idnits 2.17.1 draft-fedyk-ccamp-uni-extensions-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The abstract seems to contain references ([RFC4208], [RFC4847]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (February 18, 2013) is 4083 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Obsolete informational reference (is this intentional?): RFC 5996 (Obsoleted by RFC 7296) -- Obsolete informational reference (is this intentional?): RFC 4835 (Obsoleted by RFC 7321) Summary: 1 error (**), 0 flaws (~~), 1 warning (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group D. Fedyk 3 Internet Draft D. Beller 4 Intended status: Standards Track Lieven Levrau 5 Alcatel-Lucent 6 D. Ceccarelli 7 Ericsson 8 F. Zhang 9 Huawei Technologies 10 Y. Tochio 11 Fujitsu 13 Expires: August 22, 2013 February 18, 2013 15 UNI Extensions for Diversity and Latency Support 16 draft-fedyk-ccamp-uni-extensions-00.txt 18 Status of this Memo 20 This Internet-Draft is submitted in full conformance with the 21 provisions of BCP 78 and BCP 79. 23 Internet-Drafts are working documents of the Internet Engineering 24 Task Force (IETF), its areas, and its working groups. Note that 25 other groups may also distribute working documents as Internet- 26 Drafts. 28 Internet-Drafts are draft documents valid for a maximum of six months 29 and may be updated, replaced, or obsoleted by other documents at any 30 time. It is inappropriate to use Internet-Drafts as reference 31 material or to cite them other than as "work in progress." 33 The list of current Internet-Drafts can be accessed at 34 http://www.ietf.org/ietf/1id-abstracts.txt 36 The list of Internet-Draft Shadow Directories can be accessed at 37 http://www.ietf.org/shadow.html 39 Copyright Notice 41 Copyright (c) 2013 IETF Trust and the persons identified as the 42 document authors. All rights reserved. 44 This document is subject to BCP 78 and the IETF Trust's Legal 45 Provisions Relating to IETF Documents 46 (http://trustee.ietf.org/license-info) in effect on the date of 47 publication of this document. Please review these documents 48 carefully, as they describe your rights and restrictions with respect 49 to this document. Code Components extracted from this document must 50 include Simplified BSD License text as described in Section 4.e of 51 the Trust Legal Provisions and are provided without warranty as 52 described in the Simplified BSD License. 54 Abstract 56 This document builds on the GMPLS overlay model [RFC4208] and defines 57 extensions to the GMPLS User-Network Interface (UNI) to support route 58 diversity within the core network for sets of LSPs initiated by edge 59 nodes. A particular example where route diversity within the core 60 network is desired, are dual-homed edge nodes. The document also 61 defines GMPLS UNI extensions to deal with latency requirements for 62 edge node initiated LSPs. 64 This document uses a VPN model that is based on the same premise as 65 L1VPN framework [RFC4847] but may also be applied to other 66 technologies. The extensions are applicable both to VPN and non VPN 67 environments. These extensions move the UNI from basic connectivity 68 to enhanced mode connectivity by including additional constraints 69 while minimizing the exchange of CE to PE information. These 70 extensions are applicable to the overlay extension service model. 71 Route Diversity for customer LSPs are a common requirement applicable 72 to L1VPNs. The UNI mechanisms described in this document are L1VPN 73 compatible and can be applied to achieve diversity for sets of 74 customer LSPs. 76 The UNI extensions in support of latency constraints can also be 77 applied to the extended overlay service model in order for the 78 customer LSPs to meet certain latency requirements. 80 Table of Contents 82 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 83 2. Conventions used in this document . . . . . . . . . . . . . . . 4 84 3. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 4 85 4. LSP Diversity in the Overlay Extension Service Model . . . . . 4 86 4.1. LSP diversity for dual-homed customer edge (CE) devices . . 5 87 4.1.1. Exchanging SRLG information between the PEs via the 88 CE device . . . . . . . . . . . . . . . . . . . . . . . 7 89 4.1.1.1. Operational Procedures . . . . . . . . . . . . . . 8 90 4.1.1.2. Error handling procedures . . . . . . . . . . . . . 9 91 4.1.2. Using Path Affinity Set extension . . . . . . . . . . . 9 92 4.1.2.1. Operational Procedures . . . . . . . . . . . . . . 12 93 4.1.2.2. Error handling procedures . . . . . . . . . . . . . 13 94 4.1.2.3. Distribution of the Path Affinity Set information . 