire designs shows that this can lead to scaling issues. 6.2. RSVP-TE RSVP-TE has the same scaling concern as MPLS-TP in terms of the number of LSPs that need to be maintained being equal to the number of services passing through any given node. It also has the two RSVP disadvantages that basic SR seeks to address: o The use of RSVP for path establishment in addition to the routing protocol used to discover the topology and the network resources. o The overhead of the soft-state maintenance associated with RSVP. The impact of this overhead would be exacerbated by the increased number of end to end paths requiring state maintenance. 6.3. Basic SR Compared to RSVP, SR reduces the number of control protocols to only the routing protocol. It also attempts to minimize the core state by pushing state into the packet, although in some cases the binding SIDs are required to overcome the limitations in the ability of some Dong, et al. Expires April 25, 2019 [Page 10] Internet-Draft SR for VPN+ October 2018 nodes to push large label stacks. Moreover, currently SR does not support resource allocation or identification below the level of link, and none at node level. This restricts the extent to which some particular tenant traffic can be isolated from other traffic in the network. 6.4. SR with Resource Awareness The approach described in this document seeks to achieve a compromise between the state limitations of traditional TE systems and the lack of resource awareness in basic SR. By segmenting the path and allocating network resources to each element of the virtual network topologies, the operator can choose the granularity of resource to path binding within a virtual topology. In network segments where resource is scarce such that the service requirement may not always be met, the SR approach can allocate specific resources to a particular high priority service. By contrast, in other parts of the network where resource is plentiful, the resource may be shared by a number of services. The decision to do this is in the hands of the operator. Because of the segmented nature of the path, resource aggregation is possible in a way that is more difficult with RSVP-TE and MPLS-TP due to the use of dedicated label to identify each end-to-end path. 7. Service Assurance In order to provide service assurance it is necessary to instrument the network at multiple levels. The network operator needs to ascertain that the underlay is operating correctly. A tenant needs to ascertain that their services are correctly operating. In principle these can use existing techniques. These are well known problems and solutions either exist or are in development to address them. New work is needed to instrument the virtual networks that are created. Such instrumentation needs to operate without causing disruption to other services using the network. Given the sensitivity of some applications, care needs to be taken to ensure that the instrumentation itself does not cause disruption either to the service being instrumented or to other services. 8. IANA Considerations This document makes no request of IANA. Note to RFC Editor: this section may be removed on publication as an RFC. Dong, et al. Expires April 25, 2019 [Page 11] Internet-Draft SR for VPN+ October 2018 9. Security Considerations The normal security considerations of VPNs are applicable and it is assumed that industry best practise is applied to an enhanced VPN. The security considerations of segment routing are applicable and it is assumed that these are applied to an enhanced VPN that uses SR. Some applications of enhanced VPNs are sensitive to packet latency; the enhanced VPNs provisioned to carry their traffic have latency SLAs. By disrupting the latency of such traffic an attack can be directly targeted at the customer application, or can be targeted at the network operator by causing them to violate their SLA, triggering commercial consequences. Dynamic attacks of this sort are not something that networks have traditionally guarded against, and networking techniques need to be developed to defend against this type of attack. By rigorously policing ingress traffic and carefully provisioning the resources provided to critical services this type of attack can be prevented. However case needs to be taken when providing shared resources, and when the network needs to be reconfigured as part of ongoing maintenance or in response to a failure. The details of the underlay MUST NOT be exposed to third parties, to prevent attacks aimed at exploiting a shared resource. 