idnits 2.17.1
draft-ietf-detnet-architecture-13.txt:
Checking boilerplate required by RFC 5378 and the IETF Trust (see
https://trustee.ietf.org/license-info):
----------------------------------------------------------------------------
No issues found here.
Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
----------------------------------------------------------------------------
No issues found here.
Checking nits according to https://www.ietf.org/id-info/checklist :
----------------------------------------------------------------------------
No issues found here.
Miscellaneous warnings:
----------------------------------------------------------------------------
== The copyright year in the IETF Trust and authors Copyright Line does not
match the current year
== Line 789 has weird spacing: '...e stack v ...'
-- The document date (May 6, 2019) is 1814 days in the past. Is this
intentional?
Checking references for intended status: Proposed Standard
----------------------------------------------------------------------------
(See RFCs 3967 and 4897 for information about using normative references
to lower-maturity documents in RFCs)
== Missing Reference: 'Network' is mentioned on line 931, but not defined
== Outdated reference: A later version (-30) exists of
draft-ietf-6tisch-architecture-20
== Outdated reference: A later version (-16) exists of
draft-ietf-detnet-security-04
Summary: 0 errors (**), 0 flaws (~~), 5 warnings (==), 1 comment (--).
Run idnits with the --verbose option for more detailed information about
the items above.
--------------------------------------------------------------------------------
2 DetNet N. Finn
3 Internet-Draft Huawei
4 Intended status: Standards Track P. Thubert
5 Expires: November 7, 2019 Cisco
6 B. Varga
7 J. Farkas
8 Ericsson
9 May 6, 2019
11 Deterministic Networking Architecture
12 draft-ietf-detnet-architecture-13
14 Abstract
16 This document provides the overall architecture for Deterministic
17 Networking (DetNet), which provides a capability to carry specified
18 unicast or multicast data flows for real-time applications with
19 extremely low data loss rates and bounded latency within a network
20 domain. Techniques used include: 1) reserving data plane resources
21 for individual (or aggregated) DetNet flows in some or all of the
22 intermediate nodes along the path of the flow; 2) providing explicit
23 routes for DetNet flows that do not immediately change with the
24 network topology; and 3) distributing data from DetNet flow packets
25 over time and/or space to ensure delivery of each packet's data in
26 spite of the loss of a path. DetNet operates at the IP layer and
27 delivers service over lower layer technologies such as MPLS and IEEE
28 802.1 Time-Sensitive Networking (TSN).
30 Status of This Memo
32 This Internet-Draft is submitted in full conformance with the
33 provisions of BCP 78 and BCP 79.
35 Internet-Drafts are working documents of the Internet Engineering
36 Task Force (IETF). Note that other groups may also distribute
37 working documents as Internet-Drafts. The list of current Internet-
38 Drafts is at https://datatracker.ietf.org/drafts/current/.
40 Internet-Drafts are draft documents valid for a maximum of six months
41 and may be updated, replaced, or obsoleted by other documents at any
42 time. It is inappropriate to use Internet-Drafts as reference
43 material or to cite them other than as "work in progress."
45 This Internet-Draft will expire on November 7, 2019.
47 Copyright Notice
49 Copyright (c) 2019 IETF Trust and the persons identified as the
50 document authors. All rights reserved.
52 This document is subject to BCP 78 and the IETF Trust's Legal
53 Provisions Relating to IETF Documents
54 (https://trustee.ietf.org/license-info) in effect on the date of
55 publication of this document. Please review these documents
56 carefully, as they describe your rights and restrictions with respect
57 to this document. Code Components extracted from this document must
58 include Simplified BSD License text as described in Section 4.e of
59 the Trust Legal Provisions and are provided without warranty as
60 described in the Simplified BSD License.
62 Table of Contents
64 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
65 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
66 2.1. Terms used in this document . . . . . . . . . . . . . . . 4
67 2.2. IEEE 802.1 TSN to DetNet dictionary . . . . . . . . . . . 7
68 3. Providing the DetNet Quality of Service . . . . . . . . . . . 7
69 3.1. Primary goals defining the DetNet QoS . . . . . . . . . . 8
70 3.2. Mechanisms to achieve DetNet QoS . . . . . . . . . . . . 10
71 3.2.1. Resource allocation . . . . . . . . . . . . . . . . . 10
72 3.2.1.1. Eliminate contention loss . . . . . . . . . . . . 10
73 3.2.1.2. Jitter Reduction . . . . . . . . . . . . . . . . 11
74 3.2.2. Service Protection . . . . . . . . . . . . . . . . . 11
75 3.2.2.1. In-Order Delivery . . . . . . . . . . . . . . . . 12
76 3.2.2.2. Packet Replication and Elimination . . . . . . . 12
77 3.2.2.3. Packet encoding for service protection . . . . . 14
78 3.2.3. Explicit routes . . . . . . . . . . . . . . . . . . . 14
79 3.3. Secondary goals for DetNet . . . . . . . . . . . . . . . 15
80 3.3.1. Coexistence with normal traffic . . . . . . . . . . . 15
81 3.3.2. Fault Mitigation . . . . . . . . . . . . . . . . . . 16
82 4. DetNet Architecture . . . . . . . . . . . . . . . . . . . . . 17
83 4.1. DetNet stack model . . . . . . . . . . . . . . . . . . . 17
84 4.1.1. Representative Protocol Stack Model . . . . . . . . . 17
85 4.1.2. DetNet Data Plane Overview . . . . . . . . . . . . . 20
86 4.1.3. Network reference model . . . . . . . . . . . . . . . 22
87 4.2. DetNet systems . . . . . . . . . . . . . . . . . . . . . 23
88 4.2.1. End system . . . . . . . . . . . . . . . . . . . . . 23
89 4.2.2. DetNet edge, relay, and transit nodes . . . . . . . . 24
90 4.3. DetNet flows . . . . . . . . . . . . . . . . . . . . . . 25
91 4.3.1. DetNet flow types . . . . . . . . . . . . . . . . . . 25
92 4.3.2. Source transmission behavior . . . . . . . . . . . . 25
93 4.3.3. Incomplete Networks . . . . . . . . . . . . . . . . . 27
94 4.4. Traffic Engineering for DetNet . . . . . . . . . . . . . 27
95 4.4.1. The Application Plane . . . . . . . . . . . . . . . . 28
96 4.4.2. The Controller Plane . . . . . . . . . . . . . . . . 28
97 4.4.3. The Network Plane . . . . . . . . . . . . . . . . . . 29
98 4.5. Queuing, Shaping, Scheduling, and Preemption . . . . . . 30
99 4.6. Service instance . . . . . . . . . . . . . . . . . . . . 31
100 4.7. Flow identification at technology borders . . . . . . . . 32
101 4.7.1. Exporting flow identification . . . . . . . . . . . . 32
102 4.7.2. Flow attribute mapping between layers . . . . . . . . 34
103 4.7.3. Flow-ID mapping examples . . . . . . . . . . . . . . 35
104 4.8. Advertising resources, capabilities and adjacencies . . . 36
105 4.9. Scaling to larger networks . . . . . . . . . . . . . . . 37
106 4.10. Compatibility with Layer-2 . . . . . . . . . . . . . . . 37
107 5. Security Considerations . . . . . . . . . . . . . . . . . . . 37
108 6. Privacy Considerations . . . . . . . . . . . . . . . . . . . 39
109 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 39
110 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 39
111 9. Informative References . . . . . . . . . . . . . . . . . . . 39
112 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 44
114 1. Introduction
116 This document provides the overall architecture for Deterministic
117 Networking (DetNet), which provides a capability for the delivery of
118 data flows with extremely low packet loss rates and bounded end-to-
119 end delivery latency. DetNet is for networks that are under a single
120 administrative control or within a closed group of administrative
121 control; these include campus-wide networks and private WANs. DetNet
122 is not for large groups of domains such as the Internet.
124 DetNet operates at the IP layer and delivers service over lower layer
125 technologies such as MPLS and IEEE 802.1 Time-Sensitive Networking
126 (TSN). DetNet accomplishes these goals by dedicating network
127 resources such as link bandwidth and buffer space to DetNet flows
128 and/or classes of DetNet flows, and by replicating packets along
129 multiple paths. Unused reserved resources are available to non-
130 DetNet packets as long as all guarantees are fulfilled.
132 The Deterministic Networking Problem Statement
133 [I-D.ietf-detnet-problem-statement] introduces Deterministic
134 Networking, and Deterministic Networking Use Cases
135 [I-D.ietf-detnet-use-cases] summarizes the need for it. See
136 [I-D.ietf-detnet-dp-sol-mpls] and [I-D.ietf-detnet-dp-sol-ip] for
137 specific techniques that can be used to identify DetNet flows and
138 assign them to specific paths through a network.
140 A goal of DetNet is a converged network in all respects including the
141 convergence of sensitive non-IP networks onto a common network
142 infrastructure. The presence of DetNet flows does not preclude non-
143 DetNet flows, and the benefits offered DetNet flows should not,
144 except in extreme cases, prevent existing Quality of Service (QoS)
145 mechanisms from operating in a normal fashion, subject to the
146 bandwidth required for the DetNet flows. A single source-destination
147 pair can trade both DetNet and non-DetNet flows. End systems and
148 applications need not instantiate special interfaces for DetNet
149 flows. Networks are not restricted to certain topologies;
150 connectivity is not restricted. Any application that generates a
151 data flow that can be usefully characterized as having a maximum
152 bandwidth should be able to take advantage of DetNet, as long as the
153 necessary resources can be reserved. Reservations can be made by the
154 application itself, via network management, by an application's
155 controller, or by other means, e.g., a dynamic control plane (e.g.,
156 [RFC2205]). QoS requirements of DetNet flows can be met if all
157 network nodes in a DetNet domain implement DetNet capabilities.
158 DetNet nodes can be interconnected with different sub-network
159 technologies (Section 4.1.2), where the nodes of the subnet are not
160 DetNet aware (Section 4.1.3).
162 Many applications that are intended to be served by Deterministic
163 Networking require the ability to synchronize the clocks in end
164 systems to a sub-microsecond accuracy. Some of the queue control
165 techniques defined in Section 4.5 also require time synchronization
166 among network nodes. The means used to achieve time synchronization
167 are not addressed in this document. DetNet can accommodate various
168 time synchronization techniques and profiles that are defined
169 elsewhere to address the needs of different market segments.
171 2. Terminology
173 2.1. Terms used in this document
175 The following terms are used in the context of DetNet in this
176 document:
178 allocation
179 Resources are dedicated to support a DetNet flow. Depending
180 on an implementation, the resource may be reused by non-
181 DetNet flows when it is not used by the DetNet flow.
183 App-flow
184 The payload (data) carried over a DetNet service.
186 DetNet compound flow and DetNet member flow
187 A DetNet compound flow is a DetNet flow that has been
188 separated into multiple duplicate DetNet member flows for
189 service protection at the DetNet service sub-layer. Member
190 flows are merged back into a single DetNet compound flow such
191 that there are no duplicate packets. "Compound" and "member"
192 are strictly relative to each other, not absolutes; a DetNet
193 compound flow comprising multiple DetNet member flows can, in
194 turn, be a member of a higher-order compound.
196 DetNet destination
197 An end system capable of terminating a DetNet flow.
199 DetNet domain
200 The portion of a network that is DetNet aware. It includes
201 end systems and DetNet nodes.
