idnits 2.17.1 draft-francois-spring-segment-routing-ti-lfa-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack a Security Considerations section. ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (Oct 23, 2014) is 3472 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Looks like a reference, but probably isn't: 'Adjacency' on line 325 -- Looks like a reference, but probably isn't: 'Node' on line 325 == Unused Reference: '3' is defined on line 361, but no explicit reference was found in the text ** Downref: Normative reference to an Informational RFC: RFC 5714 (ref. '2') ** Downref: Normative reference to an Informational RFC: RFC 6571 (ref. '3') == Outdated reference: A later version (-11) exists of draft-ietf-rtgwg-remote-lfa-08 Summary: 5 errors (**), 0 flaws (~~), 3 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group Pierre Francois 3 Internet-Draft IMDEA Networks Institute 4 Intended status: Standards Track Clarence Filsfils 5 Expires: April 26, 2015 Ahmed Bashandy 6 Cisco Systems, Inc. 7 Bruno Decraene 8 Stephane Litkowski 9 Orange 10 Oct 23, 2014 12 Topology Independent Fast Reroute using Segment Routing 13 draft-francois-spring-segment-routing-ti-lfa-01 15 Abstract 17 This document presents Topology Independent Loop-free Alternate Fast 18 Re-route (TI-LFA), aimed at providing link and node protection of 19 node and adjacency segments within the Segment Routing (SR) 20 framework. This Fast Re-route (FRR) behavior builds on proven IP-FRR 21 concepts being LFAs, remote LFAs (RLFA), and remote LFAs with 22 directed forwarding (DLFA). It extends these concepts to provide 23 guaranteed coverage in any IGP network. We accommodate the FRR 24 discovery and selection approaches in order to establish protection 25 over post-convergence paths from the point of local repair, 26 dramatically reducing the operational need to control the tie-breaks 27 among various FRR options. 29 Status of this Memo 31 This Internet-Draft is submitted in full conformance with the 32 provisions of BCP 78 and BCP 79. 34 Internet-Drafts are working documents of the Internet Engineering 35 Task Force (IETF). Note that other groups may also distribute 36 working documents as Internet-Drafts. The list of current Internet- 37 Drafts is at http://datatracker.ietf.org/drafts/current/. 39 Internet-Drafts are draft documents valid for a maximum of six months 40 and may be updated, replaced, or obsoleted by other documents at any 41 time. It is inappropriate to use Internet-Drafts as reference 42 material or to cite them other than as "work in progress." 44 This Internet-Draft will expire on April 26, 2015. 46 Copyright Notice 48 Copyright (c) 2014 IETF Trust and the persons identified as the 49 document authors. All rights reserved. 51 This document is subject to BCP 78 and the IETF Trust's Legal 52 Provisions Relating to IETF Documents 53 (http://trustee.ietf.org/license-info) in effect on the date of 54 publication of this document. Please review these documents 55 carefully, as they describe your rights and restrictions with respect 56 to this document. Code Components extracted from this document must 57 include Simplified BSD License text as described in Section 4.e of 58 the Trust Legal Provisions and are provided without warranty as 59 described in the Simplified BSD License. 61 Table of Contents 63 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 64 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . 4 65 3. Intersecting P-Space and Q-Space with post-convergence 66 paths . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 67 3.1. P-Space property computation for a resource X . . . . . . . 5 68 3.2. Q-Space property computation for a link S-F, over 69 post-convergence paths . . . . . . . . . . . . . . . . . . 5 70 3.3. Q-Space property computation for a node F, over 71 post-convergence paths . . . . . . . . . . . . . . . . . . 6 72 4. TI-LFA Repair Tunnel . . . . . . . . . . . . . . . . . . . . . 6 73 4.1. The repair node is a direct neighbor . . . . . . . . . . . 6 74 4.2. The repair node is a PQ node . . . . . . . . . . . . . . . 6 75 4.3. The repair is a Q node, neighbor of the last P node . . . . 7 76 4.4. Connecting distant P and Q nodes along 77 post-convergence paths . . . . . . . . . . . . . . . . . . 