13 95 5. Latency signaling . . . . . . . . . . . . . . . . . . . . . . . 14 96 6. Security Considerations . . . . . . . . . . . . . . . . . . . . 15 97 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 15 98 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 15 99 8.1. Normative References . . . . . . . . . . . . . . . . . . . 15 100 8.2. Informative References . . . . . . . . . . . . . . . . . . 16 101 9. Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 17 103 1. Introduction 105 This document builds on the GMPLS overlay model [RFC4208] and defines 106 extensions to the GMPLS User-Network Interface (UNI) to support route 107 diversity within the core network for sets of LSPs initiated by edge 108 nodes. In the following, the term customer edge (CE) device node is 109 used synonymously for the term edge node (EN) as in [RFC4208]. 111 Moreover, the VPN terminology (CE and PE) [RFC4026] is used below 112 when the core network is a VPN but is also applicable to UNI 113 interfaces [RFC4208]. 115 This document uses a VPN model that is based on the same premise as 116 L1VPN framework [RFC4847] but may also be applied to other 117 technologies. The extensions are applicable both to VPN and non VPN 118 environments. These extensions move the UNI from basic connectivity 119 to enhanced mode connectivity by including additional constraints 120 while minimizing the exchange of CE to PE information. These 121 extensions are applicable to the overlay extension service model. 123 The overlay model assumes a UNI interface between the edge nodes of 124 the respective transport domains. Route diversity for LSPs from 125 single homed CE and dual-home CEs is a common requirement in optical 126 transport networks. This document describes two signaling variations 127 that may be used for supporting LSP diversity within the overlay 128 extension service model considering dual-homing. Dual-homing is 129 typically used to avoid a single point of failure (UNI link, PE) or 130 if two disjoint connections are forming a protection group. While 131 both methods are similar in that they utilize common mechanisms in 132 the PE network to achieve diversity, they are distinguished according 133 to whether the CE is permitted to retrieve provider SRLG diversity 134 information for an LSP from a PE1 and pass it on to a PE2 (SRLG 135 information is shared with the CE), or whether a new attribute is 136 used that allows the PE2 that receives this attribute to derive the 137 SRLG information for an LSP based on this attribute value. 139 The extended overlay service model can support other extensions for 140 VPN signaling, for example, those related to latency. When requesting 141 diverse LSPs, latency may also be an additional requirement. 143 2. Conventions used in this document 145 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 146 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 147 document are to be interpreted as described in RFC-2119 [RFC2119]. 149 In this document, these words will appear with that interpretation 150 only when in ALL CAPS. Lower case uses of these words are not to be 151 interpreted as carrying RFC-2119 significance. 153 3. Contributors 155 The Authors would like to thank Eve Varma and Sergio Belotti for 156 their review and contributions to this document. 158 4. LSP Diversity in the Overlay Extension Service Model 160 The L1VPN Framework [RFC4847] (Enhanced Mode) describes the overlay 161 extension service model, which builds upon the UNI Overlay [RFC4208] 162 serving as the interface between the CE edge node and the PE edge 163 node. In this service model, a CE receives a list of CE-PE TE link 164 addresses to which it can request a L1VPN connection (i.e., 165 membership information) and may include additional information 166 concerning these TE links. This document further builds on the 167 overlay extension service model by adding shared constraint 168 information for path diversity in the optical transport network. 169 While the L1VPN for optical transport is an example specific VPN 170 technology the term VPN is used generically since the extensions can 171 apply to GMPLS UNIs and VPNs for other technologies. 