203 DetNet edge node
204 An instance of a DetNet relay node that acts as a source and/
205 or destination at the DetNet service sub-layer. For example,
206 it can include a DetNet service sub-layer proxy function for
207 DetNet service protection (e.g., the addition or removal of
208 packet sequencing information) for one or more end systems,
209 or starts or terminates resource allocation at the DetNet
210 forwarding sub-layer, or aggregates DetNet services into new
211 DetNet flows. It is analogous to a Label Edge Router (LER)
212 or a Provider Edge (PE) router.
214 DetNet flow
215 A DetNet flow is a sequence of packets which conform uniquely
216 to a flow identifier, and to which the DetNet service is to
217 be provided. It includes any DetNet headers added to support
218 the DetNet service and forwarding sub-layers.
220 DetNet forwarding sub-layer
221 DetNet functionality is divided into two sub-layers. One of
222 them is the DetNet forwarding sub-layer, which optionally
223 provides resource allocation for DetNet flows over paths
224 provided by the underlying network.
226 DetNet intermediate node
227 A DetNet relay node or DetNet transit node.
229 DetNet node
230 A DetNet edge node, a DetNet relay node, or a DetNet transit
231 node.
233 DetNet relay node
234 A DetNet node including a service sub-layer function that
235 interconnects different DetNet forwarding sub-layer paths to
236 provide service protection. A DetNet relay node participates
237 in the DetNet service sub-layer. It typically incorporates
238 DetNet forwarding sub-layer functions as well, in which case
239 it is collocated with a transit node.
241 DetNet service sub-layer
242 DetNet functionality is divided into two sub-layers. One of
243 them is the DetNet service sub-layer, at which a DetNet
244 service, e.g., service protection is provided.
246 DetNet service proxy
247 Maps between App-flows and DetNet flows.
249 DetNet source
250 An end system capable of originating a DetNet flow.
252 DetNet system
253 A DetNet aware end system, transit node, or relay node.
254 "DetNet" may be omitted in some text.
256 DetNet transit node
257 A DetNet node operating at the DetNet forwarding sub-layer,
258 that utilizes link layer and/or network layer switching
259 across multiple links and/or sub-networks to provide paths
260 for DetNet service sub-layer functions. Typically provides
261 resource allocation over those paths. An MPLS LSR is an
262 example of a DetNet transit node.
264 DetNet-UNI
265 User-to-Network Interface with DetNet specific
266 functionalities. It is a packet-based reference point and
267 may provide multiple functions like encapsulation, status,
268 synchronization, etc.
270 end system
271 Commonly called a "host" in IETF documents, and an "end
272 station" is IEEE 802 documents. End systems of interest to
273 this document are either sources or destinations of DetNet
274 flows. And end system may or may not be DetNet forwarding
275 sub-layer aware or DetNet service sub-layer aware.
277 link
278 A connection between two DetNet nodes. It may be composed of
279 a physical link or a sub-network technology that can provide
280 appropriate traffic delivery for DetNet flows.
282 PEF A Packet Elimination Function (PEF) eliminates duplicate
283 copies of packets to prevent excess packets flooding the
284 network or duplicate packets being sent out of the DetNet
285 domain. PEF can be implemented by a DetNet edge node, a
286 DetNet relay node, or an end system.
288 PRF A Packet Replication Function (PRF) replicates DetNet flow
289 packets and forwards them to one or more next hops in the
290 DetNet domain. The number of packet copies sent to the next
291 hops is a DetNet flow specific parameter at the point of
292 replication. PRF can be implemented by a DetNet edge node, a
293 DetNet relay node, or an end system.
295 PREOF Collective name for Packet Replication, Elimination, and
296 Ordering Functions.
298 POF A Packet Ordering Function (POF) re-orders packets within a
299 DetNet flow that are received out of order. This function
300 can be implemented by a DetNet edge node, a DetNet relay
301 node, or an end system.
303 reservation
304 The set of resources allocated between a source and one or
305 more destinations through DetNet nodes and subnets associated
306 with a DetNet flow, to provide the provisioned DetNet
307 service.
309 2.2. IEEE 802.1 TSN to DetNet dictionary
311 This section also serves as a dictionary for translating from the
312 terms used by the Time-Sensitive Networking (TSN) Task Group
313 [IEEE802.1TSNTG] of the IEEE 802.1 WG to those of the DetNet WG.
315 Listener
316 The IEEE 802.1 term for a destination of a DetNet flow.
318 relay system
319 The IEEE 802.1 term for a DetNet intermediate node.
321 Stream
322 The IEEE 802.1 term for a DetNet flow.
324 Talker
325 The IEEE 802.1 term for the source of a DetNet flow.
327 3. Providing the DetNet Quality of Service
328 3.1. Primary goals defining the DetNet QoS
330 The DetNet Quality of Service can be expressed in terms of:
332 o Minimum and maximum end-to-end latency from source to destination;
333 timely delivery, and bounded jitter (packet delay variation)
334 derived from these constraints.
336 o Packet loss ratio, under various assumptions as to the operational
337 states of the nodes and links.
339 o An upper bound on out-of-order packet delivery. It is worth
340 noting that some DetNet applications are unable to tolerate any
341 out-of-order delivery.
343 It is a distinction of DetNet that it is concerned solely with worst-
344 case values for the end-to-end latency, jitter, and misordering.
345 Average, mean, or typical values are of little interest, because they
346 do not affect the ability of a real-time system to perform its tasks.
347 In general, a trivial priority-based queuing scheme will give better
348 average latency to a data flow than DetNet; however, it may not be a
349 suitable option for DetNet because of its worst-case latency.
351 Three techniques are used by DetNet to provide these qualities of
352 service:
354 o Resource allocation (Section 3.2.1).
356 o Service protection (Section 3.2.2).
358 o Explicit routes (Section 3.2.3).
360 Resource allocation operates by assigning resources, e.g., buffer
361 space or link bandwidth, to a DetNet flow (or flow aggregate) along
362 its path. Resource allocation greatly reduces, or even eliminates
363 entirely, packet loss due to output packet contention within the
364 network, but it can only be supplied to a DetNet flow that is limited
365 at the source to a maximum packet size and transmission rate. As
366 DetNet flows are assumed to be rate-limited and DetNet is designed to
367 provide sufficient allocated resources (including provisioned
368 capacity), the use of transport layer congestion control [RFC2914]
369 for App-flows is not required; however, if resources are allocated
370 appropriately, use of congestion control should not impact
371 transmission negatively.
373 Resource allocation addresses two of the DetNet QoS requirements:
374 latency and packet loss. Given that DetNet nodes have a finite
375 amount of buffer space, resource allocation necessarily results in a
376 maximum end-to-end latency. It also addresses contention related
377 packet loss.
379 Other important contribution to packet loss are random media errors
380 and equipment failures. Service protection is the name for the
381 mechanisms used by DetNet to address these losses. The mechanisms
382 employed are constrained by the requirement to meet the users'
383 latency requirements. Packet replication and elimination
384 (Section 3.2.2) and packet encoding (Section 3.2.2.3) are described
385 in this document to provide service protection; others may be found.
386 For instance, packet encoding can be used to provide service
387 protection against random media errors, packet replication and
388 elimination can be used to provide service protection against
389 equipment failures. This mechanism distributes the contents of
390 DetNet flows over multiple paths in time and/or space, so that the
391 loss of some of the paths does need not cause the loss of any
392 packets.
394 The paths are typically (but not necessarily) explicit routes, so
395 that they do not normally suffer temporary interruptions caused by
396 the convergence of routing or bridging protocols.
398 These three techniques can be applied independently, giving eight
399 possible combinations, including none (no DetNet), although some
400 combinations are of wider utility than others. This separation keeps
401 the protocol stack coherent and maximizes interoperability with
402 existing and developing standards in this (IETF) and other Standards
403 Development Organizations. Some examples of typical expected
404 combinations:
406 o Explicit routes plus service protection are exactly the techniques
407 employed by seamless redundancy mechanisms applied on a ring
408 topology as described, e.g., in [IEC62439-3-2016]. In this
409 example, explicit routes are achieved by limiting the physical
410 topology of the network to a ring. Sequentialization,
411 replication, and duplicate elimination are facilitated by packet
412 tags added at the front or the end of Ethernet frames. [RFC8227]
413 provides another example in the context of MPLS.
415 o Resource allocation alone was originally offered by IEEE 802.1
416 Audio Video bridging [IEEE802.1BA]. As long as the network
417 suffers no failures, packet loss due to output packet contention
418 can be eliminated through the use of a reservation protocol (e.g.,
419 Multiple Stream Registration Protocol [IEEE802.1Q-2018]), shapers
420 in every bridge, and proper dimensioning.
422 o Using all three together gives maximum protection.
424 There are, of course, simpler methods available (and employed, today)
425 to achieve levels of latency and packet loss that are satisfactory
426 for many applications. Prioritization and over-provisioning is one
427 such technique. However, these methods generally work best in the
428 absence of any significant amount of non-critical traffic in the
429 network (if, indeed, such traffic is supported at all), or work only
430 if the critical traffic constitutes only a small portion of the
431 network's theoretical capacity, or work only if all systems are
432 functioning properly, or in the absence of actions by end systems
433 that disrupt the network's operations.
435 There are any number of methods in use, defined, or in progress for
436 accomplishing each of the above techniques. It is expected that this
437 DetNet Architecture will assist various vendors, users, and/or
438 "vertical" Standards Development Organizations (dedicated to a single
439 industry) to make selections among the available means of
440 implementing DetNet networks.
442 3.2. Mechanisms to achieve DetNet QoS
444 3.2.1. Resource allocation
446 3.2.1.1. Eliminate contention loss
448 The primary means by which DetNet achieves its QoS assurances is to
449 reduce, or even completely eliminate packet loss due to output packet
450 contention within a DetNet node as a cause of packet loss. This can
451 be achieved only by the provision of sufficient buffer storage at
452 each node through the network to ensure that no packets are dropped
453 due to a lack of buffer storage. Note that App-flows are generally
454 not expected to be responsive to implicit [RFC2914] or explicit
455 congestion notification [RFC3168].
457 Ensuring adequate buffering requires, in turn, that the source, and
458 every DetNet node along the path to the destination (or nearly every
459 node, see Section 4.3.3) be careful to regulate its output to not
460 exceed the data rate for any DetNet flow, except for brief periods
461 when making up for interfering traffic. Any packet sent ahead of its
462 time potentially adds to the number of buffers required by the next
463 hop DetNet node and may thus exceed the resources allocated for a
464 particular DetNet flow. Furthermore, rate limiting, e.g., using
465 traffic policing and shaping functions, e.g., [RFC2475], at the
466 ingress of the DetNet domain must be applied. This is needed for
467 meeting the requirements of DetNet flows as well as for protecting
468 non-DetNet traffic from potentially misbehaving DetNet traffic
469 sources. Note that large buffers have some issues, see, e.g.,
470 [BUFFERBLOAT].
472 The low-level mechanisms described in Section 4.5 provide the
473 necessary regulation of transmissions by an end system or DetNet node
474 to provide resource allocation. The allocation of the bandwidth and
475 buffers for a DetNet flow requires provisioning. A DetNet node may
476 have other resources requiring allocation and/or scheduling, that
477 might otherwise be over-subscribed and trigger the rejection of a
478 reservation.
480 3.2.1.2. Jitter Reduction
482 A core objective of DetNet is to enable the convergence of sensitive
483 non-IP networks onto a common network infrastructure. This requires
484 the accurate emulation of currently deployed mission-specific
485 networks, which for example rely on point-to-point analog (e.g.,
486 4-20mA modulation) and serial-digital cables (or buses) for highly
487 reliable, synchronized and jitter-free communications. While the
488 latency of analog transmissions is basically the speed of light,
489 legacy serial links are usually slow (in the order of Kbps) compared
490 to, say, Gigabit Ethernet, and some latency is usually acceptable.
