< draft-ietf-trill-transport-over-mpls-07.txt   draft-ietf-trill-transport-over-mpls-08.txt >
INTERNET-DRAFT Mohammed Umair INTERNET-DRAFT Mohammed Umair
Intended Status: Informational Intended Status: Informational Kingston Smiler Selvaraj
Kingston Smiler Selvaraj
IPInfusion IPInfusion
Donald Eastlake 3rd Donald Eastlake 3rd
Huawei Huawei
Lucy Yong Lucy Yong
Self Self
Expires: July 18, 2018 January 19, 2018 Expires: September 17, 2018 March 18, 2018
TRILL Transparent Transport over MPLS TRILL Transparent Transport over MPLS
draft-ietf-trill-transport-over-mpls-07.txt draft-ietf-trill-transport-over-mpls-08.txt
Abstract Abstract
This document specifies methods to interconnect multiple Transparent This document specifies methods to interconnect multiple Transparent
Interconnection of Lots of links (TRILL) sites with an intervening Interconnection of Lots of links (TRILL) sites with an intervening
MPLS network using existing TRILL and VPLS standards. This draft MPLS network using existing TRILL and VPLS standards. This draft
addresses two problems as follows: addresses two problems as follows:
1) Providing connection between more than two TRILL sites that are 1) Providing connection between more than two TRILL sites that are
separated by an MPLS provider network. separated by an MPLS provider network.
skipping to change at page 2, line 34 skipping to change at page 2, line 34
4.1.2 Virtual TRILL Switch/Service Domain (VTSD)..........12 4.1.2 Virtual TRILL Switch/Service Domain (VTSD)..........12
4.2 TRILL Adjacency for VPTS model........................12 4.2 TRILL Adjacency for VPTS model........................12
4.3 MPLS encapsulation for VPTS model.....................12 4.3 MPLS encapsulation for VPTS model.....................12
4.4 Loop Free provider PSN/MPLS...........................12 4.4 Loop Free provider PSN/MPLS...........................12
4.5. Frame Processing.....................................13 4.5. Frame Processing.....................................13
4.5.1 Multi-Destination Frame Processing..................13 4.5.1 Multi-Destination Frame Processing..................13
4.5.2 Unicast Frame Processing............................13 4.5.2 Unicast Frame Processing............................13
5. VPTS Model Versus VPLS Model...........................14 5. VPTS Model Versus VPLS Model...........................14
6. Packet Processing Between Pseudowires..................14 6. Packet Processing Between Pseudowires..................14
7. Efficiency Considerations..............................15
7. Efficiency Considerations..............................15
8. Security Considerations................................15 8. Security Considerations................................15
9. IANA Considerations....................................15 9. IANA Considerations....................................16
Normative References......................................16 Normative References......................................17
Informative References....................................17 Informative References....................................18
Acknowledgements..........................................18 Acknowledgements..........................................19
Authors' Addresses........................................18 Authors' Addresses........................................19
INTERNET-DRAFT TRILL Transparent Transport over MPLS INTERNET-DRAFT TRILL Transparent Transport over MPLS
1. Introduction 1. Introduction
The IETF Transparent Interconnection of Lots of Links (TRILL) The IETF Transparent Interconnection of Lots of Links (TRILL)
protocol [RFC6325] [RFC7177] [RFC7780] provides transparent protocol [RFC6325] [RFC7177] [RFC7780] provides transparent
forwarding in multi-hop networks with arbitrary topology and link forwarding in multi-hop networks with arbitrary topology and link
technologies using a header with a hop count and link-state routing. technologies using a header with a hop count and link-state routing.
TRILL provides optimal pair-wise forwarding without configuration, TRILL provides optimal pair-wise forwarding without configuration,
skipping to change at page 7, line 7 skipping to change at page 7, line 7
Figure 2 below shows the topological model of TRILL over MPLS to Figure 2 below shows the topological model of TRILL over MPLS to
connect multiple TRILL sites belonging to a tenant. (Tenant here is a connect multiple TRILL sites belonging to a tenant. (Tenant here is a
TRILL campus, not a specific Data label.) VSI1 and VSI2 are two TRILL campus, not a specific Data label.) VSI1 and VSI2 are two
Virtual Service Instances that segregate Tenant1's traffic from other Virtual Service Instances that segregate Tenant1's traffic from other
tenant traffic. VSI1 will maintain its own database for Tenant1, tenant traffic. VSI1 will maintain its own database for Tenant1,
similarly VSI2 will maintain its own database for Tenant2. similarly VSI2 will maintain its own database for Tenant2.