173 Two signaling variations are outlined here that may be used for 174 supporting LSP diversity within the overlay extension service model 175 considering dual-homing. While both methods are similar in that they 176 utilize common mechanisms in the PE network to achieve diversity, 177 they are distinguished according to whether the CE is permitted to 178 retrieve provider SRLG diversity information for an LSP from a PE1 179 and pass it on to a PE2 (SRLG information is shared with the CE or 180 whether a new attribute is used that allows the PE2 that receives 181 this attribute to derive the SRLG information for an LSP based on 182 this attribute value. The selection between these methods is governed 183 by both PE-network specific policies and approaches taken (i.e., in 184 terms of how the provider chooses to perform routing internal to 185 their network). 187 The first method (see 3.1.1) assumes that provider Shared Resource 188 Link Group (SRLG) Identifier information is both available and 189 shareable (policy decision) with the CE. Since SRLG IDs can then be 190 used (passed transparently between PEs via the dual-homed CE) as 191 signaled information on a UNI message, a mechanism supporting LSP 192 diversity for the overlay extension service model can be provided via 193 straightforward signaling extensions. 195 The second method (see 3.1.2) assumes that provider SRLG IDs are 196 either not available or not shareable (based on provider network 197 operator policy) with the CE. For this case, a mechanism is provided 198 where information signaled to the PE on UNI messages does not require 199 shared knowledge of provider SRLG IDs to support LSP diversity for 200 the overlay extension model. 202 While both methods could be implemented in the same PE network, it is 203 likely that a GMPLS VPN CE network would use only one mechanism at a 204 time. 206 4.1. LSP diversity for dual-homed customer edge (CE) devices 208 Single-homed CE devices are connected to a single PE device via a 209 single UNI link (could be a bundle of parallel links which are 210 typically using the same fiber cable). This single UNI link may 211 constitute a single point of failure. Such a single point of failure 212 can be avoided when the CE device is connected to two PE devices via 213 two UNI interfaces as depicted for CE1 in Figure 1 below. 215 For the dual-homing case, it is possible to establish two connections 216 from the source CE device to the same destination CE device where one 217 connection is using one UNI link to, for example, PE1 and the other 218 connection is using the UNI link to PE2. In order to avoid single 219 points of failure within the provider network, it is necessary to 220 also ensure path (LSP) diversity within the provider network in order 221 to achieve end-to-end diversity for the two LSPs between the two CE 222 devices. This document describes how it is possible to enable such 223 path diversity to be achieved within the provider network (which is 224 subject to additional routing constraints). [RFC4202] defines SRLG 225 information that can be used to allow GMPLS to provide path diversity 226 in a GMPLS controlled transport network. As the two connections are 227 entering the provider network at different PE devices, the PE device 228 that receives the connection request for the second connection needs 229 to be capable of determining the additional path computation 230 constraints such that the path of the second LSP is disjoint with 231 respect to the already established first connection entering the 232 network at a different PE device. The methods described in this 233 document allow a PE device to determine the SRLG information for a 234 connection in the provider network that is entering the network on a 235 different PE device. 237 PE SRLG information can be used directly by a CE if the CE 238 understands the context, and the CE view is limited to its VPN 239 context. In this case, there is a dependency on the provider 240 information and there is a need to be able to query the SRLG in the 241 provider network. 243 It may, on the other hand, be preferable to avoid this dependency and 244 to decouple the SRLG identifier space used in the provider network 245 from the SRLG space used in the client network. This is possible with 246 both methods detailed below. Even for the method where provider SRLG 247 information is passing through the CE device (note the CE device does 248 not need to process and decode this information) the two SRLG 249 identifier spaces can remain fully decoupled and the operator of the 250 client network is free to assign SRLG identifiers from the client 251 SRLG identifier space to the CE to CE connection that is passing 252 through the provider network. 254 Referring to Figure 1, the UNI signaling mechanism must support at 255 least one of the two mechanisms described in this document for CE 256 dual homing to achieve LSP diversity in the provider network. 