idnits 2.17.1 draft-ietf-l2vpn-vpls-pe-etree-06.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (March 31, 2015) is 3311 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 4447 (Obsoleted by RFC 8077) Summary: 1 error (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Internet Working Group Y. Jiang, Ed. 2 Internet Draft L. Yong 3 Intended status: Standards Track Huawei 4 M. Paul 5 Deutsche Telekom 6 Expires: September 2015 March 31, 2015 8 Ethernet-Tree (E-Tree) Support in Virtual Private LAN Service (VPLS) 9 draft-ietf-l2vpn-vpls-pe-etree-06.txt 11 Status of this Memo 13 This Internet-Draft is submitted to IETF in full conformance with 14 the provisions of BCP 78 and BCP 79. 16 Internet-Drafts are working documents of the Internet Engineering 17 Task Force (IETF), its areas, and its working groups. Note that 18 other groups may also distribute working documents as Internet- 19 Drafts. 21 Internet-Drafts are draft documents valid for a maximum of six 22 months and may be updated, replaced, or obsoleted by other documents 23 at any time. It is inappropriate to use Internet-Drafts as 24 reference material or to cite them other than as "work in progress." 26 The list of current Internet-Drafts can be accessed at 27 http://www.ietf.org/ietf/1id-abstracts.txt 29 The list of Internet-Draft Shadow Directories can be accessed at 30 http://www.ietf.org/shadow.html 32 This Internet-Draft will expire on September 31, 2015. 34 Copyright Notice 36 Copyright (c) 2015 IETF Trust and the persons identified as the 37 document authors. All rights reserved. 39 This document is subject to BCP 78 and the IETF Trust's Legal 40 Provisions Relating to IETF Documents 41 (http://trustee.ietf.org/license-info) in effect on the date of 42 publication of this document. Please review these documents 43 carefully, as they describe your rights and restrictions with 44 respect to this document. Code Components extracted from this 45 document must include Simplified BSD License text as described in 46 Section 4.e of the Trust Legal Provisions and are provided without 47 warranty as described in the Simplified BSD License. 49 Abstract 51 A generic Virtual Private LAN Service (VPLS) solution is specified 52 for Ethernet-Tree (E-Tree) services which uses VLANs to indicate 53 root or leaf traffic. A VPLS Provider Edge (PE) model is illustrated 54 as an example for the solution. In the solution, E-Tree VPLS PEs are 55 interconnected by PWs which carry the VLAN indicating the E-Tree 56 attribute, the MAC address based Ethernet forwarding engine and the 57 PW work in the same way as before. A signaling mechanism for E-Tree 58 capability and VLAN mapping negotiation is further described. 60 Table of Contents 62 1. Conventions used in this document ......................... 2 63 2. Terminology ............................................... 3 64 3. Introduction .............................................. 4 65 4. PE Model with E-Tree Support .............................. 5 66 4.1. Existing PE Models ..................................... 5 67 4.2. A New PE Model with E-Tree Support ..................... 8 68 5. PW for E-Tree Support ..................................... 9 69 5.1. PW Encapsulation ....................................... 9 70 5.2. VLAN Mapping ........................................... 9 71 5.3. PW Processing ......................................... 11 72 5.3.1. PW Processing in the VLAN Mapping Mode .......... 11 73 5.3.2. PW Processing in the Compatible Mode ............ 12 74 5.3.3. PW Processing in the Optimized Mode ............. 13 75 6. Signaling for E-Tree Support ............................. 14 76 6.1. LDP Extensions for E-Tree Support ..................... 14 77 6.2. BGP Extensions for E-Tree Support ..................... 16 78 7. OAM Considerations ....................................... 18 79 8. Applicability ............................................ 18 80 9. Security Considerations .................................. 18 81 10. IANA Considerations ...................................... 19 82 11. References ............................................... 19 83 11.1. Normative References ............................... 19 84 11.2. Informative References ............................. 20 85 12. Acknowledgments .......................................... 21 86 Appendix A. Other PE Models for E-Tree ........................ 22 87 A.1. A PE Model With a VSI and No bridge ................... 22 88 A.2. A PE Model With external E-Tree interface ............. 23 90 1. Conventions used in this document 92 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 93 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 94 document are to be interpreted as described in [RFC2119]. 