idnits 2.17.1 draft-ietf-detnet-architecture-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 22 instances of too long lines in the document, the longest one being 4 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 773 has weird spacing: '...mediate inter...' == Line 776 has weird spacing: '...mediate inter...' == Line 1053 has weird spacing: '...e stack v ...' -- The document date (March 13, 2017) is 2593 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'AVnu' is defined on line 1588, but no explicit reference was found in the text == Unused Reference: 'HART' is defined on line 1597, but no explicit reference was found in the text == Unused Reference: 'I-D.ietf-6tisch-architecture' is defined on line 1616, but no explicit reference was found in the text == Unused Reference: 'I-D.ietf-6tisch-tsch' is defined on line 1621, but no explicit reference was found in the text == Unused Reference: 'I-D.ietf-roll-rpl-industrial-applicability' is defined on line 1640, but no explicit reference was found in the text == Unused Reference: 'I-D.svshah-tsvwg-deterministic-forwarding' is defined on line 1646, but no explicit reference was found in the text == Unused Reference: 'IEEE802.11-2012' is defined on line 1656, but no explicit reference was found in the text == Unused Reference: 'IEEE802.1AS-2011' is defined on line 1662, but no explicit reference was found in the text == Unused Reference: 'IEEE802.1TSNTG' is defined on line 1706, but no explicit reference was found in the text == Unused Reference: 'IEEE802154' is defined on line 1720, but no explicit reference was found in the text == Unused Reference: 'IEEE802154e' is defined on line 1726, but no explicit reference was found in the text == Unused Reference: 'ISA95' is defined on line 1737, but no explicit reference was found in the text == Unused Reference: 'ODVA' is defined on line 1741, but no explicit reference was found in the text == Unused Reference: 'Profinet' is defined on line 1748, but no explicit reference was found in the text == Unused Reference: 'RFC5673' is defined on line 1799, but no explicit reference was found in the text == Unused Reference: 'WirelessHART' is defined on line 1832, but no explicit reference was found in the text == Outdated reference: A later version (-30) exists of draft-ietf-6tisch-architecture-11 == Outdated reference: A later version (-09) exists of draft-ietf-detnet-problem-statement-01 == Outdated reference: A later version (-20) exists of draft-ietf-detnet-use-cases-11 == Outdated reference: A later version (-02) exists of draft-varga-detnet-service-model-01 -- Obsolete informational reference (is this intentional?): RFC 5316 (Obsoleted by RFC 9346) Summary: 1 error (**), 0 flaws (~~), 24 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 DetNet N. Finn 3 Internet-Draft Huawei Technologies Co. Ltd 4 Intended status: Standards Track P. Thubert 5 Expires: September 14, 2017 Cisco 6 B. Varga 7 J. Farkas 8 Ericsson 9 March 13, 2017 11 Deterministic Networking Architecture 12 draft-ietf-detnet-architecture-01 14 Abstract 16 Deterministic Networking (DetNet) provides a capability to carry 17 specified unicast or multicast data flows for real-time applications 18 with extremely low data loss rates and bounded latency. Techniques 19 used include: 1) reserving data plane resources for individual (or 20 aggregated) DetNet flows in some or all of the intermediate nodes 21 (e.g. bridges or routers) along the path of the flow; 2) providing 22 explicit routes for DetNet flows that do not rapidly change with the 23 network topology; and 3) distributing data from DetNet flow packets 24 over time and/or space to ensure delivery of each packet's data' in 25 spite of the loss of a path. The capabilities can be managed by 26 configuration, or by manual or automatic network management. 28 Status of This Memo 30 This Internet-Draft is submitted in full conformance with the 31 provisions of BCP 78 and BCP 79. 33 Internet-Drafts are working documents of the Internet Engineering 34 Task Force (IETF). Note that other groups may also distribute 35 working documents as Internet-Drafts. The list of current Internet- 36 Drafts is at http://datatracker.ietf.org/drafts/current/. 38 Internet-Drafts are draft documents valid for a maximum of six months 39 and may be updated, replaced, or obsoleted by other documents at any 40 time. It is inappropriate to use Internet-Drafts as reference 41 material or to cite them other than as "work in progress." 43 This Internet-Draft will expire on September 14, 2017. 45 Copyright Notice 47 Copyright (c) 2017 IETF Trust and the persons identified as the 48 document authors. All rights reserved. 50 This document is subject to BCP 78 and the IETF Trust's Legal 51 Provisions Relating to IETF Documents 52 (http://trustee.ietf.org/license-info) in effect on the date of 53 publication of this document. Please review these documents 54 carefully, as they describe your rights and restrictions with respect 55 to this document. Code Components extracted from this document must 56 include Simplified BSD License text as described in Section 4.e of 57 the Trust Legal Provisions and are provided without warranty as 58 described in the Simplified BSD License. 60 Table of Contents 62 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 63 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 64 2.1. Terms used in this document . . . . . . . . . . . . . . . 4 65 2.2. IEEE 802 TSN to DetNet dictionary . . . . . . . . . . . . 6 66 3. Providing the DetNet Quality of Service . . . . . . . . . . . 6 67 3.1. Congestion protection . . . . . . . . . . . . . . . . . . 8 68 3.2. Explicit routes . . . . . . . . . . . . . . . . . . . . . 9 69 3.3. Jitter Reduction . . . . . . . . . . . . . . . . . . . . 10 70 3.4. Packet Replication and Elimination . . . . . . . . . . . 10 71 3.5. Packet encoding for service protection . . . . . . . . . 12 72 4. DetNet Architecture . . . . . . . . . . . . . . . . . . . . . 12 73 4.1. DetNet systems . . . . . . . . . . . . . . . . . . . . . 12 74 4.1.1. Network reference model . . . . . . . . . . . . . . . 13 75 4.1.2. End system . . . . . . . . . . . . . . . . . . . . . 14 76 4.2. Traffic Engineering for DetNet . . . . . . . . . . . . . 15 77 4.2.1. The Application Plane . . . . . . . . . . . . . . . . 16 78 4.2.2. The Controller Plane . . . . . . . . . . . . . . . . 16 79 4.2.3. The Network Plane . . . . . . . . . . . . . . . . . . 17 80 4.3. DetNet flows . . . . . . . . . . . . . . . . . . . . . . 18 81 4.3.1. DetNet flow types . . . . . . . . . . . . . . . . . . 18 82 4.3.2. Source guarantees . . . . . . . . . . . . . . . . . . 19 83 4.3.3. Incomplete Networks . . . . . . . . . . . . . . . . . 20 84 4.4. Queuing, Shaping, Scheduling, and Preemption . . . . . . 20 85 4.5. Service instance . . . . . . . . . . . . . . . . . . . . 21 86 4.6. Coexistence with normal traffic . . . . . . . . . . . . . 22 87 4.7. Fault Mitigation . . . . . . . . . . . . . . . . . . . . 23 88 4.8. Representative Protocol Stack Model . . . . . . . . . . . 24 89 4.9. Flow identification at technology borders . . . . . . . . 26 90 4.9.1. Exporting flow identification . . . . . . . . . . . . 26 91 4.9.2. Flow attribute mapping between layers . . . . . . . . 27 92 4.9.3. Flow-ID mapping examples . . . . . . . . . . . . . . 28 94 4.10. Advertising resources, capabilities and adjacencies . . . 30 95 4.11. Provisioning model . . . . . . . . . . . . . . . . . . . 31 96 4.11.1. Centralized Path Computation and Installation . . . 31 97 4.11.2. Distributed Path Setup . . . . . . . . . . . . . . . 31 98 4.12. Scaling to larger networks . . . . . . . . . . . . . . . 32 99 4.13. Connected islands vs. networks . . . . . . . . . . . . . 32 100 5. Compatibility with Layer-2 . . . . . . . . . . . . . . . . . 32 101 6. Open Questions . . . . . . . . . . . . . . . . . . . . . . . 33 102 6.1. Flat vs. hierarchical control . . . . . . . . . . . . . . 33 103 6.2. Peer-to-peer reservation protocol . . . . . . . . . . . . 33 104 6.3. Wireless media interactions . . . . . . . . . . . . . . . 34 105 7. Security Considerations . . . . . . . . . . . . . . . . . . . 34 106 8. Privacy Considerations . . . . . . . . . . . . . . . . . . . 35 107 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 35 108 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 35 109 11. Access to IEEE 802.1 documents . . . . . . . . . . . . . . . 35 110 12. Informative References . . . . . . . . . . . . . . . . . . . 35 111 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 41 113 1. Introduction 115 Deterministic Networking (DetNet) is a service that can be offered by 116 a network to DetNet flows. DetNet provides these flows extremely low 117 packet loss rates and assured maximum end-to-end delivery latency. 118 This is accomplished by dedicating network resources such as link 119 bandwidth and buffer space to DetNet flows and/or classes of DetNet 120 flows, and by replicating packets along multiple paths. Unused 121 reserved resources are available to non-DetNet packets. 123 The Deterministic Networking Problem Statement 124 [I-D.ietf-detnet-problem-statement] introduces Deterministic 125 Networking, and Deterministic Networking Use Cases 126 [I-D.ietf-detnet-use-cases] summarizes the need for it. See 127 [I-D.dt-detnet-dp-alt] for a discussion of specific techniques that 128 can be used to identify DetNet Flows and assign them to specific 129 paths through a network. 131 A goal of DetNet is a converged network in all respects. That is, 132 the presence of DetNet flows does not preclude non-DetNet flows, and 133 the benefits offered DetNet flows should not, except in extreme 134 cases, prevent existing QoS mechanisms from operating in a normal 135 fashion, subject to the bandwidth required for the DetNet flows. A 136 single source-destination pair can trade both DetNet and non-DetNet 137 flows. End systems and applications need not instantiate special 138 interfaces for DetNet flows. Networks are not restricted to certain 139 topologies; connectivity is not restricted. Any application that 140 generates a data flow that can be usefully characterized as having a 141 maximum bandwidth should be able to take advantage of DetNet, as long 142 as the necessary resources can be reserved. Reservations can be made 143 by the application itself, via network management, by an applications 144 controller, or by other means. 146 Many applications of interest to Deterministic Networking require the 147 ability to synchronize the clocks in end systems to a sub-microsecond 148 accuracy. Some of the queue control techniques defined in 149 Section 4.4 also require time synchronization among relay and transit 150 nodes. The means used to achieve time synchronization are not 151 addressed in this document. DetNet should accommodate various 152 synchronization techniques and profiles that are defined elsewhere to 153 solve exchange time in different market segments. 