491 What is not acceptable is the introduction of excessive jitter, which
492 may, for instance, affect the stability of control systems.
494 Applications that are designed to operate on serial links usually do
495 not provide services to recover the jitter, because jitter simply
496 does not exist there. DetNet flows are generally expected to be
497 delivered in-order and the precise time of reception influences the
498 processes. In order to converge such existing applications, there is
499 a desire to emulate all properties of the serial cable, such as clock
500 transportation, perfect flow isolation and fixed latency. While
501 minimal jitter (in the form of specifying minimum, as well as
502 maximum, end-to-end latency) is supported by DetNet, there are
503 practical limitations on packet-based networks in this regard. In
504 general, users are encouraged to use a combination of:
506 o Sub-microsecond time synchronization among all source and
507 destination end systems, and
509 o Time-of-execution fields in the application packets.
511 Jitter reduction is provided by the mechanisms described in
512 Section 4.5 that also provide resource allocation.
514 3.2.2. Service Protection
516 Service protection aims to mitigate or eliminate packet loss due to
517 equipment failures, including random media and/or memory faults.
518 These types of packet loss can be greatly reduced by spreading the
519 data over multiple disjoint forwarding paths. Various service
520 protection methods are described in [RFC6372], e.g., 1+1 linear
521 protection. This section describes the functional details of an
522 additional method in Section 3.2.2.2, which can be implemented as
523 described in Section 3.2.2.3 or as specified in
524 [I-D.ietf-detnet-dp-sol-mpls] in order to provide 1+n hitless
525 protection. The appropriate service protection mechanism depends on
526 the scenario and the requirements.
528 3.2.2.1. In-Order Delivery
530 Out-of-order packet delivery can be a side effect of service
531 protection. Packets delivered out-of-order impact the amount of
532 buffering needed at the destination to properly process the received
533 data. Such packets also influence the jitter of a flow. The DetNet
534 service includes maximum allowed misordering as a constraint. Zero
535 misordering would be a valid service constraint to reflect that the
536 end system(s) of the flow cannot tolerate any out-of-order delivery.
537 DetNet Packet Ordering Functionality (POF) (Section 3.2.2.2) can be
538 used to provide in-order delivery.
540 3.2.2.2. Packet Replication and Elimination
542 This section describes a service protection method that sends copies
543 of the same packets over multiple paths.
545 The DetNet service sub-layer includes the packet replication (PRF),
546 the packet elimination (PEF), and the packet ordering functionality
547 (POF) for use in DetNet edge, relay node, and end system packet
548 processing. These functions can be enabled in a DetNet edge node,
549 relay node or end system. The collective name for all three
550 functions is Packet Replication, Elimination, and Ordering Functions
551 (PREOF). The packet replication and elimination service protection
552 method altogether involves four capabilities:
554 o Providing sequencing information to the packets of a DetNet
555 compound flow. This may be done by adding a sequence number or
556 time stamp as part of DetNet, or may be inherent in the packet,
557 e.g., in a higher layer protocol, or associated to other physical
558 properties such as the precise time (and radio channel) of
559 reception of the packet. This is typically done once, at or near
560 the source.
562 o The Packet Replication Function (PRF) replicates these packets
563 into multiple DetNet member flows and typically sends them along
564 multiple different paths to the destination(s), e.g., over the
565 explicit routes of Section 3.2.3. The location within a DetNet
566 node, and the mechanism used for the PRF is left open for
567 implementations.
569 o The Packet Elimination Function (PEF) eliminates duplicate packets
570 of a DetNet flow based on the sequencing information and a history
571 of received packets. The output of the PEF is always a single
572 packet. This may be done at any DetNet node along the path to
573 save network resources further downstream, in particular if
574 multiple Replication points exist. But the most common case is to
575 perform this operation at the very edge of the DetNet network,
576 preferably in or near the receiver. The location within a DetNet
577 node, and mechanism used for the PEF is left open for
578 implementations.
580 o The Packet Ordering Function (POF) uses the sequencing information
581 to re-order a DetNet flow's packets that are received out of
582 order.
584 The order in which a DetNet node applies PEF, POF, and PRF to a
585 DetNet flow is left open for implementations.
587 Some service protection mechanisms rely on switching from one flow to
588 another when a failure of a flow is detected. Contrarily, packet
589 replication and elimination combines the DetNet member flows sent
590 along multiple different paths, and performs a packet-by-packet
591 selection of which to discard, e.g., based on sequencing information.
593 In the simplest case, this amounts to replicating each packet in a
594 source that has two interfaces, and conveying them through the
595 network, along separate (Shared Risk Link Group (SRLG) disjoint)
596 paths, to the similarly dual-homed destinations, that discard the
597 extras. This ensures that one path remains, even if some DetNet
598 intermediate node fails. The sequencing information can also be used
599 for loss detection and for re-ordering.
601 DetNet relay nodes in the network can provide replication and
602 elimination facilities at various points in the network, so that
603 multiple failures can be accommodated.
605 This is shown in Figure 1, where the two relay nodes each replicate
606 (R) the DetNet flow on input, sending the DetNet member flows to both
607 the other relay node and to the end system, and eliminate duplicates
608 (E) on the output interface to the right-hand end system. Any one
609 link in the network can fail, and the DetNet compound flow can still
610 get through. Furthermore, two links can fail, as long as they are in
611 different segments of the network.
613 > > > > > > > > > relay > > > > > > > >
614 > /------------+ R node E +------------\ >
615 > / v + ^ \ >
616 end R + v | ^ + E end
617 system + v | ^ + system
618 > \ v + ^ / >
619 > \------------+ R relay E +-----------/ >
620 > > > > > > > > > node > > > > > > > >
622 Figure 1: Packet replication and elimination
624 Packet replication and elimination does not react to and correct
625 failures; it is entirely passive. Thus, intermittent failures,
626 mistakenly created packet filters, or misrouted data is handled just
627 the same as the equipment failures that are handled by typical
628 routing and bridging protocols.
630 If member flows that take different-length paths through the network
631 are combined, a merge point may require extra buffering to equalize
632 the delays over the different paths. This equalization ensures that
633 the resultant compound flow will not exceed its contracted bandwidth
634 even after one or the other of the paths is restored after a failure.
635 The extra buffering can be also used to provide in-order delivery.
637 3.2.2.3. Packet encoding for service protection
639 There are methods for using multiple paths to provide service
640 protection that involve encoding the information in a packet
641 belonging to a DetNet flow into multiple transmission units,
642 combining information from multiple packets into any given
643 transmission unit. Such techniques, also known as "network coding",
644 can be used as a DetNet service protection technique.
646 3.2.3. Explicit routes
648 In networks controlled by typical dynamic control protocols such as
649 IS-IS or OSPF, a network topology event in one part of the network
650 can impact, at least briefly, the delivery of data in parts of the
651 network remote from the failure or recovery event. Even the use of
652 redundant paths through a network, e.g., as defined by [RFC6372] do
653 not eliminate the chances of packet loss. Furthermore, out-of-order
654 packet delivery can be a side effect of route changes.
656 Many real-time networks rely on physical rings of two-port devices,
657 with a relatively simple ring control protocol. This supports
658 redundant paths for service protection with a minimum of wiring. As
659 an additional benefit, ring topologies can often utilize different
660 topology management protocols than those used for a mesh network,
661 with a consequent reduction in the response time to topology changes.
662 Of course, this comes at some cost in terms of increased hop count,
663 and thus latency, for the typical path.
665 In order to get the advantages of low hop count and still ensure
666 against even very brief losses of connectivity, DetNet employs
667 explicit routes, where the path taken by a given DetNet flow does not
668 change, at least immediately, and likely not at all, in response to
669 network topology events. Service protection (Section 3.2.2 or
670 Section 3.2.2.3) over explicit routes provides a high likelihood of
671 continuous connectivity. Explicit routes can be established in
672 various ways, e.g., with RSVP-TE [RFC3209], with Segment Routing (SR)
673 [RFC8402], via a Software Defined Networking approach [RFC8453], with
674 IS-IS [RFC7813], etc. Explicit routes are typically used in MPLS TE
675 LSPs.
677 Out-of-order packet delivery can be a side effect of distributing a
678 single flow over multiple paths, especially when there is a change
679 from one path to another when combining the flow. This is
680 irrespective of the distribution method used, and also applies to
681 service protection over explicit routes. As described in
682 Section 3.2.2.1, out-of-order packets influence the jitter of a flow
683 and impact the amount of buffering needed to process the data;
684 therefore, DetNet service includes maximum allowed misordering as a
685 constraint. The use of explicit routes helps to provide in-order
686 delivery because there is no immediate route change with the network
687 topology, but the changes are plannable as they are between the
688 different explicit routes.
690 3.3. Secondary goals for DetNet
692 Many applications require DetNet to provide additional services,
693 including coexistence with other QoS mechanisms Section 3.3.1 and
694 protection against misbehaving transmitters Section 3.3.2.
696 3.3.1. Coexistence with normal traffic
698 A DetNet network supports the dedication of a high proportion of the
699 network bandwidth to DetNet flows. But, no matter how much is
700 dedicated for DetNet flows, it is a goal of DetNet to coexist with
701 existing Class of Service schemes (e.g., DiffServ). It is also
702 important that non-DetNet traffic not disrupt the DetNet flow, of
703 course (see Section 3.3.2 and Section 5). For these reasons:
705 o Bandwidth (transmission opportunities) not utilized by a DetNet
706 flow is available to non-DetNet packets (though not to other
707 DetNet flows).
709 o DetNet flows can be shaped or scheduled, in order to ensure that
710 the highest-priority non-DetNet packet is also ensured a worst-
711 case latency.
713 o When transmission opportunities for DetNet flows are scheduled in
714 detail, then the algorithm constructing the schedule should leave
715 sufficient opportunities for non-DetNet packets to satisfy the
716 needs of the users of the network. Detailed scheduling can also
717 permit the time-shared use of buffer resources by different DetNet
718 flows.
720 Starvation of non-DetNet traffic must be avoided, e.g., by traffic
721 policing and shaping functions (e.g., [RFC2475]). Thus, the net
722 effect of the presence of DetNet flows in a network on the non-DetNet
723 flows is primarily a reduction in the available bandwidth.
725 3.3.2. Fault Mitigation
727 Robust real-time systems require reducing the number of possible
728 failures. Filters and policers should be used in a DetNet network to
729 detect if DetNet packets are received on the wrong interface, or at
730 the wrong time, or in too great a volume. Furthermore, filters and
731 policers can take actions to discard the offending packets or flows,
732 or trigger shutting down the offending flow or the offending
733 interface.
735 It is also essential that filters and service remarking be employed
736 at the network edge to prevent non-DetNet packets from being mistaken
737 for DetNet packets, and thus impinging on the resources allocated to
738 DetNet packets. In particular, sending DetNet traffic into networks
739 that have not been provisioned in advance to handle that DetNet
740 traffic has to be treated as a fault. The use of egress traffic
741 filters, or equivalent mechanisms, to prevent this from happening are
742 strongly recommended at the edges of a DetNet networks and DetNet
743 supporting networks. In this context, the term 'provisioned' has a
744 broad meaning, e.g., provisioning could be performed via an
745 administrative decision that the downstream network has the available
746 capacity to carry the DetNet traffic that is being sent into it.
