Using IS-IS Multi-Topology (MT) for
Segment Routing based Virtual Transport Network
China Telecom
China Telecom Beijing Information Science & Technology,
Beiqijia
Beijing
102209
China
xiechf@chinatelecom.cn
China Telecom
China Telecom Beijing Information Science & Technology,
Beiqijia
Beijing
102209
China
machh@chinatelecom.cn
Huawei Technologies
Huawei Campus, No. 156 Beiqing Road
Beijing
100095
China
jie.dong@huawei.com
Huawei Technologies
Huawei Campus, No. 156 Beiqing Road
Beijing
100095
China
lizhenbin@huawei.com
LSR Working Group
Enhanced VPN (VPN+) aims to provide enhanced VPN service to support
some application's needs of enhanced isolation and stringent performance
requirements. VPN+ requires integration between the overlay VPN and the
underlay network. A Virtual Transport Network (VTN) is a virtual
underlay network which consists of a subset of the network topology and
network resources allocated from the physical network. A VTN could be
used as the underlay for one or a group of VPN+ services.
In some network scenarios, each VTN can be associated with a unique
logicial network topology. This document describes a mechanism to build
the SR based VTNs using IS-IS Multi-Topology together with other
well-defined IS-IS extensions.
Enhanced VPN (VPN+) is an enhancement to VPN services to support the
needs of new applications, particularly including the applications that
are associated with 5G services. These applications require enhanced
isolation and have more stringent performance requirements than that can
be provided with traditional overlay VPNs. Thus these properties require
integration between the underlay and the overlay networks. specifies the framework of
enhanced VPN and describes the candidate component technologies in
different network planes and layers. An enhanced VPN may be used for 5G
transport network slicing, and will also be of use in other generic
scenarios.
To meet the requirement of enhanced VPN services, a number of virtual
transport networks (VTN) can be created, each with a subset of the
underlay network topology and a subset of network resources allocated
from the underlay network to meet the requirement of one or a group of
VPN+ services. Another possible approach is to create a set of
point-to-point paths, each with a set of network resource reserved along
the path, such paths are called Virtual Transport Path (VTP). Although
using a set of dedicated VTPs can provide similar characteristics as a
VTN, it has some scalability issues due to the per-path state in the
network.
introduces
resource awareness to Segment Routing (SR) . The
resource-aware SIDs have additional semantics to identify the set of
network resources available for the packet processing action associated
with the SIDs. As described in , the resource-aware SIDs
can be used to build virtual transport networks (VTNs) with the required
network topology and network resource attributes to support enhanced VPN
services. With segment routing based data plane, Segment Identifiers
(SIDs) can be used to represent both the topology and the set of network
resources allocated by network nodes to a virtual network. The SIDs of
each VTN and the associated topology and resource attributes need to be
distributed using control plane.
defines the IGP
mechanisms with necessary extensions to build a set of Segment Routing
(SR) based VTNs. The VTNs could be used as the underlay of the enhanced
VPN service. The mechanism described in allows flexible combination of
the topology and resource attribute to build customized VTNs. In some
network scenarios, it is assumed that each VTN can have an independent
topology and a set of dedicated network resources. This document
describes a simplified mechanism to build SR based VTNs in those
scenarios.
The approach is to use IS-IS Multi-Topology
with segment routing to define the independent
network topologies of each VTN. The attribute of network resources
allocated to a VTN can be advertised by using IS-IS MT with the Traffic
Engineering (TE) extensions defined in and
.
IS-IS Multi-Topology Routing (MTR) has been
defined to create independent topologies in one network. In , MT-based TLVs are introduced to carry
topology-specific link-state information. The MT-specific Link or Prefix
TLVs are defined by adding additional two bytes, which includes 12-bit
MT-ID field in front of the ISN TLV and IP or IPv6 Reachability TLVs.
This provides the capability of specifying the customized attributes of
each topology. When each VTN is associated with an independent network
topology, MT-ID could be used as the identifier of VTN in control
plane.