155 The present document is an individual contribution, but it is 156 intended by the authors for adoption by the DetNet working group. 158 2. Terminology 160 2.1. Terms used in this document 162 The following special terms are used in this document in order to 163 avoid the assumption that a given element in the architecture does or 164 does not have Internet Protocol stack, functions as a router, bridge, 165 firewall, or otherwise plays a particular role at Layer-2 or higher. 167 App-flow 168 The native format of a DetNet flow. 170 destination 171 An end system capable of receiving a DetNet flow. 173 DetNet domain 174 The portion of a network that is DetNet aware. It includes 175 end systems and other DetNet nodes. 177 DetNet flow 178 A DetNet flow is a sequence of packets to which the DetNet 179 service is to be provided. 181 DetNet compound flow and DetNet member flow 182 A DetNet compound flow is a DetNet flow that has been 183 separated into multiple duplicate DetNet member flows, which 184 are eventually merged back into a single DetNet compound 185 flow, at the DetNet transport layer. "Compound" and "member" 186 are strictly relative to each other, not absolutes; a DetNet 187 compound flow comprising multiple DetNet member flows can, in 188 turn, be a member of a higher-order compound. 190 DetNet intermediate node 191 A DetNet relay node or transit node. 193 DetNet edge node 194 An instance of a DetNet relay node that includes either a 195 DetNet service layer proxy function for DetNet service 196 protection (e.g. the addition or removal of packet sequencing 197 information) for one or more end systems, or starts or 198 terminates congestion protection at the DetNet transport 199 layer, analogous to a Label Edge Router (LER). 201 DetNet-UNI 202 User-to-Network Interface with DetNet specific 203 functionalities. It is a packet-based reference point and 204 may provide multiple functions like encapsulation, status, 205 synchronization, etc. 207 end system 208 Commonly called a "host" or "node" in IETF documents, and an 209 "end station" is IEEE 802 documents. End systems of interest 210 to this document are either sources or destinations of DetNet 211 flows. And end system may or may not be DetNet transport 212 layer aware or DetNet service layer aware. 214 link 215 A connection between two DetNet nodes. It may be composed of 216 a physical link or a sub-network technology that can provide 217 appropriate traffic delivery for DetNet flows. 219 DetNet node 220 A DetNet aware end system, transit node, or relay node. 221 "DetNet" may be omitted in some text. 223 Detnet relay node 224 A DetNet node including a service layer function that 225 interconnects different DetNet transport layer paths to 226 provide service protection. A DetNet relay node can be a 227 bridge, a router, a firewall, or any other system that 228 participates in the DetNet service layer. It typically 229 incorporates DetNet transport layer functions as well, in 230 which case it is collocated with a transit node. 232 reservation 233 A trail of configuration between source to destination(s) 234 through transit nodes and subnets associated with a DetNet 235 flow, to provide congestion protection. 237 DetNet service layer 238 The layer at which service protection is provided, either 239 packet sequencing, replication, and elimination (Section 3.4) 240 or network coding (Section 3.5). 242 source 243 An end system capable of sourcing a DetNet flow. 245 DetNet transit node 246 A node operating at the DetNet transport layer, that utilizes 247 link layer and/or network layer switching across multiple 248 links and/or sub-networks to provide paths for DetNet service 249 layer functions. Optionally provides congestion protection 250 over those paths. An MPLS LSR is an example of a DetNet 251 transit node. 253 DetNet transport layer 254 The layer that optionally provides congestion protection for 255 DetNet flows over paths provided by the underlying network. 257 TSN 258 Time-Sensitive Networking, TSN is a Task Group of the IEEE 259 802.1 Working Group. 261 2.2. IEEE 802 TSN to DetNet dictionary 263 This section also serves as a dictionary for translating from the 264 terms used by the IEEE 802 Time-Sensitive Networking (TSN) Task Group 265 to those of the DetNet WG. 267 Listener 268 The IEEE 802 term for a destination of a DetNet flow. 270 relay system 271 The IEEE 802 term for a DetNet intermediate node. 273 Stream 274 The IEEE 802 term for a DetNet flow. 276 Talker 277 The IEEE 802 term for the source of a DetNet flow. 279 3. Providing the DetNet Quality of Service 281 The DetNet Quality of Service can be expressed in terms of: 283 o Minimum and maximum end-to-end latency from source to destination; 284 timely delivery and jitter avoidance derive from these constraints 286 o Probability of loss of a packet, under various assumptions as to 287 the operational states of the nodes and links. A derived property 288 is whether it is acceptable to deliver a duplicate packet, which 289 is an inherent risk in highly reliable and/or broadcast 290 transmissions 292 It is a distinction of DetNet that it is concerned solely with worst- 293 case values for the end-to-end latency. Average, mean, or typical 294 values are of no interest, because they do not affect the ability of 295 a real-time system to perform its tasks. In general, a trivial 296 priority-based queuing scheme will give better average latency to a 297 data flow than DetNet, but of course, the worst-case latency can be 298 essentially unbounded. 300 Three techniques are used by DetNet to provide these qualities of 301 service: 303 o Congestion protection (Section 3.1). 305 o Explicit routes (Section 3.2). 307 o Service protection. 309 Congestion protection operates by reserving resources along the path 310 of a DetNet Flow, e.g. buffer space or link bandwidth. Congestion 311 protection greatly reduces, or even eliminates entirely, packet loss 312 due to output packet congestion within the network, but it can only 313 be supplied to a DetNet flow that is limited at the source to a 314 maximum packet size and transmission rate. 316 Congestion protection addresses both of the DetNet QoS requirements 317 (latency and packet loss). Given that DetNet nodes have a finite 318 amount of buffer space, congestion protection necessarily results in 319 a maximum end-to-end latency. It also addresses the largest 320 contribution to packet loss, which is buffer congestion. 322 After congestion, the most important contributions to packet loss are 323 typically from random media errors and equipment failures. Service 324 protection is the name for the mechanisms used by DetNet to address 325 these losses. The mechanisms employed are constrained by the 326 requirement to meet the users' latency requirements. Packet 327 replication and elimination (Section 3.4) packet encoding Section 3.5 328 are described in this document to provide service protection; others 329 may be found. Both mechanisms distribute the contents of DetNet 330 flows over multiple paths in time and/or space, so that the loss of 331 some of the paths does need not cause the loss of any packets. The 332 paths are typically (but not necessarily) explicit routes, so that 333 they cannot suffer temporary interruptions caused by the 334 reconvergence of routing or bridging protocols. 336 These three techniques can be applied independently, giving eight 337 possible combinations, including none (no DetNet), although some 338 combinations are of wider utility than others. This separation keeps 339 the protocol stack coherent and maximizes interoperability with 340 existing and developing standards in this (IETF) and other Standards 341 Development Organizations. Some examples of typical expected 342 combinations: 344 o Explicit routes plus service protection are exactly the techniques 345 employed by [HSR-PRP]. Explicit routes are achieved by limiting 346 the physical topology of the network, and the sequentialization, 347 replication, and duplicate elimination are facilitated by packet 348 tags added at the front or the end of Ethernet frames. 350 o Congestion protection alone is is offered by IEEE 802.1 Audio 351 Video bridging [IEEE802.1BA-2011]. As long as the network suffers 352 no failures, zero congestion loss can be achieved through the use 353 of a reservation protocol (MSRP), shapers in every bridge, and a 354 bit of network calculus. 356 o Using all three together gives maximum protection. 358 There are, of course, simpler methods available (and employed, today) 359 to achieve levels of latency and packet loss that are satisfactory 360 for many applications. Prioritization and over-provisioning is one 361 such technique. However, these methods generally work best in the 362 absence of any significant amount of non-critical traffic in the 363 network (if, indeed, such traffic is supported at all), or work only 364 if the critical traffic constitutes only a small portion of the 365 network's theoretical capacity, or work only if all systems are 366 functioning properly, or in the absence of actions by end systems 367 that disrupt the network's operations. 369 There are any number of methods in use, defined, or in progress for 370 accomplishing each of the above techniques. It is expected that this 371 DetNet Architecture will assist various vendors, users, and/or 372 "vertical" Standards Development Organizations (dedicated to a single 373 industry) to make selections among the available means of 374 implementing DetNet networks. 376 3.1. Congestion protection 378 The primary means by which DetNet achieves its QoS assurances is to 379 reduce, or even completely eliminate, congestion at an output port as 380 a cause of packet loss. Given that a DetNet flow cannot be 381 throttled, this can be achieved only by the provision of sufficient 382 buffer storage at each hop through the network to ensure that no 383 packets are dropped due to a lack of buffer storage. 385 Ensuring adequate buffering requires, in turn, that the source, and 386 every intermediate node along the path to the destination (or nearly 387 every node -- see Section 4.3.3) be careful to regulate its output to 388 not exceed the data rate for any DetNet flow, except for brief 389 periods when making up for interfering traffic. Any packet sent 390 ahead of its time potentially adds to the number of buffers required 391 by the next hop, and may thus exceed the resources allocated for a 392 particular DetNet flow. 394 The low-level mechanisms described in Section 4.4 provide the 395 necessary regulation of transmissions by an end system or 396 intermediate node to provide congestion protection. The reservation 397 of the bandwidth and buffers for a DetNet flow requires the 398 provisioning described in Section 4.11. A DetNet node may have other 399 resources requiring allocation and/or scheduling, that might 400 otherwise be over-subscribed and trigger the rejection of a 401 reservation. 