< draft-ietf-detnet-mpls-over-tsn-05.txt   draft-ietf-detnet-mpls-over-tsn-06.txt >
DetNet B. Varga, Ed. DetNet B. Varga, Ed.
Internet-Draft J. Farkas Internet-Draft J. Farkas
Intended status: Informational Ericsson Intended status: Informational Ericsson
Expires: June 16, 2021 A. Malis Expires: August 16, 2021 A. Malis
Malis Consulting Malis Consulting
S. Bryant S. Bryant
Futurewei Technologies Futurewei Technologies
December 13, 2020 February 12, 2021
DetNet Data Plane: MPLS over IEEE 802.1 Time Sensitive Networking (TSN) DetNet Data Plane: MPLS over IEEE 802.1 Time-Sensitive Networking (TSN)
draft-ietf-detnet-mpls-over-tsn-05 draft-ietf-detnet-mpls-over-tsn-06
Abstract Abstract
This document specifies the Deterministic Networking MPLS data plane This document specifies the Deterministic Networking MPLS data plane
when operating over a TSN sub-network. This document does not define when operating over an IEEE 802.1 Time-Sensitive Networking (TSN)
new procedures or processes. Whenever this document makes sub-network. This document does not define new procedures or
requirements statements or recommendations, these are taken from processes. Whenever this document makes requirements statements or
normative text in the referenced RFCs. recommendations, these are taken from normative text in the
referenced RFCs.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on June 16, 2021. This Internet-Draft will expire on August 16, 2021.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
2.1. Terms Used in This Document . . . . . . . . . . . . . . . 3 2.1. Terms Used in This Document . . . . . . . . . . . . . . . 3
2.2. Abbreviations . . . . . . . . . . . . . . . . . . . . . . 3 2.2. Abbreviations . . . . . . . . . . . . . . . . . . . . . . 3
3. DetNet MPLS Data Plane Overview . . . . . . . . . . . . . . . 3 3. DetNet MPLS Data Plane Overview . . . . . . . . . . . . . . . 4
4. DetNet MPLS Operation Over IEEE 802.1 TSN Sub-Networks . . . 4 4. DetNet MPLS Operation Over IEEE 802.1 TSN Sub-Networks . . . 4
4.1. Functions for DetNet Flow to TSN Stream Mapping . . . . . 6 4.1. Functions for DetNet Flow to TSN Stream Mapping . . . . . 6
4.2. TSN requirements of MPLS DetNet nodes . . . . . . . . . . 6 4.2. TSN requirements of MPLS DetNet nodes . . . . . . . . . . 6
4.3. Service protection within the TSN sub-network . . . . . . 8 4.3. Service protection within the TSN sub-network . . . . . . 8
4.4. Aggregation during DetNet flow to TSN Stream mapping . . 8 4.4. Aggregation during DetNet flow to TSN Stream mapping . . 8
5. Management and Control Implications . . . . . . . . . . . . . 8 5. Management and Control Implications . . . . . . . . . . . . . 8
6. Security Considerations . . . . . . . . . . . . . . . . . . . 10 6. Security Considerations . . . . . . . . . . . . . . . . . . . 10
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11
8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 11 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 11
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 11
9.1. Normative References . . . . . . . . . . . . . . . . . . 11 9.1. Normative References . . . . . . . . . . . . . . . . . . 11
9.2. Informative References . . . . . . . . . . . . . . . . . 11 9.2. Informative References . . . . . . . . . . . . . . . . . 11
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 12 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 12
1. Introduction 1. Introduction
Deterministic Networking (DetNet) is a service that can be offered by Deterministic Networking (DetNet) is a service that can be offered by
a network to DetNet flows. DetNet provides these flows with a low a network to DetNet flows. DetNet provides these flows with low
packet loss rates and assured maximum end-to-end delivery latency. packet loss rates and assured maximum end-to-end delivery latency.
General background and concepts of DetNet can be found in [RFC8655]. General background and concepts of DetNet can be found in [RFC8655].
