idnits 2.17.1 draft-ietf-pce-binding-label-sid-12.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (24 January 2022) is 823 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 7525 (Obsoleted by RFC 9325) == Outdated reference: A later version (-25) exists of draft-ietf-pce-segment-routing-ipv6-11 == Outdated reference: A later version (-22) exists of draft-ietf-spring-segment-routing-policy-14 == Outdated reference: A later version (-23) exists of draft-ietf-pce-pcep-yang-17 Summary: 1 error (**), 0 flaws (~~), 4 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 PCE Working Group S. Sivabalan 3 Internet-Draft Ciena Corporation 4 Intended status: Standards Track C. Filsfils 5 Expires: 28 July 2022 Cisco Systems, Inc. 6 J. Tantsura 7 Microsoft Corporation 8 S. Previdi 9 C. Li, Ed. 10 Huawei Technologies 11 24 January 2022 13 Carrying Binding Label/Segment Identifier in PCE-based Networks. 14 draft-ietf-pce-binding-label-sid-12 16 Abstract 18 In order to provide greater scalability, network confidentiality, and 19 service independence, Segment Routing (SR) utilizes a Binding Segment 20 Identifier (BSID). It is possible to associate a BSID to an RSVP-TE- 21 signaled Traffic Engineering Label Switched Path or an SR Traffic 22 Engineering path. The BSID can be used by an upstream node for 23 steering traffic into the appropriate TE path to enforce SR policies. 24 This document specifies the concept of binding value, which can be 25 either an MPLS label or Segment Identifier. It further specifies an 26 extension to Path Computation Element (PCE) communication 27 Protocol(PCEP) for reporting the binding value by a Path Computation 28 Client (PCC) to the PCE to support PCE-based Traffic Engineering 29 policies. 31 Status of This Memo 33 This Internet-Draft is submitted in full conformance with the 34 provisions of BCP 78 and BCP 79. 36 Internet-Drafts are working documents of the Internet Engineering 37 Task Force (IETF). Note that other groups may also distribute 38 working documents as Internet-Drafts. The list of current Internet- 39 Drafts is at https://datatracker.ietf.org/drafts/current/. 41 Internet-Drafts are draft documents valid for a maximum of six months 42 and may be updated, replaced, or obsoleted by other documents at any 43 time. It is inappropriate to use Internet-Drafts as reference 44 material or to cite them other than as "work in progress." 46 This Internet-Draft will expire on 28 July 2022. 48 Copyright Notice 50 Copyright (c) 2022 IETF Trust and the persons identified as the 51 document authors. All rights reserved. 53 This document is subject to BCP 78 and the IETF Trust's Legal 54 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 55 license-info) in effect on the date of publication of this document. 56 Please review these documents carefully, as they describe your rights 57 and restrictions with respect to this document. Code Components 58 extracted from this document must include Revised BSD License text as 59 described in Section 4.e of the Trust Legal Provisions and are 60 provided without warranty as described in the Revised BSD License. 62 Table of Contents 64 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 65 1.1. Motivation and Example . . . . . . . . . . . . . . . . . 4 66 1.2. Summary of the Extension . . . . . . . . . . . . . . . . 5 67 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 5 68 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 69 4. Path Binding TLV . . . . . . . . . . . . . . . . . . . . . . 6 70 4.1. SRv6 Endpoint Behavior and SID Structure . . . . . . . . 8 71 5. Operation . . . . . . . . . . . . . . . . . . . . . . . . . . 9 72 6. Binding SID in SR-ERO . . . . . . . . . . . . . . . . . . . . 11 73 7. Binding SID in SRv6-ERO . . . . . . . . . . . . . . . . . . . 11 74 8. PCE Allocation of Binding label/SID . . . . . . . . . . . . . 11 75 9. Implementation Status . . . . . . . . . . . . . . . . . . . . 13 76 9.1. Huawei . . . . . . . . . . . . . . . . . . . . . . . . . 13 77 9.2. Cisco . . . . . . . . . . . . . . . . . . . . . . . . . . 14 78 10. Security Considerations . . . . . . . . . . . . . . . . . . . 14 79 11. Manageability Considerations . . . . . . . . . . . . . . . . 15 80 11.1. Control of Function and Policy . . . . . . . . . . . . . 15 81 11.2. Information and Data Models . . . . . . . . . . . . . . 15 82 11.3. Liveness Detection and Monitoring . . . . . . . . . . . 15 83 11.4. Verify Correct Operations . . . . . . . . . . . . . . . 15 84 11.5. Requirements On Other Protocols . . . . . . . . . . . . 15 85 11.6. Impact On Network Operations . . . . . . . . . . . . . . 15 86 12. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15 87 12.1. PCEP TLV Type Indicators . . . . . . . . . . . . . . . . 16 88 12.1.1. TE-PATH-BINDING TLV . . . . . . . . . . . . . . . . 16 89 12.2. LSP Object . . . . . . . . . . . . . . . . . . . . . . . 17 90 12.3. PCEP Error Type and Value . . . . . . . . . . . . . . . 17 91 13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 18 92 14. References . . . . . . . . . . . . . . . . . . . . . . . . . 18 93 14.1. Normative References . . . . . . . . . . . . . . . . . . 18 94 14.2. Informative References . . . . . . . . . . . . . . . . . 20 95 Appendix A. Contributor Addresses . . . . . . . . . . . . . . . 