idnits 2.17.1 draft-ietf-pce-inter-layer-frwk-08.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** The document seems to lack a License Notice according IETF Trust Provisions of 28 Dec 2009, Section 6.b.i or Provisions of 12 Sep 2009 Section 6.b -- however, there's a paragraph with a matching beginning. Boilerplate error? -- It seems you're using the 'non-IETF stream' Licence Notice instead Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- Couldn't find a document date in the document -- date freshness check skipped. Checking references for intended status: Informational ---------------------------------------------------------------------------- No issues found here. Summary: 1 error (**), 0 flaws (~~), 1 warning (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Network Working Group E. Oki 2 Internet Draft Tokyo University of Electro-Communications 3 Category: Informational Tomonori Takeda 4 Created: January 6, 2009 NTT 5 Expires: July 6, 2009 J-L Le Roux 6 France Telecom 7 A. Farrel 8 Old Dog Consulting 10 Framework for PCE-Based Inter-Layer MPLS and GMPLS Traffic Engineering 12 draft-ietf-pce-inter-layer-frwk-08.txt 14 Status of this Memo 16 This Internet-Draft is submitted to IETF in full conformance with 17 the provisions of BCP 78 and BCP 79. 19 Internet-Drafts are working documents of the Internet Engineering 20 Task Force (IETF), its areas, and its working groups. Note that 21 other groups may also distribute working documents as Internet- 22 Drafts. 24 Internet-Drafts are draft documents valid for a maximum of six 25 months and may be updated, replaced, or obsoleted by other documents 26 at any time. It is inappropriate to use Internet-Drafts as reference 27 material or to cite them other than as "work in progress." 29 The list of current Internet-Drafts can be accessed at 30 http://www.ietf.org/ietf/1id-abstracts.txt. 32 The list of Internet-Draft Shadow Directories can be accessed at 33 http://www.ietf.org/shadow.html. 35 Abstract 37 A network may comprise multiple layers. It is important to globally 38 optimize network resource utilization, taking into account all 39 layers, rather than optimizing resource utilization at each layer 40 independently. This allows better network efficiency to be achieved 41 through a process that we call inter-layer traffic engineering. The 42 Path Computation Element (PCE) can be a powerful tool to achieve 43 inter-layer traffic engineering. 45 This document describes a framework for applying the PCE-based 46 architecture to inter-layer Multiprotocol Label Switching (MPLS) and 47 Generalized MPLS (GMPLS) traffic engineering. It provides 48 suggestions for the deployment of PCE in support of multi-layer 49 networks. This document also describes network models where PCE 50 performs inter-layer traffic engineering, and the relationship 51 between PCE and a functional component called the Virtual Network 52 Topology Manager (VNTM). 54 Table of Contents 56 1. Introduction....................................................3 57 1.1. Terminology...................................................4 58 2. Inter-Layer Path Computation....................................4 59 3. Inter-Layer Path Computation Models.............................6 60 3.1. Single PCE Inter-Layer Path Computation.......................6 61 3.2. Multiple PCE Inter-Layer Path Computation.....................7 62 3.3. General Observations..........................................8 63 4. Inter-Layer Path Control........................................9 64 4.1. VNT Management................................................9 65 4.2. Inter-Layer Path Control Models...............................9 66 4.2.1. PCE-VNTM Cooperation Model..................................9 67 4.2.2. Higher-Layer Signaling Trigger Model.......................11 68 4.2.3. NMS-VNTM Cooperation Model.................................15 69 4.2.4. Possible Combinations of Inter-Layer Path Computation and 70 Inter-Layer Path Control Models..........................17 71 5. Choosing Between Inter-Layer Path Control Models...............18 72 5.1. VNTM Functions...............................................18 73 5.2. Border LSR Functions.........................................19 74 5.3. Complete Inter-Layer LSP Setup Time..........................19 75 5.4. Network Complexity...........................................20 76 5.5. Separation of Layer Management...............................20 77 6. Stability Considerations.......................................21 78 7. IANA Considerations............................................21 79 8. Manageability Considerations...................................22 80 8.1. Control of Function and Policy...............................22 81 8.1.1. Control of Inter-Layer Computation Function................22 82 8.1.2. Control of Per-Layer Policy................................22 83 8.1.3. Control of Inter-Layer Policy..............................23 84 8.2. Information and Data Models..................................23 85 8.3. Liveness Detection and Monitoring............................24 86 8.4. Verifying Correct Operation..................................24 87 8.5. Requirements on Other Protocols and Functional Components....25 88 8.6. Impact on Network Operation..................................25 89 9. Security Considerations........................................25 90 10. Acknowledgments...............................................27 91 11. References....................................................27 92 11.1. Normative Reference.........................................27 93 11.2. Informative Reference.......................................27 94 12. Authors's Addresses...........................................28 95 13. Intellectual Property Statement...............................29 96 14. Full Copyright Statement......................................29 98 1. Introduction 100 A network may comprise multiple layers. These layers may represent 101 separations of technologies (e.g., packet switch capable (PSC), time 102 division multiplex (TDM), or lambda switch capable (LSC)) [RFC3945], 103 separation of data plane switching granularity levels (e.g., PSC-1, 104 PSC-2, VC4, or VC12) [RFC5212], or a distinction between client and 105 server networking roles. In this multi-layer network, Label Switched 106 Paths (LSPs) in a lower layer are used to carry higher-layer LSPs 107 across the lower-layer network. The network topology formed by 108 lower-layer LSPs and advertised as traffic engineering links (TE 109 links) in the higher layer network is called the Virtual Network 110 Topology (VNT) [RFC5212]. 112 It may be effective to optimize network resource utilization 113 globally, i.e., taking into account all layers, rather than 114 optimizing resource utilization at each layer independently. This 115 allows better network efficiency to be achieved and is what we call 116 inter-layer traffic engineering. This includes mechanisms allowing 117 the computation of end-to-end paths across layers (known as inter- 118 layer path computation), and mechanisms for control and management 119 of the Virtual Network Topology (VNT) by setting up and releasing 120 LSPs in the lower layers [RFC5212]. 122 Inter-layer traffic engineering is included in the scope of the Path 123 Computation Element (PCE)-based architecture [RFC4655], and PCE can 124 provide a suitable mechanism for resolving inter-layer path 125 computation issues. 127 PCE Communication Protocol requirements for inter-layer traffic 128 engineering are set out in [PCE-INTER-LAYER-REQ]. 130 This document describes a framework for applying the PCE-based 131 architecture to inter-layer traffic engineering. It provides 132 suggestions for the deployment of PCE in support of multi-layer 133 networks. This document also describes network models where PCE 134 performs inter-layer traffic engineering, and the relationship 135 between PCE and a functional component in charge of the control and 136 management of the VNT, called the Virtual Network Topology Manager 137 (VNTM). 139 1.1. Terminology 141 This document uses terminology from the PCE-based path computation 142 architecture [RFC4655] and also common terminology from Multi 143 Protocol Label Switching (MPLS) [RFC3031], Generalized MPLS (GMPLS) 144 [RFC3945], and Multi-Layer Networks [RFC5212]. 146 2. Inter-Layer Path Computation 148 This section describes key topics of inter-layer path computation in 149 MPLS and GMPLS networks. 151 [RFC4206] defines a way to signal a higher-layer LSP, which has an 152 explicit route that includes hops traversed by LSPs in lower layers. 153 The computation of end-to-end paths across layers is called Inter- 154 Layer Path Computation. 