idnits 2.17.1 draft-ietf-bess-mvpn-evpn-aggregation-label-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack a Security Considerations section. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'MUST not' in this paragraph: One method of achieving this is to reserve a portion of the label space for assignment by a central authority. We refer to this reserved portion as the "Domain-wide Common Block" (DCB) of labels. This is analogous to the "Segment Routing Global Block" (SRGB) that is described in [I-D.ietf-spring-segment-routing]. The DCB is taken from the same label space that is used for downstream-assigned labels, but each PE would know not to allocate local labels from that space. A PE that is attached (via L3VPN VRF interfaces or EVPN Access Circuits) would know by provisioning which label from the DCB corresponds to which of its locally attached VPNs, BDs, or ESes. The definition of "domain" is loose - it simply includes all the routers that share the same DCB. In this document, it includes all PEs of an MVPN/EVPN network. (Though if tunnel segmentation [RFC 6514] is used, each segmentation region could have its own DCB. This will be explained in more detail later.) If these PEs share other common label blocks (e.g. SRGB) with other routers, the DCB MUST not intersect with those common label blocks or those routers MUST be considered as part of the "domain". However, the labels advertised by PEs for the purposes defined in this document will only rise to the top of the label stack when traffic arrives the PEs. (Using the creation date from RFC6514, updated by this document, for RFC5378 checks: 2006-08-01) -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (December 7, 2018) is 1938 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC 8279' is mentioned on line 148, but not defined == Missing Reference: 'BIER-MVPN' is mentioned on line 151, but not defined == Missing Reference: 'BIER-EVPN' is mentioned on line 151, but not defined == Missing Reference: 'RFC 6514' is mentioned on line 231, but not defined == Missing Reference: 'EVPN-BUM' is mentioned on line 290, but not defined == Unused Reference: 'RFC2119' is defined on line 534, but no explicit reference was found in the text == Unused Reference: 'I-D.ietf-bess-evpn-bum-procedure-updates' is defined on line 571, but no explicit reference was found in the text == Outdated reference: A later version (-14) exists of draft-ietf-bess-evpn-bum-procedure-updates-04 == Outdated reference: A later version (-14) exists of draft-ietf-bier-evpn-01 Summary: 1 error (**), 0 flaws (~~), 11 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 BESS Z. Zhang 3 Internet-Draft E. Rosen 4 Updates: 7432, 6514, 7582 (if approved) W. Lin 5 Intended status: Standards Track Juniper Networks 6 Expires: June 10, 2019 Z. Li 7 Huawei Technologies 8 I. Wijnands 9 Cisco Systems 10 December 7, 2018 12 MVPN/EVPN Tunnel Aggregation with Common Labels 13 draft-ietf-bess-mvpn-evpn-aggregation-label-01 15 Abstract 17 The MVPN specifications allow a single Point-to-Multipoint (P2MP) 18 tunnel to carry traffic of multiple VPNs. The EVPN specifications 19 allow a single P2MP tunnel to carry traffic of multiple Broadcast 20 Domains (BDs). These features require the ingress router of the P2MP 21 tunnel to allocate an upstream-assigned MPLS label for each VPN or 22 for each BD. A packet sent on a P2MP tunnel then carries the label 23 that is mapped to its VPN or BD. (In some cases, a distinct 24 upstream-assigned is needed for each flow.) Since each ingress 25 router allocates labels independently, with no coordination among the 26 ingress routers, the egress routers may need to keep track of a large 27 number of labels. The number of labels may need to be as large (or 28 larger) than the product of the number of ingress routers times the 29 number of VPNs or BDs. However, the number of labels can be greatly 30 reduced if the association between a label and a VPN or BD is made by 31 provisioning, so that all ingress routers assign the same label to a 32 particular VPN or BD. New procedures are needed in order to take 33 advantage of such provisioned labels. These new procedures also 34 apply to Multipoint-to-Multipoint (MP2MP) tunnels. This document 35 updates RFCs 6514, 7432 and 7582 by specifying the necessary 36 procedures. 