21 96 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 22 98 1. Introduction 100 A Path Computation Element (PCE) can compute Traffic Engineering 101 paths (TE paths) through a network where those paths are subject to 102 various constraints. Currently, TE paths are set up using either the 103 RSVP-TE signaling protocol or Segment Routing (SR). We refer to such 104 paths as RSVP-TE paths and SR-TE paths respectively in this document. 106 As per [RFC8402] SR allows a head-end node to steer a packet flow 107 along a given path via a Segment Routing Policy (SR Policy). As per 108 [I-D.ietf-spring-segment-routing-policy], an SR Policy is a framework 109 that enables the instantiation of an ordered list of segments on a 110 node for implementing a source routing policy with a specific intent 111 for traffic steering from that node. 113 As described in [RFC8402], a Binding Segment Identifier (BSID) is 114 bound to a Segment Routing (SR) Policy, instantiation of which may 115 involve a list of Segment Identifiers (SIDs). Any packets received 116 with an active segment equal to a BSID are steered onto the bound SR 117 Policy. A BSID may be either a local (SR Local Block (SRLB)) or a 118 global (SR Global Block (SRGB)) SID. As per Section 6.4 of 119 [I-D.ietf-spring-segment-routing-policy] a BSID can also be 120 associated with any type of interface or tunnel to enable the use of 121 a non-SR interface or tunnel as a segment in a SID list. In this 122 document, the term 'binding label/SID' is used to generalize the 123 allocation of binding value for both SR and non-SR paths. 125 [RFC5440] describes the PCEP for communication between a Path 126 Computation Client (PCC) and a PCE or between a pair of PCEs as per 127 [RFC4655]. [RFC8231] specifies extensions to PCEP that allow a PCC 128 to delegate its Label Switched Paths (LSPs) to a stateful PCE. A 129 stateful PCE can then update the state of LSPs delegated to it. 130 [RFC8281] specifies a mechanism allowing a PCE to dynamically 131 instantiate an LSP on a PCC by sending the path and characteristics. 132 This document specifies an extension to PCEP to manage of binding 133 label/SID for both SR and non-SR paths. 135 [RFC8664] provides a mechanism for a PCE (acting as a network 136 controller) to instantiate SR-TE paths (candidate paths) for an SR 137 Policy onto a head-end node (acting as a PCC) using PCEP. For more 138 information on the SR Policy Architecture, see 139 [I-D.ietf-spring-segment-routing-policy]. 141 1.1. Motivation and Example 143 A binding label/SID has local significance to the ingress node of the 144 corresponding TE path. When a stateful PCE is deployed for setting 145 up TE paths, a binding label/SID reported from the PCC to the 146 stateful PCE is useful for the purpose of enforcing end-to-end TE/SR 147 policy. A sample Data Center (DC) use-case is illustrated in 148 Figure 1. In the MPLS DC network, an SR LSP (without traffic 149 engineering) is established using a prefix SID advertised by BGP (see 150 [RFC8669]). In the IP/MPLS WAN, an SR-TE LSP is set up using the 151 PCE. The list of SIDs of the SR-TE LSP is {A, B, C, D}. The gateway 152 node 1 (which is the PCC) allocates a binding SID X and reports it to 153 the PCE. In order for the access node to steer the traffic over the 154 SR-TE LSP, the PCE passes the SID stack {Y, X} where Y is the prefix 155 SID of the gateway node-1 to the access node. In the absence of the 156 binding SID X, the PCE would pass the SID stack {Y, A, B, C, D} to 157 the access node. This example also illustrates the additional 158 benefit of using the binding label/SID to reduce the number of SIDs 159 imposed by the access nodes with a limited forwarding capacity. 161 SID stack 162 {Y, X} +-----+ 163 _ _ _ _ _ _ _ _ _ _ _ _ _ _| PCE | 164 | +-----+ 165 | ^ 166 | | Binding 167 | .-----. | SID (X) .-----. 168 | ( ) | ( ) 169 V .--( )--. | .--( )--. 170 +------+ ( ) +-------+ ( ) +-------+ 171 |Access|_( MPLS DC Network )_|Gateway|_( IP/MPLS WAN )_|Gateway| 172 | Node | ( ==============> ) |Node-1 | ( ================> ) |Node-2 | 173 +------+ ( SR path ) +-------+ ( SR-TE path ) +-------+ 174 '--( )--' Prefix '--( )--' 175 ( ) SID of ( ) 176 '-----' Node-1 '-----' 177 is Y SIDs for SR-TE LSP: 178 {A, B, C, D} 180 Figure 1: A Sample Use-case of Binding SID 182 Using the extension defined in this document, a PCC could report to 183 the stateful PCE the binding label/SID it allocated via a Path 184 Computation LSP State Report (PCRpt) message. It is also possible 185 for a stateful PCE to request a PCC to allocate a specific binding 186 label/SID by sending a Path Computation LSP Update Request (PCUpd) 187 message. If the PCC can successfully allocate the specified binding 188 value, it reports the binding value to the PCE. Otherwise, the PCC 189 sends an error message to the PCE indicating the cause of the 190 failure. A local policy or configuration at the PCC SHOULD dictate 191 if the binding label/SID needs to be assigned. 193 1.2. Summary of the Extension 195 To implement the needed changes to PCEP, in this document, we 196 introduce a new OPTIONAL TLV that a PCC can use in order to report 197 the binding label/SID associated with a TE LSP, or a PCE to request a 198 PCC to allocate a specific binding label/SID value. This TLV is 199 intended for TE LSPs established using RSVP-TE, SR, or any other 200 future method. Also, in the case of SR-TE LSPs, the TLV can carry a 201 binding label (for SR-TE path with MPLS data-plane) or a binding IPv6 202 SID (e.g., IPv6 address for SR-TE paths with IPv6 data-plane). 