idnits 2.17.1 draft-li-pce-pcep-flowspec-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (June 28, 2017) is 2491 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-27) exists of draft-dhodylee-pce-pcep-ls-08 ** Downref: Normative reference to an Experimental draft: draft-dhodylee-pce-pcep-ls (ref. 'I-D.dhodylee-pce-pcep-ls') == Outdated reference: A later version (-22) exists of draft-ietf-idr-flow-spec-v6-08 ** Obsolete normative reference: RFC 5575 (Obsoleted by RFC 8955) == Outdated reference: A later version (-15) exists of draft-ietf-idr-bgp-flowspec-oid-04 == Outdated reference: A later version (-11) exists of draft-ietf-pce-pce-initiated-lsp-10 == Outdated reference: A later version (-16) exists of draft-ietf-pce-segment-routing-09 == Outdated reference: A later version (-05) exists of draft-ietf-teas-pce-central-control-03 Summary: 2 errors (**), 0 flaws (~~), 7 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group D. Dhody, Ed. 3 Internet-Draft Huawei Technologies 4 Intended status: Standards Track A. Farrel, Ed. 5 Expires: December 30, 2017 Juniper Networks 6 Z. Li 7 Huawei Technologies 8 June 28, 2017 10 PCEP Extension for Flow Specification 11 draft-li-pce-pcep-flowspec-02 13 Abstract 15 The Path Computation Element (PCE) is a functional component capable 16 of selecting the paths through a traffic engineered networks. These 17 paths may be supplied in response to requests for computation, or may 18 be unsolicited directions issued by the PCE to network elements. 19 Both approaches use the PCE Communication Protocol (PCEP) to convey 20 the details of the computed path. 22 Traffic flows may be categorized and described using "Flow 23 Specifications". RFC 5575 defines the Flow Specification and 24 describes how it may be distributed in BGP to allow specific traffic 25 flows to be associated with routes. 27 This document specifies a set of extensions to PCEP to support 28 dissemination of Flow Specifications. This allows a PCE to indicate 29 what traffic should be placed on each flow that it is aware of. It 30 also allows a PCE to play a role in a BGP network by installing Flow 31 Specification information at BGP speakers. 33 Requirements Language 35 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 36 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 37 document are to be interpreted as described in [RFC2119]. 39 Status of This Memo 41 This Internet-Draft is submitted in full conformance with the 42 provisions of BCP 78 and BCP 79. 44 Internet-Drafts are working documents of the Internet Engineering 45 Task Force (IETF). Note that other groups may also distribute 46 working documents as Internet-Drafts. The list of current Internet- 47 Drafts is at http://datatracker.ietf.org/drafts/current/. 49 Internet-Drafts are draft documents valid for a maximum of six months 50 and may be updated, replaced, or obsoleted by other documents at any 51 time. It is inappropriate to use Internet-Drafts as reference 52 material or to cite them other than as "work in progress." 54 This Internet-Draft will expire on December 30, 2017. 56 Copyright Notice 58 Copyright (c) 2017 IETF Trust and the persons identified as the 59 document authors. All rights reserved. 61 This document is subject to BCP 78 and the IETF Trust's Legal 62 Provisions Relating to IETF Documents 63 (http://trustee.ietf.org/license-info) in effect on the date of 64 publication of this document. Please review these documents 65 carefully, as they describe your rights and restrictions with respect 66 to this document. Code Components extracted from this document must 67 include Simplified BSD License text as described in Section 4.e of 68 the Trust Legal Provisions and are provided without warranty as 69 described in the Simplified BSD License. 71 Table of Contents 73 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 74 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 75 3. Procedures for PCE Use of Flow Specifications . . . . . . . . 5 76 3.1. Capability Advertisement . . . . . . . . . . . . . . . . 5 77 3.1.1. PCEP OPEN Message . . . . . . . . . . . . . . . . . . 5 78 3.1.2. IGP PCE Capabilities Advertisement . . . . . . . . . 6 79 3.2. Dissemination Procedures . . . . . . . . . . . . . . . . 6 80 3.3. Flow Specification Synchronization . . . . . . . . . . . 7 81 4. PCE FlowSpec Capability TLV . . . . . . . . . . . . . . . . . 8 82 5. PCE Flow Spec Object . . . . . . . . . . . . . . . . . . . . 