403 3.2. Explicit routes 405 In networks controlled by typical peer-to-peer protocols such as IEEE 406 802.1 ISIS bridged networks or IETF OSPF routed networks, a network 407 topology event in one part of the network can impact, at least 408 briefly, the delivery of data in parts of the network remote from the 409 failure or recovery event. Thus, even redundant paths through a 410 network, if controlled by the typical peer-to-peer protocols, do not 411 eliminate the chances of brief losses of contact. 413 Many real-time networks rely on physical rings or chains of two-port 414 devices, with a relatively simple ring control protocol. This 415 supports redundant paths for service protection with a minimum of 416 wiring. As an additional benefit, ring topologies can often utilize 417 different topology management protocols than those used for a mesh 418 network, with a consequent reduction in the response time to topology 419 changes. Of course, this comes at some cost in terms of increased 420 hop count, and thus latency, for the typical path. 422 In order to get the advantages of low hop count and still ensure 423 against even very brief losses of connectivity, DetNet employs 424 explicit routes, where the path taken by a given DetNet flow does not 425 change, at least immediately, and likely not at all, in response to 426 network topology events. Service protection (Section 3.4 or 427 Section 3.5) over explicit routes provides a high likelihood of 428 continuous connectivity. Explicit routes are commonly used in MPLS 429 TE LSPs. 431 3.3. Jitter Reduction 433 A core objective of DetNet is to enable the convergence of Non-IP 434 networks onto a common network infrastructure. This requires the 435 accurate emulation of currently deployed mission-specific networks, 436 which typically rely on point-to-point analog (e.g. 4-20mA 437 modulation) and serial-digital cables (or buses) for highly reliable, 438 synchronized and jitter-free communications. While the latency of 439 analog transmissions is basically the speed of light, legacy serial 440 links are usually slow (in the order of Kbps) compared to, say, GigE, 441 and some latency is usually acceptable. What is not acceptable is 442 the introduction of excessive jitter, which may, for instance, affect 443 the stability of control systems. 445 Applications that are designed to operate on serial links usually do 446 not provide services to recover the jitter, because jitter simply 447 does not exists there. Streams of information are expected to be 448 delivered in-order and the precise time of reception influences the 449 processes. In order to converge such existing applications, there is 450 a desire to emulate all properties of the serial cable, such as clock 451 transportation, perfect flow isolation and fixed latency. While 452 minimal jitter (in the form of specifying minimum, as well as 453 maximum, end-to-end latency) is supported by DetNet, there are 454 practical limitations on packet-based networks in this regard. In 455 general, users are encouraged to use, instead of, "do this when you 456 get the packet," a combination of: 458 o Sub-microsecond time synchronization among all source and 459 destination end systems, and 461 o Time-of-execution fields in the application packets. 463 Jitter reduction is provided by the mechanisms described in 464 Section 4.4 that also provide congestion protection. 466 3.4. Packet Replication and Elimination 468 After congestion loss has been eliminated, the most important causes 469 of packet loss are random media and/or memory faults, and equipment 470 failures. Both causes of packet loss can be greatly reduced by 471 spreading the data in a packet over multiple transmissions. One such 472 method for service protection is described in this section, which 473 sends the same packets over multiple paths. See also Section 3.5. 475 Packet replication and elimination, also known as seamless redundancy 476 [HSR-PRP], or 1+1 hitless protection, is a function of the DetNet 477 service layer. It involves three capabilities: 479 o Providing sequencing information, once, at or near the source, to 480 the packets of a DetNet compound flow. This may be done by adding 481 a sequence number or time stamp as part of DetNet, or may be 482 inherent in the packet, e.g. in a transport protocol, or 483 associated to other physical properties such as the precise time 484 (and radio channel) of reception of the packet. Section 3.2. 486 o Replicating these packets into multiple DetNet member flows and, 487 typically, sending them along at least two different paths to the 488 destination(s), e.g. over the explicit routes of 490 o Eliminating duplicated packets. This may be done at any step 491 along the path to save network resources further down, in 492 particular if multiple Replication points exist. But the most 493 common case is to perform this operation at the very edge of the 494 DetNet network, preferably in or near the receiver. 496 This function is a "hitless" version of, e.g., the 1+1 linear 497 protection in [RFC6372]. That is, instead of switching from one flow 498 to the other when a failure of a flow is detected, DetNet combines 499 both flows, and performs a packet-by-packet selection of which to 500 discard, based on sequence number. 502 In the simplest case, this amounts to replicating each packet in a 503 source that has two interfaces, and conveying them through the 504 network, along separate paths, to the similarly dual-homed 505 destinations, that discard the extras. This ensures that one path 506 (with zero congestion loss) remains, even if some intermediate node 507 fails. The sequence numbers can also be used for loss detection and 508 for re-ordering. 510 Detnet relay nodes in the network can provide replication and 511 elimination facilities at various points in the network, so that 512 multiple failures can be accommodated. 514 This is shown in the following figure, where the two relay nodes each 515 replicate (R) the DetNet flow on input, sending the DetNet member 516 flows to both the other relay node and to the end system, and 517 eliminate duplicates (E) on the output interface to the right-hand 518 end system. Any one link in the network can fail, and the Detnet 519 compound flow can still get through. Furthermore, two links can 520 fail, as long as they are in different segments of the network. 522 Packet replication and elimination 524 > > > > > > > > > relay > > > > > > > > 525 > /------------+ R node E +------------\ > 526 > / v + ^ \ > 527 end R + v | ^ + E end 528 system + v | ^ + system 529 > \ v + ^ / > 530 > \------------+ R relay E +-----------/ > 531 > > > > > > > > > node > > > > > > > > 533 Figure 1 535 Note that packet replication and elimination does not react to and 536 correct failures; it is entirely passive. Thus, intermittent 537 failures, mistakenly created packet filters, or misrouted data is 538 handled just the same as the equipment failures that are detected 539 handled by typical routing and bridging protocols. 541 If packet replication and elimination is used over paths providing 542 congestion protection (Section 3.1), and member flows that take 543 different-length paths through the network are combined, a merge 544 point may require extra buffering to equalize the delays over the 545 different paths. This equalization ensures that the resultant 546 compound flow will not exceed its contracted bandwidth even after one 547 or the other of the paths is restored after a failure. 549 3.5. Packet encoding for service protection 551 There are methods for using multiple paths to provide service 552 protection that involve encoding the information in a packet 553 belonging to a DetNet flow into multiple transmission units, 554 typically combining information from multiple packets into any given 555 transmission unit. Such techniques may be applicable for use as a 556 DetNet service protection technique, assuming that the DetNet users' 557 needs for timeliness of delivery and freedom from interference with 558 misbehaving DetNet flows can be met. 560 No specific mechanisms are defined here, at this time. This section 561 will either be enhanced or removed. Contributions are invited. 563 4. DetNet Architecture 565 4.1. DetNet systems 566 4.1.1. Network reference model 568 The figure below shows the DetNet service related reference points 569 and main components (Figure 2). 571 DetNet DetNet 572 end system end system 573 _ _ 574 / \ +----DetNet-UNI (U) / \ 575 /App\ | /App\ 576 /-----\ | /-----\ 577 | NIC | v ________ | NIC | 578 +--+--+ _____ / \ DetNet-UNI (U) --+ +--+--+ 579 | / \__/ \ | | 580 | / +----+ +----+ \_____ | | 581 | / | | | | \_______ | | 582 +--------U PE +----+ P +----+ \ _ v | 583 | | | | | | | ___/ \ | 584 | +--+-+ +----+ | +----+ | / \_ | 585 \ | | | | | / \ | 586 \ | +----+ +--+-+ +--+PE |---------- U------+ 587 \ | | | | | | | | | \_ _/ 588 \ +---+ P +----+ P +--+ +----+ | \____/ 589 \___ | | | | / 590 \ +----+__ +----+ DetNet-1 DetNet-2 591 | \_____/ \___________/ | 592 | | 593 | | End-to-End-Service | | | | 594 <--------------------------------------------------------------------> 595 | | DetNet-Service | | | | 596 | <----------------------------------------------------> | 597 | | | | | | 599 Figure 2: DetNet Service Reference Model (multi-domain) 601 DetNet-UNIs ("U" in Figure 2) are assumed in this document to be 602 packet-based reference points and provide connectivity over the 603 packet network. A DetNet-UNI may provide multiple functions, e.g., 604 it may add networking technology specific encapsulation to the DetNet 605 flows if necessary; it may provide status of the availability of the 606 connection associated to a reservation; it may provide a 607 synchronization service for the end system; it may carry enough 608 signaling to place the reservation in a network without a controller, 609 or if the controller only deals with the network but not the end 610 points. Internal reference points of end systems (between the 611 application and the NIC) are more challenging from control 612 perspective and they may have extra requirements (e.g., in-order 613 delivery is expected in end system internal reference points, whereas 614 it is considered optional over the DetNet-UNI), therefore not covered 615 in this document. 