203 Throughout this document, the term "binding value" means either an 204 MPLS label or a SID. 206 As another way to use the extension specified in this document, to 207 support the PCE-based central controller [RFC8283] operation where 208 the PCE would take responsibility for managing some part of the MPLS 209 label space for each of the routers that it controls, the PCE could 210 directly make the binding label/SID allocation and inform the PCC. 211 See Section 8 for details. 213 In addition to specifying a new TLV, this document specifies how and 214 when a PCC and PCE can use this TLV, how they can can allocate a 215 binding label/SID, and associted error handling. 217 2. Requirements Language 219 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 220 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 221 "OPTIONAL" in this document are to be interpreted as described in BCP 222 14 [RFC2119] [RFC8174] when, and only when, they appear in all 223 capitals, as shown here. 225 3. Terminology 227 The following terminologies are used in this document: 229 BSID: Binding Segment Identifier. 231 binding label/SID: a generic term used for the binding segment for 232 both SR and non-SR paths. 234 binding value: a generic term used for the binding segment as it can 235 be encoded in various formats (as per the binding type(BT)). 237 LSP: Label Switched Path. 239 PCC: Path Computation Client. 241 PCEP: Path Computation Element communication Protocol. 243 RSVP-TE: Resource ReserVation Protocol-Traffic Engineering. 245 SID: Segment Identifier. 247 SR: Segment Routing. 249 4. Path Binding TLV 251 The new optional TLV called "TE-PATH-BINDING TLV" (whose format is 252 shown in Figure 2) is defined to carry the binding label/SID for a TE 253 path. This TLV is associated with the LSP object specified in 254 [RFC8231]. This TLV can also be carried in the PCEP-ERROR object 255 [RFC5440] in case of error. Multiple instances of TE-PATH-BINDING 256 TLVs MAY be present in the LSP and PCEP-ERROR object. The type of 257 this TLV is 55 (early allocated by IANA). The length is variable. 259 [Note to RFC Editor: Please remove "(early allocated by IANA)" before 260 publication] 262 0 1 2 3 263 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 264 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 265 | Type = 55 | Length | 266 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 267 | BT | Flags | Reserved | 268 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 269 ~ Binding Value (variable length) ~ 270 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 272 Figure 2: TE-PATH-BINDING TLV 274 TE-PATH-BINDING TLV is a generic TLV such that it is able to carry 275 binding label/SID (i.e. MPLS label or SRv6 SID). It is formatted 276 according to the rules specified in [RFC5440]. The value portion of 277 the TLV comprises: 279 Binding Type (BT): A one-octet field that identifies the type of 280 binding included in the TLV. This document specifies the following 281 BT values: 283 * BT = 0: The binding value is a 20-bit MPLS label value. The TLV 284 is padded to 4-bytes alignment. The Length MUST be set to 7 (the 285 padding is not included in the length, as per [RFC5440] 286 Section 7.1) and the first 20 bits are used to encode the MPLS 287 label value. 289 * BT = 1: The binding value is a 32-bit MPLS label stack entry as 290 per [RFC3032] with Label, TC [RFC5462], S, and TTL values encoded. 291 Note that the receiver MAY choose to override TC, S, and TTL 292 values according to its local policy. The Length MUST be set to 293 8. 295 * BT = 2: The binding value is an SRv6 SID with the format of a 296 16-octet IPv6 address, representing the binding SID for SRv6. The 297 Length MUST be set to 20. 299 * BT = 3: The binding value is a 24 octet field, defined in 300 Section 4.1, that contains the SRv6 SID as well as its Behavior 301 and Structure. The Length MUST be set to 28. 303 Section 12.1.1 defines the IANA registry used to maintain all these 304 binding types as well as any future ones. Note that multiple TE- 305 PATH-BINDING TLVs with different Binding Types MAY be present for the 306 same LSP. 308 Flags: 1 octet of flags. The following flag is defined in the new 309 registry "TE-PATH-BINDING TLV Flag field" as described in 310 Section 12.1.1: 312 0 1 2 3 4 5 6 7 313 +-+-+-+-+-+-+-+-+ 314 |R| | 315 +-+-+-+-+-+-+-+-+ 317 Figure 3: Flags 319 where: 321 * R (Removal - 1 bit): When set, the requesting PCEP peer requires 322 the removal of the binding value for the LSP. When unset, the 323 PCEP peer indicates that the binding value is added or retained 324 for the LSP. This flag is used in the PCRpt and PCUpd messages. 325 It is ignored in other PCEP messages. 327 * The unassigned flags MUST be set to 0 while sending and ignored on 328 receipt. 330 Reserved: MUST be set to 0 while sending and ignored on receipt. 332 Binding Value: A variable-length field, padded with trailing zeros to 333 a 4-octet boundary. When the BT is 0, the 20 bits represent the MPLS 334 label. When the BT is 1, the 32 bits represent the MPLS label stack 335 entry as per [RFC3032]. When the BT is 2, the 128 bits represent the 336 SRv6 SID. When the BT is 3, the Binding Value also contains the SRv6 337 Endpoint Behavior and SID Structure, defined in Section 4.1. 339 4.1. SRv6 Endpoint Behavior and SID Structure 341 This section specifies the format of the Binding Value in the TE- 342 PATH-BINDING TLV when the BT is set to 3 for the SRv6 Binding SIDs 343 [RFC8986]. The format is shown in Figure 4. 