748 Note that the sending of App-flows that do not use transport layer
749 congestion control per [RFC2914] into a network that is not
750 provisioned to handle such DetNet traffic has to be treated as a
751 fault and prevented. PRF generated DetNet member flows also need to
752 be treated as not using transport layer congestion control even if
753 the original App-flow supports transport layer congestion control
754 because PREOF can remove congestion indications at the PEF and
755 thereby hide such indications (e.g., drops, ECN markings, increased
756 latency) from end systems.
758 The mechanisms to support these requirements are both data plane and
759 implementation specific. Data plane specific solutions will be
760 specified in the relevant data plane solution document. There also
761 exist techniques, at present and/or in various stages of
762 standardization, that can support these fault mitigation tasks that
763 deliver a high probability that misbehaving systems will have zero
764 impact on well-behaved DetNet flows, except of course, for the
765 receiving interface(s) immediately downstream of the misbehaving
766 device. Examples of such techniques include traffic policing and
767 shaping functions (e.g., [RFC2475]) and separating flows into per-
768 flow rate-limited queues, and potentially apply active queue
769 management [RFC7567].
771 4. DetNet Architecture
773 4.1. DetNet stack model
775 DetNet functionality (Section 3) is implemented in two adjacent sub-
776 layers in the protocol stack: the DetNet service sub-layer and the
777 DetNet forwarding sub-layer. The DetNet service sub-layer provides
778 DetNet service, e.g., service protection, to higher layers in the
779 protocol stack and applications. The DetNet forwarding sub-layer
780 supports DetNet service in the underlying network, e.g., by providing
781 explicit routes and resource allocation to DetNet flows.
783 4.1.1. Representative Protocol Stack Model
785 Figure 2 illustrates a conceptual DetNet data plane layering model.
786 One may compare it to that in [IEEE802.1CB], Annex C.
788 | packets going | ^ packets coming ^
789 v down the stack v | up the stack |
790 +-----------------------+ +-----------------------+
791 | Source | | Destination |
792 +-----------------------+ +-----------------------+
793 | Service sub-layer: | | Service sub-layer: |
794 | Packet sequencing | | Duplicate elimination |
795 | Flow replication | | Flow merging |
796 | Packet encoding | | Packet decoding |
797 +-----------------------+ +-----------------------+
798 | Forwarding sub-layer: | | Forwarding sub-layer: |
799 | Resource allocation | | Resource allocation |
800 | Explicit routes | | Explicit routes |
801 +-----------------------+ +-----------------------+
802 | Lower layers | | Lower layers |
803 +-----------------------+ +-----------------------+
804 v ^
805 \_________________________/
807 Figure 2: DetNet data plane protocol stack
809 Not all sub-layers are required for any given application, or even
810 for any given network. The functionality shown in Figure 2 is:
812 Application
813 Shown as "source" and "destination" in the diagram.
815 Packet sequencing
816 As part of DetNet service protection, supplies the sequence
817 number for packet replication and elimination
818 (Section 3.2.2), thus peers with Duplicate elimination. This
819 sub-layer is not needed if a higher layer protocol is
820 expected to perform any packet sequencing and duplicate
821 elimination required by the DetNet flow replication.
823 Duplicate elimination
824 As part of the DetNet service sub-layer, based on the
825 sequenced number supplied by its peer, packet sequencing,
826 Duplicate elimination discards any duplicate packets
827 generated by DetNet flow replication. It can operate on
828 member flows, compound flows, or both. The replication may
829 also be inferred from other information such as the precise
830 time of reception in a scheduled network. The duplicate
831 elimination sub-layer may also perform resequencing of
832 packets to restore packet order in a flow that was disrupted
833 by the loss of packets on one or another of the multiple
834 paths taken.
836 Flow replication
837 As part of DetNet service protection, packets that belong to
838 a DetNet compound flow are replicated into two or more DetNet
839 member flows. This function is separate from packet
840 sequencing. Flow replication can be an explicit replication
841 and remarking of packets, or can be performed by, for
842 example, techniques similar to ordinary multicast
843 replication, albeit with resource allocation implications.
844 Peers with DetNet flow merging.
846 Flow merging
847 As part of DetNet service protection, merges DetNet member
848 flows together for packets coming up the stack belonging to a
849 specific DetNet compound flow. Peers with DetNet flow
850 replication. DetNet flow merging, together with packet
851 sequencing, duplicate elimination, and DetNet flow
852 replication perform packet replication and elimination
853 (Section 3.2.2).
855 Packet encoding
856 As part of DetNet service protection, as an alternative to
857 packet sequencing and flow replication, packet encoding
858 combines the information in multiple DetNet packets, perhaps
859 from different DetNet compound flows, and transmits that
860 information in packets on different DetNet member Flows.
861 Peers with Packet decoding.
863 Packet decoding
864 As part of DetNet service protection, as an alternative to
865 flow merging and duplicate elimination, packet decoding takes
866 packets from different DetNet member flows, and computes from
867 those packets the original DetNet packets from the compound
868 flows input to packet encoding. Peers with Packet encoding.
870 Resource allocation
871 The DetNet forwarding sub-layer provides resource allocation.
872 See Section 4.5. The actual queuing and shaping mechanisms
873 are typically provided by underlying subnet. These can be
874 closely associated with the means of providing paths for
875 DetNet flows. The path and the resource allocation are
876 conflated in this figure.
878 Explicit routes
879 The DetNet forwarding sub-layer provides mechanisms to ensure
880 that fixed paths are provided for DetNet flows. These
881 explicit paths avoid the impact of network convergence.
883 Operations, Administration, and Maintenance (OAM) leverages in-band
884 and out-of-band signaling that validates whether the service is
885 effectively obtained within QoS constraints. OAM is not shown in
886 Figure 2; it may reside in any number of the layers. OAM can involve
887 specific tagging added in the packets for tracing implementation or
888 network configuration errors; traceability enables to find whether a
889 packet is a replica, which DetNet relay node performed the
890 replication, and which segment was intended for the replica. Active
891 and hybrid OAM methods require additional bandwidth to perform fault
892 management and performance monitoring of the DetNet domain. OAM may,
893 for instance, generate special test probes or add OAM information
894 into the data packet.
896 The packet sequencing and replication elimination functions at the
897 source and destination ends of a DetNet compound flow may be
898 performed either in the end system or in a DetNet relay node.
900 4.1.2. DetNet Data Plane Overview
902 A "Deterministic Network" will be composed of DetNet enabled end
903 systems, DetNet edge nodes, and DetNet relay nodes, which
904 collectively deliver DetNet services. DetNet relay and edge nodes
905 are interconnected via DetNet transit nodes (e.g., LSRs) which
906 support DetNet, but are not DetNet service aware. All DetNet nodes
907 are connected to sub-networks, where a point-to-point link is also
908 considered as a simple sub-network. These sub-networks will provide
909 DetNet compatible service for support of DetNet traffic. Examples of
910 sub-network technologies include MPLS TE, IEEE 802.1 TSN and OTN. Of
911 course, multi-layer DetNet systems may also be possible, where one
912 DetNet appears as a sub-network, and provides service to, a higher
913 layer DetNet system. A simple DetNet concept network is shown in
914 Figure 3. Note that in this and following figures "Forwarding" and
915 "Fwd" refer to the DetNet forwarding sub-layer, "Service" and "Svc"
916 refer to the DetNet service sub-layer, which are described in detail
917 in Section 4.1.
919 TSN Edge Transit Relay DetNet
920 End System Node Node Node End System
922 +----------+ +.........+ +----------+
923 | Appl. |<--:Svc Proxy:-- End to End Service -------->| Appl. |
924 +----------+ +---------+ +---------+ +----------+
925 | TSN | |TSN| |Svc|<- DetNet flow --: Service :-->| Service |
926 +----------+ +---+ +---+ +--------+ +---------+ +----------+
927 |Forwarding| |Fwd| |Fwd| | Fwd | |Fwd| |Fwd| |Forwarding|
928 +-------.--+ +-.-+ +-.-+ +--.----.+ +-.-+ +-.-+ +---.------+
929 : Link : / ,-----. \ : Link : / ,-----. \
930 +........+ +-[ Sub ]-+ +.......+ +-[ Sub ]-+
931 [Network] [Network]
932 `-----' `-----'
934 Figure 3: A Simple DetNet Enabled Network
936 DetNet data plane is divided into two sub-layers: the DetNet service
937 sub-layer and the DetNet forwarding sub-layer. This helps to explore
938 and evaluate various combinations of the data plane solutions
939 available. Some of them are illustrated in Figure 4. This
940 separation of DetNet sub-layers, while helpful, should not be
941 considered as formal requirement. For example, some technologies may
942 violate these strict sub-layers and still be able to deliver a DetNet
943 service.
945 .
946 .
947 +-----------------------------+
948 | DetNet Service sub-layer | PW, UDP, GRE
949 +-----------------------------+
950 | DetNet Forwarding sub-layer | IPv6, IPv4, MPLS TE LSPs, MPLS SR
951 +-----------------------------+
952 .
953 .
955 Figure 4: DetNet adaptation to data plane
957 In some networking scenarios, the end system initially provides a
958 DetNet flow encapsulation, which contains all information needed by
959 DetNet nodes (e.g., Real-time Transport Protocol (RTP) [RFC3550]
960 based DetNet flow carried over a native UDP/IP network or
961 PseudoWire). In other scenarios, the encapsulation formats might
962 differ significantly.
964 There are many valid options to create a data plane solution for
965 DetNet traffic by selecting a technology approach for the DetNet
966 service sub-layer and also selecting a technology approach for the
967 DetNet forwarding sub-layer. There are a large number of valid
968 combinations.
970 One of the most fundamental differences between different potential
971 data plane options is the basic headers used by DetNet nodes. For
972 example, the basic service can be delivered based on an MPLS label or
973 an IP header. This decision impacts the basic forwarding logic for
974 the DetNet service sub-layer. Note that in both cases, IP addresses
975 are used to address DetNet nodes. The selected DetNet forwarding
976 sub-layer technology also needs to be mapped to the sub-net
977 technology used to interconnect DetNet nodes. For example, DetNet
978 flows will need to be mapped to TSN Streams.
980 4.1.3. Network reference model
982 Figure 5 shows another view of the DetNet service related reference
983 points and main components.