617 4.1.2. End system 619 The native data flow between the source/destination end systems is 620 referred to as application-flow (App-flow). The traffic 621 characteristics of an App-flow can be CBR (constant bit rate) or VBR 622 (variable bit rate) and can have L1 or L2 or L3 encapsulation (e.g., 623 TDM (time-division multiplexing), Ethernet, IP). These 624 characteristics are considered as input for resource reservation and 625 might be simplified to ensure determinism during transport (e.g., 626 making reservations for the peak rate of VBR traffic, etc.). 628 An end system may or may not be DetNet transport layer aware or 629 DetNet service layer aware. That is, an end system may or may not 630 contain DetNet specific functionality. End systems with DetNet 631 functionalities may have the same or different transport layer as the 632 connected DetNet domain. Grouping of end systems are shown in 633 Figure 3. 635 End system 636 | 637 | 638 | DetNet aware ? 639 / \ 640 +------< >------+ 641 NO | \ / | YES 642 | v | 643 DetNet unaware | 644 End system | 645 | Service/ 646 | Transport 647 / \ aware ? 648 +--------< >-------------+ 649 t-aware | \ / | s-aware 650 | v | 651 | | both | 652 | | | 653 DetNet t-aware | DetNet s-aware 654 End system | End system 655 v 656 DetNet st-aware 657 End system 659 Figure 3: Grouping of end systems 661 Note some known use cases for end systems: 663 o DetNet unaware: The classic case requiring network proxies. 665 o DetNet t-aware: An extant TSN system. It knows about some TSN 666 functions (e.g., reservation), but not about replication/ 667 elimination. 669 o DetNet s-aware: An extant IEC 62439-3 system. It supplies 670 sequence numbers, but doesn't know about zero congestion loss. 672 o DetNet st-aware: A full functioning DetNet end station, it has 673 DetNet functionalities and usually the same forwarding paradigm as 674 the connected DetNet domain. It can be treated as an integral 675 part of the DetNet domain . 677 4.2. Traffic Engineering for DetNet 679 Traffic Engineering Architecture and Signaling (TEAS) [TEAS] defines 680 traffic-engineering architectures for generic applicability across 681 packet and non-packet networks. From TEAS perspective, Traffic 682 Engineering (TE) refers to techniques that enable operators to 683 control how specific traffic flows are treated within their networks. 685 Because if its very nature of establishing explicit optimized paths, 686 Deterministic Networking can be seen as a new, specialized branch of 687 Traffic Engineering, and inherits its architecture with a separation 688 into planes. 690 The Deterministic Networking architecture is thus composed of three 691 planes, a (User) Application Plane, a Controller Plane, and a Network 692 Plane, which echoes that of Figure 1 of Software-Defined Networking 693 (SDN): Layers and Architecture Terminology [RFC7426].: 695 4.2.1. The Application Plane 697 Per [RFC7426], the Application Plane includes both applications and 698 services. In particular, the Application Plane incorporates the User 699 Agent, a specialized application that interacts with the end user / 700 operator and performs requests for Deterministic Networking services 701 via an abstract Flow Management Entity, (FME) which may or may not be 702 collocated with (one of) the end systems. 704 At the Application Plane, a management interface enables the 705 negotiation of flows between end systems. An abstraction of the flow 706 called a Traffic Specification (TSpec) provides the representation. 707 This abstraction is used to place a reservation over the (Northbound) 708 Service Interface and within the Application plane. It is associated 709 with an abstraction of location, such as IP addresses and DNS names, 710 to identify the end systems and eventually specify intermediate 711 nodes. 713 4.2.2. The Controller Plane 715 The Controller Plane corresponds to the aggregation of the Control 716 and Management Planes in [RFC7426], though Common Control and 717 Measurement Plane (CCAMP) [CCAMP] makes an additional distinction 718 between management and measurement. When the logical separation of 719 the Control, Measurement and other Management entities is not 720 relevant, the term Controller Plane is used for simplicity to 721 represent them all, and the term controller refers to any device 722 operating in that plane, whether is it a Path Computation entity or a 723 Network Management entity (NME). The Path Computation Element (PCE) 724 [PCE] is a core element of a controller, in charge of computing 725 Deterministic paths to be applied in the Network Plane. 727 A (Northbound) Service Interface enables applications in the 728 Application Plane to communicate with the entities in the Controller 729 Plane. 731 One or more PCE(s) collaborate to implement the requests from the FME 732 as Per-Flow Per-Hop Behaviors installed in the intermediate nodes for 733 each individual flow. The PCEs place each flow along a deterministic 734 sequence of intermediate nodes so as to respect per-flow constraints 735 such as security and latency, and optimize the overall result for 736 metrics such as an abstract aggregated cost. The deterministic 737 sequence can typically be more complex than a direct sequence and 738 include redundancy path, with one or more packet replication and 739 elimination points. 741 4.2.3. The Network Plane 743 The Network Plane represents the network devices and protocols as a 744 whole, regardless of the Layer at which the network devices operate. 745 It includes Forwarding Plane (data plane), Application, and 746 Operational Plane (control plane) aspects. 748 The network Plane comprises the Network Interface Cards (NIC) in the 749 end systems, which are typically IP hosts, and intermediate nodes, 750 which are typically IP routers and switches. Network-to-Network 751 Interfaces such as used for Traffic Engineering path reservation in 752 [RFC5921], as well as User-to-Network Interfaces (UNI) such as 753 provided by the Local Management Interface (LMI) between network and 754 end systems, are both part of the Network Plane, both in the control 755 plane and the data plane. 757 A Southbound (Network) Interface enables the entities in the 758 Controller Plane to communicate with devices in the Network Plane. 759 This interface leverages and extends TEAS to describe the physical 760 topology and resources in the Network Plane. 762 Flow Management Entity 764 End End 765 System System 767 -+-+-+-+-+-+-+ Northbound -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- 769 PCE PCE PCE PCE 771 -+-+-+-+-+-+-+ Southbound -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- 773 intermediate intermed. intermed. intermed. 774 Node Node Node Node 775 NIC NIC 776 intermediate intermed. intermed. intermed. 777 Node Node Node Node 779 Figure 4 781 The intermediate nodes (and eventually the end systems NIC) expose 782 their capabilities and physical resources to the controller (the 783 PCE), and update the PCE with their dynamic perception of the 784 topology, across the Southbound Interface. In return, the PCE(s) set 785 the per-flow paths up, providing a Flow Characterization that is more 786 tightly coupled to the intermediate node Operation than a TSpec. 788 At the Network plane, intermediate nodes may exchange information 789 regarding the state of the paths, between adjacent systems and 790 eventually with the end systems, and forward packets within 791 constraints associated to each flow, or, when unable to do so, 792 perform a last resort operation such as drop or declassify. 794 This specification focuses on the Southbound interface and the 795 operation of the Network Plane. 797 4.3. DetNet flows 799 4.3.1. DetNet flow types 801 A DetNet flow can have different formats during while it is 802 transported between the peer end systems. Therefore, the following 803 possible types / formats of a DetNet flow are distinguished in this 804 document: 806 o App-flow: native format of a DetNet flow. It does not contain any 807 DetNet related attributes. 809 o DetNet-t-flow: specific format of a DetNet flow. Only requires 810 the congestion / latency features provided by the Detnet transport 811 layer. 813 o DetNet-s-flow: specific format of a DetNet flow. Only requires 814 the replication/elimination feature ensured by the DetNet service 815 layer. 817 o DetNet-st-flow: specific format of a DetNet flow. It requires 818 both DetNet Service and Transport layer functions during 819 forwarding. 821 4.3.2. Source guarantees 823 For the purposes of congestion protection, DetNet flows can be 824 synchronous or asynchronous. In synchronous DetNet flows, at least 825 the intermediate nodes (and possibly the end systems) are closely 826 time synchronized, typically to better than 1 microsecond. By 827 transmitting packets from different DetNet flows or classes of DetNet 828 flows at different times, using repeating schedules synchronized 829 among the intermediate nodes, resources such as buffers and link 830 bandwidth can be shared over the time domain among different DetNet 831 flows. There is a tradeoff among techniques for synchronous DetNet 832 flows between the burden of fine-grained scheduling and the benefit 833 of reducing the required resources, especially buffer space. 835 In contrast, asynchronous DetNet flows are not coordinated with a 836 fine-grained schedule, so relay and end systems must assume worst- 837 case interference among DetNet flows contending for buffer resources. 838 Asynchronous DetNet flows are characterized by: 840 o A maximum packet size; 842 o An observation interval; and 844 o A maximum number of transmissions during that observation 845 interval. 847 These parameters, together with knowledge of the protocol stack used 848 (and thus the size of the various headers added to a packet), limit 849 the number of bit times per observation interval that the DetNet flow 850 can occupy the physical medium. 852 The source promises that these limits will not be exceeded. If the 853 source transmits less data than this limit allows, the unused 854 resources such as link bandwidth can be made available by the system 855 to non-DetNet packets. However, making those resources available to 856 DetNet packets in other DetNet flows would serve no purpose. Those 857 other DetNet flows have their own dedicated resources, on the 858 assumption that all DetNet flows can use all of their resources over 859 a long period of time. 861 Note that there is no provision in DetNet for throttling DetNet flows 862 (reducing the transmission rate via feedback); the assumption is that 863 a DetNet flow, to be useful, must be delivered in its entirety. That 864 is, while any useful application is written to expect a certain 865 number of lost packets, the real-time applications of interest to 866 DetNet demand that the loss of data due to the network is 867 extraordinarily infrequent. 