idnits 2.17.1 draft-ietf-pce-binding-label-sid-07.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (February 20, 2021) is 1160 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 7525 (Obsoleted by RFC 9325) == Outdated reference: A later version (-14) exists of draft-ietf-pce-pcep-extension-for-pce-controller-10 == Outdated reference: A later version (-22) exists of draft-ietf-spring-segment-routing-policy-09 == Outdated reference: A later version (-23) exists of draft-ietf-pce-pcep-yang-15 Summary: 1 error (**), 0 flaws (~~), 4 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 PCE Working Group S. Sivabalan 3 Internet-Draft Ciena Corporation 4 Intended status: Standards Track C. Filsfils 5 Expires: August 24, 2021 Cisco Systems, Inc. 6 J. Tantsura 7 Apstra, Inc. 8 S. Previdi 9 C. Li 10 Huawei Technologies 11 February 20, 2021 13 Carrying Binding Label/Segment-ID in PCE-based Networks. 14 draft-ietf-pce-binding-label-sid-07 16 Abstract 18 In order to provide greater scalability, network opacity, and service 19 independence, Segment Routing (SR) utilizes a Binding Segment 20 Identifier (BSID). It is possible to associate a BSID to RSVP-TE 21 signaled Traffic Engineering Label Switching Path or binding Segment- 22 ID (SID) to SR Traffic Engineering path. Such a binding label/SID 23 can be used by an upstream node for steering traffic into the 24 appropriate TE path to enforce SR policies. This document proposes 25 an approach for reporting binding label/SID to Path Computation 26 Element (PCE) for supporting PCE-based Traffic Engineering policies. 28 Requirements Language 30 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 31 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 32 "OPTIONAL" in this document are to be interpreted as described in BCP 33 14 [RFC2119] [RFC8174] when, and only when, they appear in all 34 capitals, as shown here. 36 Status of This Memo 38 This Internet-Draft is submitted in full conformance with the 39 provisions of BCP 78 and BCP 79. 41 Internet-Drafts are working documents of the Internet Engineering 42 Task Force (IETF). Note that other groups may also distribute 43 working documents as Internet-Drafts. The list of current Internet- 44 Drafts is at https://datatracker.ietf.org/drafts/current/. 46 Internet-Drafts are draft documents valid for a maximum of six months 47 and may be updated, replaced, or obsoleted by other documents at any 48 time. It is inappropriate to use Internet-Drafts as reference 49 material or to cite them other than as "work in progress." 51 This Internet-Draft will expire on August 24, 2021. 53 Copyright Notice 55 Copyright (c) 2021 IETF Trust and the persons identified as the 56 document authors. All rights reserved. 58 This document is subject to BCP 78 and the IETF Trust's Legal 59 Provisions Relating to IETF Documents 60 (https://trustee.ietf.org/license-info) in effect on the date of 61 publication of this document. Please review these documents 62 carefully, as they describe your rights and restrictions with respect 63 to this document. Code Components extracted from this document must 64 include Simplified BSD License text as described in Section 4.e of 65 the Trust Legal Provisions and are provided without warranty as 66 described in the Simplified BSD License. 68 Table of Contents 70 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 71 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 72 3. Path Binding TLV . . . . . . . . . . . . . . . . . . . . . . 6 73 3.1. SRv6 Endpoint Behavior and SID Structure . . . . . . . . 7 74 4. Operation . . . . . . . . . . . . . . . . . . . . . . . . . . 8 75 5. Binding SID in SR-ERO . . . . . . . . . . . . . . . . . . . . 10 76 6. Binding SID in SRv6-ERO . . . . . . . . . . . . . . . . . . . 10 77 7. PCE Allocation of Binding SID . . . . . . . . . . . . . . . . 10 78 8. Implementation Status . . . . . . . . . . . . . . . . . . . . 12 79 8.1. Huawei . . . . . . . . . . . . . . . . . . . . . . . . . 12 80 8.2. Cisco . . . . . . . . . . . . . . . . . . . . . . . . . . 13 81 9. Security Considerations . . . . . . . . . . . . . . . . . . . 13 82 10. Manageability Considerations . . . . . . . . . . . . . . . . 13 83 10.1. Control of Function and Policy . . . . . . . . . . . . . 14 84 10.2. Information and Data Models . . . . . . . . . . . . . . 14 85 10.3. Liveness Detection and Monitoring . . . . . . . . . . . 14 86 10.4. Verify Correct Operations . . . . . . . . . . . . . . . 14 87 10.5. Requirements On Other Protocols . . . . . . . . . . . . 14 88 10.6. Impact On Network Operations . . . . . . . . . . . . . . 14 89 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 14 90 11.1. PCEP TLV Type Indicators . . . . . . . . . . . . . . . . 