idnits 2.17.1 draft-ietf-pals-mpls-tp-dual-homing-protection-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (June 15, 2016) is 2865 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Outdated reference: A later version (-05) exists of draft-ietf-pals-endpoint-fast-protection-02 Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group W. Cheng 3 Internet-Draft L. Wang 4 Intended status: Informational H. Li 5 Expires: December 17, 2016 China Mobile 6 K. Liu 7 Huawei Technologies 8 S. Davari 9 Broadcom Corporation 10 J. Dong 11 Huawei Technologies 12 A. D'Alessandro 13 Telecom Italia 14 June 15, 2016 16 Dual-Homing Protection for MPLS and MPLS-TP Pseudowires 17 draft-ietf-pals-mpls-tp-dual-homing-protection-03 19 Abstract 21 This document describes a framework and several scenarios for 22 pseudowire (PW) dual-homing local protection. A Dual-Node 23 Interconnection (DNI) PW is provisioned between the dual-homing 24 Provider Edge (PE) nodes for carrying traffic when failure occurs in 25 the Attachment Circuit (AC) or PW side. In order for the dual-homing 26 PE nodes to determine the forwarding state of AC, PW and the DNI PW, 27 necessary state exchange and coordination between the dual-homing PEs 28 are needed. The PW dual-homing local protection mechanism is 29 complementary to the existing PW protection mechanisms. 31 Status of This Memo 33 This Internet-Draft is submitted in full conformance with the 34 provisions of BCP 78 and BCP 79. 36 Internet-Drafts are working documents of the Internet Engineering 37 Task Force (IETF). Note that other groups may also distribute 38 working documents as Internet-Drafts. The list of current Internet- 39 Drafts is at http://datatracker.ietf.org/drafts/current/. 41 Internet-Drafts are draft documents valid for a maximum of six months 42 and may be updated, replaced, or obsoleted by other documents at any 43 time. It is inappropriate to use Internet-Drafts as reference 44 material or to cite them other than as "work in progress." 46 This Internet-Draft will expire on December 17, 2016. 48 Copyright Notice 50 Copyright (c) 2016 IETF Trust and the persons identified as the 51 document authors. All rights reserved. 53 This document is subject to BCP 78 and the IETF Trust's Legal 54 Provisions Relating to IETF Documents 55 (http://trustee.ietf.org/license-info) in effect on the date of 56 publication of this document. Please review these documents 57 carefully, as they describe your rights and restrictions with respect 58 to this document. Code Components extracted from this document must 59 include Simplified BSD License text as described in Section 4.e of 60 the Trust Legal Provisions and are provided without warranty as 61 described in the Simplified BSD License. 63 Table of Contents 65 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 66 2. Reference Models of Dual-homing Local Protection . . . . . . 3 67 2.1. PE Architecture . . . . . . . . . . . . . . . . . . . . . 3 68 2.2. Dual-Homing Local Protection Reference Scenarios . . . . 4 69 2.2.1. One-Side Dual-Homing Protection . . . . . . . . . . . 4 70 2.2.2. Two-side Dual-Homing Protection . . . . . . . . . . . 6 71 3. Generic Dual-homing PW Protection Mechanism . . . . . . . . . 7 72 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 73 5. Security Considerations . . . . . . . . . . . . . . . . . . . 8 74 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 75 6.1. Normative References . . . . . . . . . . . . . . . . . . 8 76 6.2. Informative References . . . . . . . . . . . . . . . . . 