96 2. Terminology 98 AC: Attachment Circuit 100 B-VLAN: Backbone VLAN 102 C-VLAN: Customer VLAN 104 E-Tree: Ethernet Tree, a Rooted-Multipoint EVC service as defined in 105 [MEF6.1] 107 EVC: Ethernet Virtual Connection, as defined in [MEF4] 109 FIB: Forwarding Information Base, also known as forwarding table 111 I-SID: Backbone Service Instance Identifier, as defined in IEEE 112 802.1ah 114 Leaf AC: an AC attached with a leaf 116 Leaf VLAN: a VLAN Identifier (ID) used to indicate all the frames 117 that are originated at a leaf AC 119 OAM: Operations, Administration and Maintenance 121 PBB: Provider Backbone Bridge 123 PE: Provider Edge 125 PW: Pseudo Wire 127 Root AC: an AC attached with a root 129 Root VLAN: a VLAN ID used to indicate all the frames that are 130 originated at a root AC 132 S-VLAN: Service VLAN 134 T-VSI: Tree VSI, a VSI with E-Tree support 136 VLAN: Virtual Local Area Network 138 VPLS: Virtual Private LAN Service 140 VSI: Virtual Switching Instance as defined in [RFC4664], also known 141 as VPLS Forwarder in [RFC7041] 143 3. Introduction 145 The Ethernet-Tree (E-Tree) service is defined in Metro Ethernet 146 Forum (MEF) Technical Specification MEF 6.1 as a Rooted-Multipoint 147 Ethernet Virtual Connection (EVC) service. It is a multipoint 148 Ethernet service with special restrictions: the Ethernet frames from 149 a root MAY be received by any other root or leaf, and the frames 150 from a leaf MAY be received by any root, but MUST NOT be received by 151 a leaf. Further, an E-Tree service MAY include multiple roots and 152 multiple leaves. Although Virtual Private Multicast Service (VPMS) 153 [VPMS] or Point-to-Multipoint (P2MP) multicast is a somewhat 154 simplified version of this service, in fact, there is no exact 155 corresponding terminology in IETF yet. 157 [RFC7152] gives the requirements for providing E-Tree solutions in 158 the VPLS and the need to filter leaf-to-leaf traffic. [RFC7387] 159 further describes a Multiprotocol Label Switching (MPLS) framework 160 for providing E-Tree. Though there were proposals on using PW 161 control word or PWs to indicate the root/leaf attribute of an E-Tree 162 frame, both methods are limited in that they are only applicable to 163 "VPLS only" networks. 165 In fact, VPLS PE usually consists of a bridge module itself (see 166 [RFC4664] and [RFC6246]); moreover, E-Tree services may cross both 167 Ethernet and VPLS domains. Therefore, it is necessary to develop an 168 E-Tree solution both for "VPLS only" scenarios and for interworking 169 between Ethernet and VPLS. 171 IEEE 802.1 has incorporated the generic E-Tree solution in the 172 latest version of 802.1Q [802.1Q-2011], which is just an improvement 173 on the traditional asymmetric VLAN mechanism (the use of different 174 VLANs to indicate E-Tree root/leaf attributes and prohibiting leaf- 175 to-leaf traffic with the help of VLANs was first standardized in 176 IEEE 802.1Q-2003). In the new IEEE 802.1Q solution, VLANs are used 177 to indicate root/leaf attribute of a frame: one VLAN ID is used to 178 indicate the frames originated from the roots and another VLAN ID is 179 used to indicate the frames originated from the leaves. At a leaf 180 port, the bridge can then filter out all the frames from other leaf 181 ports based on the VLAN ID. It is better to reuse the same mechanism 182 in VPLS than to develop a new mechanism. The latter will introduce 183 more complexity to interwork with the new IEEE 802.1Q solution. 185 This document specifies how the Ethernet VLAN solution can be used 186 to support generic E-Tree services in VPLS. The solution specified 187 here is fully compatible with the IEEE bridge architecture and with 188 IETF Pseudo Wire Emulation Edge-to-Edge (PWE3) technology, thus it 189 will not change the FIB (such as installing E-Tree attributes in the 190 FIB), or need any specially tailored implementation. Furthermore, 191 VPLS scalability and simplicity are also well kept. With this 192 mechanism, it is also convenient to deploy a converged E-Tree 193 service across both Ethernet and MPLS networks. 195 Firstly, a typical VPLS PE model is introduced as an example; the 196 model is then extended in which a Tree VSI is connected to a VLAN 197 bridge with a dual-VLAN interface. 199 This document then discusses the PW encapsulation and PW processing 200 such as VLAN mapping options for transporting E-Tree services in 201 VPLS. 203 Finally, it describes the signaling extensions and processing 204 procedures for E-Tree support in VPLS. 206 4. PE Model with E-Tree Support 208 The problem scenario of E-Tree as shown in Fig. 1 of [RFC7152] is a 209 simplification of the L2VPN architecture, several common VPLS PE 210 architectures are discussed in more details in [RFC4664] and 211 [RFC6246]. 