INTERNET-DRAFT TRILL Transparent Transport over MPLS INTERNET-DRAFT TRILL Transparent Transport over MPLS
+-----+ ............................ +-----+ +-----+ ............................ +-----+
|RBat1+---+ . ++++++++++++++++++++++++ . +---|RBbt1| |RBat1+---+ . ++++++++++++++++++++++++ . +---|RBbt1|
+-----+ | . + + . | +-----+ +-----+ | . + + . | +-----+
Tenant1 Site 1 | +----+ +----+ | Tenant1 Site2 Tenant1 | +----+ +----+ | Tenant1
+----|VSI1| |VSI1|----+ Site 1 +----|VSI1| |VSI1|----+ Site 2
+----|VSI2| MPLS Cloud |VSI2|----+ +----|VSI2| MPLS Cloud |VSI2|----+
| +----+ +----+ | | +----+ +----+ |
+-----+ | . + + . | +-----+ +-----+ | . + + . | +-----+
|RBat2+---+ . +++++++++ +----+ ++++++++ . +---|RBbt2| |RBat2+---+ . +++++++++ +----+ ++++++++ . +---|RBbt2|
+-----+ ............|VSI1|........... +-----+ +-----+ ............|VSI1|........... +-----+
Tenant2 Site 2 |VSI2| ^ Tenant2 Site2 Tenant2 |VSI2| ^ Tenant2
+----+ | Site 1 +----+ | Site 2
| | | |
+-----+ +-----Emulated +-----+ +-----Emulated
|RBct2| LAN |RBct2| LAN
+-----+ +-----+
Tenant2 Site 3 Tenant2 Site 3
.... VSI1 Path .... VSI1 Path
++++ VSI2 Path ++++ VSI2 Path
Figure 2. Topological Model for VPLS Model Figure 2. Topological Model for VPLS Model
connecting 2 Tenants with 3 sites each connecting 2 Tenants with 3 sites each
In this model, TRILL sites are connected to VPLS-capable PE devices In this model, TRILL sites are connected to VPLS-capable PE devices
that provide a logical interconnect, such that TRILL RBridges that provide a logical interconnect, such that TRILL RBridges
belonging to a specific tenant connected via an single bridged belonging to a specific tenant connected via an single bridged
Ethernet. These PE devices are the same as the PE devices specified Ethernet. These PE devices are the same as the PE devices specified
in [RFC4026]. The Attachment Circuit ports of PE Routers are layer 2 in [RFC4026]. The Attachment Circuit ports of PE Routers are layer 2
switch ports that are connected to the RBridges at a TRILL site. Here switch ports that are connected to the RBridges at a TRILL site. Here
skipping to change at page 11, line 7 skipping to change at page 11, line 7
Figure 4 below extends the topological model of TRILL over MPLS to Figure 4 below extends the topological model of TRILL over MPLS to
connect multiple TRILL sites belonging to a tenant (tenant here is a connect multiple TRILL sites belonging to a tenant (tenant here is a
campus, not a Data label) using VPTS model. VTSD1 and VTSD2 are two campus, not a Data label) using VPTS model. VTSD1 and VTSD2 are two
Virtual TRILL Switch Domains (Virtual RBridges) that segregate Virtual TRILL Switch Domains (Virtual RBridges) that segregate
Tenant1's traffic from Tenant2's traffic. VTSD1 will maintain its own Tenant1's traffic from Tenant2's traffic. VTSD1 will maintain its own
TRILL database for Tenant1. Similarly VTSD2 will maintain its own TRILL database for Tenant1. Similarly VTSD2 will maintain its own
TRILL database for Tenant2. TRILL database for Tenant2.
