Network Working Group X. Zhang Internet-Draft F. Yang Intended status: Standards Track W. Cheng Expires: July 16, 2023 China Mobile Z. Fu New H3C Technologies January 16, 2023 Collaborative Mechanism for Integrated Computing and Network Service draft-zhang-rtgwg-mechanism-computing-network-00 Abstract This document introduces a collaborative mechanism of the SLA policy for integrated computing and network service when users access to the computing interconnection network. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on July 16, 2023. Copyright Notice Copyright (c) 2023 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Zhang, et al. Expires 16 July 2023 [Page 1] Collaborative Mechanism for Computing and Network Service January 2023 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Current mechanism . . . . . . . . . . . . . . . . . . . . . . 2 3. Usecase of AAA for intergrated computing and network service . 2 4. SLA-based AAA Process for intergrated computing-network service . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 4.1 Process of static SLA policy configuration during authentication. . . . . . . . . . . . . . . . . . . . . . . . 3 4.2 Process of dynamic SLA policy updating during authorization . 4 5. Security Considerations . . . . . . . . . . . . . . . . . . . 5 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 7. Normative References . . . . . . . . . . . . . . . . . . . . 5 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 5 1. Introduction AAA(Authentication Authorization Accounting)is an important function for service providers, include the network services and the current popular cloud services. With the trend of computing and network convergence, AAA and user management are important process that needs to be reconsidered. The current AAA especially accounting system for networking and computing is independent. This document introduces a collaborative mechanism of the SLA policy for integrated computing and network service. 2. Current mechanism In traditional network architecture, network nodes are responsible for forwarding and corresponding statistics. Therefore, network accounting nodes only need to pay attention to the consumption of network resources, such as access time, bandwidth, etc. Whereas computing is often another independent system, such as cloud. Cloud service providers provide various computing services, and the charge for using cloud services is completed by cloud service providers themselves. Therefore, under the current mechanism, the service for networking and computing is separated. This is determined by the fact that they are two independent systems. 3. Usecase of AAA for intergrated computing and network service Computing interconnection network is a system of computing and network convergence. Computing resource information is transmitted and aggregated in the network. Network nodes are responsible for collecting the location and status of these computing resources and combining them with original network information to form routing strategies which be used to steer packets to appropriate node. Users encapsulate their own requirements for computing and network in packets, and network nodes match appropriate routing strategies based on the requirements encapsulated in the packets. This is a process of simultaneous consumption of network resources and computing resources by users. Therefore, for network nodes that are Zhang, et al. Expires 16 July 2023 [Page 2] Collaborative Mechanism for Computing and Network Service January 2023 in charge of authentication authorization and accounting, it is necessary to consider the consumption of both network resources and computing resources at the same time. 4. The SLA-based AAA Process for intergrated computing-network service The following figure shows a typical architecture of SLA-based AAA for intergrated computing and network service. There are three roles here, including user device, service node and accounting server. user device +------+ | A |----+ +------+ | | user device | +-------------------+ +-------------------+ +------+ +---->| |<-------| | | B |--------->| Service Node | | Accounting server | +------+ +---->| |------->| | | +-------------------+ +-------------------+ user device | +------+ | | C |----+ +------+ Figure 1: SLA-based AAA Process of intergrated computing-network service User device: The enterprise or home user device of fixed network. Service node: That consists of network device such as BRAS routers and computing devices, in other words, the service node has the computing resources and network resources. Accounting server: The accounting server in the document supports the function of authentication and authorization. This document proposes a new accounting mechanism for computing and network convergence based on SLA. Different SLA levels may correspond to different prices because of different computing power and network resource allocation in the operator and user's contract. Multiple service traffic of the same user (enterprise or individual) is collected and charged based on the SLA service level specified in the operator's contract. Two methods could be considered to distribute the accounting strategy based on SLA which are both static policy configuration during the process of user authentication and dynamic policy updating during authorization. 4.1 Process of static SLA policy distribution during authentication This document assumes that the accounting server has been configured for SLA accounting policies based on the contract. And the function Zhang, et al. Expires 16 July 2023 [Page 3] Collaborative Mechanism for Computing and Network Service January 2023 of granular accounting for computing-network convergence service is enabled on the service node. Firstly, the user device initiates an online authentication request to the service node in the user authentication phase, and the authentication request message could carry information such as: user id, service id, enable tag of computing-network convergence accounting, SLA level, etc, which could be achieved by extending the option field of the DHCP discover message and other potentially relevant protocols. Secondly, the network device of service node receives the online authentication request carrying the SLA service information from user device, and sends it to the accounting server. Thirdly, the accounting server can obtain SLA information in the request from the user device and determine an SLA service policy on the basis of the SLA service information. The SLA service policy contains the information of the computing resources and network resources and some value-added services which can be used by the user's SLA service. The computing resources comprise CPU, GPU, storage, memory, etc. And the network resources comprise latency, bandwidth, jitter, reliability, etc. Additionally the value-added services comprise open network capabilities, underlying industry capabilities, operation and maintenance, security isolation and other functions. Then the accounting server sends the response message for authentication success including this policy to the service node. Fouthly, the service node receives the SLA service policy for user device from the accounting server. The policy could carry SLA service information such as: user id, service id, enable tag of computing-network convergence accounting, SLA level, etc. Then the service node executes the service scheduling and controlling including network and computing resource usage limits, and the service node allocates the requested network and computing resources in accordance with the stated new SLA policy. 4.2 Process of dynamic SLA policy updating during authorization Firstly, the accounting server obtains information on SLA which are modified or added by users accessing the portal server. The server sends the COA (change-of-Authorization) request for user authorization information change to the service node, which should carry the SLA service policy of the modified or added SLA business information. Secondly, the service node receives the stated SLA service policy in the COA reuqest from the server. It change the service authorization information of user device of the corresponding user-id and service-id, and judge whether its network and computing resources can meet the requirements of the stated SLA service policy. If the Zhang, et al. Expires 16 July 2023 [Page 4] Collaborative Mechanism for Computing and Network Service January 2023 authorization information of the user device is successfully changed and its own network resources and computing resources can meet the requirements of the SLA service policy, it sends a COA acknowledgement response to the network device. Otherwise, sends a COA Negative Answer message to the network device. The subsequent accounting process will be further updated in the future. 5. Security Considerations To be done. 6. IANA Considerations This document does not make any IANA request. 7. Informative References [I-D.rtgwg-srv6-computing-connect-usecases] X. Zhang, F. Yang, W. Cheng, Z. Fu, "Usecases of SRv6 Based Computing Interconnection Network", Work in Progress, Internet-Draft, draft-zhang-rtgwg-srv6- computing-connect-usecases-01, . Authors' Addresses Xiaoqiu Zhang China Mobile Email: zhangxiaoqiu@chinamobile.com Feng Yang China Mobile Email: yangfeng@chinamobile.com Weiqiang Cheng China Mobile Email: chengweiqiang@chinamobile.com Zhihua Fu New H3C Technologies Email: fuzhihua@h3c.com Zhang, et al. Expires 16 July 2023 [Page 5]