8 83 6. Flow Filter TLV . . . . . . . . . . . . . . . . . . . . . . . 9 84 7. Flow Specification TLVs . . . . . . . . . . . . . . . . . . . 10 85 8. Detailed Procedures . . . . . . . . . . . . . . . . . . . . . 13 86 8.1. Default Behavior . . . . . . . . . . . . . . . . . . . . 14 87 8.2. Composite Flow Specifications . . . . . . . . . . . . . . 14 88 8.2.1. Modifying Flow Specifications . . . . . . . . . . . . 14 89 8.3. Multiple Flow Specifications . . . . . . . . . . . . . . 14 90 8.3.1. Adding and Removing Flow Specifications . . . . . . . 15 91 8.4. Priorities and Overlapping Flow Specifications . . . . . 15 92 8.5. Error Processing . . . . . . . . . . . . . . . . . . . . 15 93 9. PCEP Messages . . . . . . . . . . . . . . . . . . . . . . . . 15 94 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 18 95 10.1. PCEP Objects . . . . . . . . . . . . . . . . . . . . . . 18 96 10.2. PCEP TLV Type Indicators . . . . . . . . . . . . . . . . 18 97 10.3. Flow Specification TLV Type Indicators . . . . . . . . . 19 98 10.4. PCEP Error Codes . . . . . . . . . . . . . . . . . . . . 19 99 10.5. PCE Capability Flag . . . . . . . . . . . . . . . . . . 20 100 11. Security Considerations . . . . . . . . . . . . . . . . . . . 20 101 12. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 20 102 13. References . . . . . . . . . . . . . . . . . . . . . . . . . 20 103 13.1. Normative References . . . . . . . . . . . . . . . . . . 20 104 13.2. Informative References . . . . . . . . . . . . . . . . . 21 105 Appendix A. Contributor Addresses . . . . . . . . . . . . . . . 23 106 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 24 108 1. Introduction 110 Dissemination of traffic flow specifications (Flow Specifications) 111 was introduced for BGP in [RFC5575]. A Flow Specification is 112 comprised of traffic filtering rules and actions. The routers that 113 receive a Flow Specification can classify received packets according 114 to the traffic filtering rules and shape, rate limit, filter, or 115 redirect packets based on the actions. The Flow Specification 116 carried by BGP can be used to automate inter-domain coordination of 117 traffic filtering to mitigate (distributed) denial-of-service attacks 118 and can also be used to provide traffic filtering in the context of a 119 BGP/MPLS Virtual Private Network (VPN) service. 121 [RFC5575] also defines that a Flow Specification received from an 122 external autonomous system will need to be validated against unicast 123 routing before being accepted. [I-D.ietf-idr-bgp-flowspec-oid] 124 describes a modification to the validation procedure to enable Flow 125 Specifications to be originated from a centralized BGP route 126 controller. 128 [I-D.ietf-ospf-flowspec-extensions] defines extensions to OSPF to 129 distribute Flow Specifications in the networks that only deploy an 130 IGP (Interior Gateway Protocol) (i.e., OSPF). It also defines the 131 validation procedures for imposing filtering information at routers. 133 [RFC4655] defines the Path Computation Element (PCE), a functional 134 component capable of computing paths for use in networks. PCE was 135 originally conceived for use in Multiprotocol Label Switching (MPLS) 136 for Traffic Engineering networks to derive the routes of Label 137 Switched Paths (LSPs). However, the scope of PCE was quickly 138 extended to make it applicable to Generalized MPLS (GMPLS) networks, 139 and more recent work has brought other traffic engineering 140 technologies and planning applications into scope (for example, 141 Segment Routing [I-D.ietf-pce-segment-routing]). 143 [RFC5440] describes the Path Computation Element Protocol (PCEP). 144 PCEP defines the communication between a Path Computation Client 145 (PCC) and a PCE, or between PCE and PCE, enabling computation of MPLS 146 for Traffic Engineering LSP (TE-LSP) characteristics. 148 Stateful PCE [I-D.ietf-pce-stateful-pce] specifies a set of 149 extensions to PCEP to enable stateful control of TE-LSPs between and 150 across PCEP sessions in compliance with [RFC4657]. It includes 151 mechanisms to effect LSP state synchronization between PCCs and PCEs, 152 delegation of control of LSPs to PCEs, and PCE control of timing and 153 sequence of path computations within and across PCEP sessions and 154 focuses on a model where LSPs are configured on the PCC and control 155 over them is delegated to the PCE. [I-D.ietf-pce-pce-initiated-lsp] 156 describes the setup, maintenance, and teardown of PCE-initiated LSPs 157 under the stateful PCE model, without the need for local 158 configuration on the PCC, thus allowing for a dynamic network that is 159 centrally controlled and deployed. 