The DetNet Architecture decomposes the DetNet related data plane The DetNet Architecture decomposes the DetNet related data plane
functions into two sub-layers: a service sub-layer and a forwarding functions into two sub-layers: a service sub-layer and a forwarding
sub-layer. The service sub-layer is used to provide DetNet service sub-layer. The service sub-layer is used to provide DetNet service
protection and reordering. The forwarding sub-layer is used to protection and reordering. The forwarding sub-layer is used to
provides congestion protection (low loss, assured latency, and provide congestion protection (low loss, assured latency, and limited
limited reordering) leveraging MPLS Traffic Engineering mechanisms. reordering) leveraging MPLS Traffic Engineering mechanisms.
[I-D.ietf-detnet-mpls] specifies the DetNet data plane operation for [RFC8964] specifies the DetNet data plane operation for MPLS-based
MPLS-based Packet Switched Network (PSN). MPLS encapsulated DetNet Packet Switched Network (PSN). MPLS encapsulated DetNet flows can be
flows can be carried over network technologies that can provide the carried over network technologies that can provide the DetNet
DetNet required level of service. This document focuses on the required level of service. This document focuses on the scenario
scenario where MPLS (DetNet) nodes are interconnected by a IEEE 802.1 where MPLS (DetNet) nodes are interconnected by a IEEE 802.1 TSN sub-
TSN sub-network. network. There is close cooperation between the IETF DetNet WG and
the IEEE 802.1 TSN TG.
2. Terminology 2. Terminology
2.1. Terms Used in This Document 2.1. Terms Used in This Document
This document uses the terminology established in the DetNet This document uses the terminology established in the DetNet
architecture [RFC8655] and [I-D.ietf-detnet-mpls], and the reader is architecture [RFC8655] and [RFC8964]. TSN specific terms are defined
assumed to be familiar with that document and its terminology. in the TSN TG of IEEE 802.1 Working Group. The reader is assumed to
be familiar with these documents and their terminology.
2.2. Abbreviations 2.2. Abbreviations
The following abbreviations are used in this document: The following abbreviations are used in this document:
A-Label Aggregation label, a special case of an S-Label.
CW Control Word. CW Control Word.
DetNet Deterministic Networking. DetNet Deterministic Networking.
DF DetNet Flow. DF DetNet Flow.
F-Label Forwarding label that identifies the LSP used by a
DetNet flow.
FRER Frame Replication and Elimination for Redundancy (TSN FRER Frame Replication and Elimination for Redundancy (TSN
function). function).
L2 Layer 2. L2 Layer 2.
L3 Layer 3. L3 Layer 3.
LSR Label Switching Router. LSR Label Switching Router.
MPLS Multiprotocol Label Switching. MPLS Multiprotocol Label Switching.
skipping to change at page 3, line 44 skipping to change at page 3, line 50
PE Provider Edge. PE Provider Edge.
PREOF Packet Replication, Elimination and Ordering Functions. PREOF Packet Replication, Elimination and Ordering Functions.
PSN Packet Switched Network. PSN Packet Switched Network.
PW PseudoWire. PW PseudoWire.
S-PE Switching Provider Edge. S-PE Switching Provider Edge.
S-Label Service label.
T-PE Terminating Provider Edge. T-PE Terminating Provider Edge.
TSN Time-Sensitive Network. TSN Time-Sensitive Network.
3. DetNet MPLS Data Plane Overview 3. DetNet MPLS Data Plane Overview
The basic approach defined in [I-D.ietf-detnet-mpls] supports the The basic approach defined in [RFC8964] supports the DetNet service
DetNet service sub-layer based on existing pseudowire (PW) sub-layer based on existing pseudowire (PW) encapsulations and
encapsulations and mechanisms, and supports the DetNet forwarding mechanisms, and supports the DetNet forwarding sub-layer based on
sub-layer based on existing MPLS Traffic Engineering encapsulations existing MPLS Traffic Engineering encapsulations and mechanisms.
and mechanisms.
