idnits 2.17.1
draft-ietf-detnet-architecture-11.txt:
Checking boilerplate required by RFC 5378 and the IETF Trust (see
https://trustee.ietf.org/license-info):
----------------------------------------------------------------------------
No issues found here.
Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
----------------------------------------------------------------------------
No issues found here.
Checking nits according to https://www.ietf.org/id-info/checklist :
----------------------------------------------------------------------------
No issues found here.
Miscellaneous warnings:
----------------------------------------------------------------------------
== The copyright year in the IETF Trust and authors Copyright Line does not
match the current year
== Line 778 has weird spacing: '...e stack v ...'
-- The document date (February 6, 2019) is 1906 days in the past. Is this
intentional?
Checking references for intended status: Proposed Standard
----------------------------------------------------------------------------
(See RFCs 3967 and 4897 for information about using normative references
to lower-maturity documents in RFCs)
== Missing Reference: 'Network' is mentioned on line 920, but not defined
== Outdated reference: A later version (-30) exists of
draft-ietf-6tisch-architecture-19
== Outdated reference: A later version (-02) exists of
draft-ietf-detnet-dp-sol-ip-01
== Outdated reference: A later version (-02) exists of
draft-ietf-detnet-dp-sol-mpls-01
== Outdated reference: A later version (-16) exists of
draft-ietf-detnet-security-03
Summary: 0 errors (**), 0 flaws (~~), 7 warnings (==), 1 comment (--).
Run idnits with the --verbose option for more detailed information about
the items above.
--------------------------------------------------------------------------------
2 DetNet N. Finn
3 Internet-Draft Huawei
4 Intended status: Standards Track P. Thubert
5 Expires: August 10, 2019 Cisco
6 B. Varga
7 J. Farkas
8 Ericsson
9 February 6, 2019
11 Deterministic Networking Architecture
12 draft-ietf-detnet-architecture-11
14 Abstract
16 This document provides the overall architecture for Deterministic
17 Networking (DetNet), which provides a capability to carry specified
18 unicast or multicast data flows for real-time applications with
19 extremely low data loss rates and bounded latency within a network
20 domain. Techniques used include: 1) reserving data plane resources
21 for individual (or aggregated) DetNet flows in some or all of the
22 intermediate nodes along the path of the flow; 2) providing explicit
23 routes for DetNet flows that do not immediately change with the
24 network topology; and 3) distributing data from DetNet flow packets
25 over time and/or space to ensure delivery of each packet's data in
26 spite of the loss of a path. DetNet operates at the IP layer and
27 delivers service over sub-network technologies such as MPLS and IEEE
28 802.1 Time-Sensitive Networking (TSN).
30 Status of This Memo
32 This Internet-Draft is submitted in full conformance with the
33 provisions of BCP 78 and BCP 79.
35 Internet-Drafts are working documents of the Internet Engineering
36 Task Force (IETF). Note that other groups may also distribute
37 working documents as Internet-Drafts. The list of current Internet-
38 Drafts is at https://datatracker.ietf.org/drafts/current/.
40 Internet-Drafts are draft documents valid for a maximum of six months
41 and may be updated, replaced, or obsoleted by other documents at any
42 time. It is inappropriate to use Internet-Drafts as reference
43 material or to cite them other than as "work in progress."
45 This Internet-Draft will expire on August 10, 2019.
47 Copyright Notice
49 Copyright (c) 2019 IETF Trust and the persons identified as the
50 document authors. All rights reserved.
52 This document is subject to BCP 78 and the IETF Trust's Legal
53 Provisions Relating to IETF Documents
54 (https://trustee.ietf.org/license-info) in effect on the date of
55 publication of this document. Please review these documents
56 carefully, as they describe your rights and restrictions with respect
57 to this document. Code Components extracted from this document must
58 include Simplified BSD License text as described in Section 4.e of
59 the Trust Legal Provisions and are provided without warranty as
60 described in the Simplified BSD License.
62 Table of Contents
64 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
65 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
66 2.1. Terms used in this document . . . . . . . . . . . . . . . 4
67 2.2. IEEE 802.1 TSN to DetNet dictionary . . . . . . . . . . . 7
68 3. Providing the DetNet Quality of Service . . . . . . . . . . . 7
69 3.1. Primary goals defining the DetNet QoS . . . . . . . . . . 7
70 3.2. Mechanisms to achieve DetNet QoS . . . . . . . . . . . . 10
71 3.2.1. Resource allocation . . . . . . . . . . . . . . . . . 10
72 3.2.1.1. Eliminate contention loss . . . . . . . . . . . . 10
73 3.2.1.2. Jitter Reduction . . . . . . . . . . . . . . . . 10
74 3.2.2. Service Protection . . . . . . . . . . . . . . . . . 11
75 3.2.2.1. In-Order Delivery . . . . . . . . . . . . . . . . 11
76 3.2.2.2. Packet Replication and Elimination . . . . . . . 12
77 3.2.2.3. Packet encoding for service protection . . . . . 14
78 3.2.3. Explicit routes . . . . . . . . . . . . . . . . . . . 14
79 3.3. Secondary goals for DetNet . . . . . . . . . . . . . . . 15
80 3.3.1. Coexistence with normal traffic . . . . . . . . . . . 15
81 3.3.2. Fault Mitigation . . . . . . . . . . . . . . . . . . 16
82 4. DetNet Architecture . . . . . . . . . . . . . . . . . . . . . 17
83 4.1. DetNet stack model . . . . . . . . . . . . . . . . . . . 17
84 4.1.1. Representative Protocol Stack Model . . . . . . . . . 17
85 4.1.2. DetNet Data Plane Overview . . . . . . . . . . . . . 19
86 4.1.3. Network reference model . . . . . . . . . . . . . . . 21
87 4.2. DetNet systems . . . . . . . . . . . . . . . . . . . . . 23
88 4.2.1. End system . . . . . . . . . . . . . . . . . . . . . 23
89 4.2.2. DetNet edge, relay, and transit nodes . . . . . . . . 24
90 4.3. DetNet flows . . . . . . . . . . . . . . . . . . . . . . 24
91 4.3.1. DetNet flow types . . . . . . . . . . . . . . . . . . 24
92 4.3.2. Source transmission behavior . . . . . . . . . . . . 25
93 4.3.3. Incomplete Networks . . . . . . . . . . . . . . . . . 26
94 4.4. Traffic Engineering for DetNet . . . . . . . . . . . . . 26
95 4.4.1. The Application Plane . . . . . . . . . . . . . . . . 27
96 4.4.2. The Controller Plane . . . . . . . . . . . . . . . . 27
97 4.4.3. The Network Plane . . . . . . . . . . . . . . . . . . 28
98 4.5. Queuing, Shaping, Scheduling, and Preemption . . . . . . 29
99 4.6. Service instance . . . . . . . . . . . . . . . . . . . . 30
100 4.7. Flow identification at technology borders . . . . . . . . 31
101 4.7.1. Exporting flow identification . . . . . . . . . . . . 32
102 4.7.2. Flow attribute mapping between layers . . . . . . . . 33
103 4.7.3. Flow-ID mapping examples . . . . . . . . . . . . . . 34
104 4.8. Advertising resources, capabilities and adjacencies . . . 36
105 4.9. Scaling to larger networks . . . . . . . . . . . . . . . 36
106 4.10. Compatibility with Layer-2 . . . . . . . . . . . . . . . 36
107 5. Security Considerations . . . . . . . . . . . . . . . . . . . 37
108 6. Privacy Considerations . . . . . . . . . . . . . . . . . . . 37
109 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 37
110 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 38
111 9. Informative References . . . . . . . . . . . . . . . . . . . 38
112 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 42
114 1. Introduction
116 This document provides the overall architecture for Deterministic
117 Networking (DetNet), which provides a capability for the delivery of
118 data flows with extremely low packet loss rates and bounded end-to-
119 end delivery latency. DetNet is for networks that are under a single
120 administrative control or within a closed group of administrative
121 control; these include campus-wide networks and private WANs. DetNet
122 is not for large groups of domains such as the Internet.
124 DetNet operates at the IP layer and delivers service over sub-network
125 technologies such as MPLS and IEEE 802.1 Time-Sensitive Networking
126 (TSN). DetNet accomplishes these goals by dedicating network
127 resources such as link bandwidth and buffer space to DetNet flows
128 and/or classes of DetNet flows, and by replicating packets along
129 multiple paths. Unused reserved resources are available to non-
130 DetNet packets as long as all guarantees are fulfilled.
132 The Deterministic Networking Problem Statement
133 [I-D.ietf-detnet-problem-statement] introduces Deterministic
134 Networking, and Deterministic Networking Use Cases
135 [I-D.ietf-detnet-use-cases] summarizes the need for it. See
136 [I-D.ietf-detnet-dp-sol-mpls] and [I-D.ietf-detnet-dp-sol-ip] for
137 specific techniques that can be used to identify DetNet flows and
138 assign them to specific paths through a network.
140 A goal of DetNet is a converged network in all respects. That is,
141 the presence of DetNet flows does not preclude non-DetNet flows, and
142 the benefits offered DetNet flows should not, except in extreme
143 cases, prevent existing Quality of Service (QoS) mechanisms from
144 operating in a normal fashion, subject to the bandwidth required for
145 the DetNet flows. A single source-destination pair can trade both
146 DetNet and non-DetNet flows. End systems and applications need not
147 instantiate special interfaces for DetNet flows. Networks are not
148 restricted to certain topologies; connectivity is not restricted.
149 Any application that generates a data flow that can be usefully
150 characterized as having a maximum bandwidth should be able to take
151 advantage of DetNet, as long as the necessary resources can be
152 reserved. Reservations can be made by the application itself, via
153 network management, by an application's controller, or by other
154 means, e.g., a dynamic control plane (e.g., [RFC2205]). QoS
155 requirements of DetNet flows can be met if all network nodes in a
156 DetNet domain implement DetNet capabilities. DetNet nodes can be
157 interconnected with different sub-network technologies
158 (Section 4.1.2), where the nodes of the subnet are not DetNet aware
159 (Section 4.1.3).
161 Many applications that are intended to be served by Deterministic
162 Networking require the ability to synchronize the clocks in end
163 systems to a sub-microsecond accuracy. Some of the queue control
164 techniques defined in Section 4.5 also require time synchronization
165 among network nodes. The means used to achieve time synchronization
166 are not addressed in this document. DetNet can accommodate various
167 time synchronization techniques and profiles that are defined
168 elsewhere to address the needs of different market segments.
