idnits 2.17.1 draft-ietf-tsvwg-diffserv-class-aggr-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** It looks like you're using RFC 3978 boilerplate. You should update this to the boilerplate described in the IETF Trust License Policy document (see https://trustee.ietf.org/license-info), which is required now. -- Found old boilerplate from RFC 3978, Section 5.1 on line 17. -- Found old boilerplate from RFC 3978, Section 5.5 on line 754. -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 765. -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 772. -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 778. ** This document has an original RFC 3978 Section 5.4 Copyright Line, instead of the newer IETF Trust Copyright according to RFC 4748. ** This document has an original RFC 3978 Section 5.5 Disclaimer, instead of the newer disclaimer which includes the IETF Trust according to RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The abstract seems to contain references ([5]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. == There are 1 instance of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (October 20, 2006) is 6397 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Unused Reference: '1' is defined on line 647, but no explicit reference was found in the text == Unused Reference: '2' is defined on line 650, but no explicit reference was found in the text ** Obsolete normative reference: RFC 2309 (ref. '9') (Obsoleted by RFC 7567) Summary: 5 errors (**), 0 flaws (~~), 4 warnings (==), 7 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 TSVWG K. Chan 3 Internet-Draft J. Babiarz 4 Intended status: Informational Nortel Networks 5 Expires: April 23, 2007 F. Baker 6 Cisco Systems 7 October 20, 2006 9 Aggregation of DiffServ Service Classes 10 draft-ietf-tsvwg-diffserv-class-aggr-01 12 Status of this Memo 14 By submitting this Internet-Draft, each author represents that any 15 applicable patent or other IPR claims of which he or she is aware 16 have been or will be disclosed, and any of which he or she becomes 17 aware will be disclosed, in accordance with Section 6 of BCP 79. 19 Internet-Drafts are working documents of the Internet Engineering 20 Task Force (IETF), its areas, and its working groups. Note that 21 other groups may also distribute working documents as Internet- 22 Drafts. 24 Internet-Drafts are draft documents valid for a maximum of six months 25 and may be updated, replaced, or obsoleted by other documents at any 26 time. It is inappropriate to use Internet-Drafts as reference 27 material or to cite them other than as "work in progress." 29 The list of current Internet-Drafts can be accessed at 30 http://www.ietf.org/ietf/1id-abstracts.txt. 32 The list of Internet-Draft Shadow Directories can be accessed at 33 http://www.ietf.org/shadow.html. 35 This Internet-Draft will expire on April 23, 2007. 37 Copyright Notice 39 Copyright (C) The Internet Society (2006). 41 Abstract 43 In the core of a high capacity network, service differentiation is 44 still needed to support applications' utilization of the network. 45 Applications with similar traffic characteristics and performance 46 requirements are mapped into diffserv service classes based on end- 47 to-end behavior requirements of the applications as indicated by 48 Diffserv Service Classes [5]. However, some network segments may be 49 configured in such a way that a single forwarding treatment may 50 satisfy the traffic characteristics and performance requirements of 51 two or more service classes. In these cases, it may be desirable to 52 aggregate two or more Diffserv Service Classes [5] into a single 53 forwarding treatment. This document provides guidelines for the 54 aggregation of Diffserv Service Classes [5] into forwarding 55 treatments. 57 Table of Contents 59 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 60 1.1. Requirements Notation . . . . . . . . . . . . . . . . . . 4 61 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 62 3. Overview of Service Class Aggregation . . . . . . . . . . . . 5 63 4. Service Classes to Treatment Aggregate Mapping . . . . . . . . 6 64 4.1. Mapping Service Classes into Four Treatment Aggregates . . 6 65 4.1.1. Network Control Treatment Aggregate . . . . . . . . . 8 66 4.1.2. Real Time Treatment Aggregate . . . . . . . . . . . . 9 67 4.1.3. Assured Elastic Treatment Aggregate . . . . . . . . . 9 68 4.1.4. Elastic Treatment Aggregate . . . . . . . . . . . . . 10 69 5. Using MPLS for Treatment Aggregates . . . . . . . . . . . . . 11 70 5.1. Network Control Treatment Aggregate with E-LSP . . . . . . 13 71 5.2. Real Time Treatment Aggregate with E-LSP . . . . . . . . . 13 72 5.3. Assured Elastic Treatment Aggregate with E-LSP . . . . . . 13 73 5.4. Elastic Treatment Aggregate with E-LSP . . . . . . . . . . 