A node operating on a DetNet flow in the Detnet service sub-layer, A node operating on a DetNet flow in the Detnet service sub-layer,
i.e. a node processing a DetNet packet which has the S-Label as top i.e. a node processing a DetNet packet which has the S-Label as top
of stack uses the local context associated with that S-Label, for of stack uses the local context associated with that service label
example a received F-Label, to determine what local DetNet (S-Label), for example a received forwarding label (F-Label), to
operation(s) are applied to that packet. An S-Label may be unique determine what local DetNet operation(s) are applied to that packet.
when taken from the platform label space [RFC3031], which would An S-Label may be unique when taken from the platform label space
enable correct DetNet flow identification regardless of which input [RFC3031], which would enable correct DetNet flow identification
interface or LSP the packet arrives on. The service sub-layer regardless of which input interface or LSP the packet arrives on.
functions (i.e., PREOF) use a DetNet control word (d-CW). The service sub-layer functions (i.e., PREOF) use a DetNet control
word (d-CW).
The DetNet MPLS data plane builds on MPLS Traffic Engineering The DetNet MPLS data plane builds on MPLS Traffic Engineering
encapsulations and mechanisms to provide a forwarding sub-layer that encapsulations and mechanisms to provide a forwarding sub-layer that
is responsible for providing resource allocation and explicit routes. is responsible for providing resource allocation and explicit routes.
The forwarding sub-layer is supported by one or more forwarding The forwarding sub-layer is supported by one or more F-Labels.
labels (F-Labels).
DetNet edge/relay nodes are DetNet service sub-layer aware, DetNet edge/relay nodes are DetNet service sub-layer aware,
understand the particular needs of DetNet flows and provide both understand the particular needs of DetNet flows and provide both
DetNet service and forwarding sub-layer functions. They add, remove DetNet service and forwarding sub-layer functions. They add, remove
and process d-CWs, S-Labels and F-labels as needed. MPLS DetNet and process d-CWs, S-Labels and F-labels as needed. MPLS DetNet
nodes and transit nodes include DetNet forwarding sub-layer nodes and transit nodes include DetNet forwarding sub-layer
functions, support for notably explicit routes, and resources functions, support for notably explicit routes, and resources
allocation to eliminate (or reduce) congestion loss and jitter. allocation to eliminate (or reduce) congestion loss and jitter.
Unlike other DetNet node types, transit nodes provide no service sub- Unlike other DetNet node types, transit nodes provide no service sub-
layer processing. layer processing.
MPLS (DetNet) nodes and transit nodes interconnected by a TSN sub- MPLS (DetNet) nodes and transit nodes interconnected by a TSN sub-
network are the primary focus of this document. The mapping of network are the primary focus of this document. The mapping of
DetNet MPLS flows to TSN streams and TSN protection mechanisms are DetNet MPLS flows to TSN streams and TSN protection mechanisms are
covered in Section 4. covered in Section 4.
4. DetNet MPLS Operation Over IEEE 802.1 TSN Sub-Networks 4. DetNet MPLS Operation Over IEEE 802.1 TSN Sub-Networks
The DetNet WG collaborates with IEEE 802.1 TSN in order to define a The DetNet WG collaborates with IEEE 802.1 TSN in order to define a
common architecture for both Layer 2 and Layer 3, what maintains common architecture for both Layer 2 and Layer 3, that maintains
consistency across diverse networks. Both DetNet MPLS and TSN use consistency across diverse networks. Both DetNet MPLS and TSN use
the same techniques to provide their deterministic service: the same techniques to provide their deterministic service:
o Service protection. o Service protection.
o Resource allocation. o Resource allocation.
o Explicit routes. o Explicit routes.
As described in the DetNet architecture [RFC8655] a sub-network As described in the DetNet architecture [RFC8655] a sub-network
skipping to change at page 5, line 46 skipping to change at page 5, line 50
Figure 1: DetNet Enabled MPLS Network Over a TSN Sub-Network Figure 1: DetNet Enabled MPLS Network Over a TSN Sub-Network
The Time-Sensitive Networking (TSN) Task Group of the IEEE 802.1 The Time-Sensitive Networking (TSN) Task Group of the IEEE 802.1
Working Group have defined (and are defining) a number of amendments Working Group have defined (and are defining) a number of amendments
to IEEE 802.1Q [IEEE8021Q] that provide zero congestion loss and to IEEE 802.1Q [IEEE8021Q] that provide zero congestion loss and
bounded latency in bridged networks. Furthermore IEEE 802.1CB bounded latency in bridged networks. Furthermore IEEE 802.1CB
[IEEE8021CB] defines frame replication and elimination functions for [IEEE8021CB] defines frame replication and elimination functions for
reliability that should prove both compatible with and useful to, reliability that should prove both compatible with and useful to,
DetNet networks. All these functions have to identify flows those DetNet networks. All these functions have to identify flows those
require TSN treatment. require TSN treatment (i.e., applying TSN functions during
forwarding).