161 [I-D.ietf-teas-pce-central-control] introduces the architecture for 162 PCE as a central controller and describes how PCE can be viewed as a 163 component that performs computation to place 'flows' within the 164 network and decide how these flows are routed. 166 When a PCE is used to initiate tunnels (such as TE-LSPs) using PCEP, 167 it is important that the head end of the tunnels understands what 168 traffic to place on each tunnel. The data flows intended for a 169 tunnel can be described using Flow Specifications, and when PCEP is 170 in use for tunnel initiation it makes sense for that same protocol to 171 be used to distribute the Flow Specifications that describe what data 172 flows on those tunnels. 174 This document specifies a set of extensions to PCEP to support 175 dissemination of Flow Specifications. The extensions include the 176 creation, update, and withdrawal of Flow Specifications via PCEP and 177 can be applied to tunnels initiated by the PCE or to tunnels where 178 control is delegated to the PCE by the PCC. Furthermore, a PCC 179 requesting a new path can include Flow Specifications in the request 180 to indicate the purpose of the tunnel allowing the PCE to factor this 181 in during the path computation. 183 Flow Specifications are carried in TLVs within a new Flow Spec Object 184 defined in this document. The flow filtering rules indicated by the 185 Flow Specifications are mainly defined by BGP Flow Specifications. 187 2. Terminology 189 This document uses the following terms defined in [RFC5440]: PCC, 190 PCE, PCEP Peer. 192 The following term from [RFC5575] is used frequently throughout this 193 document: 195 Flow Specification (FlowSpec): A Flow Specification is an n-tuple 196 consisting of several matching criteria that can be applied to IP 197 traffic, including filters and actions. Each FlowSpec consists of 198 a set of filters and a set of actions. 200 This document uses the terms "stateful PCE" and "active PCE" as 201 advocated in [RFC7399]. 203 3. Procedures for PCE Use of Flow Specifications 205 There are three elements of procedure: 207 o A PCE and a PCC must be able to indicate whether or not they 208 support the use of Flow Specifications. 210 o A PCE or PCC must be able to include Flow Specifications in PCEP 211 messages with clear understanding of the applicability of those 212 Flow Specifications in each case including whether the use of such 213 information is mandatory, constrained, or optional. 215 o Synchronization of Flow Specification information/state between 216 PCEP peers. 218 The following subsections describe these points. 220 3.1. Capability Advertisement 222 3.1.1. PCEP OPEN Message 224 During PCEP session establishment, a PCC or PCE that supports the 225 procedures described in this document announces this fact by 226 including the "PCE FlowSpec Capability" TLV, described in Section 4, 227 in the OPEN Object carried in the to advertise its support for PCEP 228 extensions for PCE FlowSpec Capability. 230 The presence of the PCE FlowSpec Capability TLV in the OPEN Object in 231 a PCE's OPEN message indicates that the PCE can support distribute 232 the FlowSpec to PCCs and can receive FlowSpecs in messages from the 233 PCCs. 235 The presence of the PCE FlowSpec Capability TLV in the OPEN Object in 236 a PCC's OPEN message indicates that the PCC supports the FlowSpec 237 functionality described in this document. 239 If either one of a pair of PCEP peers does not indicate support of 240 the FlowSpec functionality described in this document by including 241 the PCE FlowSpec Capability TLV in the OPEN Object in its OPEN 242 message, then the other peer MUST NOT include a FlowSpec object in 243 any PCEP message send to the peer that does not support the 244 procedures. If a FlowSpec object is received even though support has 245 not been indicated, the receiver will respond with a PCErr message 246 reporting the objects containing the FlowSpec as described in 247 [RFC5440]: that is, it will use 'Unknown Object' if it does not 248 support this specification, and 'Not supported object' if it supports 249 this specification but has not chosen to support FlowSpec objects on 250 this PCEP session. 