14 91 11.1.1. TE-PATH-BINDING TLV . . . . . . . . . . . . . . . . 15 92 11.2. LSP Object . . . . . . . . . . . . . . . . . . . . . . . 15 93 11.3. PCEP Error Type and Value . . . . . . . . . . . . . . . 16 94 12. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 16 95 13. References . . . . . . . . . . . . . . . . . . . . . . . . . 16 96 13.1. Normative References . . . . . . . . . . . . . . . . . . 16 97 13.2. Informative References . . . . . . . . . . . . . . . . . 18 98 Appendix A. Contributor Addresses . . . . . . . . . . . . . . . 19 99 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 19 101 1. Introduction 103 A PCE can compute Traffic Engineering paths (TE paths) through a 104 network that are subject to various constraints. Currently, TE paths 105 are either set up using the RSVP-TE signaling protocol or Segment 106 Routing (SR). We refer to such paths as RSVP-TE paths and SR-TE 107 paths respectively in this document. 109 As per [RFC8402] SR allows a headend node to steer a packet flow 110 along any path. The headend node is said to steer a flow into an 111 Segment Routing Policy (SR Policy). Further, as per 112 [I-D.ietf-spring-segment-routing-policy], an SR Policy is a framework 113 that enables instantiation of an ordered list of segments on a node 114 for implementing a source routing policy with a specific intent for 115 traffic steering from that node. 117 As described in [RFC8402], Binding Segment Identifier (BSID) is bound 118 to an Segment Routed (SR) Policy, instantiation of which may involve 119 a list of SIDs. Any packets received with an active segment equal to 120 BSID are steered onto the bound SR Policy. A BSID may be either a 121 local (SR Local Block (SRLB)) or a global (SR Global Block (SRGB)) 122 SID. As per Section 6.4 of [I-D.ietf-spring-segment-routing-policy] 123 a BSID can also be associated with any type of interfaces or tunnel 124 to enable the use of a non-SR interface or tunnels as segments in a 125 SID-list. 127 [RFC5440] describes the Path Computation Element Protocol (PCEP) for 128 communication between a Path Computation Client (PCC) and a PCE or 129 between a pair of PCEs as per [RFC4655]. [RFC8231] specifies 130 extension to PCEP that allows a PCC to delegate its LSPs to a 131 stateful PCE. A stateful PCE can then update the state of LSPs 132 delegated to it. [RFC8281] specifies a mechanism allowing a PCE to 133 dynamically instantiate an LSP on a PCC by sending the path and 134 characteristics. The PCEP extension to setup and maintain SR-TE 135 paths is specified in [RFC8664]. 137 [RFC8664] provides a mechanism for a network controller (acting as a 138 PCE) to instantiate candidate paths for an SR Policy onto a head-end 139 node (acting as a PCC) using PCEP. For more information on the SR 140 Policy Architecture, see [I-D.ietf-spring-segment-routing-policy]. 142 Binding label/SID has local significance to the ingress node of the 143 corresponding TE path. When a stateful PCE is deployed for setting 144 up TE paths, it may be desirable to report the binding label or SID 145 to the stateful PCE for the purpose of enforcing end-to-end TE/SR 146 policy. A sample Data Center (DC) use-case is illustrated in the 147 following diagram. In the MPLS DC network, an SR LSP (without 148 traffic engineering) is established using a prefix SID advertised by 149 BGP (see [RFC8669]). In IP/MPLS WAN, an SR-TE LSP is setup using the 150 PCE. The list of SIDs of the SR-TE LSP is {A, B, C, D}. The gateway 151 node 1 (which is the PCC) allocates a binding SID X and reports it to 152 the PCE. In order for the access node to steer the traffic over the 153 SR-TE LSP, the PCE passes the SID stack {Y, X} where Y is the prefix 154 SID of the gateway node-1 to the access node. In the absence of the 155 binding SID X, the PCE should pass the SID stack {Y, A, B, C, D} to 156 the access node. This example also illustrates the additional 157 benefit of using the binding SID to reduce the number of SIDs imposed 158 on the access nodes with a limited forwarding capacity. 160 SID stack 161 {Y, X} +-----+ 162 _ _ _ _ _ _ _ _ _ _ _ _ _ _| PCE | 163 | +-----+ 164 | ^ 165 | | Binding 166 | .-----. | SID (X) .-----. 167 | ( ) | ( ) 168 V .--( )--. | .--( )--. 