869 Although DetNet strives to minimize the changes required of an 870 application to allow it to shift from a special-purpose digital 871 network to an Internet Protocol network, one fundamental shift in the 872 behavior of network applications is impossible to avoid: the 873 reservation of resources before the application starts. In the first 874 place, a network cannot deliver finite latency and practically zero 875 packet loss to an arbitrarily high offered load. Secondly, achieving 876 practically zero packet loss for unthrottled (though bandwidth 877 limited) DetNet flows means that bridges and routers have to dedicate 878 buffer resources to specific DetNet flows or to classes of DetNet 879 flows. The requirements of each reservation have to be translated 880 into the parameters that control each system's queuing, shaping, and 881 scheduling functions and delivered to the hosts, bridges, and 882 routers. 884 4.3.3. Incomplete Networks 886 The presence in the network of transit nodes or subnets that are not 887 fully capable of offering DetNet services complicates the ability of 888 the intermediate nodes and/or controller to allocate resources, as 889 extra buffering, and thus extra latency, must be allocated at points 890 downstream from the non-DetNet intermediate node for a DetNet flow. 892 4.4. Queuing, Shaping, Scheduling, and Preemption 894 DetNet achieves congestion protection and bounded delivery latency by 895 reserving bandwidth and buffer resources at every hop along the path 896 of the DetNet flow. The reservation itself is not sufficient, 897 however. Implementors and users of a number of proprietary and 898 standard real-time networks have found that standards for specific 899 data plane techniques are required to enable these assurances to be 900 made in a multi-vendor network. The fundamental reason is that 901 latency variation in one system results in the need for extra buffer 902 space in the next-hop system(s), which in turn, increases the worst- 903 case per-hop latency. 905 Standard queuing and transmission selection algorithms allow a 906 central controller to compute the latency contribution of each 907 transit node to the end-to-end latency, to compute the amount of 908 buffer space required in each transit node for each incremental 909 DetNet flow, and most importantly, to translate from a flow 910 specification to a set of values for the managed objects that control 911 each relay or end system. The IEEE 802 has specified (and is 912 specifying) a set of queuing, shaping, and scheduling algorithms that 913 enable each transit node (bridge or router), and/or a central 914 controller, to compute these values. These algorithms include: 916 o A credit-based shaper [IEEE802.1Q-2014] Clause 34. 918 o Time-gated queues governed by a rotating time schedule, 919 synchronized among all transit nodes [IEEE802.1Qbv]. 921 o Synchronized double (or triple) buffers driven by synchronized 922 time ticks. [IEEE802.1Qch]. 924 o Pre-emption of an Ethernet packet in transmission by a packet with 925 a more stringent latency requirement, followed by the resumption 926 of the preempted packet [IEEE802.1Qbu], [IEEE802.3br]. 928 While these techniques are currently embedded in Ethernet and 929 bridging standards, we can note that they are all, except perhaps for 930 packet preemption, equally applicable to other media than Ethernet, 931 and to routers as well as bridges. 933 4.5. Service instance 935 [Note: Service instance represents all the functions required on a 936 node to allow the end-to-end service between the UNIs.] 938 The DetNet network reference model is shown in Figure 5 for a DetNet- 939 Service scenario (i.e. between two DetNet-UNIs). In this figure, the 940 end systems ("A" and "B") are connected directly to the edge nodes of 941 the IP/MPLS network ("PE1" and "PE2"). End-systems participating 942 DetNet communication may require connectivity before setting up an 943 App-flow that requires the DetNet service. Such a connectivity 944 related service instance and the one dedicated for DetNet service 945 share the same access. Packets belonging to a DetNet flow are 946 selected by a filter configured on the access ("F1" and "F2"). As a 947 result, data flow specific access ("access-A + F1" and "access-B + 948 F2") are terminated in the flow specific service instance ("SI-1" and 949 "SI-2"). A tunnel is used to provide connectivity between the 950 service instances. 952 The tunnel is used to transport exclusively the packets of the DetNet 953 flow between "SI-1" and "SI-2". The service instances are configured 954 to implement DetNet functions and a flow specific routing or bridging 955 function depending on what connectivity the participating end systems 956 require (L3 or L2). The service instance and the tunnel may or may 957 not be shared by multiple DetNet flows. Sharing the service instance 958 by multiple DetNet flows requires properly populated forwarding 959 tables of the service instance. 961 access-A access-B 962 <-----> <---------- tunnel ----------> <-----> 964 +---------+ ___ _ +---------+ 965 End system | +----+ | / \/ \_ | +----+ | End system 966 "A" -------F1+ | | / \ | | +F2----- "B" 967 | | +==========+ IP/MPLS +========+ | | 968 | |SI-1| | \__ Net._/ | |SI-2| | 969 | +----+ | \____/ | +----+ | 970 |PE1 | | PE2| 971 +---------+ +---------+ 973 Figure 5: DetNet network reference model 975 [Note: The tunnel between the service instances may have some special 976 characteristics. For example, in case of a "packet PW" based tunnel, 977 there are differences in the usage of the packet PW for DetNet 978 traffic compared to the network model described in [RFC6658]. In the 979 DetNet scenario, the packet PW is used exclusively by the DetNet 980 flow, whereas [RFC6658] states: "The packet PW appears as a single 981 point-to-point link to the client layer. Network-layer adjacency 982 formation and maintenance between the client equipments will follow 983 the normal practice needed to support the required relationship in 984 the client layer ... This packet pseudowire is used to transport all 985 of the required layer 2 and layer 3 protocols between LSR1 and 986 LSR2".] 988 [Note: Examples are provided in Annex 1 of 989 [I-D.varga-detnet-service-model].] 991 4.6. Coexistence with normal traffic 993 A DetNet network supports the dedication of a high proportion (e.g. 994 75%) of the network bandwidth to DetNet flows. But, no matter how 995 much is dedicated for DetNet flows, it is a goal of DetNet to coexist 996 with existing Class of Service schemes (e.g., DiffServ). It is also 997 important that non-DetNet traffic not disrupt the DetNet flow, of 998 course (see Section 4.7 and Section 7). For these reasons: 1000 o Bandwidth (transmission opportunities) not utilized by a DetNet 1001 flow are available to non-DetNet packets (though not to other 1002 DetNet flows). 1004 o DetNet flows can be shaped or scheduled, in order to ensure that 1005 the highest-priority non-DetNet packet also is ensured a worst- 1006 case latency (at any given hop). 1008 o When transmission opportunities for DetNet flows are scheduled in 1009 detail, then the algorithm constructing the schedule should leave 1010 sufficient opportunities for non-DetNet packets to satisfy the 1011 needs of the users of the network. Detailed scheduling can also 1012 permit the time-shared use of buffer resources by different DetNet 1013 flows. 1015 Ideally, the net effect of the presence of DetNet flows in a network 1016 on the non-DetNet packets is primarily a reduction in the available 1017 bandwidth. 1019 4.7. Fault Mitigation 1021 One key to building robust real-time systems is to reduce the 1022 infinite variety of possible failures to a number that can be 1023 analyzed with reasonable confidence. DetNet aids in the process by 1024 providing filters and policers to detect DetNet packets received on 1025 the wrong interface, or at the wrong time, or in too great a volume, 1026 and to then take actions such as discarding the offending packet, 1027 shutting down the offending DetNet flow, or shutting down the 1028 offending interface. 1030 It is also essential that filters and service remarking be employed 1031 at the network edge to prevent non-DetNet packets from being mistaken 1032 for DetNet packets, and thus impinging on the resources allocated to 1033 DetNet packets. 1035 There exist techniques, at present and/or in various stages of 1036 standardization, that can perform these fault mitigation tasks that 1037 deliver a high probability that misbehaving systems will have zero 1038 impact on well-behaved DetNet flows, except of course, for the 1039 receiving interface(s) immediately downstream of the misbehaving 1040 device. Examples of such techniques include traffic policing 1041 functions (e.g. [RFC2475]) and separating flows into per-flow rate- 1042 limited queues. 1044 4.8. Representative Protocol Stack Model 1046 Figure 6 illustrates a conceptual DetNet data plane layering model. 1047 One may compare it to that in [IEEE802.1CB], Annex C, a work in 1048 progress. 1050 DetNet data plane protocol stack 1052 | packets going | ^ packets coming ^ 1053 v down the stack v | up the stack | 1054 +----------------------+ +-----------------------+ 1055 | Source | | Destination | 1056 +----------------------+ +-----------------------+ 1057 | Service layer | | Service layer | 1058 | Packet sequencing | | Duplicate elimination | 1059 | Flow duplication | | Flow merging | 1060 | Packet encoding | | Packet decoding | 1061 +----------------------+ +-----------------------+ 1062 | Transport layer | | Transport layer | 1063 | Congestion prot. | | Congestion prot. | 1064 +----------------------+ +-----------------------+ 1065 | Lower layers | | Lower layers | 1066 +----------------------+ +-----------------------+ 1067 v ^ 1068 \_________________________/ 1070 Figure 6 1072 Not all layers are required for any given application, or even for 1073 any given network. The layers are, from top to bottom: 1075 Application 1076 Shown as "source" and "destination" in the diagram. 1078 OAM 1079 Operations, Administration, and Maintenance leverages in-band 1080 and out-of-and signaling that validates whether the service 1081 is effectively obtained within QoS constraints. OAM is not 1082 shown in Figure 6; it may reside in any number of the layers. 