7 78 5. Protecting segments . . . . . . . . . . . . . . . . . . . . . . 7 79 5.1. The active segment is a node segment . . . . . . . . . . . 7 80 5.2. The active segment is an adjacency segment . . . . . . . . 7 81 5.2.1. Protecting [Adjacency, Adjacency] segment lists . . . . 8 82 5.2.2. Protecting [Adjacency, Node] segment lists . . . . . . 8 83 6. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8 84 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 9 86 1. Introduction 88 Segment Routing aims at supporting services with tight SLA guarantees 89 [1]. This document provides local repair mechanisms using SR, 90 capable of restoring end-to-end connectivity in the case of a sudden 91 failure of a link or a node, with guaranteed coverage properties. 93 Using segment routing, there is no need to establish TLDP sessions 94 with remote nodes in order to take advantage of the applicability of 95 remote LFAs (RLFA) or remote LFAs with directed forwarding (DLFA) 96 [2]. As a result, preferring LFAs over RLFAs or DLFAs, as well as 97 minimizing the number of RLFA or DLFA repair nodes is not required. 98 Using SR, there is no need to create state in the network in order to 99 enforce an explicit FRR path. As a result, we can use optimized 100 detour paths for each specific destination and for each possible 101 failure in the network without creating additional forwarding state. 103 Building on such an easier forwarding environment, the FRR behavior 104 suggested in this document tailors the repair paths over the post- 105 convergence path from the PLR to the protected destination. 107 As the capacity of the post-convergence path is typically planned by 108 the operator to support the post-convergence routing of the traffic 109 for any expected failure, there is much less need for the operator to 110 tune the decision among which protection path to choose. The 111 protection path will automatically follow the natural backup path 112 that would be used after local convergence. This also helps to 113 reduce the amount of path changes and hence service transients: one 114 transition (pre-convergence to post-convergence) instead of two (pre- 115 convergence to FRR and then post-convergence). 117 We provide the TI-LFA approach that achieves guaranteed coverage 118 against link or node failure, in any IGP network, relying on the 119 flexibility of SR. 121 L ____ 122 S----------F--{____}--D 123 _|_ ___________ / 124 {___}--Q--{___________} 126 Figure 1: TI-LFA Protection 128 We use Figure 1 to illustrate the TI-LFA approach. 130 The Point of Local Repair (PLR), S, needs to find a node Q (a repair 131 node) that is capable of safely forwarding the traffic to a 132 destination D affected by the failure of the protected link L, or 133 node F. The PLR also needs to find a way to reach Q without being 134 affected by the convergence state of the nodes over the paths it 135 wants to use to reach Q. 137 In Section 2 we define the main notations used in the document. They 138 are in line with [2]. 140 In Section 3, we suggest to compute the P-Space and Q-Space 141 properties defined in Section 2, for the specific case of nodes lying 142 over the post-convergence paths towards the protected destinations. 143 The failure of a link S-F as well as the failure of a neighbor F is 144 discussed. 146 Using the properties defined in Section 3, we describe how to compute 147 protection lists that encode a loopfree post-convergence towards the 148 destination, in Section 4. 150 Finally, we define the segment operations to be applied by the PLR to 151 ensure consistency with the forwarding state of the repair node, in 152 Section 5. 154 2. Terminology 156 We define the main notations used in this document as the following. 158 We refer to "old" and "new" topologies as the LSDB state before and 159 after the considered failure. 161 SPT_old(R) is the Shortest Path Tree rooted at node R in the initial 162 state of the network. 164 SPT_new(R, X) is the Shortest Path Tree rooted at node R in the state 165 of the network after the resource X has failed. 167 Dist_old(A,B) is the distance from node A to node B in SPT_old(A). 169 Dist_new(A,B, X) is the distance from node A to node B in SPT_new(A, 170 X). 