252 3.1.2. IGP PCE Capabilities Advertisement 254 The ability to advertise support for PCEP and PCE features in IGP 255 advertisements is provided for OSPF in [RFC5088] and for IS-IS in 256 [RFC5089]. The mechanism uses the PCE Discovery TLV which has a PCE- 257 CAP-FLAGS sub-TLV containing bit-flags each of which indicates 258 support for a different feature. 260 This document defines a new PCE-CAP-FLAGS sub-TLV bit, the FlowSpec 261 Capable flag (bit number TBD1). Setting the bit indicates that an 262 advertising PCE supports the procedures defined in this document. 264 Note that while PCE FlowSpec Capability may be advertised during 265 discovery, PCEP speakers that wish to use Flow Specification in PCEP 266 MUST negotiate PCE FlowSpec Capability during PCEP session setup, as 267 specified in Section 3.1.1. A PCC MAY initiate PCE FlowSpec 268 Capability negotiation at PCEP session setup even if it did not 269 receive any IGP PCE capability advertisement. 271 3.2. Dissemination Procedures 273 This section introduces the procedures to support Flow Specifications 274 in PCEP messages. 276 The primary purpose of distributing Flow Specifications information 277 is to allow a PCE to indicate to a PCC what traffic it should place 278 on a path (such as an LSP or a Segment Routing path). This means 279 that the Flow Specification may be included in: 281 o PCInitiate messages so that an active PCE can indicate the traffic 282 to place on a path at the time that the PCE instantiates the path. 284 o PCUpd messages so that an active PCE can indicate or change the 285 traffic to place on a path that has already been set up. 287 o PCRpt messages so that a PCC could report the traffic that the PCC 288 plans to place on the path. 290 o PCReq messages so that a PCC can indicate what traffic it plans to 291 place on a path at the time it requests the PCE to perform a 292 computation in case that information aids the PCE in its work. 294 o PCRep messages so that a PCE that has been asked to compute a path 295 can suggest which traffic could be placed on a path that a PCC may 296 be about to set up. 298 o PCErr messages so that issues related to paths and the traffic 299 they carry can be reported to the PCE by the PCC, and so that 300 problems with other PCEP messages that carry Flow Specifications 301 can be reported. 303 To carry Flow Specifications in PCEP messages, this document defines 304 a new PCEP object called the PCE Flow Spec Object. The object 305 optional can appear more than once in any of the messages described 306 above. 308 The PCE Flow Spec Object carries one or more Flow Filter TLVs, each 309 of which describes a traffic flow. 311 The inclusion of multiple PCE Flow Spec Objects allow multiple 312 traffic flows to be placed on a single path. 314 Once a PCE and PCC have established that they can both support the 315 use of Flow Specifications in PCEP messages such information may be 316 exchanged at any time for new or existing paths. 318 3.3. Flow Specification Synchronization 320 The Flow Specifications are carried along with the LSP State 321 information as per [I-D.ietf-pce-stateful-pce], making the Flow 322 Specifications as part of the LSP database (LSP-DB). Thus, the 323 synchronization of the Flow Specification information is done as part 324 of the LSP-DB synchronization. This may be achieved using normal 325 state synchronization procedures as described in 326 [I-D.ietf-pce-stateful-pce] or enhanced state synchronization 327 procedures as defined in [I-D.ietf-pce-stateful-sync-optimizations]. 329 The approach selected will be implementation and deployment specific 330 and will depend on issues such as how the databases are constructed 331 and what level of synchronization support is needed. 333 4. PCE FlowSpec Capability TLV 335 The PCE-FLOWSPEC-CAPABILITY TLV is an optional TLV associated with 336 the OPEN Object [RFC5440] to exchange PCE FlowSpec capabilities of 337 PCEP speakers. 339 The format of the PCE-FLOWSPEC-CAPABILITY TLV follows the format of 340 all PCEP TLVs as defined in [RFC5440] and is shown in Figure 1. 342 0 1 2 3 343 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 344 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 345 | Type=[TBD2] | Length=2 | 346 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 347 | Value=0 | Padding | 348 +---------------------------------------------------------------+ 350 Figure 1: PCE-FLOWSPEC-CAPABILITY TLV format 352 The type of the PCE-FLOWSPEC-CAPABILITY TLV is TBD2 and it has a 353 fixed length of 2 octets. The Value field is set to default value 0. 