8 77 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 9 79 1. Introduction 81 [RFC6372] and [RFC6378] describe the framework and mechanism of MPLS- 82 TP Linear protection, which can provide protection for the MPLS LSP 83 or pseudowire (PW) between the edge nodes. Such mechanism does not 84 protect the failure of the Attachment Circuit (AC) or the Provider 85 Edge (PE) node. [RFC6718] and [RFC6870] describe the framework and 86 mechanism for PW redundancy to provide protection for AC or PE node 87 failure. The PW redundancy mechanism is based on the signaling of 88 Label Distribution Protocol (LDP), which is applicable to PWs with a 89 dynamic control plane. [I-D.ietf-pals-endpoint-fast-protection] 90 describes a fast local repair mechanism for PW egress endpoint 91 failures, which is based on PW redundancy, upstream label assignment 92 and context specific label switching. Such mechanism is applicable 93 to PWs with a dynamic control plane. 95 In some scenarios such as mobile backhauling, the MPLS PWs are 96 provisioned with dual-homing topology, in which at least the CE node 97 in one side is dual-homed to two PEs. If some fault occurs in the 98 primary AC, operators usually prefer to have the switchover only in 99 the dual-homing PE side and keeps the working pseudowires unchanged 100 if possible. This is to avoid massive PWs switchover in the mobile 101 backhaul network due to one AC failure in the core site, and also 102 could achieve efficient and balanced link bandwidth utilization. 103 Similarly, it is preferable to keep using the working AC when one 104 working PW fails in the Packet Switched Network (PSN) network. To 105 meet the above requirement, a fast dual-homing PW local protection 106 mechanism is needed to protect the failures in AC, the PE node and 107 the PSN network. 109 This document describes the framework and typical scenarios for 110 pseudowire (PW) dual-homing local protection. A Dual-Node 111 Interconnection (DNI) PW is provisioned between the dual-homing PE 112 nodes for carrying traffic when failure occurs in the AC or PW side. 113 In order for the dual-homing PE nodes to determine the forwarding 114 state of AC, PW and DNI PW, necessary state exchange and coordination 115 between the dual-homing PEs is needed. The mechanism defined in this 116 document is complementary to the existing protection mechanisms. The 117 necessary protocol extensions will be described in a separate 118 document. 120 The proposed mechanism has been deployed in several mobile backhaul 121 networks which use static MPLS-TP PWs for the backhauling of mobile 122 traffic. 124 2. Reference Models of Dual-homing Local Protection 126 This section shows the reference architecture of the PE for dual- 127 homing PW local protection and the usage of the architecture in 128 different scenarios. 130 2.1. PE Architecture 132 Figure 1 shows the PE architecture for dual-homing local protection. 133 This is based on the architecture in Figure 4a of [RFC3985]. In 134 addition to the AC and the service PW, a DNI PW is provisioned to 135 connect the forwarders of the dual-homing PEs. It can be used to 136 forward traffic between the dual-homing PEs when failure occurs in 137 the AC or service PW side. As [RFC3985] specifies: "any required 138 switching functionality is the responsibility of a forwarder 139 function", in this case, the forwarder is responsible for switching 140 the payloads between three entities: the AC, the service PW and the 141 DNI PW. The specific behavior of forwarder is determined according 142 to the forwarding state machine defined in this document. 