169 +------+ ( ) +-------+ ( ) +-------+ 170 |Access|_( MPLS DC Network )_|Gateway|_( IP/MPLS WAN )_|Gateway| 171 | Node | ( ==============> ) |Node-1 | ( ================> ) |Node-2 | 172 +------+ ( SR path ) +-------+ ( SR-TE path ) +-------+ 173 '--( )--' Prefix '--( )--' 174 ( ) SID of ( ) 175 '-----' Node-1 '-----' 176 is Y SIDs for SR-TE LSP: 177 {A, B, C, D} 179 Figure 1: A sample Use-case of Binding SID 181 A PCC could report the binding label/SID allocated by it to the 182 stateful PCE via Path Computation State Report (PCRpt) message. It 183 is also possible for a stateful PCE to request a PCC to allocate a 184 specific binding label/SID by sending a Path Computation Update 185 Request (PCUpd) message. If the PCC can successfully allocate the 186 specified binding value, it reports the binding value to the PCE. 187 Otherwise, the PCC sends an error message to the PCE indicating the 188 cause of the failure. A local policy or configuration at the PCC 189 SHOULD dictate if the binding label/SID needs to be assigned. 191 In this document, we introduce a new OPTIONAL TLV that a PCC can use 192 in order to report the binding label/SID associated with a TE LSP, or 193 a PCE to request a PCC to allocate a specific binding label/SID 194 value. This TLV is intended for TE LSPs established using RSVP-TE, 195 SR, or any other future method. Also, in the case of SR-TE LSPs, the 196 TLV can carry a binding MPLS label (for SR-TE path with MPLS data- 197 plane) or a binding IPv6 SID (e.g., IPv6 address for SR-TE paths with 198 IPv6 data-plane). Binding value means either MPLS label or SID 199 throughout this document. 201 Additionally, to support the PCE based central controller [RFC8283] 202 operation where the PCE would take responsibility for managing some 203 part of the MPLS label space for each of the routers that it 204 controls, the PCE could directly make the binding label/SID 205 allocation and inform the PCC. See Section 7 for details. 207 2. Terminology 209 The following terminologies are used in this document: 211 BSID: Binding Segment Identifier. 213 LER: Label Edge Router. 215 LSP: Label Switched Path. 217 LSR: Label Switching Router. 219 PCC: Path Computation Client. 221 PCE: Path Computation Element 223 PCEP: Path Computation Element Protocol. 225 RSVP-TE: Resource ReserVation Protocol-Traffic Engineering. 227 SID: Segment Identifier. 229 SR: Segment Routing. 231 SRGB: Segment Routing Global Block. 233 SRLB: Segment Routing Local Block. 235 TLV: Type, Length, and Value. 237 3. Path Binding TLV 239 The new optional TLV is called "TE-PATH-BINDING TLV" (whose format is 240 shown in the figure below) is defined to carry the binding label or 241 SID for a TE path. This TLV is associated with the LSP object 242 specified in ([RFC8231]). The type of this TLV is to be allocated by 243 IANA. 245 0 1 2 3 246 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 247 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 248 | Type | Length | 249 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 250 | BT | Flags | Reserved | 251 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 252 ~ Binding Value (variable length) ~ 253 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 255 Figure 2: TE-PATH-BINDING TLV 257 TE-PATH-BINDING TLV is a generic TLV such that it is able to carry 258 MPLS label binding as well as SRv6 Binding SID. It is formatted 259 according to the rules specified in [RFC5440]. 261 Binding Type (BT): A one-octet field identifies the type of binding 262 included in the TLV. This document specifies the following BT 263 values: 265 o BT = 0: The binding value is an MPLS label carried in the format 266 specified in [RFC5462] where only the label value is valid, and 267 other fields MUST be considered invalid. The Length MUST be set 268 to 7. 270 o BT = 1: Similar to the case where BT is 0 except that all the 271 fields on the MPLS label entry are set on transmission. However, 272 the receiver MAY choose to override TC, S, and TTL values 273 according its local policy. The Length MUST be set to 8. 275 o BT = 2: The binding value is an SRv6 SID with a format of a 16 276 octet IPv6 address, representing the binding SID for SRv6. The 277 Length MUST be set to 20. 279 o BT = 3: The binding value is a 24 octet field, defined in 280 Section 3.1, that contains the SRv6 SID as well as its Behavior 281 and Structure. The Length MUST be set to 28. 283 Flags: 1 octet of flags. Following flags are defined in the new 284 registry "TE-PATH-BINDING TLV Flag field" as described in 285 Section 11.1.1: 287 0 1 2 3 4 5 6 7 288 +-+-+-+-+-+-+-+-+ 289 | |I|S| 290 +-+-+-+-+-+-+-+-+ 292 where: 294 o S-Flag: This flag encodes the "Specified-BSID-only" behavior. It 295 is used as described in Section 6.2.3 of 296 [I-D.ietf-spring-segment-routing-policy]. 298 o I-Flag: This flag encodes the "Drop Upon Invalid" behavior. It is 299 used as described in Section 8.2 of 300 [I-D.ietf-spring-segment-routing-policy]. 302 o Unassigned bits MUST be set to 0 while sending and ignored on 303 receipt. 305 Reserved: MUST be set to 0 while sending and ignored on receipt. 