985 DetNet DetNet
986 end system end system
987 _ _
988 / \ +----DetNet-UNI (U) / \
989 /App\ | /App\
990 /-----\ | /-----\
991 | NIC | v ________ | NIC |
992 +--+--+ _____ / \ DetNet-UNI (U) --+ +--+--+
993 | / \__/ \ | |
994 | / +----+ +----+ \_____ | |
995 | / | | | | \_______ | |
996 +------U PE +----+ P +----+ \ _ v |
997 | | | | | | | ___/ \ |
998 | +--+-+ +----+ | +----+ | / \_ |
999 \ | | | | | / \ |
1000 \ | +----+ +--+-+ +--+PE |------ U-----+
1001 \ | | | | | | | | | \_ _/
1002 \ +---+ P +----+ P +--+ +----+ | \____/
1003 \___ | | | | /
1004 \ +----+__ +----+ DetNet-1 DetNet-2
1005 | \_____/ \___________/ |
1006 | |
1007 | | End-to-End service | | | |
1008 <------------------------------------------------------------->
1009 | | DetNet service | | | |
1010 | <------------------------------------------------> |
1011 | | | | | |
1013 Figure 5: DetNet Service Reference Model (multi-domain)
1015 DetNet User Network Interfaces (DetNet-UNIs) ("U" in Figure 5) are
1016 assumed in this document to be packet-based reference points and
1017 provide connectivity over the packet network. A DetNet-UNI may
1018 provide multiple functions, e.g., it may add networking technology
1019 specific encapsulation to the DetNet flows if necessary; it may
1020 provide status of the availability of the resources associated with a
1021 reservation; it may provide a synchronization service for the end
1022 system; it may carry enough signaling to place the reservation in a
1023 network without a controller, or if the controller only deals with
1024 the network but not the end systems. Internal reference points of
1025 end systems (between the application and the NIC) are more
1026 challenging from control perspective and they may have extra
1027 requirements (e.g., in-order delivery is expected in end system
1028 internal reference points, whereas it is considered optional over the
1029 DetNet-UNI).
1031 4.2. DetNet systems
1033 4.2.1. End system
1035 The traffic characteristics of an App-flow can be CBR (constant bit
1036 rate) or VBR (variable bit rate) and can have Layer-1 or Layer-2 or
1037 Layer-3 encapsulation (e.g., TDM (time-division multiplexing),
1038 Ethernet, IP). These characteristics are considered as input for
1039 resource reservation and might be simplified to ensure determinism
1040 during packet forwarding (e.g., making reservations for the peak rate
1041 of VBR traffic, etc.).
1043 An end system may or may not be DetNet forwarding sub-layer aware or
1044 DetNet service sub-layer aware. That is, an end system may or may
1045 not contain DetNet specific functionality. End systems with DetNet
1046 functionalities may have the same or different forwarding sub-layer
1047 as the connected DetNet domain. Categorization of end systems are
1048 shown in Figure 6.
1050 End system
1051 |
1052 |
1053 | DetNet aware ?
1054 / \
1055 +------< >------+
1056 NO | \ / | YES
1057 | v |
1058 DetNet unaware |
1059 End system |
1060 | Service/Forwarding
1061 | sub-layer
1062 / \ aware ?
1063 +--------< >-------------+
1064 f-aware | \ / | s-aware
1065 | v |
1066 | | both |
1067 | | |
1068 DetNet f-aware | DetNet s-aware
1069 End system | End system
1070 v
1071 DetNet sf-aware
1072 End system
1074 Figure 6: Categorization of end systems
1076 Note some known use case examples for end systems:
1078 o DetNet unaware: The classic case requiring service proxies.
1080 o DetNet f-aware: A DetNet forwarding sub-layer aware system. It
1081 knows about some TSN functions (e.g., reservation), but not about
1082 service protection.
1084 o DetNet s-aware: A DetNet service sub-layer aware system. It
1085 supplies sequence numbers, but doesn't know about resource
1086 allocation.
1088 o DetNet sf-aware: A full functioning DetNet end system, it has
1089 DetNet functionalities and usually the same forwarding paradigm as
1090 the connected DetNet domain. It can be treated as an integral
1091 part of the DetNet domain.
1093 4.2.2. DetNet edge, relay, and transit nodes
1095 As shown in Figure 3, DetNet edge nodes providing proxy service and
1096 DetNet relay nodes providing the DetNet service sub-layer are DetNet-
1097 aware, and DetNet transit nodes need only be aware of the DetNet
1098 forwarding sub-layer.
1100 In general, if a DetNet flow passes through one or more DetNet-
1101 unaware network nodes between two DetNet nodes providing the DetNet
1102 forwarding sub-layer for that flow, there is a potential for
1103 disruption or failure of the DetNet QoS. A network administrator
1104 needs to ensure that the DetNet-unaware network nodes are configured
1105 to minimize the chances of packet loss and delay, and provision
1106 enough extra buffer space in the DetNet transit node following the
1107 DetNet-unaware network nodes to absorb the induced latency
1108 variations.
1110 4.3. DetNet flows
1112 4.3.1. DetNet flow types
1114 A DetNet flow can have different formats while its packets are
1115 forwarded between the peer end systems depending on the type of the
1116 end systems. Corresponding to the end system types, the following
1117 possible types / formats of a DetNet flow are distinguished in this
1118 document. The different flow types have different requirements to
1119 DetNet nodes.
1121 o App-flow: the payload (data) carried over a DetNet flow between
1122 DetNet unaware end systems. An app-flow does not contain any
1123 DetNet related attributes and does not imply any specific
1124 requirement on DetNet nodes.
1126 o DetNet-f-flow: specific format of a DetNet flow. It only requires
1127 the resource allocation features provided by the DetNet forwarding
1128 sub-layer.
1130 o DetNet-s-flow: specific format of a DetNet flow. It only requires
1131 the service protection feature ensured by the DetNet service sub-
1132 layer.
1134 o DetNet-sf-flow: specific format of a DetNet flow. It requires
1135 both DetNet service sub-layer and DetNet forwarding sub-layer
1136 functions during forwarding.
1138 4.3.2. Source transmission behavior
1140 For the purposes of resource allocation, DetNet flows can be
1141 synchronous or asynchronous. In synchronous DetNet flows, at least
1142 the DetNet nodes (and possibly the end systems) are closely time
1143 synchronized, typically to better than 1 microsecond. By
1144 transmitting packets from different DetNet flows or classes of DetNet
1145 flows at different times, using repeating schedules synchronized
1146 among the DetNet nodes, resources such as buffers and link bandwidth
1147 can be shared over the time domain among different DetNet flows.
1148 There is a tradeoff among techniques for synchronous DetNet flows
1149 between the burden of fine-grained scheduling and the benefit of
1150 reducing the required resources, especially buffer space.
1152 In contrast, asynchronous DetNet flows are not coordinated with a
1153 fine-grained schedule, so relay and end systems must assume worst-
1154 case interference among DetNet flows contending for buffer resources.
1155 Asynchronous DetNet flows are characterized by:
1157 o A maximum packet size;
1159 o An observation interval; and
1161 o A maximum number of transmissions during that observation
1162 interval.
1164 These parameters, together with knowledge of the protocol stack used
1165 (and thus the size of the various headers added to a packet), provide
1166 the bandwidth that is needed for the DetNet flow.
1168 The source is required not to exceed these limits in order to obtain
1169 DetNet service. If the source transmits less data than this limit
1170 allows, the unused resource such as link bandwidth can be made
1171 available by the DetNet system to non-DetNet packets as long as all
1172 guarantees are fulfilled. However, making those resources available
1173 to DetNet packets in other DetNet flows would serve no purpose.
1174 Those other DetNet flows have their own dedicated resources, on the
1175 assumption that all DetNet flows can use all of their resources over
1176 a long period of time.
1178 There is no expectation in DetNet for App-flows to be responsive to
1179 congestion control [RFC2914] or explicit congestion notification
1180 [RFC3168]. The assumption is that a DetNet flow, to be useful, must
1181 be delivered in its entirety. That is, while any useful application
1182 is written to expect a certain number of lost packets, the real-time
1183 applications of interest to DetNet demand that the loss of data due
1184 to the network is a rare event.
1186 Although DetNet strives to minimize the changes required of an
1187 application to allow it to shift from a special-purpose digital
1188 network to an Internet Protocol network, one fundamental shift in the
1189 behavior of network applications is impossible to avoid: the
1190 reservation of resources before the application starts. In the first
1191 place, a network cannot deliver finite latency and practically zero
1192 packet loss to an arbitrarily high offered load. Secondly, achieving
1193 practically zero packet loss for DetNet flows means that DetNet nodes
1194 have to dedicate buffer resources to specific DetNet flows or to
1195 classes of DetNet flows. The requirements of each reservation have
1196 to be translated into the parameters that control each DetNet
1197 system's queuing, shaping, and scheduling functions and delivered to
1198 the DetNet nodes and end systems.
1200 All nodes in a DetNet domain are expected to support the data
1201 behavior required to deliver a particular DetNet service. If a node
1202 itself is not DetNet service aware, the DetNet nodes that are
1203 adjacent to such non-DetNet aware nodes must ensure that the non-
1204 DetNet aware node is provisioned to appropriately support the DetNet
1205 service. For example, an IEEE 802.1 TSN node may be used to
1206 interconnect DetNet aware nodes, and these DetNet nodes can map
1207 DetNet flows to 802.1 TSN flows. Another example, an MPLS-TE or TP
1208 domain may be used to interconnect DetNet aware nodes, and these
1209 DetNet nodes can map DetNet flows to TE LSPs which can provide the
1210 QoS requirements of the DetNet service.
1212 4.3.3. Incomplete Networks
1214 The presence in the network of intermediate nodes or subnets that are
1215 not fully capable of offering DetNet services complicates the ability
1216 of the intermediate nodes and/or controller to allocate resources, as
1217 extra buffering must be allocated at points downstream from the non-
1218 DetNet intermediate node for a DetNet flow. This extra buffering may
1219 increase latency and/or jitter.
1221 4.4. Traffic Engineering for DetNet
1223 Traffic Engineering Architecture and Signaling (TEAS) [TEAS] defines
1224 traffic-engineering architectures for generic applicability across
1225 packet and non-packet networks. From a TEAS perspective, Traffic
1226 Engineering (TE) refers to techniques that enable operators to
1227 control how specific traffic flows are treated within their networks.
1229 Because if its very nature of establishing explicit optimized paths,
1230 Deterministic Networking can be seen as a new, specialized branch of
1231 Traffic Engineering, and inherits its architecture with a separation
1232 into planes.
1234 The Deterministic Networking architecture is thus composed of three
1235 planes, a (User) Application Plane, a Controller Plane, and a Network
1236 Plane, which echoes that of Figure 1 of Software-Defined Networking
1237 (SDN): Layers and Architecture Terminology [RFC7426], and the
1238 Controllers identified in [RFC8453] and [RFC7149].
1240 4.4.1. The Application Plane
1242 Per [RFC7426], the Application Plane includes both applications and
1243 services. In particular, the Application Plane incorporates the User
1244 Agent, a specialized application that interacts with the end user /
1245 operator and performs requests for Deterministic Networking services
1246 via an abstract Flow Management Entity, (FME) which may or may not be
1247 collocated with (one of) the end systems.
1249 At the Application Plane, a management interface enables the
1250 negotiation of flows between end systems. An abstraction of the flow
1251 called a Traffic Specification (TSpec) provides the representation.
1252 This abstraction is used to place a reservation over the (Northbound)
1253 Service Interface and within the Application plane. It is associated
1254 with an abstraction of location, such as IP addresses and DNS names,
1255 to identify the end systems and possibly specify DetNet nodes.
1257 4.4.2. The Controller Plane
1259 The Controller Plane corresponds to the aggregation of the Control
1260 and Management Planes in [RFC7426], though Common Control and
1261 Measurement Plane (CCAMP) [CCAMP] makes an additional distinction
1262 between management and measurement. When the logical separation of
1263 the Control, Measurement and other Management entities is not
1264 relevant, the term Controller Plane is used for simplicity to
1265 represent them all, and the term Controller Plane Function (CPF)
1266 refers to any device operating in that plane, whether is it a Path
1267 Computation Element (PCE) [RFC4655], or a Network Management entity
1268 (NME), or a distributed control plane. The CPF is a core element of
1269 a controller, in charge of computing Deterministic paths to be
1270 applied in the Network Plane.