345 0 1 2 3 346 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 347 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 348 | SRv6 Binding SID (16 octets) | 349 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 350 | Reserved | Endpoint Behavior | 351 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 352 | LB Length | LN Length | Fun. Length | Arg. Length | 353 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 355 Figure 4: SRv6 Endpoint Behavior and SID Structure 357 The Binding Value consists of: 359 * SRv6 Binding SID: 16 octets. The 128-bit IPv6 address, 360 representing the binding SID for SRv6. 362 * Reserved: 2 octets. It MUST be set to 0 on transmit and ignored 363 on receipt. 365 * Endpoint Behavior: 2 octets. The Endpoint Behavior code point for 366 this SRv6 SID as per the IANA subregistry called "SRv6 Endpoint 367 Behaviors", created by [RFC8986]. When the field is set with the 368 value 0, the endpoint behavior is considered unknown. 370 * The following fields are used to advertise the length of each 371 individual part of the SRv6 SID as defined in [RFC8986]: 373 - LB Length: 1 octet. SRv6 SID Locator Block length in bits. 375 - LN Length: 1 octet. SRv6 SID Locator Node length in bits. 377 - Function Length: 1 octet. SRv6 SID Function length in bits. 379 - Argument Length: 1 octet. SRv6 SID Arguments length in bits. 381 5. Operation 383 The binding value is allocated by the PCC and reported to a PCE via a 384 PCRpt message. If a PCE does not recognize the TE-PATH-BINDING TLV, 385 it would ignore the TLV in accordance with [RFC5440]. If a PCE 386 recognizes the TLV but does not support the TLV, it MUST send a PCErr 387 with Error-Type = 2 (Capability not supported). 389 Multiple TE-PATH-BINDING TLVs are allowed to be present in the same 390 LSP object. This signifies the presence of multiple binding SIDs for 391 the given LSP. In the case of multiple TE-PATH-BINDING TLVs, the 392 existing instances of TE-PATH-BINDING TLVs MAY be included in the LSP 393 object. In case of an error condition, the whole message is rejected 394 and the resulting PCErr message MAY include the offending TE-PATH- 395 BINDING TLV in the PCEP-ERROR object. 397 If a PCE recognizes an invalid binding value (e.g., label value from 398 the reserved MPLS label space), it MUST send a PCErr message with 399 Error-Type = 10 ("Reception of an invalid object") and Error Value = 400 2 ("Bad label value") as specified in [RFC8664]. 402 For SRv6 BSIDs, it is RECOMMENDED to always explicitly specify the 403 SRv6 Endpoint Behavior and SID Structure in the TE-PATH-BINDING TLV 404 by setting the BT (Binding Type) to 3. This enables the sender to 405 have control of the SRv6 Endpoint Behavior and SID Structure. A 406 sender MAY choose to set the BT to 2, in which case the receiving 407 implementation chooses how to interpret the SRv6 Endpoint Behavior 408 and SID Structure according to local policy. 410 If a PCC wishes to withdraw a previously reported binding value, it 411 MUST send a PCRpt message with the specific TE-PATH-BINDING TLV with 412 R flag set to 1. If a PCC wishes to modify a previously reported 413 binding, it MUST withdraw the former binding value (with R flag set 414 in the former TE-PATH-BINDING TLV) and include a new TE-PATH-BINDING 415 TLV containing the new binding value. Note that other instances of 416 TE-PATH-BINDING TLVs that are unchanged MAY also be included. 418 If a PCE requires a PCC to allocate a (or several) specific binding 419 value(s), it may do so by sending a PCUpd or PCInitiate message 420 containing a TE-PATH-BINDING TLV(s). If the value(s) can be 421 successfully allocated, the PCC reports the binding value(s) to the 422 PCE. If the PCC considers the binding value specified by the PCE 423 invalid, it MUST send a PCErr message with Error-Type = TBD2 424 ("Binding label/SID failure") and Error Value = TBD3 ("Invalid SID"). 426 If the binding value is valid, but the PCC is unable to allocate the 427 binding value, it MUST send a PCErr message with Error-Type = TBD2 428 ("Binding label/SID failure") and Error Value = TBD4 ("Unable to 429 allocate the specified binding value"). Note that, in case of an 430 error, the PCC rejects the PCUpd or PCInitiate message in its 431 entirety and can include the offending TE-PATH-BINDING TLV in the 432 PCEP-ERROR object. 434 If a PCE wishes to request the withdrawal of a previously reported 435 binding value, it MUST send a PCUpd message with the specific TE- 436 PATH-BINDING TLV with R flag set to 1. If a PCE wishes to modify a 437 previously requested binding value, it MUST request the withdrawal of 438 the former binding value (with R flag set in the former TE-PATH- 439 BINDING TLV) and include a new TE-PATH-BINDING TLV containing the new 440 binding value. 442 In some cases, a stateful PCE may want to request that the PCC 443 allocate a binding value of the PCC's own choosing. It instructs the 444 PCC by sending a PCUpd message containing an empty TE-PATH-BINDING 445 TLV, i.e., no binding value is specified (bringing the Length field 446 of the TLV to 4). A PCE can also request a PCC to allocate a binding 447 value at the time of initiation by sending a PCInitiate message with 448 an empty TE-PATH-BINDING TLV. Only one such instance of empty TE- 449 PATH-BINDING TLV SHOULD be included in the LSP object and others 450 ignored on receipt. If the PCC is unable to allocate a new binding 451 value as per the specified BT, it MUST send a PCErr message with 452 Error-Type = TBD2 ("Binding label/SID failure") and Error-Value = 453 TBD5 ("Unable to allocate a new binding label/SID"). 