Carrying Binding Label/Segment-ID in PCE-based Networks.Cisco Systems, Inc.2000 Innovation DriveKanataOntarioK2K 3E8Canadamsiva@cisco.comCisco Systems, Inc.Pegasus ParcDe kleetlaan 6aDIEGEMBRABANT 1831BELGIUMcfilsfil@cisco.comApstra, Inc.jefftant.ietf@gmail.comMetaswitch Networks100 Church StreetEnfieldMiddlesexUKJonathan.Hardwick@metaswitch.comHuawei Technologiesstefano@previdi.netHuawei TechnologiesDivyashree Techno Park, WhitefieldBangaloreKarnataka 560066Indiadhruv.ietf@gmail.comPCE Working GroupIn order to provide greater scalability, network opacity, and service
independence, SR utilizes a Binding Segment Identifier (BSID).
It is possible to associate a BSID to RSVP-TE signaled Traffic Engineering Label Switching Path or binding Segment-ID (SID) to Segment Routed (SR) Traffic Engineering path. Such a binding label/SID can be used by an upstream node for steering traffic into the appropriate TE path to enforce SR policies. This document proposes an approach for reporting binding label/SID to Path Computation Element (PCE) for supporting PCE-based Traffic Engineering policies.The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED",
"MAY", and "OPTIONAL" in this document are to be interpreted as
described in BCP 14 when, and only when, they
appear in all capitals, as shown here.
A PCE can compute Traffic Engineering paths (TE paths) through a network that are subject to various constraints. Currently, TE paths are either set up using the RSVP-TE signaling protocol or Segment Routing (SR).
We refer to such paths as RSVP-TE paths and SR-TE paths respectively in this document.As per SR allows a headend node to steer a packet flow
along any path. The headend node is said to steer a flow into an Segment Routing
Policy (SR Policy). Further, as per , an SR Policy is a framework that enables instantiation of an ordered
list of segments on a node for implementing a source routing policy
with a specific intent for traffic steering from that node.As described in , Binding Segment Identifier (BSID) is bound to an Segment Routed (SR) Policy,
instantiation of which may involve a list of SIDs. Any packets
received with an active segment equal to BSID are steered onto the
bound SR Policy. A BSID may be either a local (SRLB) or a global (SRGB) SID. As per a BSID can also be associated with any type of interfaces or tunnel to enable the use of a non-SR interface or tunnels as segments in a SID-list. describes the Path Computation Element Protocol (PCEP) for communication between a Path Computation Client (PCC) and a PCE or between a pair of PCEs. specifies extension to PCEP that allows a PCC to delegate its LSPs to a stateful PCE. A stateful PCE can then update the state of LSPs delegated to it. specifies a mechanism allowing a PCE to dynamically instantiate an LSP on a PCC by sending the path and characteristics. The PCEP extension to setup and maintain SR-TE paths is specified in . provides a mechanism for a network controller
(acting as a PCE) to instantiate candidate paths for an SR Policy
onto a head-end node (acting as a PCC) using PCEP. For more
information on the SR Policy Architecture, see
.Binding label/SID has local significance to the ingress node of the corresponding TE path. When a stateful PCE is deployed for setting up TE paths, it may be desirable to report the binding label or SID to the stateful PCE for the purpose of enforcing end-to-end TE/SR policy. A sample Data Center (DC) use-case is illustrated in the following diagram. In the MPLS DC network, an SR LSP (without traffic engineering) is established using a prefix SID advertised by BGP (see ). In IP/MPLS WAN, an SR-TE LSP is setup using the PCE. The list of SIDs of the SR-TE LSP is {A, B, C, D}. The gateway node 1 (which is the PCC) allocates a binding SID X and reports it to the PCE. In order for the access node to steer the traffic over the SR-TE LSP, the PCE passes the SID stack {Y, X} where Y is the prefix SID of the gateway node-1 to the access node. In the absence of the binding SID X, the PCE should pass the SID stack {Y, A, B, C, D} to the access node. This example also illustrates the additional benefit of using the binding SID to reduce the number of SIDs imposed on the access nodes with a limited forwarding capacity.A PCC could report the binding label/SID allocated by it to the stateful PCE via Path Computation State Report (PCRpt) message. It is also possible for a stateful PCE to request a PCC to allocate a specific binding label/SID by sending an Path Computation Update Request (PCUpd) message. If the PCC can successfully allocate the specified