MTR can be used with segment routing based data plane. Thus the
topology attribute of an SR based VTN could be advertised using MTR with
segment routing. The IS-IS extensions to support the advertisement of
topology-specific MPLS SIDs are specified in .
Topology-specific Prefix-SIDs can be advertised by carrying the
Prefix-SID sub-TLVs in the IS-IS TLV 235 (MT IP Reachability) and TLV
237 (MT IPv6 IP Reachability). Topology-specific Adj-SIDs can be
advertised by carrying the Adj-SID sub-TLVs in IS-IS TLV 222 (MT-ISN)
and TLV 223 (MT IS Neighbor Attribute).
The IS-IS extensions to support the advertisement of
topology-specific SRv6 Locators and SIDs are specified in . The topology-specific SRv6
locators are advertised using SRv6 Locator TLV, and SRv6 End SIDs
inherit the MT-ID from the parent locator. The topology-specific End.X
SID are advertised by carrying SRv6 End.X SID sub-TLVs in the IS-IS TLV
222 (MT-ISN) and TLV 223 (MT IS Neighbor Attribute).
In order to perform constraint based path computation for each VTN on
the network controller or on the ingress nodes, the network resource and
other attributes associated with each VTN need to be advertised.
On each network link, the information of the network resources and
other attributes associated with a VTN can be specified by carrying
the TE attributes sub-TLVs and in the IS-IS TLV 222 (MT-ISN) and TLV 223 (MT IS
Neighbor Attribute) of the corresponding topology.
When Maximum Link Bandwidth sub-TLV is carried in the MT-ISN TLV of
a topology, it indicates the amount of link bandwidth allocated to the
corresponding VTN. The bandwidth allocated to a VTN can be exclusive
for services carried in the corresponding VTN. The usage of other TE
attributes in topology-specific TLVs is for further study.
Editor's note1: It is noted that carrying per-topology TE
attributes was considered as a possible feature in future when the
encoding of IS-IS multi-topology was defined in .
For SR-MPLS data plane, a Prefix-SID is associated with the paths
calculated in the corresponding topology of a VTN. An outgoing interface
is determined for each path. In addition, the prefix-SID also steers the
traffic to use the subset of network resources allocated to the VTN on
the outgoing interface for packet forwarding. An Adj-SID is associated
with a subset of network resources allocated to a VTN on the link. The
Adj-SIDs and Prefix-SIDs associated with the same VTN can be used
together to build SR-MPLS paths with the topological and resource
constraints of the VTN.
For SRv6 data plane, an SRv6 Locator is a prefix which is associated
with the paths calculated in the corresponding topology of a VTN. An
outgoing interface is determined for each path. In addition, the SRv6
Locator prefix also steers the traffic to use the subset of network
resources which are allocated to the VTN on the outgoing interface for
packet forwarding. An End.X SID is associated with a subset of network
resources allocated to a VTN on the link. The End.X SIDs and the SRv6
Locator prefixes associated with the same VTN can be used together to
build SRv6 paths with the topological and resource constraints of the
VTN.
The mechanism described in this document assumes that each VTN is
associated with a unique topology, so that the MT-IDs can be reused to
identify the VTNs in the control plane. While this brings the benefit of
simplicity, it also has some limitations. For example, it means that
even if multiple VTNs have the same topology, they would still need to
be identified using different MT-IDs in the control plane, then
independent path computation needs to be executed for each VTN. Thus the
number of VTNs supported in a network may be dependent on the number of
topologies supported, which is related to the control plane computation
overhead.
This document introduces no additional security vulnerabilities to
IS-IS.
The mechanism proposed in this document is subject to the same
vulnerabilities as any other protocol that relies on IGPs.
This document does not request any IANA actions.
The authors would like to thank Zhibo Hu, Dean Cheng, Les Ginsberg
and Peter Psenak for the review and discussion of this document.
Segment Routing based Virtual Transport Network (VTN) for
Enhanced VPN
Huawei Technologies
Futurewei Technologies
KDDI Corporation
China Telecom
China Mobile
China Mobile
Cisco Systems