170 2. Terminology
172 2.1. Terms used in this document
174 The following terms are used in the context of DetNet in this
175 document:
177 allocation
178 Resources are dedicated to support a DetNet flow. Depending
179 on an implementation, the resource may be reused by non-
180 DetNet flows when it is not used by the DetNet flow.
182 App-flow
183 The native format of a DetNet flow.
185 DetNet compound flow and DetNet member flow
186 A DetNet compound flow is a DetNet flow that has been
187 separated into multiple duplicate DetNet member flows for
188 service protection at the DetNet service sub-layer. Member
189 flows are merged back into a single DetNet compound flow such
190 that there are no duplicate packets. "Compound" and "member"
191 are strictly relative to each other, not absolutes; a DetNet
192 compound flow comprising multiple DetNet member flows can, in
193 turn, be a member of a higher-order compound.
195 DetNet destination
196 An end system capable of terminating a DetNet flow.
198 DetNet domain
199 The portion of a network that is DetNet aware. It includes
200 end systems and DetNet nodes.
202 DetNet edge node
203 An instance of a DetNet relay node that acts as a source and/
204 or destination at the DetNet service sub-layer. For example,
205 it can include a DetNet service sub-layer proxy function for
206 DetNet service protection (e.g., the addition or removal of
207 packet sequencing information) for one or more end systems,
208 or starts or terminates resource allocation at the DetNet
209 forwarding sub-layer, or aggregates DetNet services into new
210 DetNet flows. It is analogous to a Label Edge Router (LER)
211 or a Provider Edge (PE) router.
213 DetNet flow
214 A DetNet flow is a sequence of packets from one source to one
215 or more destinations, which conform uniquely to a flow
216 identifier, and to which the DetNet service is to be
217 provided.
219 DetNet forwarding sub-layer
220 The DetNet layer that optionally provides resource allocation
221 for DetNet flows over paths provided by the underlying
222 network.
224 DetNet intermediate node
225 A DetNet relay node or DetNet transit node.
227 DetNet node
228 A DetNet edge node, a DetNet relay node, or a DetNet transit
229 node.
231 DetNet relay node
232 A DetNet node including a service sub-layer function that
233 interconnects different DetNet forwarding sub-layer paths to
234 provide service protection. A DetNet relay node participates
235 in the DetNet service sub-layer. It typically incorporates
236 DetNet forwarding sub-layer functions as well, in which case
237 it is collocated with a transit node.
239 DetNet service sub-layer
240 The DetNet sub-layer at which A DetNet service, e.g., service
241 protection is provided.
243 DetNet service proxy
244 Maps between App-flows and DetNet flows.
246 DetNet source
247 An end system capable of originating a DetNet flow.
249 DetNet system
250 A DetNet aware end system, transit node, or relay node.
251 "DetNet" may be omitted in some text.
253 DetNet transit node
254 A DetNet node operating at the DetNet forwarding sub-layer,
255 that utilizes link layer and/or network layer switching
256 across multiple links and/or sub-networks to provide paths
257 for DetNet service sub-layer functions. Typically provides
258 resource allocation over those paths. An MPLS LSR is an
259 example of a DetNet transit node.
261 DetNet-UNI
262 User-to-Network Interface with DetNet specific
263 functionalities. It is a packet-based reference point and
264 may provide multiple functions like encapsulation, status,
265 synchronization, etc.
267 end system
268 Commonly called a "host" in IETF documents, and an "end
269 station" is IEEE 802 documents. End systems of interest to
270 this document are either sources or destinations of DetNet
271 flows. And end system may or may not be DetNet forwarding
272 sub-layer aware or DetNet service sub-layer aware.
274 link
275 A connection between two DetNet nodes. It may be composed of
276 a physical link or a sub-network technology that can provide
277 appropriate traffic delivery for DetNet flows.
279 PEF A Packet Elimination Function (PEF) eliminates duplicate
280 copies of packets to prevent excess packets flooding the
281 network or duplicate packets being sent out of the DetNet
282 domain. PEF can be implemented by a DetNet edge node, a
283 DetNet relay node, or an end system.
285 PRF A Packet Replication Function (PRF) replicates DetNet flow
286 packets and forwards them to one or more next hops in the
287 DetNet domain. The number of packet copies sent to the next
288 hops is a DetNet flow specific parameter at the point of
289 replication. PRF can be implemented by a DetNet edge node, a
290 DetNet relay node, or an end system.
292 PREOF Collective name for Packet Replication, Elimination, and
293 Ordering Functions.
295 POF A Packet Ordering Function (POF) re-orders packets within a
296 DetNet flow that are received out of order. This function
297 can be implemented by a DetNet edge node, a DetNet relay
298 node, or an end system.
300 reservation
301 The set of resources allocated between a source and one or
302 more destinations through DetNet nodes and subnets associated
303 with a DetNet flow, to provide the provisioned DetNet
304 service.
306 2.2. IEEE 802.1 TSN to DetNet dictionary
308 This section also serves as a dictionary for translating from the
309 terms used by the Time-Sensitive Networking (TSN) Task Group
310 [IEEE802.1TSNTG] of the IEEE 802.1 WG to those of the DetNet WG.
312 Listener
313 The IEEE 802.1 term for a destination of a DetNet flow.
315 relay system
316 The IEEE 802.1 term for a DetNet intermediate node.
318 Stream
319 The IEEE 802.1 term for a DetNet flow.
321 Talker
322 The IEEE 802.1 term for the source of a DetNet flow.
324 3. Providing the DetNet Quality of Service
326 3.1. Primary goals defining the DetNet QoS
328 The DetNet Quality of Service can be expressed in terms of:
330 o Minimum and maximum end-to-end latency from source to destination;
331 timely delivery, and bounded jitter (packet delay variation)
332 derived from these constraints.
334 o Packet loss ratio, under various assumptions as to the operational
335 states of the nodes and links.
337 o An upper bound on out-of-order packet delivery. It is worth
338 noting that some DetNet applications are unable to tolerate any
339 out-of-order delivery.
341 It is a distinction of DetNet that it is concerned solely with worst-
342 case values for the end-to-end latency, jitter, and misordering.
343 Average, mean, or typical values are of little interest, because they
344 do not affect the ability of a real-time system to perform its tasks.
345 In general, a trivial priority-based queuing scheme will give better
346 average latency to a data flow than DetNet; however, it may not be a
347 suitable option for DetNet because of its worst-case latency.
349 Three techniques are used by DetNet to provide these qualities of
350 service:
352 o Resource allocation (Section 3.2.1).
354 o Service protection (Section 3.2.2).
356 o Explicit routes (Section 3.2.3).
358 Resource allocation operates by assigning resources, e.g., buffer
359 space or link bandwidth, to a DetNet flow (or flow aggregate) along
360 its path. Resource allocation greatly reduces, or even eliminates
361 entirely, packet loss due to output packet contention within the
362 network, but it can only be supplied to a DetNet flow that is limited
363 at the source to a maximum packet size and transmission rate. As
364 DetNet provides allocated resources (including provisioned capacity)
365 to DetNet flows the use of transport layer congestion control
366 [RFC2914] by App-flows is explicitly not required.
368 Resource allocation addresses two of the DetNet QoS requirements:
369 latency and packet loss. Given that DetNet nodes have a finite
370 amount of buffer space, resource allocation necessarily results in a
371 maximum end-to-end latency. It also addresses contention related
372 packet loss.
374 Other important contribution to packet loss are random media errors
375 and equipment failures. Service protection is the name for the
376 mechanisms used by DetNet to address these losses. The mechanisms
377 employed are constrained by the requirement to meet the users'
378 latency requirements. Packet replication and elimination
379 (Section 3.2.2) and packet encoding (Section 3.2.2.3) are described
380 in this document to provide service protection; others may be found.
381 For instance, packet encoding can be used to provide service
382 protection against random media errors, packet replication and
383 elimination can be used to provide service protection against
384 equipment failures. This mechanism distributes the contents of
385 DetNet flows over multiple paths in time and/or space, so that the
386 loss of some of the paths does need not cause the loss of any
387 packets.
389 The paths are typically (but not necessarily) explicit routes, so
390 that they do not normally suffer temporary interruptions caused by
391 the convergence of routing or bridging protocols.
393 These three techniques can be applied independently, giving eight
394 possible combinations, including none (no DetNet), although some
395 combinations are of wider utility than others. This separation keeps
396 the protocol stack coherent and maximizes interoperability with
397 existing and developing standards in this (IETF) and other Standards
398 Development Organizations. Some examples of typical expected
399 combinations:
401 o Explicit routes plus service protection are exactly the techniques
402 employed by seamless redundancy mechanisms applied on a ring
403 topology as described, e.g., in [IEC62439-3-2016]. In this
404 example, explicit routes are achieved by limiting the physical
405 topology of the network to a ring. Sequentialization,
406 replication, and duplicate elimination are facilitated by packet
407 tags added at the front or the end of Ethernet frames. [RFC8227]
408 provides another example in the context of MPLS.
410 o Resource allocation alone was originally offered by IEEE 802.1
411 Audio Video bridging [IEEE802.1BA]. As long as the network
412 suffers no failures, packet loss due to output packet contention
413 can be eliminated through the use of a reservation protocol (e.g.,
414 Multiple Stream Registration Protocol [IEEE802.1Q-2018]), shapers
415 in every bridge, and proper dimensioning.
417 o Using all three together gives maximum protection.
419 There are, of course, simpler methods available (and employed, today)
420 to achieve levels of latency and packet loss that are satisfactory
421 for many applications. Prioritization and over-provisioning is one
422 such technique. However, these methods generally work best in the
423 absence of any significant amount of non-critical traffic in the
424 network (if, indeed, such traffic is supported at all), or work only
425 if the critical traffic constitutes only a small portion of the
426 network's theoretical capacity, or work only if all systems are
427 functioning properly, or in the absence of actions by end systems
428 that disrupt the network's operations.
430 There are any number of methods in use, defined, or in progress for
431 accomplishing each of the above techniques. It is expected that this
432 DetNet Architecture will assist various vendors, users, and/or
433 "vertical" Standards Development Organizations (dedicated to a single
434 industry) to make selections among the available means of
435 implementing DetNet networks.
437 3.2. Mechanisms to achieve DetNet QoS
439 3.2.1. Resource allocation
441 3.2.1.1. Eliminate contention loss
443 The primary means by which DetNet achieves its QoS assurances is to
444 reduce, or even completely eliminate packet loss due to output packet
445 contention within a DetNet node as a cause of packet loss. This can
446 be achieved only by the provision of sufficient buffer storage at
447 each node through the network to ensure that no packets are dropped
448 due to a lack of buffer storage. Note that App-flows are generally
449 not expected to be responsive to implicit [RFC2914] or explicit
450 congestion notification [RFC3168].
452 Ensuring adequate buffering requires, in turn, that the source, and
453 every DetNet node along the path to the destination (or nearly every
454 node, see Section 4.3.3) be careful to regulate its output to not
455 exceed the data rate for any DetNet flow, except for brief periods
456 when making up for interfering traffic. Any packet sent ahead of its
457 time potentially adds to the number of buffers required by the next
458 hop DetNet node and may thus exceed the resources allocated for a
459 particular DetNet flow.