13 74 5.5. Treatment Aggregates and L-LSP . . . . . . . . . . . . . . 14 75 6. Treatment Aggregates and Inter-Provider Relationships . . . . 14 76 7. Security Considerations . . . . . . . . . . . . . . . . . . . 14 77 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15 78 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 15 79 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 15 80 10.1. Normative References . . . . . . . . . . . . . . . . . . . 15 81 10.2. Informative References . . . . . . . . . . . . . . . . . . 16 82 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 16 83 Intellectual Property and Copyright Statements . . . . . . . . . . 18 85 1. Introduction 87 In the core of a high capacity network, it is common for the network 88 to be engineered in such a way that a major link, switch, or router 89 can fail and the result will be a routed network that still meets 90 ambient SLAs. The implication of this is that there is sufficient 91 capacity on any given link such that all SLAs sold can be 92 simultaneously supported at their respective maximum rates, and that 93 this remains true after re-routing (either IP re-routing or MPLS 94 protection-mode switching) has occurred. 96 Over-provisioning is generally considered to meet the requirements of 97 all traffic without further QoS treatment, and in the general case 98 that is true in high capacity backbones. However, as the process of 99 network convergence continues, and with the increasing speed of the 100 access networks, certain services still have issues. Delay, jitter, 101 and occasional loss are perfectly acceptable for elastic 102 applications. However, sub-second surges that occur in the best- 103 designed of networks [14] affect real-time applications. Moreover, 104 DOS loads, worms, and network disruptions such as that of 11 105 September 2001 affect routing [15]. Our objective is to prevent 106 disruption to routing (which in turn affects all services), and 107 jitter-sensitive services that may be revenue-bearing. 109 The document "Diffserv Service Classes" [5] defines the basic 110 diffserv classes from the points of view of the application requiring 111 specific end-to-end behaviors from the network. The service classes 112 are differentiated based on the traffic-payload's tolerance to packet 113 loss, delay, and delay variation (jitter). Different degrees of 114 these criterions form the foundation for supporting the needs of 115 real-time and elastic traffic. The "Diffserv Service Classes" [5] 116 document also provides recommendations for the treatment method of 117 these service classes. But, at some network segments of the end-to- 118 end path, the number of levels of network treatment differentiation 119 may be less than the number of service classes that the network 120 segment needs to support. In such a situation, that network segment 121 may use the same treatment to support more than one service class. 122 In this document we provide guidelines on how multiple service 123 classes may be aggregated into a forwarding treatment aggregate. 124 Note that in a given domain, we may recommend that the supported 125 service classes be aggregated into forwarding treatment aggregates; 126 however, this does not mean all service classes need to be supported 127 and hence not all forwarding treatment aggregates need to be 128 supported. Which service classes and which forwarding treatment 129 aggregates are supported by a domain is up to the domain 130 administration and may be influenced by business reasons. 132 In this document, we've provided: 134 o definitions for terminology we use in this document, 136 o requirements for performing this aggregation, 138 o an example of performing this aggregation over MPLS using E-LSP. 140 The treatment aggregate recommendations are designed to aggregate the 141 service classes [5] in such a manner as to protect real-time traffic 142 and routing, on the assumption that real-time sessions are protected 143 from each other by admission at the edge. 145 An example of aggregation over MPLS networks using E-LSP, EXP 146 Inferred PHB Scheduling Class (PSC) Label Switched Path (LSP), to 147 realize the treatment aggregates is provided. Note that the MPLS 148 E-LSP is just an example; this document does not exclude the use of 149 other methods. 151 1.1. Requirements Notation 153 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 154 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 155 document are to be interpreted as described in RFC 2119 [3]. 