idnits 2.17.1 draft-kini-i2rs-pbr-info-model-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (February 14, 2014) is 3723 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Unused Reference: 'RFC1104' is defined on line 318, but no explicit reference was found in the text == Outdated reference: A later version (-15) exists of draft-ietf-i2rs-architecture-02 == Outdated reference: A later version (-11) exists of draft-ietf-i2rs-problem-statement-00 == Outdated reference: A later version (-17) exists of draft-ietf-i2rs-rib-info-model-02 == Outdated reference: A later version (-04) exists of draft-krishnan-i2rs-large-flow-use-case-03 == Outdated reference: A later version (-06) exists of draft-white-i2rs-use-case-02 ** Obsolete normative reference: RFC 793 (Obsoleted by RFC 9293) ** Obsolete normative reference: RFC 2460 (Obsoleted by RFC 8200) ** Obsolete normative reference: RFC 4960 (Obsoleted by RFC 9260) Summary: 3 errors (**), 0 flaws (~~), 7 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group S. Kini, Ed. 3 Internet-Draft Ericsson 4 Intended status: Informational R. Folkes 5 Expires: August 18, 2014 Juniper 6 J. Medved 7 Cisco 8 R. Krishnan 9 Brocade 10 A. Ghanwani 11 Dell 12 February 14, 2014 14 Information model for Policy Based Routing 15 draft-kini-i2rs-pbr-info-model-00 17 Abstract 19 Policy Based Routing (PBR) is a generic term that describes 20 functionality that currently exists in several routing systems where 21 packets are routed, not just based on the destination address but 22 rather based on a policy that is configured/programmed in the router. 23 This document describes the information model for PBR as it exists in 24 many current implementations. 26 Status of This Memo 28 This Internet-Draft is submitted in full conformance with the 29 provisions of BCP 78 and BCP 79. 31 Internet-Drafts are working documents of the Internet Engineering 32 Task Force (IETF). Note that other groups may also distribute 33 working documents as Internet-Drafts. The list of current Internet- 34 Drafts is at http://datatracker.ietf.org/drafts/current/. 36 Internet-Drafts are draft documents valid for a maximum of six months 37 and may be updated, replaced, or obsoleted by other documents at any 38 time. It is inappropriate to use Internet-Drafts as reference 39 material or to cite them other than as "work in progress." 41 This Internet-Draft will expire on August 18, 2014. 43 Copyright Notice 45 Copyright (c) 2014 IETF Trust and the persons identified as the 46 document authors. All rights reserved. 48 This document is subject to BCP 78 and the IETF Trust's Legal 49 Provisions Relating to IETF Documents 50 (http://trustee.ietf.org/license-info) in effect on the date of 51 publication of this document. Please review these documents 52 carefully, as they describe your rights and restrictions with respect 53 to this document. Code Components extracted from this document must 54 include Simplified BSD License text as described in Section 4.e of 55 the Trust Legal Provisions and are provided without warranty as 56 described in the Simplified BSD License. 58 Table of Contents 60 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 61 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 62 2. Abbreviations and Terminology . . . . . . . . . . . . . . . . 3 63 3. Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 64 4. PBR-RIB definition . . . . . . . . . . . . . . . . . . . . . 4 65 5. Routing Instance . . . . . . . . . . . . . . . . . . . . . . 4 66 6. Policy Route . . . . . . . . . . . . . . . . . . . . . . . . 4 67 7. Policy Action . . . . . . . . . . . . . . . . . . . . . . . . 5 68 8. Reading, writing and notifications . . . . . . . . . . . . . 6 69 9. Open Issues . . . . . . . . . . . . . . . . . . . . . . . . . 6 70 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 6 71 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 72 12. Security Considerations . . . . . . . . . . . . . . . . . . . 6 73 13. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 74 13.1. Normative References . . . . . . . . . . . . . . . . . . 6 75 13.2. Informative References . . . . . . . . . . . . . . . . . 7 76 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 7 78 1. Introduction 80 Policy Based Routing (PBR) is a commonly used term that describes a 81 capability that has existed on many routing systems for several 82 years. However, PBR has not been described through an information 83 model published as a standard. Most network operators and 84 applications that want to configure/program PBR on a network element 85 have used vendor specific mechanisms. Defining a standardized PBR 86 information model can help to simplify the implementations of 87 existing use-cases and to define new ones. Use cases that can 88 benefit from PBR are described in 89 [I-D.krishnan-i2rs-large-flow-use-case] and 90 [I-D.white-i2rs-use-case]. 