idnits 2.17.1 draft-ietf-teas-pce-native-ip-17.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (February 2, 2021) is 1180 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- ** Obsolete normative reference: RFC 7752 (Obsoleted by RFC 9552) Summary: 1 error (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 TEAS Working Group A. Wang 3 Internet-Draft China Telecom 4 Intended status: Informational B. Khasanov 5 Expires: August 6, 2021 Yandex LLC 6 Q. Zhao 7 Etheric Networks 8 H. Chen 9 Futurewei 10 February 2, 2021 12 Path Computation Element (PCE) based Traffic Engineering (TE) in Native 13 IP Networks 14 draft-ietf-teas-pce-native-ip-17 16 Abstract 18 This document defines an architecture for providing traffic 19 engineering in a native IP network using multiple BGP sessions and a 20 Path Computation Element (PCE)-based central control mechanism. It 21 defines the Central Control Dynamic Routing (CCDR) procedures and 22 identifies needed extensions for the Path Computation Element 23 Communication Protocol (PCEP). 25 Status of This Memo 27 This Internet-Draft is submitted in full conformance with the 28 provisions of BCP 78 and BCP 79. 30 Internet-Drafts are working documents of the Internet Engineering 31 Task Force (IETF). Note that other groups may also distribute 32 working documents as Internet-Drafts. The list of current Internet- 33 Drafts is at https://datatracker.ietf.org/drafts/current/. 35 Internet-Drafts are draft documents valid for a maximum of six months 36 and may be updated, replaced, or obsoleted by other documents at any 37 time. It is inappropriate to use Internet-Drafts as reference 38 material or to cite them other than as "work in progress." 40 This Internet-Draft will expire on August 6, 2021. 42 Copyright Notice 44 Copyright (c) 2021 IETF Trust and the persons identified as the 45 document authors. All rights reserved. 47 This document is subject to BCP 78 and the IETF Trust's Legal 48 Provisions Relating to IETF Documents 49 (https://trustee.ietf.org/license-info) in effect on the date of 50 publication of this document. Please review these documents 51 carefully, as they describe your rights and restrictions with respect 52 to this document. Code Components extracted from this document must 53 include Simplified BSD License text as described in Section 4.e of 54 the Trust Legal Provisions and are provided without warranty as 55 described in the Simplified BSD License. 57 Table of Contents 59 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 60 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 61 3. CCDR Architecture in Simple Topology . . . . . . . . . . . . 4 62 4. CCDR Architecture in Large Scale Topology . . . . . . . . . . 5 63 5. CCDR Multiple BGP Sessions Strategy . . . . . . . . . . . . . 6 64 6. PCEP Extension for Critical Parameters Delivery . . . . . . . 8 65 7. Deployment Consideration . . . . . . . . . . . . . . . . . . 9 66 7.1. Scalability . . . . . . . . . . . . . . . . . . . . . . . 9 67 7.2. High Availability . . . . . . . . . . . . . . . . . . . . 10 68 7.3. Incremental deployment . . . . . . . . . . . . . . . . . 10 69 7.4. Loop Avoidance . . . . . . . . . . . . . . . . . . . . . 10 70 7.5. E2E Path Performance Monitoring . . . . . . . . . . . . . 10 71 8. Security Considerations . . . . . . . . . . . . . . . . . . . 10 72 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 73 10. Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . 11 74 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 75 11.1. Normative References . . . . . . . . . . . . . . . . . . 11 76 11.2. Informative References . . . . . . . . . . . . . . . . . 12 77 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 12 79 1. Introduction 81 [RFC8283], based on an extension of the Path Computation Element 82 (PCE) architecture described in [RFC4655] , introduced a broader use 83 applicability for a PCE as a central controller. PCEP Protocol 84 (PCEP) continues to be used as the protocol between PCE and Path 85 Computation Client (PCC). Building on that work, this document 86 describes a solution using a PCE for centralized control in a native 87 IP network to provide End-to-End (E2E) performance assurance and QoS 88 for traffic. The solution combines the use of distributed routing 89 protocols and a centralized controller, referred to as Centralized 90 Control Dynamic Routing (CCDR). 