307 Binding Value: A variable-length field, padded with trailing zeros to 308 a 4-octet boundary. For the BT as 0, the 20 bits represent the MPLS 309 label. For the BT as 1, the 32-bits represent the label stack entry 310 as per [RFC5462]. For the BT as 2, the 128-bits represent the SRv6 311 SID. For the BT as 3, the Binding Value contains SRv6 Endpoint 312 Behavior and SID Structure, defined in Section 3.1. 314 3.1. SRv6 Endpoint Behavior and SID Structure 316 Carried as the Binding Value in the TE-PATH-BINDING TLV when the BT 317 is set to 3. Applicable for SRv6 Binding SIDs 318 [I-D.ietf-spring-srv6-network-programming]. 320 0 1 2 3 321 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 322 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 323 | SRv6 Binding SID (16 octets) | 324 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 325 | Reserved | Endpoint Behavior | 326 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 327 | LB Length | LN Length | Fun. Length | Arg. Length | 328 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 330 Figure 4: SRv6 Endpoint Behavior and SID Structure 332 Reserved: 2 octets. MUST be set to 0 on transmit and ignored on 333 receipt. 335 Endpoint Behavior: 2 octets. The Endpoint Behavior code point for 336 this SRv6 SID as defined in section 9.2 of 337 [I-D.ietf-spring-srv6-network-programming]. When set with the value 338 0, the choice of behavior is considered unset. 340 LB Length: 1 octet. SRv6 SID Locator Block length in bits. 342 LN Length: 1 octet. SRv6 SID Locator Node length in bits. 344 Function Length: 1 octet. SRv6 SID Function length in bits. 346 Argument Length: 1 octet. SRv6 SID Arguments length in bits. 348 4. Operation 350 The binding value is allocated by the PCC and reported to a PCE via 351 PCRpt message. If a PCE does not recognize the TE-PATH-BINDING TLV, 352 it would ignore the TLV in accordance with ([RFC5440]). If a PCE 353 recognizes the TLV but does not support the TLV, it MUST send PCErr 354 with Error-Type = 2 (Capability not supported). 356 If a TE-PATH-BINDING TLV is absent in the PCRpt message, PCE MUST 357 assume that the corresponding LSP does not have any binding. If a 358 PCE recognizes an invalid binding value (e.g., label value from the 359 reserved label space when MPLS label binding is used), it MUST send 360 the PCErr message with Error-Type = 10 ("Reception of an invalid 361 object") and Error Value = 2 ("Bad label value") as specified in 362 [RFC8664]. 364 Multiple TE-PATH-BINDING TLVs are allowed to be present in the same 365 LSP object. This signifies the presence of multiple binding SIDs for 366 the given LSP. 368 For SRv6 BSIDs, it is RECOMMENDED to always explicitly specify the 369 SRv6 Endpoint Behavior and SID Structure in the TE-PATH-BINDING TLV 370 by setting the BT (Binding Type) to 3, instead of 2. The choice of 371 interpreting SRv6 Endpoint Behavior and SID Structure when none is 372 explicitly specified is left up to the implementation. 374 If a PCE requires a PCC to allocate a specific binding value, it may 375 do so by sending a PCUpd or PCInitiate message containing a TE-PATH- 376 BINDING TLV. If the value can be successfully allocated, the PCC 377 reports the binding value to the PCE. If the PCC considers the 378 binding value specified by the PCE invalid, it MUST send a PCErr 379 message with Error-Type = TBD2 ("Binding label/SID failure") and 380 Error Value = TBD3 ("Invalid SID"). If the binding value is valid, 381 but the PCC is unable to allocate the binding value, it MUST send a 382 PCErr message with Error-Type = TBD2 ("Binding label/SID failure") 383 and Error Value = TBD4 ("Unable to allocate the specified label/ 384 SID"). 386 If a PCC receives TE-PATH-BINDING TLV in any message other than PCUpd 387 or PCInitiate, it MUST close the corresponding PCEP session with the 388 reason "Reception of a malformed PCEP message" (according to 389 [RFC5440]). Similarly, if a PCE receives a TE-PATH-BINDING TLV in 390 any message other than a PCRpt or if the TE-PATH-BINDING TLV is 391 associated with any object other than LSP object, the PCE MUST close 392 the corresponding PCEP session with the reason "Reception of a 393 malformed PCEP message" (according to [RFC5440]). 395 If a PCC wishes to withdraw or modify a previously reported binding 396 value, it MUST send a PCRpt message without any TE-PATH-BINDING TLV 397 or with the TE-PATH-BINDING TLV containing the new binding value 398 respectively. 400 If a PCE wishes to modify a previously requested binding value, it 401 MUST send a PCUpd message with TE-PATH-BINDING TLV containing the new 402 binding value. The absence of TE-PATH-BINDING TLV in PCUpd message 403 means that the PCE does not specify a binding value in which case the 404 binding value allocation is governed by the PCC's local policy. 