258 The described mechanisms can also be applied to a scenario where two 259 CE devices are connected to two different PE devices. In this case, 260 the additional information that is exchanged across the UNI 261 interfaces also needs to be exchanged between the two CE devices in 262 order to achieve the desired diversity in the provider network. 264 This information may be configured or exchanged by some automated 265 mechanism not described in this document. 267 In the dual-homing example, CE1 can locally correlate the LSP 268 requests. For the slightly more complicated example involving CE2 and 269 CE3, both requiring a path that shall be diverse to a connection 270 initiated by the other CE device, CE2 and CE3 need to have a common 271 view of the SRLG information to be signaled. In this document, we 272 detail the required diversity information and the signaling of this 273 diversity information; however, the means for distributing this 274 information within the PE domain or the CE domain is out of scope. 276 +---+ +---+ 277 | P |....| P | 278 +---+ +---+ 279 / \ 280 +-----+ +-----+ +---+ 281 +---+ | PE1 | | |----| | 282 |CE1|----| | | | |CE2| 283 +---+\ +-----+ | |----| | 284 \ | | PE3 | +---+ 285 \ +-----+ | | 286 \| PE2 | | | +---+ 287 | | | |----|CE3| 288 +-----+ +-----+ +---+ 289 \ / 290 +---+ +---+ 291 | P |....| P | 292 +---+ +---+ 294 Figure 1 Overlay Reference Diagram 296 In an overlay model, the information exchanged between the CE and the 297 PE is kept to a minimum. 299 How diversity is achieved, in terms of configuration, distribution 300 and usage in each part of the transport networks should be kept 301 independent and separate from how diversity is signaled at the UNI 302 between the two transport networks. 304 Signaling parameters discussed in this document are: 306 o SRLG information (see [RFC4202]) 308 o Path Affinity Set 310 4.1.1. Exchanging SRLG information between the PEs via the CE device 312 SRLG information is defined in [RFC4202] and if the SRLG information 313 of an LSP is known, it can be used to calculate a path for another 314 LSP that is SRLG diverse with respect to an existing LSP. SRLG 315 information is an unordered list of SRLGs. SRLG information is 316 normally not shared between the transport network and the client 317 network; i.e., not shared with the CEs of a VPN in the VPN context. 318 However, this becomes more challenging when a CE is dual-homed. For 319 example, CE1 in Figure 1 may have requested an LSP1 from CE1 to CE2 320 via PE1 and PE3. CE1 could subsequently request an LSP2 to CE2 via 321 PE2 and PE3 with the requirement that it should be maximally SRLG 322 disjoint with respect to LSP1. Since PE2 does not have any 323 information about LSP1, PE2 would need to know the SRLG information 324 associated with LSP1. If CE1 could request the SRLG information of 325 LSP1 from PE1, it could then transparently pass this information to 326 PE2 as part of the LSP2 setup request, and PE2 would now be capable 327 of calculating a path for LSP2 that is SRLG disjoint with respect to 328 LSP1. 330 The exchange of SRLG information is achieved on a per VPN LSP basis 331 using the existing RSVP-TE signaling procedures. It can be exchanged 332 in the PATH (exclusion information) or RESV message in the original 333 request or it can be requested by the CE at any time the path is 334 active. 336 It shall be noted that SRLG information is an unordered list of SRLG 337 identifiers and the encoding of SRLG information for RSVP signaling 338 is already defined in [SRLG_info]. Even if SRLG information is known 339 for several LSPs it is not possible for the CEs to derive the 340 provider network topology from this information. 342 4.1.1.1. Operational Procedures 344 Retrieving SRLG information from a PE for an existing LSP: 346 When a dual-homed UNI-C intends to establish an LSP to the same 347 destination UNI-C via another PE node, it can request the SRLG 348 information for an already established LSP by setting the SRLG 349 information flag in the LSP attributes sub-object of the RSVP PATH 350 message (IANA to assign the new SRLG flag). As long as the SRLG 351 information flag is set in the PATH message, the PE node inserts the 352 SRLG sub-object as defined in [SRLG_info] into the RSVP RESV message 353 that contains the current SRLG information for the LSP. If the 354 provider network's policy has been configured so as not to share SRLG 355 information with the client network, the SRLG sub-object is not 356 inserted in the PATH message even if the SRLG information flag is 357 set. The PE passes on the SRLG information for the LSP. Note the 358 SRLG information is expected to be up-to-date. 360 Establishment of a new LSP with SRLG diversity constraints: 362 When a dual-homed CE device sends an LSP setup requests to a PE 363 device for a new LSP that is required to be SRLG diverse with respect 364 to an existing LSP that is entering the network via another PE 365 device, the UNI-C sets the SRLG diversity flag (note: IANA to assign 366 the new SRLG diversity flag) in the LSP attributes sub-object of the 367 PATH message that initiates the setup of this new LSP. When the PE 368 device receives this request it calculates a path to the given 369 destination and uses the received SRLG information as path 370 computation constraints. 