INTERNET-DRAFT TRILL Transparent Transport over MPLS INTERNET-DRAFT TRILL Transparent Transport over MPLS
+-----+ ............................ +-----+ +-----+ ............................ +-----+
|RBat1+---+ . ######################## . +---|RBbt1| |RBat1+---+ . ######################## . +---|RBbt1|
+-----+ | . # # . | +-----+ +-----+ | . # # . | +-----+
Tenant1 Site 1| +-----+ +-----+ | Tenant1 Site 2 Tenant1 | +-----+ +-----+ | Tenant1
+----|VTSD1| |VTSD1|----+ Site 1 +----|VTSD1| |VTSD1|----+ Site 2
+----|VTSD2| MPLS Cloud |VTSD2|----+ +----|VTSD2| MPLS Cloud |VTSD2|----+
| +-----+ +-----+ | | +-----+ +-----+ |
+-----+ | . # # . | +-----+ +-----+ | . # # . | +-----+
|RBat2+---+ . #########+-----+######### . +---|RBbt2| |RBat2+---+ . #########+-----+######### . +---|RBbt2|
+-----+ ...........|VTSD1|........... +-----+ +-----+ ...........|VTSD1|........... +-----+
Tenant2 Site2 |VTSD2| ^ Tenant2 Site 2 Tenant2 |VTSD2| ^ Tenant2
+-----+ | Site 1 +-----+ | Site 2
| | | |
+-----+ +-----Emulated +-----+ +-----Emulated
|RBct2| TRILL |RBct2| TRILL
+-----+ +-----+
Tenant2 Site 3 Tenant2 Site 3
.... VTSD1 Connectivity .... VTSD1 Connectivity
#### VTSD2 Connectivity #### VTSD2 Connectivity
Figure 4. Topological Model of VPTS/TIR Figure 4. Topological Model of VPTS/TIR
connecting 2 tenants with three TRILL Sites connecting 2 tenants with three TRILL Sites
4.1 Entities in the VPTS Model 4.1 Entities in the VPTS Model
The CE devices are defined in [RFC4026]. The CE devices are defined in [RFC4026].
The Generic L2VPN Transport Functional Components like Attachment The Generic L2VPN Transport Functional Components like Attachment
Circuits, Pseudowires etc. are defined in [RFC4664]. Circuits, Pseudowires etc. are defined in [RFC4664].
skipping to change at page 15, line 17 skipping to change at page 15, line 17
7. Efficiency Considerations 7. Efficiency Considerations
Since the VPTS Model uses Distribution trees for processing of multi- Since the VPTS Model uses Distribution trees for processing of multi-
destination data packets, it is always advisable to have at least one destination data packets, it is always advisable to have at least one
Distribution tree root to be located in every TRILL site. This will Distribution tree root to be located in every TRILL site. This will
avoid data packets getting received at TRILL sites where end-station avoid data packets getting received at TRILL sites where end-station
service is not enabled for that data packet. service is not enabled for that data packet.
8. Security Considerations 8. Security Considerations
As an informational document specifying methods that use only This document specifies methods using existing standards and
existing standards and facilities, this document has no effect on facilities in ways that do not create new security problems.
security.
For general TRILL security considerations, see [RFC6325] For general VPLS security considerations, including discussion of
isolating customers from each other, see [RFC4761] and [RFC4762].
For transport of TRILL by Pseudowires security consideration, see For transport of TRILL by Pseudowires security consideration, see
[RFC7173]. [RFC7173]. In particular, since pseudowires are support by MPLS or IP
which are in turn supported by a link layer, that document recommends
using IP security, such as IPsec [RFC4301] or DTLS [RFC6347], or the
lower link layer security, such as MACSEC [802.1AE] for Ethernet
links.
For general VPLS security considerations, see [RFC4761] and [RFC4762] Transmission outside the customer environment through the provider
environment, as described in this document, increases risk of
compromise or injection of false data through failure of tenant
isolation or by the provider. In the VPLS model (Section 3), the use
of link encryption and authentication between the CEs of a tenant
that is being connected through provider facilities should be a good
defense. In the VPTS model (Section 4), it is assumed that the CEs
will peer with virtual TRILL switches of the provider network and
thus link security between TRILL switch ports is inadequate as it
will terminate at the edge PE. Thus, end station to end station
encryption and authentication is more appropriate for the VPTS model.
For added security against the compromise of data end-to-end
encryption and authentication should be considered; that is,
encryption and authentication from source end station to destination
end station. This would typically be provided by IPsec [RFC4301] or
DTLS [RFC6347] or other protocols convenient to protect information
of concern.
For general TRILL security considerations, see [RFC6325].
INTERNET-DRAFT TRILL Transparent Transport over MPLS
9. IANA Considerations 9. IANA Considerations
This document requires no IANA actions. RFC Editor: Please delete This document requires no IANA actions. RFC Editor: Please delete
this section before publication this section before publication
INTERNET-DRAFT TRILL Transparent Transport over MPLS INTERNET-DRAFT TRILL Transparent Transport over MPLS
Normative References Normative References
skipping to change at page 17, line 9 skipping to change at page 18, line 9
[RFC7780] Eastlake 3rd, D., Zhang, M., Perlman, R., Banerjee, A., [RFC7780] Eastlake 3rd, D., Zhang, M., Perlman, R., Banerjee, A.,
Ghanwani, A., and S. Gupta, "Transparent Interconnection of Ghanwani, A., and S. Gupta, "Transparent Interconnection of
Lots of Links (TRILL): Clarifications, Corrections, and Lots of Links (TRILL): Clarifications, Corrections, and
Updates", RFC 7780, DOI 10.17487/RFC7780, February 2016, Updates", RFC 7780, DOI 10.17487/RFC7780, February 2016,
<https://www.rfc-editor.org/info/rfc7780>. <https://www.rfc-editor.org/info/rfc7780>.