461 The low-level mechanisms described in Section 4.5 provide the
462 necessary regulation of transmissions by an end system or DetNet node
463 to provide resource allocation. The allocation of the bandwidth and
464 buffers for a DetNet flow requires provisioning. A DetNet node may
465 have other resources requiring allocation and/or scheduling, that
466 might otherwise be over-subscribed and trigger the rejection of a
467 reservation.
469 3.2.1.2. Jitter Reduction
471 A core objective of DetNet is to enable the convergence of sensitive
472 non-IP networks onto a common network infrastructure. This requires
473 the accurate emulation of currently deployed mission-specific
474 networks, which for example rely on point-to-point analog (e.g.,
475 4-20mA modulation) and serial-digital cables (or buses) for highly
476 reliable, synchronized and jitter-free communications. While the
477 latency of analog transmissions is basically the speed of light,
478 legacy serial links are usually slow (in the order of Kbps) compared
479 to, say, GigE, and some latency is usually acceptable. What is not
480 acceptable is the introduction of excessive jitter, which may, for
481 instance, affect the stability of control systems.
483 Applications that are designed to operate on serial links usually do
484 not provide services to recover the jitter, because jitter simply
485 does not exist there. DetNet flows are generally expected to be
486 delivered in-order and the precise time of reception influences the
487 processes. In order to converge such existing applications, there is
488 a desire to emulate all properties of the serial cable, such as clock
489 transportation, perfect flow isolation and fixed latency. While
490 minimal jitter (in the form of specifying minimum, as well as
491 maximum, end-to-end latency) is supported by DetNet, there are
492 practical limitations on packet-based networks in this regard. In
493 general, users are encouraged to use, instead of, "do this when you
494 get the packet," a combination of:
496 o Sub-microsecond time synchronization among all source and
497 destination end systems, and
499 o Time-of-execution fields in the application packets.
501 Jitter reduction is provided by the mechanisms described in
502 Section 4.5 that also provide resource allocation.
504 3.2.2. Service Protection
506 Service protection aims to mitigate or eliminate packet loss due to
507 equipment failures, random media and/or memory faults. These types
508 of packet loss can be greatly reduced by spreading the data over
509 multiple disjoint forwarding paths. Various service protection
510 methods are described in [RFC6372], e.g., 1+1 linear protection.
511 This section describes the functional details of an additional method
512 in Section 3.2.2.2, which can be implemented as described in
513 Section 3.2.2.3 or as specified in [I-D.ietf-detnet-dp-sol-mpls] in
514 order to provide 1+n hitless protection. The appropriate service
515 protection mechanism depends on the scenario and the requirements.
517 3.2.2.1. In-Order Delivery
519 Out-of-order packet delivery can be a side effect of service
520 protection. Packets delivered out-of-order impact the amount of
521 buffering needed at the destination to properly process the received
522 data. Such packets also influence the jitter of a flow. The DetNet
523 service includes maximum allowed misordering as a constraint. Zero
524 misordering would be a valid service constraint to reflect that the
525 end system(s) of the flow cannot tolerate any out-of-order delivery.
527 DetNet Packet Ordering Functionality (POF) (Section 3.2.2.2) can be
528 used to provide in-order delivery.
530 3.2.2.2. Packet Replication and Elimination
532 This section describes a service protection method that sends copies
533 of the same packets over multiple paths.
535 The DetNet service sub-layer includes the packet replication (PRF),
536 the packet elimination (PEF), and the packet ordering functionality
537 (POF) for use in DetNet edge, relay node, and end system packet
538 processing. Either of these functions can be enabled in a DetNet
539 edge node, relay node or end system. The collective name for all
540 three functions is PREOF. The packet replication and elimination
541 service protection method altogether involves four capabilities:
543 o Providing sequencing information to the packets of a DetNet
544 compound flow. This may be done by adding a sequence number or
545 time stamp as part of DetNet, or may be inherent in the packet,
546 e.g., in a higher layer protocol, or associated to other physical
547 properties such as the precise time (and radio channel) of
548 reception of the packet. This is typically done once, at or near
549 the source.
551 o The Packet Replication Function (PRF) replicates these packets
552 into multiple DetNet member flows and typically sends them along
553 multiple different paths to the destination(s), e.g., over the
554 explicit routes of Section 3.2.3. The location within a DetNet
555 node, and the mechanism used for the PRF is implementation
556 specific.
558 o The Packet Elimination Function (PEF) eliminates duplicate packets
559 of a DetNet flow based on the sequencing information and a history
560 of received packets. The output of the PEF is always a single
561 packet. This may be done at any DetNet node along the path to
562 save network resources further downstream, in particular if
563 multiple Replication points exist. But the most common case is to
564 perform this operation at the very edge of the DetNet network,
565 preferably in or near the receiver. The location within a DetNet
566 node, and mechanism used for the PEF is implementation specific.
568 o The Packet Ordering Function (POF) uses the sequencing information
569 to re-order a DetNet flow's packets that are received out of
570 order.
572 The order in which a DetNet node applies PEF, POF, and PRF to a
573 DetNet flow is implementation specific.
575 Some service protection mechanisms rely on switching from one flow to
576 another when a failure of a flow is detected. Contrarily, packet
577 replication and elimination combines the DetNet member flows sent
578 along multiple different paths, and performs a packet-by-packet
579 selection of which to discard, e.g., based on sequencing information.
581 In the simplest case, this amounts to replicating each packet in a
582 source that has two interfaces, and conveying them through the
583 network, along separate (SRLG disjoint) paths, to the similarly dual-
584 homed destinations, that discard the extras. This ensures that one
585 path remains, even if some DetNet intermediate node fails. The
586 sequencing information can also be used for loss detection and for
587 re-ordering.
589 DetNet relay nodes in the network can provide replication and
590 elimination facilities at various points in the network, so that
591 multiple failures can be accommodated.
593 This is shown in Figure 1, where the two relay nodes each replicate
594 (R) the DetNet flow on input, sending the DetNet member flows to both
595 the other relay node and to the end system, and eliminate duplicates
596 (E) on the output interface to the right-hand end system. Any one
597 link in the network can fail, and the DetNet compound flow can still
598 get through. Furthermore, two links can fail, as long as they are in
599 different segments of the network.
601 > > > > > > > > > relay > > > > > > > >
602 > /------------+ R node E +------------\ >
603 > / v + ^ \ >
604 end R + v | ^ + E end
605 system + v | ^ + system
606 > \ v + ^ / >
607 > \------------+ R relay E +-----------/ >
608 > > > > > > > > > node > > > > > > > >
610 Figure 1: Packet replication and elimination
612 Packet replication and elimination does not react to and correct
613 failures; it is entirely passive. Thus, intermittent failures,
614 mistakenly created packet filters, or misrouted data is handled just
615 the same as the equipment failures that are handled by typical
616 routing and bridging protocols.
618 If packet replication and elimination is used over paths with
619 resource allocation (Section 3.2.1), and member flows that take
620 different-length paths through the network are combined, a merge
621 point may require extra buffering to equalize the delays over the
622 different paths. This equalization ensures that the resultant
623 compound flow will not exceed its contracted bandwidth even after one
624 or the other of the paths is restored after a failure. The extra
625 buffering can be also used to provide in-order delivery.
627 3.2.2.3. Packet encoding for service protection
629 There are methods for using multiple paths to provide service
630 protection that involve encoding the information in a packet
631 belonging to a DetNet flow into multiple transmission units,
632 combining information from multiple packets into any given
633 transmission unit. Such techniques, also known as "network coding",
634 can be used as a DetNet service protection technique.
636 3.2.3. Explicit routes
638 In networks controlled by typical dynamic control protocols such as
639 IS-IS or OSPF, a network topology event in one part of the network
640 can impact, at least briefly, the delivery of data in parts of the
641 network remote from the failure or recovery event. Even the use of
642 redundant paths through a network, e.g., as defined by [RFC6372] do
643 not eliminate the chances of packet loss. Furthermore, out-of-order
644 packet delivery can be a side effect of route changes.
646 Many real-time networks rely on physical rings of two-port devices,
647 with a relatively simple ring control protocol. This supports
648 redundant paths for service protection with a minimum of wiring. As
649 an additional benefit, ring topologies can often utilize different
650 topology management protocols than those used for a mesh network,
651 with a consequent reduction in the response time to topology changes.
652 Of course, this comes at some cost in terms of increased hop count,
653 and thus latency, for the typical path.
655 In order to get the advantages of low hop count and still ensure
656 against even very brief losses of connectivity, DetNet employs
657 explicit routes, where the path taken by a given DetNet flow does not
658 change, at least immediately, and likely not at all, in response to
659 network topology events. Service protection (Section 3.2.2 or
660 Section 3.2.2.3) over explicit routes provides a high likelihood of
661 continuous connectivity. Explicit routes can be established in
662 various ways, e.g., with RSVP-TE [RFC3209], with Segment Routing (SR)
663 [RFC8402], via a Software Defined Networking approach [RFC7426],
664 [RFC8453], and [RFC8453], with IS-IS [RFC7813], etc. Explicit routes
665 are typically used in MPLS TE LSPs.
667 Out-of-order packet delivery can be a side effect of distributing a
668 single flow over multiple paths especially when there is a change
669 from one path to another when combining the flow. This is
670 irrespective of the distribution method used, and also applies to
671 service protection over explicit routes. As described in
672 Section 3.2.2.1, out-of-order packets influence the jitter of a flow
673 and impact the amount of buffering needed to process the data;
674 therefore, DetNet service includes maximum allowed misordering as a
675 constraint. The use of explicit routes helps to provide in-order
676 delivery because there is no immediate route change with the network
677 topology, but the changes are plannable as they are between the
678 different explicit routes.
680 3.3. Secondary goals for DetNet
682 Many applications require DetNet to provide additional services,
683 including coexistence with other QoS mechanisms Section 3.3.1 and
684 protection against misbehaving transmitters Section 3.3.2.
686 3.3.1. Coexistence with normal traffic
688 A DetNet network supports the dedication of a high proportion of the
689 network bandwidth to DetNet flows. But, no matter how much is
690 dedicated for DetNet flows, it is a goal of DetNet to coexist with
691 existing Class of Service schemes (e.g., DiffServ). It is also
692 important that non-DetNet traffic not disrupt the DetNet flow, of
693 course (see Section 3.3.2 and Section 5). For these reasons:
695 o Bandwidth (transmission opportunities) not utilized by a DetNet
696 flow is available to non-DetNet packets (though not to other
697 DetNet flows).
699 o DetNet flows can be shaped or scheduled, in order to ensure that
700 the highest-priority non-DetNet packet is also ensured a worst-
701 case latency.
703 o When transmission opportunities for DetNet flows are scheduled in
704 detail, then the algorithm constructing the schedule should leave
705 sufficient opportunities for non-DetNet packets to satisfy the
706 needs of the users of the network. Detailed scheduling can also
707 permit the time-shared use of buffer resources by different DetNet
708 flows.