372 4.1.1.2. Error handling procedures 374 To be added in the next version of the document. 376 4.1.2. Using Path Affinity Set extension 378 The Path Affinity Set (PAS) is used to signal diversity in a pure CE 379 context by abstracting SRLG information. There are two types of 380 diversity information in the PAS. The first type of information is a 381 single PAS identifier. Optionally, more detailed PATH information of 382 an exclude path or set of paths can be specified. The motive behind 383 the PAS information is to have as little exchange of diversity 384 information as possible between the VPN CE and PE elements. 386 Rather than a detailed CE or PE SRLG list, the Path Affinity Set 387 contains an abstract SRLG identifier that associates the given path 388 as diverse. Logically the identifier is in a VPN context and 389 therefore only unique with respect to a particular VPN. 391 How the CE determines the PAS identifier is a local matter for the CE 392 administrator. A CE may signal PAS as a diversity object in the PATH 393 message. This identifier is a suggested identifier and may be 394 overridden by a PE under some conditions. 396 For example, PAS can be used with no prior exchange of PAS 397 information between the CE and the PE. Upon reception of the PAS 398 information the PE can infer the CEs requirements. The actual PAS 399 identifier used will be returned in the RESV message. Optionally an 400 empty PAS identifier allows the PE to pick the PAS identifier. 402 Similar to the section 4.1.1 on SRLG information, a PE can return PAS 403 identifier as the response to a Query allowing flexibility. 405 A PE interprets the specific PAS identifier, for example, "123" as 406 meaning to exclude that identifier and by association any PE related 407 SRLG information, for any LSPs associated with the resources assigned 408 to the VPN. For example, if a Path exists for the LSP with the 409 identifier "123", the PE would use local knowledge of the PE SRLGs 410 associated with the "123" LSPs and exclude those SRLGs in the path 411 request. In other words, two LSPs that need to be diverse both 412 signal "123" and the PEs interpret this as meaning not to use shared 413 resources. Alternatively, a PE could use the PAS identifier to 414 select from already established LSPs. Once the path is established it 415 becomes associated with the "123" identifier or optionally another 416 PAS identifier for that VPN. 418 The PAS Source and Destination Address tuple represents one or more 419 source addresses and destination addresses associated with the CE 420 Path Affinity Set identifier. These associated address tuples 421 represent paths that use resources that should be excluded for the 422 establishment of the current LSP. The address tuple information 423 gives both finer grain details on the path diversity request and 424 serves as an alternative identifier in the case when the PAS 425 identifier is not known by the PE. The address tuples used in 426 signaling is within a CE context and its interpretation is local to a 427 PE that receives a Path request from a CE. The PE can use the address 428 information to relate to PE Addresses and PE SRLG information. When 429 a PE satisfies a connection setup for a (SRLG) diverse signaled path, 430 the PE may optionally record the PE SRLG information for that 431 connection in terms of PE based parameters and associate that with 432 the CE addresses in the Path message. 434 Specifically for L1VPNs, Port Information table (PIT) [RFC5251] can 435 be leveraged to translate between CE based addresses and PE based 436 addresses. The Path Affinity Set and associated PE addresses with PE 437 SRLG information can be distributed via the IGP in the provider 438 transport network (or by other means such as configuration); they can 439 be utilized by other PEs when other CE Paths are setup that would 440 require path/connection diversity. This information is distributed on 441 a VPN basis and contains a PAS identifier, PE addresses and SRLG 442 information. 