455 As previously noted, if a message contains an invalid TE-PATH-BINDING 456 TLV that leads to an error condition, the whole message is rejected 457 including any other valid instances of TE-PATH-BINDING TLVs, if any. 458 The resulting error message MAY include the offending TE-PATH-BINDING 459 TLV in the PCEP-ERROR object. 461 If a PCC receives a TE-PATH-BINDING TLV in any message other than 462 PCUpd or PCInitiate, it MUST close the corresponding PCEP session 463 with the reason "Reception of a malformed PCEP message" (according to 464 [RFC5440]). Similarly, if a PCE receives a TE-PATH-BINDING TLV in 465 any message other than a PCRpt or if the TE-PATH-BINDING TLV is 466 associated with any object other than an LSP or PCEP-ERROR object, 467 the PCE MUST close the corresponding PCEP session with the reason 468 "Reception of a malformed PCEP message" (according to [RFC5440]). 470 If a TE-PATH-BINDING TLV is absent in the PCRpt message and no 471 binding values were reported before, the PCE MUST assume that the 472 corresponding LSP does not have any binding. Similarly, if TE-PATH- 473 BINDING TLV is absent in the PCUpd message and no binding values were 474 reported before, the PCC's local policy dictates how the binding 475 allocations are made for a given LSP. 477 6. Binding SID in SR-ERO 479 In PCEP messages, LSP route information is carried in the Explicit 480 Route Object (ERO), which consists of a sequence of subobjects. 481 [RFC8664] defines the "SR-ERO subobject" capable of carrying a SID as 482 well as the identity of the node/adjacency (NAI) represented by the 483 SID. The NAI Type (NT) field indicates the type and format of the 484 NAI contained in the SR-ERO. In case of binding SID, the NAI MUST 485 NOT be included and NT MUST be set to zero. [RFC8664] Section 5.2.1 486 specifies bit settings and error handling in the case when NT=0. 488 7. Binding SID in SRv6-ERO 490 [I-D.ietf-pce-segment-routing-ipv6] defines the "SRv6-ERO subobject" 491 for an SRv6 SID. Similarly to SR-ERO (Section 6), the NAI MUST NOT 492 be included and the NT MUST be set to zero. [RFC8664] Section 5.2.1 493 specifies bit settings and error handling in the case when NT=0. 495 8. PCE Allocation of Binding label/SID 497 Section 5 already includes the scenario where a PCE requires a PCC to 498 allocate a specified binding value by sending a PCUpd or PCInitiate 499 message containing a TE-PATH-BINDING TLV. This section specifies an 500 OPTIONAL feature for the PCE to allocate the binding label/SID of its 501 own accord in the case where the PCE also controls the label space of 502 the PCC and can make the label allocation on its own as described in 503 [RFC8283]. Note that the act of requesting a specific binding value 504 (Section 5) is different from the act of allocating a binding label/ 505 SID as described in this section. 507 [RFC8283] introduces the architecture for PCE as a central controller 508 as an extension of the architecture described in [RFC4655] and 509 assumes the continued use of PCEP as the protocol used between PCE 510 and PCC. [RFC9050] specifies the procedures and PCEP extensions for 511 using the PCE as the central controller. 513 When PCECC operations are supported as per [RFC9050], the binding 514 label/SID MAY also be allocated by the PCE itself. Both peers need 515 to exchange the PCECC capability as described in [RFC9050] before the 516 PCE can allocate the binding label/SID on its own. 518 A new P flag in the LSP object [RFC8231] is introduced to indicate 519 that the allocation needs to be made by the PCE: 521 * P (PCE-allocated binding label/SID): If the bit is set to 1, it 522 indicates that the PCC requests PCE to make allocations for this 523 LSP. The TE-PATH-BINDING TLV in the LSP object identifies that 524 the allocation is for a binding label/SID. A PCC MUST set this 525 bit to 1 and include a TE-PATH-BINDING TLV in the LSP object if it 526 wishes to request for allocation of binding label/SID by the PCE 527 in the PCEP message. A PCE MUST also set this bit to 1 and 528 include a TE-PATH-BINDING TLV to indicate that the binding label/ 529 SID is allocated by PCE and encoded in the PCEP message towards 530 the PCC. Further, a PCE MUST set this bit to 0 and include a TE- 531 PATH-BINDING TLV in the LSP object if it wishes to indicate that 532 the binding label/SID should be allocated by the PCC as described 533 in Section 5. 535 Note that - 537 * A PCE could allocate the binding label/SID of its own accord for a 538 PCE-initiated or delegated LSP, and inform the PCC in the 539 PCInitiate message or PCUpd message by setting P=1 and including 540 TE-PATH-BINDING TLV in the LSP object. 542 * To let the PCC allocate the binding label/SID, a PCE MUST set P=0 543 and include an empty TE-PATH-BINDING TLV ( i.e., no binding value 544 is specified) in the LSP object in PCInitiate/PCUpd message. 546 * To request that the PCE allocate the binding label/SID, a PCC MUST 547 set P=1, D=1, and include an empty TE-PATH-BINDING TLV in PCRpt 548 message. The PCE SHOULD allocate it and respond to the PCC with 549 PCUpd message including the allocated binding label/SID in the TE- 550 PATH-BINDING TLV and P=1, D=1 in the LSP object. If the PCE is 551 unable to allocate, it MUST send a PCErr message with Error-Type = 552 TBD2 ("Binding label/SID failure") and Error-Value = TBD5 ("Unable 553 to allocate a new binding label/SID"). 