1083 OAM can involve specific tagging added in the packets for 1084 tracing implementation or network configuration errors; 1085 traceability enables to find whether a packet is a replica, 1086 which relay node performed the replication, and which segment 1087 was intended for the replica. 1089 Packet sequencing 1090 As part of DetNet service protection, supplies the sequence 1091 number for packet replication and elimination (Section 3.4). 1093 Peers with Duplicate elimination. This layer is not needed 1094 if a higher-layer transport protocol is expected to perform 1095 any packet sequencing and duplicate elimination required by 1096 the DetNet flow duplication. 1098 Duplicate elimination 1099 As part of the DetNet service layer, based on the sequenced 1100 number supplied by its peer, packet sequencing, Duplicate 1101 elimination discards any duplicate packets generated by 1102 DetNet flow duplication. It can operate on member flows, 1103 compound flows, or both. The duplication may also be 1104 inferred from other information such as the precise time of 1105 reception in a scheduled network. The duplicate elimination 1106 layer may also perform resequencing of packets to restore 1107 packet order in a flow that was disrupted by the loss of 1108 packets on one or another of the multiple paths taken. 1110 Flow duplication 1111 As part of DetNet service protection, replicates packets that 1112 belong to a DetNet compound flow into two or more DetNet 1113 member flows. Note that this function is separate from 1114 packet sequencing. Flow duplication can be an explicit 1115 duplication and remarking of packets, or can be performed by, 1116 for example, techniques similar to ordinary multicast 1117 replication. Peers with DetNet flow merging. 1119 Network flow merging 1120 As part of DetNet service protection, merges DetNet member 1121 flows together for packets coming up the stack belonging to a 1122 specific DetNet compound flow. Peers with DetNet flow 1123 duplication. DetNet flow merging, together with packet 1124 sequencing, duplicate elimination, and DetNet flow 1125 duplication, performs packet replication and elimination 1126 (Section 3.4). 1128 Packet encoding 1129 As part of DetNet service protection, as an alternative to 1130 packet sequencing and flow duplication, packet encoding 1131 combines the information in multiple DetNet packets, perhaps 1132 from different DetNet compound flows, and transmits that 1133 information in packets on different DetNet member Flows. 1134 Peers with Packet decoding. 1136 Packet decoding 1137 As part of DetNet service protection, as an alternative to 1138 flow merging and duplicate elimination, packet decoding takes 1139 packets from different DetNet member flows, and computes from 1140 those packets the original DetNet packets from the compound 1141 flows input to packet encoding. Peers with Packet encoding. 1143 Congestio protection 1144 The DetNet transport layer provides congestion protection. 1145 See Section 4.4. The actual queuing and shaping mechanisms 1146 are typically provided by underlying subnet layers, but since 1147 these are can be closely associated with the means of 1148 providing paths for DetNet flows (e.g. MPLS LSPs or {VLAN, 1149 multicast destination MAC address} pairs), the path and the 1150 congestion protection are conflated in this figure. 1152 Note that the packet sequencing and duplication elimination functions 1153 at the source and destination ends of a DetNet compound flow may be 1154 performed either in the end system or in a DetNet edge node. The 1155 reader must not confuse a DetNet edge function with other kinds of 1156 edge functions, e.g. an Label Edge Router, although the two functions 1157 may be performed together. The DetNet edge function is concerned 1158 with sequencing packets belonging to DetNet flows. The LER with 1159 encapsulating/decapsulating packets for transport, and is considered 1160 part of the network underlying the DetNet transport layer. 1162 4.9. Flow identification at technology borders 1164 4.9.1. Exporting flow identification 1166 An interesting feature of DetNet, and one that invites 1167 implementations that can be accused of "layering violations", is the 1168 need for lower layers to be aware of specific flows at higher layers, 1169 in order to provide specific queuing and shaping services for 1170 specific flows. For example: 1172 o A non-IP, strictly L2 source end system X may be sending multiple 1173 flows to the same L2 destination end system Y. Those flows may 1174 include DetNet flows with different QoS requirements, and may 1175 include non-DetNet flows. 1177 o A router may be sending any number of flows to another router. 1178 Again, those flows may include DetNet flows with different QoS 1179 requirements, and may include non-DetNet flows. 1181 o Two routers may be separated by bridges. For these bridges to 1182 perform any required per-flow queuing and shaping, they must be 1183 able to identify the individual flows. 1185 o A Label Edge Router (LERs) may have a Label Switched Path (LSP) 1186 set up for handling traffic destined for a particular IP address 1187 carrying only non-DetNet flows. If a DetNet flow to that same 1188 address is requested, a separate LSP may be needed, in order that 1189 all of the Label Switch Routers (LSRs) along the path to the 1190 destination give that flow special queuing and shaping. 1192 The need for a lower-level DetNet node to be aware of individual 1193 higher-layer flows is not unique to DetNet. But, given the endless 1194 complexity of layering and relayering over tunnels that is available 1195 to network designers, DetNet needs to provide a model for flow 1196 identification that is at least somewhat better than packet 1197 inspection. That is not to say that packet inspection to layer 4 or 1198 5 addresses will not be used, or the capability standardized; but, 1199 there are alternatives. 1201 A DetNet relay node can connect DetNet flows on different paths using 1202 different flow identification methods. For example: 1204 o A single unicast DetNet flow passing from router A through a 1205 bridged network to router B may be assigned a {VLAN, multicast 1206 destination MAC address} pair that is unique within that bridged 1207 network. The bridges can then identify the flow without accessing 1208 higher-layer headers. Of course, the receiving router must 1209 recognize and accept that multicast MAC address. 1211 o A DetNet flow passing from LSR A to LSR B may be assigned a 1212 different label than that used for other flows to the same IP 1213 destination. 1215 In any of the above cases, it is possible that an existing DetNet 1216 flow can be used as a carrier for multiple DetNet sub-flows. (Not to 1217 be confused with DetNet compound vs. member flows.) Of course, this 1218 requires that the aggregate DetNet flow be provisioned properly to 1219 carry the sub-flows. 1221 Thus, rather than packet inspection, there is the option to export 1222 higher-layer information to the lower layer. The requirement to 1223 support one or the other method for flow identification (or both) is 1224 the essential complexity that DetNet brings to existing control plane 1225 models. 1227 4.9.2. Flow attribute mapping between layers 1229 Transport of DetNet flows over multiple technology domains may 1230 require that lower layers are aware of specific flows of higher 1231 layers. Such an "exporting of flow identification" is needed each 1232 time when the forwarding paradigm is changed on the transport path 1233 (e.g., two LSRs are interconnected by a L2 bridged domain, etc.). 1234 The three main forwarding methods considered for deterministic 1235 networking are: 1237 o IP routing 1239 o MPLS label switching 1241 o Ethernet bridging 1243 Note: at the time of this publication, the exact format of flow 1244 identification is still WIP. 1246 [Note: Seq-num attribute may require a similar functionality at 1247 technology border nodes.] 1249 add/remove add/remove 1250 Eth Flow-ID IP Flow-ID 1251 | | 1252 v v 1253 +-----------------------------------------------------------+ 1254 | | | | | 1255 | Eth | MPLS | IP | Application data | 1256 | | | | | 1257 +-----------------------------------------------------------+ 1258 ^ 1259 | 1260 add/remove 1261 MPLS Flow-ID 1263 Figure 7: Packet with multiple Flow-IDs 1265 The additional (domain specific) Flow-ID can be 1267 o created by a domain specific function or 1269 o derived from the Flow-ID added to the App-flow, 1271 so that it must be unique inside the given domain. Note, that the 1272 Flow-ID added to the App-flow is still present in the packet, but 1273 transport nodes may lack the function to recognize it; that's why the 1274 additional Flow-ID is added (pushed). 1276 4.9.3. Flow-ID mapping examples 1278 IP nodes and MPLS nodes are assumed to be configured to push such an 1279 additional (domain specific) Flow-ID when sending traffic to an 1280 Ethernet switch (as shown in the examples below). 1282 Figure 8 shows a scenario where an IP end system ("IP-A") is 1283 connected via two Ethernet switches ("ETH-n") to an IP router ("IP- 1284 1"). 1286 IP domain 1287 <----------------------------------------------- 1289 +======+ +======+ 1290 |L3-ID | |L3-ID | 1291 +======+ /\ +-----+ +======+ 1292 / \ Forward as | | 1293 /IP-A\ per ETH-ID |IP-1 | Recognize 1294 Push ------> +-+----+ | +---+-+ <----- ETH-ID 1295 ETH-ID | +----+-----+ | 1296 | v v | 1297 | +-----+ +-----+ | 1298 +------+ | | +---------+ 1299 +......+ |ETH-1+----+ETH-2| +======+ 1300 .L3-ID . +-----+ +-----+ |L3-ID | 1301 +======+ +......+ +======+ 1302 |ETH-ID| .L3-ID . |ETH-ID| 1303 +======+ +======+ +------+ 1304 |ETH-ID| 1305 +======+ 1307 Ethernet domain 1308 <----------------> 1310 Figure 8: IP nodes interconnected by an Ethernet domain 1312 End system "IP-A" uses the original App-flow specific ID ("L3-ID"), 1313 but as it is connected to an Ethernet domain it has to push an 1314 Ethernet-domain specific flow-ID ("VID + multicast MAC address", 1315 referred as "ETH-ID") before sending the packet to "ETH-1" node. 1316 Ethernet switch "ETH-1" can recognize the data flow based on the 1317 "ETH-ID" and it does forwarding toward "ETH-2". "ETH-2" switches the 1318 packet toward the IP router. "IP-1" must be configured to receive 1319 the Ethernet Flow-ID specific multicast stream, but (as it is an L3 1320 node) it decodes the data flow ID based on the "L3-ID" fields of the 1321 received packet. 1323 Figure 9 shows a scenario where MPLS domain nodes ("PE-n" and "P-m") 1324 are connected via two Ethernet switches ("ETH-n"). 