Carrying Binding Label/Segment-ID in
PCE-based Networks.Cisco Systems, Inc.Pegasus ParcDe kleetlaan 6aDIEGEMBRABANT 1831BELGIUMcfilsfil@cisco.comCiena Corporationmsiva282@gmail.comApstra, Inc.jefftant.ietf@gmail.comMetaswitch Networks100 Church StreetEnfieldMiddlesexUKJonathan.Hardwick@metaswitch.comHuawei Technologiesstefano@previdi.netHuawei TechnologiesHuawei Campus, No. 156 Beiqing Rd.Beijing100095Chinachengli13@huawei.comPCE Working GroupIn order to provide greater scalability, network opacity, and service
independence, Segment Routing (SR) utilizes a Binding Segment Identifier
(BSID). It is possible to associate a BSID to RSVP-TE signaled Traffic
Engineering Label Switching Path or binding Segment-ID (SID) to SR
Traffic Engineering path. Such a binding label/SID can be used by an
upstream node for steering traffic into the appropriate TE path to
enforce SR policies. This document proposes an approach for reporting
binding label/SID to Path Computation Element (PCE) for supporting
PCE-based Traffic Engineering policies.The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP 14
when, and only when,
they appear in all capitals, as shown here.A PCE can compute Traffic Engineering paths (TE paths) through a
network that are subject to various constraints. Currently, TE paths are
either set up using the RSVP-TE signaling protocol or Segment Routing
(SR). We refer to such paths as RSVP-TE paths and SR-TE paths
respectively in this document.As per SR allows a headend node to steer a
packet flow along any path. The headend node is said to steer a flow
into an Segment Routing Policy (SR Policy). Further, as per , an SR Policy is a
framework that enables instantiation of an ordered list of segments on a
node for implementing a source routing policy with a specific intent for
traffic steering from that node.As described in , Binding Segment Identifier
(BSID) is bound to an Segment Routed (SR) Policy, instantiation of which
may involve a list of SIDs. Any packets received with an active segment
equal to BSID are steered onto the bound SR Policy. A BSID may be either
a local (SR Local Block (SRLB)) or a global (SR Global Block (SRGB))
SID. As per Section 6.4 of a BSID can also be
associated with any type of interfaces or tunnel to enable the use of a
non-SR interface or tunnels as segments in a SID-list. describes the Path Computation Element
Protocol (PCEP) for communication between a Path Computation Client
(PCC) and a PCE or between a pair of PCEs as per . specifies extension to PCEP
that allows a PCC to delegate its LSPs to a stateful PCE. A stateful PCE
can then update the state of LSPs delegated to it. specifies a mechanism allowing a PCE to dynamically
instantiate an LSP on a PCC by sending the path and characteristics. The
PCEP extension to setup and maintain SR-TE paths is specified in . provides a mechanism for a network
controller (acting as a PCE) to instantiate candidate paths for an SR
Policy onto a head-end node (acting as a PCC) using PCEP. For more
information on the SR Policy Architecture, see .Binding label/SID has local significance to the ingress node of the
corresponding TE path. When a stateful PCE is deployed for setting up TE
paths, it may be desirable to report the binding label or SID to the
stateful PCE for the purpose of enforcing end-to-end TE/SR policy. A
sample Data Center (DC) use-case is illustrated in the following
diagram. In the MPLS DC network, an SR LSP (without traffic engineering)
is established using a prefix SID advertised by BGP (see ). In IP/MPLS WAN, an SR-TE LSP is setup using the
PCE. The list of SIDs of the SR-TE LSP is {A, B, C, D}. The gateway node
1 (which is the PCC) allocates a binding SID X and reports it to the
PCE. In order for the access node to steer the traffic over the SR-TE
LSP, the PCE passes the SID stack {Y, X} where Y is the prefix SID of
the gateway node-1 to the access node. In the absence of the binding SID
X, the PCE should pass the SID stack {Y, A, B, C, D} to the access node.
This example also illustrates the additional benefit of using the
binding SID to reduce the number of SIDs imposed on the access nodes
with a limited forwarding capacity.A PCC could report the binding label/SID allocated by it to the
stateful PCE via Path Computation State Report (PCRpt) message. It is
also possible for a stateful PCE to request a PCC to allocate a specific
binding label/SID by sending an Path Computation Update Request (PCUpd)
message. If the PCC can successfully allocate the specified binding
value, it reports the binding value to the PCE. Otherwise, the PCC sends
an error message to the PCE indicating the cause of the failure. A local
policy or configuration at the PCC SHOULD dictate if the binding
label/SID needs to be assigned.In this document, we introduce a new OPTIONAL TLV that a PCC can use
in order to report the binding label/SID associated with a TE LSP, or a
PCE to request a PCC to allocate a specific binding label/SID value.
This TLV is intended for TE LSPs established using RSVP-TE, SR, or any
other future method. Also, in the case of SR-TE LSPs, the TLV can carry
a binding MPLS label (for SR-TE path with MPLS data-plane) or a binding
IPv6 SID (e.g., IPv6 address for SR-TE paths with IPv6 data-plane).