156 A Label Switching Router (LSR) in the higher-layer might not have 157 information on the topology of the lower-layer, particularly in an 158 overlay or augmented model deployment, and hence may not be able to 159 compute an end-to-end path across layers. 161 PCE-based Inter-Layer Path Computation consists of using one or more 162 PCEs to compute an end-to-end path across layers. This could be 163 achieved by a single PCE path computation where the PCE has topology 164 information about multiple layers and can directly compute an end- 165 to-end path across layers considering the topology of all of the 166 layers. Alternatively, the inter-layer path computation could be 167 performed as a multiple PCE computation where each member of a set 168 of PCEs has information about the topology of one or more layers 169 (but not all layers), and the PCEs collaborate to compute an end-to- 170 end path. 172 ----- ----- ----- ----- 173 | LSR |--| LSR |................| LSR |--| LSR | 174 | H1 | | H2 | | H3 | | H4 | 175 ----- -----\ /----- ----- 176 \----- -----/ 177 | LSR |--| LSR | 178 | L1 | | L2 | 179 ----- ----- 181 Figure 1 - A Simple Example of a Multi-Layer Network. 183 Consider, for instance, the two-layer network shown in Figure 1, 184 where the higher-layer network is a packet-based IP/MPLS or GMPLS 185 network (LSRs H1, H2, H3, and H4), and the lower-layer network 186 (LSRs, H2, L1, L2, and H3) is a GMPLS optical network. An ingress 187 LSR in the higher-layer network (H1) tries to set up an LSP to an 188 egress LSR (H4) also in the higher-layer network across the lower- 189 layer network, and needs a path in the higher-layer network. However, 190 suppose that there is no TE link in the higher-layer network between 191 the border LSRs located on the boundary between the higher-layer and 192 lower-layer networks (H2 and H3). Suppose also that the ingress LSR 193 does not have topology visibility into the lower layer. If a single- 194 layer path computation is applied in the higher-layer, the path 195 computation fails because of the missing TE link. On the other hand, 196 inter-layer path computation is able to provide a route in the 197 higher-layer (H1-H2-H3-H4) and a suggestion that a lower-layer LSP 198 be set up between the border LSRs (H2-L1-L2-H3). 200 Lower-layer LSPs that are advertised as TE links into the higher- 201 layer network form a Virtual Network Topology (VNT) that can be used 202 for routing higher-layer LSPs. Inter-layer path computation for end- 203 to-end LSPs in the higher-layer network that span the lower-layer 204 network may utilize the VNT, and PCE is a candidate for computing 205 the paths of such higher-layer LSPs within the higher-layer network. 206 Alternatively, the PCE-based path computation model can: 208 - Perform a single computation on behalf of the ingress LSR using 209 information gathered from more than one layer. This mode is 210 referred to as Single PCE Computation in [RFC4655]. 212 - Compute a path on behalf of the ingress LSR through cooperation 213 with PCEs responsible for each layer. This mode is referred to as 214 Multiple PCE Computation with inter-PCE communication in [RFC4655]. 216 - Perform separate path computations on behalf of the TE-LSP head- 217 end and each transit border LSR that is the entry point to a new 218 layer. This mode is referred to as Multiple PCE Computation 219 (without inter-PCE communication) in [RFC4655]. This option 220 utilizes per-layer path computation performed independently by 221 successive PCEs. 223 The PCE invoked by the head-end LSR computes a path that the LSR can 224 use to signal an MPLS-TE or GMPLS LSP once the path information has 225 been converted to an Explicit Route Object (ERO) for use in RSVP-TE 226 signaling. There are two options. 228 - Option 1: Mono-layer path. 230 The PCE computes a "mono-layer" path, i.e., a path that includes 231 only TE links from the same layer. There are two cases for this 232 option. In the first case the PCE computes a path that includes 233 already established lower-layer LSPs or lower-layer LSPs to be 234 established on demand. That is, the resulting ERO includes sub- 235 object(s) corresponding to lower-layer hierarchical LSPs expressed 236 as the TE link identifiers of the hierarchical LSPs when advertised 237 as TE links in the higher-layer network. The TE link may be a 238 regular TE link that is actually established, or a virtual TE link 239 that is not established yet (see [RFC5212]). If it is a virtual TE 240 link, this triggers a setup attempt for a new lower-layer LSP when 241 signaling reaches the head-end of the lower-layer LSP. Note that 242 the path of a virtual TE link is not necessarily known in advance, 243 and this may require a further (lower-layer) path computation. 245 The second case is that the PCE computes a path that includes a 246 loose hop that spans the lower-layer network. The higher layer path 247 computation selects which lower layer network to use, and selects 248 the entry and exit points of that lower-layer network, but does not 249 select the path across the lower-layer network. A transit LSR that 250 is the entry point to the lower-layer network is expected to expand 251 the loose hop (either itself or relying on the services of a PCE). 252 The path expansion process on the border LSR may result either in 253 the selection of an existing lower-layer LSP, or in the computation 254 and setup of a new lower-layer LSP. 256 - Option 2: Multi-layer path. 258 The PCE computes a "multi-layer" path, i.e., a path that includes 259 TE links from distinct layers [RFC4206]. Such a path can include 260 the complete path of one or more lower-layer LSPs that already 261 exist or are not yet established. In the latter case, the signaling 262 of the higher-layer LSP will trigger the establishment of the 263 lower-layer LSPs. 265 3. Inter-Layer Path Computation Models 267 As stated in Section 2, two PCE modes defined in the PCE architecture 268 can be used to perform inter-layer path computation. They are 269 discussed in the sections that follow. 271 3.1. Single PCE Inter-Layer Path Computation 273 In this model inter-layer path computation is performed by a single 274 PCE that has topology visibility into all layers. Such a PCE is 275 called a multi-layer PCE. 277 In Figure 2, the network is comprised of two layers. LSRs H1, H2, H3, 278 and H4 belong to the higher layer, and LSRs H2, H3, L1, and L2 279 belong to the lower layer. The PCE is a multi-layer PCE that has 280 visibility into both layers. It can perform end-to-end path 281 computation across layers (single PCE path computation). For 282 instance, it can compute an optimal path H1-H2-L1-L2-H3-H4, for a 283 higher layer LSP from H1 to H4. This path includes the path of a 284 lower layer LSP from H2 to H3, already in existence or not yet 285 established. 287 ----- 288 | PCE | 289 ----- 290 ----- ----- ----- ----- 291 | LSR |--| LSR |................| LSR |--| LSR | 292 | H1 | | H2 | | H3 | | H4 | 293 ----- -----\ /----- ----- 294 \----- -----/ 295 | LSR |--| LSR | 296 | L1 | | L2 | 297 ----- ----- 299 Figure 2: Single PCE Inter-Layer Path Computation 301 3.2. Multiple PCE Inter-Layer Path Computation 303 In this model there is at least one PCE per layer, and each PCE has 304 topology visibility restricted to its own layer. Some providers may 305 want to keep the layer boundaries due to factors such as 306 organizational and/or service management issues. The choice for 307 multiple PCE computation instead of single PCE computation may also 308 be driven by scalability considerations, as in this mode a PCE only 309 needs to maintain topology information for one layer (resulting in a 310 size reduction for the Traffic Engineering Database (TED)). 312 These PCEs are called mono-layer PCEs. Mono-layer PCEs collaborate 313 to compute an end-to-end optimal path across layers. 315 Figure 3 shows multiple PCE inter-layer computation with inter-PCE 316 communication. There is one PCE in each layer. The PCEs from each 317 layer collaborate to compute an end-to-end path across layers. PCE 318 Hi is responsible for computations in the higher layer and may 319 "consult" with PCE Lo to compute paths across the lower layer. PCE 320 Lo is responsible for path computation in the lower layer. A simple 321 example of cooperation between the PCEs could be as follows: 323 - LSR H1 sends a request for a path H1-H4 to PCE Hi 324 - PCE Hi selects H2 as the entry point to the lower layer, and H3 as 325 the exit point. 326 - PCE Hi requests a path H2-H3 from PCE Lo. 327 - PCE Lo returns H2-L1-L2-H3 to PCE Hi. 328 - PEC Hi is now able to compute the full path (H1-H2-L1-L2-H3-H4) 329 and return it to H1. 331 Of course, more complex cooperation may be required if an optimal 332 end-to-end path is desired. 