406 If a PCC receives a valid binding value from a PCE which is different 407 than the current binding value, it MUST try to allocate the new 408 value. If the new binding value is successfully allocated, the PCC 409 MUST report the new value to the PCE. Otherwise, it MUST send a 410 PCErr message with Error-Type = TBD2 ("Binding label/SID failure") 411 and Error Value = TBD4 ("Unable to allocate the specified label/ 412 SID"). 414 In some cases, a stateful PCE can request the PCC to allocate a 415 binding value. It may do so by sending a PCUpd message containing an 416 empty TE-PATH-BINDING TLV, i.e., no binding value is specified 417 (making the length field of the TLV as 4). A PCE can also request 418 PCC to allocate a binding value at the time of initiation by sending 419 a PCInitiate message with an empty TE-PATH-BINDING TLV. If the PCC 420 is unable to allocate a binding value, it MUST send a PCErr message 421 with Error-Type = TBD2 ("Binding label/SID failure") and Error-Value 422 = TBD5 ("Unable to allocate label/SID"). 424 5. Binding SID in SR-ERO 426 In PCEP messages, LSP route information is carried in the Explicit 427 Route Object (ERO), which consists of a sequence of subobjects. 428 [RFC8664] defines a new ERO subobject "SR-ERO subobject" capable of 429 carrying a SID as well as the identity of the node/adjacency (NAI) 430 represented by the SID. The NAI Type (NT) field indicates the type 431 and format of the NAI contained in the SR-ERO. In case of binding 432 SID, the NAI MUST NOT be included and NT MUST be set to zero. So as 433 per Section 5.2.1 of [RFC8664], for NT=0, the F bit is set to 1, the 434 S bit needs to be zero and the Length is 8. Further, the M bit is 435 set. If these conditions are not met, the entire ERO MUST be 436 considered invalid and a PCErr message is sent with Error-Type = 10 437 ("Reception of an invalid object") and Error-Value = 11 ("Malformed 438 object"). 440 6. Binding SID in SRv6-ERO 442 [RFC8664] defines a new ERO subobject "SRv6-ERO subobject" for SRv6 443 SID. The NAI MUST NOT be included and NT MUST be set to zero. So as 444 per Section 5.2.1 of [RFC8664], for NT=0, the F bit is set to 1, the 445 S bit needs to be zero and the Length is 24. If these conditions are 446 not met, the entire ERO is considered invalid and a PCErr message is 447 sent with Error-Type = 10 ("Reception of an invalid object") and 448 Error-Value = 11 ("Malformed object") (as per [RFC8664]). 450 7. PCE Allocation of Binding SID 452 Section 4 already includes the scenario where a PCE requires a PCC to 453 allocate a specified binding value by sending a PCUpd or PCInitiate 454 message containing a TE-PATH-BINDING TLV. This section specify an 455 OPTIONAL feature for the PCE to allocate the binding label on its own 456 accord in the case where the PCE also controls the label space of the 457 PCC and can make the label allocation on its own as described in 458 [RFC8283]. Note that the act of requesting a specific binding value 459 (Section 4) is different from the act of allocating a binding label/ 460 SID as described in this section. 462 [RFC8283] introduces the architecture for PCE as a central controller 463 as an extension of the architecture described in [RFC4655] and 464 assumes the continued use of PCEP as the protocol used between PCE 465 and PCC. [I-D.ietf-pce-pcep-extension-for-pce-controller] specifies 466 the procedures and PCEP extensions for using the PCE as the central 467 controller. 469 For an implementation that supports PCECC operations as per 470 [I-D.ietf-pce-pcep-extension-for-pce-controller], the binding label/ 471 SID MAY also be allocated by the PCE itself. Both peers need to 472 exchange the PCECC capability as described in 473 [I-D.ietf-pce-pcep-extension-for-pce-controller] before PCE could 474 allocate the binding label/SID on its own. 476 A new P flag in the LSP object [RFC8231] is introduced to indicate 477 the allocation needs to be made by the PCE: 479 o P (PCE-allocated binding label/SID - TBD6): If the bit is set to 480 1, it indicates that the PCC requests PCE to make allocations for 481 this LSP. The TLV in LSP object identifies what should be 482 allocated, such as Binding label/SID. A PCC would set this bit to 483 1 and include a TE-PATH-BINDING TLV in the LSP object to request 484 for allocation of Binding label/SID by the PCE in the PCEP 485 message. A PCE would also set this bit to 1 and include a TE- 486 PATH-BINDING TLV to indicate that the Binding label/SID is 487 allocated by PCE and encoded in the PCEP message towards PCC. 488 Further, a PCE would set this bit to 0 and include a TE-PATH- 489 BINDING TLV in the LSP object to indicate that the Binding label/ 490 SID should be allocated by the PCC as described in Section 4. 