710 Starvation of non-DetNet traffic must be avoided, e.g., by traffic
711 policing functions (e.g., [RFC2475]). Thus, the net effect of the
712 presence of DetNet flows in a network on the non-DetNet flows is
713 primarily a reduction in the available bandwidth.
715 3.3.2. Fault Mitigation
717 Robust real-time systems require to reduce the number of possible
718 failures. Filters and policers should be used in a DetNet network to
719 detect if DetNet packets are received on the wrong interface, or at
720 the wrong time, or in too great a volume. Furthermore, filters and
721 policers can take actions to discard the offending packets or flows,
722 or trigger shutting down the offending flow or the offending
723 interface.
725 It is also essential that filters and service remarking be employed
726 at the network edge to prevent non-DetNet packets from being mistaken
727 for DetNet packets, and thus impinging on the resources allocated to
728 DetNet packets. In particular, sending DetNet traffic into networks
729 that have not been provisioned in advance to handle that DetNet
730 traffic has to be treated as a fault. The use of egress traffic
731 filters, or equivalent mechanisms, to prevent this from happening are
732 strongly recommended at the edges of a DetNet networks and DetNet
733 supporting networks. In this context, the term 'provisioned' has a
734 broad meaning, e.g., provisioning could be performed via an
735 administrative decision that the downstream network has the available
736 capacity to carry the DetNet traffic that is being sent into it.
738 Note that the sending of App-flows that do not use transport layer
739 congestion control per [RFC2914] into a network that is not
740 provisioned to handle such DetNet traffic has to be treated as a
741 fault and prevented. PRF generated DetNet member flows also need to
742 be treated as not using transport layer congestion control even if
743 the original App-flow supports transport layer congestion control
744 because PREOF can remove congestion indications at the PEF and
745 thereby hide such indications (e.g., drops, ECN markings, increased
746 latency) from end systems.
748 The mechanisms to support these requirements are both data plane and
749 implementation specific. Data plane specific solutions will be
750 specified in the relevant data plane solution document. There also
751 exist techniques, at present and/or in various stages of
752 standardization, that can support these fault mitigation tasks that
753 deliver a high probability that misbehaving systems will have zero
754 impact on well-behaved DetNet flows, except of course, for the
755 receiving interface(s) immediately downstream of the misbehaving
756 device. Examples of such techniques include traffic policing
757 functions (e.g., [RFC2475]) and separating flows into per-flow rate-
758 limited queues.
760 4. DetNet Architecture
762 4.1. DetNet stack model
764 DetNet functionality (Section 3) is implemented in two adjacent sub-
765 layers in the protocol stack: the DetNet service sub-layer and the
766 DetNet forwarding sub-layer. The DetNet service sub-layer provides
767 DetNet service, e.g., service protection, to higher layers in the
768 protocol stack and applications. The DetNet forwarding sub-layer
769 supports DetNet service in the underlying network, e.g., by providing
770 explicit routes and resource allocation to DetNet flows.
772 4.1.1. Representative Protocol Stack Model
774 Figure 2 illustrates a conceptual DetNet data plane layering model.
775 One may compare it to that in [IEEE802.1CB], Annex C.
777 | packets going | ^ packets coming ^
778 v down the stack v | up the stack |
779 +-----------------------+ +-----------------------+
780 | Source | | Destination |
781 +-----------------------+ +-----------------------+
782 | Service sub-layer: | | Service sub-layer: |
783 | Packet sequencing | | Duplicate elimination |
784 | Flow replication | | Flow merging |
785 | Packet encoding | | Packet decoding |
786 +-----------------------+ +-----------------------+
787 | Forwarding sub-layer: | | Forwarding sub-layer: |
788 | Resource allocation | | Resource allocation |
789 | Explicit routes | | Explicit routes |
790 +-----------------------+ +-----------------------+
791 | Lower layers | | Lower layers |
792 +-----------------------+ +-----------------------+
793 v ^
794 \_________________________/
796 Figure 2: DetNet data plane protocol stack
798 Not all sub-layers are required for any given application, or even
799 for any given network. The functionality shown in Figure 2 is:
801 Application
802 Shown as "source" and "destination" in the diagram.
804 Packet sequencing
805 As part of DetNet service protection, supplies the sequence
806 number for packet replication and elimination
807 (Section 3.2.2). Peers with Duplicate elimination. This
808 sub-layer is not needed if a higher layer protocol is
809 expected to perform any packet sequencing and duplicate
810 elimination required by the DetNet flow replication.
812 Duplicate elimination
813 As part of the DetNet service sub-layer, based on the
814 sequenced number supplied by its peer, packet sequencing,
815 Duplicate elimination discards any duplicate packets
816 generated by DetNet flow replication. It can operate on
817 member flows, compound flows, or both. The replication may
818 also be inferred from other information such as the precise
819 time of reception in a scheduled network. The duplicate
820 elimination sub-layer may also perform resequencing of
821 packets to restore packet order in a flow that was disrupted
822 by the loss of packets on one or another of the multiple
823 paths taken.
825 Flow replication
826 As part of DetNet service protection, packets that belong to
827 a DetNet compound flow are replicated into two or more DetNet
828 member flows. This function is separate from packet
829 sequencing. Flow replication can be an explicit replication
830 and remarking of packets, or can be performed by, for
831 example, techniques similar to ordinary multicast
832 replication, albeit with resource allocation implications.
833 Peers with DetNet flow merging.
835 Flow merging
836 As part of DetNet service protection, merges DetNet member
837 flows together for packets coming up the stack belonging to a
838 specific DetNet compound flow. Peers with DetNet flow
839 replication. DetNet flow merging, together with packet
840 sequencing, duplicate elimination, and DetNet flow
841 replication perform packet replication and elimination
842 (Section 3.2.2).
844 Packet encoding
845 As part of DetNet service protection, as an alternative to
846 packet sequencing and flow replication, packet encoding
847 combines the information in multiple DetNet packets, perhaps
848 from different DetNet compound flows, and transmits that
849 information in packets on different DetNet member Flows.
850 Peers with Packet decoding.
852 Packet decoding
853 As part of DetNet service protection, as an alternative to
854 flow merging and duplicate elimination, packet decoding takes
855 packets from different DetNet member flows, and computes from
856 those packets the original DetNet packets from the compound
857 flows input to packet encoding. Peers with Packet encoding.
859 Resource allocation
860 The DetNet forwarding sub-layer provides resource allocation.
861 See Section 4.5. The actual queuing and shaping mechanisms
862 are typically provided by underlying subnet, these can be
863 closely associated with the means of providing paths for
864 DetNet flows, the path and the resource allocation are
865 conflated in this figure.
867 Explicit routes
868 The DetNet forwarding sub-layer provides mechanisms to ensure
869 that fixed paths are provided for DetNet flows. These
870 explicit paths avoid the impact of network convergence.
872 Operations, Administration, and Maintenance (OAM) leverages in-band
873 and out-of-band signaling that validates whether the service is
874 effectively obtained within QoS constraints. OAM is not shown in
875 Figure 2; it may reside in any number of the layers. OAM can involve
876 specific tagging added in the packets for tracing implementation or
877 network configuration errors; traceability enables to find whether a
878 packet is a replica, which DetNet relay node performed the
879 replication, and which segment was intended for the replica. Active
880 and hybrid OAM methods require additional bandwidth to perform fault
881 management and performance monitoring of the DetNet domain. OAM may,
882 for instance, generate special test probes or add OAM information
883 into the data packet.
885 The packet sequencing and replication elimination functions at the
886 source and destination ends of a DetNet compound flow may be
887 performed either in the end system or in a DetNet relay node.
889 4.1.2. DetNet Data Plane Overview
891 A "Deterministic Network" will be composed of DetNet enabled end
892 systems, DetNet edge nodes, DetNet relay nodes and collectively
893 deliver DetNet services. DetNet relay and edge nodes are
894 interconnected via DetNet transit nodes (e.g., LSRs) which support
895 DetNet, but are not DetNet service aware. All DetNet nodes are
896 connected to sub-networks, where a point-to-point link is also
897 considered as a simple sub-network. These sub-networks will provide
898 DetNet compatible service for support of DetNet traffic. Examples of
899 sub-networks include MPLS TE, IEEE 802.1 TSN and OTN. Of course,
900 multi-layer DetNet systems may also be possible, where one DetNet
901 appears as a sub-network, and provides service to, a higher layer
902 DetNet system. A simple DetNet concept network is shown in Figure 3.
903 Note that in this and following figures "Forwarding" and "Fwd" refer
904 to the DetNet forwarding sub-layer, "Service" and "Svc" refer to the
905 DetNet service sub-layer, which are described in detail in
906 Section 4.1.
908 TSN Edge Transit Relay DetNet
909 End System Node Node Node End System
911 +----------+ +.........+ +----------+
912 | Appl. |<--:Svc Proxy:-- End to End Service -------->| Appl. |
913 +----------+ +---------+ +---------+ +----------+
914 | TSN | |TSN| |Svc|<- DetNet flow --: Service :-->| Service |
915 +----------+ +---+ +---+ +--------+ +---------+ +----------+
916 |Forwarding| |Fwd| |Fwd| | Fwd | |Fwd| |Fwd| |Forwarding|
917 +-------.--+ +-.-+ +-.-+ +--.----.+ +-.-+ +-.-+ +---.------+
918 : Link : / ,-----. \ : Link : / ,-----. \
919 +........+ +-[ Sub ]-+ +.......+ +-[ Sub ]-+
920 [Network] [Network]
921 `-----' `-----'
923 Figure 3: A Simple DetNet Enabled Network
925 Distinguishing the function of two DetNet data plane sub-layers, the
926 DetNet service sub-layer and the DetNet forwarding sub-layer, helps
927 to explore and evaluate various combinations of the data plane
928 solutions available, some are illustrated in Figure 4. This
929 separation of DetNet sub-layers, while helpful, should not be
930 considered as formal requirement. For example, some technologies may
931 violate these strict sub-layers and still be able to deliver a DetNet
932 service.
934 .
935 .
936 +-----------------------------+
937 | DetNet Service sub-layer | PW, UDP, GRE
938 +-----------------------------+
939 | DetNet Forwarding sub-layer | IPv6, IPv4, MPLS TE LSPs, MPLS SR
940 +-----------------------------+
941 .
942 .
944 Figure 4: DetNet adaptation to data plane
946 In some networking scenarios, the end system initially provides a
947 DetNet flow encapsulation, which contains all information needed by
948 DetNet nodes (e.g., Real-time Transport Protocol (RTP) [RFC3550]
949 based DetNet flow carried over a native UDP/IP network or
950 PseudoWire). In other scenarios, the encapsulation formats might
951 differ significantly.
953 There are many valid options to create a data plane solution for
954 DetNet traffic by selecting a technology approach for the DetNet
955 service sub-layer and also selecting a technology approach for the
956 DetNet forwarding sub-layer. There are a high number of valid
957 combinations.