TSN capabilities of the TSN sub-network are made available for MPLS TSN capabilities of the TSN sub-network are made available for MPLS
(DetNet) flows via the protocol interworking function defined in (DetNet) flows via the protocol interworking function defined in
Annex C.5 of IEEE 802.1CB [IEEE8021CB]. For example, applied on the Annex C.5 of IEEE 802.1CB [IEEE8021CB]. For example, applied on the
TSN edge port it can convert an ingress unicast MPLS (DetNet) flow to TSN edge port it can convert an ingress unicast MPLS (DetNet) flow to
use a specific Layer-2 multicast destination MAC address and a VLAN, use a specific Layer-2 multicast destination MAC address and a VLAN,
in order to direct the packet through a specific path inside the in order to direct the packet through a specific path inside the
bridged network. A similar interworking function pair at the other bridged network. A similar interworking function pair at the other
end of the TSN sub-network would restore the packet to its original end of the TSN sub-network would restore the packet to its original
Layer-2 destination MAC address and VLAN. Layer-2 destination MAC address and VLAN.
Placement of TSN functions depends on the TSN capabilities of nodes. Placement of TSN functions depends on the TSN capabilities of the
MPLS (DetNet) Nodes may or may not support TSN functions. For a nodes along the path. MPLS (DetNet) Nodes may or may not support TSN
given TSN Stream (i.e., DetNet flow) an MPLS (DetNet) node is treated functions. For a given TSN Stream (i.e., DetNet flow) an MPLS
as a Talker or a Listener inside the TSN sub-network. (DetNet) node is treated as a Talker or a Listener inside the TSN
sub-network.
4.1. Functions for DetNet Flow to TSN Stream Mapping 4.1. Functions for DetNet Flow to TSN Stream Mapping
Mapping of a DetNet MPLS flow to a TSN Stream is provided via the Mapping of a DetNet MPLS flow to a TSN Stream is provided via the
combination of a passive and an active stream identification function combination of a passive and an active stream identification function
that operate at the frame level. The passive stream identification that operate at the frame level. The passive stream identification
function is used to catch the MPLS label(s) of a DetNet MPLS flow and function is used to catch the MPLS label(s) of a DetNet MPLS flow and
the active stream identification function is used to modify the the active stream identification function is used to modify the
Ethernet header according to the ID of the mapped TSN Stream. Ethernet header according to the ID of the mapped TSN Stream.
skipping to change at page 7, line 38 skipping to change at page 7, line 45
TSN-unaware TSN-unaware
Talker / TSN-Bridge Talker / TSN-Bridge
Listener Relay Listener Relay
<----- TSN Sub-network ----- <----- TSN Sub-network -----
<------- TSN-aware Tlk/Lstn -------> <------- TSN-aware Tlk/Lstn ------->
Note: * no service sub-layer required for transit nodes Note: * no service sub-layer required for transit nodes
Figure 2: MPLS (DetNet) Node with TSN Functions Figure 2: MPLS (DetNet) Node with TSN Functions
A TSN-aware MPLS (DetNet) node impementations must support the Stream A TSN-aware MPLS (DetNet) node implementation must support the Stream
Identification TSN component for recognizing flows. Identification TSN component for recognizing flows.
A Stream identification component must be able to instantiate the A Stream identification component must be able to instantiate the
following functions (1) Active Destination MAC and VLAN Stream following functions (1) Active Destination MAC and VLAN Stream
identification function, (2) Mask-and-Match Stream identification identification function, (2) Mask-and-Match Stream identification
function and (3) the related managed objects in Clause 9 of IEEE function and (3) the related managed objects in Clause 9 of IEEE
802.1CB [IEEE8021CB] and IEEE P802.1CBdb [IEEEP8021CBdb]. 802.1CB [IEEE8021CB] and IEEE P802.1CBdb [IEEEP8021CBdb].