492 Note that, 494 o a PCE could allocate the binding label/SID on its own accord for a 495 PCE-initiated or delegated LSP, and inform the PCC in the 496 PCInitiate message or PCUpd message by setting P=1 and including 497 TE-PATH-BINDING TLV in the LSP object. 499 o to let the PCC allocates the binding label/SID, a PCE could set 500 P=0 and empty TE-PATH-BINDING TLV ( i.e., no binding value is 501 specified) in the LSP object in PCInitiate/PCUpd message. 503 o a PCC could request that the PCE allocate the binding label/SID by 504 setting P=1, D=1, and empty TE-PATH-BINDING TLV in PCRpt message. 505 The PCE would allocate it and respond to the PCC with PCUpd 506 message including the allocated binding label/SID in the TE-PATH- 507 BINDING TLV and P=1, D=1 in the LSP object. 509 o if both peers have not exchanged the PCECC capabilities as per 510 [I-D.ietf-pce-pcep-extension-for-pce-controller] and it receives 511 P=1 in the LSP object, it needs to act as per 512 [I-D.ietf-pce-pcep-extension-for-pce-controller]: 514 * Send a PCErr message with Error-Type=19 (Invalid Operation) and 515 Error-Value=TBD (Attempted PCECC operations when PCECC 516 capability was not advertised) 518 * Terminate the PCEP session 520 It is assumed that the label range to be used by a PCE is known and 521 set on both PCEP peers. The exact mechanism is out of scope of 522 [I-D.ietf-pce-pcep-extension-for-pce-controller] or this document. 523 Note that the specific BSID could be from the PCE-controlled or the 524 PCC-controlled label space. PCE would directly allocate the label 525 from the PCE-controlled label space using P=1 as described above, 526 whereas PCE would request for the allocation of a specific BSID from 527 the PCC-controlled label space with P=0 as described in Section 4. 529 8. Implementation Status 531 [Note to the RFC Editor - remove this section before publication, as 532 well as remove the reference to RFC 7942.] 534 This section records the status of known implementations of the 535 protocol defined by this specification at the time of posting of this 536 Internet-Draft, and is based on a proposal described in [RFC7942]. 537 The description of implementations in this section is intended to 538 assist the IETF in its decision processes in progressing drafts to 539 RFCs. Please note that the listing of any individual implementation 540 here does not imply endorsement by the IETF. Furthermore, no effort 541 has been spent to verify the information presented here that was 542 supplied by IETF contributors. This is not intended as, and must not 543 be construed to be, a catalog of available implementations or their 544 features. Readers are advised to note that other implementations may 545 exist. 547 According to [RFC7942], "this will allow reviewers and working groups 548 to assign due consideration to documents that have the benefit of 549 running code, which may serve as evidence of valuable experimentation 550 and feedback that have made the implemented protocols more mature. 551 It is up to the individual working groups to use this information as 552 they see fit". 554 8.1. Huawei 556 o Organization: Huawei 558 o Implementation: Huawei's Router and Controller 559 o Description: An experimental code-point is used and plan to 560 request early code-point allocation from IANA after WG adoption. 562 o Maturity Level: Production 564 o Coverage: Full 566 o Contact: chengli13@huawei.com 568 8.2. Cisco 570 o Organization: Cisco Systems 572 o Implementation: Head-end and controller. 574 o Description: An experimental code-point is currently used. 576 o Maturity Level: Production 578 o Coverage: Full 580 o Contact: mkoldych@cisco.com 582 9. Security Considerations 584 The security considerations described in [RFC5440], [RFC8231], 585 [RFC8281] and [RFC8664] are applicable to this specification. No 586 additional security measure is required. 588 As described [RFC8664], SR allows a network controller to instantiate 589 and control paths in the network. A rouge PCE can manipulate binding 590 SID allocations to move traffic around for some other LSPs that uses 591 BSID in its SR-ERO. 593 Thus, as per [RFC8231], it is RECOMMENDED that these PCEP extensions 594 only be activated on authenticated and encrypted sessions across PCEs 595 and PCCs belonging to the same administrative authority, using 596 Transport Layer Security (TLS) [RFC8253], as per the recommendations 597 and best current practices in BCP195 [RFC7525] (unless explicitly set 598 aside in [RFC8253]). 