10. Acknowledgements The authors would like to thank Mach Chen, Zhenbin Li, Stefano Previdi and Charlie Perkins for the discussion and suggestions to this document. 11. References 11.1. Normative References [I-D.ietf-spring-segment-routing] Filsfils, C., Previdi, S., Ginsberg, L., Decraene, B., Litkowski, S., and R. Shakir, "Segment Routing Architecture", draft-ietf-spring-segment-routing-15 (work in progress), January 2018. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . Dong, et al. Expires April 25, 2019 [Page 12] Internet-Draft SR for VPN+ October 2018 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, . 11.2. Informative References [BBF-SD406] "BBF SD-406: End-to-End Network Slicing", 2016, . [DetNet] "DetNet WG", 2016, . [I-D.dong-lsr-sr-enhanced-vpn] Dong, J. and S. Bryant, "IGP Extensions for Segment Routing based Enhanced VPN", draft-dong-lsr-sr-enhanced- vpn-00 (work in progress), June 2018. [I-D.dong-teas-enhanced-vpn] Dong, J., Bryant, S., Li, Z., and T. Miyasaka, "A Framework for Enhanced Virtual Private Networks (VPN+)", draft-dong-teas-enhanced-vpn-02 (work in progress), October 2018. [I-D.ietf-idr-te-pm-bgp] Ginsberg, L., Previdi, S., Wu, Q., Tantsura, J., and C. Filsfils, "BGP-LS Advertisement of IGP Traffic Engineering Performance Metric Extensions", draft-ietf-idr-te-pm- bgp-14 (work in progress), October 2018. [NGMN-NS-Concept] "NGMN NS Concept", 2016, . [RFC3031] Rosen, E., Viswanathan, A., and R. Callon, "Multiprotocol Label Switching Architecture", RFC 3031, DOI 10.17487/RFC3031, January 2001, . [RFC3209] Awduche, D., Berger, L., Gan, D., Li, T., Srinivasan, V., and G. Swallow, "RSVP-TE: Extensions to RSVP for LSP Tunnels", RFC 3209, DOI 10.17487/RFC3209, December 2001, . Dong, et al. Expires April 25, 2019 [Page 13] Internet-Draft SR for VPN+ October 2018 [RFC3630] Katz, D., Kompella, K., and D. Yeung, "Traffic Engineering (TE) Extensions to OSPF Version 2", RFC 3630, DOI 10.17487/RFC3630, September 2003, . [RFC5305] Li, T. and H. Smit, "IS-IS Extensions for Traffic Engineering", RFC 5305, DOI 10.17487/RFC5305, October 2008, . [RFC5439] Yasukawa, S., Farrel, A., and O. Komolafe, "An Analysis of Scaling Issues in MPLS-TE Core Networks", RFC 5439, DOI 10.17487/RFC5439, February 2009, . [RFC5440] Vasseur, JP., Ed. and JL. Le Roux, Ed., "Path Computation Element (PCE) Communication Protocol (PCEP)", RFC 5440, DOI 10.17487/RFC5440, March 2009, . [RFC6241] Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., and A. Bierman, Ed., "Network Configuration Protocol (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011, . [RFC7471] Giacalone, S., Ward, D., Drake, J., Atlas, A., and S. Previdi, "OSPF Traffic Engineering (TE) Metric Extensions", RFC 7471, DOI 10.17487/RFC7471, March 2015, . [RFC7752] Gredler, H., Ed., Medved, J., Previdi, S., Farrel, A., and S. Ray, "North-Bound Distribution of Link-State and Traffic Engineering (TE) Information Using BGP", RFC 7752, DOI 10.17487/RFC7752, March 2016, . [RFC7810] Previdi, S., Ed., Giacalone, S., Ward, D., Drake, J., and Q. Wu, "IS-IS Traffic Engineering (TE) Metric Extensions", RFC 7810, DOI 10.17487/RFC7810, May 2016, . [RFC7950] Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", RFC 7950, DOI 10.17487/RFC7950, August 2016, . [RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L., Decraene, B., Litkowski, S., and R. Shakir, "Segment Routing Architecture", RFC 8402, DOI 10.17487/RFC8402, July 2018, . Dong, et al. Expires April 25, 2019 [Page 14] Internet-Draft SR for VPN+ October 2018 [TS23501] "3GPP TS23.501", 2016, . [TS28530] "3GPP TS28.530", 2016, . Authors' Addresses Jie Dong Huawei Technologies Email: jie.dong@huawei.com Stewart Bryant Huawei Technologies Email: stewart.bryant@gmail.com Zhenqiang Li China Mobile Email: li_zhenqiang@hotmail.com Takuya Miyasaka KDDI Corporation Email: ta-miyasaka@kddi.com Dong, et al. Expires April 25, 2019 [Page 15]