A TSN-aware MPLS (DetNet) node implementations must support the A TSN-aware MPLS (DetNet) node implementation must support the
Sequencing function and the Sequence encode/decode function as Sequencing function and the Sequence encode/decode function as
defined in Clause 7.4 and 7.6 of IEEE 802.1CB [IEEE8021CB] if FRER is defined in Clause 7.4 and 7.6 of IEEE 802.1CB [IEEE8021CB] if FRER is
used inside the TSN sub-network. used inside the TSN sub-network.
The Sequence encode/decode function must support the Redundancy tag The Sequence encode/decode function must support the Redundancy tag
(R-TAG) format as per Clause 7.8 of IEEE 802.1CB [IEEE8021CB]. (R-TAG) format as per Clause 7.8 of IEEE 802.1CB [IEEE8021CB].
A TSN-aware MPLS (DetNet) node implementations must support the A TSN-aware MPLS (DetNet) node implementation must support the Stream
Stream splitting function and the Individual recovery function as splitting function and the Individual recovery function as defined in
defined in Clause 7.7 and 7.5 of IEEE 802.1CB [IEEE8021CB] when the Clause 7.7 and 7.5 of IEEE 802.1CB [IEEE8021CB] when the node is a
node is a replication or elimination point for FRER. replication or elimination point for FRER.
4.3. Service protection within the TSN sub-network 4.3. Service protection within the TSN sub-network
TSN Streams supporting DetNet flows may use Frame Replication and TSN Streams supporting DetNet flows may use Frame Replication and
Elimination for Redundancy (FRER) as defined in Clause 8. of IEEE Elimination for Redundancy (FRER) as defined in Clause 8. of IEEE
802.1CB [IEEE8021CB] based on the loss service requirements of the 802.1CB [IEEE8021CB] based on the loss service requirements of the
TSN Stream, which is derived from the DetNet service requirements of TSN Stream, which is derived from the DetNet service requirements of
the DetNet mapped flow. The specific operation of FRER is not the DetNet mapped flow. The specific operation of FRER is not
modified by the use of DetNet and follows IEEE 802.1CB [IEEE8021CB]. modified by the use of DetNet and follows IEEE 802.1CB [IEEE8021CB].
skipping to change at page 9, line 6 skipping to change at page 9, line 11
DetNet flow and TSN Stream mapping related information are required DetNet flow and TSN Stream mapping related information are required
only for TSN-aware MPLS (DetNet) nodes. From the Data Plane only for TSN-aware MPLS (DetNet) nodes. From the Data Plane
perspective there is no practical difference based on the origin of perspective there is no practical difference based on the origin of
flow mapping related information (management plane or control plane). flow mapping related information (management plane or control plane).
The following summarizes the set of information that is needed to The following summarizes the set of information that is needed to
configure DetNet MPLS over TSN: configure DetNet MPLS over TSN:
o DetNet MPLS related configuration information according to the o DetNet MPLS related configuration information according to the
DetNet role of the DetNet MPLS node, as per DetNet role of the DetNet MPLS node, as per [RFC8964].
[I-D.ietf-detnet-mpls].
o TSN related configuration information according to the TSN role of o TSN related configuration information according to the TSN role of
the DetNet MPLS node, as per [IEEE8021Q], [IEEE8021CB] and the DetNet MPLS node, as per [IEEE8021Q], [IEEE8021CB] and
[IEEEP8021CBdb]. [IEEEP8021CBdb].
o Mapping between DetNet MPLS flow(s) (label information: A-labels, o Mapping between DetNet MPLS flow(s) (label information: A-labels,
S-labels and F-labels as defined in [I-D.ietf-detnet-mpls]) and S-labels and F-labels as defined in [RFC8964]) and TSN Stream(s)
TSN Stream(s) (as stream identification information defined in (as stream identification information defined in [IEEEP8021CBdb]).
[IEEEP8021CBdb]). Note, that managed objects for TSN Stream Note, that managed objects for TSN Stream identification can be
identification can be found in [IEEEP8021CBcv]. found in [IEEEP8021CBcv].
This information must be provisioned per DetNet flow. This information must be provisioned per DetNet flow.