38 Requirements Language 40 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 41 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 42 document are to be interpreted as described in RFC2119. 44 Status of This Memo 46 This Internet-Draft is submitted in full conformance with the 47 provisions of BCP 78 and BCP 79. 49 Internet-Drafts are working documents of the Internet Engineering 50 Task Force (IETF). Note that other groups may also distribute 51 working documents as Internet-Drafts. The list of current Internet- 52 Drafts is at https://datatracker.ietf.org/drafts/current/. 54 Internet-Drafts are draft documents valid for a maximum of six months 55 and may be updated, replaced, or obsoleted by other documents at any 56 time. It is inappropriate to use Internet-Drafts as reference 57 material or to cite them other than as "work in progress." 59 This Internet-Draft will expire on June 10, 2019. 61 Copyright Notice 63 Copyright (c) 2018 IETF Trust and the persons identified as the 64 document authors. All rights reserved. 66 This document is subject to BCP 78 and the IETF Trust's Legal 67 Provisions Relating to IETF Documents 68 (https://trustee.ietf.org/license-info) in effect on the date of 69 publication of this document. Please review these documents 70 carefully, as they describe your rights and restrictions with respect 71 to this document. Code Components extracted from this document must 72 include Simplified BSD License text as described in Section 4.e of 73 the Trust Legal Provisions and are provided without warranty as 74 described in the Simplified BSD License. 76 Table of Contents 78 1. Terminologies . . . . . . . . . . . . . . . . . . . . . . . . 3 79 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 80 2.1. Problem Description . . . . . . . . . . . . . . . . . . . 4 81 2.2. Proposed Solution . . . . . . . . . . . . . . . . . . . . 5 82 2.2.1. MP2MP Tunnels . . . . . . . . . . . . . . . . . . . . 6 83 2.2.2. Segmented Tunnels . . . . . . . . . . . . . . . . . . 7 84 2.2.3. Summary of Label Allocation Methods . . . . . . . . . 9 85 3. Specification . . . . . . . . . . . . . . . . . . . . . . . . 9 86 3.1. Context Label Space ID Extended Community . . . . . . . . 9 87 3.2. Procedures . . . . . . . . . . . . . . . . . . . . . . . 10 88 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 89 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 12 90 6. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 12 91 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 12 92 7.1. Normative References . . . . . . . . . . . . . . . . . . 12 93 7.2. Informative References . . . . . . . . . . . . . . . . . 13 94 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 13 96 1. Terminologies 98 Familiarity with MVPN/EVPN protocols and procedures is assumed. Some 99 terminologies are listed below for convenience. 101 o BUM: Broadcast, Unknown Unicast, or Multicast (traffic). 103 o BD: Broadcast Domain. 105 o PMSI: Provider Multicast Service Interface - a pseudo interface 106 for a PE to send overlay/customer multicast traffic via underlay/ 107 provider tunnels. Includes I/S-PMSI (often referred to as x-PMSI) 108 for Inclusive/Selective-PMSI. 110 o IMET: Inclusive Multicast Ethernet Tag route. An EVPN specific 111 name for I-PMSI A-D route. 113 o PTA: PMSI Tunnel Attribute. A BGP attribute that may be attached 114 to an BGP-MVPN/EVPN A-D routes. 116 o ESI: Ethernet Segment Identifier. 