444 The CE Path Affinity Set may be used to signal paths without CE 445 Source and Destination addresses; however, the PE will always 446 associate the CE SRLG Group with a list of PE SRLG plus the PE 447 addresses associated with this LSP. 449 If diversity is not signaled, the assumption is that no diversity is 450 required and the Provider network is free to route the LSP to 451 optimize traffic. No Path affinity set information needs to be 452 recorded for these LSPs. If a diversity object is included in the 453 connection request, the PE in the Provider Network should be able to 454 look-up the existing Provider SRLG information from the provider 455 network and choose an LSP that is maximally diverse from other LSPs. 457 The mechanisms to achieve this are outside the scope of this 458 document. 460 A new VPN Diverse LSP LABEL object is specified: 462 0 1 2 3 463 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 464 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 465 | Length | Type (TBA) |0| C-type (TBA)| 466 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 468 1 2 3 469 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 471 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 472 | ADDR Length |Number of PAS |D| reserved | 473 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 474 | Path Affinity Set identifier | 475 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 476 | Source Address (variable) | 477 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 478 | Destination Address (variable) | 479 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 481 Figure 2 Diverse LSP information 483 1. The Address Length field (8 bits) is the number of bytes for both 484 the source address and destination address. The address may be in 485 any format from 1 to 32 bytes but the key point is the customers 486 can maintain their existing addresses. A value of zero indicates 487 there are no addresses included. 489 2. The Number of Path Affinity (8 bits) sets is included in the 490 object. This is typically 1. Addition of other sets is for further 491 study. 493 3. The Path affinity Set identifier (4 bytes) is a single number that 494 represents a summarized SRLG for this path. Paths with that same 495 Path Affinity set should be set up with diverse paths and 496 associated with the path affinity set. A value of all zeros 497 allows the PE to pick a PAS identifier to return. A PAS 498 identifier of an established path may be different than the 499 requested path identifier. 501 4. The diversity Bit (D) (one Bit) indicates if the diversity must be 502 satisfied when set as a one. If a PE finds an established path 503 with a Path Affinity set matching the signaled Path Affinity Set 504 or the signaled Address tuple it should attempt find a diverse 505 path. 507 5. The Diverse Path Source address/destination address tuple is that 508 of an established LSP in the PE network that belongs to the same 509 Path Affinity Set identifier. If the path for these addresses is 510 not setup or cannot be determined by the PE edge processing the 511 UNI then the path is only with the Path Affinity set constraint. 512 If the path(s) for these address tuples are known by the PE the PE 513 uses the SRLG information associated with these addresses. If in 514 any case a diverse path cannot be setup then the Diverse bit 515 controls whether a path is established anyway. The PE must use a 516 mechanism to translate CE Addresses into provider addresses when 517 correlating with provider SRLG information. How SRLG information 518 and network address tuples are distributed is for future study. 520 4.1.2.1. Operational Procedures 522 When a UNI-C constructs a PATH message it may optionally specify and 523 insert a Path Affinity Set in the PATH message. This Path Affinity 524 Set may optionally include the address of an LSP that that could 525 belong to the same Path Affinity Set. The Path Affinity Set 526 identifier is a value (0 through 2**32-255) that is independent of 527 the mechanism the CE or the PE use for diversity. The Path Affinity 528 Set is a single identifier that can be used to request diversity and 529 associate diversity. 