Mappings between DetNet and TSN management and control planes are out Mappings between DetNet and TSN management and control planes are out
of scope of the document. Some of the challanges are highligthed of scope of the document. Some of the challenges are highlighted
below. below.
TSN-aware MPLS DetNet nodes are member of both the DetNet domain and TSN-aware MPLS DetNet nodes are member of both the DetNet domain and
the TSN sub-network. Within the TSN sub-network the TSN-aware MPLS the TSN sub-network. Within the TSN sub-network the TSN-aware MPLS
(DetNet) node has a TSN-aware Talker/Listener role, so TSN specific (DetNet) node has a TSN-aware Talker/Listener role, so TSN specific
management and control plane functionalities must be implemented. management and control plane functionalities must be implemented.
There are many similarities in the management plane techniques used There are many similarities in the management plane techniques used
in DetNet and TSN, but that is not the case for the control plane in DetNet and TSN, but that is not the case for the control plane
protocols. For example, RSVP-TE and MSRP behaves differently. protocols. For example, RSVP-TE and MSRP behaves differently.
Therefore management and control plane design is an important aspect Therefore management and control plane design is an important aspect
skipping to change at page 10, line 28 skipping to change at page 10, line 33
Configuration of TSN specific functions (e.g., FRER) inside the TSN Configuration of TSN specific functions (e.g., FRER) inside the TSN
sub-network is a TSN domain specific decision and may not be visible sub-network is a TSN domain specific decision and may not be visible
in the DetNet domain. Service protection interworking scenarios are in the DetNet domain. Service protection interworking scenarios are
left for further study. left for further study.
6. Security Considerations 6. Security Considerations
Security considerations for DetNet are described in detail in Security considerations for DetNet are described in detail in
[I-D.ietf-detnet-security]. General security considerations are [I-D.ietf-detnet-security]. General security considerations are
described in [RFC8655]. DetNet MPLS data plane specific described in [RFC8655]. DetNet MPLS data plane specific
considerations are summarized in [I-D.ietf-detnet-mpls]. This considerations are summarized in [RFC8964]. This section considers
section considers exclusively security considerations which are exclusively security considerations which are specific to the DetNet
specific to the DetNet MPLS over TSN sub-network scenario. MPLS over TSN sub-network scenario.
The sub-network between DetNet nodes needs to be subject to The sub-network between DetNet nodes needs to be subject to
appropriate confidentiality. Additionally, knowledge of what DetNet/ appropriate confidentiality. Additionally, knowledge of what DetNet/
TSN services are provided by a sub-network may supply information TSN services are provided by a sub-network may supply information
that can be used in a variety of security attacks. The ability to that can be used in a variety of security attacks. The ability to
modify information exchanges between connected DetNet nodes may modify information exchanges between connected DetNet nodes may
result in bogus operations. Therefore, it is important that the result in bogus operations. Therefore, it is important that the
interface between DetNet nodes and TSN sub-network are subject to interface between DetNet nodes and TSN sub-network are subject to
authorization, authentication, and encryption. authorization, authentication, and encryption.
skipping to change at page 11, line 15 skipping to change at page 11, line 19
8. Acknowledgements 8. Acknowledgements
The authors wish to thank Norman Finn, Lou Berger, Craig Gunther, The authors wish to thank Norman Finn, Lou Berger, Craig Gunther,
Christophe Mangin and Jouni Korhonen for their various contributions Christophe Mangin and Jouni Korhonen for their various contributions
to this work. to this work.
9. References 9. References
9.1. Normative References 9.1. Normative References
[I-D.ietf-detnet-mpls] [IEEE8021CB]
Varga, B., Farkas, J., Berger, L., Malis, A., Bryant, S., IEEE 802.1, "Standard for Local and metropolitan area
and J. Korhonen, "DetNet Data Plane: MPLS", draft-ietf- networks - Frame Replication and Elimination for
detnet-mpls-13 (work in progress), October 2020. Reliability (IEEE Std 802.1CB-2017)", 2017,
<http://standards.ieee.org/about/get/>.
[IEEEP8021CBdb]
Mangin, C., "Extended Stream identification functions",
IEEE P802.1CBdb /D1.0 P802.1CBdb, September 2020,
<http://www.ieee802.org/1/files/private/db-drafts/d1/802-
1CBdb-d1-0.pdf>.