600 10. Manageability Considerations 602 All manageability requirements and considerations listed in 603 [RFC5440], [RFC8231], and [RFC8664] apply to PCEP protocol extensions 604 defined in this document. In addition, requirements and 605 considerations listed in this section apply. 607 10.1. Control of Function and Policy 609 A PCC implementation SHOULD allow the operator to configure the 610 policy based on which PCC needs to allocates the binding label/SID. 612 10.2. Information and Data Models 614 The PCEP YANG module [I-D.ietf-pce-pcep-yang] could be extended to 615 include policy configuration for binding label/SID allocation. 617 10.3. Liveness Detection and Monitoring 619 Mechanisms defined in this document do not imply any new liveness 620 detection and monitoring requirements in addition to those already 621 listed in [RFC5440]. 623 10.4. Verify Correct Operations 625 Mechanisms defined in this document do not imply any new operation 626 verification requirements in addition to those already listed in 627 [RFC5440], [RFC8231], and [RFC8664]. 629 10.5. Requirements On Other Protocols 631 Mechanisms defined in this document do not imply any new requirements 632 on other protocols. 634 10.6. Impact On Network Operations 636 Mechanisms defined in [RFC5440], [RFC8231], and [RFC8664] also apply 637 to PCEP extensions defined in this document. Further, the mechanism 638 described in this document can help the operator to request control 639 of the LSPs at a particular PCE. 641 11. IANA Considerations 643 IANA maintains the "Path Computation Element Protocol (PCEP) Numbers" 644 registry. This document requests IANA actions to allocate code 645 points for the protocol elements defined in this document. 647 11.1. PCEP TLV Type Indicators 649 This document defines a new PCEP TLV; IANA is requested to make the 650 following allocations from the "PCEP TLV Type Indicators" subregistry 651 of the PCEP Numbers registry, as follows: 653 Value Description Reference 655 TBD1 TE-PATH-BINDING This document 657 11.1.1. TE-PATH-BINDING TLV 659 IANA is requested to create a new subregistry "TE-PATH-BINDING TLV BT 660 field" to manage the value of the Binding Type field in the TE-PATH- 661 BINDING TLV. Initial values for the subregistry are given below. 662 New values are assigned by Standards Action [RFC8126]. 664 Value Description Reference 666 0 MPLS Label This document 667 1 MPLS Label Stack This document 668 Entry 669 2 SRv6 SID This document 670 3 SRv6 SID with This document 671 Behavior and 672 Structure 674 IANA is requested to create a new subregistry "TE-PATH-BINDING TLV 675 Flag field" to manage the Flag field in the TE-PATH-BINDING TLV. New 676 values are to be assigned by Standards Action [RFC8126]. Each bit 677 should be tracked with the following qualities: 679 o Bit number (count from 0 as the most significant bit) 681 o Description 683 o Reference 685 Bit Description Reference 687 7 Specified-BSID-Only This document 688 Flag (S-Flag) 689 6 Drop Upon Invalid This document 690 Flag (I-Flag) 692 11.2. LSP Object 694 IANA is requested to allocate new code-point in the "LSP Object Flag 695 Field" sub-registry for the new P flag as follows: 697 Bit Description Reference 699 TBD6 PCE-allocated binding This document 700 label/SID 702 11.3. PCEP Error Type and Value 704 This document defines a new Error-type and Error-Values for the PCErr 705 message. IANA is requested to allocate new error-type and error- 706 values within the "PCEP-ERROR Object Error Types and Values" 707 subregistry of the PCEP Numbers registry, as follows: 709 Error-Type Meaning Error-value Reference 711 TBD2 Binding label/SID This 712 failure document 713 TBD3: Invalid SID This 714 document 715 TBD4: Unable to allocate the This 716 specified label/SID document 717 TBD5: Unable to allocate This 718 label/SID document 720 12. Acknowledgements 722 We like to thank Milos Fabian, Mrinmoy Das, and Andrew Stone for 723 their valuable comments. 725 13. References 727 13.1. Normative References 729 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 730 Requirement Levels", BCP 14, RFC 2119, 731 DOI 10.17487/RFC2119, March 1997, 732 . 734 [RFC5440] Vasseur, JP., Ed. and JL. Le Roux, Ed., "Path Computation 735 Element (PCE) Communication Protocol (PCEP)", RFC 5440, 736 DOI 10.17487/RFC5440, March 2009, 737 . 739 [RFC5462] Andersson, L. and R. Asati, "Multiprotocol Label Switching 740 (MPLS) Label Stack Entry: "EXP" Field Renamed to "Traffic 741 Class" Field", RFC 5462, DOI 10.17487/RFC5462, February 742 2009, . 