531 When processing a CE PATH message in a VPN Overlay, the PE first 532 looks up the PE based addresses in the Provider Index Table (PIT). If 533 the Path Affinity Set is included in the PATH message, the PE must 534 look up the SRLG information (or equivalent) in the PE network that 535 has been allocated by LSPs associated with a Path Affinity Set and 536 exclude those resources from the path computation for this LSP if it 537 is a new path. The PE may alternatively choose from an existing path 538 with a disjoint set of resources. If a path that is disjoint cannot 539 be found, the value of the PAS diversity bit determines whether a 540 path should be setup anyway. If the PAS diversity bit is clear, one 541 can still attempt to setup the LSP. A PE should still attempt to 542 minimize shared resources but that is an implementation issue, and is 543 outside the scope of this document. 545 Optionally the CE may use a value of all zeros in the PAS identifier 546 allowing the PE to select an appropriate PAS identifier. Also the PE 547 may to override the PAS identifier allowing the PE to re-assign the 548 identifier if required. A CE should not assume that the PAS 549 identifier used for setup is the actual PAS identifier. 551 4.1.2.2. Error handling procedures 553 The PAS object must be understood by the PE device. Otherwise, the CE 554 should not use the PAS object. Path Message processing of the PAS 555 object SHOULD follow CTYPE 0. An Error code of IANA (TBD) indicates 556 that the PAS object is not understood. 558 When a PAS identifier is not recognized by a PE it must assume this 559 LSP defines that PAS identifier however the PE may override PAS 560 identifier under certain conditions. 562 If the identifier is recognized but the Source Address-Destination 563 address pair(s) are not recognized, this LSP must be set up using the 564 PAS identifier only. 566 If the identifier is recognized and the Source Address-Destination 567 address pair(s) are also recognized, then the PE SHOULD use the PE 568 SRLG information associated with the LSPs identified by the address 569 pairs to select a disjoint path. 571 The Following are the additional error codes: 573 1. Route Blocked by Exclude Route Value IANA (TBA). 575 4.1.2.3. Distribution of the Path Affinity Set information 577 Information about SRLG is already available in the IGP TE database. A 578 PE network can be designed to have additional opaque records for 579 Provider paths that distribute PE paths and SRLG on a VPN basis. When 580 a PE path is setup, the following information allows a PE to lookup 581 the PE diversity information: 583 o L1 VPN Identifier 8 bytes 585 o Path Affinity Set Identifier 587 o Source PE Address 589 o Destination PE Address 591 o List of PE SRLG (variable) 593 The source PE address and destination PE address are the same 594 addresses in the VPN PIT and correspond to the respective CE address 595 identifiers. 597 Note that all of the information is local to the PE context and is 598 not shared with the CE. The VPN Identifier is associated with a CE. 599 The only value that is signaled from the CE is the Path Affinity Set 600 and optionally the addresses of an existing LSP. The PE stores source 601 and destination PE addresses of the LSP in their native format along 602 with the SRLG information. This information is internal to the PE 603 network and is always known. 605 PE paths may be setup on demand or they may be pre-established. When 606 paths are pre-established, the Path Affinity Set is set to unassigned 607 0x0000 and is ignored. When a CE uses a pre-established path the PE 608 may set the Path SRLG Path Affinity Set value if the CE signals one 609 otherwise the Path Affinity Set remains unassigned 0x0000. 611 5. Latency signaling 613 A latency requirement can be added to signaling in the form of a 614 constraint [DRAFT OBJECTIVE FUNCTION]. The constraint can take the 615 form of: 617 o Minimize latency 619 o Maximum acceptable 621 While some systems may be able to compute routes based on delay 622 metrics it is usual that minimizing hops subject to bandwidth 623 reservation are satisfied as the object function and delay is not 624 considered. When considering diversity latency falls after diversity 625 constraints have been satisfied. 627 Recording the latency of existing paths [DRAFT_TE_METRIC RECORD] to 628 ensure they meet a maximum acceptable latency can be utilized to 629 ensure latency constraint is met. 631 When a low latency path is required, the minimize latency subject to 632 other constraints criteria should be signaled. A CE device can use 633 the record latency to ensure that the maximum acceptable latency has 634 been met. 636 More detail to be added in a future revision. 638 6. Security Considerations 640 Security for L1VPNs is covered in [RFC4847], [RFC5251] and [RFC5253]. 641 In this document, the model follows a generic GMPLS VPN based on the 642 L1VPN control plane model where CE addresses are completely distinct 643 from the PE addresses. 