157 2. Terminology 159 This document assumes the reader is familiar with the terms used in 160 differentiated services. This document provides the definitions for 161 new terms introduced by this document and referencing information for 162 existing none differentiated services terms defined in existing RFCs. 164 For new terms introduced by this document, we provide the definition 165 here: 167 o Treatment Aggregate. This term is used here to indicate the 168 aggregate of DiffServ service classes. This is different from 169 Behavior Aggregate and Traffic Aggregate because Treatment 170 Aggregate is only concerned with the treatment of the aggregated 171 traffic. It does not concern itself with how the aggregated 172 traffic is marked, and hence does not put a restriction on the 173 aggregated traffic having a single diffserv codepoint that have a 174 single PHB. 176 For terms from existing RFCs, we provide the reference to the 177 appropriate section of the relevant RFC that contain the definition: 179 o Real-Time and Elastic Applications and their traffic. Section 3.1 180 of RFC 1633 [6]. 182 o Diffserv Service Class. Section 1.3 of 183 draft-ietf-tsvwg-diffserv-service-classes-02.txt [5]. 185 o MPLS E-LSP, EXP Inferred PHB Scheduling Class (PSC) Label Switched 186 Path (LSP). Section 1.2 of RFC 3270 [8]. 188 o MPLS L-LSP, Label Only Inferred PHB Scheduling Class (PSC) Label 189 Switched Path (LSP). Section 1.3 of RFC 3270 [8]. 191 3. Overview of Service Class Aggregation 193 In diffserv domains where less granular traffic treatment 194 differentiation is provided, aggregation of the different service 195 classes [5] may be required. 197 These aggregations have the following requirements: 199 1. The end-to-end network performance characteristic required by the 200 application must be supported. This performance characteristic 201 is represented by the use of Diffserv Service Classes [5]. 203 2. The treatment aggregate must exhibit the strictest requirement of 204 its member service classes. 206 3. The treatment aggregate should only contain member service 207 classes with similar traffic characteristic and performance 208 requirements. 210 4. The notion of the individual end-to-end service classes must not 211 be destroyed when aggregation is performed. Each domain along 212 the end-to-end path may perform aggregation differently, based on 213 the original end-to-end service classes. We recommend an easy 214 way to accomplish this by not altering the DSCP used to indicate 215 the end-to-end service class. But some administrative domains 216 may require the use of their own marking; when this is needed, 217 the original end-to-end service class indication must be restored 218 upon exiting such administrative domains. 220 5. Each treatment aggregate has limited resources, hence traffic 221 conditioning and/or admission control must be performed for each 222 service class aggregated into the treatment aggregate. 224 with the following suggestions: 226 1. The treatment aggregate and assigned resources may consider 227 historical traffic patterns and the variability of these 228 patterns. For example, a point-point service (e.g., pseudowire) 229 may have a very predictable pattern, while a multipoint service 230 (e.g., VPLS) may have a much less predictable pattern. Even the 231 traffic patterns within the Internet may vary widely. 233 2. In addition to Diffserv, other controls are available to 234 influence the traffic level offered to a particular traffic 235 aggregate. These include adjustment of routing metrics, usage of 236 MPLS-based traffic engineering techniques. 238 4. Service Classes to Treatment Aggregate Mapping 240 The service class and DSCP selection in "Diffserv Service Classes" 241 [5] has been defined to allow, in many instances, mapping of two or 242 possibly more service classes into a single forwarding treatment 243 aggregate. Notice that there is a relationship/trade-off between 244 link speed, queue depth, delay, and jitter. The degree of 245 aggregation and hence the number of treatment aggregates will depend 246 on whether the speed of the links and scheduler behavior, being used 247 to implement the aggregation, can minimize the affects of mixing 248 traffic with different packet sizes and transmit rates on queue 249 depth. And their impacts on loss, delay, and jitter. A general 250 rule-of-thumb is that higher link speeds allow for more aggregation/ 251 smaller number of treatment aggregates. 253 4.1. Mapping Service Classes into Four Treatment Aggregates 255 This section explains one way of performing this aggregation by using 256 four treatment aggregates. The use of four treatment aggregates 257 assumes that the resources allocated to each treatment aggregate is 258 sufficient to honor the required behavior of each service class [5] 259 in each of the four treatment aggregates. We use the performance 260 requirement (tolerance to loss, delay, and jitter) from the 261 application/end-user as a guide on how to map the service classes 262 into treatment aggregates. We have also used Section 3.1 of RFC 1633 263 [6] to provide us with guidance on the definition of Real-Time and 264 Elastic applications. An overview of the mapping between service 265 classes and the four treatment aggregates is provided by Figure 1, 266 with the mapping being based on performance requirements. In Figure 267 1, the right side columns of "Service Class", "Tolerance to Loss/ 268 Delay/Jitter" are from Figure 2 of Diffserv Service Classes [5]. 