1272 A (Northbound) Service Interface enables applications in the
1273 Application Plane to communicate with the entities in the Controller
1274 Plane as illustrated in Figure 7.
1276 One or more CPF(s) collaborate to implement the requests from the FME
1277 as Per-Flow Per-Hop Behaviors installed in the DetNet nodes for each
1278 individual flow. The CPFs place each flow along a deterministic
1279 sequence of DetNet nodes so as to respect per-flow constraints such
1280 as security and latency, and optimize the overall result for metrics
1281 such as an abstract aggregated cost. The deterministic sequence can
1282 typically be more complex than a direct sequence and include
1283 redundant paths, with one or more packet replication and elimination
1284 points. Scaling to larger networks is discussed in Section 4.9.
1286 4.4.3. The Network Plane
1288 The Network Plane represents the network devices and protocols as a
1289 whole, regardless of the Layer at which the network devices operate.
1290 It includes Forwarding Plane (data plane), Application, and
1291 Operational Plane (e.g., OAM) aspects.
1293 The network Plane comprises the Network Interface Cards (NIC) in the
1294 end systems, which are typically IP hosts, and DetNet nodes, which
1295 are typically IP routers and MPLS switches. Network-to-Network
1296 Interfaces such as used for Traffic Engineering path reservation in
1297 [RFC5921], as well as User-to-Network Interfaces (UNI) such as
1298 provided by the Local Management Interface (LMI) between network and
1299 end systems, are both part of the Network Plane, both in the control
1300 plane and the data plane.
1302 A Southbound (Network) Interface enables the entities in the
1303 Controller Plane to communicate with devices in the Network Plane as
1304 illustrated in Figure 7. This interface leverages and extends TEAS
1305 to describe the physical topology and resources in the Network Plane.
1307 End End
1308 System System
1310 -+-+-+-+-+-+-+ Northbound -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
1312 CPF CPF CPF CPF
1314 -+-+-+-+-+-+-+ Southbound -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
1316 DetNet DetNet DetNet DetNet
1317 Node Node Node Node
1318 NIC NIC
1319 DetNet DetNet DetNet DetNet
1320 Node Node Node Node
1322 Figure 7: Northbound and Southbound interfaces
1324 The DetNet nodes (and possibly the end systems NIC) expose their
1325 capabilities and physical resources to the controller (the CPF), and
1326 update the CPFs with their dynamic perception of the topology, across
1327 the Southbound Interface. In return, the CPFs set the per-flow paths
1328 up, providing a Flow Characterization that is more tightly coupled to
1329 the DetNet node Operation than a TSpec.
1331 At the Network plane, DetNet nodes may exchange information regarding
1332 the state of the paths, between adjacent DetNet nodes and possibly
1333 with the end systems, and forward packets within constraints
1334 associated to each flow, or, when unable to do so, perform a last
1335 resort operation such as drop or declassify.
1337 This document focuses on the Southbound interface and the operation
1338 of the Network Plane.
1340 4.5. Queuing, Shaping, Scheduling, and Preemption
1342 DetNet achieves bounded delivery latency by reserving bandwidth and
1343 buffer resources at each DetNet node along the path of the DetNet
1344 flow. The reservation itself is not sufficient, however.
1345 Implementors and users of a number of proprietary and standard real-
1346 time networks have found that standards for specific data plane
1347 techniques are required to enable these assurances to be made in a
1348 multi-vendor network. The fundamental reason is that latency
1349 variation in one DetNet system results in the need for extra buffer
1350 space in the next-hop DetNet system(s), which in turn, increases the
1351 worst-case per-hop latency.
1353 Standard queuing and transmission selection algorithms allow traffic
1354 engineering Section 4.4 to compute the latency contribution of each
1355 DetNet node to the end-to-end latency, to compute the amount of
1356 buffer space required in each DetNet node for each incremental DetNet
1357 flow, and most importantly, to translate from a flow specification to
1358 a set of values for the managed objects that control each relay or
1359 end system. For example, the IEEE 802.1 WG has specified (and is
1360 specifying) a set of queuing, shaping, and scheduling algorithms that
1361 enable each DetNet node, and/or a central controller, to compute
1362 these values. These algorithms include:
1364 o A credit-based shaper [IEEE802.1Qav] (superseded by
1365 [IEEE802.1Q-2018]).
1367 o Time-gated queues governed by a rotating time schedule based on
1368 synchronized time [IEEE802.1Qbv] (superseded by
1369 [IEEE802.1Q-2018]).
1371 o Synchronized double (or triple) buffers driven by synchronized
1372 time ticks. [IEEE802.1Qch] (superseded by [IEEE802.1Q-2018]).
1374 o Pre-emption of an Ethernet packet in transmission by a packet with
1375 a more stringent latency requirement, followed by the resumption
1376 of the preempted packet [IEEE802.1Qbu] (superseded by
1377 [IEEE802.1Q-2018]), [IEEE802.3br] (superseded by
1378 [IEEE802.3-2018]).
1380 While these techniques are currently embedded in Ethernet
1381 [IEEE802.3-2018] and bridging standards, we can note that they are
1382 all, except perhaps for packet preemption, equally applicable to
1383 other media than Ethernet, and to routers as well as bridges. Other
1384 media may have its own methods, see, e.g.,
1385 [I-D.ietf-6tisch-architecture], [RFC7554]. Further techniques are
1386 defined by the IETF, e.g., [RFC8289] and [RFC8033]. DetNet may
1387 include such definitions in the future, or may define how these
1388 techniques can be used by DetNet nodes.
1390 4.6. Service instance
1392 A Service instance represents all the functions required on a DetNet
1393 node to allow the end-to-end service between the UNIs.
1395 The DetNet network general reference model is shown in Figure 8 for a
1396 DetNet service scenario (i.e., between two DetNet-UNIs). In this
1397 figure, end systems ("A" and "B") are connected directly to the edge
1398 nodes of an IP/MPLS network ("PE1" and "PE2"). End systems
1399 participating in DetNet communication may require connectivity before
1400 setting up an App-flow that requires the DetNet service. Such a
1401 connectivity related service instance and the one dedicated for
1402 DetNet service share the same access. Packets belonging to a DetNet
1403 flow are selected by a filter configured on the access ("F1" and
1404 "F2"). As a result, data flow specific access ("access-A + F1" and
1405 "access-B + F2") are terminated in the flow specific service instance
1406 ("SI-1" and "SI-2"). A tunnel is used to provide connectivity
1407 between the service instances.
1409 The tunnel is exclusively used for the packets of the DetNet flow
1410 between "SI-1" and "SI-2". The service instances are configured to
1411 implement DetNet functions and a flow specific DetNet forwarding.
1412 The service instance and the tunnel may or may not be shared by
1413 multiple DetNet flows. Sharing the service instance by multiple
1414 DetNet flows requires properly populated forwarding tables of the
1415 service instance.
1417 access-A access-B
1418 <-----> <-------- tunnel ----------> <----->
1420 +---------+ ___ _ +---------+
1421 End system | +----+ | / \/ \_ | +----+ | End system
1422 "A" -------F1+ | | / \ | | +F2----- "B"
1423 | | +========+ IP/MPLS +=======+ | |
1424 | |SI-1| | \__ Net._/ | |SI-2| |
1425 | +----+ | \____/ | +----+ |
1426 |PE1 | | PE2|
1427 +---------+ +---------+
1429 Figure 8: DetNet network general reference model
1431 The tunnel between the service instances may have some special
1432 characteristics. For example, in case of a DetNet L3 service, there
1433 are differences in the usage of the PW for DetNet traffic compared to
1434 the network model described in [RFC6658]. In the DetNet scenario,
1435 the PW is likely to be used exclusively by the DetNet flow, whereas
1436 [RFC6658] states: "The packet PW appears as a single point-to-point
1437 link to the client layer. Network-layer adjacency formation and
1438 maintenance between the client equipment will follow the normal
1439 practice needed to support the required relationship in the client
1440 layer ... This packet PseudoWire is used to transport all of the
1441 required Layer-2 and Layer-3 protocols between LSR1 and LSR2".
1442 Further details are network technology specific and can be found in
1443 [I-D.ietf-detnet-dp-sol-mpls] and [I-D.ietf-detnet-dp-sol-ip].
1445 4.7. Flow identification at technology borders
1447 This section discusses what needs to be done at technology borders
1448 including Ethernet as one of the technologies. Flow identification
1449 for MPLS and IP data planes are described in
1450 [I-D.ietf-detnet-dp-sol-mpls] and [I-D.ietf-detnet-dp-sol-ip],
1451 respectively.
1453 4.7.1. Exporting flow identification
1455 A DetNet node may need to map specific flows to lower layer flows (or
1456 Streams) in order to provide specific queuing and shaping services
1457 for specific flows. For example:
1459 o A non-IP, strictly L2 source end system X may be sending multiple
1460 flows to the same L2 destination end system Y. Those flows may
1461 include DetNet flows with different QoS requirements, and may
1462 include non-DetNet flows.
1464 o A router may be sending any number of flows to another router.
1465 Again, those flows may include DetNet flows with different QoS
1466 requirements, and may include non-DetNet flows.
1468 o Two routers may be separated by bridges. For these bridges to
1469 perform any required per-flow queuing and shaping, they must be
1470 able to identify the individual flows.
1472 o A Label Edge Router (LER) may have a Label Switched Path (LSP) set
1473 up for handling traffic destined for a particular IP address
1474 carrying only non-DetNet flows. If a DetNet flow to that same
1475 address is requested, a separate LSP may be needed, in order that
1476 all of the Label Switch Routers (LSRs) along the path to the
1477 destination give that flow special queuing and shaping.
1479 The need for a lower-layer node to be aware of individual higher-
1480 layer flows is not unique to DetNet. But, given the endless
1481 complexity of layering and relayering over tunnels that is available
1482 to network designers, DetNet needs to provide a model for flow
1483 identification that is better than packet inspection. That is not to
1484 say that packet inspection to Layer-4 or Layer-5 addresses will not
1485 be used, or the capability standardized; but, there are alternatives.
1487 A DetNet relay node can connect DetNet flows on different paths using
1488 different flow identification methods. For example:
1490 o A single unicast DetNet flow passing from router A through a
1491 bridged network to router B may be assigned a TSN Stream
1492 identifier that is unique within that bridged network. The
1493 bridges can then identify the flow without accessing higher-layer
1494 headers. Of course, the receiving router must recognize and
1495 accept that TSN Stream.
1497 o A DetNet flow passing from LSR A to LSR B may be assigned a
1498 different label than that used for other flows to the same IP
1499 destination.
1501 In any of the above cases, it is possible that an existing DetNet
1502 flow can be an aggregate carrying multiple other DetNet flows. (Not
1503 to be confused with DetNet compound vs. member flows.) Of course,
1504 this requires that the aggregate DetNet flow be provisioned properly
1505 to carry the aggregated flows.
1507 Thus, rather than packet inspection, there is the option to export
1508 higher-layer information to the lower layer. The requirement to
1509 support one or the other method for flow identification (or both) is
1510 a complexity that is part of DetNet control models.
1512 4.7.2. Flow attribute mapping between layers
1514 Forwarding of packets of DetNet flows over multiple technology
1515 domains may require that lower layers are aware of specific flows of
1516 higher layers. Such an "exporting of flow identification" is needed
1517 each time when the forwarding paradigm is changed on the forwarding
1518 path (e.g., two LSRs are interconnected by a L2 bridged domain,
1519 etc.). The three representative forwarding methods considered for
1520 deterministic networking are:
1522 o IP routing
1524 o MPLS label switching
1526 o Ethernet bridging
1528 A packet with corresponding Flow-IDs is illustrated in Figure 9,
1529 which also indicates where each Flow-ID can be added or removed.