binding value, it reports the binding value to the PCE. Otherwise, the PCC sends an error message to the PCE indicating the cause of the failure. A local policy or configuration at the PCC SHOULD dictate if the binding label/SID needs to be assigned.In this document, we introduce a new OPTIONAL TLV that a PCC can use in order to report the binding label/SID associated with a TE LSP, or a PCE to request a PCC to allocate a specific binding label/SID value. This TLV is intended for TE LSPs established using RSVP-TE, SR, or any other future method. Also, in the case of SR-TE LSPs, the TLV can carry a binding MPLS label (for SR-TE path with MPLS data-plane) or a binding IPv6 SID (e.g., IPv6 address for SR-TE paths with IPv6 data-plane). However, use of this TLV for carrying non-MPLS binding SID will be described in separate document(s). Binding value means either MPLS label or SID throughout this document.The following terminologies are used in this document:
Binding Segment Identifier. Label Edge Router. Label Switched Path. Label Switching Router. Path Computation Client. Path Computation Element Path Computation Element Protocol. Resource ReserVation Protocol-Traffic Engineering. Segment Identifier. Segment Routing. Segment Routing Global Block. Segment Routing Local Block. Type, Length, and Value.The new optional TLV is called "TE-PATH-BINDING TLV" whose format is shown in the diagram below is defined to carry binding label or SID for a TE path. This TLV is associated with the LSP object specified in (). The type of this TLV is to be allocated by IANA.TE-PATH-BINDING TLV is a generic TLV such that it is able to carry MPLS label binding as well as other types of future bindings (e.g., SRv6 path). It is formatted according to the rules specified in . The two byte Binding Type (BT) field identifies the type of binding included in the TLV. This document specifies the following BT values:
BT = 0: The binding value is an MPLS label carried in the format specified in where only the label value is valid, and other fields (TC, S, and TTL) fields MUST be considered invalid. The Length MUST be set to 6.BT = 1: Similar to the case where BT is 0 except that all the fields on the MPLS label entry are set on transmission. However, the receiver MAY choose to override TC, S, and TTL values according its local policy.Binding Value: A variable length field, padded with trailing zeros to a 4-byte boundary. For the BT as 0, the 20 bits represents the MPLS label. For the BT as 1, the 32-bits represents the label stack entry as per .The binding value is allocated by the PCC and reported to a PCE via PCRpt message. If a PCE does not recognize the TE-PATH-BINDING TLV, it MUST ignore the TLV in accordance with (). If a PCE recognizes the TLV but does not support the TLV, it MUST send PCErr with Error-Type = 2 (Capability not supported).If a TE-PATH-BINDING TLV is absent in PCRpt message, PCE MUST assume that the corresponding LSP does not have any binding. If there are more than one TE-PATH-BINDING TLVs, only the first TLV MUST be processed and the rest MUST be silently ignored. If a PCE recognizes an invalid binding value (e.g., label value from the reserved label space when MPLS label binding is used), it MUST send the PCErr message with Error-Type = 10 ("Reception of an invalid object") and Error Value = TBD ("Bad label value") as specified in .If a PCE requires a PCC to allocate a specific binding value, it may do so by sending a PCUpd or PCInitiate message containing a TE-PATH-BINDING TLV. If the value can be successfully allocated, the PCC reports the binding value to the PCE. If the PCC considers the binding value specified by the PCE invalid, it MUST send a PCErr message with Error-Type = TBD ("Binding label/SID failure") and Error Value = TBD ("Invalid SID"). If the binding value is valid, but the PCC is unable to allocate the binding value, it MUST send a PCErr message with Error-Type = TBD ("Binding label/SID failure") and Error Value = TBD ("Unable to allocate the specified label/SID").If a PCC receives TE-PATH-BINDING TLV in any message other than PCUpd or PCInitiate, it MUST close the corresponding PCEP session with the reason "Reception of a malformed PCEP message" (according to ). Similarly, if a PCE receives a TE-PATH-BINDING TLV in any message other than a PCRpt or if the TE-PATH-BINDING TLV is associated with any object other than LSP object, the PCE MUST close the corresponding PCEP session with the reason "Reception of a malformed PCEP message" (according to ).If a PCC wishes to withdraw or modify a previously reported binding value, it