118 2. Introduction 120 MVPN can use P2MP tunnels (set up by RSVP-TE, mLDP, or PIM) to 121 transport customer multicast traffic across a service provider's 122 backbone network. Often, a given P2MP tunnel carries the traffic of 123 only a single VPN. There are however procedures defined that allow a 124 single P2MP tunnel to carry traffic of multiple VPNs. In this case, 125 the P2MP tunnel is called an "aggregate tunnel". The PE router that 126 is the ingress node of an aggregate P2MP tunnel allocates an 127 "upstream-assigned MPLS label" [RFC5331] for each VPN, and each 128 packet sent on the P2MP tunnel carries the upstream-assigned MPLS 129 label that the ingress PE has bound to the packet's VPN. 131 Similarly, EVPN can use P2MP tunnels (set up by RSVP-TE, mLDP, or 132 PIM) to transport BUM traffic (Broadcast traffic, Unicast traffic 133 with an Unknown address, or Multicast traffic), across the provider 134 network. Often a P2MP tunnel carries the traffic of only a single 135 BD. However, there are procedures defined that allow a single P2MP 136 tunnel to be an "aggregate tunnel" that carries traffic of multiple 137 BDs. The procedures are analogous to the MVPN procedures -- the PE 138 router that is the ingress node of an aggregate P2MP tunnel allocates 139 an upstream-assigned MPLS label for each BD, and each packet sent on 140 the P2MP tunnel carries the upstream-assigned MPLS label that the 141 ingress PE has bound to the packet's BD. 143 MVPN and EVPN can also use BIER [RFC 8279] to transmit multicast 144 traffic or BUM traffic [I-D.ietf-bier-mvpn] [I-D.ietf-bier-evpn]. 145 Although BIER does not explicitly set up P2MP tunnels, from the 146 perspective of MVPN/EVPN, the use of BIER transport is very similar 147 to the use of aggregate P2MP tunnels. When BIER is used, the PE 148 transmitting a packet (the "BFIR" [RFC 8279]) must allocate an 149 upstream-assigned MPLS label for each VPN or BD, and the packets 150 transmitted using BIER transport always carry the label that 151 identifies their VPN or BD. (See [BIER-MVPN] and [BIER-EVPN] for the 152 details.) In the remainder of this document, we will use the term 153 "aggregate tunnels" to include both P2MP tunnels and BIER transport. 155 When an egress PE receives a packet from an aggregate tunnel, it must 156 look at the upstream-assigned label carried by the packet, and must 157 interpret that label in the context of the ingress PE. Essentially, 158 each ingress PE has its own "context label space" [RFC5331] from 159 which it allocates its upstream-assigned labels. When an egress PE 160 looks up the upstream-assigned label carried by a given packet, it 161 looks it up in the context label space owned by the packet's ingress 162 PE. How an egress PE identifies the ingress PE of a given packet 163 depends on the tunnel type. 165 2.1. Problem Description 167 Note that these procedures may require a very large number of labels. 168 Suppose an MVPN or EVPN deployment has 1001 PEs, each hosting 1000 169 VPN/BDs. Each ingress PE has to assign 1000 labels, and each egress 170 PE has to be prepared to interpret 1000 labels from each of the 171 ingress PEs. Since each ingress PE allocates labels from its own 172 context label space, and the ingress PEs do not coordinate their 173 label assignments, each egress PE must be prepared to interpret 174 1,000,000 upstream-assigned labels. This is an evident scaling 175 problem. 177 At the present time, few if any MVPN/EVPN deployments use aggregate 178 tunnels, so this problem has not surfaced. However, the use of 179 aggregate tunnels is likely to increase due to the following two 180 factors: 182 o In EVPN, a single customer ("tenant") may have a large number of 183 BDs, and the use of aggregate RSVP-TE or mLDP P2MP tunnels may 184 become important, since each tunnel creates state at the 185 intermediate nodes. 187 o The use of BIER as transport for MVPN/EVPN is becoming more and 188 more attractive and feasible. 