1531 add/remove add/remove
1532 Eth Flow-ID IP Flow-ID
1533 | |
1534 v v
1535 +-----------------------------------------------------------+
1536 | | | | |
1537 | Eth | MPLS | IP | Application data |
1538 | | | | |
1539 +-----------------------------------------------------------+
1540 ^
1541 |
1542 add/remove
1543 MPLS Flow-ID
1545 Figure 9: Packet with multiple Flow-IDs
1547 The additional (domain specific) Flow-ID can be
1549 o created by a domain specific function or
1551 o derived from the Flow-ID added to the App-flow.
1553 The Flow-ID must be unique inside a given domain. Note that the
1554 Flow-ID added to the App-flow is still present in the packet, but
1555 some nodes may lack the function to recognize it; that's why the
1556 additional Flow-ID is added.
1558 4.7.3. Flow-ID mapping examples
1560 IP nodes and MPLS nodes are assumed to be configured to push such an
1561 additional (domain specific) Flow-ID when sending traffic to an
1562 Ethernet switch (as shown in the examples below).
1564 Figure 10 shows a scenario where an IP end system ("IP-A") is
1565 connected via two Ethernet switches ("ETH-n") to an IP router ("IP-
1566 1").
1568 IP domain
1569 <-----------------------------------------------
1571 +======+ +======+
1572 |L3-ID | |L3-ID |
1573 +======+ /\ +-----+ +======+
1574 / \ Forward as | |
1575 /IP-A\ per ETH-ID |IP-1 | Recognize
1576 Push ------> +-+----+ | +---+-+ <----- ETH-ID
1577 ETH-ID | +----+-----+ |
1578 | v v |
1579 | +-----+ +-----+ |
1580 +------+ | | +---------+
1581 +......+ |ETH-1+----+ETH-2| +======+
1582 .L3-ID . +-----+ +-----+ |L3-ID |
1583 +======+ +......+ +======+
1584 |ETH-ID| .L3-ID . |ETH-ID|
1585 +======+ +======+ +------+
1586 |ETH-ID|
1587 +======+
1589 Ethernet domain
1590 <---------------->
1592 Figure 10: IP nodes interconnected by an Ethernet domain
1594 End system "IP-A" uses the original App-flow specific ID ("L3-ID"),
1595 but as it is connected to an Ethernet domain it has to push an
1596 Ethernet-domain specific flow-ID ("ETH-ID") before sending the packet
1597 to "ETH-1" node. Ethernet switch "ETH-1" can recognize the data flow
1598 based on the "ETH-ID" and it does forwarding toward "ETH-2". "ETH-2"
1599 switches the packet toward the IP router. "IP-1" must be configured
1600 to receive the Ethernet Flow-ID specific multicast flow, but (as it
1601 is an L3 node) it decodes the data flow ID based on the "L3-ID"
1602 fields of the received packet.
1604 Figure 11 shows a scenario where MPLS domain nodes ("PE-n" and "P-m")
1605 are connected via two Ethernet switches ("ETH-n").
1607 MPLS domain
1608 <----------------------------------------------->
1610 +=======+ +=======+
1611 |MPLS-ID| |MPLS-ID|
1612 +=======+ +-----+ +-----+ +=======+ +-----+
1613 | | Forward as | | | |
1614 |PE-1 | per ETH-ID | P-2 +-----------+ PE-2|
1615 Push -----> +-+---+ | +---+-+ +-----+
1616 ETH-ID | +-----+----+ | \ Recognize
1617 | v v | +-- ETH-ID
1618 | +-----+ +-----+ |
1619 +---+ | | +----+
1620 +.......+ |ETH-1+----+ETH-2| +=======+
1621 .MPLS-ID. +-----+ +-----+ |MPLS-ID|
1622 +=======+ +=======+
1623 |ETH-ID | +.......+ |ETH-ID |
1624 +=======+ .MPLS-ID. +-------+
1625 +=======+
1626 |ETH-ID |
1627 +=======+
1628 Ethernet domain
1629 <---------------->
1631 Figure 11: MPLS nodes interconnected by an Ethernet domain
1633 "PE-1" uses the MPLS specific ID ("MPLS-ID"), but as it is connected
1634 to an Ethernet domain it has to push an Ethernet-domain specific
1635 flow-ID ("ETH-ID") before sending the packet to "ETH-1". Ethernet
1636 switch "ETH-1" can recognize the data flow based on the "ETH-ID" and
1637 it does forwarding toward "ETH-2". "ETH-2" switches the packet
1638 toward the MPLS node ("P-2"). "P-2" must be configured to receive
1639 the Ethernet Flow-ID specific multicast flow, but (as it is an MPLS
1640 node) it decodes the data flow ID based on the "MPLS-ID" fields of
1641 the received packet.
1643 One can appreciate from the above example that, when the means used
1644 for DetNet flow identification is altered or exported, the means for
1645 encoding the sequence number information must similarly be altered or
1646 exported.
1648 4.8. Advertising resources, capabilities and adjacencies
1650 Provisioning of DetNet requires knowledge about:
1652 o Details of the DetNet system's capabilities that are required in
1653 order to accurately allocate that DetNet system's resources, as
1654 well as other DetNet systems' resources. This includes, for
1655 example, which specific queuing and shaping algorithms are
1656 implemented (Section 4.5), the number of buffers dedicated for
1657 DetNet allocation, and the worst-case forwarding delay and
1658 misordering.
1660 o The actual state of a DetNet node's DetNet resources.
1662 o The identity of the DetNet system's neighbors, and the
1663 characteristics of the link(s) between the DetNet systems,
1664 including the latency of the links (in nanoseconds).
1666 4.9. Scaling to larger networks
1668 Reservations for individual DetNet flows require considerable state
1669 information in each DetNet node, especially when adequate fault
1670 mitigation (Section 3.3.2) is required. The DetNet data plane, in
1671 order to support larger numbers of DetNet flows, must support the
1672 aggregation of DetNet flows. Such aggregated flows can be viewed by
1673 the DetNet nodes' data plane largely as individual DetNet flows.
1674 Without such aggregation, the per-relay system may limit the scale of
1675 DetNet networks. Example techniques that may be used include MPLS
1676 hierarchy and IP DiffServ Code Points (DSCPs).
1678 4.10. Compatibility with Layer-2
1680 Standards providing similar capabilities for bridged networks (only)
1681 have been and are being generated in the IEEE 802 LAN/MAN Standards
1682 Committee. The present architecture describes an abstract model that
1683 can be applicable both at Layer-2 and Layer-3, and over links not
1684 defined by IEEE 802.
1686 DetNet enabled end systems and DetNet nodes can be interconnected by
1687 sub-networks, i.e., Layer-2 technologies. These sub-networks will
1688 provide DetNet compatible service for support of DetNet traffic.
1689 Examples of sub-network technologies include MPLS TE, 802.1 TSN, and
1690 a point-to-point OTN link. Of course, multi-layer DetNet systems may
1691 be possible too, where one DetNet appears as a sub-network, and
1692 provides service to, a higher layer DetNet system.
1694 5. Security Considerations
1696 Security considerations for DetNet are described in detail in
1697 [I-D.ietf-detnet-security]. This section considers exclusively
1698 security considerations which are specific to the DetNet
1699 architecture.
1701 Security aspects which are unique to DetNet are those whose aim is to
1702 provide the specific quality of service aspects of DetNet, which are
1703 primarily to deliver data flows with extremely low packet loss rates
1704 and bounded end-to-end delivery latency. A DetNet may be implemented
1705 using MPLS and/or IP (including both v4 and v6) technologies, and
1706 thus inherits the security properties of those technologies at both
1707 the data plane and the control plane.
1709 Security considerations for DetNet are constrained (compared to, for
1710 example, the open Internet) because DetNet is defined to operate only
1711 within a single administrative domain (see Section 1). The primary
1712 considerations are to secure the request and control of DetNet
1713 resources, maintain confidentiality of data traversing the DetNet,
1714 and provide the availability of the DetNet quality of service.
1716 To secure the request and control of DetNet resources, authentication
1717 and authorization can be used for each device connected to a DetNet
1718 domain, most importantly to network controller devices. Control of a
1719 DetNet network may be centralized or distributed (within a single
1720 administrative domain). In the case of centralized control,
1721 precedent for security considerations as defined for Abstraction and
1722 Control of Traffic Engineered Networks (ACTN) can be found in
1723 [RFC8453], Section 9. In the case of distributed control protocols,
1724 DetNet security is expected to be provided by the security properties
1725 of the protocols in use. In any case, the result is that
1726 manipulation of administratively configurable parameters is limited
1727 to authorized entities.
1729 To maintain confidentiality of data traversing the DetNet,
1730 application flows can be protected through whatever means is provided
1731 by the underlying technology. For example, encryption may be used,
1732 such as that provided by IPSec [RFC4301] for IP flows and by MACSec
1733 [IEEE802.1AE-2018] for Ethernet (Layer-2) flows.
1735 DetNet flows are identified on a per-flow basis, which may provide
1736 attackers with additional information about the data flows (when
1737 compared to networks that do not include per-flow identification).
1738 This is an inherent property of DetNet which has security
1739 implications that should be considered when determining if DetNet is
1740 a suitable technology for any given use case.
1742 To provide uninterrupted availability of the DetNet quality of
1743 service, provisions can be made against DOS attacks and delay
1744 attacks. To protect against DOS attacks, excess traffic due to
1745 malicious or malfunctioning devices can be prevented or mitigated,
1746 for example through the use of traffic admission control applied at
1747 the input of a DetNet domain, as described in Section 3.2.1, and
1748 through the fault mitigation methods described in Section 3.3.2. To
1749 prevent DetNet packets from being delayed by an entity external to a
1750 DetNet domain, DetNet technology definition can allow for the
1751 mitigation of Man-In-The-Middle attacks, for example through use of
1752 authentication and authorization of devices within the DetNet domain.
1754 Because DetNet mechanisms or applications that rely on DetNet can
1755 make heavy use of methods that require precise time synchronization,
1756 the accuracy, availability, and integrity of time synchronization is
1757 of critical importance. Extensive discussion of this topic can be
1758 found in [RFC7384].
1760 DetNet use cases are known to have widely divergent security
1761 requirements. The intent of this section is to provide a baseline
1762 for security considerations which are common to all DetNet designs
1763 and implementations, without burdening individual designs with
1764 specifics of security infrastructure which may not be germane to the
1765 given use case. Designers and implementers of DetNet systems are
1766 expected to take use case specific considerations into account in
1767 their DetNet designs and implementations.
1769 6. Privacy Considerations
1771 DetNet provides a Quality of Service (QoS), and the generic
1772 considerations for such mechanisms apply. In particular, such
1773 markings allow for an attacker to correlate flows or to select
1774 particular types of flow for more detailed inspection.
1776 However, the requirement for every (or almost every) node along the
1777 path of a DetNet flow to identify DetNet flows may present an
1778 additional attack surface for privacy, should the DetNet paradigm be
1779 found useful in broader environments.
1781 7. IANA Considerations
1783 This document does not require an action from IANA.
1785 8. Acknowledgements
1787 The authors wish to thank Lou Berger, David Black, Stewart Bryant,
1788 Rodney Cummings, Ethan Grossman, Craig Gunther, Marcel Kiessling,
1789 Rudy Klecka, Jouni Korhonen, Erik Nordmark, Shitanshu Shah, Wilfried
1790 Steiner, George Swallow, Michael Johas Teener, Pat Thaler, Thomas
1791 Watteyne, Patrick Wetterwald, Karl Weber, Anca Zamfir, for their
1792 various contributions to this work.