270 It is recommended that certain service classes be mapped into 271 specific treatment aggregates. But this does not mean that all the 272 service classes recommended for that treatment aggregate need to be 273 supported. Hence, for a given domain, a treatment aggregate may 274 contain only a subset of the service classes recommended in this 275 document, they being the service classes supported by that domain. A 276 domain's treatment of non-supported service classes should be based 277 on the domain's local policy. This local policy may be influenced by 278 its agreement with its customers. Such treatment may use the Elastic 279 Treatment Aggregate, dropping the packets, or some other 280 arrangements. 282 --------------------------------------------------------------------- 283 |Treatment | Tolerance to ||Service Class | Tolerance to | 284 |Aggregate | Loss |Delay |Jitter|| | Loss |Delay |Jitter| 285 |==========+======+======+======++===============+======+======+======| 286 | Network | Low | Low | Yes || Network | Low | Low | Yes | 287 | Control | | | || Control | | | | 288 |==========+======+======+======++===============+======+======+======| 289 | Real | Very | Very | Very || Telephony | VLow | VLow | VLow | 290 | Time | Low | Low | Low ||---------------+------+------+------| 291 | | | | || Signaling | Low | Low | Yes | 292 | | | | ||---------------+------+------+------| 293 | | | | || Multimedia |Low - | Very | Low | 294 | | | | || Conferencing |Medium| Low | | 295 | | | | ||---------------+------+------+------| 296 | | | | || Real-time | Low | Very | Low | 297 | | | | || Interactive | | Low | | 298 | | | | ||---------------+------+------+------| 299 | | | | || Broadcast | Very |Medium| Low | 300 | | | | || Video | Low | | | 301 |==========+======+======+======++===============+======+======+======| 302 | Assured | Low |Low - | Yes || Multimedia |Low - |Medium| Yes | 303 | Elastic | |Medium| || Streaming |Medium| | | 304 | | | | ||---------------+------+------+------| 305 | | | | || Low Latency | Low |Low - | Yes | 306 | | | | || Data | |Medium| | 307 | | | | ||---------------+------+------+------| 308 | | | | || OAM | Low |Medium| Yes | 309 | | | | ||---------------+------+------+------| 310 | | | | ||High Throughput| Low |Medium| Yes | 311 | | | | || Data | |- High| | 312 |==========+======+======+======++===============+======+======+======| 313 | Elastic | Not Specified || Standard | Not Specified | 314 | | | | ||---------------+------+------+------| 315 | | | | || Low Priority | High | High | Yes | 316 | | | | || Data | | | | 317 --------------------------------------------------------------------- 319 Figure 1: Treatment Aggregate and Service Class Performance 320 Requirements 322 As we are recommending to preserve the notion of the individual end- 323 to-end service classes, we also recommend that the original DSCP 324 field marking not be changed when treatment aggregates are used. 325 Instead, classifiers that select packets based on the contents of the 326 DSCP field should be used to direct packets from the member DiffServ 327 Service Classes into the queue that handles each of the treatment 328 aggregates, without remarking the DSCP field of the packets. This is 329 summarized in Figure 2, which shows the behavior each Treatment 330 Aggregate should have, and the DSCP field marking of the packets that 331 should be classified into each of the treatment aggregates. 333 ------------------------------------------------------------ 334 |Treatment |Treatment || DSCP | 335 |Aggregate |Aggregate || | 336 | |Behavior || | 337 |==========+==========++=====================================| 338 | Network | CS || CS6 | 339 | Control |(RFC 2474)|| | 340 |==========+==========++=====================================| 341 | Real | EF || EF, CS5, AF41, AF42, AF43, CS4, CS3 | 342 | Time |(RFC 3246)|| | 343 |==========+==========++=====================================| 344 | Assured | AF || CS2, AF31, AF21, AF11 | 345 | Elastic |(RFC 2597)||-------------------------------------| 346 | | || AF32, AF22, AF12 | 347 | | ||-------------------------------------| 348 | | || AF33, AF23, AF13 | 349 |==========+==========++=====================================| 350 | Elastic | Default || Default, (CS0) | 351 | |(RFC 2474)||-------------------------------------| 352 | | || CS1 | 353 ------------------------------------------------------------ 355 Figure 2: Treatment Aggregate Behavior 357 4.1.1. Network Control Treatment Aggregate 359 The Network Control Treatment Aggregate aggregates all service 360 classes that are functionally necessary for the survival of a network 361 during a DOS attack or other high traffic load interval. The theory 362 is that whatever else is true, the network must protect itself. This 363 includes the traffic that "Diffserv Service Classes" [5] 364 characterizes as being included in the Network Control Service Class. 