1326 MPLS domain 1327 <-----------------------------------------------> 1329 +=======+ +=======+ 1330 |MPLS-ID| |MPLS-ID| 1331 +=======+ +-----+ +-----+ +=======+ +-----+ 1332 | | Forward as | | | | 1333 |PE-1 | per ETH-ID | P-2 +-----------+ PE-2| 1334 Push -----> +-+---+ | +---+-+ +-----+ 1335 ETH-ID | +-----+----+ | \ Recognize 1336 | v v | +-- ETH-ID 1337 | +-----+ +-----+ | 1338 +---+ | | +----+ 1339 +.......+ |ETH-1+----+ETH-2| +=======+ 1340 .MPLS-ID. +-----+ +-----+ |MPLS-ID| 1341 +=======+ +=======+ 1342 |ETH-ID | +.......+ |ETH-ID | 1343 +=======+ .MPLS-ID. +-------+ 1344 +=======+ 1345 |ETH-ID | 1346 +=======+ 1347 Ethernet domain 1348 <----------------> 1350 Figure 9: MPLS nodes interconnected by an Ethernet domain 1352 "PE-1" uses the MPLS specific ID ("MPLS-ID"), but as it is connected 1353 to an Ethernet domain it has to push an Ethernet-domain specific 1354 flow-ID ("VID + multicast MAC address", referred as "ETH-ID") before 1355 sending the packet to "ETH-1". Ethernet switch "ETH-1" can recognize 1356 the data flow based on the "ETH-ID" and it does forwarding toward 1357 "ETH-2". "ETH-2" switches the packet toward the MPLS node ("P-2"). 1358 "P-2" must be configured to receive the Ethernet Flow-ID specific 1359 multicast stream, but (as it is an MPLS node) it decodes the data 1360 flow ID based on the "MPLS-ID" fields of the received packet. 1362 4.10. Advertising resources, capabilities and adjacencies 1364 There are three classes of information that a central controller or 1365 decentralized control plane needs to know that can only be obtained 1366 from the end systems and/or transit nodes in the network. When using 1367 a peer-to-peer control plane, some of this information may be 1368 required by a system's neighbors in the network. 1370 o Details of the system's capabilities that are required in order to 1371 accurately allocate that system's resources, as well as other 1372 systems' resources. This includes, for example, which specific 1373 queuing and shaping algorithms are implemented (Section 4.4), the 1374 number of buffers dedicated for DetNet allocation, and the worst- 1375 case forwarding delay. 1377 o The dynamic state of an end or transit node's DetNet resources. 1379 o The identity of the system's neighbors, and the characteristics of 1380 the link(s) between the systems, including the length (in 1381 nanoseconds) of the link(s). 1383 4.11. Provisioning model 1385 4.11.1. Centralized Path Computation and Installation 1387 A centralized routing model, such as provided with a PCE (RFC 4655 1388 [RFC4655]), enables global and per-flow optimizations. (See 1389 Section 4.2.) The model is attractive but a number of issues are 1390 left to be solved. In particular: 1392 o Whether and how the path computation can be installed by 1) an end 1393 device or 2) a Network Management entity, 1395 o And how the path is set up, either by installing state at each hop 1396 with a direct interaction between the forwarding device and the 1397 PCE, or along a path by injecting a source-routed request at one 1398 end of the path. 1400 4.11.2. Distributed Path Setup 1402 Significant work on distributed path setup can be leveraged from MPLS 1403 Traffic Engineering, in both its GMPLS and non-GMPLS forms. The 1404 protocols within scope are Resource ReSerVation Protocol [RFC3209] 1405 [RFC3473](RSVP-TE), OSPF-TE [RFC4203] [RFC5392] and ISIS-TE [RFC5307] 1406 [RFC5316]. These should be viewed as starting points as there are 1407 feature specific extensions defined that may be applicable to DetNet. 1409 In a Layer-2 only environment, or as part of a layered approach to a 1410 mixed environment, IEEE 802.1 also has work, either completed or in 1411 progress. [IEEE802.1Q-2014] Clause 35 describes SRP, a peer-to-peer 1412 protocol for Layer-2 roughly analogous to RSVP [RFC2205]. 1413 [IEEE802.1Qca] defines how ISIS can provide multiple disjoint paths 1414 or distribution trees. Also in progress is [IEEE802.1Qcc], which 1415 expands the capabilities of SRP. 1417 The integration/interaction of the DetNet control layer with an 1418 underlying IEEE 802.1 sub-network control layer will need to be 1419 defined. 1421 4.12. Scaling to larger networks 1423 Reservations for individual DetNet flows require considerable state 1424 information in each transit node, especially when adequate fault 1425 mitigation (Section 4.7) is required. The DetNet data plane, in 1426 order to support larger numbers of DetNet flows, must support the 1427 aggregation of DetNet flows into tunnels, which themselves can be 1428 viewed by the transit nodes' data planes largely as individual DetNet 1429 flows. Without such aggregation, the per-relay system may limit the 1430 scale of DetNet networks. 1432 4.13. Connected islands vs. networks 1434 Given that users have deployed examples of the IEEE 802.1 TSN TG 1435 standards, which provide capabilities similar to DetNet, it is 1436 obvious to ask whether the IETF DetNet effort can be limited to 1437 providing Layer-2 connections (VPNs) between islands of bridged TSN 1438 networks. While this capability is certainly useful to some 1439 applications, and must not be precluded by DetNet, tunneling alone is 1440 not a sufficient goal for the DetNet WG. As shown in the 1441 Deterministic Networking Use Cases draft [I-D.ietf-detnet-use-cases], 1442 there are already deployments of Layer-2 TSN networks that are 1443 encountering the well-known problems of over-large broadcast domains. 1444 Routed solutions, and combinations routed/bridged solutions, are both 1445 required. 1447 5. Compatibility with Layer-2 1449 Standards providing similar capabilities for bridged networks (only) 1450 have been and are being generated in the IEEE 802 LAN/MAN Standards 1451 Committee. The present architecture describes an abstract model that 1452 can be applicable both at Layer-2 and Layer-3, and over links not 1453 defined by IEEE 802. It is the intention of the authors (and 1454 hopefully, as this draft progresses, of the DetNet Working Group) 1455 that IETF and IEEE 802 will coordinate their work, via the 1456 participation of common individuals, liaisons, and other means, to 1457 maximize the compatibility of their outputs. 1459 DetNet enabled end systems and intermediate nodes can be 1460 interconnected by sub-networks, i.e., Layer-2 technologies. These 1461 sub-networks will provide DetNet compatible service for support of 1462 DetNet traffic. Examples of sub-networks include 802.1TSN and a 1463 point-to-point OTN link. Of course, multi-layer DetNet systems may 1464 be possible too, where one DetNet appears as a sub-network, and 1465 provides service to, a higher layer DetNet system. 1467 6. Open Questions 1469 There are a number of architectural questions that will have to be 1470 resolved before this document can be submitted for publication. 1471 Aside from the obvious fact that this present draft is subject to 1472 change, there are specific questions to which the authors wish to 1473 direct the readers' attention. 1475 6.1. Flat vs. hierarchical control 1477 Boxes that are solely routers or solely bridges are rare in today's 1478 market. In a multi-tenant data center, multiple users' virtual 1479 Layer-2/Layer-3 topologies exist simultaneously, implemented on a 1480 network whose physical topology bears only accidental resemblance to 1481 the virtual topologies. 1483 While the forwarding topology (the bridges and routers) are an 1484 important consideration for a DetNet Flow Management Entity 1485 (Section 4.2.1), so is the purely physical topology. Ultimately, the 1486 model used by the management entities is based on boxes, queues, and 1487 links. The authors hope that the work of the TEAS WG will help to 1488 clarify exactly what model parameters need to be traded between the 1489 intermediate nodes and the controller(s). 1491 6.2. Peer-to-peer reservation protocol 1493 As described in Section 4.11.2, the DetNet WG needs to decide whether 1494 to support a peer-to-peer protocol for a source and a destination to 1495 reserve resources for a DetNet stream. Assuming that enabling the 1496 involvement of the source and/or destination is desirable (see 1497 Deterministic Networking Use Cases [I-D.ietf-detnet-use-cases]), it 1498 remains to decide whether the DetNet WG will make it possible to 1499 deploy at least some DetNet capabilities in a network using only a 1500 peer-to-peer protocol, without a central controller. 1502 (Note that a UNI (see Section 4.2.3) between an end system and a 1503 DetNet edge node, for sources and/or listeners to request DetNet 1504 services, can be either the first hop of a per-to-peer reservation 1505 protocol, or can be deflected by the DetNet edge node to a central 1506 controller for resolution. Similarly, a decision by a central 1507 controller can be effected by the controller instructing the end 1508 system or DetNet edge node to initiate a per-to-peer protocol 1509 activity.) 1511 6.3. Wireless media interactions 1513 Deterministic Networking Use Cases [I-D.ietf-detnet-use-cases] 1514 illustrates cases where wireless media are needed in a DetNet 1515 network. Some wireless media in general use, such as IEEE 802.11 1516 [IEEE802.1Q-2014], have significantly higher packet loss rates than 1517 typical wired media, such as Ethernet [IEEE802.3-2012]. IEEE 802.11 1518 includes support for such features as MAC-layer acknowledgements and 1519 retransmissions. 1521 The techniques described in Section 3 are likely to improve the 1522 ability of a mixed wired/wireless network to offer the DetNet QoS 1523 features. The interaction of these techniques with the features of 1524 specific wireless media, although they may be significant, cannot be 1525 addressed in this document. It remains to be decided to what extent 1526 the DetNet WG will address them, and to what extent other WGs, e.g. 1527 6TiSCH, will do so. 1529 7. Security Considerations 1531 Security in the context of Deterministic Networking has an added 1532 dimension; the time of delivery of a packet can be just as important 1533 as the contents of the packet, itself. A man-in-the-middle attack, 1534 for example, can impose, and then systematically adjust, additional 1535 delays into a link, and thus disrupt or subvert a real-time 1536 application without having to crack any encryption methods employed. 1537 See [RFC7384] for an exploration of this issue in a related context. 1539 Furthermore, in a control system where millions of dollars of 1540 equipment, or even human lives, can be lost if the DetNet QoS is not 1541 delivered, one must consider not only simple equipment failures, 1542 where the box or wire instantly becomes perfectly silent, but bizarre 1543 errors such as can be caused by software failures. Because there is 1544 essential no limit to the kinds of failures that can occur, 1545 protecting against realistic equipment failures is indistinguishable, 1546 in most cases, from protecting against malicious behavior, whether 1547 accidental or intentional. See also Section 4.7. 