555 * If one or both speakers (PCE and PCC) have not indicated support 556 and willingness to use the PCEP extensions for the PCECC as per 557 [RFC9050] and a PCEP peer receives P=1 in the LSP object, it MUST: 559 - send a PCErr message with Error-Type=19 (Invalid Operation) and 560 Error-value=16 (Attempted PCECC operations when PCECC 561 capability was not advertised) and 563 - terminate the PCEP session. 565 * A legacy PCEP speaker that does not recognize the P flag in the 566 LSP object would ignore it in accordance with [RFC8231]. 568 It is assumed that the label range to be used by a PCE is known and 569 set on both PCEP peers. The exact mechanism is out of the scope of 570 [RFC9050] or this document. Note that the specific BSID could be 571 from the PCE-controlled or the PCC-controlled label space. The PCE 572 can directly allocate the label from the PCE-controlled label space 573 using P=1 as described above, whereas the PCE can request the 574 allocation of a specific BSID from the PCC-controlled label space 575 with P=0 as described in Section 5. 577 9. Implementation Status 579 [Note to the RFC Editor - remove this section before publication, as 580 well as remove the reference to RFC 7942.] 582 This section records the status of known implementations of the 583 protocol defined by this specification at the time of posting of this 584 Internet-Draft, and is based on a proposal described in [RFC7942]. 585 The description of implementations in this section is intended to 586 assist the IETF in its decision processes in progressing drafts to 587 RFCs. Please note that the listing of any individual implementation 588 here does not imply endorsement by the IETF. Furthermore, no effort 589 has been spent to verify the information presented here that was 590 supplied by IETF contributors. This is not intended as, and must not 591 be construed to be, a catalog of available implementations or their 592 features. Readers are advised to note that other implementations may 593 exist. 595 According to [RFC7942], "this will allow reviewers and working groups 596 to assign due consideration to documents that have the benefit of 597 running code, which may serve as evidence of valuable experimentation 598 and feedback that have made the implemented protocols more mature. 599 It is up to the individual working groups to use this information as 600 they see fit". 602 9.1. Huawei 604 * Organization: Huawei 606 * Implementation: Huawei's Router and Controller 608 * Description: An experimental code-point is used and will be 609 modified to the value allocated in this document. 611 * Maturity Level: Production 612 * Coverage: Full 614 * Contact: c.l@huawei.com 616 9.2. Cisco 618 * Organization: Cisco Systems 620 * Implementation: Head-end and controller. 622 * Description: An experimental code-point is used and will be 623 modified to the value allocated in this document. 625 * Maturity Level: Production 627 * Coverage: Full 629 * Contact: mkoldych@cisco.com 631 10. Security Considerations 633 The security considerations described in [RFC5440], [RFC8231], 634 [RFC8281] and [RFC8664] are applicable to this specification. No 635 additional security measure is required. 637 As described in [RFC8664], SR allows a network controller to 638 instantiate and control paths in the network. A rogue PCE can 639 manipulate binding SID allocations to move traffic around for some 640 other LSP that uses BSID in its SR-ERO. Note that path {A, B, BSID} 641 can be misdirected just by assigning the BSID value to a different 642 LSP making it a lot easier to misdirect traffic (and harder to 643 detect). 645 Note that in case of BT as 3, the manipulation of SID structure could 646 be exploited by falsifying the various length values. 648 Thus, as per [RFC8231], it is RECOMMENDED that these PCEP extensions 649 only be activated on authenticated and encrypted sessions across PCEs 650 and PCCs belonging to the same administrative authority, using 651 Transport Layer Security (TLS) [RFC8253], as per the recommendations 652 and best current practices in BCP195 [RFC7525] (unless explicitly set 653 aside in [RFC8253]). 655 11. Manageability Considerations 657 All manageability requirements and considerations listed in 658 [RFC5440], [RFC8231], and [RFC8664] apply to PCEP protocol extensions 659 defined in this document. In addition, requirements and 660 considerations listed in this section apply. 662 11.1. Control of Function and Policy 664 A PCC implementation SHOULD allow the operator to configure the 665 policy the PCC needs to apply when allocating the binding label/SID. 667 If BT is set to 2, the operator needs to have local policy set to 668 decide the SID structure and the SRv6 Endpoint Behavior of the BSID. 670 11.2. Information and Data Models 672 The PCEP YANG module [I-D.ietf-pce-pcep-yang] will be extended to 673 include policy configuration for binding label/SID allocation. 675 11.3. Liveness Detection and Monitoring 677 The mechanisms defined in this document do not imply any new liveness 678 detection and monitoring requirements in addition to those already 679 listed in [RFC5440]. 681 11.4. Verify Correct Operations 683 The mechanisms defined in this document do not imply any new 684 operation verification requirements in addition to those already 685 listed in [RFC5440], [RFC8231], and [RFC8664]. 