366 The DSCPs of the original service class remain an important 367 consideration and should be preserved during aggregation. Traffic in 368 the Network Control treatment aggregate should be carried in a common 369 queue or class with a PHB as described in RFC 2474 [4] section 370 4.2.2.2. This treatment aggregate should have a lower probability of 371 packet loss, bearing a relatively deep target mean queue depth (min- 372 threshold if RED is being used). 374 4.1.2. Real Time Treatment Aggregate 376 The Real Time Treatment Aggregate aggregates all real-time 377 (inelastic) service classes. The theory is that real-time traffic is 378 admitted under some model and controlled by a SLA managed at the edge 379 of the network prior to aggregation. As such, there is a predictable 380 and enforceable upper bound on the traffic that can enter such a 381 queue, and to provide predictable variation in delay it must be 382 protected from bursts of elastic traffic. The predictability of 383 traffic level may be based upon admission control for a well known 384 community of interest (e.g., a point-point service) and/or based upon 385 historical measurements. 387 This treatment aggregate may include the following service classes 388 from the Diffserv Service Classes [5], in addition to other locally 389 defined classes: Telephony, Signaling, Multimedia Conferencing, Real- 390 time Interactive, Broadcast Video. 392 Traffic in each service class that is going to be aggregated into the 393 treatment aggregate should be conditioned prior to aggregation. It 394 is recommended that per service class admission control procedures be 395 used followed by per service class policing so that any individual 396 service class does not generate more than what it is allowed. 397 Furthermore, additional admission control and policing may be used on 398 the sum of all service classes aggregated. 400 The DSCPs of the original service classes remain an important 401 consideration and should be preserved during aggregation. Traffic 402 bearing these DSCPs is carried in a common queue or class with a PHB 403 as described in RFC 3246 [11] and RFC 3247 [12]. 405 4.1.3. Assured Elastic Treatment Aggregate 407 The Assured Elastic Treatment Aggregate aggregates all elastic 408 traffic that uses the Assured Forwarding model as described in RFC 409 2597 [10]. The premise of such a service is that a SLA is negotiated 410 which includes a "committed rate" and the ability to exceed that rate 411 (and perhaps a second "excess rate") in exchange for a higher 412 probability of loss using AQM [9] or ECN flagging [13] for the 413 portion of traffic deemed to be in excess. 415 This treatment aggregate may include the following service classes 416 from the Diffserv Service Classes [5], in addition to other locally 417 defined classes: Multimedia Streaming, Low Latency Data, OAM, High 418 Throughput Data. 420 The DSCP values belonging to the AF PHB group of the original service 421 classes remain an important consideration and should be preserved 422 during aggregation. This treatment aggregate should maintain the AF 423 PHB group marking of the original packet. For example, AF3x marked 424 packets should remain AF3x marked within this treatment aggregate. 425 Traffic bearing these DSCPs is carried in a common queue or class 426 with a PHB as described in RFC 2597 [10]. In effect, appropriate 427 target rate thresholds have been applied at the edge, dividing 428 traffic into AFn1 (committed, for any value of n), AFn2, and AFn3 429 (excess). The service should be engineered so that AFn1 marked 430 packet flows have sufficient bandwidth in the network to provide high 431 assurance of delivery. Since the traffic is elastic and responds 432 dynamically to packet loss, Active Queue Management [9] should be 433 used primarily to reduce the forwarding rate to the minimum assured 434 rate at congestion points. The probability of loss of AFn1 traffic 435 must not exceed the probability of loss of AFn2 traffic, which in 436 turn must not exceed the probability of loss of AFn3 traffic. 