355 The inclusion of this TLV in an OPEN object indicate that the sender 356 can perform FlowSpec handling as defined in this document. 358 5. PCE Flow Spec Object 360 The PCEP Flow Spec object defined in this document are compliant with 361 the PCEP object format defined in [RFC5440]. 363 The PCEP Flow Spec object carries a FlowSpec filter rule encoded in a 364 TLV (as defined in Section 6 and is OPTIONAL in the PCReq, PCRep, 365 PCErr, PCInitiate, PCRpt, and PCUpd messages. It MAY be present 366 zero, one, or more times. Each instance of the object specifies a 367 traffic flow. 369 The FLOW SPEC Object-Class is TBD3 (to be assigned by IANA). 371 The FLOW SPEC Object-Type is 1. 373 The format of the body of the PCE Flow Spec object is shown in 374 Figure 2 375 0 1 2 3 376 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 377 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 378 | FS-ID | 379 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 380 | Reserved |R| 381 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 382 | | 383 | Flow Filter TLV (variable) | 384 | | 385 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 387 Figure 2: PCE Flow Spec Object Body Format 389 FS-ID(32-bit): A PCEP-specific identifier for the FlowSpec 390 information. A PCE creates an unique FS-ID for each FlowSpec that is 391 constant for the lifetime of a PCEP session. All subsequent PCEP 392 messages then address the FlowSpec by the FS-ID. The values 0 and 393 0xFFFFFFFF are reserved. 395 Reserved bits: MUST be set to zero on transmission and ignored on 396 receipt. 398 R bit: The Remove bit is set when a PCE Flow Spec Object is included 399 in a PCEP message to indicate removal of the Flow Specification from 400 the associated tunnel. If the bit is clear, the Flow Specification 401 is being added or modified. 403 Flow Filter TLV (variable): One TLV MAY be included. 405 The Flow Filter TLV is OPTIONAL when the R bit is set. The TLV MUST 406 be present when the R bit is clear. If the TLV is missing when the R 407 bit is clear, the PCEP peer MUST respond with a PCErr message with 408 error-type TBD8 (FlowSpec Error), error-value 1 (Malformed FlowSpec). 410 6. Flow Filter TLV 412 A new PCEP TLV is defined to convey Flow Specification filtering 413 rules that specify what traffic is carried on a path. The TLV 414 follows the format of all PCEP TLVs as defined in [RFC5440]. The 415 Type field values come from the codepoint space for PCEP TLVs an has 416 the value TBD4. 418 The Value field contains one or more sub-TLVs (the Flow Specification 419 TLVs) as defined in Section 7. Only one Flow Filter TLV can be 420 present which represents the complete definition of a Flow 421 Specification for traffic to be placed on the tunnel indicated by the 422 PCEP message in which the PCE Flow Spec Object is carried. The set 423 of Flow Specification TLVs in a single instance of a Flow Filter TLV 424 are combined to indicate the specific Flow Specification. 426 7. Flow Specification TLVs 428 The Flow Specification TLVs carried as sub-TLVs of the Flow Filter 429 TLV also follow the format of all PCEP TLVs as defined in [RFC5440], 430 however, the Type values are selected from a separate IANA registry 431 (see Section 10) rather than from the common PCEP TLV registry. 433 Type values are chosen so that there can be commonality with Flow 434 Specifications defined for use with BGP. This is possible because 435 the BGP Flow Spec encoding uses a single octet to encode the type 436 where PCEP uses two octets. Thus the space of values for the Type 437 field is partitioned as shown in Figure 3. 439 Range | 440 ---------------+--------------------------------------------------- 441 0 | Reserved - must not be allocated. 442 | 443 1 .. 255 | Per BGP registry defined by [RFC5575]. 444 | Not to be allocated in this registry. 445 | 446 256 .. 65535 | New PCEP Flow Specs allocated according to the 447 | registry defined in this document. 449 Figure 3: Flow Specification TLV Type Ranges 451 The content of Value field each TLV is specific to the type and 452 describes the parameters of the Flow Specification. The definition 453 of the format of many of these Value fields is inherited from BGP 454 specifications as shown in Figure 4. Specifically, the inheritance 455 is from [RFC5575] and [I-D.ietf-idr-flow-spec-v6], but may also be 456 inherited from future BGP specifications. 