92 [RFC8735] describes the scenarios and simulation results for traffic 93 engineering in a native IP network based on use of a CCDR 94 architecture. Per [RFC8735], the architecture for traffic 95 engineering in a native IP network should meet the following 96 criteria: 98 o Same solution for native IPv4 and IPv6 traffic. 100 o Support for intra-domain and inter-domain scenarios. 102 o Achieve End to End traffic assurance, with determined QoS 103 behavior, for traffic requiring a service assurance (prioritized 104 traffic). 106 o No changes in a router's forwarding behavior. 108 o Based on centralized control through a distributed network control 109 plane. 111 o Support different network requirements such as high traffic volume 112 and prefix scaling. 114 o Ability to adjust the optimal path dynamically upon the changes of 115 network status. No need for physical links resources reservations 116 to be done in advance. 118 Building on the above documents, this document defines an 119 architecture meeting these requirements by using a multiple BGP 120 session strategy and a PCE as the centralized controller. The 121 architecture depends on the central control (PCE) element to compute 122 the optimal path, and utilizes the dynamic routing behavior of IGP/ 123 BGP protocols for forwarding the traffic. 125 2. Terminology 127 This document uses the following terms defined in [RFC5440]: 129 o PCE: Path Computation Element 131 o PCEP: PCE Protocol 133 o PCC: Path Computation Client 135 Other terms are used in this document: 137 o CCDR: Central Control Dynamic Routing 139 o E2E: End to End 141 o ECMP: Equal-Cost Multipath 143 o RR: Route Reflector 145 o SDN: Software Defined Network 147 3. CCDR Architecture in Simple Topology 149 Figure 1 illustrates the CCDR architecture for traffic engineering in 150 a simple topology. The topology is composed of four devices which 151 are SW1, SW2, R1, R2. There are multiple physical links between R1 152 and R2. Traffic between prefix PF11(on SW1) and prefix PF21(on SW2) 153 is normal traffic, traffic between prefix PF12(on SW1) and prefix 154 PF22(on SW2) is priority traffic that should be treated accordingly. 156 +-----+ 157 +----------+ PCE +--------+ 158 | +-----+ | 159 | | 160 | BGP Session 1(lo11/lo21)| 161 +-------------------------+ 162 | | 163 | BGP Session 2(lo12/lo22)| 164 +-------------------------+ 165 PF12 | | PF22 166 PF11 | | PF21 167 +---+ +-----+-----+ +-----+-----+ +---+ 168 |SW1+---------+(lo11/lo12)+-------------+(lo21/lo22)+--------------+SW2| 169 +---+ | R1 +-------------+ R2 | +---+ 170 +-----------+ +-----------+ 172 Figure 1: CCDR architecture in simple topology 174 In the Intra-AS scenario, IGP and BGP combined with a PCE are 175 deployed between R1 and R2. In the inter-AS scenario, only the 176 native BGP protocol is deployed. The traffic between each address 177 pair may change in real time and the corresponding source/destination 178 addresses of the traffic may also change dynamically. 180 The key ideas of the CCDR architecture for this simple topology are 181 the following: 183 o Build two BGP sessions between R1 and R2, via the different 184 loopback addresses on these routers (lo11 and lo12 are the 185 loopback address of R1, lo21 and lo22 are the loopback address of 186 R2). 188 o Using the PCE, set the explicit peer route on R1 and R2 for BGP 189 next hop to different physical link addresses between R1 and R2. 190 The explicit peer route can be set in the format of a static 191 route, which is different from the route learned from the IGP 192 protocol. 194 o Send different prefixes via the established BGP sessions. For 195 example, send PF11/PF21 via the BGP session 1 and PF12/PF22 via 196 the BGP session 2. 