213 Therefore, E-Tree solution in VPLS is demonstrated with the help of 214 a typical VPLS PE model. It can also be used in other PE models 215 which are discussed in Appendix A. 217 4.1. Existing PE Models 219 According to [RFC4664], there are at least three models possible for 220 a VPLS PE, including: 222 o A single bridge module, a single VSI; 224 o A single bridge module, multiple VSIs; 226 o Multiple bridge modules, each attaches to a VSI. 228 The second PE model is commonly used. A typical example is further 229 depicted in Fig. 1 and Fig. 2 (both figures are extracted from 230 [RFC6246]), where an S-VLAN bridge module is connected to multiple 231 VSIs each with a single VLAN virtual interface. 233 +-------------------------------+ 234 | 802.1ad Bridge Module Model | 235 | | 236 +---+ AC | +------+ +-----------+ | 237 |CE |---------|C-VLAN|------| | | 238 +---+ | |bridge|------| | | 239 | +------+ | | | 240 | o | S-VLAN | | 241 | o | | | ---> to VSI 242 | o | Bridge | | 243 +---+ AC | +------+ | | | 244 |CE |---------|C-VLAN|------| | | 245 +---+ | |bridge|------| | | 246 | +------+ +-----------+ | 247 +-------------------------------+ 249 Figure 1 A model of 802.1ad Bridge Module 251 +----------------------------------------+ 252 | VPLS-capable PE model | 253 | +---------------+ +------+ | 254 | | | |VSI-1 |------------ 255 | | |==========| |------------ PWs 256 | | Bridge ------------ |------------ 257 | | | S-VLAN-1 +------+ | 258 | | Module | o | 259 | | | o | 260 | | (802.1ad | o | 261 | | bridge) | o | 262 | | | o | 263 | | | S-VLAN-n +------+ | 264 | | ------------VSI-n |------------- 265 | | |==========| |------------- PWs 266 | | | ^ | |------------- 267 | +---------------+ | +------+ | 268 | | | 269 +-------------------------|--------------+ 270 LAN emulation Interface 272 Figure 2 A VPLS-capable PE Model 274 In this PE model, Ethernet frames from Customer Edges (CEs) will 275 cross multiple stages of bridge modules (i.e., C-VLAN and S-VLAN 276 bridge) and a VSI in a PE before being sent on the PW to a remote PE. 277 Therefore, the association between an AC port and a PW on a VSI is 278 difficult, sometimes even impossible. 280 This model could be further enhanced: When Ethernet frames arrive at 281 a PE, a root VLAN or a leaf VLAN tag is added. Then the frames with 282 the root VLAN tag are transmitted both to the roots and the leaves, 283 while the frames with the leaf VLAN tag are transmitted to the roots 284 but dropped for the leaves (these VLAN tags are removed before the 285 frames are transmitted over the wire). It was demonstrated in 286 [802.1Q-2011] that the E-Tree service in Ethernet networks can be 287 well supported with this mechanism. 289 Assuming this mechanism is implemented in the bridge module, it is 290 quite straightforward to infer a VPLS PE model with two VSIs to 291 support the E-Tree (as shown in Fig. 3). But this model will require 292 two VSIs per PE and two sets of PWs per E-Tree service, which is 293 poorly scalable in a large MPLS/VPLS network; in addition, both 294 these VSIs have to share their learned MAC addresses. 296 +----------------------------------------+ 297 | VPLS-capable PE model | 298 | +---------------+ +------+ | 299 | | | |VSI-1 |------------ 300 | | |==========| |------------ PWs 301 | | Bridge ------------ |------------ 302 | | | Root +------+ | 303 | | Module | S-VLAN | 304 | | | | 305 | | (802.1ad | | 306 | | bridge) | | 307 | | | Leaf | 308 | | | S-VLAN +------+ | 309 | | ------------VSI-2 |------------- 310 | | |==========| |------------- PWs 311 | | | ^ | |------------- 312 | +---------------+ | +------+ | 313 | | | 314 +-------------------------|--------------+ 315 LAN emulation Interface 317 Figure 3 A VPLS PE Model for E-Tree with 2 VSIs 319 4.2. A New PE Model with E-Tree Support 321 In order to support the E-Tree in a more scalable way, a new VPLS PE 322 model with a single Tree VSI (T-VSI, a VSI with E-Tree support) is 323 specified. As depicted in Fig. 4, the bridge module is connected to 324 the T-VSI with a dual-VLAN virtual interface, i.e., both the root 325 VLAN and the leaf VLAN are connected to the same T-VSI, and they 326 share the same FIB and work in shared VLAN learning. In this way, 327 only one VPLS instance and one set of PWs is needed per E-Tree 328 service, and the scalability of VPLS is improved. 