1794 9. Informative References
1796 [BUFFERBLOAT]
1797 Gettys, J. and K. Nichols, "Bufferbloat: Dark Buffers in
1798 the Internet", January 2012.
1800 [CCAMP] IETF, "Common Control and Measurement Plane Working
1801 Group",
1802 .
1804 [I-D.ietf-6tisch-architecture]
1805 Thubert, P., "An Architecture for IPv6 over the TSCH mode
1806 of IEEE 802.15.4", draft-ietf-6tisch-architecture-20 (work
1807 in progress), March 2019.
1809 [I-D.ietf-detnet-dp-sol-ip]
1810 Korhonen, J. and B. Varga, "DetNet IP Data Plane
1811 Encapsulation", draft-ietf-detnet-dp-sol-ip-02 (work in
1812 progress), March 2019.
1814 [I-D.ietf-detnet-dp-sol-mpls]
1815 Korhonen, J. and B. Varga, "DetNet MPLS Data Plane
1816 Encapsulation", draft-ietf-detnet-dp-sol-mpls-02 (work in
1817 progress), March 2019.
1819 [I-D.ietf-detnet-problem-statement]
1820 Finn, N. and P. Thubert, "Deterministic Networking Problem
1821 Statement", draft-ietf-detnet-problem-statement-09 (work
1822 in progress), December 2018.
1824 [I-D.ietf-detnet-security]
1825 Mizrahi, T., Grossman, E., Hacker, A., Das, S., Dowdell,
1826 J., Austad, H., Stanton, K., and N. Finn, "Deterministic
1827 Networking (DetNet) Security Considerations", draft-ietf-
1828 detnet-security-04 (work in progress), March 2019.
1830 [I-D.ietf-detnet-use-cases]
1831 Grossman, E., "Deterministic Networking Use Cases", draft-
1832 ietf-detnet-use-cases-20 (work in progress), December
1833 2018.
1835 [IEC62439-3-2016]
1836 International Electrotechnical Commission (IEC) TC 65/SC
1837 65C - Industrial networks, "IEC 62439-3:2016 Industrial
1838 communication networks - High availability automation
1839 networks - Part 3: Parallel Redundancy Protocol (PRP) and
1840 High-availability Seamless Redundancy (HSR)", 2016,
1841 .
1843 [IEEE802.1AE-2018]
1844 IEEE Standards Association, "IEEE Std 802.1AE-2018 MAC
1845 Security (MACsec)", 2018,
1846 .
1848 [IEEE802.1BA]
1849 IEEE Standards Association, "IEEE Std 802.1BA-2011 Audio
1850 Video Bridging (AVB) Systems", 2011,
1851 .
1853 [IEEE802.1CB]
1854 IEEE Standards Association, "IEEE Std 802.1CB-2017 Frame
1855 Replication and Elimination for Reliability", 2017,
1856 .
1858 [IEEE802.1Q-2018]
1859 IEEE Standards Association, "IEEE Std 802.1Q-2018 Bridges
1860 and Bridged Networks", 2018,
1861 .
1863 [IEEE802.1Qav]
1864 IEEE Standards Association, "IEEE Std 802.1Qav-2009
1865 Bridges and Bridged Networks - Amendment 12: Forwarding
1866 and Queuing Enhancements for Time-Sensitive Streams",
1867 2009, .
1869 [IEEE802.1Qbu]
1870 IEEE Standards Association, "IEEE Std 802.1Qbu-2016
1871 Bridges and Bridged Networks - Amendment 26: Frame
1872 Preemption", 2016,
1873 .
1875 [IEEE802.1Qbv]
1876 IEEE Standards Association, "IEEE Std 802.1Qbv-2015
1877 Bridges and Bridged Networks - Amendment 25: Enhancements
1878 for Scheduled Traffic", 2015,
1879 .
1881 [IEEE802.1Qch]
1882 IEEE Standards Association, "IEEE Std 802.1Qch-2017
1883 Bridges and Bridged Networks - Amendment 29: Cyclic
1884 Queuing and Forwarding", 2017,
1885 .
1887 [IEEE802.1TSNTG]
1888 IEEE Standards Association, "IEEE 802.1 Time-Sensitive
1889 Networking Task Group", .
1891 [IEEE802.3-2018]
1892 IEEE Standards Association, "IEEE Std 802.3-2018 Standard
1893 for Ethernet", 2018,
1894 .
1896 [IEEE802.3br]
1897 IEEE Standards Association, "IEEE Std 802.3br-2016
1898 Standard for Ethernet Amendment 5: Specification and
1899 Management Parameters for Interspersing Express Traffic",
1900 2016, .
1902 [RFC2205] Braden, R., Ed., Zhang, L., Berson, S., Herzog, S., and S.
1903 Jamin, "Resource ReSerVation Protocol (RSVP) -- Version 1
1904 Functional Specification", RFC 2205, DOI 10.17487/RFC2205,
1905 September 1997, .
1907 [RFC2475] Blake, S., Black, D., Carlson, M., Davies, E., Wang, Z.,
1908 and W. Weiss, "An Architecture for Differentiated
1909 Services", RFC 2475, DOI 10.17487/RFC2475, December 1998,
1910 .
1912 [RFC2914] Floyd, S., "Congestion Control Principles", BCP 41,
1913 RFC 2914, DOI 10.17487/RFC2914, September 2000,
1914 .
1916 [RFC3168] Ramakrishnan, K., Floyd, S., and D. Black, "The Addition
1917 of Explicit Congestion Notification (ECN) to IP",
1918 RFC 3168, DOI 10.17487/RFC3168, September 2001,
1919 .
1921 [RFC3209] Awduche, D., Berger, L., Gan, D., Li, T., Srinivasan, V.,
1922 and G. Swallow, "RSVP-TE: Extensions to RSVP for LSP
1923 Tunnels", RFC 3209, DOI 10.17487/RFC3209, December 2001,
1924 .
1926 [RFC3550] Schulzrinne, H., Casner, S., Frederick, R., and V.
1927 Jacobson, "RTP: A Transport Protocol for Real-Time
1928 Applications", STD 64, RFC 3550, DOI 10.17487/RFC3550,
1929 July 2003, .
1931 [RFC4301] Kent, S. and K. Seo, "Security Architecture for the
1932 Internet Protocol", RFC 4301, DOI 10.17487/RFC4301,
1933 December 2005, .
1935 [RFC4655] Farrel, A., Vasseur, J., and J. Ash, "A Path Computation
1936 Element (PCE)-Based Architecture", RFC 4655,
1937 DOI 10.17487/RFC4655, August 2006,
1938 .
1940 [RFC5921] Bocci, M., Ed., Bryant, S., Ed., Frost, D., Ed., Levrau,
1941 L., and L. Berger, "A Framework for MPLS in Transport
1942 Networks", RFC 5921, DOI 10.17487/RFC5921, July 2010,
1943 .
1945 [RFC6372] Sprecher, N., Ed. and A. Farrel, Ed., "MPLS Transport
1946 Profile (MPLS-TP) Survivability Framework", RFC 6372,
1947 DOI 10.17487/RFC6372, September 2011,
1948 .
1950 [RFC6658] Bryant, S., Ed., Martini, L., Swallow, G., and A. Malis,
1951 "Packet Pseudowire Encapsulation over an MPLS PSN",
1952 RFC 6658, DOI 10.17487/RFC6658, July 2012,
1953 .
1955 [RFC7149] Boucadair, M. and C. Jacquenet, "Software-Defined
1956 Networking: A Perspective from within a Service Provider
1957 Environment", RFC 7149, DOI 10.17487/RFC7149, March 2014,
1958 .
1960 [RFC7384] Mizrahi, T., "Security Requirements of Time Protocols in
1961 Packet Switched Networks", RFC 7384, DOI 10.17487/RFC7384,
1962 October 2014, .
1964 [RFC7426] Haleplidis, E., Ed., Pentikousis, K., Ed., Denazis, S.,
1965 Hadi Salim, J., Meyer, D., and O. Koufopavlou, "Software-
1966 Defined Networking (SDN): Layers and Architecture
1967 Terminology", RFC 7426, DOI 10.17487/RFC7426, January
1968 2015, .
1970 [RFC7554] Watteyne, T., Ed., Palattella, M., and L. Grieco, "Using
1971 IEEE 802.15.4e Time-Slotted Channel Hopping (TSCH) in the
1972 Internet of Things (IoT): Problem Statement", RFC 7554,
1973 DOI 10.17487/RFC7554, May 2015,
1974 .
1976 [RFC7567] Baker, F., Ed. and G. Fairhurst, Ed., "IETF
1977 Recommendations Regarding Active Queue Management",
1978 BCP 197, RFC 7567, DOI 10.17487/RFC7567, July 2015,
1979 .
1981 [RFC7813] Farkas, J., Ed., Bragg, N., Unbehagen, P., Parsons, G.,
1982 Ashwood-Smith, P., and C. Bowers, "IS-IS Path Control and
1983 Reservation", RFC 7813, DOI 10.17487/RFC7813, June 2016,
1984 .
1986 [RFC8033] Pan, R., Natarajan, P., Baker, F., and G. White,
1987 "Proportional Integral Controller Enhanced (PIE): A
1988 Lightweight Control Scheme to Address the Bufferbloat
1989 Problem", RFC 8033, DOI 10.17487/RFC8033, February 2017,
1990 .
1992 [RFC8227] Cheng, W., Wang, L., Li, H., van Helvoort, H., and J.
1993 Dong, "MPLS-TP Shared-Ring Protection (MSRP) Mechanism for
1994 Ring Topology", RFC 8227, DOI 10.17487/RFC8227, August
1995 2017, .
1997 [RFC8289] Nichols, K., Jacobson, V., McGregor, A., Ed., and J.
1998 Iyengar, Ed., "Controlled Delay Active Queue Management",
1999 RFC 8289, DOI 10.17487/RFC8289, January 2018,
2000 .
2002 [RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L.,
2003 Decraene, B., Litkowski, S., and R. Shakir, "Segment
2004 Routing Architecture", RFC 8402, DOI 10.17487/RFC8402,
2005 July 2018, .
2007 [RFC8453] Ceccarelli, D., Ed. and Y. Lee, Ed., "Framework for
2008 Abstraction and Control of TE Networks (ACTN)", RFC 8453,
2009 DOI 10.17487/RFC8453, August 2018,
2010 .
2012 [TEAS] IETF, "Traffic Engineering Architecture and Signaling
2013 Working Group",
2014 .
2016 Authors' Addresses
2018 Norman Finn
2019 Huawei
2020 3101 Rio Way
2021 Spring Valley, California 91977
2022 US
2024 Phone: +1 925 980 6430
2025 Email: norman.finn@mail01.huawei.com
2027 Pascal Thubert
2028 Cisco Systems
2029 Village d'Entreprises Green Side
2030 400, Avenue de Roumanille
2031 Batiment T3
2032 Biot - Sophia Antipolis 06410
2033 FRANCE
2035 Phone: +33 4 97 23 26 34
2036 Email: pthubert@cisco.com
2037 Balazs Varga
2038 Ericsson
2039 Magyar tudosok korutja 11
2040 Budapest 1117
2041 Hungary
2043 Email: balazs.a.varga@ericsson.com
2045 Janos Farkas
2046 Ericsson
2047 Magyar tudosok korutja 11
2048 Budapest 1117
2049 Hungary
2051 Email: janos.farkas@ericsson.com