144 +----------------------------------------+ 145 | Dual-homing PE Device | 146 Single +----------------------------------------+ 147 AC | | | Service PW 148 <------>o Forwarder + Service X<===========> 149 | | PW | 150 +--------+--------+ | 151 | DNI PW | | 152 +--------X--------+----------------------+ 153 ^ 154 | DNI PW 155 | 156 V 157 +--------X-------------------------------+ 158 | Peer Dual-homing PE Device | 159 +----------------------------------------+ 161 Figure 1: PE Architecture for Dual-homing Protection 163 2.2. Dual-Homing Local Protection Reference Scenarios 165 2.2.1. One-Side Dual-Homing Protection 167 Figure 2 illustrates the network scenario of dual-homing PW local 168 protection where one of the CEs is dual-homed to two PE nodes. CE1 169 is dual-homed to PE1 and PE2, while CE2 is single-homed to PE3. A 170 DNI-PW is established between the dual-homing PEs, which is used to 171 bridge traffic when a failure occurs in the PSN network or in the AC 172 side. A control mechanism enables the PEs and CE to determine which 173 AC should be used to carry traffic between CE1 and the PSN network. 174 These mechanisms/protocols are beyond the scope of this document. 175 The working and protection PWs can be determined either by 176 configuration or by existing signaling mechanisms. 178 This scenario can protect the node failure of PE1 or PE2, or the 179 failure of one of the ACs between CE1 and the dual-homing PEs. In 180 addition, dual-homing PW protection can protect the failure occured 181 in the PSN network which impacts the working PW, thus it can be an 182 alternative solution of PSN tunnel protection mechanisms. This 183 topology can be used in mobile backhauling application scenarios. 184 For example, the NodeB serves as CE2 while the Radio Network 185 Controller (RNC) serves as CE1. PE3 works as an access side MPLS 186 device while PE1 and PE2 works as core side MPLS devices. 188 |<--------------- Emulated Service --------------->| 189 | | 190 | |<------- Pseudo Wire ------>| | 191 | | | | 192 | | |<-- PSN Tunnels-->| | | 193 | V V V V | 194 V AC1 +----+ +----+ V 195 +-----+ | | PE1| | | +-----+ 196 | |----------|........PW1.(working).......| | | 197 | | | | | | | | 198 | | +-+--+ | | AC3 | | 199 | | | | | | | | 200 | CE1 | DNI-PW | |PE3 |----------| CE2 | 201 | | | | | | | 202 | | +-+--+ | | | | 203 | | | | | | | | 204 | |----------|......PW2.(protection)......| | | 205 +-----+ | | PE2| | | +-----+ 206 AC2 +----+ +----+ 207 Figure 2. One-side dual-homing PW protection 209 Consider in normal state AC1 from CE1 to PE1 is initially active and 210 AC2 from CE1 to PE2 is initially standby, PW1 is the working PW and 211 PW2 is the protection PW. 213 When a failure occurs in AC1, then the state of AC2 changes to active 214 based on some AC redundancy mechanism. In order to keep the 215 switchover local and continue using PW1 for traffic forwarding, the 216 forwarder on PE2 needs to connect AC2 to the DNI PW, and the 217 forwarder on PE1 needs to connect the DNI PW to PW1. In this way the 218 failure in AC1 will not impact the forwarding of the service PWs 219 across the network. After the switchover, traffic will go through 220 the path: CE1-(AC2)-PE2-(DNI-PW)-PE1-(PW1)-PE3-(AC3)-CE2. 222 When a failure in the PSN network affects the working PW (PW1), 223 according to PW protection mechanisms, traffic is switched onto the 224 protection PW (PW2), while the state of AC1 remains active. Then the 225 forwarder on PE1 needs to connect AC1 to the DNI PW, and the 226 forwarder on PE2 needs to connect the DNI PW to PW2. In this way the 227 failure in the PSN network will not impact the state of the ACs. 228 After the switchover, traffic will go through the path: CE1-(AC1)- 229 PE1-(DNI-PW)-PE2-(PW2)-PE3-(AC3)-CE2. 231 In both AC and PW failure cases, the dual-homing PW protection needs 232 to coordinate the PEs to set the forwarding state between the AC, 233 service PW and DNI PW properly. 235 2.2.2. Two-side Dual-Homing Protection 237 Figure 3 illustrates the network scenario of dual-homing PW 238 protection where the CEs in both sides are dual-homed. CE1 is dual- 239 homed to PE1 and PE2, and CE2 is dual-homed to PE3 and PE4. A dual- 240 homing control mechanism enables the PEs and CEs to determine which 241 AC should be used to carry traffic between CE and the PSN network. 