744 [RFC7525] Sheffer, Y., Holz, R., and P. Saint-Andre, 745 "Recommendations for Secure Use of Transport Layer 746 Security (TLS) and Datagram Transport Layer Security 747 (DTLS)", BCP 195, RFC 7525, DOI 10.17487/RFC7525, May 748 2015, . 750 [RFC7942] Sheffer, Y. and A. Farrel, "Improving Awareness of Running 751 Code: The Implementation Status Section", BCP 205, 752 RFC 7942, DOI 10.17487/RFC7942, July 2016, 753 . 755 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 756 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 757 May 2017, . 759 [RFC8231] Crabbe, E., Minei, I., Medved, J., and R. Varga, "Path 760 Computation Element Communication Protocol (PCEP) 761 Extensions for Stateful PCE", RFC 8231, 762 DOI 10.17487/RFC8231, September 2017, 763 . 765 [RFC8253] Lopez, D., Gonzalez de Dios, O., Wu, Q., and D. Dhody, 766 "PCEPS: Usage of TLS to Provide a Secure Transport for the 767 Path Computation Element Communication Protocol (PCEP)", 768 RFC 8253, DOI 10.17487/RFC8253, October 2017, 769 . 771 [RFC8281] Crabbe, E., Minei, I., Sivabalan, S., and R. Varga, "Path 772 Computation Element Communication Protocol (PCEP) 773 Extensions for PCE-Initiated LSP Setup in a Stateful PCE 774 Model", RFC 8281, DOI 10.17487/RFC8281, December 2017, 775 . 777 [RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L., 778 Decraene, B., Litkowski, S., and R. Shakir, "Segment 779 Routing Architecture", RFC 8402, DOI 10.17487/RFC8402, 780 July 2018, . 782 [RFC8664] Sivabalan, S., Filsfils, C., Tantsura, J., Henderickx, W., 783 and J. Hardwick, "Path Computation Element Communication 784 Protocol (PCEP) Extensions for Segment Routing", RFC 8664, 785 DOI 10.17487/RFC8664, December 2019, 786 . 788 [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for 789 Writing an IANA Considerations Section in RFCs", BCP 26, 790 RFC 8126, DOI 10.17487/RFC8126, June 2017, 791 . 793 [I-D.ietf-spring-srv6-network-programming] 794 Filsfils, C., Camarillo, P., Leddy, J., Voyer, D., 795 Matsushima, S., and Z. Li, "SRv6 Network Programming", 796 draft-ietf-spring-srv6-network-programming-28 (work in 797 progress), December 2020. 799 [I-D.ietf-pce-pcep-extension-for-pce-controller] 800 Li, Z., Peng, S., Negi, M., Zhao, Q., and C. Zhou, "PCEP 801 Procedures and Protocol Extensions for Using PCE as a 802 Central Controller (PCECC) of LSPs", draft-ietf-pce-pcep- 803 extension-for-pce-controller-10 (work in progress), 804 January 2021. 806 13.2. Informative References 808 [RFC4655] Farrel, A., Vasseur, J., and J. Ash, "A Path Computation 809 Element (PCE)-Based Architecture", RFC 4655, 810 DOI 10.17487/RFC4655, August 2006, 811 . 813 [RFC8283] Farrel, A., Ed., Zhao, Q., Ed., Li, Z., and C. Zhou, "An 814 Architecture for Use of PCE and the PCE Communication 815 Protocol (PCEP) in a Network with Central Control", 816 RFC 8283, DOI 10.17487/RFC8283, December 2017, 817 . 819 [RFC8669] Previdi, S., Filsfils, C., Lindem, A., Ed., Sreekantiah, 820 A., and H. Gredler, "Segment Routing Prefix Segment 821 Identifier Extensions for BGP", RFC 8669, 822 DOI 10.17487/RFC8669, December 2019, 823 . 825 [I-D.ietf-spring-segment-routing-policy] 826 Filsfils, C., Talaulikar, K., Voyer, D., Bogdanov, A., and 827 P. Mattes, "Segment Routing Policy Architecture", draft- 828 ietf-spring-segment-routing-policy-09 (work in progress), 829 November 2020. 831 [I-D.ietf-pce-pcep-yang] 832 Dhody, D., Hardwick, J., Beeram, V., and J. Tantsura, "A 833 YANG Data Model for Path Computation Element 834 Communications Protocol (PCEP)", draft-ietf-pce-pcep- 835 yang-15 (work in progress), October 2020. 837 Appendix A. Contributor Addresses 839 Jonathan Hardwick 840 Metaswitch Networks 841 100 Church Street 842 Enfield, Middlesex 843 UK 845 EMail: Jonathan.Hardwick@metaswitch.com 847 Dhruv Dhody 848 Huawei Technologies 849 Divyashree Techno Park, Whitefield 850 Bangalore, Karnataka 560066 851 India 853 EMail: dhruv.ietf@gmail.com 855 Mahendra Singh Negi 856 RtBrick India 857 N-17L, Floor-1, 18th Cross Rd, HSR Layout Sector-3 858 Bangalore, Karnataka 560102 859 India 861 EMail: mahend.ietf@gmail.com 863 Mike Koldychev 864 Cisco Systems, Inc. 865 2000 Innovation Drive 866 Kanata, Ontario K2K 3E8 867 Canada 869 Email: mkoldych@cisco.com 871 Zafar Ali 872 Cisco Systems, Inc. 874 Email: zali@cisco.com 876 Authors' Addresses 878 Siva Sivabalan 879 Ciena Corporation 881 EMail: msiva282@gmail.com 882 Clarence Filsfils 883 Cisco Systems, Inc. 884 Pegasus Parc 885 De kleetlaan 6a, DIEGEM BRABANT 1831 886 BELGIUM 888 EMail: cfilsfil@cisco.com 890 Jeff Tantsura 891 Apstra, Inc. 893 EMail: jefftant.ietf@gmail.com 895 Stefano Previdi 896 Huawei Technologies 898 EMail: stefano@previdi.net 900 Cheng Li 901 Huawei Technologies 902 Huawei Campus, No. 156 Beiqing Rd. 903 Beijing 100095 904 China 906 EMail: c.l@huawei.com