330 +----------------------------------------+ 331 | VPLS-capable PE model | 332 | +---------------+ +------+ | 333 | | |==========|TVSI-1|------------ 334 +---+AC | | ------------ |------------ PWs 335 |CE |-------| Bridge ------------ |------------ 336 +---+ | | | Root & +------+ | 337 | | Module | Leaf VLAN o | 338 | | | o | 339 | | | o | 340 | | | o | 341 | | | o | 342 +---+AC | | | VLAN-n +------+ | 343 |CE |-------| ------------VSI-n |------------- 344 +---+ | | |==========| |------------- PWs 345 | | | ^ | |------------- 346 | +---------------+ | +------+ | 347 | | | 348 +-------------------------|--------------+ 349 LAN emulation Interface 351 Figure 4 A VPLS PE Model for E-Tree with a Single T-VSI 353 For an untagged port (frames over this port are untagged) or VLAN- 354 unaware port (VLAN tags in the frames are ignored), the Ethernet 355 frames received from the root ACs SHOULD be tagged with a root C- 356 VLAN, and optionally MAY be added with another root S-VLAN. 358 For a C-VLAN tagged port, the Ethernet frames received from the root 359 ACs SHOULD be added with a root S-VLAN. 361 For an S-VLAN tagged port, the S-VLAN tag in the Ethernet frames 362 received from the root ACs SHOULD be translated to the root S-VLAN 363 in the VPLS network domain. Alternatively, the PBB VPLS PE model 364 (where an IEEE 802.1ah bridge module is embedded in the PE) as 365 described in [RFC7041] MAY be used, and a root B-VLAN or leaf B-VLAN 366 MAY be added in this case (the E-Tree attribute may also be 367 indicated with two I-SID tags in the bridge module, and the frames 368 are further encapsulated and transported transparently over a single 369 B-VLAN, thus the PBB VPLS works just in the same way as described in 370 [RFC7041] and will be discussed no more in this document). When many 371 S-VLANs are multiplexed in a single AC, the 2nd option has an 372 advantage of both VLAN scalability and MAC address scalability. 374 In a similar way, the traffic from the leaf ACs is tagged and 375 transported on the leaf C-VLAN, S-VLAN or B-VLAN. 377 In all cases, the outermost VLAN in the resulted Ethernet header is 378 used to indicate the E-Tree attribute of an Ethernet frame; this 379 document uses VLAN to refer to this outermost VLAN for simplicity in 380 the latter sections. 382 5. PW for E-Tree Support 384 5.1. PW Encapsulation 386 To support an E-Tree service, T-VSIs in a VPLS MUST be 387 interconnected with a bidirectional Ethernet PW. The Ethernet PW 388 SHOULD work in the tagged mode (PW type 0x0004) as described in 389 [RFC4448], in which case a VLAN tag MUST be carried in each frame in 390 the PW to indicate the frame originated from either root or leaf 391 (the VLAN tag indicating the frame originated from either root or 392 leaf can be translated by a bridge module in the PE or added by an 393 outside Ethernet edge device, even by a customer device). In the 394 tagged PW mode, two service delimiting VLANs MUST be allocated in 395 the VPLS domain for an E-Tree. PW processing for the tagged PW will 396 be described in Section 5.3 of this document. 398 Raw PW (PW type 0x0005 in [RFC4448]) MAY also be used to carry E- 399 Tree service for a PW in Compatible mode as shown in Section 5.3.2. 401 5.2. VLAN Mapping 403 There are two ways of manipulating VLANs for an E-Tree in VPLS: 405 o Global VLAN based, that is, provisioning two global VLANs (Root 406 VLAN, Leaf VLAN) across the VPLS network, thus no VLAN mapping is 407 needed at all, or the VLAN mapping is done completely in the 408 Ethernet domains. 410 o Local VLAN based, that is, provisioning two local VLANs for each 411 PE (which participates in the E-Tree) in the VPLS network 412 independently. 414 The first method requires no VLAN mapping in the PW, but two unique 415 service delimiting VLANs must be allocated across the VPLS domain. 417 The second method is more scalable in the use of VLANs, but needs a 418 VLAN mapping mechanism in the PW similar to what is already 419 described in Section 4.3 of [RFC4448]. 421 Global or local VLANs can be manually configured or provisioned by 422 an Operational Support System. Alternatively, some automatic VLAN 423 allocation algorithm may be provided in the management plane, but it 424 is out scope of this document. 426 For both methods, VLAN mapping parameters from a remote PE can be 427 provisioned or determined by a signaling protocol as described in 428 Section 6 when a PW is being established. 430 5.3. PW Processing 432 5.3.1.PW Processing in the VLAN Mapping Mode 434 In the VLAN Mapping mode, two VPLS PEs with E-Tree capability are 435 inter-connected with a PW (For example, the scenario of Fig. 5 436 depicts the interconnection of two PEs miscellaneously attached with 437 both root and leaf nodes). 