959 One of the most fundamental differences between different potential
960 data plane options is the basic headers used by DetNet nodes. For
961 example, the basic service can be delivered based on an MPLS label or
962 an IP header. This decision impacts the basic forwarding logic for
963 the DetNet service sub-layer. Note that in both cases, IP addresses
964 are used to address DetNet nodes. The selected DetNet forwarding
965 sub-layer technology also needs to be mapped to the sub-net
966 technology used to interconnect DetNet nodes. For example, DetNet
967 flows will need to be mapped to TSN Streams.
969 4.1.3. Network reference model
971 Figure 5 shows another view of the DetNet service related reference
972 points and main components.
974 DetNet DetNet
975 end system end system
976 _ _
977 / \ +----DetNet-UNI (U) / \
978 /App\ | /App\
979 /-----\ | /-----\
980 | NIC | v ________ | NIC |
981 +--+--+ _____ / \ DetNet-UNI (U) --+ +--+--+
982 | / \__/ \ | |
983 | / +----+ +----+ \_____ | |
984 | / | | | | \_______ | |
985 +------U PE +----+ P +----+ \ _ v |
986 | | | | | | | ___/ \ |
987 | +--+-+ +----+ | +----+ | / \_ |
988 \ | | | | | / \ |
989 \ | +----+ +--+-+ +--+PE |------ U-----+
990 \ | | | | | | | | | \_ _/
991 \ +---+ P +----+ P +--+ +----+ | \____/
992 \___ | | | | /
993 \ +----+__ +----+ DetNet-1 DetNet-2
994 | \_____/ \___________/ |
995 | |
996 | | End-to-End service | | | |
997 <------------------------------------------------------------->
998 | | DetNet service | | | |
999 | <------------------------------------------------> |
1000 | | | | | |
1002 Figure 5: DetNet Service Reference Model (multi-domain)
1004 DetNet-UNIs ("U" in Figure 5) are assumed in this document to be
1005 packet-based reference points and provide connectivity over the
1006 packet network. A DetNet-UNI may provide multiple functions, e.g.,
1007 it may add networking technology specific encapsulation to the DetNet
1008 flows if necessary; it may provide status of the availability of the
1009 resources associated with a reservation; it may provide a
1010 synchronization service for the end system; it may carry enough
1011 signaling to place the reservation in a network without a controller,
1012 or if the controller only deals with the network but not the end
1013 systems. Internal reference points of end systems (between the
1014 application and the NIC) are more challenging from control
1015 perspective and they may have extra requirements (e.g., in-order
1016 delivery is expected in end system internal reference points, whereas
1017 it is considered optional over the DetNet-UNI).
1019 4.2. DetNet systems
1021 4.2.1. End system
1023 The native data flow between the source/destination end systems is
1024 referred to as application-flow (App-flow). The traffic
1025 characteristics of an App-flow can be CBR (constant bit rate) or VBR
1026 (variable bit rate) and can have L1 or L2 or L3 encapsulation (e.g.,
1027 TDM (time-division multiplexing), Ethernet, IP). These
1028 characteristics are considered as input for resource reservation and
1029 might be simplified to ensure determinism during packet forwarding
1030 (e.g., making reservations for the peak rate of VBR traffic, etc.).
1032 An end system may or may not be DetNet forwarding sub-layer aware or
1033 DetNet service sub-layer aware. That is, an end system may or may
1034 not contain DetNet specific functionality. End systems with DetNet
1035 functionalities may have the same or different forwarding sub-layer
1036 as the connected DetNet domain. Categorization of end systems are
1037 shown in Figure 6.
1039 End system
1040 |
1041 |
1042 | DetNet aware ?
1043 / \
1044 +------< >------+
1045 NO | \ / | YES
1046 | v |
1047 DetNet unaware |
1048 End system |
1049 | Service/Forwarding
1050 | sub-layer
1051 / \ aware ?
1052 +--------< >-------------+
1053 f-aware | \ / | s-aware
1054 | v |
1055 | | both |
1056 | | |
1057 DetNet f-aware | DetNet s-aware
1058 End system | End system
1059 v
1060 DetNet sf-aware
1061 End system
1063 Figure 6: Categorization of end systems
1065 Note some known use case examples for end systems:
1067 o DetNet unaware: The classic case requiring service proxies.
1069 o DetNet f-aware: A DetNet forwarding sub-layer aware system. It
1070 knows about some TSN functions (e.g., reservation), but not about
1071 service protection.
1073 o DetNet s-aware: A DetNet service sub-layer aware system. It
1074 supplies sequence numbers, but doesn't know about resource
1075 allocation.
1077 o DetNet sf-aware: A full functioning DetNet end system, it has
1078 DetNet functionalities and usually the same forwarding paradigm as
1079 the connected DetNet domain. It can be treated as an integral
1080 part of the DetNet domain.
1082 4.2.2. DetNet edge, relay, and transit nodes
1084 As shown in Figure 3, DetNet edge nodes providing proxy service and
1085 DetNet relay nodes providing the DetNet service sub-layer are DetNet-
1086 aware, and DetNet transit nodes need only be aware of the DetNet
1087 forwarding sub-layer.
1089 In general, if a DetNet flow passes through one or more DetNet-
1090 unaware network nodes between two DetNet nodes providing the DetNet
1091 forwarding sub-layer for that flow, there is a potential for
1092 disruption or failure of the DetNet QoS. A network administrator
1093 needs to ensure that the DetNet-unaware network nodes are configured
1094 to minimize the chances of packet loss and delay, and provision
1095 enough extra buffer space in the DetNet transit node following the
1096 DetNet-unaware network nodes to absorb the induced latency
1097 variations.
1099 4.3. DetNet flows
1101 4.3.1. DetNet flow types
1103 A DetNet flow can have different formats while its packets are
1104 forwarded between the peer end systems. Therefore, the following
1105 possible types / formats of a DetNet flow are distinguished in this
1106 document:
1108 o App-flow: native format of the data carried over a DetNet flow.
1109 It does not contain any DetNet related attributes.
1111 o DetNet-f-flow: specific format of a DetNet flow. It only requires
1112 the resource allocation features provided by the DetNet forwarding
1113 sub-layer.
1115 o DetNet-s-flow: specific format of a DetNet flow. It only requires
1116 the service protection feature ensured by the DetNet service sub-
1117 layer.
1119 o DetNet-sf-flow: specific format of a DetNet flow. It requires
1120 both DetNet service sub-layer and DetNet forwarding sub-layer
1121 functions during forwarding.
1123 4.3.2. Source transmission behavior
1125 For the purposes of resource allocation, DetNet flows can be
1126 synchronous or asynchronous. In synchronous DetNet flows, at least
1127 the DetNet nodes (and possibly the end systems) are closely time
1128 synchronized, typically to better than 1 microsecond. By
1129 transmitting packets from different DetNet flows or classes of DetNet
1130 flows at different times, using repeating schedules synchronized
1131 among the DetNet nodes, resources such as buffers and link bandwidth
1132 can be shared over the time domain among different DetNet flows.
1133 There is a tradeoff among techniques for synchronous DetNet flows
1134 between the burden of fine-grained scheduling and the benefit of
1135 reducing the required resources, especially buffer space.
1137 In contrast, asynchronous DetNet flows are not coordinated with a
1138 fine-grained schedule, so relay and end systems must assume worst-
1139 case interference among DetNet flows contending for buffer resources.
1140 Asynchronous DetNet flows are characterized by:
1142 o A maximum packet size;
1144 o An observation interval; and
1146 o A maximum number of transmissions during that observation
1147 interval.
1149 These parameters, together with knowledge of the protocol stack used
1150 (and thus the size of the various headers added to a packet), limit
1151 the number of bit times per observation interval that the DetNet flow
1152 can occupy the physical medium.
1154 The source is required not to exceed these limits in order to obtain
1155 DetNet service. If the source transmits less data than this limit
1156 allows, the unused resource such as link bandwidth can be made
1157 available by the DetNet system to non-DetNet packets as long as all
1158 guarantees are fulfilled. However, making those resources available
1159 to DetNet packets in other DetNet flows would serve no purpose.
1160 Those other DetNet flows have their own dedicated resources, on the
1161 assumption that all DetNet flows can use all of their resources over
1162 a long period of time.
1164 There is no expectation in DetNet for App-flows to be responsive to
1165 implicit [RFC2914] or explicit congestion notification [RFC3168].
1166 The assumption is that a DetNet flow, to be useful, must be delivered
1167 in its entirety. That is, while any useful application is written to
1168 expect a certain number of lost packets, the real-time applications
1169 of interest to DetNet demand that the loss of data due to the network
1170 is a rare event.
1172 Although DetNet strives to minimize the changes required of an
1173 application to allow it to shift from a special-purpose digital
1174 network to an Internet Protocol network, one fundamental shift in the
1175 behavior of network applications is impossible to avoid: the
1176 reservation of resources before the application starts. In the first
1177 place, a network cannot deliver finite latency and practically zero
1178 packet loss to an arbitrarily high offered load. Secondly, achieving
1179 practically zero packet loss for DetNet flows means that DetNet nodes
1180 have to dedicate buffer resources to specific DetNet flows or to
1181 classes of DetNet flows. The requirements of each reservation have
1182 to be translated into the parameters that control each DetNet
1183 system's queuing, shaping, and scheduling functions and delivered to
1184 the DetNet nodes and end systems.
1186 All nodes in a DetNet domain are expected to support the data
1187 behavior required to deliver a particular DetNet service. If a node
1188 itself is not DetNet service aware, the DetNet nodes that are
1189 adjacent to such non-DetNet aware nodes must ensure that the non-
1190 DetNet aware node is provisioned to appropriately support the DetNet
1191 service. For example, an IEEE 802.1 TSN node may be used to
1192 interconnect DetNet aware nodes, and these DetNet nodes can map
1193 DetNet flows to 802.1 TSN flows. Another example, an MPLS-TE or TP
1194 domain may be used to interconnect DetNet aware nodes, and these
1195 DetNet nodes can map DetNet flows to TE LSPs which can provide the
1196 QoS requirements of the DetNet service.
1198 4.3.3. Incomplete Networks
1200 The presence in the network of intermediate nodes or subnets that are
1201 not fully capable of offering DetNet services complicates the ability
1202 of the intermediate nodes and/or controller to allocate resources, as
1203 extra buffering must be allocated at points downstream from the non-
1204 DetNet intermediate node for a DetNet flow. This extra buffering may
1205 increase latency and/or jitter.
1207 4.4. Traffic Engineering for DetNet
1209 Traffic Engineering Architecture and Signaling (TEAS) [TEAS] defines
1210 traffic-engineering architectures for generic applicability across
1211 packet and non-packet networks. From a TEAS perspective, Traffic
1212 Engineering (TE) refers to techniques that enable operators to
1213 control how specific traffic flows are treated within their networks.