198 After the above actions, the bi-directional traffic between the PF11 199 and PF21, and the bi-directional traffic between PF12 and PF22 will 200 go through different physical links between R1 and R2. 202 If there is more traffic between PF12 and PF22 that needs assured 203 transport, one can add more physical links between R1 and R2 to reach 204 the next hop for BGP session 2. In this case, the prefixes that are 205 advertised by the BGP peers need not be changed. 207 If, for example, there is bi-directional priority traffic from 208 another address pair (for example prefix PF13/PF23), and the total 209 volume of priority traffic does not exceed the capacity of the 210 previously provisioned physical links, one need only advertise the 211 newly added source/destination prefixes via the BGP session 2. The 212 bi-directional traffic between PF13/PF23 will go through the same 213 assigned dedicated physical links as the traffic between PF12/PF22. 215 Such a decoupling philosophy of the IGP/BGP traffic link and the 216 physical link achieves a flexible control capability for the network 217 traffic, satisfying the needed QoS assurance to meet the 218 application's requirement. The router needs only support native IP 219 and multiple BGP sessions setup via different loopback addresses. 221 4. CCDR Architecture in Large Scale Topology 223 When the priority traffic spans a large-scale network, such as that 224 illustrated in Figure 2, the multiple BGP sessions cannot be 225 established hop by hop within one AS. For such a scenario, we 226 propose using a Route Reflector (RR) [RFC4456] to achieve a similar 227 effect. Every edge router will establish two BGP sessions with the 228 RR via different loopback addresses respectively. The other steps 229 for traffic differentiation are the same as that described in the 230 CCDR architecture for the simple topology. 232 As shown in Figure 2, if we select R3 as the RR, every edge router(R1 233 and R7 in this example) will build two BGP session with the RR. If 234 the PCE selects the dedicated path as R1-R2-R4-R7, then the operator 235 should set the explicit peer routes via PCEP protocol on these 236 routers respectively, pointing to the BGP next hop (loopback 237 addresses of R1 and R7, which are used to send the prefix of the 238 priority traffic) to the selected forwarding address. 240 +-----+ 241 +----------------+ PCE +------------------+ 242 | +--+--+ | 243 | | | 244 | | | 245 | +--+---+ | 246 +----------------+R3(RR)+-----------------+ 247 PF12 | +--+---+ | PF22 248 PF11 | | PF21 249 +---+ ++-+ +--+ +--+ +-++ +---+ 250 |SW1+-------+R1+----------+R5+----------+R6+---------+R7+--------+SW2| 251 +---+ ++-+ +--+ +--+ +-++ +---+ 252 | | 253 | | 254 | +--+ +--+ | 255 +------------+R2+----------+R4+-----------+ 256 +--+ +--+ 257 Figure 2: CCDR architecture in large-scale network 259 5. CCDR Multiple BGP Sessions Strategy 261 Generally, different applications may require different QoS criteria, 262 which may include: 264 o Traffic that requires low latency and is not sensitive to packet 265 loss. 267 o Traffic that requires low packet loss and can endure higher 268 latency. 270 o Traffic that requires low jitter. 272 These different traffic requirements can be summarized in the 273 following table: 275 +----------------+-------------+---------------+-----------------+ 276 | Prefix Set No. | Latency | Packet Loss | Jitter | 277 +----------------+-------------+---------------+-----------------+ 278 | 1 | Low | Normal | Don't care | 279 +----------------+-------------+---------------+-----------------+ 280 | 2 | Normal | Low | Don't care | 281 +----------------+-------------+---------------+-----------------+ 282 | 3 | Normal | Normal | Low | 283 +----------------+-------------+---------------+-----------------+ 284 Table 1. Traffic Requirement Criteria 286 For Prefix Set No.1, we can select the shortest distance path to 287 carry the traffic; for Prefix Set No.2, we can select the path that 288 has end to end under-loaded links; for Prefix Set No.3, we can let 289 traffic pass over a determined single path, as no Equal Cost 290 Multipath (ECMP) distribution on the parallel links is desired. 