439 +----------------------------+ 440 | VPLS PE with T-VSI | 441 | | 442 +----+ | +------+ Root VLAN +-----+ | PW 443 |Root|------| VLAN |-----------|T-VSI|---------- 444 +----+ | | BRG | Leaf VLAN | |---------- 445 +----+ | | |-----------| |---------- 446 |Leaf|------| | | |-----+ 447 +----+ | +------+ +-----+ | | 448 | | | 449 +----------------------------+ | 450 | 451 +----------------------------+ | 452 | VPLS PE with T-VSI | | 453 | | | 454 +----+ | +------+ Root VLAN +-----+ | | PW 455 |Root|------| VLAN |-----------|T-VSI|-----+ 456 +----+ | | BRG | Leaf VLAN | |---------- 457 +----+ | | |-----------| |---------- 458 |Leaf|------| | | |---------- 459 +----+ | +------+ +-----+ | 460 | | 461 +----------------------------+ 462 Figure 5 T-VSI Interconnected in the Normal Mode 464 If a PE is in the VLAN mapping mode for a PW, then in the data plane 465 the PE MUST map the VLAN in each frame as follows: 467 o Upon transmitting frames on the PW, map from local VLAN to remote 468 VLAN (i.e., the local leaf VLAN in a frame is translated to the 469 remote leaf VLAN; the local root VLAN in a frame is translated to 470 the remote root VLAN). 472 o Upon receiving frames on the PW, map from remote VLAN to local 473 VLAN, and the frames are further forwarded or dropped in the egress 474 bridge module using the filtering mechanism as described in [802.1Q- 475 2011]. 477 The signaling for VLANs used by E-Tree is specified in Section 6. 479 5.3.2.PW Processing in the Compatible Mode 481 The new VPLS PE model can work in a traditional VPLS network 482 seamlessly in the compatibility mode. As shown in Fig. 6, the VPLS 483 PE with T-VSI can be attached with root and/or leaf nodes, while the 484 VPLS PE with a traditional VSI can only be attached with root nodes. 485 A raw PW SHOULD be used to connect them. 487 +------------------------+ 488 | VPLS PE with T-VSI | 489 | | 490 +----+ | +------+ +-----+ | PW 491 |Root|------| VLAN |-------|T-VSI|---------- 492 +----+ | | BRG | | |---------- 493 +----+ | | |-------| |---------- 494 |Leaf|------| | | |---------+ 495 +----+ | +------+ +-----+ | | 496 | | | 497 +------------------------+ | 498 | 499 +------------------------+ | 500 | VPLS PE with VSI | | 501 | | | 502 +----+ | +------+ +-----+ | PW | 503 |Root|------| VLAN |-------|VSI |---------+ 504 +----+ | | BRG | | |---------- 505 +----+ | | | | |---------- 506 |Root|------| | | |---------- 507 +----+ | +------+ +-----+ | 508 | | 509 +------------------------+ 511 Figure 6 T-VSI interconnected with Traditional VSI 513 If a PE is in the Compatible mode for a PW, then in the data plane 514 the PE MUST process the frame as follows: 516 o Upon transmitting frames on the PW, remove the root or leaf VLAN 517 in the frames. 519 o Upon receiving frames on the PW, add a VLAN tag with a value of 520 the local root VLAN to the frames. 522 5.3.3.PW Processing in the Optimized Mode 524 When two PEs (both have E-Tree capability) are inter-connected and 525 one of them (e.g., PE2) is attached with only leaf nodes, as shown 526 in the scenario of Fig. 7, its peer PE (e.g., PE1) should then work 527 in the optimized mode. In this case, PE1 should not send the frames 528 originated from the local leaf VLAN to PE2, i.e., these frames are 529 dropped rather than transported over the PW. The bandwidth 530 efficiency of the VPLS can thus be improved. The signaling for the 531 PE attached with only leaf nodes is specified in Section 6. 532 +------------------------+ 533 |VPLS PE with T-VSI (PE1)| 534 | | 535 +----+ | +------+ +-----+ | PW 536 |Root|------| VLAN |-------|T-VSI|---------- 537 +----+ | | BRG | | |---------- 538 +----+ | | |-------| |---------- 539 |Leaf|------| | | |---------+ 540 +----+ | +------+ +-----+ | | 541 | | | 542 +------------------------+ | 543 | 544 +------------------------+ | 545 |VPLS PE with T-VSI (PE2)| | 546 | | | 547 +----+ | +------+ +-----+ | PW | 548 |Leaf|------| VLAN |-------|T-VSI|---------+ 549 +----+ | | BRG | | |---------- 550 +----+ | | |-------| |---------- 551 |Leaf|------| | | |---------- 552 +----+ | +------+ +-----+ | 553 | | 554 +------------------------+ 556 Figure 7 T-VSI interconnected with PE attached with only leaf nodes 558 If a PE is in the Optimized Mode for a PW, upon transmit, the PE 559 SHOULD first operate as follows: 561 o Drop a frame if its VLAN ID matches the local leaf VLAN ID. 563 6. Signaling for E-Tree Support 565 6.1. LDP Extensions for E-Tree Support 567 In addition to the signaling procedures as specified in [RFC4447], 568 this document specifies a new interface parameter sub-TLV to 569 provision an E-Tree service and negotiate the VLAN mapping function, 570 as follows: 572 0 1 2 3 573 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 574 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 575 | E-Tree(0x1A) | Length=8 | Reserved |P|V| 576 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 577 | Root VLAN ID | Leaf VLAN ID | 578 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 579 Figure 8 E-Tree Sub-TLV 581 Where: 583 o E-Tree is the sub-TLV identifier (0x1A) as assigned by IANA. 585 o Length is the length of the sub TLV in octets. 587 o Reserved bits MUST be set to zero on transmit and be ignored on 588 receive. 590 o P is a Leaf-only bit, it is set to 1 to indicate that the PE is 591 attached with only leaf nodes, and set to 0 otherwise. 