1215 Because if its very nature of establishing explicit optimized paths,
1216 Deterministic Networking can be seen as a new, specialized branch of
1217 Traffic Engineering, and inherits its architecture with a separation
1218 into planes.
1220 The Deterministic Networking architecture is thus composed of three
1221 planes, a (User) Application Plane, a Controller Plane, and a Network
1222 Plane, which echoes that of Figure 1 of Software-Defined Networking
1223 (SDN): Layers and Architecture Terminology [RFC7426], and the
1224 Controllers identified in [RFC8453] and [RFC7149].
1226 4.4.1. The Application Plane
1228 Per [RFC7426], the Application Plane includes both applications and
1229 services. In particular, the Application Plane incorporates the User
1230 Agent, a specialized application that interacts with the end user /
1231 operator and performs requests for Deterministic Networking services
1232 via an abstract Flow Management Entity, (FME) which may or may not be
1233 collocated with (one of) the end systems.
1235 At the Application Plane, a management interface enables the
1236 negotiation of flows between end systems. An abstraction of the flow
1237 called a Traffic Specification (TSpec) provides the representation.
1238 This abstraction is used to place a reservation over the (Northbound)
1239 Service Interface and within the Application plane. It is associated
1240 with an abstraction of location, such as IP addresses and DNS names,
1241 to identify the end systems and possibly specify DetNet nodes.
1243 4.4.2. The Controller Plane
1245 The Controller Plane corresponds to the aggregation of the Control
1246 and Management Planes in [RFC7426], though Common Control and
1247 Measurement Plane (CCAMP) [CCAMP] makes an additional distinction
1248 between management and measurement. When the logical separation of
1249 the Control, Measurement and other Management entities is not
1250 relevant, the term Controller Plane is used for simplicity to
1251 represent them all, and the term Controller Plane Function (CPF)
1252 refers to any device operating in that plane, whether is it a Path
1253 Computation Element (PCE) [RFC4655], or a Network Management entity
1254 (NME), or a distributed control plane. The CPF is a core element of
1255 a controller, in charge of computing Deterministic paths to be
1256 applied in the Network Plane.
1258 A (Northbound) Service Interface enables applications in the
1259 Application Plane to communicate with the entities in the Controller
1260 Plane as illustrated in Figure 7.
1262 One or more CPF(s) collaborate to implement the requests from the FME
1263 as Per-Flow Per-Hop Behaviors installed in the DetNet nodes for each
1264 individual flow. The CPFs place each flow along a deterministic
1265 sequence of DetNet nodes so as to respect per-flow constraints such
1266 as security and latency, and optimize the overall result for metrics
1267 such as an abstract aggregated cost. The deterministic sequence can
1268 typically be more complex than a direct sequence and include
1269 redundancy path, with one or more packet replication and elimination
1270 points. Scaling to larger networks is discussed in Section 4.9.
1272 4.4.3. The Network Plane
1274 The Network Plane represents the network devices and protocols as a
1275 whole, regardless of the Layer at which the network devices operate.
1276 It includes Forwarding Plane (data plane), Application, and
1277 Operational Plane (e.g., OAM) aspects.
1279 The network Plane comprises the Network Interface Cards (NIC) in the
1280 end systems, which are typically IP hosts, and DetNet nodes, which
1281 are typically IP routers and MPLS switches. Network-to-Network
1282 Interfaces such as used for Traffic Engineering path reservation in
1283 [RFC5921], as well as User-to-Network Interfaces (UNI) such as
1284 provided by the Local Management Interface (LMI) between network and
1285 end systems, are both part of the Network Plane, both in the control
1286 plane and the data plane.
1288 A Southbound (Network) Interface enables the entities in the
1289 Controller Plane to communicate with devices in the Network Plane as
1290 illustrated in Figure 7. This interface leverages and extends TEAS
1291 to describe the physical topology and resources in the Network Plane.
1293 End End
1294 System System
1296 -+-+-+-+-+-+-+ Northbound -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
1298 CPF CPF CPF CPF
1300 -+-+-+-+-+-+-+ Southbound -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
1302 DetNet DetNet DetNet DetNet
1303 Node Node Node Node
1304 NIC NIC
1305 DetNet DetNet DetNet DetNet
1306 Node Node Node Node
1308 Figure 7: Northbound and Southbound interfaces
1310 The DetNet nodes (and possibly the end systems NIC) expose their
1311 capabilities and physical resources to the controller (the CPF), and
1312 update the CPFs with their dynamic perception of the topology, across
1313 the Southbound Interface. In return, the CPFs set the per-flow paths
1314 up, providing a Flow Characterization that is more tightly coupled to
1315 the DetNet node Operation than a TSpec.
1317 At the Network plane, DetNet nodes may exchange information regarding
1318 the state of the paths, between adjacent DetNet nodes and possibly
1319 with the end systems, and forward packets within constraints
1320 associated to each flow, or, when unable to do so, perform a last
1321 resort operation such as drop or declassify.
1323 This document focuses on the Southbound interface and the operation
1324 of the Network Plane.
1326 4.5. Queuing, Shaping, Scheduling, and Preemption
1328 DetNet achieves bounded delivery latency by reserving bandwidth and
1329 buffer resources at each DetNet node along the path of the DetNet
1330 flow. The reservation itself is not sufficient, however.
1331 Implementors and users of a number of proprietary and standard real-
1332 time networks have found that standards for specific data plane
1333 techniques are required to enable these assurances to be made in a
1334 multi-vendor network. The fundamental reason is that latency
1335 variation in one DetNet system results in the need for extra buffer
1336 space in the next-hop DetNet system(s), which in turn, increases the
1337 worst-case per-hop latency.
1339 Standard queuing and transmission selection algorithms allow traffic
1340 engineering Section 4.4 to compute the latency contribution of each
1341 DetNet node to the end-to-end latency, to compute the amount of
1342 buffer space required in each DetNet node for each incremental DetNet
1343 flow, and most importantly, to translate from a flow specification to
1344 a set of values for the managed objects that control each relay or
1345 end system. For example, the IEEE 802.1 WG has specified (and is
1346 specifying) a set of queuing, shaping, and scheduling algorithms that
1347 enable each DetNet node, and/or a central controller, to compute
1348 these values. These algorithms include:
1350 o A credit-based shaper [IEEE802.1Qav] (superseded by
1351 [IEEE802.1Q-2018]).
1353 o Time-gated queues governed by a rotating time schedule based on
1354 synchronized time [IEEE802.1Qbv] (superseded by
1355 [IEEE802.1Q-2018]).
1357 o Synchronized double (or triple) buffers driven by synchronized
1358 time ticks. [IEEE802.1Qch] (superseded by [IEEE802.1Q-2018]).
1360 o Pre-emption of an Ethernet packet in transmission by a packet with
1361 a more stringent latency requirement, followed by the resumption
1362 of the preempted packet [IEEE802.1Qbu] (superseded by
1363 [IEEE802.1Q-2018]), [IEEE802.3br] (superseded by
1364 [IEEE802.3-2018]).
1366 While these techniques are currently embedded in Ethernet
1367 [IEEE802.3-2018] and bridging standards, we can note that they are
1368 all, except perhaps for packet preemption, equally applicable to
1369 other media than Ethernet, and to routers as well as bridges. Other
1370 media may have its own methods, see, e.g.,
1371 [I-D.ietf-6tisch-architecture], [RFC7554]. DetNet may include such
1372 definitions in the future, or may define how these techniques can be
1373 used by DetNet nodes.
1375 4.6. Service instance
1377 A Service instance represents all the functions required on a DetNet
1378 node to allow the end-to-end service between the UNIs.
1380 The DetNet network general reference model is shown in Figure 8 for a
1381 DetNet service scenario (i.e., between two DetNet-UNIs). In this
1382 figure, end systems ("A" and "B") are connected directly to the edge
1383 nodes of an IP/MPLS network ("PE1" and "PE2"). End systems
1384 participating in DetNet communication may require connectivity before
1385 setting up an App-flow that requires the DetNet service. Such a
1386 connectivity related service instance and the one dedicated for
1387 DetNet service share the same access. Packets belonging to a DetNet
1388 flow are selected by a filter configured on the access ("F1" and
1389 "F2"). As a result, data flow specific access ("access-A + F1" and
1390 "access-B + F2") are terminated in the flow specific service instance
1391 ("SI-1" and "SI-2"). A tunnel is used to provide connectivity
1392 between the service instances.
1394 The tunnel is exclusively used for the packets of the DetNet flow
1395 between "SI-1" and "SI-2". The service instances are configured to
1396 implement DetNet functions and a flow specific DetNet forwarding.
1397 The service instance and the tunnel may or may not be shared by
1398 multiple DetNet flows. Sharing the service instance by multiple
1399 DetNet flows requires properly populated forwarding tables of the
1400 service instance.
1402 access-A access-B
1403 <-----> <-------- tunnel ----------> <----->
1405 +---------+ ___ _ +---------+
1406 End system | +----+ | / \/ \_ | +----+ | End system
1407 "A" -------F1+ | | / \ | | +F2----- "B"
1408 | | +========+ IP/MPLS +=======+ | |
1409 | |SI-1| | \__ Net._/ | |SI-2| |
1410 | +----+ | \____/ | +----+ |
1411 |PE1 | | PE2|
1412 +---------+ +---------+
1414 Figure 8: DetNet network general reference model
1416 The tunnel between the service instances may have some special
1417 characteristics. For example, in case of a DetNet L3 service, there
1418 are differences in the usage of the PW for DetNet traffic compared to
1419 the network model described in [RFC6658]. In the DetNet scenario,
1420 the PW is likely to be used exclusively by the DetNet flow, whereas
1421 [RFC6658] states: "The packet PW appears as a single point-to-point
1422 link to the client layer. Network-layer adjacency formation and
1423 maintenance between the client equipment will follow the normal
1424 practice needed to support the required relationship in the client
1425 layer ... This packet PseudoWire is used to transport all of the
1426 required Layer-2 and Layer-3 protocols between LSR1 and LSR2".
1427 Further details are network technology specific and can be found in
1428 [I-D.ietf-detnet-dp-sol-mpls] and [I-D.ietf-detnet-dp-sol-ip].
1430 4.7. Flow identification at technology borders
1431 4.7.1. Exporting flow identification
1433 A DetNet node may need to map specific flows to lower layer flows (or
1434 Streams) in order to provide specific queuing and shaping services
1435 for specific flows. For example:
1437 o A non-IP, strictly L2 source end system X may be sending multiple
1438 flows to the same L2 destination end system Y. Those flows may
1439 include DetNet flows with different QoS requirements, and may
1440 include non-DetNet flows.
1442 o A router may be sending any number of flows to another router.
1443 Again, those flows may include DetNet flows with different QoS
1444 requirements, and may include non-DetNet flows.
1446 o Two routers may be separated by bridges. For these bridges to
1447 perform any required per-flow queuing and shaping, they must be
1448 able to identify the individual flows.