190 Note there are pros and cons with traditional P2MP tunnel aggregation 191 (vs. BIER), which are already discussed in Section 2.1.1 of 192 [RFC6513]. This document simply specifies a way to increase label 193 scaling when tunnel aggregation is used. 195 A similar problem also exists with EVPN ESI labels used for multi- 196 homing. A PE attached to a multi-homed Ethernet Segment (ES) 197 advertises an ESI label in its Ethernet Segment route for the ES. 198 The PE imposes the label when it sends frames received from the ES to 199 other PEs via a P2MP/BIER tunnel. A receiving PE that is attached to 200 the source ES will know from the ESI label that the packet originated 201 on the source ES, and thus will not transmit the packet on its local 202 attachment circuit to that ES. From the receiving PE's point of 203 view, the ESI label is (upstream-)allocated from the source PE's 204 label space, so the receiving PE needs to maintain context label 205 tables, one for each source PE, just like the VRF/BD label case 206 above. If there are 1,001 PEs, each attached to 1,000 ESes, this can 207 require each PE to understand 1,000,000 ESI labels. Notice that the 208 issue exists even when no P2MP tunnel aggregation (i.e. one tunnel 209 used for multiple BDs) is used. 211 2.2. Proposed Solution 213 The number of labels could be greatly reduced if a central authority 214 assigned a label to each VPN, BD, or ES, and if all PEs used that 215 same label to represent a given VPN , BD, or ES. Then the number of 216 total number of labels needed would just be the sum of the number of 217 VPNs, BD, and/or ESes. 219 One method of achieving this is to reserve a portion of the label 220 space for assignment by a central authority. We refer to this 221 reserved portion as the "Domain-wide Common Block" (DCB) of labels. 222 This is analogous to the "Segment Routing Global Block" (SRGB) that 223 is described in [I-D.ietf-spring-segment-routing]. The DCB is taken 224 from the same label space that is used for downstream-assigned 225 labels, but each PE would know not to allocate local labels from that 226 space. A PE that is attached (via L3VPN VRF interfaces or EVPN 227 Access Circuits) would know by provisioning which label from the DCB 228 corresponds to which of its locally attached VPNs, BDs, or ESes. The 229 definition of "domain" is loose - it simply includes all the routers 230 that share the same DCB. In this document, it includes all PEs of an 231 MVPN/EVPN network. (Though if tunnel segmentation [RFC 6514] is 232 used, each segmentation region could have its own DCB. This will be 233 explained in more detail later.) If these PEs share other common 234 label blocks (e.g. SRGB) with other routers, the DCB MUST not 235 intersect with those common label blocks or those routers MUST be 236 considered as part of the "domain". However, the labels advertised 237 by PEs for the purposes defined in this document will only rise to 238 the top of the label stack when traffic arrives the PEs. 240 In some deployments, it may be impractical to allocate a DCB that is 241 large enough to contain labels for all the VPNs/BDs/ESes. In this 242 case, it may be necessary to allocate those labels from a context 243 label space. However, it is not necessary for each ingress PE to 244 have its own context label space. Instead, one (or some small 245 number) of context label spaces can be dedicated to such labels. 246 Each ingress PE would be provisioned to know both the context label 247 space identifier and the label for each VPN/BD/ES. 249 The MVPN/EVPN signaling defined in [RFC6514] and [RFC7432] assumes 250 that certain MPLS labels are allocated from a context label space 251 owned by a particular ingress PE. In this document, we augment the 252 signaling procedures so that it is possible to signal that a 253 particular label is from the DCB, rather than from an ingress PE's 254 context label space. We also augment the signaling so that it is 255 possible to indicate that a particular label is from an identified 256 context label space that is different than the ingress PE's own 257 context label space. 