92 The need to provide a standardized interface to the routing system's 93 functionality is described in [I-D.ietf-i2rs-problem-statement]. The 94 architecture for a standardized interface is described in 95 [I-D.ietf-i2rs-architecture] and requires standardized data models. 97 This document defines a PBR information model that is fundamental to 98 developing a standardized data model for PBR. 100 At a high level PBR is a specific forwarding behavior that is applied 101 to traffic matched by a filter. Unlike destination address based 102 forwarding, the match filter in PBR can use multiple fields of the 103 traffic's protocol data units (PDUs). 105 1.1. Requirements Language 107 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 108 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 109 document are to be interpreted as described in RFC 2119 [RFC2119]. 111 2. Abbreviations and Terminology 113 PBR - Policy Based Routing 115 PBF - Policy Based Forwarding (This abbreviation has been used in the 116 industry synonymously with PBR. We do not use this abbreviation in 117 this document) 119 FBF - Filter Based Forwarding (This abbreviation has been used in the 120 industry synonymously with PBR. We do not use this abbreviation in 121 this document) 123 I2RS - Interface to Routing System 125 RIB - Routing Information Base 127 PDU - Protocol Data Unit 129 MPLS - Multi Protocol Label Switching 131 PBR-RIB - Policy Based Routing - Routing Information Base 133 3. Scope 135 The match filter is mainly restricted to IP (both IPv4 [RFC0791] and 136 IPv6 [RFC2460]). MPLS may be included in a future revision of this 137 document. Support for protocols encapsulated within IP is restricted 138 to TCP [RFC0793], UDP [RFC0768], SCTP [RFC4960] and ICMP [RFC0792]. 139 This will be extended to include more protocols in future revisions. 141 4. PBR-RIB definition 143 A PBR-RIB is an entity that contains an ordered list of policy routes 144 and is analogous to the RIB defined in 145 [I-D.ietf-i2rs-rib-info-model]. The data model MUST allow inserting 146 into the ordered list at any position and deleting a previously added 147 entry. Each PBR-RIB is contained within a routing instance. It is 148 identified by a name that is unique within the routing instance and 149 is in the same namespace as RIB names. A PBR-RIB has one of the 150 following types - IPv4 or IPv6. Each PBR-RIB has the following 151 optional fields: 153 o interface-list: A list of interfaces of the same type as this PBR- 154 RIB. It must be a subset of the interface-list of the routing 155 instance in which this PBR-RIB is contained. 157 o default-routing-RIB: A RIB of the same type contained in the same 158 routing instance as this PBR-RIB. When a packet does not match 159 any FIB entries installed using this PBR-RIB, then destination 160 based forwarding using FIB entries installed using the default- 161 routing-RIB is performed. 163 5. Routing Instance 165 This document extends the routing-instance from 166 [I-D.ietf-i2rs-rib-info-model] to contain PBR-RIBs. A routing 167 instance can optionally contain multiple PBR-RIBs. Each interface of 168 the routing instance can be associated with at most one PBR-RIB. 169 Packets arriving on an interface associated with a PBR-RIB are 170 forwarded using the FIB generated using the policy-routes of that 171 PBR-RIB. 173 6. Policy Route 175 A policy-route is a generalization of the route described in sec 2.3 176 of [I-D.ietf-i2rs-rib-info-model] and consists of a match-filter and 177 an associated policy-action (see Section 7). When a packet 178 successfully matches a match-filter, the corresponding policy-action 179 is applied and the processing for that packet terminates. The match- 180 filter is optional and when it is not specified, then the policy- 181 action is applied as if the match was successful. If a match fails, 182 then a match is attempted on the next policy-route in the order 183 specified in that PBR-RIB. Failure to match the filter of any of the 184 policy-routes in a PBR-RIB results in destination based forwarding 185 using the FIB generated by the default-routing-RIB. If a default- 186 routing-RIB is not specified, the packet is discarded. It should be 187 noted that different implementations will vary in their capabilities 188 for the type and number of matches and actions that they can perform. 