242 DNI-PWs are provisioned between the dual-homing PEs on both sides. 243 One service PW is established between PE1 and PE3, another service PW 244 is established between PE2 and PE4. The role of working and 245 protection PW can be determined either by configuration or via 246 existing signaling mechanisms. 248 This scenario can protect the node failure on one of the dual-homing 249 PEs, or the failure on one of the ACs between the CEs and their dual- 250 homing PEs. Meanwhile, dual-homing PW protection can protect the 251 failure occured in the PSN network which impacts one of the PWs, thus 252 it can be an alternative solution of PSN tunnel protection 253 mechanisms. This scenario is mainly used for services of important 254 business customers. In this case, CE1 and CE2 can be regarded as 255 service access points. 257 |<---------------- Emulated Service -------------->| 258 | | 259 | |<-------- Pseudowire ------>| | 260 | | | | 261 | | |<-- PSN Tunnels-->| | | 262 | V V V V | 263 V AC1 +----+ +----+ AC3 V 264 +-----+ | | ...|...PW1.(working)..|... | | +-----+ 265 | |----------| PE1| | PE3|----------| | 266 | | +----+ +----+ | | 267 | | | | | | 268 | CE1 | DNI-PW1 | | DNI-PW2 | CE2 | 269 | | | | | | 270 | | +----+ +----+ | | 271 | | | | | | | | 272 | |----------| PE2| | PE4|--------- | | 273 +-----+ | | ...|.PW2.(protection).|... | | +-----+ 274 AC2 +----+ +----+ AC4 276 Figure 3. Two-side dual-homing PW protection 278 Consider in normal state AC1 from CE1 to PE1 is initially active and 279 AC2 from CE1 to PE2 is initially standby, AC3 from CE2 to PE3 is 280 initially active and AC4 from CE2 to PE4 is initially standby, PW1 is 281 the working PW and PW2 is the protection PW. 283 When a failure occurs in AC1, the state of AC2 changes to active 284 based on some AC redundancy mechanism. In order to keep the 285 switchover local and continue using PW1 for traffic forwarding, the 286 forwarder on PE2 needs to connect AC2 to the DNI-PW1, and the 287 forwarder on PE1 needs to connect DNI-PW1 with PW1. In this way 288 failures in the AC side will not impact the forwarding of the service 289 PWs across the network. After the switchover, traffic will go 290 through the path: CE1-(AC2)-PE2-(DNI-PW1)-PE1-(PW1)-PE3-(AC3)-CE2. 292 When a failure occurs in the working PW (PW1), according to the PW 293 protection mechanism, traffic is switched onto the protection PW 294 "PW2". In order to keep the state of AC1 and AC3 unchanged, the 295 forwarder on PE1 needs to connect AC1 to DNI-PW1, and the forwarder 296 on PE2 needs to connect DNI-PW1 to PW2. On the other side, the 297 forwarder of PE3 needs to connect AC3 to DNI-PW2, and the forwarder 298 on PE4 needs to connect PW2 to DNI-PW2. In this way, the state of 299 the ACs will not be impacted by the failure in the PSN network. 300 After the switchover, traffic will go through the path: CE1-(AC1)- 301 PE1-(DNI-PW1)-PE2-(PW2)-PE4-(DNI-PW2)-PE3-(AC3)-CE2. 303 In case both the AC and PW failure occur, the dual-homing PW 304 protection needs to coordinate the PEs to set the forwarding state 305 between the AC, service PW and the DNI PW properly. 307 3. Generic Dual-homing PW Protection Mechanism 309 As shown in the above scenarios, with the described dual-homing PW 310 protection, failures in the AC side will not impact the forwarding 311 behavior of the PWs in the PSN network, and vice-versa. This is 312 achieved by properly setting the forwarding state between the 313 following entities: 315 o AC 317 o Service PW 319 o DNI PW 321 The forwarding behavior of the dual-homing PE nodes are determined by 322 the forwarding state machine as shown in table 1: 324 +-----------+---------+--------+---------------------+ 325 |Service PW | AC | DNI PW | Forwarding Behavior | 326 +-----------+---------+--------+---------------------+ 327 | Active | Active | Up |Service PW <-> AC | 328 +-----------+---------+--------+---------------------+ 329 | Active | Standby | Up |Service PW <-> DNI PW| 330 +-----------+---------+--------+---------------------+ 331 | Standby | Active | Up | DNI PW <-> AC | 332 +-----------+---------+--------+---------------------+ 333 | Standby | Standby | Up | Drop all packets | 334 +-----------+---------+--------+---------------------+ 335 Table 1. Dual-homing PE Forwarding State Machine 337 In order for the dual-homing PEs to coordinate the traffic forwarding 338 during the failures, synchronization of the status information of the 339 involved entities and coordination of switchover between the dual- 340 homing PEs are needed. For PWs with a dynamic control plane, such 341 information synchronization and coordination can be achieved with a 342 dynamic protocol, such as [RFC7275], possibly with some extensions. 343 For PWs which are manually configured without a control plane, a new 344 mechanism is needed to exchange the status information and coordinate 345 switchover between the dual-homing PEs. This is described in a 346 separate document. 348 4. IANA Considerations 350 This document does not require any IANA action. 352 5. Security Considerations 354 The mechanism defined in this document do not affect the security 355 model as defined in [RFC3985]. 357 6. References 359 6.1. Normative References 361 [RFC3985] Bryant, S., Ed. and P. Pate, Ed., "Pseudo Wire Emulation 362 Edge-to-Edge (PWE3) Architecture", RFC 3985, 363 DOI 10.17487/RFC3985, March 2005, 364 . 366 6.2. Informative References 368 [I-D.ietf-pals-endpoint-fast-protection] 369 Shen, Y., Aggarwal, R., Henderickx, W., and Y. Jiang, "PW 370 Endpoint Fast Failure Protection", draft-ietf-pals- 371 endpoint-fast-protection-02 (work in progress), January 372 2016. 374 [RFC6372] Sprecher, N., Ed. and A. Farrel, Ed., "MPLS Transport 375 Profile (MPLS-TP) Survivability Framework", RFC 6372, 376 DOI 10.17487/RFC6372, September 2011, 377 . 379 [RFC6378] Weingarten, Y., Ed., Bryant, S., Osborne, E., Sprecher, 380 N., and A. Fulignoli, Ed., "MPLS Transport Profile (MPLS- 381 TP) Linear Protection", RFC 6378, DOI 10.17487/RFC6378, 382 October 2011, . 384 [RFC6718] Muley, P., Aissaoui, M., and M. Bocci, "Pseudowire 385 Redundancy", RFC 6718, DOI 10.17487/RFC6718, August 2012, 386 . 388 [RFC6870] Muley, P., Ed. and M. Aissaoui, Ed., "Pseudowire 389 Preferential Forwarding Status Bit", RFC 6870, 390 DOI 10.17487/RFC6870, February 2013, 391 . 393 [RFC7275] Martini, L., Salam, S., Sajassi, A., Bocci, M., 394 Matsushima, S., and T. Nadeau, "Inter-Chassis 395 Communication Protocol for Layer 2 Virtual Private Network 396 (L2VPN) Provider Edge (PE) Redundancy", RFC 7275, 397 DOI 10.17487/RFC7275, June 2014, 398 . 400 Authors' Addresses 402 Weiqiang Cheng 403 China Mobile 404 No.32 Xuanwumen West Street 405 Beijing 100053 406 China 408 Email: chengweiqiang@chinamobile.com 409 Lei Wang 410 China Mobile 411 No.32 Xuanwumen West Street 412 Beijing 100053 413 China 415 Email: Wangleiyj@chinamobile.com 417 Han Li 418 China Mobile 419 No.32 Xuanwumen West Street 420 Beijing 100053 421 China 423 Email: Lihan@chinamobile.com 425 Kai Liu 426 Huawei Technologies 427 Huawei Base, Bantian, Longgang District 428 Shenzhen 518129 429 China 431 Email: alex.liukai@huawei.com 433 Shahram Davari 434 Broadcom Corporation 435 3151 Zanker Road 436 San Jose 95134-1933 437 United States 439 Email: davari@broadcom.com 441 Jie Dong 442 Huawei Technologies 443 Huawei Campus, No. 156 Beiqing Rd. 444 Beijing 100095 445 China 447 Email: jie.dong@huawei.com 448 Alessandro D'Alessandro 449 Telecom Italia 450 via Reiss Romoli, 274 451 Torino 10148 452 Italy 454 Email: alessandro.dalessandro@telecomitalia.it