INTERNET-DRAFT TRILL Transparent Transport over MPLS INTERNET-DRAFT TRILL Transparent Transport over MPLS
Informative References Informative References
[802.1AE] "IEEE Standard for Local and metropolitan area networks--
Media Access Control (MAC) Security.", 2006.
[RFC4026] Andersson, L. and T. Madsen, "Provider Provisioned Virtual [RFC4026] Andersson, L. and T. Madsen, "Provider Provisioned Virtual
Private Network (VPN) Terminology", RFC 4026, DOI Private Network (VPN) Terminology", RFC 4026, DOI
10.17487/RFC4026, March 2005, <https://www.rfc- 10.17487/RFC4026, March 2005, <https://www.rfc-
editor.org/info/rfc4026>. editor.org/info/rfc4026>.
[RFC4301] Kent, S. and K. Seo, "Security Architecture for the
Internet Protocol", RFC 4301, DOI 10.17487/RFC4301, December
2005, <https://www.rfc-editor.org/info/rfc4301>.
[RFC4664] Andersson, L., Ed., and E. Rosen, Ed., "Framework for Layer [RFC4664] Andersson, L., Ed., and E. Rosen, Ed., "Framework for Layer
2 Virtual Private Networks (L2VPNs)", RFC 4664, DOI 2 Virtual Private Networks (L2VPNs)", RFC 4664, DOI
10.17487/RFC4664, September 2006, <https://www.rfc- 10.17487/RFC4664, September 2006, <https://www.rfc-
editor.org/info/rfc4664>. editor.org/info/rfc4664>.
[RFC6347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer
Security Version 1.2", RFC 6347, DOI 10.17487/RFC6347, January
2012, <https://www.rfc-editor.org/info/rfc6347>.
[RFC7041] Balus, F., Ed., Sajassi, A., Ed., and N. Bitar, Ed., [RFC7041] Balus, F., Ed., Sajassi, A., Ed., and N. Bitar, Ed.,
"Extensions to the Virtual Private LAN Service (VPLS) Provider "Extensions to the Virtual Private LAN Service (VPLS) Provider
Edge (PE) Model for Provider Backbone Bridging", RFC 7041, DOI Edge (PE) Model for Provider Backbone Bridging", RFC 7041, DOI
10.17487/RFC7041, November 2013, <https://www.rfc- 10.17487/RFC7041, November 2013, <https://www.rfc-
editor.org/info/rfc7041>. editor.org/info/rfc7041>.
[RFC7172] Eastlake 3rd, D., Zhang, M., Agarwal, P., Perlman, R., and [RFC7172] Eastlake 3rd, D., Zhang, M., Agarwal, P., Perlman, R., and
D. Dutt, "Transparent Interconnection of Lots of Links (TRILL): D. Dutt, "Transparent Interconnection of Lots of Links (TRILL):
Fine-Grained Labeling", RFC 7172, DOI 10.17487/RFC7172, May Fine-Grained Labeling", RFC 7172, DOI 10.17487/RFC7172, May
2014, <https://www.rfc-editor.org/info/rfc7172>. 2014, <https://www.rfc-editor.org/info/rfc7172>.
INTERNET-DRAFT TRILL Transparent Transport over MPLS INTERNET-DRAFT TRILL Transparent Transport over MPLS
Acknowledgements Acknowledgements
The contributions of Andrew G. Malis is gratefully acknowledged in The contributions of Andrew G. Malis are gratefully acknowledged in
improving the quality of this document. improving the quality of this document.
The document was prepared in raw nroff. All macros used were defined
within the source file.
Authors' Addresses Authors' Addresses
Mohammed Umair Mohammed Umair
Cisco Systems Cisco Systems
SEZ, Cessna Business Park SEZ, Cessna Business Park
Sarjapur - Marathahalli Outer Ring road Sarjapur - Marathahalli Outer Ring road
Bengaluru - 560103, India Bengaluru - 560103, India
EMail: mohammed.umair2@gmail.com EMail: mohammed.umair2@gmail.com
 End of changes. 21 change blocks. 
58 lines changed or deleted 90 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/