593 o V is a bit indicating the sender's VLAN mapping capability. A PE 594 capable of VLAN mapping MUST set this bit, and clear it otherwise. 596 o Root VLAN ID is the value of the local root VLAN. 598 o Leaf VLAN ID is the value of the local leaf VLAN. 600 When setting up a PW for the E-Tree based VPLS, two peer PEs 601 negotiate the E-Tree support using the above E-Tree sub-TLV. Note PW 602 type of 0x0004 SHOULD be used during the PW negotiation. 604 A PE that wishes to support E-Tree service MUST include an E-Tree 605 Sub-TLV in its PW label mapping message and include its local root 606 VLAN ID and leaf VLAN ID in the TLV. A PE that has the VLAN mapping 607 capability MUST set the V bit to 1, and a PE is attached with only 608 leaf nodes SHOULD set the P bit to 1. 610 In default, for each PW, VLAN-Mapping-Mode, Compatible-Mode, and 611 Optimized-Mode are all set to FALSE. 613 A PE that receives a PW label mapping message with an E-Tree Sub-TLV 614 from its peer PE, after saving the VLAN information for the PW, MUST 615 process it as follows: 617 1) If either the root VLAN ID in the message not equals the local 618 root VLAN ID or the leaf VLAN ID in the message not equals the 619 local leaf VLAN ID then { 621 If the bit V is cleared, then { 623 If the PE is capable of VLAN mapping, then it MUST set 624 VLAN-Mapping-Mode to TRUE; 626 Else { 628 A label release message with the error code "E- 629 Tree VLAN mapping not supported" is sent to the 630 peer PE and exit the process; 632 } 634 } 636 If the bit V is set, and the PE is capable of VLAN mapping, 637 then the PE with the minimum IP address MUST set VLAN- 638 Mapping-Mode to TRUE; 640 } 642 2) If the P bit is set, then: 644 { 646 If the PE is a leaf-only node itself, then a label release 647 message with a status code "Leaf to Leaf PW released" is sent to 648 the peer PE and exit the process; 650 Else the PE SHOULD set the Optimized-Mode to TRUE. 652 } 654 If a PE has sent an E-Tree Sub-TLV but does not receive any E-Tree 655 Sub-TLV in its peer's PW label mapping message, The PE SHOULD then 656 establish a raw PW with this peer as in traditional VPLS and set 657 Compatible-Mode to TRUE for this PW. 659 Data plane processing for this PW is as following: 661 If Optimized-Mode is TRUE, then data plane processing as described 662 in Section 5.3.3 applies. 664 If VLAN-Mapping-Mode is TRUE, then data plane processing as 665 described in Section 5.3.1 applies. 667 If Compatible-Mode is TRUE, then data plane processing is as 668 described in Section 5.3.2. 670 PW processing as described in [RFC4448] proceeds as usual for all 671 cases. 673 6.2. BGP Extensions for E-Tree Support 675 A new E-Tree extended community (0x800b) is allocated by IANA for E- 676 Tree signaling in BGP VPLS: 678 +------------------------------------+ 679 | Extended community type (2 octets) | 680 +------------------------------------+ 681 | Root VLAN (2 octets) | 682 +------------------------------------+ 683 | Leaf VLAN (2 octets) | 684 +------------------------------------+ 685 | Reserved |P|V| 686 +------------------------------------+ 688 Figure 9 E-Tree Extended Community 690 Where: 692 o Root VLAN ID is the value of the local root VLAN. 694 o Leaf VLAN ID is the value of the local leaf VLAN. 696 o Reserved, 14 bits MUST be set to zero on transmit and be ignored 697 on receive. 699 o P is a Leaf-only bit, it is set to 1 to indicate that the PE is 700 attached with only leaf nodes, and set to 0 otherwise. 702 o V is a bit indicating the sender's VLAN mapping capability. A PE 703 capable of VLAN mapping MUST set this bit, and clear it otherwise. 705 The PEs attached with both leaf and root nodes MUST support BGP E- 706 Tree signaling as described in this document, and SHOULD support 707 VLAN mapping in their data planes. The traditional PE attached with 708 only root nodes may also participate in an E-Tree service. If some 709 PEs don't support VLAN mapping, global VLANs as per Section 5.2 MUST 710 be provisioned for an E-Tree service. 712 In BGP VPLS signaling, besides attaching a Layer2 Info Extended 713 Community as detailed in [RFC4761], an E-Tree Extended Community 714 MUST be further attached if a PE wishes to participate in an E-Tree 715 service. The PE MUST include its local root VLAN ID and leaf VLAN ID 716 in the E-Tree Extended Community. A PE attached with only leaf nodes 717 of an E-Tree SHOULD set the P bit in the E-Tree Extended Community 718 to 1. 