334 ----- 335 | PCE | 336 | Hi | 337 --+-- 338 | 339 ----- ----- | ----- ----- 340 | LSR |--| LSR |............|...........| LSR |--| LSR | 341 | H1 | | H2 | | | H3 | | H4 | 342 ----- -----\ --+-- /----- ----- 343 \ | PCE | / 344 \ | Lo | / 345 \ ----- / 346 \ / 347 \----- -----/ 348 | LSR |--| LSR | 349 | L1 | | L2 | 350 ----- ----- 352 Figure 3: Multiple PCE Inter-Layer Path Computation with Inter-PCE 353 Communication 355 Figure 4 shows multiple PCE inter-layer path computation without 356 inter-PCE communication. As described in Section 2, separate path 357 computations are performed on behalf of the TE-LSP head-end and each 358 transit border LSR that is the entry point to a new layer. 360 ----- 361 | PCE | 362 | Hi | 363 ----- 365 ----- ----- ----- ----- 366 | LSR |--| LSR |........................| LSR |--| LSR | 367 | H1 | | H2 | | H3 | | H4 | 368 ----- -----\ ----- /----- ----- 369 \ | PCE | / 370 \ | Lo | / 371 \ ----- / 372 \ / 373 \----- -----/ 374 | LSR |--| LSR | 375 | L1 | | L2 | 376 ----- ----- 378 Figure 4: Multiple PCE Inter-layer Path Computation Without Inter- 379 PCE Communication 381 3.3. General Observations 383 - Depending on implementation details, the time to perform inter- 384 layer path computation in the single PCE inter-layer path 385 computation model may be less than that of the multiple PCE model 386 with cooperating mono-layer PCEs, because there is no requirement 387 to exchange messages between cooperating PCEs. 389 - When TE topology for all layer networks is visible within one 390 routing domain, the single PCE inter-layer path computation model 391 may be adopted because a PCE is able to collect all layers' TE 392 topologies by participating in only one routing domain. 394 - As the single PCE inter-layer path computation model uses more TE 395 topology information in one computation than is used by PCEs in the 396 multiple PCE path computation model, it requires more computation 397 power and memory. 399 When there are multiple candidate layer border nodes (we may say 400 that the higher layer is multi-homed), optimal path computation 401 requires that all the possible paths transiting different layer 402 border nodes or links be examined. This is relatively simple in the 403 single PCE inter-layer path computation model because the PCE has 404 full visibility - the computation is similar to the computation 405 within a single domain of a single layer. In the multiple PCE inter- 406 layer path computation model, backward recursive techniques 407 described in [BRPC] could be used, by considering layers as separate 408 domains. 410 4. Inter-Layer Path Control 412 4.1. VNT Management 414 As a result of mono-layer path computation, a PCE may determine that 415 there is insufficient bandwidth available in the higher-layer 416 network to support this or future higher-layer LSPs. The problem 417 might be resolved if new LSPs were provisioned across the lower- 418 layer network. Furthermore, the modification, re-organization and 419 new provisioning of lower-layer LSPs may enable better utilization 420 of lower-layer network resources given the demands of the higher- 421 layer network. In other words, the VNT needs to be controlled or 422 managed in cooperation with inter-layer path computation. 424 A VNT Manager (VNTM) is defined as a functional element that manages 425 and controls the VNT. PCE and VNT Manager are distinct functional 426 elements that may or may not be co-located. 428 4.2. Inter-Layer Path Control Models 430 4.2.1. PCE-VNTM Cooperation Model 432 ----- ------ 433 | PCE |--->| VNTM | 434 ----- ------ 435 ^ : 436 : : 437 : : 438 v V 439 ----- ----- ----- ----- 440 | LSR |----| LSR |................| LSR |----| LSR | 441 | H1 | | H2 | | H3 | | H4 | 442 ----- -----\ /----- ----- 443 \----- -----/ 444 | LSR |--| LSR | 445 | L1 | | L2 | 446 ----- ----- 448 Figure 5: PCE-VNTM Cooperation Model 450 A multi-layer network consists of higher-layer and lower-layer 451 networks. LSRs H1, H2, H3, and H4 belong to the higher-layer network, 452 LSRs H2, L1, L2, and H3 belong to the lower-layer network, as shown 453 in Figure 5. The case of single PCE inter-layer path computation is 454 considered here to explain the cooperation model between PCE and 455 VNTM, but multiple PCE path computation with or without inter-PCE 456 communication can also be applied to this model. 458 Consider that H1 requests the PCE to compute an inter-layer path 459 between H1 and H4. There is no TE link in the higher-layer between 460 H2 and H3 before the path computation request, so the request fails. 461 But the PCE may provide information to the VNT Manager responsible 462 for the lower layer network that may help resolve the situation for 463 future higher-layer LSP setup. 465 The roles of PCE and VNTM are as follows. PCE performs inter-layer 466 path computation and is unable to supply a path because there is no 467 TE link between H2 and H3. The computation fails, but PCE suggests 468 to VNTM that a lower-layer LSP (H2-H3) could be established to 469 support future LSP requests. Messages from PCE to VNTM contain 470 information about the higher-layer demand (from H2 to H3), and may 471 include a suggested path in the lower layer (if the PCE has 472 visibility into the lower layer network). VNTM uses local policy and 473 possibly management/configuration input to determine how to process 474 the suggestion from PCE, and may request an ingress LSR (e.g. H2) to 475 establish a lower-layer LSP. VNTM or the ingress LSR (H2) may 476 themselves use a PCE with visibility into the lower layer to compute 477 the path of this new LSP. 479 When the higher-layer PCE fails to compute a path and notifies VNTM, 480 it may wait for the lower-layer LSP to be set up and advertised as a 481 TE link. PCE may have a timer. After TED is updated within a 482 specified duration, PCE will know a new TE link. It could then 483 compute the complete end-to-end path for the higher-layer LSP and 484 return the result to the PCC. In this case, the PCC may be kept 485 waiting for some time, and it is important that the PCC understands 486 this. It is also important that the PCE and VNTM have an agreement 487 that the lower-layer LSP will be set up in a timely manner, or that 488 the PCE will be notified by VNTM that no new LSP will become 489 available. In any case, if the PCE decides to wait, it must operate 490 a timeout. An example of such a cooperative procedure between PCE 491 and VNTM is as follows using the example network in Figure 4. 493 Step 1: H1 (PCC) requests PCE to compute a path between H1 and H4. 495 Step 2: The path computation fails because there is no TE link 496 across the lower-layer network. 498 Step 3: PCE suggests to VNTM that a new TE link connecting H2 and H3 499 would be useful. The PCE notifies VNTM that it will be waiting for 500 the TE link to be created. VNTM considers whether lower-layer LSPs 501 should be established if necessary and if acceptable within VNTM's 502 policy constraints. 504 Step 4: VNTM requests an ingress LSR in the lower-layer network 505 (e.g., H2) to establish a lower-layer LSP. The request message may 506 include a lower-layer LSP route obtained from the PCE responsible 507 for the lower-layer network. 509 Step 5: The ingress LSR signals to establish the lower-layer LSP. 511 Step 6: If the lower-layer LSP setup is successful, the ingress LSR 512 notifies VNTM that the LSP is complete and supplies the tunnel 513 information. 515 Step 7: The ingress LSR (H2) advertises the new LSP as a TE link in 516 the higher-layer network routing instance. 518 Step 8: PCE notices the new TE link advertisement and recomputes the 519 requested path. 521 Step 9: PCE replies to H1 (PCC) with a computed higher-layer LSP 522 route. The computed path is categorized as a mono-layer path that 523 includes the already-established lower layer-LSP as a single hop in 524 the higher layer. The higher-layer route is specified as H1-H2-H3-H4, 525 where all hops are strict. 527 Step 9: H1 initiates signaling with the computed path H2-H3-H4 to 528 establish the higher-layer LSP. 530 4.2.2. Higher-Layer Signaling Trigger Model 532 ----- 533 | PCE | 534 ----- 535 ^ 536 : 537 : 538 v 539 ----- ----- ----- ----- 540 | LSR |----| LSR |................| LSR |--| LSR | 541 | H1 | | H2 | | H3 | | H4 | 542 ----- -----\ /----- ----- 543 \----- -----/ 544 | LSR |--| LSR | 545 | L1 | | L2 | 546 ----- ----- 548 Figure 6: Higher-layer Signaling Trigger Model 550 Figure 6 shows the higher-layer signaling trigger model. The case of 551 single PCE path computation is considered to explain the higher- 552 layer signaling trigger model here, but multiple PCE path 553 computation with/without inter-PCE communication can also be applied 554 to this model. 