Binding value means either MPLS label or SID throughout this
document.Additionally, to support the PCE based central controller operation where the PCE would take responsibility for
managing some part of the MPLS label space for each of the routers that
it controls, the PCE could directly make the binding label/SID
allocation and inform the PCC. See for
details.The following terminologies are used in this document: Binding Segment Identifier.Label Edge Router.Label Switched Path.Label Switching Router.Path Computation Client.Path Computation ElementPath Computation Element Protocol.Resource ReserVation Protocol-Traffic
Engineering.Segment Identifier.Segment Routing.Segment Routing Global Block.Segment Routing Local Block.Type, Length, and Value.The new optional TLV is called "TE-PATH-BINDING TLV" (whose format is
shown in the figure below) is defined to carry binding label or SID for
a TE path. This TLV is associated with the LSP object specified in
(). The type of this TLV is to be allocated by
IANA.TE-PATH-BINDING TLV is a generic TLV such that it is able to carry
MPLS label binding as well as SRv6 Binding SID. It is formatted
according to the rules specified in .Binding Type (BT): A one byte field identifies the type of binding
included in the TLV. This document specifies the following BT values:
BT = 0: The binding value is an MPLS label carried in the format
specified in where only the label value is
valid, and other fields fields MUST be considered invalid. The
Length MUST be set to 7.BT = 1: Similar to the case where BT is 0 except that all the
fields on the MPLS label entry are set on transmission. However, the
receiver MAY choose to override TC, S, and TTL values according its
local policy. The Length MUST be set to 8.BT = 2: The binding value is a SRv6 SID with a format of an 16
byte IPv6 address, representing the binding SID for SRv6. The Length
MUST be set to 20.Reserved: MUST be set to 0 while sending and ignored on receipt.Binding Value: A variable length field, padded with trailing zeros to
a 4-byte boundary. For the BT as 0, the 20 bits represents the MPLS
label. For the BT as 1, the 32-bits represents the label stack entry as
per . For the BT as 2, the 128-bits represent
the SRv6 SID.The binding value is allocated by the PCC and reported to a PCE via
PCRpt message. If a PCE does not recognize the TE-PATH-BINDING TLV, it
would ignore the TLV in accordance with (). If a
PCE recognizes the TLV but does not support the TLV, it MUST send PCErr
with Error-Type = 2 (Capability not supported).If a TE-PATH-BINDING TLV is absent in PCRpt message, PCE MUST assume
that the corresponding LSP does not have any binding. If there are more
than one TE-PATH-BINDING TLVs, only the first TLV MUST be processed and
the rest MUST be silently ignored. If a PCE recognizes an invalid
binding value (e.g., label value from the reserved label space when MPLS
label binding is used), it MUST send the PCErr message with Error-Type =
10 ("Reception of an invalid object") and Error Value = 2 ("Bad label
value") as specified in .If a PCE requires a PCC to allocate a specific binding value, it may
do so by sending a PCUpd or PCInitiate message containing a
TE-PATH-BINDING TLV. If the value can be successfully allocated, the PCC
reports the binding value to the PCE. If the PCC considers the binding
value specified by the PCE invalid, it MUST send a PCErr message with
Error-Type = TBD2 ("Binding label/SID failure") and Error Value = TBD3
("Invalid SID"). If the binding value is valid, but the PCC is unable to
allocate the binding value, it MUST send a PCErr message with Error-Type
= TBD2 ("Binding label/SID failure") and Error Value = TBD4 ("Unable to
allocate the specified label/SID").If a PCC receives TE-PATH-BINDING TLV in any message other than PCUpd
or PCInitiate, it MUST close the corresponding PCEP session with the
reason "Reception of a malformed PCEP message" (according to ). Similarly, if a PCE receives a TE-PATH-BINDING TLV
in any message other than a PCRpt or if the TE-PATH-BINDING TLV is
associated with any object other than LSP object, the PCE MUST close the
corresponding PCEP session with the reason "Reception of a malformed
PCEP message" (according to ).If a PCC wishes to withdraw or modify a previously reported binding
value, it MUST send a PCRpt message without any TE-PATH-BINDING TLV or
with the TE-PATH-BINDING TLV containing the new binding value
respectively.If a PCE wishes to modify a previously requested binding value, it
MUST send a PCUpd message with TE-PATH-BINDING TLV containing the new
binding value. Absence of TE-PATH-BINDING TLV in PCUpd message means
that the PCE does not specify a binding value in which case the binding
value allocation is governed by the PCC's local policy.If a PCC receives a valid binding value from a PCE which is different
than the current binding value, it MUST try to allocate the new value.