292 It is almost impossible to provide an End-to-End (E2E) path 293 efficiently with latency, jitter, and packet loss constraints to meet 294 the above requirements in a large-scale IP-based network only using a 295 distributed routing protocol, but these requirements can be met with 296 the assistance of PCE, as that described in [RFC4655] and [RFC8283]. 297 The PCE will have the overall network view, ability to collect the 298 real-time network topology, and the network performance information 299 about the underlying network. The PCE can select the appropriate 300 path to meet the various network performance requirements for 301 different traffic. 303 The architecture to implement the CCDR Multiple BGP sessions strategy 304 is as follows: 306 The PCE will be responsible for the optimal path computation for the 307 different priority classes of traffic: 309 o PCE collects topology information via BGP-LS [RFC7752] and link 310 utilization information via the existing Network Monitoring System 311 (NMS) from the underlying network. 313 o PCE calculates the appropriate path based upon the application's 314 requirements, and sends the key parameters to edge/RR routers(R1, 315 R7 and R3 in Figure 3) to establish multiple BGP sessions. The 316 loopback addresses used for the BGP sessions should be planned in 317 advance and distributed in the domain. 319 o PCE sends the route information to the routers (R1,R2,R4,R7 in 320 Figure 3) on the forwarding path via PCEP, to build the path to 321 the BGP next-hop of the advertised prefixes. The path to these 322 BGP next-hop will also be learned via the IGP protocol, but the 323 route from the PCEP has the higher preference. Such design can 324 assure the IGP path to the BGP next-hop can be used to protect the 325 path assigned by PCE. 327 o PCE sends the prefixes information to the PCC(edge routers that 328 have established BGP sessions) for advertising different prefixes 329 via the specified BGP session. 331 o The priority traffic may share some links or nodes, if path the 332 shared links or nodes can meet the requirement of application. 333 When the priority traffic prefixes were changed but the total 334 volume of priority traffic does not exceed the physical capacity 335 of the previous E2E path, the PCE needs only change the prefixed 336 advertised via the edge routers (R1,R7 in Figure 3). 338 o If the volume of priority traffic exceeds the capacity of the 339 previous calculated path, the PCE can recalculate and add the 340 appropriate paths to accommodate the exceeding traffic. After 341 that, the PCE needs to update the on-path routers to build the 342 forwarding path hop by hop. 344 +------------+ 345 | Application| 346 +------+-----+ 347 | 348 +--------+---------+ 349 +----------+SDN Controller/PCE+-----------+ 350 | +--------^---------+ | 351 | | | 352 | | | 353 PCEP | BGP-LS|PCEP | PCEP 354 | | | 355 | +--v---+ | 356 +----------------+R3(RR)+-----------------+ 357 PF12 | +------+ | PF22 358 PF11 | | PF21 359 +---+ +v-+ +--+ +--+ +-v+ +---+ 360 |SW1+-------+R1+----------+R5+----------+R6+---------+R7+--------+SW2| 361 +---+ ++-+ +--+ +--+ +-++ +---+ 362 | | 363 | | 364 | +--+ +--+ | 365 +------------+R2+----------+R4+-----------+ 366 +--+ +--+ 368 Figure 3: CCDR architecture for Multi-BGP sessions deployment 370 6. PCEP Extension for Critical Parameters Delivery 372 The PCEP protocol needs to be extended to transfer the following 373 critical parameters: 375 o Peer information that is used to build the BGP session 377 o Explicit route information for BGP next hop of advertised prefixes 379 o Advertised prefixes and their associated BGP session. 381 Once the router receives such information, it should establish the 382 BGP session with the peer appointed in the PCEP message, build the 383 end-to-end dedicated path hop-by-hop, and advertise the prefixes that 384 are contained in the corresponding PCEP message. 