172 Similarly to [4], we rely on the concept of P-Space and Q-Space for 173 TI-LFA. 175 The P-Space P(R,X) of a node R w.r.t. a resource X (e.g. a link S-F, 176 or a node F) is the set of nodes that are reachable from R without 177 passing through X. It is the set of nodes that are not downstream of 178 X in SPT_old(R). 180 The Extended P-Space P'(R,X) of a node R w.r.t. a resource X is the 181 set of nodes that are reachable from R or a neighbor of R, without 182 passing through X. 184 The Q-Space Q(D,X) of a destination node D w.r.t. a resource X is the 185 set of nodes which do not use X to reach D in the initial state of 186 the network. In other words, it is the set of nodes which have D in 187 their P-Space w.r.t. S-F (or F). 189 A symmetric network is a network such that the IGP metric of each 190 link is the same in both directions of the link. 192 3. Intersecting P-Space and Q-Space with post-convergence paths 194 In this section, we suggest to determine the P-Space and Q-Space 195 properties of the nodes along on the post-convergence paths from the 196 PLR to the protected destination and compute an SR-based explicit 197 path from P to Q when they are not adjacent. Such properties will be 198 used in Section 4 to compute the TI-LFA repair list. 200 3.1. P-Space property computation for a resource X 202 A node N is in P(R, X) if it is not downstream of X in SPT_old(R). 204 A node N is in P'(R,X) if it is not downstream of X in SPT_old(N), 205 for at least one neighbor N of R. 207 3.2. Q-Space property computation for a link S-F, over post-convergence 208 paths 210 We want to determine which nodes on the post-convergence from the PLR 211 to the destination D are in the Q-Space of destination D w.r.t. link 212 S-F. 214 This can be found by intersecting the post-convergence path to D, 215 assuming the failure of S-F, with Q(D, S-F). 217 The post-convergence path to D requires to compute SPT_new(S, S-F). 219 A node N is in Q(D,S-F) if it is not downstream of S-F in 220 rSPT_old(D). 222 3.3. Q-Space property computation for a node F, over post-convergence 223 paths 225 We want to determine which nodes on the post-convergence from the PLR 226 to the destination D are in the Q-Space of destination D w.r.t. node 227 F. 229 This can be found by intersecting the post-convergence path to D, 230 assuming the failure of F with Q(D, F). 232 The post-convergence path to D requires to compute SPT_new(S, F). 234 A node N is in Q(D,F) if it is not downstream of F in rSPT_old(D). 236 4. TI-LFA Repair Tunnel 238 The TI-LFA repair tunnel consists of an outgoing interface and a list 239 of segments (repair list) to insert on the SR header. The repair 240 list encodes the explicit post-convergence path to the destination, 241 which avoids the protected resource X. 243 The TI-LFA repair tunnel is found by intersecting P(S,X) and Q(D,X) 244 with the post-convergence path to D and computing the explicit SR- 245 based path EP(P, Q) from P to Q when these nodes are not adjacent 246 along the post convergence path. The TI-LFA repair list is expressed 247 generally as (Node_SID(P), EP(P, Q)). 249 Most often, the TI-LFA repair list has a simpler form, as described 250 in the following sections. 252 4.1. The repair node is a direct neighbor 254 When the repair node is a direct neighbor, the outgoing interface is 255 set to that neighbor and the repair segment list is empty. 257 This is comparable to an LFA FRR repair. 259 4.2. The repair node is a PQ node 261 When the repair node is in P(S,X), the repair list is made of a 262 single node segment to the repair node. 264 This is comparable to an RLFA repair tunnel. 266 4.3. The repair is a Q node, neighbor of the last P node 268 When the repair node is adjacent to P(S,X), the repair list is made 269 of two segments: A node segment to the adjacent P node, and an 270 adjacency segment from that node to the repair node. 272 This is comparable to a DLFA repair tunnel. 274 4.4. Connecting distant P and Q nodes along post-convergence paths 276 In some cases, there is no adjacent P and Q node along the post- 277 convergence path. However, the PLR can perform additional 278 computations to compute a list of segments that represent a loopfree 279 path from P to Q. 281 5. Protecting segments 283 In this section, we explain how a protecting router S processes the 284 active segment of a packet upon the failure of its primary outgoing 285 interface. 