556 As in the case described in Section 4.2.1, consider that H1 requests 557 PCE to compute a path between H1 and H4. There is no TE link in the 558 higher-layer between H2 and H3 before the path computation request. 560 PCE is unable to compute a mono-layer path, but may judge that the 561 establishment of a lower-layer LSP between H2 and H3 would provide 562 adequate connectivity. If the PCE has inter-layer visibility it may 563 return a path that includes hops in the lower layer (H1-H2-L1-L2-H3- 564 H4), but if it has no visibility into the lower layer, it may return 565 a path with a loose hop from H2 to H3 (H1-H2-H3(loose)-H4). The 566 former is a multi-layer path, and the latter a mono-layer path that 567 includes loose hops. 569 In the higher-layer signaling trigger model with a multi-layer path, 570 the LSP route supplied by the PCE includes the route of a lower- 571 layer LSP that is not yet established. A border LSR that is located 572 at the boundary between the higher-layer and lower-layer networks 573 (H2 in this example) receives a higher-layer signaling message, 574 notices that the next hop is in the lower-layer network, starts to 575 setup the lower-layer LSP as described in [RFC4206]. Note that these 576 actions depends on a policy being applied at the border LSR. An 577 example procedure of the signaling trigger model with a multi-layer 578 path is as follows. 580 Step 1: H1 (PCC) requests PCE to compute a path between H1 and H4. 581 The request indicates that inter-layer path computation is allowed. 583 Step 2: As a result of the inter-layer path computation, PCE judges 584 that a new lower-layer LSP needs to be established. 586 Step 3: PCE replies to H1 (PCC) with a computed multi-layer route 587 including higher-layer and lower-layer LSP routes. The route may be 588 specified as H1-H2-L1-L2-H3-H4, where all hops are strict. 590 Step 4: H1 initiates higher-layer signaling using the computed 591 explicit router of H2-L1-L2-H3-H4. 593 Step 5: The border LSR (H2) that receives the higher-layer signaling 594 message starts lower-layer signaling to establish a lower-layer LSP 595 along the specified lower-layer route of H2-L1-L2-H3. That is, the 596 border LSR recognizes the hops within the explicit route that apply 597 to the lower-layer network, verifies with local policy that a new 598 LSP is acceptable, and establishes the required lower-layer LSP. 599 Note that it is possible that a suitable lower-layer LSP has already 600 been established (or become available) between the time that the 601 computation was performed and the moment when the higher-layer 602 signaling message reached the border LSR. In this case, the border 603 LSR may select such a lower-layer LSP without the need to signal a 604 new LSP provided that the lower-layer LSP satisfies the explicit 605 route in the higher-layer signaling request. 607 Step 6: After the lower-layer LSP is established, the higher-layer 608 signaling continues along the specified higher-layer route of H2-H3- 609 H4 using hierarchical signaling [RFC4206]. 611 On the other hand, in the signaling trigger model with a mono-layer 612 path, a higher-layer LSP route includes a loose hop to traverse the 613 lower-layer network between the two border LSRs. A border LSR that 614 receives a higher-layer signaling message needs to determine a path 615 for a new lower-layer LSP. It applies local policy to verify that a 616 new LSP is acceptable and then either consults a PCE with 617 responsibility for the lower-layer network or computes the path by 618 itself, and initiates signaling to establish the lower-layer LSP. 619 Again, it is possible that a suitable lower-layer LSP has already 620 been established (or become available). In this case, the border LSR 621 may select such a lower-layer LSP without the need to signal a new 622 LSP provided that the existing lower-layer LSP satisfies the 623 explicit route in the higher-layer signaling request. Since the 624 higher-layer signaling request used a loose hop without specifying 625 any specifics of the path within the lower-layer network, the border 626 LSR has greater freedom to choose a lower-layer LSP than in the 627 previous example. 629 The difference between procedures of the signaling trigger model 630 with a multi-layer path and a mono-layer path is Step 5. Step 5 of 631 the signaling trigger model with a mono-layer path is as follows: 633 Step 5': The border LSR (H2) that receives the higher-layer 634 signaling message applies local policy to verify that a new LSP is 635 acceptable and then initiates establishment of a lower-layer LSP. It 636 either consults a PCE with responsibility for the lower-layer 637 network or computes the route by itself to expand the loose hop 638 route in the higher-layer path. 640 Finally, note that a virtual TE link may have been advertised into 641 the higher-layer network. This causes the PCE to return a path H1- 642 H2-H3-H4 where all the hops are strict. But when the higher-layer 643 signaling message reaches the layer border node H2 (that was 644 responsible for advertising the virtual TE link) it realizes that 645 the TE link does not exist yet, and signals the necessary LSP across 646 the lower-layer network using its own path determination (just as 647 for a loose hop in the higher layer) before continuing with the 648 higher-layer signaling. 650 PCE 651 ^ 652 : 653 : 654 V 655 H1--H2 H3--H4 656 \ / 657 L1==L2==L3--L4--L5 658 | 659 | 660 L6--L7 661 \ 662 H5--H6 664 Figure 7: Example of a Multi-Layer Network 666 Examples of multi-layer EROs are explained using Figure 7. It is 667 described how lower-layer LSP setup is performed in the higher-layer 668 signaling trigger model using an ERO that can include subobjects in 669 both the higher and lower layers. It gives rise to several options 670 for the ERO when it reaches the last LSR in the higher layer network 671 (H2). 672 1. The next subobject is a loose hop to H3 (mono layer ERO). 673 2. The next subobject is a strict hop to L1 followed by a loose hop 674 to H3. 675 3. The next subobjects are a series of hops (strict or loose) in the 676 lower-layer network followed by H3. For example, {L1(strict), 677 L3(loose), L5(loose), H3(strict)} 679 In the first example, the lower layer can utilize any LSP tunnel 680 that will deliver the end-to-end LSP to H3. In the third case, the 681 lower layer must select an LSP tunnel that traverses L3 and L5. 682 However, this does not mean that the lower layer can or should use 683 an LSP from L1 to L3 and another from L3 to L5. 685 4.2.3. NMS-VNTM Cooperation Model 687 ----- 688 | NMS | 689 | | ----- 690 ----- | PCE | 691 ^ ^ | Hi | 692 : : ----- 693 : : ^ 694 : : : 695 : : : 696 : v v 697 : ------ ----- ----- ------ 698 : | LSR |--| LSR |........................| LSR |--| LSR | 699 : | H1 | | H2 | | H3 | | H4 | 700 : ------ -----\ /----- ------ 701 : ^ \ / 702 : : \ / 703 : -------- \ / 704 v : \ / 705 ------ ----- \----- -----/ 706 | VNTM |<-->| PCE | | LSR |--| LSR | 707 | | | Lo | | L1 | | L2 | 708 ------ ----- ----- ----- 710 Figure 8: NMS-VNTM Cooperation Model 712 Figure 8 show the Network Management System (NMS) in the NMS-VNTM 713 cooperation model. The NMS manages the higher layer. The case of 714 multiple PCE computation without inter-PCE communication is used to 715 explain the NMS-VNTM cooperation model here, but single PCE path 716 computation could also be applied to this model. Note that multiple 717 PCE path computation with inter-PCE communication does not fit in 718 with this model. 720 The NMS requests a head-end LSR (H1 in this example) to set up a 721 higher-layer LSP between head-end and tail-end LSRs without 722 specifying any route. The head-end LSR, which is a PCC, requests the 723 higher-layer PCE to compute a path between head-end and tail-end 724 LSRs. There is no TE link in the higher-layer between border LSRs 725 (H2 and H3 in this example). When the PCE fails to compute a path, 726 it informs the PCC (i.e., head-end LSR) that notifies the NMS. The 727 notification may include the information that there is no TE link 728 between the border LSRs. 730 Note that it is equally valid for the higher-layer PCE to be 731 consulted by the NMS rather than by the head-end LSR. In this case, 732 the result is the same - the NMS discovers that an end-to-end LSP 733 cannot be provisioned owing to the lack of a TE link between H2 and 734 H3. 736 The NMS may now suggest (or request) to the VNTM that a lower-layer 737 LSP between the border LSRs could be established and could be 738 advertised as a TE link in the higher layer to support future 739 higher-layer LSP requests. The communication between the NMS and the 740 VNTM may be performed in an automatic manner or in a manual manner, 741 and is a key interaction between layers that may also be separate 742 administrative domains. Thus, this communication is potentially a 743 point of application of administrative, billing, and security policy. 