190 A mechanism to dynamically learn such capabilities is under 191 discussion. 193 The following types of operations are defined to build a match-filter 194 expression to be used in a policy-route. 196 1. Match sub-expression on one of the IP PDU fields 198 * Longest prefix match for IP source address or destination 199 address. 201 * An exact match or a range match for IP protocol type or IP-TOS 202 /DSCP. 204 * If the IP protocol type is one of TCP/UDP/SCTP then an exact 205 or range match of the source port or the destination port. 207 * If the IP protocol type is ICMP then an exact or range match 208 of the ICMP code and/or the ICMP type. 210 * PDU length range match. 212 2. A logical OR of the above sub-expressions for a given PDU field. 214 3. A logical negation of the above sub-expressions. This may 215 contain zero or more logical OR sub-expressions of a given PDU 216 field. 218 4. A logical AND of the above sub-expressions for the PDU fields. 220 7. Policy Action 222 A policy-action is an ordered sequence of zero or more PDU 223 manipulation/behavior actions followed by one PDU forwarding action. 224 It is a named entity and has its own namespace. The following PDU 225 manipulation/behavior actions are defined: 227 o Set IP-TOS/DSCP. 229 o A vendor-specific action. E.g. Apply a rate-limiter. This is 230 outside the scope of this document. 232 The following PDU forwarding actions are defined: 234 o Drop packet and optionally generate ICMP 236 o Forward to a specified nexthop. The nexthop is the same as 237 defined in sec 2.4 of [I-D.ietf-i2rs-rib-info-model] 239 o Forward by destination addressed based lookup of FIB entries 240 installed using the default-routing-RIB 242 8. Reading, writing and notifications 244 The PBR-RIB data model has reading, writing and notification 245 requirements that are similar to those listed in 246 [I-D.ietf-i2rs-rib-info-model]. 248 9. Open Issues 250 Performing actions associated with multiple policy-routes when the 251 packet successfully matches the match-filter of multiple policy 252 routes. 254 10. Acknowledgements 256 The authors would like to thank Alok Gulati and TBD for their review. 258 11. IANA Considerations 260 This memo includes no request to IANA. 262 12. Security Considerations 264 13. References 266 13.1. Normative References 268 [I-D.ietf-i2rs-architecture] 269 Atlas, A., Halpern, J., Hares, S., Ward, D., and T. 270 Nadeau, "An Architecture for the Interface to the Routing 271 System", draft-ietf-i2rs-architecture-02 (work in 272 progress), February 2014. 274 [I-D.ietf-i2rs-problem-statement] 275 Atlas, A., Nadeau, T., and D. Ward, "Interface to the 276 Routing System Problem Statement", draft-ietf-i2rs- 277 problem-statement-00 (work in progress), August 2013. 279 [I-D.ietf-i2rs-rib-info-model] 280 Bahadur, N., Folkes, R., Kini, S., and J. Medved, "Routing 281 Information Base Info Model", draft-ietf-i2rs-rib-info- 282 model-02 (work in progress), February 2014. 284 [I-D.krishnan-i2rs-large-flow-use-case] 285 ramki, r., Ghanwani, A., Kini, S., McDysan, D., and D. 286 Lopez, "Large Flow Use Cases for I2RS PBR and QoS", draft- 287 krishnan-i2rs-large-flow-use-case-03 (work in progress), 288 February 2014. 290 [I-D.white-i2rs-use-case] 291 White, R., Hares, S., and A. Retana, "Protocol Independent 292 Use Cases for an Interface to the Routing System", draft- 293 white-i2rs-use-case-02 (work in progress), February 2014. 295 [RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, 296 August 1980. 298 [RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791, September 299 1981. 301 [RFC0792] Postel, J., "Internet Control Message Protocol", STD 5, 302 RFC 792, September 1981. 304 [RFC0793] Postel, J., "Transmission Control Protocol", STD 7, RFC 305 793, September 1981. 307 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 308 Requirement Levels", BCP 14, RFC 2119, March 1997. 310 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 311 (IPv6) Specification", RFC 2460, December 1998. 313 [RFC4960] Stewart, R., "Stream Control Transmission Protocol", RFC 314 4960, September 2007. 316 13.2. Informative References 318 [RFC1104] Braun, H., "Models of policy based routing", RFC 1104, 319 June 1989. 321 Authors' Addresses 323 Sriganesh Kini (editor) 324 Ericsson 326 Email: sriganesh.kini@ericsson.com 327 Ron Folkes 328 Juniper 330 Email: ronf@juniper.net 332 Jan Medved 333 Cisco 335 Email: jmedved@cisco.com 337 Ram Krishnan 338 Brocade 340 Email: ramk@brocade.com 342 Anoop Ghanwani 343 Dell 345 Email: anoop@alumni.duke.edu