645 The use of a private network assumes that entities outside the 646 network cannot spoof or modify control plane communications between 647 CE and PE. Furthermore, all entities in the private network are 648 assumed to be trusted. Thus, no security mechanisms are required by 649 the protocol exchanges described in this document. 651 However, an operator that is concerned about the security of their 652 private control plane network may use the authentication and 653 integrity functions available in RSVP-TE [RFC3473] or utilize IPsec 654 ([RFC4301], [RFC4302], [RFC4835], [RFC5996], and [RFC6071]) for the 655 point-to-point signaling between PE and CE. See [RFC5920] for a full 656 discussion of the security options available for the GMPLS control 657 plane. 659 7. IANA Considerations 661 TBD 663 8. References 665 8.1. Normative References 667 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 668 Requirement Levels", BCP 14, RFC 2119, March 1997. 670 [RFC4202] Kompella, K., Rekhter, Y., "Routing Extensions in Support 671 of Generalized Multi-Protocol Label Switching (GMPLS)", RFC 672 4202, October 2005. 674 [RFC4208] Swallow, G., Drake, J., Ishimatsu, H., and Y. Rekhter, 675 "Generalized Multiprotocol Label Switching (GMPLS) User- 676 Network Interface (UNI): Resource ReserVation Protocol- 677 Traffic Engineering (RSVP-TE) Support for the Overlay 678 Model", RFC 4208, October 2005. 680 [RFC5251] Fedyk, D., Rekhter, Y., Editors "Layer 1 VPN Basic Mode", 681 RFC 5251, July 2008. 683 [SRLG_info] Zhang, F., Li, D., Gonzalez de Dios, O., Margaria, C., 684 "RSVP-TE Extensions for Collecting SRLG Information", 685 draft-ietf-ccamp-rsvp-te-srlg-collect-00.txt, June 2012. 687 8.2. Informative References 689 [RFC4026] Andersson, L. and T. Madsen, "Provider Provisioned Virtual 690 Private Network (VPN) Terminology", RFC 4026, March 2005. 692 [RFC6071] Frankel, S. and S. Krishnan, "IP Security (IPsec) and 693 Internet Key Exchange (IKE) Document Roadmap", RFC 6071, 694 February 2011. 696 [RFC3473] Berger, L. (editor), "Generalized MPLS Signaling - RSVP-TE 697 Extensions", RFC 3473, January 2003. 699 [RFC4301] Kent, S. and K. Seo, "Security Architecture for the 700 Internet Protocol", RFC 4301, December 2005. 702 [RFC4302] Kent, S., "IP Authentication Header", RFC 4302, December 703 2005. 705 [RFC5996] Kaufman, C., Hoffman, P., Nir, Y., and P. Eronen, "Internet 706 Key Exchange Protocol Version 2 (IKEv2)", RFC 5996, 707 September 2010. 709 [RFC4835] Manral, V., "Cryptographic Algorithm Implementation 710 Requirements for Encapsulating Security Payload (ESP) and 711 Authentication Header (AH)", RFC 4835, April 2007. 713 [RFC4847] Takeda, T., Editor "Framework and Requirements for Layer 714 Virtual Private Networks", RFC 4847, April 2007. 716 [RFC5253] Takeda, T., Ed., "Applicability Statement for Layer 1 717 Virtual Private Network (L1VPN) Basic Mode", RFC 5253, July 718 2008. 720 [RFC5920] Fang, L., Ed., "Security Framework for MPLS and GMPLS 721 Networks", RFC 5920, July 2010. 723 [DRAFT OBJECTIVE FUNCTION] Ali, Z., Swallow, G., Filsfils, C., Fang, 724 L., Kumaki, K., Kunze, R.,"Resource ReserVation Protocol - 725 Traffic Engineering (RSVP-TE) extension for signaling 726 Objective Function and Metric Bound", draft-ali-ccamp-rc- 727 objective-function-metric-bound-02.txt, July 2012. 729 [DRAFT_TE_METRIC RECORD] Ali, Z., Swallow, G., Filsfils, C., Kumaki, 730 K., Kunze, R., "Resource ReserVation Protocol-Traffic 731 Engineering (RSVP-TE) extension for recording TE Metric of 732 a Label Switched Path", draft-ali-ccamp-te-metric- 733 recording-02.txt, July 2012. 735 Copyright (c) 2013 IETF Trust and the persons identified as authors 736 of the code. All rights reserved. 738 Redistribution and use in source and binary forms, with or without 739 modification, is permitted pursuant to, and subject to the license 740 terms contained in, the Simplified BSD License set forth in Section 741 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents 742 (http://trustee.ietf.org/license-info). 744 9. Authors' Addresses 746 Don Fedyk 747 Alcatel-Lucent 748 Groton, MA, 01450 749 Email: donald.fedyk@alcatel-lucent.com 750 Dieter Beller 751 Alcatel-Lucent 752 Email: Dieter.Beller@alcatel-lucent.com 754 Lieven Levrau 755 Alcatel-Lucent 756 Email: Lieven.Levrau@alcatel-lucent.com 758 Daniele Ceccarelli 759 Ericsson 760 Email: Daniele.Ceccarelli@ericsson.com 762 Fatai Zhang 763 Huawei Technologies 764 Email: zhangfatai@huawei.com 766 Yuji Tochio 767 Fujitsu 768 Email: tochio@jp.fujitsu.com