386 The dedicated path is preferred by making sure that the explicit 387 route created by PCE has the higher priority (lower route preference) 388 than the route information created by other dynamic protocols. 390 All above dynamically created states (BGP sessions, Explicit route 391 and Prefix advertised prefix) will be cleared on the expiration of 392 the state timeout interval which is based on the existing Stateful 393 PCE [RFC8231] and PCECC [RFC8283] mechanism. 395 Regarding the BGP session, it is not different from that configured 396 manually or via NETCONF/YANG. Different BGP sessions are used mainly 397 for the clarification of the network prefixes, which can be 398 differentiated via the different BGP nexthop. Based on this 399 strategy, if we manipulate the path to the BGP nexthop, then the path 400 to the prefixes that were advertised with the BGP sessions will be 401 changed accordingly. Details of communications between PCEP and BGP 402 subsystems in the router's control plane are out of scope of this 403 draft. 405 7. Deployment Consideration 407 7.1. Scalability 409 In the CCDR architecture, only the edge routers that connect with the 410 PCE are responsible for the prefixes advertisement via the multiple 411 BGP sessions deployment. The route information for these prefixes 412 within the on-path routers is distributed via the BGP protocol. 414 For multiple domain deployment, the PCE, or the pool of PCEs 415 responsible for these domains, needs only to control the edge router 416 to build the multiple EBGP sessions; all other procedures are the 417 same as within one domain. 419 The on-path router needs only to keep the specific policy routes for 420 the BGP next-hop of the differentiated prefixes, not the specific 421 routes to the prefixes themselves. This lessens the burden of the 422 table size of policy based routes for the on-path routers; and has 423 more expandability compared with BGP flowspec or Openflow solutions. 424 For example, if we want to differentiate 1000 prefixes from the 425 normal traffic, CCDR needs only one explicit peer route in every on- 426 path router, whereas the BGP flowspec or Openflow solutions need 1000 427 policy routes on them. 429 7.2. High Availability 431 The CCDR architecture is based on the use of the native IP protocol. 432 If the PCE fails, the forwarding plane will not be impacted, as the 433 BGP sessions between all the devices will not flap and the forwarding 434 table remains unchanged. 436 If one node on the optimal path fails, the priority traffic will fall 437 over to the best-effort forwarding path. One can even design several 438 paths to load balance/hot-standby the priority traffic to meet a path 439 failure situation. 441 For ensuring high availability of a PCE/SDN-controllers architecture, 442 an operator should rely on existing high availability solutions for 443 SDN controllers, such as clustering technology and deployment. 445 7.3. Incremental deployment 447 Not every router within the network needs to support the necessary 448 PCEP extension. For such situations, routers on the edge of a domain 449 can be upgraded first, and then the traffic can be prioritized 450 between different domains. Within each domain, the traffic will be 451 forwarded along the best-effort path. A service provider can 452 selectively upgrade the routers on each domain in sequence. 