1549 Security must cover: 1551 o the protection of the signaling protocol 1553 o the authentication and authorization of the controlling systems 1555 o the identification and shaping of the DetNet flows 1557 8. Privacy Considerations 1559 DetNet is provides a Quality of Service (QoS), and as such, does not 1560 directly raise any new privacy considerations. 1562 However, the requirement for every (or almost every) node along the 1563 path of a DetNet flow to identify DetNet flows may present an 1564 additional attack surface for privacy, should the DetNet paradigm be 1565 found useful in broader environments. 1567 9. IANA Considerations 1569 This document does not require an action from IANA. 1571 10. Acknowledgements 1573 The authors wish to thank Jouni Korhonen, Erik Nordmark, George 1574 Swallow, Rudy Klecka, Anca Zamfir, David Black, Thomas Watteyne, 1575 Shitanshu Shah, Craig Gunther, Rodney Cummings, Balazs Varga, 1576 Wilfried Steiner, Marcel Kiessling, Karl Weber, Janos Farkas, Ethan 1577 Grossman, Pat Thaler, Lou Berger, and especially Michael Johas 1578 Teener, for their various contribution with this work. 1580 11. Access to IEEE 802.1 documents 1582 To access password protected IEEE 802.1 drafts, see the IETF IEEE 1583 802.1 information page at https://www.ietf.org/proceedings/52/slides/ 1584 bridge-0/tsld003.htm. 1586 12. Informative References 1588 [AVnu] http://www.avnu.org/, "The AVnu Alliance tests and 1589 certifies devices for interoperability, providing a simple 1590 and reliable networking solution for AV network 1591 implementation based on the Audio Video Bridging (AVB) 1592 standards.". 1594 [CCAMP] IETF, "Common Control and Measurement Plane", 1595 . 1597 [HART] www.hartcomm.org, "Highway Addressable Remote Transducer, 1598 a group of specifications for industrial process and 1599 control devices administered by the HART Foundation". 1601 [HSR-PRP] IEC, "High availability seamless redundancy (HSR) is a 1602 further development of the PRP approach, although HSR 1603 functions primarily as a protocol for creating media 1604 redundancy while PRP, as described in the previous 1605 section, creates network redundancy. PRP and HSR are both 1606 described in the IEC 62439 3 standard.", 1607 . 1610 [I-D.dt-detnet-dp-alt] 1611 Korhonen, J., Farkas, J., Mirsky, G., Thubert, P., 1612 Zhuangyan, Z., and L. Berger, "DetNet Data Plane Protocol 1613 and Solution Alternatives", draft-dt-detnet-dp-alt-04 1614 (work in progress), September 2016. 1616 [I-D.ietf-6tisch-architecture] 1617 Thubert, P., "An Architecture for IPv6 over the TSCH mode 1618 of IEEE 802.15.4", draft-ietf-6tisch-architecture-11 (work 1619 in progress), January 2017. 1621 [I-D.ietf-6tisch-tsch] 1622 Watteyne, T., Palattella, M., and L. Grieco, "Using 1623 IEEE802.15.4e TSCH in an IoT context: Overview, Problem 1624 Statement and Goals", draft-ietf-6tisch-tsch-06 (work in 1625 progress), March 2015. 1627 [I-D.ietf-detnet-problem-statement] 1628 Finn, N. and P. Thubert, "Deterministic Networking Problem 1629 Statement", draft-ietf-detnet-problem-statement-01 (work 1630 in progress), September 2016. 1632 [I-D.ietf-detnet-use-cases] 1633 Grossman, E., Gunther, C., Thubert, P., Wetterwald, P., 1634 Raymond, J., Korhonen, J., Kaneko, Y., Das, S., Zha, Y., 1635 Varga, B., Farkas, J., Goetz, F., Schmitt, J., Vilajosana, 1636 X., Mahmoodi, T., Spirou, S., and P. Vizarreta, 1637 "Deterministic Networking Use Cases", draft-ietf-detnet- 1638 use-cases-11 (work in progress), October 2016. 1640 [I-D.ietf-roll-rpl-industrial-applicability] 1641 Phinney, T., Thubert, P., and R. Assimiti, "RPL 1642 applicability in industrial networks", draft-ietf-roll- 1643 rpl-industrial-applicability-02 (work in progress), 1644 October 2013. 1646 [I-D.svshah-tsvwg-deterministic-forwarding] 1647 Shah, S. and P. Thubert, "Deterministic Forwarding PHB", 1648 draft-svshah-tsvwg-deterministic-forwarding-04 (work in 1649 progress), August 2015. 1651 [I-D.varga-detnet-service-model] 1652 Varga, B. and J. Farkas, "DetNet Service Model", draft- 1653 varga-detnet-service-model-01 (work in progress), October 1654 2016. 1656 [IEEE802.11-2012] 1657 IEEE, "Wireless LAN Medium Access Control (MAC) and 1658 Physical Layer (PHY) Specifications", 2012, 1659 . 1662 [IEEE802.1AS-2011] 1663 IEEE, "Timing and Synchronizations (IEEE 802.1AS-2011)", 1664 2011, . 1667 [IEEE802.1BA-2011] 1668 IEEE, "AVB (Audio Video Bridging) Systems (IEEE 802.1BA- 1669 2011)", 2011, . 1672 [IEEE802.1CB] 1673 IEEE, "Frame Replication and Elimination for Reliability 1674 (IEEE Draft P802.1CB)", 2016, 1675 . 1677 [IEEE802.1Q-2014] 1678 IEEE, "MAC Bridges and VLANs (IEEE 802.1Q-2014", 2014, 1679 . 1682 [IEEE802.1Qbu] 1683 IEEE, "Frame Preemption", 2016, 1684 . 1686 [IEEE802.1Qbv] 1687 IEEE, "Enhancements for Scheduled Traffic", 2016, 1688 . 1690 [IEEE802.1Qca] 1691 IEEE 802.1, "IEEE 802.1Qca Bridges and Bridged Networks - 1692 Amendment 24: Path Control and Reservation", IEEE 1693 P802.1Qca/D2.1 P802.1Qca, June 2015, 1694 . 1697 [IEEE802.1Qcc] 1698 IEEE, "Stream Reservation Protocol (SRP) Enhancements and 1699 Performance Improvements", 2016, 1700 . 1702 [IEEE802.1Qch] 1703 IEEE, "Cyclic Queuing and Forwarding", 2016, 1704 . 1706 [IEEE802.1TSNTG] 1707 IEEE Standards Association, "IEEE 802.1 Time-Sensitive 1708 Networks Task Group", 2013, 1709 . 1711 [IEEE802.3-2012] 1712 IEEE, "IEEE Standard for Ethernet", 2012, 1713 . 1716 [IEEE802.3br] 1717 IEEE, "Interspersed Express Traffic", 2016, 1718 . 1720 [IEEE802154] 1721 IEEE Standard for Information Technology, "IEEE 802.15.4, 1722 Part. 15.4: Wireless Medium Access Control (MAC) and 1723 Physical Layer (PHY) Specifications for Low-Rate Wireless 1724 Personal Area Networks", June 2011. 1726 [IEEE802154e] 1727 IEEE Standard for Information Technology, "IEEE 802.15.4e, 1728 Part. 15.4: Low-Rate Wireless Personal Area Networks (LR- 1729 WPANs) Amendment 1: MAC sublayer", April 2012. 1731 [ISA100.11a] 1732 ISA/IEC, "ISA100.11a, Wireless Systems for Automation, 1733 also IEC 62734", 2011, < http://www.isa100wci.org/en- 1734 US/Documents/PDF/3405-ISA100-WirelessSystems-Future-broch- 1735 WEB-ETSI.aspx>. 1737 [ISA95] ANSI/ISA, "Enterprise-Control System Integration Part 1: 1738 Models and Terminology", 2000, . 1741 [ODVA] http://www.odva.org/, "The organization that supports 1742 network technologies built on the Common Industrial 1743 Protocol (CIP) including EtherNet/IP.". 1745 [PCE] IETF, "Path Computation Element", 1746 . 1748 [Profinet] 1749 http://us.profinet.com/technology/profinet/, "PROFINET is 1750 a standard for industrial networking in automation.", 1751 . 1753 [RFC2205] Braden, R., Ed., Zhang, L., Berson, S., Herzog, S., and S. 1754 Jamin, "Resource ReSerVation Protocol (RSVP) -- Version 1 1755 Functional Specification", RFC 2205, DOI 10.17487/RFC2205, 1756 September 1997, . 1758 [RFC2475] Blake, S., Black, D., Carlson, M., Davies, E., Wang, Z., 1759 and W. Weiss, "An Architecture for Differentiated 1760 Services", RFC 2475, DOI 10.17487/RFC2475, December 1998, 1761 . 1763 [RFC3209] Awduche, D., Berger, L., Gan, D., Li, T., Srinivasan, V., 1764 and G. Swallow, "RSVP-TE: Extensions to RSVP for LSP 1765 Tunnels", RFC 3209, DOI 10.17487/RFC3209, December 2001, 1766 . 1768 [RFC3473] Berger, L., Ed., "Generalized Multi-Protocol Label 1769 Switching (GMPLS) Signaling Resource ReserVation Protocol- 1770 Traffic Engineering (RSVP-TE) Extensions", RFC 3473, 1771 DOI 10.17487/RFC3473, January 2003, 1772 . 1774 [RFC4203] Kompella, K., Ed. and Y. Rekhter, Ed., "OSPF Extensions in 1775 Support of Generalized Multi-Protocol Label Switching 1776 (GMPLS)", RFC 4203, DOI 10.17487/RFC4203, October 2005, 1777 . 1779 [RFC4655] Farrel, A., Vasseur, J., and J. Ash, "A Path Computation 1780 Element (PCE)-Based Architecture", RFC 4655, 1781 DOI 10.17487/RFC4655, August 2006, 1782 . 1784 [RFC5307] Kompella, K., Ed. and Y. Rekhter, Ed., "IS-IS Extensions 1785 in Support of Generalized Multi-Protocol Label Switching 1786 (GMPLS)", RFC 5307, DOI 10.17487/RFC5307, October 2008, 1787 . 1789 [RFC5316] Chen, M., Zhang, R., and X. Duan, "ISIS Extensions in 1790 Support of Inter-Autonomous System (AS) MPLS and GMPLS 1791 Traffic Engineering", RFC 5316, DOI 10.17487/RFC5316, 1792 December 2008, . 1794 [RFC5392] Chen, M., Zhang, R., and X. Duan, "OSPF Extensions in 1795 Support of Inter-Autonomous System (AS) MPLS and GMPLS 1796 Traffic Engineering", RFC 5392, DOI 10.17487/RFC5392, 1797 January 2009, . 1799 [RFC5673] Pister, K., Ed., Thubert, P., Ed., Dwars, S., and T. 1800 Phinney, "Industrial Routing Requirements in Low-Power and 1801 Lossy Networks", RFC 5673, DOI 10.17487/RFC5673, October 1802 2009, . 1804 [RFC5921] Bocci, M., Ed., Bryant, S., Ed., Frost, D., Ed., Levrau, 1805 L., and L. Berger, "A Framework for MPLS in Transport 1806 Networks", RFC 5921, DOI 10.17487/RFC5921, July 2010, 1807 . 1809 [RFC6372] Sprecher, N., Ed. and A. Farrel, Ed., "MPLS Transport 1810 Profile (MPLS-TP) Survivability Framework", RFC 6372, 1811 DOI 10.17487/RFC6372, September 2011, 1812 . 1814 [RFC6658] Bryant, S., Ed., Martini, L., Swallow, G., and A. Malis, 1815 "Packet Pseudowire Encapsulation over an MPLS PSN", 1816 RFC 6658, DOI 10.17487/RFC6658, July 2012, 1817 . 1819 [RFC7384] Mizrahi, T., "Security Requirements of Time Protocols in 1820 Packet Switched Networks", RFC 7384, DOI 10.17487/RFC7384, 1821 October 2014, . 1823 [RFC7426] Haleplidis, E., Ed., Pentikousis, K., Ed., Denazis, S., 1824 Hadi Salim, J., Meyer, D., and O. Koufopavlou, "Software- 1825 Defined Networking (SDN): Layers and Architecture 1826 Terminology", RFC 7426, DOI 10.17487/RFC7426, January 1827 2015, . 1829 [TEAS] IETF, "Traffic Engineering Architecture and Signaling", 1830 . 1832 [WirelessHART] 1833 www.hartcomm.org, "Industrial Communication Networks - 1834 Wireless Communication Network and Communication Profiles 1835 - WirelessHART - IEC 62591", 2010. 1837 Authors' Addresses 1839 Norman Finn 1840 Huawei Technologies Co. Ltd 1841 3755 Avocado Blvd. 1842 PMB 436 1843 La Mesa, California 91941 1844 US 1846 Phone: +1 925 980 6430 1847 Email: norman.finn@mail01.huawei.com 1849 Pascal Thubert 1850 Cisco Systems 1851 Village d'Entreprises Green Side 1852 400, Avenue de Roumanille 1853 Batiment T3 1854 Biot - Sophia Antipolis 06410 1855 FRANCE 1857 Phone: +33 4 97 23 26 34 1858 Email: pthubert@cisco.com 1860 Balazs Varga 1861 Ericsson 1862 Konyves Kalman krt. 11/B 1863 Budapest 1097 1864 Hungary 1866 Email: balazs.a.varga@ericsson.com 1868 Janos Farkas 1869 Ericsson 1870 Konyves Kalman krt. 11/B 1871 Budapest 1097 1872 Hungary 1874 Email: janos.farkas@ericsson.com