744 The NMS may wait for the lower-layer LSP to be set up and advertised 745 as a TE link, or may reject the operator's request for the service 746 that requires the higher-layer LSP with a suggestion that the 747 operator tries again later. 749 The VNTM requests the lower-layer PCE to compute a path, and then 750 requests H2 to establish a lower-layer LSP. Alternatively, the VNTM 751 may make a direct request to H2 for the LSP, and H2 may consult the 752 lower-layer PCE. After the NMS is informed or notices that the 753 lower-layer LSP has been established, it can request the head-end 754 LSR (H1) to set up the higher-layer end-to-end LSP between H1 and H4. 756 Thus, cooperation between the high layer and lower layer is 757 performed though communication between NMS and VNTM. An example of 758 such a procedure of the NSM-VNTM cooperation model is as follows 759 using the example network in Figure 6. 761 Step 1: NMS requests a head-end LSR (H1) to set up a higher-layer 762 LSP between H1 and H4 without specifying any route. 764 Step 2: H1 (PCC) requests PCE to compute a path between H2 and H3. 766 Step 3: The path computation fails because there is no TE link 767 across the lower-layer network. 769 Step 4: H1 (PCC) notifies NMS. The notification may include an 770 indication that there is no TE link between H2 and H4. 772 Step 5: NMS suggests (or requests) to VNTM that a new TE link 773 connecting H2 and H3 would be useful. The NMS notifies VNTM that it 774 will be waiting for the TE link to be created. VNTM considers 775 whether lower-layer LSPs should be established if necessary and if 776 acceptable within VNTM's policy constraints. 778 Step 6: VNTM requests the lower-layer PCE for path computation. 780 Step 7: VNTM requests the ingress LSR in the lower-layer network 781 (H2) to establish a lower-layer LSP. The request message includes a 782 lower-layer LSP route obtained from the lower-layer PCE responsible 783 for the lower-layer network. 785 Step 7: H2 signals the lower-layer LSP. 787 Step 8: If the lower-layer LSP setup is successful, H2 notifies VNTM 788 that the LSP is complete and supplies the tunnel information. 790 Step 9: H2 advertises the new LSP as a TE link in the higher-layer 791 network routing instance. 793 Step 10: VNTM notifies NMS that the underlying lower-layer LSP has 794 been set up, and NMS notices the new TE link advertisement. 796 Step 11: NMS again requests H1 to set up a higher-layer LSP between 797 H1 and H4. 799 Step 12: H1 requests the higher-layer PCE to compute a path and 800 obtains a successful result that includes the higher-layer route 801 that is specified as H1-H2-H3-H4, where all hops are strict. 803 Step 13: H1 initiates signaling with the computed path H2-H3-H4 to 804 establish the higher-layer LSP. 806 4.2.4. Possible Combinations of Inter-Layer Path Computation and Inter- 807 Layer Path Control Models 809 Table 1 summarizes the possible combinations of inter-layer path 810 computation and inter-layer path control models. There are three 811 inter-layer path computation models: the single PCE path computation 812 model; the multiple PCE path computation with inter-PCE 813 communication model; and the multiple PCE path computation without 814 inter-PCE communication model. There are also three inter-layer path 815 control models: the PCE-VNTM cooperation model; the higher-layer 816 signaling trigger model; and the NMS-VNTM cooperation model. All the 817 combinations between inter-layer path computation and path control 818 models, except for the combination of the multiple PCE path 819 computation with inter-layer PCE communication model and the NMS- 820 VNTM cooperation model are possible. 822 Table 1: Possible Combinations of Inter-Layer Path Computation and 823 Inter-Layer Path Control Models. 825 ---------------------------------------------------- 826 | Path computation | Single | Multiple | Multiple | 827 | \ | PCE | PCE with | PCE w/o | 828 | Path control | | inter-PCE | inter-PCE | 829 |----------------------------------------------------| 830 | PCE-VNTM | Yes | Yes | Yes | 831 | cooperation | | | | 832 |----------------------------+-----------+-----------| 833 | Higher-layer | Yes | Yes | Yes | 834 | signaling trigger | | | | 835 |----------------------------------------------------| 836 | NMS-VNTM | No* | No | Yes | 837 | cooperation | | | | 838 -------------------+--------+-----------+----------- 840 *Note that, in case of NSM-VNTM cooperation and single PCE inter- 841 layer path computation, the PCE function used by NMS and VNTM may be 842 collocated, but it will operate on separate TEDs. 844 5. Choosing Between Inter-Layer Path Control Models 846 This section compares the cooperation model between PCE and VNTM, 847 and the higher-layer signaling trigger model, in terms of VNTM 848 functions, border LSR functions, higher-layer signaling time, and 849 complexity (in terms of number of states and messages). An 850 appropriate model may be chosen by a network operator in different 851 deployment scenarios taking all these considerations into account. 853 5.1. VNTM Functions 855 VNTM functions are required in both the PCE-VNTM cooperation model 856 and the NMS-VNTM model. In the PCE-VNTM cooperation model, 857 communications are required between PCE and VNTM, and between VNTM 858 and a border LSR. Communications between a higher-layer PCE and the 859 VNTM are event notifications and may use SNMP notifications from the 860 PCE MIB modules [PCE-MIB]. Note that communications from the PCE to 861 the VNTM do not have any acknowledgements. 863 VNTM-LSR communication can use existing GMPLS-TE MIB modules 864 [RFC4802]. In the NMS-VNTM cooperation model, communications are 865 required between NMS and VNTM, between VNTM and a lower-layer PCE, 866 and between VNTM and a border LSR. NMS-VNTM communications, which 867 are out of scope of this document, may use proprietary or standard 868 interfaces, some of which, for example, are standardized in TM Forum. 869 Communications between VNTM and a lower-layer PCE use PCEP [PCEP]. 870 VNTM-LSR communications are the same as in the PCE-VNTM cooperation 871 model. 873 In the higher-layer signaling trigger model, no VNTM functions are 874 required, and no such communications are required. 876 If VNTM functions are not supported in a multi-layer network, the 877 higher-layer signaling trigger model has to be chosen. 879 The inclusion of VNTM functionality allows better coordination of 880 cross-network LSP tunnels and application of network-wide policy 881 that is far harder to apply in the trigger model since it requires 882 the coordination of policy between multiple border LSRs. 884 5.2. Border LSR Functions 886 In the higher-layer signaling trigger model, a border LSR must have 887 some additional functions. It needs to trigger lower-layer signaling 888 when a higher-layer path message suggests that lower-layer LSP setup 889 is necessary. Note that, if virtual TE links are used, the border 890 LSRs must be capable of triggered signaling. 892 If the ERO in the higher-layer Path message uses a mono-layer path 893 or specifies a loose hop, the border LSR receiving the Path message 894 must obtain a lower-layer route either by consulting a PCE or by 895 using its own computation engine. If the ERO in the higher-layer 896 Path message uses a multi-layer path, the border LSR must judge 897 whether lower-layer signaling is needed. 899 In the PCE-VNTM cooperation model and the NMS-VNTM model, no 900 additional function for triggered signaling is required in border 901 LSRs except when virtual TE links are used. Therefore, if these 902 additional functions are not supported in border LSRs, where a 903 border LSR is controlled by VNTM to set up a lower-layer LSP, the 904 cooperation model has to be chosen. 906 5.3. Complete Inter-Layer LSP Setup Time 908 The complete inter-layer LSP setup time includes inter-layer path 909 computation, signaling, and the communication time between PCC and 910 PCE, PCE and VNTM, NSM and VNTM, and VNTM and LSR. In the PCE-VNTM 911 cooperation model and the NMS-VNTM model, the additional 912 communication steps are required compared with the higher-layer 913 signaling trigger model. On the other hand, the cooperation model 914 provides better control at the cost of a longer service setup time. 916 Note that, in terms of higher-layer signaling time, in the higher- 917 layer signaling trigger model, the required time from when higher- 918 layer signaling starts to when it is completed, is more than that of 919 the cooperation model except when a virtual TE link is included. 