438 If RED [9] is used as an AQM algorithm, the min-threshold specifies a 439 target queue depth for each of AFn1, AFn2, AFn3, and the max- 440 threshold specifies the queue depth above which all traffic with such 441 a DSCP is dropped or ECN marked. Thus, in this Treatment Aggregate, 442 the following inequalities should hold in queue configurations: 444 o min-threshold AFn3 < max-threshold AFn3 446 o max-threshold AFn3 <= min-threshold AFn2 448 o min-threshold AFn2 < max-threshold AFn2 450 o max-threshold AFn2 <= min-threshold AFn1 452 o min-threshold AFn1 < max-threshold AFn1 454 o max-threshold AFn1 <= memory assigned to the queue 456 Note: This configuration tends to drop AFn3 traffic before AFn2 and 457 AFn2 before AFn1. Many other AQM algorithms exist and are used; they 458 should be configured to achieve a similar result. 460 4.1.4. Elastic Treatment Aggregate 462 The Elastic Treatment Aggregate aggregates all remaining elastic 463 traffic. The premise of such a service is that there is no intrinsic 464 SLA differentiation of traffic, but that AQM [9] or ECN flagging [13] 465 is appropriate for such traffic. 467 This treatment aggregate may include the following service classes 468 from the Diffserv Service Classes [5], in addition to other locally 469 defined classes: Standard, Low Priority Data. 471 The DSCPs of the original service classes remain an important 472 consideration and should be preserved during aggregation. Traffic 473 bearing these DSCPs is carried in a common queue or class with a PHB 474 as described in RFC 2474 [4] section 4.1: A Default PHB. The AQM 475 thresholds for Elastic traffic MAY be separately set, so that Low 476 Priority Data traffic is dropped before Standard traffic, but this is 477 not a requirement. 479 5. Using MPLS for Treatment Aggregates 481 RFC 2983 on DiffServ and Tunnels [7] and RFC 3270 on MPLS Support of 482 DiffServ [8] provide a very good background on this topic. This 483 document provides an example of using the E-LSP, EXP Inferred PHB 484 Scheduled Class (PSC) Label Switched Path (LSP), defined by MPLS 485 Support of DiffServ [8] for realizing the Treatment Aggregates. 487 When Treatment Aggregates are represented in MPLS using EXP Inferred 488 PSC LSP, we recommend the following usage of the MPLS EXP field for 489 Treatment Aggregates. 491 ------------------------------------------- 492 |Treatment || MPLS || DSCP | DSCP | 493 |Aggregate || EXP || name | value | 494 |==========++======++=========|=============| 495 | Network || 110 || CS6 | 110000 | 496 | Control || || | | 497 |==========++======++=========|=============| 498 | Real || 100 || EF | 101110 | 499 | Time || ||---------|-------------| 500 | || || CS5 | 101000 | 501 | || ||---------|-------------| 502 | || ||AF41,AF42|100010,100100| 503 | || || AF43 | 100110 | 504 | || ||---------|-------------| 505 | || || CS4 | 100000 | 506 | || ||---------|-------------| 507 | || || CS3 | 011000 | 508 |==========++======++=========|=============| 509 | Assured || 010* || CS2 | 010000 | 510 | Elastic || || AF31 | 011010 | 511 | || || AF21 | 010010 | 512 | || || AF11 | 001010 | 513 | ||------||---------|-------------| 514 | || 011* || AF32 | 011100 | 515 | || || AF22 | 010100 | 516 | || || AF12 | 001100 | 517 | || || AF33 | 011110 | 518 | || || AF23 | 010110 | 519 | || || AF13 | 001110 | 520 |==========++======++=========|=============| 521 | Elastic || 000* || Default | 000000 | 522 | || || (CS0) | | 523 | ||------||---------|-------------| 524 | || 001* || CS1 | 001000 | 525 ------------------------------------------- 527 Figure 3: Treatment Aggregate and MPLS EXP Field Usage 529 Notes *: For Assured Elastic (and Elastic) Treatment Aggregate, the 530 usage of 010 or 011 (000 or 001) as EXP field value depends on the 531 drop probability. Packets in the LSP with EXP field of 011 (001) 532 have a higher probability of being dropped than packets with an EXP 533 field of 010 (000). 535 The above table indicates the recommended usage of EXP fields for 536 Treatment Aggregates. Because many deployments of MPLS are on a per 537 domain basis, each domain has total control of its EXP usage and each 538 domain may use a different EXP field allocation for the domain's 539 supported Treatment Aggregates. 541 5.1. Network Control Treatment Aggregate with E-LSP 543 The usage of E-LSP for Network Control Treatment Aggregate needs to 544 adhere to the recommendations indicated in section 4.1.1 of this 545 document and section 3.2 of "Diffserv Service Classes" [5]. 546 Reinforcing these recommendations, there should be no drop precedence 547 associated with the MPLS PSC used for Network Control Treatment 548 Aggregate because dropping of Network Control Treatment Aggregate 549 traffic should be prevented. 