259 Notice that, the VPN/BD/ES-identifying labels from the DCB or from 260 those few context label spaces are very similar to VNIs in VXLAN. 261 Allocating a label from the DCB or from those a few context label 262 spaces and communicating them to all PEs should not be different from 263 allocating VNIs, and should be feasible in today's networks since 264 controllers are used more and more widely. 266 2.2.1. MP2MP Tunnels 268 MP2MP tunnels present the same problem that can be solved the same 269 way. 271 Per RFC 7582 ("MVPN: Using Bidirectional P-tunnels"), when MP2MP 272 tunnels are used for MVPN, the root of the MP2MP tunnel may need to 273 allocate and advertise "PE Distinguisher Labels". RFC 7582 states 274 that these labels are upstream-assigned, from the label space used by 275 the root node for its upstream-assigned labels. 277 It is REQUIRED by this document that the PE Distinguisher labels 278 allocated by a particular node come from the same source that the 279 node uses to allocate its VPN-identifying labels. 281 2.2.2. Segmented Tunnels 283 There are some additional issues to be considered when MVPN or EVPN 284 is using "tunnel segmentation" (see [RFC6514], [RFC7524], and [EVPN- 285 BUM] Sections 5 and 6). 287 2.2.2.1. Selective Tunnels 289 For "selective tunnels" (see [RFC6513] Sections 2.1.1 and 3.2.1, and 290 [EVPN-BUM] Section 4), the procedures outlined above work only if 291 tunnel segmentation is not used. 293 A selective tunnel carries one or more particular sets of flows to a 294 particular subset of the PEs that attach to a given VPN or BD. Each 295 set of flows is identified by a Selective PMSI A-D route [RFC6514]. 296 The PTA of the S-PMSI route identifies the tunnel used to carry the 297 corresponding set of flows. Multiple S-PMSI routes can identify the 298 same tunnel. 300 When tunnel segmentation is applied to a S-PMSI, certain nodes are 301 "segmentation points". A segmentation point is a node at the 302 boundary between two "segmentation regions". Let's call these 303 "region A" and "region B". A segmentation point is an egress node 304 for one or more selective tunnels in region A, and an ingress node 305 for one or more selective tunnels in region B. A given segmentation 306 point must be able to receive traffic on a selective tunnel from 307 region A, and label switch the traffic to the proper selective tunnel 308 in region B. 310 Suppose one selective tunnel (call it T1) in region A is carrying two 311 flows, Flow-1 and Flow-2, identified by S-PMSI route Route-1 and 312 Route-2 respectively. However, it is possible that, in region B, 313 Flow-1 is not carried by the same selective tunnel that carries Flow- 314 2. Let's suppose that in region B, Flow-1 is carried by tunnel T2 315 and Flow-2 by tunnel T3. Then when the segmentation point receives 316 traffic from T1, it must be able to label switch Flow-1 from T1 to 317 T2, while also label switching Flow-2 from T1 to T3. This implies 318 that Route-1 and Route-2 must signal different labels in the PTA. 320 In this case, it is not practical to have a central authority assign 321 domain-wide unique labels to individual S-PMSI routes. To address 322 this problem, all PEs can be assigned disjoint label blocks in those 323 few context label spaces, and each will allocate labels for segmented 324 S-PMSI independently from its assigned label block that is different 325 from any other PE's. For example, PE1 allocates from label block 326 [101~200], PE2 allocates from label block [201~300], and so on. 328 Allocating from disjoint label blocks can be used for VPN/BD/ES 329 labels as well, though it does not address the original scaling 330 issue, because there would be one million labels allocated from those 331 a few context label spaces in the original example, instead of just 332 one thousand common labels. 