920 This is because the former model requires lower-layer signaling to 921 take place during the higher-layer signaling. A higher-layer ingress 922 LSR has to wait for more time until the higher-layer signaling is 923 completed. A higher-layer ingress LSR is required to be tolerant of 924 longer path setup times. 926 5.4. Network Complexity 928 If the higher and lower layer networks have multiple interconnects 929 then optimal path computation for end-to-end LSPs that cross the 930 layer boundaries is non-trivial. The higher layer LSP must be routed 931 to the correct layer border nodes to achieve optimality in both 932 layers. 934 Where the lower layer LSPs are advertised into the higher layer 935 network as TE links, the computation can be resolved in the higher 936 layer network. Care needs to be taken in the allocation of TE 937 metrics (i.e., costs) to the lower layer LSPs as they are advertised 938 as TE links into the higher layer network, and this might be a 939 function for a VNT Manager component. Similarly, attention should be 940 given to the fact that the LSPs crossing the lower-layer network 941 might share points of common failure (e.g., they might traverse the 942 same link in the lower-layer network) and the shared risk link 943 groups (SRLGs) for the TE links advertised in the higher-layer must 944 be set accordingly. 946 In the single PCE model an end-to-end path can be found in a single 947 computation because there is full visibility into both layers and 948 all possible paths through all layer interconnects can be considered. 950 Where PCEs cooperate to determine a path, an iterative computation 951 model such as [BRPC] can be used to select an optimal path across 952 layers. 954 When non-cooperating mono-layer PCEs, each of which is in a separate 955 layer, are used with the triggered LSP model, it is not possible to 956 determine the best border LSRs, and connectivity cannot even be 957 guaranteed. In this case, signaling crankback techniques [RFC4920] 958 can be used to eventually achieve connectivity, but optimality is 959 far harder to achieve. In this model, a PCE that is requested by an 960 ingress LSR to compute a path expects a border LSR to setup a lower- 961 layer path triggered by high-layer signaling when there is no TE 962 link between border LSRs. 964 5.5. Separation of Layer Management 966 Many network operators may want to provide a clear separation 967 between the management of the different layer networks. In some 968 cases, the lower layer network may come from a separate commercial 969 arm of an organization or from a different corporate body entirely. 970 In these cases, the policy applied to the establishment of LSPs in 971 the lower-layer network and to the advertisement of these LSPs as TE 972 links in the higher-layer network will reflect commercial agreements 973 and security concerns (see next section). Since the capacity of the 974 LSPs in the lower-layer network are likely to be significantly 975 larger than those in the client higher-layer network (multiplex- 976 server model), the administrator of the lower-layer network may want 977 to exercise caution before allowing a single small demand in the 978 higher layer to tie up valuable resources in the lower layer. 980 The necessary policy points for this separation of administration 981 and management are more easily achieved through the VNTM approach 982 than by using triggered signaling. In effect, the VNTM is the 983 coordination point for all lower layer LSPs and can be closely tied 984 to a human operator as well as to policy and billing. Such a model 985 can also be achieved using triggered signaling. 987 6. Stability Considerations 989 Inter-layer traffic engineering needs to be managed and operated 990 correctly to avoid introducing instability problems. 992 Lower-layer LSPs are likely, by the nature of the technologies used 993 in layered networks, to be of considerably higher capacity than the 994 higher-layer LSPs. This has the benefit of allowing multiple higher- 995 layer LSPs to be carried across the lower-layer network in a single 996 lower-layer LSP. However, when a new lower-layer LSP is set up to 997 support a request for a higher-layer LSP because there is no 998 suitable route in the higher-layer network, it may be the case that 999 a very large LSP is established in support of a very small traffic 1000 demand. Further, if the higher-layer LSP is short-lived, the 1001 requirement for the lower-layer LSP will go away leaving it either 1002 in-place but unused, or requiring it to be torn down. This may cause 1003 excessive tie-up of unused lower-layer network resources, or may 1004 introduce instability into the lower-layer network. It is important 1005 that appropriate policy controls or configuration features are 1006 available so that demand-led establishment of lower-layer LSPs (the 1007 so-called "bandwidth on demand") is filtered according to the 1008 requirements of the lower-layer network. 1010 When a higher-layer LSP is requested to be set up, a new lower-layer 1011 LSP may be established if there is no route with the requested 1012 bandwidth for the higher-layer LSP. After the lower-layer LSP is 1013 established, existing high-layer LSPs could be re-routed to use the 1014 newly established lower-layer LSP if using the lower-layer LSP 1015 provides a better route than that taken by the existing LSPs. This 1016 re-routing may result in lower utilization of other lower-layer LSPs 1017 that used to carry the existing higher-layer LSPs. When the 1018 utilization of a lower-layer LSP drops below a threshold (or drops 1019 to zero), the LSP is deleted according to lower-layer network policy. 1021 But consider that some other new higher-layer LSP may be requested 1022 at once requiring the establishment or re-establishment of a lower- 1023 layer LSP. This, in turn, may cause higher-layer re-routing making 1024 other lower-layer LSPs under-utilized, in a cyclic manner. This 1025 behavior makes the higher-layer network unstable. 1027 Inter-layer traffic engineering needs to avoid network instability 1028 problems. To solve the problem, network operators may have some 1029 constraints achieved through configuration or policy, where inter- 1030 layer path control actions such as re-routing and deletion of lower- 1031 layer LSPs are not easily allowed. For example, threshold parameters 1032 for the actions are determined so that hysteresis control behavior 1033 can be performed. 1035 7. IANA Considerations 1037 This informaitonal document makes no requests for IANA action. 1039 8. Manageability Considerations 1041 Inter-layer MPLS or GMPLS traffic engineering must be considered in 1042 the light of administrative and management boundaries that are 1043 likely to coincide with the technology layer boundaries. That is, 1044 each layer network may possibly be under separate management control 1045 with different policies applied to the networks, and specific policy 1046 rules applied at the boundaries between the layers. 1048 Management mechanisms are required to make sure that inter-layer 1049 traffic engineering can be applied without violating the policy and 1050 administrative operational procedures used by the network operators. 1052 8.1. Control of Function and Policy 1054 8.1.1. Control of Inter-Layer Computation Function 1056 PCE implementations that are capable of supporting inter-layer 1057 computations should provide a configuration switch to allow support 1058 of inter-layer path computations to be enabled or disabled. 1060 When a PCE is capable of, and configured for, inter-layer path 1061 computation, it should advertise this capability as described in 1062 [PCE-INTER-LAYER-REQ], but this advertisement may be suppressed 1063 through a secondary configuration option. 1065 8.1.2. Control of Per-Layer Policy 1067 Where each layer is operated as a separate network, the operators 1068 must have control over the policies applicable to each network, and 1069 that control should be independent of the control of policies for 1070 other networks. 1072 Where multiple layers are operated as part of the same network, the 1073 operator may have a single point of control for an integrated policy 1074 across all layers, or may have control of separate policies for each 1075 layer. 