MUST send a PCRpt message without any TE-PATH-BINDING TLV or with the TE-PATH-BINDING TLV containing the new binding value respectively.If a PCE wishes to modify a previously requested binding value, it MUST send a PCUpd message with TE-PATH-BINDING TLV containing the new binding value. Absence of TE-PATH-BINDING TLV in PCUpd message means that the PCE does not specify a binding value in which case the binding value allocation is governed by the PCC's local policy.If a PCC receives a valid binding value from a PCE which is different than the current binding value, it MUST try to allocate the new value. If the new binding value is successfully allocated, the PCC MUST report the new value to the PCE. Otherwise, it MUST send a PCErr message with Error-Type = TBD ("Binding label/SID failure") and Error Value = TBD ("Unable to allocate the specified label/SID").In some cases, a stateful PCE can request the PCC to allocate a binding value. It may do so by sending a PCUpd message containing an empty TE-PATH-BINDING TLV, i.e., no binding value is specified (making the length field of the TLV as 2). A PCE can also make the request PCC to allocate a binding at the time of initiation by sending a PCInitiate message with an empty TE-PATH-BINDING TLV.The security considerations described in , , and
are applicable to this specification. No additional security measure is required.As described , SR allows a network controller to instantiate and control paths in the network. Note that if the security mechanisms of and are not used, then the protocol described in this document could be
attacked via manipulation of BSID.This document defines a new PCEP TLV; IANA is requested
to make the following allocations from the "PCEP TLV Type Indicators"
sub-registry of the PCEP Numbers registry, as follows:ValueName Reference TBDTE-PATH-BINDINGThis documentIANA is requested to create a sub-registry to manage the value of the Binding Type field in the
TE-PATH-BINDING TLV.ValueDescription Reference 0MPLS LabelThis document1MPLS Label Stack EntryThis documentThis document defines a new Error-type and Error-Values for the PCErr message. IANA is requested to allocate
new error-type and error-values within the "PCEP-ERROR Object Error Types and Values"
subregistry of the PCEP Numbers registry, as follows:
MeaningBinding label/SID failure:
Invalid SIDUnable to allocate the specified label/SIDTBDWe like to thank Milos Fabian for his valuable comments. introduces the architecture for PCE as a central controller
as an extension of the architecture described in and
assumes the continued use of PCEP as the protocol used between PCE
and PCC. further examines the motivations and
applicability for PCEP as a Southbound Interface (SBI), and
introduces the implications for the protocol.As per , PCE as a central controller can allocate and
provision the node/prefix/adjacency label (SID) via PCEP. It can also be used to allocate the binding SID as described in this section.The PCECC Capability as per
should also be
advertised on the PCEP session, along with the SR sub-TLVs before using this procedure.A P flag in LSP object is introduced in to indicate the allocation needs to be made by the PCE. The same flag is also set for the binding SID allocation request. A PCC would set this bit to 1 to request for
allocation of the binding label/SID by the PCE in the PCReq or PCRpt
message. A PCE would also set this bit to 1 to indicate that the
binding label/SID is allocated by PCE and encoded in the PCRep,
PCUpd or PCInitiate message (the TE-PATH-BINDING TLV is present in
LSP object). Further, a PCE would set this bit to 0 to indicate
that the path identifier is allocated by the PCC as described above.The ingress PCC could request the binding label/SID to be allocated by the PCE
via PCRpt message as per . The delegate flag (D-flag) MUST
also be set for this LSP. The TE-PATH-BINDING TLV MAY be included with no Binding
Value. The PCECC would allocated the binding label/SID and further respond to
Ingress PCC with PCUpd message as per and MUST include the
TE-PATH-BINDING TLV in a LSP object. The P flag in the LSP object would be set to 1 to indicate that the allocation is made by the PCE.The PCE could allocate the binding label/SID on its own accord for a PCE-
Initiated (or delegated LSP). The allocated binding label/SID needs to be
informed to the PCC. The PCE would use the
PCInitiate message or PCUpd message towards the
PCC and MUST include the TE-PATH-BINDING TLV in the LSP object. The P flag in the LSP object would be set to 1 to indicate that the allocation is made by the PCE.