1450 o A Label Edge Router (LER) may have a Label Switched Path (LSP) set
1451 up for handling traffic destined for a particular IP address
1452 carrying only non-DetNet flows. If a DetNet flow to that same
1453 address is requested, a separate LSP may be needed, in order that
1454 all of the Label Switch Routers (LSRs) along the path to the
1455 destination give that flow special queuing and shaping.
1457 The need for a lower-layer node to be aware of individual higher-
1458 layer flows is not unique to DetNet. But, given the endless
1459 complexity of layering and relayering over tunnels that is available
1460 to network designers, DetNet needs to provide a model for flow
1461 identification that is better than packet inspection. That is not to
1462 say that packet inspection to Layer-4 or Layer-5 addresses will not
1463 be used, or the capability standardized; but, there are alternatives.
1465 A DetNet relay node can connect DetNet flows on different paths using
1466 different flow identification methods. For example:
1468 o A single unicast DetNet flow passing from router A through a
1469 bridged network to router B may be assigned a TSN Stream
1470 identifier that is unique within that bridged network. The
1471 bridges can then identify the flow without accessing higher-layer
1472 headers. Of course, the receiving router must recognize and
1473 accept that TSN Stream.
1475 o A DetNet flow passing from LSR A to LSR B may be assigned a
1476 different label than that used for other flows to the same IP
1477 destination.
1479 In any of the above cases, it is possible that an existing DetNet
1480 flow can be an aggregate carrying multiple other DetNet flows. (Not
1481 to be confused with DetNet compound vs. member flows.) Of course,
1482 this requires that the aggregate DetNet flow be provisioned properly
1483 to carry the aggregated flows.
1485 Thus, rather than packet inspection, there is the option to export
1486 higher-layer information to the lower layer. The requirement to
1487 support one or the other method for flow identification (or both) is
1488 a complexity that is part of DetNet control models.
1490 4.7.2. Flow attribute mapping between layers
1492 Forwarding of packets of DetNet flows over multiple technology
1493 domains may require that lower layers are aware of specific flows of
1494 higher layers. Such an "exporting of flow identification" is needed
1495 each time when the forwarding paradigm is changed on the forwarding
1496 path (e.g., two LSRs are interconnected by a L2 bridged domain,
1497 etc.). The three representative forwarding methods considered for
1498 deterministic networking are:
1500 o IP routing
1502 o MPLS label switching
1504 o Ethernet bridging
1506 A packet with corresponding Flow-IDs is illustrated in Figure 9,
1507 which also indicates where each Flow-ID can be added or removed.
1509 add/remove add/remove
1510 Eth Flow-ID IP Flow-ID
1511 | |
1512 v v
1513 +-----------------------------------------------------------+
1514 | | | | |
1515 | Eth | MPLS | IP | Application data |
1516 | | | | |
1517 +-----------------------------------------------------------+
1518 ^
1519 |
1520 add/remove
1521 MPLS Flow-ID
1523 Figure 9: Packet with multiple Flow-IDs
1525 The additional (domain specific) Flow-ID can be
1526 o created by a domain specific function or
1528 o derived from the Flow-ID added to the App-flow.
1530 The Flow-ID must be unique inside a given domain. Note that the
1531 Flow-ID added to the App-flow is still present in the packet, but
1532 some nodes may lack the function to recognize it; that's why the
1533 additional Flow-ID is added.
1535 4.7.3. Flow-ID mapping examples
1537 IP nodes and MPLS nodes are assumed to be configured to push such an
1538 additional (domain specific) Flow-ID when sending traffic to an
1539 Ethernet switch (as shown in the examples below).
1541 Figure 10 shows a scenario where an IP end system ("IP-A") is
1542 connected via two Ethernet switches ("ETH-n") to an IP router ("IP-
1543 1").
1545 IP domain
1546 <-----------------------------------------------
1548 +======+ +======+
1549 |L3-ID | |L3-ID |
1550 +======+ /\ +-----+ +======+
1551 / \ Forward as | |
1552 /IP-A\ per ETH-ID |IP-1 | Recognize
1553 Push ------> +-+----+ | +---+-+ <----- ETH-ID
1554 ETH-ID | +----+-----+ |
1555 | v v |
1556 | +-----+ +-----+ |
1557 +------+ | | +---------+
1558 +......+ |ETH-1+----+ETH-2| +======+
1559 .L3-ID . +-----+ +-----+ |L3-ID |
1560 +======+ +......+ +======+
1561 |ETH-ID| .L3-ID . |ETH-ID|
1562 +======+ +======+ +------+
1563 |ETH-ID|
1564 +======+
1566 Ethernet domain
1567 <---------------->
1569 Figure 10: IP nodes interconnected by an Ethernet domain
1571 End system "IP-A" uses the original App-flow specific ID ("L3-ID"),
1572 but as it is connected to an Ethernet domain it has to push an
1573 Ethernet-domain specific flow-ID ("ETH-ID") before sending the packet
1574 to "ETH-1" node. Ethernet switch "ETH-1" can recognize the data flow
1575 based on the "ETH-ID" and it does forwarding toward "ETH-2". "ETH-2"
1576 switches the packet toward the IP router. "IP-1" must be configured
1577 to receive the Ethernet Flow-ID specific multicast flow, but (as it
1578 is an L3 node) it decodes the data flow ID based on the "L3-ID"
1579 fields of the received packet.
1581 Figure 11 shows a scenario where MPLS domain nodes ("PE-n" and "P-m")
1582 are connected via two Ethernet switches ("ETH-n").
1584 MPLS domain
1585 <----------------------------------------------->
1587 +=======+ +=======+
1588 |MPLS-ID| |MPLS-ID|
1589 +=======+ +-----+ +-----+ +=======+ +-----+
1590 | | Forward as | | | |
1591 |PE-1 | per ETH-ID | P-2 +-----------+ PE-2|
1592 Push -----> +-+---+ | +---+-+ +-----+
1593 ETH-ID | +-----+----+ | \ Recognize
1594 | v v | +-- ETH-ID
1595 | +-----+ +-----+ |
1596 +---+ | | +----+
1597 +.......+ |ETH-1+----+ETH-2| +=======+
1598 .MPLS-ID. +-----+ +-----+ |MPLS-ID|
1599 +=======+ +=======+
1600 |ETH-ID | +.......+ |ETH-ID |
1601 +=======+ .MPLS-ID. +-------+
1602 +=======+
1603 |ETH-ID |
1604 +=======+
1605 Ethernet domain
1606 <---------------->
1608 Figure 11: MPLS nodes interconnected by an Ethernet domain
1610 "PE-1" uses the MPLS specific ID ("MPLS-ID"), but as it is connected
1611 to an Ethernet domain it has to push an Ethernet-domain specific
1612 flow-ID ("ETH-ID") before sending the packet to "ETH-1". Ethernet
1613 switch "ETH-1" can recognize the data flow based on the "ETH-ID" and
1614 it does forwarding toward "ETH-2". "ETH-2" switches the packet
1615 toward the MPLS node ("P-2"). "P-2" must be configured to receive
1616 the Ethernet Flow-ID specific multicast flow, but (as it is an MPLS
1617 node) it decodes the data flow ID based on the "MPLS-ID" fields of
1618 the received packet.
1620 One can appreciate from the above example that, when the means used
1621 for DetNet flow identification is altered or exported, the means for
1622 encoding the sequence number information must similarly be altered or
1623 exported.
1625 4.8. Advertising resources, capabilities and adjacencies
1627 Provisioning of DetNet requires knowledge about:
1629 o Details of the DetNet system's capabilities that are required in
1630 order to accurately allocate that DetNet system's resources, as
1631 well as other DetNet systems' resources. This includes, for
1632 example, which specific queuing and shaping algorithms are
1633 implemented (Section 4.5), the number of buffers dedicated for
1634 DetNet allocation, and the worst-case forwarding delay and
1635 misordering.
1637 o The dynamic state of a DetNet node's DetNet resources.
1639 o The identity of the DetNet system's neighbors, and the
1640 characteristics of the link(s) between the DetNet systems,
1641 including the latency of the links (in nanoseconds).
1643 4.9. Scaling to larger networks
1645 Reservations for individual DetNet flows require considerable state
1646 information in each DetNet node, especially when adequate fault
1647 mitigation (Section 3.3.2) is required. The DetNet data plane, in
1648 order to support larger numbers of DetNet flows, must support the
1649 aggregation of DetNet flows. Such aggregated flows can be viewed by
1650 the DetNet nodes' data plane largely as individual DetNet flows.
1651 Without such aggregation, the per-relay system may limit the scale of
1652 DetNet networks. Example techniques that may be used include MPLS
1653 hierarchy and IP DiffServ Code Points (DSCPs).
1655 4.10. Compatibility with Layer-2
1657 Standards providing similar capabilities for bridged networks (only)
1658 have been and are being generated in the IEEE 802 LAN/MAN Standards
1659 Committee. The present architecture describes an abstract model that
1660 can be applicable both at Layer-2 and Layer-3, and over links not
1661 defined by IEEE 802.
1663 DetNet enabled end systems and DetNet nodes can be interconnected by
1664 sub-networks, i.e., Layer-2 technologies. These sub-networks will
1665 provide DetNet compatible service for support of DetNet traffic.
1666 Examples of sub-networks include MPLS TE, 802.1 TSN, and a point-to-
1667 point OTN link. Of course, multi-layer DetNet systems may be
1668 possible too, where one DetNet appears as a sub-network, and provides
1669 service to, a higher layer DetNet system.
1671 5. Security Considerations
1673 Security in the context of Deterministic Networking has an added
1674 dimension; the time of delivery of a packet can be just as important
1675 as the contents of the packet, itself. A man-in-the-middle attack,
1676 for example, can impose, and then systematically adjust, additional
1677 delays into a link, and thus disrupt or subvert a real-time
1678 application without having to crack any encryption methods employed.
1679 See [RFC7384] for an exploration of this issue in a related context.
1681 Furthermore, in a control system where millions of dollars of
1682 equipment, or even human lives, can be lost if the DetNet QoS is not
1683 delivered, one must consider not only simple equipment failures,
1684 where the box or wire instantly becomes perfectly silent, but complex
1685 errors such as can be caused by software failures. Because there is
1686 essential no limit to the kinds of failures that can occur,
1687 protecting against realistic equipment failures is indistinguishable,
1688 in most cases, from protecting against malicious behavior, whether
1689 accidental or intentional. See also Section 3.3.2.
1691 Security must cover:
1693 o the protection of the signaling protocol
1695 o the authentication and authorization of the controlling systems
1697 o the identification and shaping of the DetNet flows
1699 Security considerations for DetNet are described in detail in
1700 [I-D.ietf-detnet-security].
1702 6. Privacy Considerations
1704 DetNet is provides a Quality of Service (QoS), and as such, does not
1705 directly raise any new privacy considerations.