[RFC3031] Rosen, E., Viswanathan, A., and R. Callon, "Multiprotocol [RFC3031] Rosen, E., Viswanathan, A., and R. Callon, "Multiprotocol
Label Switching Architecture", RFC 3031, Label Switching Architecture", RFC 3031,
DOI 10.17487/RFC3031, January 2001, DOI 10.17487/RFC3031, January 2001,
<https://www.rfc-editor.org/info/rfc3031>. <https://www.rfc-editor.org/info/rfc3031>.
[RFC8964] Varga, B., Ed., Farkas, J., Berger, L., Malis, A., Bryant,
S., and J. Korhonen, "Deterministic Networking (DetNet)
Data Plane: MPLS", RFC 8964, DOI 10.17487/RFC8964, January
2021, <https://www.rfc-editor.org/info/rfc8964>.
9.2. Informative References 9.2. Informative References
[I-D.ietf-detnet-security] [I-D.ietf-detnet-security]
Grossman, E., Mizrahi, T., and A. Hacker, "Deterministic Grossman, E., Mizrahi, T., and A. Hacker, "Deterministic
Networking (DetNet) Security Considerations", draft-ietf- Networking (DetNet) Security Considerations", draft-ietf-
detnet-security-12 (work in progress), October 2020. detnet-security-13 (work in progress), December 2020.
[IEEE802.1AE-2018] [IEEE802.1AE-2018]
IEEE Standards Association, "IEEE Std 802.1AE-2018 MAC IEEE Standards Association, "IEEE Std 802.1AE-2018 MAC
Security (MACsec)", 2018, Security (MACsec)", 2018,
<https://ieeexplore.ieee.org/document/8585421>. <https://ieeexplore.ieee.org/document/8585421>.
[IEEE8021CB]
IEEE 802.1, "Standard for Local and metropolitan area
networks - Frame Replication and Elimination for
Reliability (IEEE Std 802.1CB-2017)", 2017,
<http://standards.ieee.org/about/get/>.
[IEEE8021Q] [IEEE8021Q]
IEEE 802.1, "Standard for Local and metropolitan area IEEE 802.1, "Standard for Local and metropolitan area
networks--Bridges and Bridged Networks (IEEE Std 802.1Q- networks--Bridges and Bridged Networks (IEEE Std 802.1Q-
2018)", 2018, <http://standards.ieee.org/about/get/>. 2018)", 2018, <http://standards.ieee.org/about/get/>.
[IEEEP8021CBcv] [IEEEP8021CBcv]
Kehrer, S., "FRER YANG Data Model and Management Kehrer, S., "FRER YANG Data Model and Management
Information Base Module", IEEE P802.1CBcv Information Base Module", IEEE P802.1CBcv
/D0.4 P802.1CBcv, August 2020, /D0.4 P802.1CBcv, August 2020,
<https://www.ieee802.org/1/files/private/cv-drafts/d0/802- <https://www.ieee802.org/1/files/private/cv-drafts/d0/802-
1CBcv-d0-4.pdf>. 1CBcv-d0-4.pdf>.
[IEEEP8021CBdb]
Mangin, C., "Extended Stream identification functions",
IEEE P802.1CBdb /D1.0 P802.1CBdb, September 2020,
<http://www.ieee802.org/1/files/private/db-drafts/d1/802-
1CBdb-d1-0.pdf>.
[RFC8655] Finn, N., Thubert, P., Varga, B., and J. Farkas, [RFC8655] Finn, N., Thubert, P., Varga, B., and J. Farkas,
"Deterministic Networking Architecture", RFC 8655, "Deterministic Networking Architecture", RFC 8655,
DOI 10.17487/RFC8655, October 2019, DOI 10.17487/RFC8655, October 2019,
<https://www.rfc-editor.org/info/rfc8655>. <https://www.rfc-editor.org/info/rfc8655>.
Authors' Addresses Authors' Addresses
Balazs Varga (editor) Balazs Varga (editor)
Ericsson Ericsson
Magyar Tudosok krt. 11. Magyar Tudosok krt. 11.
 End of changes. 33 change blocks. 
76 lines changed or deleted 86 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/