720 A PE that receives a BGP UPDATE message with an E-Tree Extended 721 Community from its peer PE, after saving the VLAN information for 722 the PW, MUST process it as follows (after processing procedures as 723 specified in Section 3.2 of [RFC4761]): 725 1) If either the root VLAN ID in the E-Tree Extended Community not 726 equals the local root VLAN ID or the leaf VLAN ID in the E-Tree 727 Extended Community not equals the local leaf VLAN ID then { 729 If the bit V is cleared, then { 731 If the PE is capable of VLAN mapping, then it MUST set 732 VLAN-Mapping-Mode to TRUE; 734 Else { 736 Log with a message "E-Tree VLAN mapping not 737 supported" and exit the process; 739 } 741 } 743 If the bit V is set, and the PE is capable of VLAN mapping, 744 the PE with the minimum IP address MUST set VLAN-Mapping-Mode 745 to TRUE; 747 } 749 2) If the P bit is set { 751 If the PE is a leaf-only PE itself, then forbids any traffic 752 on the PW; 753 Else the PE SHOULD set the Optimized-Mode to TRUE. 755 } 757 A PE which does not recognize this attribute SHALL ignore it 758 silently. If a PE has sent an E-Tree Extended Community but does not 759 receive any E-Tree Extended Community from its peer, the PE SHOULD 760 then establish a raw PW with this peer as in traditional VPLS, and 761 set Compatible-Mode to TRUE for this PW. 763 Data plane in the VPLS is the same as described in Section 4.2 of 764 [RFC4761], and data plane processing for a PW is the same as 765 described at the end of Section 6.1. 767 7. OAM Considerations 769 VPLS OAM requirements and framework as specified in [RFC6136] are 770 applicable to E-Tree, as both Ethernet OAM frames and data traffic 771 are transported over the same PW. 773 Ethernet OAM for E-Tree including both service OAM and segment OAM 774 frames SHALL undergo the same VLAN mapping as the data traffic; and 775 root VLAN SHOULD be applied to segment OAM frames so that they are 776 not filtered. 778 8. Applicability 780 The solution specified in this document is applicable to both LDP 781 VPLS [RFC4762] and BGP VPLS [RFC4761]. 783 This solution is applicable to both "VPLS Only" networks and VPLS 784 with Ethernet aggregation networks. 786 This solution is also applicable to PBB VPLS networks. 788 9. Security Considerations 790 Besides security considerations as described in [RFC4448], [RFC4761] 791 and [RFC4762], this solution prevents leaf to leaf communication in 792 the data plane of VPLS when its PEs are interconnected with PWs. In 793 this regard, security can be enhanced for customers with this 794 solution. 796 10. IANA Considerations 798 IANA allocated a value for E-Tree in the registry of Pseudowire 799 Interface Parameters Sub-TLV type. 801 Parameter ID Length Description 802 ======================================= 803 0x1A 8 E-Tree 805 IANA allocated two new LDP status codes from the registry of name 806 "STATUS CODE NAME SPACE". 808 Range/Value E Description 809 ------------- ----- ---------------------- 810 0x20000003 1 E-Tree VLAN mapping not supported 811 0x20000004 0 Leaf to Leaf PW released 813 IANA allocated a value for E-Tree in the registry of BGP Extended 814 Community. 816 Type Value Sub-Type Value Name 817 ========== ============== ============ 818 0x80 0x0b E-Tree Info 820 11. References 822 11.1. Normative References 824 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 825 Requirement Levels", BCP 14, RFC 2119, March 1997. 827 [RFC4447] Martini, L., Rosen, E., El-Aawar, N., Smith, T., and Heron, 828 G., "Pseudowire Setup and Maintenance Using Label 829 Distribution Protocol (LDP)", RFC 4447, April 2006. 831 [RFC4448] Martini, L., Rosen, E., El-Aawar, N., and Heron,G., 832 "Encapsulation Methods for Transport of Ethernet over MPLS 833 Networks", RFC 4448, April 2006. 835 [RFC4761] Kompella, K., and Rekhter, Y., "Virtual Private LAN 836 Service (VPLS) Using BGP for Auto-Discovery and Signaling", 837 RFC 4761, January 2007. 839 [RFC4762] Lasserre, M. and Kompella, V., "Virtual Private LAN 840 Services using LDP", RFC 4762, January 2007. 842 11.2. Informative References 844 [RFC3985] Bryant, S., and Pate, P., "Pseudo Wire Emulation Edge-to- 845 Edge (PWE3) Architecture", RFC 3985, March 2005. 847 [RFC4664] Andersson, L., and Rosen, E., "Framework for Layer 2 848 Virtual Private Networks (L2VPNs)", RFC 4664, September 849 2006. 851 [RFC6136] Sajassi, A. and Mohan, D., "L2VPN OAM Requirements and 852 Framework", RFC 6136, March 2011. 854 [RFC6246] Sajassi, A., Brockners, F., Mohan, D., and Serbest, Y., 855 "Virtual Private LAN Service (VPLS) Interoperability with 856 Customer Edge (CE) Bridges", RFC 6246, June 2011. 858 [RFC7041] Balus, F., Sajassi, A., and Bitar, N., Extensions to VPLS 859 PE model for Provider Backbone Bridging, RFC 7041, 860 November 2013. 862 [RFC7152] Key, R., DeLord, S., Jounay, F., Huang, L., Liu, Z., and M. 863 Paul, "Requirements for Metro Ethernet Forum (MEF) 864 Ethernet-Tree (E-Tree) Support in Layer 2 Virtual Private 865 Network (L2VPN)", RFC 7152, March 2014. 867 [RFC7387] Key, R., Yong, L., DeLord, S., Jounay, F., and Jin, L., "A 868 Framework for Ethernet Tree (E-Tree) Service over a 869 Multiprotocol Label Switching (MPLS) Network", RFC 7387, 870 October 2014. 