687 11.5. Requirements On Other Protocols 689 The mechanisms defined in this document do not imply any new 690 requirements on other protocols. 692 11.6. Impact On Network Operations 694 The mechanisms defined in [RFC5440], [RFC8231], and [RFC8664] also 695 apply to the PCEP extensions defined in this document. 697 12. IANA Considerations 699 IANA maintains the "Path Computation Element Protocol (PCEP) Numbers" 700 registry. This document requests IANA actions to allocate code 701 points for the protocol elements defined in this document. 703 12.1. PCEP TLV Type Indicators 705 This document defines a new PCEP TLV; IANA is requested to confirm 706 the following early allocations from the "PCEP TLV Type Indicators" 707 subregistry of the PCEP Numbers registry, as follows: 709 +=======+=================+===============+ 710 | Value | Description | Reference | 711 +=======+=================+===============+ 712 +-------+-----------------+---------------+ 713 | 55 | TE-PATH-BINDING | This document | 714 +-------+-----------------+---------------+ 716 Table 1 718 12.1.1. TE-PATH-BINDING TLV 720 IANA is requested to create a new subregistry "TE-PATH-BINDING TLV BT 721 field" to manage the value of the Binding Type field in the TE-PATH- 722 BINDING TLV. Initial values for the subregistry are given below. 723 New values are assigned by Standards Action [RFC8126]. 725 +=======+======================================+===============+ 726 | Value | Description | Reference | 727 +=======+======================================+===============+ 728 +-------+--------------------------------------+---------------+ 729 | 0 | MPLS Label | This document | 730 +-------+--------------------------------------+---------------+ 731 | 1 | MPLS Label Stack Entry | This document | 732 +-------+--------------------------------------+---------------+ 733 | 2 | SRv6 SID | This document | 734 +-------+--------------------------------------+---------------+ 735 | 3 | SRv6 SID with Behavior and Structure | This document | 736 +-------+--------------------------------------+---------------+ 737 | 4-255 | Unassigned | This document | 738 +-------+--------------------------------------+---------------+ 740 Table 2 742 IANA is requested to create a new subregistry "TE-PATH-BINDING TLV 743 Flag field" to manage the Flag field in the TE-PATH-BINDING TLV. New 744 values are to be assigned by Standards Action [RFC8126]. Each bit 745 should be tracked with the following qualities: 747 * Bit number (count from 0 as the most significant bit) 749 * Description 750 * Reference 752 +=====+=============+===============+ 753 | Bit | Description | Reference | 754 +=====+=============+===============+ 755 +-----+-------------+---------------+ 756 | 0 | R (Removal) | This document | 757 +-----+-------------+---------------+ 758 | 1-7 | Unassigned | This document | 759 +-----+-------------+---------------+ 761 Table 3 763 12.2. LSP Object 765 IANA is requested to confirm the early allocation for a new code- 766 point in the "LSP Object Flag Field" sub-registry for the new P flag 767 as follows: 769 +=====+=================================+===============+ 770 | Bit | Description | Reference | 771 +=====+=================================+===============+ 772 +-----+---------------------------------+---------------+ 773 | 0 | PCE-allocated binding label/SID | This document | 774 +-----+---------------------------------+---------------+ 776 Table 4 778 12.3. PCEP Error Type and Value 780 This document defines a new Error-type and associated Error-Values 781 for the PCErr message. IANA is requested to allocate new error-type 782 and error-values within the "PCEP-ERROR Object Error Types and 783 Values" subregistry of the PCEP Numbers registry, as follows: 785 +============+================+========================+===========+ 786 | Error-Type | Meaning | Error-value | Reference | 787 +============+================+========================+===========+ 788 +------------+----------------+------------------------+-----------+ 789 | TBD2 | Binding label/ | 0: Unassigned | This | 790 | | SID failure | | document | 791 +------------+----------------+------------------------+-----------+ 792 | | | TBD3: Invalid SID | This | 793 | | | | document | 794 +------------+----------------+------------------------+-----------+ 795 | | | TBD4: Unable to | This | 796 | | | allocate the specified | document | 797 | | | binding value | | 798 +------------+----------------+------------------------+-----------+ 799 | | | TBD5: Unable to | This | 800 | | | allocate a new binding | document | 801 | | | label/SID | | 802 +------------+----------------+------------------------+-----------+ 804 Table 5 806 13. Acknowledgements 808 We would like to thank Milos Fabian, Mrinmoy Das, Andrew Stone, Tom 809 Petch, Aijun Wang, Olivier Dugeon, and Adrian Farrel for their 810 valuable comments. 812 Thanks to Julien Meuric for shepherding. Thanks to John Scudder for 813 the AD review. 815 Thanks to Theresa Enghardt for GENART review. 817 14. References 819 14.1. Normative References 821 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 822 Requirement Levels", BCP 14, RFC 2119, 823 DOI 10.17487/RFC2119, March 1997, 824 . 826 [RFC3032] Rosen, E., Tappan, D., Fedorkow, G., Rekhter, Y., 827 Farinacci, D., Li, T., and A. Conta, "MPLS Label Stack 828 Encoding", RFC 3032, DOI 10.17487/RFC3032, January 2001, 829 . 