Using IS-IS Multi-Topology (MT) for Segment Routing based Virtual Transport Network

Enhanced VPN (VPN+) is an enhancement to VPN services to support the needs of new applications, particularly including the applications that are associated with 5G services. These applications require enhanced isolation and have more stringent performance requirements than that can be provided with traditional overlay VPNs. Thus these properties require integration between the underlay and the overlay networks. specifies the framework of enhanced VPN and describes the candidate component technologies in different network planes and layers. An enhanced VPN may be used for 5G transport network slicing, and will also be of use in other generic scenarios. To meet the requirement of enhanced VPN services, a number of virtual transport networks (VTN) can be created, each with a subset of the underlay network topology and a subset of network resources allocated from the underlay network to meet the requirement of one or a group of VPN+ services. Another possible approach is to create a set of point-to-point paths, each with a set of network resource reserved along the path, such paths are called Virtual Transport Path (VTP). Although using a set of dedicated VTPs can provide similar characteristics as a VTN, it has some scalability issues due to the per-path state in the network. introduces resource awareness to Segment Routing (SR) . The resource-aware SIDs have additional semantics to identify the set of network resources available for the packet processing action associated with the SIDs. As described in , the resource-aware SIDs can be used to build virtual transport networks (VTNs) with the required network topology and network resource attributes to support enhanced VPN services. With segment routing based data plane, Segment Identifiers (SIDs) can be used to represent both the topology and the set of network resources allocated by network nodes to a virtual network. The SIDs of each VTN and the associated topology and resource attributes need to be distributed using control plane. defines the IGP mechanisms with necessary extensions to build a set of Segment Routing (SR) based VTNs. The VTNs could be used as the underlay of the enhanced VPN service. The mechanism described in allows flexible combination of the topology and resource attribute to build customized VTNs. In some network scenarios, it is assumed that each VTN can have an independent topology and a set of dedicated network resources. This document describes a simplified mechanism to build SR based VTNs in those scenarios. The approach is to use IS-IS Multi-Topology with segment routing to define the independent network topologies of each VTN. The attribute of network resources allocated to a VTN can be advertised by using IS-IS MT with the Traffic Engineering (TE) extensions defined in and .

IS-IS Multi-Topology Routing (MTR) has been defined to create independent topologies in one network. In , MT-based TLVs are introduced to carry topology-specific link-state information. The MT-specific Link or Prefix TLVs are defined by adding additional two bytes, which includes 12-bit MT-ID field in front of the ISN TLV and IP or IPv6 Reachability TLVs. This provides the capability of specifying the customized attributes of each topology. When each VTN is associated with an independent network topology, MT-ID could be used as the identifier of VTN in control plane. MTR can be used with segment routing based data plane. Thus the topology attribute of an SR based VTN could be advertised using MTR with segment routing. The IS-IS extensions to support the advertisement of topology-specific MPLS SIDs are specified in . Topology-specific Prefix-SIDs can be advertised by carrying the Prefix-SID sub-TLVs in the IS-IS TLV 235 (MT IP Reachability) and TLV 237 (MT IPv6 IP Reachability). Topology-specific Adj-SIDs can be advertised by carrying the Adj-SID sub-TLVs in IS-IS TLV 222 (MT-ISN) and TLV 223 (MT IS Neighbor Attribute). The IS-IS extensions to support the advertisement of topology-specific SRv6 Locators and SIDs are specified in . The topology-specific SRv6 locators are advertised using SRv6 Locator TLV, and SRv6 End SIDs inherit the MT-ID from the parent locator. The topology-specific End.X SID are advertised by carrying SRv6 End.X SID sub-TLVs in the IS-IS TLV 222 (MT-ISN) and TLV 223 (MT IS Neighbor Attribute).

In order to perform constraint based path computation for each VTN on the network controller or on the ingress nodes, the network resource and other attributes associated with each VTN need to be advertised.

On each network link, the information of the network resources and other attributes associated with a VTN can be specified by carrying the TE attributes sub-TLVs and in the IS-IS TLV 222 (MT-ISN) and TLV 223 (MT IS Neighbor Attribute) of the corresponding topology. When Maximum Link Bandwidth sub-TLV is carried in the MT-ISN TLV of a topology, it indicates the amount of link bandwidth allocated to the corresponding VTN. The bandwidth allocated to a VTN can be exclusive for services carried in the corresponding VTN. The usage of other TE attributes in topology-specific TLVs is for further study. Editor's note1: It is noted that carrying per-topology TE attributes was considered as a possible feature in future when the encoding of IS-IS multi-topology was defined in .

For SR-MPLS data plane, a Prefix-SID is associated with the paths calculated in the corresponding topology of a VTN. An outgoing interface is determined for each path. In addition, the prefix-SID also steers the traffic to use the subset of network resources allocated to the VTN on the outgoing interface for packet forwarding. An Adj-SID is associated with a subset of network resources allocated to a VTN on the link. The Adj-SIDs and Prefix-SIDs associated with the same VTN can be used together to build SR-MPLS paths with the topological and resource constraints of the VTN. For SRv6 data plane, an SRv6 Locator is a prefix which is associated with the paths calculated in the corresponding topology of a VTN. An outgoing interface is determined for each path. In addition, the SRv6 Locator prefix also steers the traffic to use the subset of network resources which are allocated to the VTN on the outgoing interface for packet forwarding. An End.X SID is associated with a subset of network resources allocated to a VTN on the link. The End.X SIDs and the SRv6 Locator prefixes associated with the same VTN can be used together to build SRv6 paths with the topological and resource constraints of the VTN.

The mechanism described in this document assumes that each VTN is associated with a unique topology, so that the MT-IDs can be reused to identify the VTNs in the control plane. While this brings the benefit of simplicity, it also has some limitations. For example, it means that even if multiple VTNs have the same topology, they would still need to be identified using different MT-IDs in the control plane, then independent path computation needs to be executed for each VTN. Thus the number of VTNs supported in a network may be dependent on the number of topologies supported, which is related to the control plane computation overhead.

This document introduces no additional security vulnerabilities to IS-IS. The mechanism proposed in this document is subject to the same vulnerabilities as any other protocol that relies on IGPs.

This document does not request any IANA actions.

The authors would like to thank Zhibo Hu, Dean Cheng, Les Ginsberg and Peter Psenak for the review and discussion of this document.