334 2.2.2.2. Per-PE/Region Tunnels 336 Similarly, for segmented per-PE (MVPN (C-*,C-*) S-PMSI or EVPN IMET) 337 or per-AS/region (MVPN Inter-AS I-PMSI or EVPN per-Region I-PMSI) 338 tunnels, labels need to be allocated per PMSI route. In case of per- 339 PE PMSI route, the labels should be allocated from the label block 340 allocated to the advertising PE. In case of per-AS/region PMSI 341 route, different ASBR/RBRs attached to the same source AS/region will 342 advertise the same PMSI route. The same label could be used when the 343 same route is advertised by different ASBRs/RBRs, though a simpler 344 way is for each ASBR/RBR to allocate its own label from the label 345 block allocated to itself. 347 In the rest of the document, we call the label allocated for a 348 particular PMSI a (per-)PMSI label, just like we have (per-)VPN/BD/ES 349 labels. Notice that using per-PMSI label in case of per-PE PMSI 350 still has the original scaling issue associated with the upstream 351 allocated label, so per-region PMSIs should be preferred. Within 352 each AS/region, per-PE PMSIs are still used though they do not go 353 across border and per-VPN/BD labels can still be used. 355 Note that, when a segmentation point re-advertise a PMSI route to the 356 next segment, it does not need to re-advertise a new label unless the 357 upstream or downstream segment uses Ingress Replication. [note - 358 future revision may extend the applicability of this document to 359 Ingress Replication as well] 361 2.2.2.3. Alternative to the per-PMSI Label Allocation 363 The per-PMSI label allocation in case of segmentation, whether for 364 S-PMSI or for per-PE/Region I-PMSI, is for the segmentation points to 365 be able to label switch traffic w/o having to do IP or MAC lookup in 366 VRFs (the segmentation points typically do not have those VRFs at 367 all). If the label scaling becomes a concern, alternatively the 368 segmentation points could use (C-S,C-G) lookup in VRFs for flows 369 identified by the S-PMSIs. This allows the S-PMSIs for the same VPN/ 370 BD to share the a VPN/BD-identifying label that leads to lookup in 371 the VRFs. That label should be different from the label used in the 372 per-PE/region I-PMSIs though, so that the segmentation points can 373 label switch other traffic (not identified by those S-PMSIs). 374 However, this moves the scaling problem from the number of labels to 375 the number of (C-S/*,C-G) routes in VRFs on the segmentation points. 377 2.2.3. Summary of Label Allocation Methods 379 In summary, labels can be allocated and advertised the following 380 ways: 382 1. A central authority allocates per-VPN/BD/ES labels from the DCB. 383 PEs advertise the labels with an indication that they are from 384 the DCB. 386 2. A central authority allocates per-VPN/BD/ES labels from a few 387 common context label spaces, and allocate labels from the DCB to 388 identify those context label spaces. PEs advertise the VPN/BD 389 labels along with the context-identifying labels. 391 3. A central authority assigns disjoint label blocks from those a 392 few context label spaces to each PE, and allocate labels from the 393 DCB to identify the context label spaces. Each PE allocates 394 labels from its assigned label block independently for its 395 segmented S-PMSI, along with the context-identifying labels. 397 Option 1 is simplest, but it requires that all the PEs set aside a 398 common label block for the DCB that is large enough for all the 399 VPNs/BDs/ESes combined. Option 3 is needed only for segmented 400 selective tunnels that are set up dynamically. Multiple options 401 could be used in any combination depending on the deployment 402 situation. 