831 [RFC5440] Vasseur, JP., Ed. and JL. Le Roux, Ed., "Path Computation 832 Element (PCE) Communication Protocol (PCEP)", RFC 5440, 833 DOI 10.17487/RFC5440, March 2009, 834 . 836 [RFC5462] Andersson, L. and R. Asati, "Multiprotocol Label Switching 837 (MPLS) Label Stack Entry: "EXP" Field Renamed to "Traffic 838 Class" Field", RFC 5462, DOI 10.17487/RFC5462, February 839 2009, . 841 [RFC7525] Sheffer, Y., Holz, R., and P. Saint-Andre, 842 "Recommendations for Secure Use of Transport Layer 843 Security (TLS) and Datagram Transport Layer Security 844 (DTLS)", BCP 195, RFC 7525, DOI 10.17487/RFC7525, May 845 2015, . 847 [RFC7942] Sheffer, Y. and A. Farrel, "Improving Awareness of Running 848 Code: The Implementation Status Section", BCP 205, 849 RFC 7942, DOI 10.17487/RFC7942, July 2016, 850 . 852 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 853 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 854 May 2017, . 856 [RFC8231] Crabbe, E., Minei, I., Medved, J., and R. Varga, "Path 857 Computation Element Communication Protocol (PCEP) 858 Extensions for Stateful PCE", RFC 8231, 859 DOI 10.17487/RFC8231, September 2017, 860 . 862 [RFC8253] Lopez, D., Gonzalez de Dios, O., Wu, Q., and D. Dhody, 863 "PCEPS: Usage of TLS to Provide a Secure Transport for the 864 Path Computation Element Communication Protocol (PCEP)", 865 RFC 8253, DOI 10.17487/RFC8253, October 2017, 866 . 868 [RFC8281] Crabbe, E., Minei, I., Sivabalan, S., and R. Varga, "Path 869 Computation Element Communication Protocol (PCEP) 870 Extensions for PCE-Initiated LSP Setup in a Stateful PCE 871 Model", RFC 8281, DOI 10.17487/RFC8281, December 2017, 872 . 874 [RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L., 875 Decraene, B., Litkowski, S., and R. Shakir, "Segment 876 Routing Architecture", RFC 8402, DOI 10.17487/RFC8402, 877 July 2018, . 879 [RFC8664] Sivabalan, S., Filsfils, C., Tantsura, J., Henderickx, W., 880 and J. Hardwick, "Path Computation Element Communication 881 Protocol (PCEP) Extensions for Segment Routing", RFC 8664, 882 DOI 10.17487/RFC8664, December 2019, 883 . 885 [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for 886 Writing an IANA Considerations Section in RFCs", BCP 26, 887 RFC 8126, DOI 10.17487/RFC8126, June 2017, 888 . 890 [RFC8986] Filsfils, C., Ed., Camarillo, P., Ed., Leddy, J., Voyer, 891 D., Matsushima, S., and Z. Li, "Segment Routing over IPv6 892 (SRv6) Network Programming", RFC 8986, 893 DOI 10.17487/RFC8986, February 2021, 894 . 896 [RFC9050] Li, Z., Peng, S., Negi, M., Zhao, Q., and C. Zhou, "Path 897 Computation Element Communication Protocol (PCEP) 898 Procedures and Extensions for Using the PCE as a Central 899 Controller (PCECC) of LSPs", RFC 9050, 900 DOI 10.17487/RFC9050, July 2021, 901 . 903 [I-D.ietf-pce-segment-routing-ipv6] 904 Li, C., Negi, M., Sivabalan, S., Koldychev, M., 905 Kaladharan, P., and Y. Zhu, "PCEP Extensions for Segment 906 Routing leveraging the IPv6 data plane", Work in Progress, 907 Internet-Draft, draft-ietf-pce-segment-routing-ipv6-11, 10 908 January 2022, . 911 14.2. Informative References 913 [RFC4655] Farrel, A., Vasseur, J.-P., and J. Ash, "A Path 914 Computation Element (PCE)-Based Architecture", RFC 4655, 915 DOI 10.17487/RFC4655, August 2006, 916 . 918 [RFC8283] Farrel, A., Ed., Zhao, Q., Ed., Li, Z., and C. Zhou, "An 919 Architecture for Use of PCE and the PCE Communication 920 Protocol (PCEP) in a Network with Central Control", 921 RFC 8283, DOI 10.17487/RFC8283, December 2017, 922 . 924 [RFC8669] Previdi, S., Filsfils, C., Lindem, A., Ed., Sreekantiah, 925 A., and H. Gredler, "Segment Routing Prefix Segment 926 Identifier Extensions for BGP", RFC 8669, 927 DOI 10.17487/RFC8669, December 2019, 928 . 930 [I-D.ietf-spring-segment-routing-policy] 931 Filsfils, C., Talaulikar, K., Voyer, D., Bogdanov, A., and 932 P. Mattes, "Segment Routing Policy Architecture", Work in 933 Progress, Internet-Draft, draft-ietf-spring-segment- 934 routing-policy-14, 25 October 2021, 935 . 938 [I-D.ietf-pce-pcep-yang] 939 Dhody, D., Hardwick, J., Beeram, V. P., and J. Tantsura, 940 "A YANG Data Model for Path Computation Element 941 Communications Protocol (PCEP)", Work in Progress, 942 Internet-Draft, draft-ietf-pce-pcep-yang-17, 23 October 943 2021, . 946 Appendix A. Contributor Addresses 947 Jonathan Hardwick 948 Metaswitch Networks 949 33 Genotin Road 950 Enfield 951 United Kingdom 953 EMail: Jonathan.Hardwick@metaswitch.com 955 Dhruv Dhody 956 Huawei Technologies 957 Divyashree Techno Park, Whitefield 958 Bangalore, Karnataka 560066 959 India 961 EMail: dhruv.ietf@gmail.com 963 Mahendra Singh Negi 964 RtBrick India 965 N-17L, Floor-1, 18th Cross Rd, HSR Layout Sector-3 966 Bangalore, Karnataka 560102 967 India 969 EMail: mahend.ietf@gmail.com 971 Mike Koldychev 972 Cisco Systems, Inc. 973 2000 Innovation Drive 974 Kanata, Ontario K2K 3E8 975 Canada 977 Email: mkoldych@cisco.com 979 Zafar Ali 980 Cisco Systems, Inc. 982 Email: zali@cisco.com 984 Authors' Addresses 986 Siva Sivabalan 987 Ciena Corporation 989 Email: msiva282@gmail.com 990 Clarence Filsfils 991 Cisco Systems, Inc. 992 Pegasus Parc 993 BRABANT 1831 De kleetlaan 6a 994 Belgium 996 Email: cfilsfil@cisco.com 998 Jeff Tantsura 999 Microsoft Corporation 1001 Email: jefftant.ietf@gmail.com 1003 Stefano Previdi 1004 Huawei Technologies 1006 Email: stefano@previdi.net 1008 Cheng Li (editor) 1009 Huawei Technologies 1010 Huawei Campus, No. 156 Beiqing Rd. 1011 Beijing 1012 100095 1013 China 1015 Email: c.l@huawei.com