458 When multiple Flow Specification TLVs are present in a single Flow 459 Filter TLVs they are combined to produce a more detailed description 460 of a flow. For examples and rules about how this is achieved, see 461 [RFC5575]. 463 When used in other protocols (such as BGP) these Flow Specifications 464 are also associated with actions to indicate how traffic matching the 465 Flow Specification should be treated. However, in PCEP the only 466 action is to associated the traffic with a tunnel and to forward 467 matching traffic on to that path, so no encoding of an action is 468 needed. 470 Section 8.4 describes how overlapping Flow Specifications are 471 prioritized and handled. 473 +-------+-------------------------+-----------------------------+ 474 | Type | Description | Value defined in | 475 | | | | 476 +-------+-------------------------+-----------------------------+ 477 | * | Destination IPv4 Prefix | [RFC5575] | 478 +-------+-------------------------+-----------------------------+ 479 | * | Source IPv4 Prefix | [RFC5575] | 480 +-------+-------------------------+-----------------------------+ 481 | * | IP Protocol | [RFC5575] | 482 +-------+-------------------------+-----------------------------+ 483 | * | Port | [RFC5575] | 484 +-------+-------------------------+-----------------------------+ 485 | * | Destination port | [RFC5575] | 486 +-------+-------------------------+-----------------------------+ 487 | * | Source port | [RFC5575] | 488 +-------+-------------------------+-----------------------------+ 489 | * | ICMP type | [RFC5575] | 490 +-------+-------------------------+-----------------------------+ 491 | * | ICMP code | [RFC5575] | 492 +-------+-------------------------+-----------------------------+ 493 | * | TCP flags | [RFC5575] | 494 +-------+-------------------------+-----------------------------+ 495 | * | Packet length | [RFC5575] | 496 +-------+-------------------------+-----------------------------+ 497 | * | DSCP | [RFC5575] | 498 +-------+-------------------------+-----------------------------+ 499 | * | Fragment | [RFC5575] | 500 +-------+-------------------------+-----------------------------+ 501 | * | Flow Label | [I-D.ietf-idr-flow-spec-v6] | 502 +-------+-------------------------+-----------------------------+ 503 | * | Destination IPv6 Prefix | [I-D.ietf-idr-flow-spec-v6] | 504 +-------+-------------------------+-----------------------------+ 505 | * | Source IPv6 Prefix | [I-D.ietf-idr-flow-spec-v6] | 506 +-------+-------------------------+-----------------------------+ 507 | * | Next Header | [I-D.ietf-idr-flow-spec-v6] | 508 +-------+-------------------------+-----------------------------+ 509 | TBD5 | Route Distinguisher | [I-D.dhodylee-pce-pcep-ls] | 510 +-------+-------------------------+-----------------------------+ 511 | TBD6 | IPv4 Multicast Flow | [This.I-D] | 512 +-------+-------------------------+-----------------------------+ 513 | TBD7 | IPv6 Multicast Flow | [This.I-D] | 514 +-------+-------------------------+-----------------------------+ 516 * Indicates that the TLV Type value comes from the value used in 518 Figure 4: Table of Flow Specification TLV Types 520 All Flow Specification TLVs with Types in the range 1 to 255 have 521 Values defined for use in BGP (for example in [RFC5575] and 522 [I-D.ietf-idr-flow-spec-v6]) and are set using the BGP encoding, but 523 without the type or length octets (the relevant information is in the 524 Type and Length fields of the TLV). The Value field is padded with 525 trailing zeros to achieve 4-byte alignment if necessary. 527 [I-D.dhodylee-pce-pcep-ls] defines a way to convey identification of 528 a VPN in PCEP via a Route Distinguisher (RD) [RFC4364] and encoded in 529 ROUTE-DISTINGUISHER TLV. A Flow Specification TLV with Type TBD5 530 carries a Value field matching that in the ROUTE-DISTINGUISHER TLV 531 and is used to identify that other flow filter information (for 532 example, an IPv4 destination prefix) is associated with a specific 533 VPN identified by the RD. 535 Although it may be possible to describe a multicast Flow 536 Specification from the combination of other Flow Specification TLVs 537 with specific values, it is more convenient to use a dedicated Flow 538 Specification TLV. Flow Specification TLVs with Type values TBD6 and 539 TBD7 are used to identify a multicast flow for IPv4 and IPv6 540 respectively. The Value field is encoded as shown in Figure 5. 