551 5.2. Real Time Treatment Aggregate with E-LSP 553 In addition to the recommendations provided in section 4.1.2 of this 554 document and in member service classes' sections of "Diffserv Service 555 Classes" [5], we want to indicate that Real Time Treatment Aggregate 556 traffic should not be dropped, as some of the applications whose 557 traffic is carried in the Real Time Treatment Aggregate do not react 558 well to dropped packets. As indicated in section 4.1.2 of this 559 document, admission control should be performed on each Service Class 560 contributing to the Real Time Treatment Aggregate to prevent packet 561 loss due to insufficient resources allocated to Real Time Treatment 562 Aggregate. Further, admission control and policing may also be 563 applied on the sum of all traffic aggregated into this treatment 564 aggregate. 566 5.3. Assured Elastic Treatment Aggregate with E-LSP 568 EXP field markings of 010 and 011 are used for the Assured Elastic 569 Treatment Aggregate. The two encodings are used to provide two 570 levels of drop precedence indications, with 010 encoded traffic 571 having a lower probability of being dropped than 011 encoded traffic. 572 This provides for the mapping of CS2, AF31, AF21, and AF11 into EXP 573 010; and AF32, AF22, AF12 and AF33, AF23, AF13 into EXP 011. 575 5.4. Elastic Treatment Aggregate with E-LSP 577 EXP field markings of 000 and 001 are used for the Elastic Treatment 578 Aggregate. The two encodings are used to provide two levels of drop 579 precedence indications, with 000 encoded traffic having a lower 580 probability of being dropped than 001 encoded traffic. This provides 581 for the mapping of Default/CS0 into 000; and CS1 into 001. Notice 582 that with this mapping, during congestion, CS1 marked traffic may be 583 starved. 585 5.5. Treatment Aggregates and L-LSP 587 Because L-LSP (Label Only Inferred PSC LSP) supports a single PSC per 588 LSP, the support of each Treatment Aggregate is on a per LSP basis. 589 This document does not further specify any additional recommendation 590 (beyond what has been indicated in section 4 of this document) for 591 Treatment Aggregate to L-LSP mapping, leaving this to each individual 592 MPLS domain administrations. 594 6. Treatment Aggregates and Inter-Provider Relationships 596 When Treatment Aggregates are used at provider boundaries, we 597 recommend that the Inter-Provider Relationship be based on Diffserv 598 Service Classes [5]. This allows the admission control into each 599 Treatment Aggregate of a provider domain to be based on the admission 600 control of traffic into the supported Service Classes, as indicated 601 by the discussion in section 4 of this document. 603 If the Inter-Provider Relationship needs to be based on Treatment 604 Aggregates specified by this document, then the exact Treatment 605 Aggregate content and representation must be agreed to by the peering 606 providers. 608 7. Security Considerations 610 This document discusses the policy of using Differentiated Services 611 and its service classes. If implemented as described, it should 612 require that the network do nothing that the network has not already 613 allowed. If that is the case, no new security issues should arise 614 from the use of such a policy. 616 It is possible for the policy to be applied incorrectly, or for a 617 wrong policy to be applied in the network for the defined 618 aggregation. In that case, a policy issue exists that the network 619 must detect, assess, and deal with. This is a known security issue 620 in any network dependent on policy-directed behavior. 622 A well known flaw appears when bandwidth is reserved or enabled for a 623 service (for example, voice transport) and another service or an 624 attacking traffic stream uses it. This possibility is inherent in 625 DiffServ technology, which depends on appropriate packet markings. 626 When bandwidth reservation or a priority queuing system is used in a 627 vulnerable network, the use of authentication and flow admission is 628 recommended. To the best of the authors' knowledge, there is no 629 known technical way to respond to or act upon a data stream that has 630 been admitted for service but that it is not intended for 631 authenticated use. 633 8. IANA Considerations 635 This document does not request any IANA considerations. 637 9. Acknowledgements 639 This document has benefited from discussions with numerous people, 640 especially Shane Amante, Brian Carpenter, and Dave McDysan. It has 641 also benefited from detailed reviews by David Black and Marvin Krym. 643 10. References 645 10.1. Normative References 647 [1] Postel, J., "Internet Protocol", STD 5, RFC 791, 648 September 1981. 650 [2] Bradner, S., "The Internet Standards Process -- Revision 3", 651 BCP 9, RFC 2026, October 1996. 