287 The behavior depends on the type of active segment to be protected. 289 5.1. The active segment is a node segment 291 The active segment is kept on the SR header, unchanged (1). The 292 repair list is inserted at the head of the list. The active segment 293 becomes the first segment of the inserted repair list. 295 A future version of the document will describe the FRR behavior when 296 the active segment is a node segment destined to F, and F has failed. 298 Note (1): If the SRGB at the repair node is different from the SRGB 299 at the PLR, then the active segment must be updated to fit the SRGB 300 of the repair node. 302 5.2. The active segment is an adjacency segment 304 We define hereafter the FRR behavior applied by S for any packet 305 received with an active adjacency segment S-F for which protection 306 was enabled. We distinguish the case where this active segment is 307 followed by another adjacency segment from the case where it is 308 followed by a node segment. 310 5.2.1. Protecting [Adjacency, Adjacency] segment lists 312 If the next segment in the list is an Adjacency segment, then the 313 packet has to be conveyed to F. 315 To do so, S applies a "NEXT" operation on Adj(S-F) and then two 316 consecutive "PUSH" operations: first it pushes a node segment for F, 317 and then it pushes a protection list allowing to reach F while 318 bypassing S-F. 320 Upon failure of S-F, a packet reaching S with a segment list matching 321 [adj(S-F),adj(M),...] will thus leave S with a segment list matching 322 [RT(F),node(F),adj(M)], where RT(F) is the repair tunnel for 323 destination F. 325 5.2.2. Protecting [Adjacency, Node] segment lists 327 If the next segment in the stack is a node segment, say for node T, 328 the packet segment list matches [adj(S-F),node(T),...]. 330 A first solution would consist in steering the packet back to F while 331 avoiding S-F, similarly to the previous case. To do so, S applies a 332 "NEXT" operation on Adj(S-F) and then two consecutive "PUSH" 333 operations: first it pushes a node segment for F, and then it pushes 334 a repair list allowing to reach F while bypassing S-F. 336 Upon failure of S-F, a packet reaching S with a segment list matching 337 [adj(S-F),node(T),...] will thus leave S with a segment list matching 338 [RT(F),node(F),node(T)]. 340 Another solution is to not steer the packet back via F but rather 341 follow the new shortest path to T. In this case, S just needs to 342 apply a "NEXT" operation on the Adjacency segment related to S-F, and 343 push a repair list redirecting the traffic to a node Q, whose path to 344 node segment T is not affected by the failure. 346 Upon failure of S-F, packets reaching S with a segment list matching 347 [adj(L), node(T), ...], would leave S with a segment list matching 348 [RT(Q),node(T), ...]. 350 6. References 352 [1] Filsfils, C., Previdi, S., Bashandy, A., Decraene, B., 353 Litkowski, S., Horneffer, M., Milojevic, I., Shakir, R., Ytti, 354 S., Henderickx, W., Tantsura, J., and E. Crabbe, "Segment 355 Routing Architecture", draft-filsfils-spring-segment-routing-04 356 (work in progress), July 2014. 358 [2] Shand, M. and S. Bryant, "IP Fast Reroute Framework", RFC 5714, 359 January 2010. 361 [3] Filsfils, C., Francois, P., Shand, M., Decraene, B., Uttaro, J., 362 Leymann, N., and M. Horneffer, "Loop-Free Alternate (LFA) 363 Applicability in Service Provider (SP) Networks", RFC 6571, 364 June 2012. 366 [4] Bryant, S., Filsfils, C., Previdi, S., Shand, M., and N. So, 367 "Remote LFA FRR", draft-ietf-rtgwg-remote-lfa-08 (work in 368 progress), September 2014. 370 Authors' Addresses 372 Pierre Francois 373 IMDEA Networks Institute 374 Leganes 375 ES 377 Email: pierre.francois@imdea.org 379 Clarence Filsfils 380 Cisco Systems, Inc. 381 Brussels 382 BE 384 Email: cfilsfil@cisco.com 386 Ahmed Bashandy 387 Cisco Systems, Inc. 388 San Jose 389 US 391 Email: bashandy@cisco.com 393 Bruno Decraene 394 Orange 395 Issy-les-Moulineaux 396 FR 398 Email: bruno.decraene@orange.com 399 Stephane Litkowski 400 Orange 401 FR 403 Email: bruno.decraene@orange.com