1077 8.1.3. Control of Inter-Layer Policy 1079 Probably the most important issue for inter-layer traffic 1080 engineering is inter-layer policy. This may cover issues such as 1081 under what circumstances a lower layer LSP may be established to 1082 provide connectivity in the higher layer network. Inter-layer policy 1083 may exist to protect the lower layer (high capacity) network from 1084 very dynamic changes in micro-demand in the higher layer network 1085 (see Section 6). It may also be used to ensure appropriate billing 1086 for the lower layer LSPs. 1088 Inter-layer policy should include the definition of the points of 1089 connectivity between the network layers, the inter-layer TE model to 1090 be applied (for example, the selection between the models described 1091 in this document), and the rules for path computation and LSP setup. 1092 Where inter-layer policy is defined, it must be used consistently 1093 throughout the network, and should be made available to the PCEs 1094 that perform inter-layer computation so that appropriate paths are 1095 computed. Mechanisms for providing policy information to PCEs are 1096 discussed in [RFC5394]. 1098 VNTM may provide a suitable functional component for the 1099 implementation of inter-layer policy. Use of VNTM allows the 1100 administrator of the lower layer network to apply inter-layer policy 1101 without making that policy public to the operator of the higher 1102 layer network. Similarly, a cooperative PCE model (with or without 1103 inter-PCE communication) allows separate application of policy 1104 during the selection of paths. 1106 8.2. Information and Data Models 1108 Any protocol extensions to support inter-layer computations must be 1109 accompanied by the definition of MIB objects for the control and 1110 monitoring of the protocol extensions. These MIB object definitions 1111 will conventionally be placed in a separate document from that which 1112 defines the protocol extensions. The MIB objects may be provided in 1113 the same MIB module as used for the management of the base protocol 1114 that is being extended. 1116 Note that inter-layer PCE functions should, themselves, be 1117 manageable through MIB modules. In general, this means that the MIB 1118 modules for managing PCEs should include objects that can be used to 1119 select and report on the inter-layer behavior of each PCE. It may 1120 also be appropriate to provide statistical information that reports 1121 on the inter-layer PCE interactions. 1123 Where there are communications between a PCE and VNTM, additional 1124 MIB modules may be necessary to manage and model these 1125 communications. On the other hand, if these communications are 1126 provided through MIB notifications, then those notifications must 1127 form part of a MIB module definition. 1129 Policy Information Base (PIB) modules may also be appropriate to 1130 meet the requirements as described in Section 6.1 and [RFC5394]. 1132 8.3. Liveness Detection and Monitoring 1134 Liveness detection and monitoring is required between PCEs and PCCs, 1135 and between cooperating PCEs as described in [RFC4657]. Inter-layer 1136 traffic engineering does not change this requirement. 1138 Where there are communications between a PCE and VNTM, additional 1139 liveness detection and monitoring may be required to allow the PCE 1140 to know whether the VNTM has received its information about failed 1141 path computations and desired TE links. 1143 When a lower layer LSP fails (perhaps because of the failure of a 1144 lower layer network resource) or is torn down as a result of lower 1145 layer network policy, the consequent change should be reported to 1146 the higher layer as a change in the VNT, although inter-layer policy 1147 may dictate that such a change is hidden from the higher layer. The 1148 higher layer network may additionally operate data plane failure 1149 techniques over the virtual TE links in the VNT in order to monitor 1150 the liveness of the connections, but it should be noted that if the 1151 virtual TE link is advertised but not yet established as an LSP in 1152 the lower layer, such higher layer OAM techniques will report a 1153 failure. 1155 8.4. Verifying Correct Operation 1157 The correct operation of the PCE computations and interactions are 1158 described in [RFC4657], [PCEP], etc., and does not need further 1159 discussion here. 1161 The correct operation of inter-layer traffic engineering may be 1162 measured in several ways. First, the failure rate of higher layer 1163 path computations owing to an absence of connectivity across the 1164 lower layer may be observed as a measure of the effectiveness of the 1165 VNT and may be reported as part of the data model described in 1166 Section 6.2. Second, the rate of change of the VNT (i.e., the rate 1167 of establishment and removal of higher layer TE links based on lower 1168 layer LSPs) may be seen as a measure of the correct planning of the 1169 VNT and may also form part of the data model described in Section 1170 6.2. Third, network resource utilization in the lower layer (both in 1171 terms of resource congestion, and in consideration of under 1172 utilization of LSPs set up to support virtual TE links) can indicate 1173 whether effective inter-layer traffic engineering is being applied. 1175 Management tools in the higher layer network should provide a view 1176 of which TE links are provided using planned lower layer capacity 1177 (that is, physical connectivity or permanent connections) and which 1178 TE links are dynamic and achieved through inter-layer traffic 1179 engineering. Management tools in the lower layer should provide a 1180 view of the use to which lower layer LSPs are put including whether 1181 they have been set up to support TE links in a VNT, and if so for 1182 which client network. 1184 8.5. Requirements on Other Protocols and Functional Components 1186 There are no protocols or protocol extensions defined in this 1187 document and so it is not appropriate to consider specific 1188 interactions with other protocols. It should be noted, however, that 1189 the objective of this document is to enable inter-layer traffic 1190 engineering for MPLS-TE and GMPLS networks and so it is assumed that 1191 the necessary features for inter-layer operation of routing and 1192 signaling protocols are in existence or will be developed. 1194 This document introduces roles for various network components (PCE, 1195 LSR, NMS, and VNTM). Those components are all required to play their 1196 part in order that inter-layer TE can be effective. That is, an 1197 inter-layer TE model that assumes the presence and operation of any 1198 of these functional components obviously depends on those components 1199 to fulfill their roles as described in this document. 1201 8.6. Impact on Network Operation 1203 The use of a PCE to compute inter-layer paths is expected to have a 1204 significant and beneficial impact on network operations. Inter-layer 1205 traffic engineering of itself may provide additional flexibility to 1206 the higher layer network while allowing the lower layer network to 1207 support more and varied client networks in a more efficient way. 1208 Traffic engineering across network layers allows optimal use to be 1209 made of network resources in all layers. 1211 The use of PCE as described in this document may also have a 1212 beneficial effect on the loading of PCEs responsible for performing 1213 inter-layer path computation while facilitating a more independent 1214 operation model for the network layers. 1216 9. Security Considerations 1218 Inter-layer traffic engineering with PCE raises new security issues 1219 in all three inter-layer path control models. 1221 In the cooperation model between PCE and VNTM, when the PCE 1222 determines that a new lower-layer LSP is desirable, communications 1223 are needed between the PCE and VNTM and between VNTM and a border 1224 LSR. In this case, these communications should have security 1225 mechanisms to ensure authenticity, privacy and integrity of the 1226 information exchanged. In particular, it is important to protect 1227 against false triggers for LSP setup in the lower-layer network 1228 since such falsification could tie up lower-layer network resources 1229 (achieving a denial of service attack on the lower-layer network and 1230 on the higher layer network that is attempting to use it) and could 1231 result in incorrect billing for services provided by the lower-layer 1232 network. Where the PCE MIB modules are used to provide the 1233 notification exchanges between the higher-layer PCE and the VNTM, 1234 SNMP v3 should be used to ensure adequate security. Additionally, 1235 the VNTM should provide configurable or dynamic policy functions so 1236 that the VNTM behavior upon receiving notification from a higher- 1237 layer PCE can be controlled. 