404 3. Specification 406 3.1. Context Label Space ID Extended Community 408 Context Label Space ID Extended Community is a new Transitive Opaque 409 EC with the following structure: 411 0 1 2 3 412 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 413 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 414 | 0x03 or 0x43 | Sub-Type | ID-Type | 415 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 416 | ID-Value | 417 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 419 o ID-Type: A 2-octet field that specifies the type of Label Space 420 ID. In this document, the ID-Type is 0, indicating that the ID- 421 Value field is a label. 423 o ID-Value: A 4-octet field that specifies the value of Label Space 424 ID. When it is a label (with ID-Value 0), the most significant 425 20-bit is set to the label value. 427 This document introduces a DCB-bit (to be assigned by IANA) in the 428 "Additional PMSI Tunnel Attribute Flags" BGP Extended Community 429 [RFC7902]. 431 In the remainder of the document, when we say a BGP-MVPN/EVPN A-D 432 route "carries DCB-flag" or "has DCB-flag attached" we mean the 433 following: 435 o The route carries a PMSI Tunnel Attribute (PTA) and its Flags 436 field has the Extension bit set 438 o The route carries an "Additional PMSI Tunnel Attribute Flags" EC 439 and its DCB-bit is set 441 3.2. Procedures 443 The protocol and procedures specified in this section need not be 444 applied unless when BIER, or P2MP/MP2MP tunnel aggregation is used 445 for MVPN/EVPN, or BIER/P2MP/MP2MP tunnels are used with EVPN multi- 446 homing. 448 By means outside the scope of this document, each VPN/BD/ES is 449 assigned a label from the DCB or one of those few context label 450 spaces, and every PE that is part of the VPN/BD/ES is aware of the 451 assignment. The ES label and the BD label MUST be assigned from the 452 same source. If PE Distinguisher labels are used [RFC7582], they 453 must be allocated from the same source as well. 455 In case of tunnel segmentation, each PE is also assigned a disjoint 456 label block from one of those few context label spaces and it 457 allocates labels for its segmented PMSI routes from its assigned 458 label block. 460 When a PE originates/re-advertises an x-PMSI/IMET route, the route 461 MUST carry a DCB-flag if and only if the label in its PTA is assigned 462 from the DCB. 464 If the VPN/BD/PMSI label is assigned from one of those few context 465 label spaces, a Context Label Space ID Extended Community is attached 466 to the route. The ID-Type in the EC is set to 0 and the ID-Value is 467 set to a label allocated from the DCB and identifies the context 468 label space. When an ingress PE sends traffic, it imposes the DCB 469 label that identifies the context label space after it imposes the 470 label (that is advertised in the PTA's Label field of the x-PMSI/IMET 471 route) for the VPN/BD and/or the label (that is advertised in the ESI 472 Label EC) for the ESI, and then imposes the encapsulation for the 473 transport tunnel. 475 When a PE receives an x-PMSI/IMET route with the Context Label Space 476 ID EC, it programs its default MPLS forwarding table to map the label 477 in the EC that identifies the context label space to a corresponding 478 context label table in which the next label lookup is done for 479 traffic that this PE receives. 481 The receiving PE then programs the label in the PTA or ESI Label EC 482 into either the default mpls forwarding table (if the route carries 483 the DCB-flag) or the context label table (if the Context Label Space 484 ID EC is present) according to the x-PMSI/IMET route. 486 A PE MUST NOT both carry the DCB-flag in an x-PMSI/IMET route and 487 attach the Context Label Space ID EC in the route. A PE MUST ignore 488 a received route with both the DCB-flag and the Context Label Space 489 ID EC attached. If neither the DCB-flag nor the Context Label Space 490 ID EC is attached, the label in the PTA or ESI Label EC is treated as 491 the upstream allocated from the source PE's label space, and 492 procedures in [RFC6514][RFC7432] must be followed. 