542 0 1 2 3 543 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 544 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 545 | Rsvd |S|W|R| Rsvd |B|Z| Src Mask Len | Grp Mask Len | 546 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 547 ~ Source Address ~ 548 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 549 ~ Group multicast Address ~ 550 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 552 Figure 5: Multicast Flow Specification TLV Encoding 554 The fields of the two Multicast Flow Specification TLVs are as 555 described in Section 4.9.1 of [RFC7761] noting that the two address 556 fields are 32 bits for the IPv4 Multicast Flow and 128 bits for the 557 IPv6 Multicast Flow. 559 8. Detailed Procedures 561 This section outlines some specific detailed procedures for using the 562 protocol extensions defined in this document. 564 8.1. Default Behavior 566 The default behavior is that no Flow Specification is applied to a 567 tunnel. That is, the default is that the Flow Spec object is not 568 used as in all systems before the implementation of this 569 specification. 571 In this case it is a local matter (such as through configuration) how 572 tunnel head ends are instructed what traffic to place on a tunnel. 574 8.2. Composite Flow Specifications 576 Flow Specifications may be represented by a single Flow Specification 577 TLV or may require a more complex description using multiple Flow 578 Specification TLVs. For example, a flow indicated by a source- 579 destination pair of IPv6 addresses would be described by the 580 combination of Destination IPv6 Prefix and Source IPv6 Prefix Flow 581 Specification TLVs. 583 8.2.1. Modifying Flow Specifications 585 A PCE may want to modify a Flow Specification associate with a 586 tunnel, or a PCC may want to report a change to the Flow 587 Specification it is using with a tunnel. 589 It is important that the specific Flow Specification is identified so 590 that it is clear that this is a modification of an existing flow and 591 not the addition of a new flow as described in Section 8.3. The FS- 592 ID field of the PCE Flow Spec Object is used to identify an specific 593 Flow Specification. 595 When modifying a Flow Specification, all Flow Specification TLVs for 596 the intended specification of the flow MUST be included in the PCE 597 Flow Spec Object and the FS-ID MUST be retained from the previous 598 description of the flow. 600 8.3. Multiple Flow Specifications 602 It is possible that multiple flows will be place on a single tunnel. 603 In some cases it is possible to to define these within a single PCE 604 Flow Spec Object: for example, two Destination IPv4 Prefix TLVs could 605 be included to indicate that packets matching either prefix are 606 acceptable. Note that from PCEP point of view it would be considered 607 as a single Flow Specification identified by an FS-ID. 609 However, in other scenarios using multiple Flow Specification TLVs 610 would be confusing. For example, if flows from A to B and from C to 611 D are to be included then using two Source IPv4 Prefix TLVs and two 612 Destination IPv4 Prefix TLVs would be confusing. In these cases, 613 each Flow Specification is carried in its own PCE Flow Spec Object 614 with multiple objects present on a single PCEP message. Use of 615 separate object allow easier removal and modification of Flow 616 Specification. 618 8.3.1. Adding and Removing Flow Specifications 620 The Remove bit in the the PCE Flow Spec Object is left clear when a 621 Flow Specification is being added or modified. 623 To remove a Flow Specification, a PCE Flow Spec Object is included 624 with the FS-ID matching the one being removed, and the R bit set to 625 indicate removal. In this case it is not necessary to include any 626 Flow Specification TLVs. 628 8.4. Priorities and Overlapping Flow Specifications 630 TBD 632 8.5. Error Processing 634 TBD 636 9. PCEP Messages 638 The FLOW SPEC Object is OPTIONAL and MAY be carried in the PCEP 639 messages. 