1239 The main security concern in the higher-layer signaling trigger 1240 model is related to confidentiality. The PCE may inform a higher- 1241 layer PCC about a multi-layer path that includes an ERO in the 1242 lower-layer network, but the PCC may not have TE topology visibility 1243 into the lower-layer network and might not be trusted with this 1244 information. A loose hop across the lower-layer network could be 1245 used, but this decreases the benefit of multi-layer traffic 1246 engineering. A better alternative may be to mask the lower-layer 1247 path using a path key [PATH-KEY] that can be expanded within the 1248 lower-layer network. Consideration must also be given to filtering 1249 the recorded path information from the lower-layer - see [RFC4208], 1250 for example. 1252 Additionally, in the higher-layer signaling trigger model, 1253 consideration must be given to the security of signaling at the 1254 inter-layer interface since the layers may belong to different 1255 administrative or trust domains. 1257 The NMS-VNTM cooperation model introduces communication between the 1258 NMS and the VNTM. Both of these components belong to the management 1259 plane and the communication is out of scope for this PCE document. 1260 Note that the NMS-VNTM cooperation model may be considered to 1261 address many security and policy concerns because the control and 1262 decision-making is placed within the sphere of influence of the 1263 operator in contrast to the more dynamic mechanisms of the other 1264 models. However, the security issues have simply moved, and will 1265 require authentication of operators and of policy. 1267 Security issues may also exist when a single PCE is granted full 1268 visibility of TE information that applies to multiple layers. Any 1269 access to the single PCE will immediately gain access to the 1270 topology information for all network layers - effectively, a single 1271 security breach can expose information that requires multiple 1272 breaches in other models. 1274 Note that, as described in Section 6, inter-layer TE can cause 1275 network stability issues, and this could be leveraged to attack 1276 either the higher or lower layer network. Precautionary measures, 1277 such as those described in Section 8.1.3, can be applied through 1278 policy or configuration to dampen any network oscillations. 1280 10. Acknowledgments 1282 We would like to thank Kohei Shiomoto, Ichiro Inoue, Julien Meuric, 1283 Jean-Francois Peltier, Young Lee, Ina Minei, and Jean-Philippe 1284 Vasseur for their useful comments. 1286 11. References 1288 11.1. Normative Reference 1290 [RFC3031] Rosen, E., Viswanathan, A., and R. Callon, "Multiprotocol 1291 Label Switching Architecture", RFC 3031, January 2001. 1293 [RFC3945] Mannie, E., "Generalized Multi-Protocol Label Switching 1294 Architecture", RFC 3945, October 2004. 1296 [RFC4206] K. Kompella and Y. Rekhter, "Label Switched Paths (LSP) 1297 Hierarchy with Generalized Multi-Protocol Label Switching 1298 (GMPLS) Traffic Engineering (TE)", RFC 4206, October 2005. 1300 11.2. Informative Reference 1302 [RFC5212] K. Shiomoto et al., "Requirements for GMPLS-Based Multi- 1303 Region and Multi-Layer Networks (MRN/MLN)", RFC 5212, July 1304 2008. 1306 [PCE-INTER-LAYER-REQ] E. Oki et al., "PCC-PCE Communication 1307 Requirements for Inter-Layer Traffic Engineering", draft- 1308 ietf-pce-inter-layer-req work in progress. 1310 [BRPC] JP. Vasseur et al., "A Backward Recursive PCE-based 1311 Computation (BRPC) procedure to compute shortest inter- 1312 domain Traffic Engineering Label Switched Paths", draft- 1313 ietf-pce-brpc, work in progress. 1315 [RFC4920] A. Farrel et al., "Crankback Signaling Extensions for MPLS 1316 and GMPLS RSVP-TE", RFC 4920, July 2007. 1318 [PCE-MIB] E. Stephan, "Definitions of Textual Conventions for Path 1319 Computation Element", draft-ietf-pce-tc-mib.txt, work in 1320 progress. 1322 [RFC4802] A. Farrel and T. Nadeau, "Generalized Multiprotocol Label 1323 Switching (GMPLS) Traffic Engineering Management 1324 Information Base", RFC 4802, February 2007. 1326 [PATH-KEY] Bradford, R., Vasseur, JP., and Farrel, A., "Preserving 1327 Topology Confidentiality in Inter-Domain Path Computation 1328 Using a Key Based Mechanism", draft-ietf-pce-path-key, work 1329 in progress. 1331 [RFC4208] Swallow, G., Drake, J., Ishimatsu, H., and Rekhter, Y., 1332 "Generalized Multiprotocol Label Switching (GMPLS) User- 1333 Network Interface (UNI): Resource ReserVation Protocol- 1334 Traffic Engineering (RSVP-TE) Support for the Overlay 1335 Model", RFC 4208, October 2005. 1337 [RFC4655] A. Farrel, JP. Vasseur and J. Ash, "A Path Computation 1338 Element (PCE)-Based Architecture", RFC 4655, August 2006. 1340 [RFC4657] J. Ash and J.L. Le Roux (Ed.), "Path Computation Element 1341 (PCE) Communication Protocol Generic Requirements", RFC 1342 4657, September 2006. 1344 [RFC5394] Bryskin, I., Papadimitriou, P., Berger, L., and Ash J, 1345 "Policy-Enabled Path Computation Framework", RFC 5394, 1346 December 2008. 1348 [PCEP] JP. Vasseur et al, "Path Computation Element (PCE) 1349 communication Protocol (PCEP) - Version 1 -" draft-ietf- 1350 pce-pcep, work in progress. 1352 12. Authors' Addresses 1354 Eiji Oki 1355 University of Electro-Communications 1356 Tokyo 1357 Japan 1358 Email: oki@ice.uec.ac.jp 1360 Tomonori Takeda 1361 NTT 1362 3-9-11 Midori-cho, 1363 Musashino-shi, Tokyo 180-8585, Japan 1364 Email: takeda.tomonori@lab.ntt.co.jp 1366 Jean-Louis Le Roux 1367 France Telecom R&D, 1368 Av Pierre Marzin, 1369 22300 Lannion, France 1370 Email: jeanlouis.leroux@orange-ftgroup.com 1371 Adrian Farrel 1372 Old Dog Consulting 1373 Email: adrian@olddog.co.uk 1375 13. Intellectual Property Statement 1377 The IETF Trust takes no position regarding the validity or scope of 1378 any Intellectual Property Rights or other rights that might be 1379 claimed to pertain to the implementation or use of the technology 1380 described in any IETF Document or the extent to which any license 1381 under such rights might or might not be available; nor does it 1382 represent that it has made any independent effort to identify any 1383 such rights. 1385 Copies of Intellectual Property disclosures made to the IETF 1386 Secretariat and any assurances of licenses to be made available, or 1387 the result of an attempt made to obtain a general license or 1388 permission for the use of such proprietary rights by implementers or 1389 users of this specification can be obtained from the IETF on-line IPR 1390 repository at http://www.ietf.org/ipr 1392 The IETF invites any interested party to bring to its attention any 1393 copyrights, patents or patent applications, or other proprietary 1394 rights that may cover technology that may be required to implement 1395 any standard or specification contained in an IETF Document. Please 1396 address the information to the IETF at ietf-ipr@ietf.org. 1398 The definitive version of an IETF Document is that published by, or 1399 under the auspices of, the IETF. Versions of IETF Documents that are 1400 published by third parties, including those that are translated into 1401 other languages, should not be considered to be definitive versions 1402 of IETF Documents. The definitive version of these Legal Provisions 1403 is that published by, or under the auspices of, the IETF. Versions of 1404 these Legal Provisions that are published by third parties, including 1405 those that are translated into other languages, should not be 1406 considered to be definitive versions of these Legal Provisions. 1408 For the avoidance of doubt, each Contributor to the IETF Standards 1409 Process licenses each Contribution that he or she makes as part of 1410 the IETF Standards Process to the IETF Trust pursuant to the 1411 provisions of RFC 5378. No language to the contrary, or terms, 1412 conditions or rights that differ from or are inconsistent with the 1413 rights and licenses granted under RFC 5378, shall have any effect and 1414 shall be null and void, whether published or posted by such 1415 Contributor, or included with or in such Contribution. 1417 14. Full Copyright Statement 1419 Copyright (c) 2009 IETF Trust and the persons identified as the 1420 document authors. All rights reserved. 1422 This document is subject to BCP 78 and the IETF Trust's Legal 1423 Provisions Relating to IETF Documents 1424 (http://trustee.ietf.org/license-info) in effect on the date of 1425 publication of this document. Please review these documents 1426 carefully, as they describe your rights and restrictions with respect 1427 to this document. 1429 All IETF Documents and the information contained therein are provided 1430 on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE 1431 REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE 1432 IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL 1433 WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY 1434 WARRANTY THAT THE USE OF THE INFORMATION THEREIN WILL NOT INFRINGE 1435 ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS 1436 FOR A PARTICULAR PURPOSE.