872 [802.1Q-2011] IEEE 802.1Q, Media Access Control (MAC) Bridges and 873 Virtual Bridge Local Area Networks, August 2011. 875 [MEF4] Metro Ethernet Forum, Metro Ethernet Network Architecture 876 Framework - Part 1: Generic Framework, Technical 877 Specification MEF 4, May 2004. 879 [MEF6.1] Metro Ethernet Forum, "Ethernet Services Definitions - 880 Phase 2", Technical Specification MEF 6.1, April 2008. 882 [VPMS] Kamite, Y., Jounay, F., Niven-Jenkins, B., Brungard, D., 883 and L. Jin, "Framework and Requirements for Virtual 884 Private Multicast Service (VPMS)", Work in Progress, 885 draft-ietf-l2vpn-vpms-frmwk-requirements-05, October 2012. 887 12. Acknowledgments 889 The authors would like to thank Stewart Bryant for his detailed 890 review and suggestions, thank Adrian Farrel, Susan Hares and Shane 891 Amante for their valuable advices, thank Ben Mack-crane, Edwin 892 Mallette, Donald Fedyk, Dave Allan, Giles Heron, Raymond Key, Josh 893 Rogers, Sam Cao and Daniel Cohn for their valuable comments and 894 discussions. 896 Appendix A. Other PE Models for E-Tree 898 A.1. A PE Model With a VSI and No bridge 900 If there is no bridge module in a PE, the PE may consist of Native 901 Service Processors (NSPs) as shown in Figure A.1 (adapted from Fig. 902 5 of [RFC3985]) where any transformation operation for VLANs (e.g., 903 VLAN insertion/removal or VLAN mapping) may be applied. Thus a root 904 VLAN or leaf VLAN can be added by the NSP depending on the User 905 Network Interface (UNI) type (root/leaf) associated with the AC over 906 which the packet arrives. 908 Further, when a packet with a leaf VLAN exits a forwarder and 909 arrives at the NSP, the NSP must drop the packet if the egress AC is 910 associated with a leaf UNI. 912 Tagged PW and VLAN mapping work in the same way as in the typical PE 913 model. 915 +----------------------------------------+ 916 | PE Device | 917 Multiple+----------------------------------------+ 918 AC | | | Single | PW Instance 919 <------>o NSP # + PW Instance X<----------> 920 | | | | 921 |------| VSI |----------------------| 922 | | | Single | PW Instance 923 <------>o NSP #Forwarder + PW Instance X<----------> 924 | | | | 925 |------| |----------------------| 926 | | | Single | PW Instance 927 <------>o NSP # + PW Instance X<----------> 928 | | | | 929 +----------------------------------------+ 931 Figure A.1 A PE model with a VSI and no bridge module 933 This PE model may be used by a Multi-Tenant Unit switch (MTU-s) in a 934 Hierarchical VPLS (H-VPLS) network, or a Network-facing PE (N-PE) in 935 an H-VPLS network with non-bridging edge devices, wherein a spoke PW 936 can be treated as an AC in this model. 938 A.2. A PE Model With external E-Tree interface 940 +----------------------------------------+ 941 | PE Device | 942 Root +----------------------------------------+ 943 VLAN | | Single | PW Instance 944 <------>o + PW Instance X<----------> 945 | | | 946 | VSI |----------------------| 947 | | Single | PW Instance 948 | Forwarder + PW Instance X<----------> 949 | | | 950 Leaf | |----------------------| 951 VLAN | | Single | PW Instance 952 <------>o + PW Instance X<----------> 953 | | | 954 +----------------------------------------+ 956 Figure A.2 A PE model with external E-Tree interface 958 A more simplified PE model is depicted in A.2, where Root/Leaf VLANs 959 are directly or indirectly over a single PW connected to a same VSI 960 forwarder in a PE, any transformation of E-Tree VLANs, e.g., VLAN 961 insertion/removal or VLAN mapping, can be performed by some outer 962 equipments, and the PE may further translate these VLANs into its 963 own local VLANs. This PE model may be used by an N-PE in an H-VPLS 964 network with bridging-capable devices, or scenarios such as 965 providing E-Tree Network-to-Network interfaces. 967 Authors' Addresses 969 Yuanlong Jiang 970 Huawei Technologies Co., Ltd. 971 Bantian, Longgang district 972 Shenzhen 518129, China 973 Email: jiangyuanlong@huawei.com 975 Lucy Yong 976 Huawei USA 977 207 Estrella Xing 978 Georgetown TX, USA 78628 979 Email: lucyyong@huawei.com 981 Manuel Paul 982 Deutsche Telekom 983 Winterfeldtstr. 21 984 10781 Berlin, Germany 985 Email: manuel.paul@telekom.de 987 Frederic Jounay 988 Orange CH 989 4 rue caudray 1020 Renens, Switzerland 990 Email: frederic.jounay@orange.ch 992 Florin Balus 993 Alcatel-Lucent 994 701 E. Middlefield Road 995 Mountain View, CA, USA 94043 996 Email: florin.balus@alcatel-lucent.com 998 Wim Henderickx 999 Alcatel-Lucent 1000 Copernicuslaan 50 1001 2018 Antwerp, Belgium 1002 Email: wim.henderickx@alcatel-lucent.com 1004 Ali Sajassi 1005 Cisco 1006 170 West Tasman Drive 1007 San Jose, CA 95134, USA 1008 Email: sajassi@cisco.com