494 In case of MPLS P2MP tunnels, if two x-PMSI/IMET routes specify the 495 same tunnel, one of the following conditions MUST be met, so that a 496 receiving PE can correctly interpret the label that follows the 497 tunnel label in the right context. 499 o They MUST all have the DCB-flag, or, 501 o They MUST all carry the Context Label Space ID EC, or, 503 o None of them has the DCB-flag, or, 505 o None of them carry the Context Label Space ID EC. 507 4. IANA Considerations 509 This document introduces a DCB-bit in the "Additional PMSI Tunnel 510 Attribute Flags" BGP Extended Community. An IANA request will be 511 submitted for bit 0 as the DCB-bit in the Additional PMSI Tunnel 512 Attribute Flags registry. This is subject to approval/change. 514 This document introduces a new Transitive Opaque Extended Community 515 "Context Label Space ID Extended Community". An IANA request will be 516 submitted for sub-type value 0x15 (subject to approval/change) in the 517 BGP Transitive Opaque Extended Community Sub-Types registry. 519 5. Acknowledgements 521 6. Contributors 523 The following also contributed to this document. 525 Selvakumar Sivaraj 526 Juniper Networks 528 Email: ssivaraj@juniper.net 530 7. References 532 7.1. Normative References 534 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 535 Requirement Levels", BCP 14, RFC 2119, 536 DOI 10.17487/RFC2119, March 1997, 537 . 539 [RFC6513] Rosen, E., Ed. and R. Aggarwal, Ed., "Multicast in MPLS/ 540 BGP IP VPNs", RFC 6513, DOI 10.17487/RFC6513, February 541 2012, . 543 [RFC6514] Aggarwal, R., Rosen, E., Morin, T., and Y. Rekhter, "BGP 544 Encodings and Procedures for Multicast in MPLS/BGP IP 545 VPNs", RFC 6514, DOI 10.17487/RFC6514, February 2012, 546 . 548 [RFC7432] Sajassi, A., Ed., Aggarwal, R., Bitar, N., Isaac, A., 549 Uttaro, J., Drake, J., and W. Henderickx, "BGP MPLS-Based 550 Ethernet VPN", RFC 7432, DOI 10.17487/RFC7432, February 551 2015, . 553 [RFC7524] Rekhter, Y., Rosen, E., Aggarwal, R., Morin, T., 554 Grosclaude, I., Leymann, N., and S. Saad, "Inter-Area 555 Point-to-Multipoint (P2MP) Segmented Label Switched Paths 556 (LSPs)", RFC 7524, DOI 10.17487/RFC7524, May 2015, 557 . 559 [RFC7582] Rosen, E., Wijnands, IJ., Cai, Y., and A. Boers, 560 "Multicast Virtual Private Network (MVPN): Using 561 Bidirectional P-Tunnels", RFC 7582, DOI 10.17487/RFC7582, 562 July 2015, . 564 [RFC7902] Rosen, E. and T. Morin, "Registry and Extensions for 565 P-Multicast Service Interface Tunnel Attribute Flags", 566 RFC 7902, DOI 10.17487/RFC7902, June 2016, 567 . 569 7.2. Informative References 571 [I-D.ietf-bess-evpn-bum-procedure-updates] 572 Zhang, Z., Lin, W., Rabadan, J., Patel, K., and A. 573 Sajassi, "Updates on EVPN BUM Procedures", draft-ietf- 574 bess-evpn-bum-procedure-updates-04 (work in progress), 575 June 2018. 577 [I-D.ietf-bier-evpn] 578 Zhang, Z., Przygienda, T., Sajassi, A., and J. Rabadan, 579 "EVPN BUM Using BIER", draft-ietf-bier-evpn-01 (work in 580 progress), April 2018. 582 [I-D.ietf-bier-mvpn] 583 Rosen, E., Sivakumar, M., Aldrin, S., Dolganow, A., and T. 584 Przygienda, "Multicast VPN Using BIER", draft-ietf-bier- 585 mvpn-11 (work in progress), March 2018. 587 [I-D.ietf-spring-segment-routing] 588 Filsfils, C., Previdi, S., Ginsberg, L., Decraene, B., 589 Litkowski, S., and R. Shakir, "Segment Routing 590 Architecture", draft-ietf-spring-segment-routing-15 (work 591 in progress), January 2018. 593 [RFC5331] Aggarwal, R., Rekhter, Y., and E. Rosen, "MPLS Upstream 594 Label Assignment and Context-Specific Label Space", 595 RFC 5331, DOI 10.17487/RFC5331, August 2008, 596 . 598 Authors' Addresses 600 Zhaohui Zhang 601 Juniper Networks 603 EMail: zzhang@juniper.net 605 Eric Rosen 606 Juniper Networks 608 EMail: erosen@juniper.net 609 Wen Lin 610 Juniper Networks 612 EMail: wlin@juniper.net 614 Zhenbin Li 615 Huawei Technologies 617 EMail: lizhenbin@huawei.com 619 IJsbrand Wijnands 620 Cisco Systems 622 EMail: ice@cisco.com