1707 However, the requirement for every (or almost every) node along the
1708 path of a DetNet flow to identify DetNet flows may present an
1709 additional attack surface for privacy, should the DetNet paradigm be
1710 found useful in broader environments.
1712 7. IANA Considerations
1714 This document does not require an action from IANA.
1716 8. Acknowledgements
1718 The authors wish to thank Lou Berger, David Black, Stewart Bryant,
1719 Rodney Cummings, Ethan Grossman, Craig Gunther, Marcel Kiessling,
1720 Rudy Klecka, Jouni Korhonen, Erik Nordmark, Shitanshu Shah, Wilfried
1721 Steiner, George Swallow, Michael Johas Teener, Pat Thaler, Thomas
1722 Watteyne, Patrick Wetterwald, Karl Weber, Anca Zamfir, for their
1723 various contribution with this work.
1725 9. Informative References
1727 [CCAMP] IETF, "Common Control and Measurement Plane Working
1728 Group",
1729 .
1731 [I-D.ietf-6tisch-architecture]
1732 Thubert, P., "An Architecture for IPv6 over the TSCH mode
1733 of IEEE 802.15.4", draft-ietf-6tisch-architecture-19 (work
1734 in progress), December 2018.
1736 [I-D.ietf-detnet-dp-sol-ip]
1737 Korhonen, J. and B. Varga, "DetNet IP Data Plane
1738 Encapsulation", draft-ietf-detnet-dp-sol-ip-01 (work in
1739 progress), October 2018.
1741 [I-D.ietf-detnet-dp-sol-mpls]
1742 Korhonen, J. and B. Varga, "DetNet MPLS Data Plane
1743 Encapsulation", draft-ietf-detnet-dp-sol-mpls-01 (work in
1744 progress), October 2018.
1746 [I-D.ietf-detnet-problem-statement]
1747 Finn, N. and P. Thubert, "Deterministic Networking Problem
1748 Statement", draft-ietf-detnet-problem-statement-09 (work
1749 in progress), December 2018.
1751 [I-D.ietf-detnet-security]
1752 Mizrahi, T., Grossman, E., Hacker, A., Das, S., Dowdell,
1753 J., Austad, H., Stanton, K., and N. Finn, "Deterministic
1754 Networking (DetNet) Security Considerations", draft-ietf-
1755 detnet-security-03 (work in progress), October 2018.
1757 [I-D.ietf-detnet-use-cases]
1758 Grossman, E., "Deterministic Networking Use Cases", draft-
1759 ietf-detnet-use-cases-20 (work in progress), December
1760 2018.
1762 [IEC62439-3-2016]
1763 International Electrotechnical Commission (IEC) TC 65/SC
1764 65C - Industrial networks, "IEC 62439-3:2016 Industrial
1765 communication networks - High availability automation
1766 networks - Part 3: Parallel Redundancy Protocol (PRP) and
1767 High-availability Seamless Redundancy (HSR)", 2016,
1768 .
1770 [IEEE802.1BA]
1771 IEEE Standards Association, "IEEE Std 802.1BA-2011 Audio
1772 Video Bridging (AVB) Systems", 2011,
1773 .
1775 [IEEE802.1CB]
1776 IEEE Standards Association, "IEEE Std 802.1CB-2017 Frame
1777 Replication and Elimination for Reliability", 2017,
1778 .
1780 [IEEE802.1Q-2018]
1781 IEEE Standards Association, "IEEE Std 802.1Q-2018 Bridges
1782 and Bridged Networks", 2018,
1783 .
1785 [IEEE802.1Qav]
1786 IEEE Standards Association, "IEEE Std 802.1Qav-2009
1787 Bridges and Bridged Networks - Amendment 12: Forwarding
1788 and Queuing Enhancements for Time-Sensitive Streams",
1789 2009, .
1791 [IEEE802.1Qbu]
1792 IEEE Standards Association, "IEEE Std 802.1Qbu-2016
1793 Bridges and Bridged Networks - Amendment 26: Frame
1794 Preemption", 2016,
1795 .
1797 [IEEE802.1Qbv]
1798 IEEE Standards Association, "IEEE Std 802.1Qbv-2015
1799 Bridges and Bridged Networks - Amendment 25: Enhancements
1800 for Scheduled Traffic", 2015,
1801 .
1803 [IEEE802.1Qch]
1804 IEEE Standards Association, "IEEE Std 802.1Qch-2017
1805 Bridges and Bridged Networks - Amendment 29: Cyclic
1806 Queuing and Forwarding", 2017,
1807 .
1809 [IEEE802.1TSNTG]
1810 IEEE Standards Association, "IEEE 802.1 Time-Sensitive
1811 Networking Task Group", .
1813 [IEEE802.3-2018]
1814 IEEE Standards Association, "IEEE Std 802.3-2018 Standard
1815 for Ethernet", 2018,
1816 .
1818 [IEEE802.3br]
1819 IEEE Standards Association, "IEEE Std 802.3br-2016
1820 Standard for Ethernet Amendment 5: Specification and
1821 Management Parameters for Interspersing Express Traffic",
1822 2016, .
1824 [RFC2205] Braden, R., Ed., Zhang, L., Berson, S., Herzog, S., and S.
1825 Jamin, "Resource ReSerVation Protocol (RSVP) -- Version 1
1826 Functional Specification", RFC 2205, DOI 10.17487/RFC2205,
1827 September 1997, .
1829 [RFC2475] Blake, S., Black, D., Carlson, M., Davies, E., Wang, Z.,
1830 and W. Weiss, "An Architecture for Differentiated
1831 Services", RFC 2475, DOI 10.17487/RFC2475, December 1998,
1832 .
1834 [RFC2914] Floyd, S., "Congestion Control Principles", BCP 41,
1835 RFC 2914, DOI 10.17487/RFC2914, September 2000,
1836 .
1838 [RFC3168] Ramakrishnan, K., Floyd, S., and D. Black, "The Addition
1839 of Explicit Congestion Notification (ECN) to IP",
1840 RFC 3168, DOI 10.17487/RFC3168, September 2001,
1841 .
1843 [RFC3209] Awduche, D., Berger, L., Gan, D., Li, T., Srinivasan, V.,
1844 and G. Swallow, "RSVP-TE: Extensions to RSVP for LSP
1845 Tunnels", RFC 3209, DOI 10.17487/RFC3209, December 2001,
1846 .
1848 [RFC3550] Schulzrinne, H., Casner, S., Frederick, R., and V.
1849 Jacobson, "RTP: A Transport Protocol for Real-Time
1850 Applications", STD 64, RFC 3550, DOI 10.17487/RFC3550,
1851 July 2003, .
1853 [RFC4655] Farrel, A., Vasseur, J., and J. Ash, "A Path Computation
1854 Element (PCE)-Based Architecture", RFC 4655,
1855 DOI 10.17487/RFC4655, August 2006,
1856 .
1858 [RFC5921] Bocci, M., Ed., Bryant, S., Ed., Frost, D., Ed., Levrau,
1859 L., and L. Berger, "A Framework for MPLS in Transport
1860 Networks", RFC 5921, DOI 10.17487/RFC5921, July 2010,
1861 .
1863 [RFC6372] Sprecher, N., Ed. and A. Farrel, Ed., "MPLS Transport
1864 Profile (MPLS-TP) Survivability Framework", RFC 6372,
1865 DOI 10.17487/RFC6372, September 2011,
1866 .
1868 [RFC6658] Bryant, S., Ed., Martini, L., Swallow, G., and A. Malis,
1869 "Packet Pseudowire Encapsulation over an MPLS PSN",
1870 RFC 6658, DOI 10.17487/RFC6658, July 2012,
1871 .
1873 [RFC7149] Boucadair, M. and C. Jacquenet, "Software-Defined
1874 Networking: A Perspective from within a Service Provider
1875 Environment", RFC 7149, DOI 10.17487/RFC7149, March 2014,
1876 .
1878 [RFC7384] Mizrahi, T., "Security Requirements of Time Protocols in
1879 Packet Switched Networks", RFC 7384, DOI 10.17487/RFC7384,
1880 October 2014, .
1882 [RFC7426] Haleplidis, E., Ed., Pentikousis, K., Ed., Denazis, S.,
1883 Hadi Salim, J., Meyer, D., and O. Koufopavlou, "Software-
1884 Defined Networking (SDN): Layers and Architecture
1885 Terminology", RFC 7426, DOI 10.17487/RFC7426, January
1886 2015, .
1888 [RFC7554] Watteyne, T., Ed., Palattella, M., and L. Grieco, "Using
1889 IEEE 802.15.4e Time-Slotted Channel Hopping (TSCH) in the
1890 Internet of Things (IoT): Problem Statement", RFC 7554,
1891 DOI 10.17487/RFC7554, May 2015,
1892 .
1894 [RFC7813] Farkas, J., Ed., Bragg, N., Unbehagen, P., Parsons, G.,
1895 Ashwood-Smith, P., and C. Bowers, "IS-IS Path Control and
1896 Reservation", RFC 7813, DOI 10.17487/RFC7813, June 2016,
1897 .
1899 [RFC8227] Cheng, W., Wang, L., Li, H., van Helvoort, H., and J.
1900 Dong, "MPLS-TP Shared-Ring Protection (MSRP) Mechanism for
1901 Ring Topology", RFC 8227, DOI 10.17487/RFC8227, August
1902 2017, .
1904 [RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L.,
1905 Decraene, B., Litkowski, S., and R. Shakir, "Segment
1906 Routing Architecture", RFC 8402, DOI 10.17487/RFC8402,
1907 July 2018, .
1909 [RFC8453] Ceccarelli, D., Ed. and Y. Lee, Ed., "Framework for
1910 Abstraction and Control of TE Networks (ACTN)", RFC 8453,
1911 DOI 10.17487/RFC8453, August 2018,
1912 .
1914 [TEAS] IETF, "Traffic Engineering Architecture and Signaling
1915 Working Group",
1916 .
1918 Authors' Addresses
1920 Norman Finn
1921 Huawei
1922 3101 Rio Way
1923 Spring Valley, California 91977
1924 US
1926 Phone: +1 925 980 6430
1927 Email: norman.finn@mail01.huawei.com
1929 Pascal Thubert
1930 Cisco Systems
1931 Village d'Entreprises Green Side
1932 400, Avenue de Roumanille
1933 Batiment T3
1934 Biot - Sophia Antipolis 06410
1935 FRANCE
1937 Phone: +33 4 97 23 26 34
1938 Email: pthubert@cisco.com
1940 Balazs Varga
1941 Ericsson
1942 Magyar tudosok korutja 11
1943 Budapest 1117
1944 Hungary
1946 Email: balazs.a.varga@ericsson.com
1947 Janos Farkas
1948 Ericsson
1949 Magyar tudosok korutja 11
1950 Budapest 1117
1951 Hungary
1953 Email: janos.farkas@ericsson.com