454 7.4. Loop Avoidance 456 A PCE needs to assure calculation of the E2E path based on the status 457 of network and the service requirements in real-time. 459 The PCE needs to consider the explicit route deployment order (for 460 example, from tail router to head router) to eliminate any possible 461 transient traffic loop. 463 7.5. E2E Path Performance Monitoring 465 It is necessary to deploy the corresponding E2E path performance 466 monitoring mechanism to keep assure that the delay, jitter or packet 467 loss index meet the original path performance aim. The performance 468 monitoring results should feedback to the PCE to let it accomplish 469 the re-optimize process, send the update control message to related 470 PCC if necessary. Traditional OAM methods(ping, trace) can be used. 472 8. Security Considerations 474 The setup of BGP sessions, prefix advertisement, and explicit peer 475 route establishment are all controlled by the PCE. See [RFC4271] and 476 [RFC4272] for BGP security considerations. Security consideration 477 part in [RFC5440] and [RFC8231] should be considered. To prevent a 478 bogus PCE sending harmful messages to the network nodes, the network 479 devices should authenticate the validity of the PCE and ensure a 480 secure communication channel between them. Mechanisms described in 481 [RFC8253] should be used. 483 The CCDR architecture does not require changes to the forwarding 484 behavior of the underlay devices. There are no additional security 485 impacts on these devices. 487 9. IANA Considerations 489 This document does not require any IANA actions. 491 10. Acknowledgement 493 The author would like to thank Deborah Brungard, Adrian Farrel, 494 Vishnu Beeram, Lou Berger, Dhruv Dhody, Raghavendra Mallya , Mike 495 Koldychev, Haomian Zheng, Penghui Mi, Shaofu Peng, Donald Eastlake, 496 Alvaro Retana, Martin Duke, Magnus Westerlund, Benjamin Kaduk, Roman 497 Danyliw, Eric Vyncke, Murray Kucherawy, Erik Kline and Jessica Chen 498 for their supports and comments on this draft. 500 11. References 502 11.1. Normative References 504 [RFC4271] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A 505 Border Gateway Protocol 4 (BGP-4)", RFC 4271, 506 DOI 10.17487/RFC4271, January 2006, 507 . 509 [RFC4272] Murphy, S., "BGP Security Vulnerabilities Analysis", 510 RFC 4272, DOI 10.17487/RFC4272, January 2006, 511 . 513 [RFC4456] Bates, T., Chen, E., and R. Chandra, "BGP Route 514 Reflection: An Alternative to Full Mesh Internal BGP 515 (IBGP)", RFC 4456, DOI 10.17487/RFC4456, April 2006, 516 . 518 [RFC5440] Vasseur, JP., Ed. and JL. Le Roux, Ed., "Path Computation 519 Element (PCE) Communication Protocol (PCEP)", RFC 5440, 520 DOI 10.17487/RFC5440, March 2009, 521 . 523 [RFC7752] Gredler, H., Ed., Medved, J., Previdi, S., Farrel, A., and 524 S. Ray, "North-Bound Distribution of Link-State and 525 Traffic Engineering (TE) Information Using BGP", RFC 7752, 526 DOI 10.17487/RFC7752, March 2016, 527 . 529 [RFC8231] Crabbe, E., Minei, I., Medved, J., and R. Varga, "Path 530 Computation Element Communication Protocol (PCEP) 531 Extensions for Stateful PCE", RFC 8231, 532 DOI 10.17487/RFC8231, September 2017, 533 . 535 [RFC8253] Lopez, D., Gonzalez de Dios, O., Wu, Q., and D. Dhody, 536 "PCEPS: Usage of TLS to Provide a Secure Transport for the 537 Path Computation Element Communication Protocol (PCEP)", 538 RFC 8253, DOI 10.17487/RFC8253, October 2017, 539 . 541 [RFC8283] Farrel, A., Ed., Zhao, Q., Ed., Li, Z., and C. Zhou, "An 542 Architecture for Use of PCE and the PCE Communication 543 Protocol (PCEP) in a Network with Central Control", 544 RFC 8283, DOI 10.17487/RFC8283, December 2017, 545 . 547 11.2. Informative References 549 [RFC4655] Farrel, A., Vasseur, J., and J. Ash, "A Path Computation 550 Element (PCE)-Based Architecture", RFC 4655, 551 DOI 10.17487/RFC4655, August 2006, 552 . 554 [RFC8735] Wang, A., Huang, X., Kou, C., Li, Z., and P. Mi, 555 "Scenarios and Simulation Results of PCE in a Native IP 556 Network", RFC 8735, DOI 10.17487/RFC8735, February 2020, 557 . 559 Authors' Addresses 561 Aijun Wang 562 China Telecom 563 Beiqijia Town, Changping District 564 Beijing 102209 565 China 567 Email: wangaj3@chinatelecom.cn 568 Boris Khasanov 569 Yandex LLC 570 Ulitsa Lva Tolstogo 16 571 Moscow 572 Russia 574 Email: bhassanov@yahoo.com 576 Quintin Zhao 577 Etheric Networks 578 1009 S CLAREMONT ST 579 SAN MATEO, CA 94402 580 USA 582 Email: qzhao@ethericnetworks.com 584 Huaimo Chen 585 Futurewei 586 Boston, MA 587 USA 589 Email: huaimo.chen@futurewei.com