653 [3] Bradner, S., "Key words for use in RFCs to Indicate Requirement 654 Levels", BCP 14, RFC 2119, March 1997. 656 [4] Nichols, K., Blake, S., Baker, F., and D. Black, "Definition of 657 the Differentiated Services Field (DS Field) in the IPv4 and 658 IPv6 Headers", RFC 2474, December 1998. 660 [5] Babiarz, J., Chan, K., and F. Baker, "Configuration Guidelines 661 for DiffServ Service Classes", RFC 4594, August 2006. 663 [6] Braden, B., Clark, D., and S. Shenker, "Integrated Services in 664 the Internet Architecture: an Overview", RFC 1633, June 1994. 666 [7] Black, D., "Differentiated Services and Tunnels", RFC 2983, 667 October 2000. 669 [8] Le Faucheur, F., Wu, L., Davie, B., Davari, S., Vaananen, P., 670 Krishnan, R., Cheval, P., and J. Heinanen, "Multi-Protocol 671 Label Switching (MPLS) Support of Differentiated Services", 672 RFC 3270, May 2002. 674 [9] Braden, B., Clark, D., Crowcroft, J., Davie, B., Deering, S., 675 Estrin, D., Floyd, S., Jacobson, V., Minshall, G., Partridge, 676 C., Peterson, L., Ramakrishnan, K., Shenker, S., Wroclawski, 677 J., and L. Zhang, "Recommendations on Queue Management and 678 Congestion Avoidance in the Internet", RFC 2309, April 1998. 680 [10] Heinanen, J., Baker, F., Weiss, W., and J. Wroclawski, "Assured 681 Forwarding PHB Group", RFC 2597, June 1999. 683 [11] Davie, B., Charny, A., Bennet, J., Benson, K., Le Boudec, J., 684 Courtney, W., Davari, S., Firoiu, V., and D. Stiliadis, "An 685 Expedited Forwarding PHB (Per-Hop Behavior)", RFC 3246, 686 March 2002. 688 [12] Charny, A., Bennet, J., Benson, K., Boudec, J., Chiu, A., 689 Courtney, W., Davari, S., Firoiu, V., Kalmanek, C., and K. 690 Ramakrishnan, "Supplemental Information for the New Definition 691 of the EF PHB (Expedited Forwarding Per-Hop Behavior)", 692 RFC 3247, March 2002. 694 [13] Ramakrishnan, K., Floyd, S., and D. Black, "The Addition of 695 Explicit Congestion Notification (ECN) to IP", RFC 3168, 696 September 2001. 698 10.2. Informative References 700 [14] Choi, B., Moon, S., Zhang, Z., Papagiannaki, K., and C. Diot, 701 "Analysis of Point-To-Point Packet Delay in an Operational 702 Network", INFOCOMM 2004, March 2004, 703 . 705 [15] Ogielski, A. and J. Cowie, "Internet Routing Behavior on 9/11", 706 March 2002, . 709 Authors' Addresses 711 Kwok Ho Chan 712 Nortel Networks 713 600 Technology Park Drive 714 Billerica, MA 01821 715 US 717 Phone: +1-978-288-8175 718 Fax: +1-978-288-8700 719 Email: khchan@nortel.com 720 Jozef Z. Babiarz 721 Nortel Networks 722 3500 Carling Avenue 723 Ottawa, Ont. K2H 8E9 724 Canada 726 Phone: +1-613-763-6098 727 Fax: +1-613-768-2231 728 Email: babiarz@nortel.com 730 Fred Baker 731 Cisco Systems 732 1121 Via Del Rey 733 Santa Barbara, CA 93117 734 US 736 Phone: +1-408-526-4257 737 Fax: +1-413-473-2403 738 Email: fred@cisco.com 740 Full Copyright Statement 742 Copyright (C) The Internet Society (2006). 744 This document is subject to the rights, licenses and restrictions 745 contained in BCP 78, and except as set forth therein, the authors 746 retain all their rights. 748 This document and the information contained herein are provided on an 749 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 750 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET 751 ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, 752 INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE 753 INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 754 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 756 Intellectual Property 758 The IETF takes no position regarding the validity or scope of any 759 Intellectual Property Rights or other rights that might be claimed to 760 pertain to the implementation or use of the technology described in 761 this document or the extent to which any license under such rights 762 might or might not be available; nor does it represent that it has 763 made any independent effort to identify any such rights. Information 764 on the procedures with respect to rights in RFC documents can be 765 found in BCP 78 and BCP 79. 767 Copies of IPR disclosures made to the IETF Secretariat and any 768 assurances of licenses to be made available, or the result of an 769 attempt made to obtain a general license or permission for the use of 770 such proprietary rights by implementers or users of this 771 specification can be obtained from the IETF on-line IPR repository at 772 http://www.ietf.org/ipr. 774 The IETF invites any interested party to bring to its attention any 775 copyrights, patents or patent applications, or other proprietary 776 rights that may cover technology that may be required to implement 777 this standard. Please address the information to the IETF at 778 ietf-ipr@ietf.org. 780 Acknowledgment 782 Funding for the RFC Editor function is provided by the IETF 783 Administrative Support Activity (IASA).