If the new binding value is successfully allocated, the PCC MUST report
the new value to the PCE. Otherwise, it MUST send a PCErr message with
Error-Type = TBD2 ("Binding label/SID failure") and Error Value = TBD4
("Unable to allocate the specified label/SID").In some cases, a stateful PCE can request the PCC to allocate a
binding value. It may do so by sending a PCUpd message containing an
empty TE-PATH-BINDING TLV, i.e., no binding value is specified (making
the length field of the TLV as 4). A PCE can also make the request PCC
to allocate a binding at the time of initiation by sending a PCInitiate
message with an empty TE-PATH-BINDING TLV.In PCEP messages, LSP route information is carried in the Explicit
Route Object (ERO), which consists of a sequence of subobjects. defines a new ERO subobject "SR-ERO subobject"
capable of carrying a SID as well as the identity of the node/adjacency
(NAI) represented by the SID. The NAI Type (NT) field indicates the type
and format of the NAI contained in the SR-ERO. In case of binding SID,
the NAI MUST NOT be included and NT MUST be set to zero. So as per
Section 5.2.1 of , for NT=0, the F bit is set to
1, the S bit needs to be zero and the Length is 8. Further the M bit is
set. If these conditions are not met, the entire ERO MUST be considered
invalid and a PCErr message is sent with Error-Type = 10 ("Reception of
an invalid object") and Error-Value = 11 ("Malformed object"). defines a new ERO subobject "SRv6-ERO
subobject" for SRv6 SID. The NAI MUST NOT be included and NT MUST be set
to zero. So as per Section 5.2.1 of , for NT=0,
the F bit is set to 1, the S bit needs to be zero and the Length is 24.
If these conditions are not met, the entire ERO is considered invalid
and a PCErr message is sent with Error-Type = 10 ("Reception of an
invalid object") and Error-Value = 11 ("Malformed object") (as per ).[Note to the RFC Editor - remove this section before publication, as
well as remove the reference to RFC 7942.]This section records the status of known implementations of the
protocol defined by this specification at the time of posting of this
Internet-Draft, and is based on a proposal described in . The description of implementations in this section
is intended to assist the IETF in its decision processes in progressing
drafts to RFCs. Please note that the listing of any individual
implementation here does not imply endorsement by the IETF. Furthermore,
no effort has been spent to verify the information presented here that
was supplied by IETF contributors. This is not intended as, and must not
be construed to be, a catalog of available implementations or their
features. Readers are advised to note that other implementations may
exist.According to , "this will allow reviewers and
working groups to assign due consideration to documents that have the
benefit of running code, which may serve as evidence of valuable
experimentation and feedback that have made the implemented protocols
more mature. It is up to the individual working groups to use this
information as they see fit".Organization: HuaweiImplementation: Huawei's Router and ControllerDescription: An experimental code-point is used and plan to
request early code-point allocation from IANA after WG
adoption.Maturity Level: ProductionCoverage: FullContact: chengli13@huawei.comThe security considerations described in ,
, and are applicable to this specification. No additional
security measure is required.As described , SR allows a network controller
to instantiate and control paths in the network. A rouge PCE can
manipulate binding SID allocations to move traffic around for some other
LSPs that uses BSID in its SR-ERO.Thus, as per , it is RECOMMENDED that these
PCEP extensions only be activated on authenticated and encrypted
sessions across PCEs and PCCs belonging to the same administrative
authority, using Transport Layer Security (TLS) , as per the recommendations and best current
practices in BCP195 (unless explicitly set
aside in ).All manageability requirements and considerations listed in , , and apply to PCEP protocol extensions defined in this
document. In addition, requirements and considerations listed in this
section apply.A PCC implementation SHOULD allow the operator to configure the
policy based on which PCC needs to allocates the binding
label/SID.The PCEP YANG module could
be extended to include policy configuration for binding label/SID
allocation.Mechanisms defined in this document do not imply any new liveness
detection and monitoring requirements in addition to those already
listed in .Mechanisms defined in this document do not imply any new operation
verification requirements in addition to those already listed in , , and .Mechanisms defined in this document do not imply any new
requirements on other protocols.Mechanisms defined in , , and also apply to PCEP
extensions defined in this document. Further, the mechanism described
in this document can help the operator to request control of the LSPs
at a particular PCE.This document defines a new PCEP TLV; IANA is requested to make the
following allocations from the "PCEP TLV Type Indicators" sub-registry
of the PCEP Numbers registry, as follows:ValueNameReferenceTBD1TE-PATH-BINDINGThis documentIANA is requested to create a sub-registry to manage the value of
the Binding Type field in the TE-PATH-BINDING TLV.ValueDescriptionReference0MPLS LabelThis document1MPLS Label Stack EntryThis document2SRv6 SIDThis documentThis document defines a new Error-type and Error-Values for the
PCErr message. IANA is requested to allocate new error-type and
error-values within the "PCEP-ERROR Object Error Types and Values"
subregistry of the PCEP Numbers registry, as follows: MeaningBinding label/SID failure: Invalid SIDUnable to allocate the
specified label/SIDWe like to thank Milos Fabian and Mrinmoy Das for thier valuable
comments.