641 The PCInitiate message is defined in [I-D.ietf-pce-pce-initiated-lsp] 642 and updated as below: 644 ::= 645 647 Where: 648 ::= 649 [] 651 ::= 652 ( | 653 ) 655 ::= 656 657 [] 658 659 [] 660 [] 662 Where: 663 ::= [] 665 The PCUpd message is defined in [I-D.ietf-pce-stateful-pce] and 666 updated as below: 668 ::= 669 671 Where: 672 ::= 673 [] 675 ::= 676 677 678 [] 680 Where: 681 ::= 683 ::= [] 685 The PCRpt message is defined in [I-D.ietf-pce-stateful-pce] and 686 updated as below: 688 ::= 689 691 Where: 692 ::= [] 694 ::= [] 695 696 697 [] 699 Where: 700 ::= 701 [] 702 704 ::= [] 706 The PCReq message is defined in [RFC5440] and updated in 707 [I-D.ietf-pce-stateful-pce], it is further updated below for flow 708 specification: 710 ::= 711 [] 712 714 Where: 715 ::= [] 717 ::= [] 719 ::= 720 721 [] 722 [] 723 [] 724 [] 725 [[]] 726 [] 727 [] 728 [] 730 Where: 731 ::= [] 733 The PCRep message is defined in [RFC5440] and updated in 734 [I-D.ietf-pce-stateful-pce], it is further updated below for flow 735 specification: 737 ::= 738 740 Where: 742 ::=[] 744 ::= 745 [] 746 [] 747 [] 748 [] 749 [] 751 Where: 752 ::= [] 754 10. IANA Considerations 756 IANA maintains the "Path Computation Element Protocol (PCEP) Numbers" 757 registry. This document requests IANA actions to allocate code 758 points for the protocol elements defined in this document. 760 10.1. PCEP Objects 762 Each PCEP object has an Object-Class and an Object-Type. IANA 763 maintains a subregistry called "PCEP Objects". IANA is requested to 764 make an assingment from this subregistry as follows: 766 Object-Class | Value Name | Object-Type | Reference 767 -------------+---------------+----------------------+---------------- 768 TBD3 | FLOW SPEC | 0 (Reserved) | [This.I-D] 769 | 1 | [This.I-D] 771 10.2. PCEP TLV Type Indicators 773 IANA maintains a subregistry called "PCEP TLV Type Indicators". IANA 774 is requested to make an assingment from this subregistry as follows: 776 Value | Meaning | Reference 777 --------+------------------------------+------------- 778 TBD2 | PCE-FLOWSPEC-CAPABILITY TLV | [This.I-D] 779 TBD4 | FLOW FILTER TLV | [This.I-D] 781 10.3. Flow Specification TLV Type Indicators 783 IANA is requested to create a new subregistry call the PCEP Flow 784 Specification TLV Type Indicators registry. 786 Allocations from this registry are to be made according to the 787 following assignment policies [RFC8126]: 789 Range | Assignment policy 790 ---------------+--------------------------------------------------- 791 0 | Reserved - must not be allocated. 792 | 793 1 .. 255 | Reserved - must not be allocated. 794 | Usage mirrors the BGP FlowSpec registry [RFC5575]. 795 | 796 258 .. 64506 | Specification Required 797 | 798 64507 .. 65531 | First Come First Served 799 | 800 65532 .. 65535 | Experimental 802 IANA is requested to pre-populate this registry with values defined 803 in this document as follows: 805 Value | Meaning 806 -------+------------------------ 807 TBD5 | Route Distinguisher 808 TBD6 | IPv4 Multicast 809 TBD7 | IPv6 Multicast 811 10.4. PCEP Error Codes 813 IANA maintains a subregistry called "PCEP-ERROR Object Error Types 814 and Values". Entries in this subregistry are described by Error-Type 815 and Error-value. IANA is requested to make the following assignment 816 from this subregistry: 818 Error-| Meaning | Error-value | Reference 819 Type | | | 820 -------+--------------------+----------------------------+----------- 821 TBD8 | FlowSpec error | 0: Unassigned | [This.I-D] 822 | | 1: Unsupported FlowSpec | [This.I-D] 823 | | 2: Malformed FlowSpec | [This.I-D] 824 | | 3: Unresolvable conflict | [This.I-D] 825 | | 4-255: Unassigned | [This.I-D] 827 10.5. PCE Capability Flag 829 IANA maintains a subregistry called "Open Shortest Path First v2 830 (OSPFv2) Parameters" with a sub-registry called "Path Computation 831 Element (PCE) Capability Flags". IANA is requested to assign a new 832 capability bit from this registry as follows: 834 Bit | Capability Description | Reference 835 -------+-------------------------------+------------ 836 TBD1 | FlowSpec | [This.I-D] 838 11. Security Considerations 840 TBD. 842 12. Acknowledgements 844 Thanks to Julian Lucek and Sudhir Cheruathur for useful discussions. 846 13. References 848 13.1. Normative References 850 [I-D.dhodylee-pce-pcep-ls] 851 Dhody, D., Lee, Y., and D. Ceccarelli, "PCEP Extension for 852 Distribution of Link-State and TE Information.", draft- 853 dhodylee-pce-pcep-ls-08 (work in progress), June 2017. 855 [I-D.ietf-idr-flow-spec-v6] 856 McPherson, D., Raszuk, R., Pithawala, B., 857 akarch@cisco.com, a., and S. Hares, "Dissemination of Flow 858 Specification Rules for IPv6", draft-ietf-idr-flow-spec- 859 v6-08 (work in progress), March 2017. 861 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 862 Requirement Levels", BCP 14, RFC 2119, 863 DOI 10.17487/RFC2119, March 1997, 864 . 866 [RFC5440] Vasseur, JP., Ed. and JL. Le Roux, Ed., "Path Computation 867 Element (PCE) Communication Protocol (PCEP)", RFC 5440, 868 DOI 10.17487/RFC5440, March 2009, 869 . 871 [RFC5575] Marques, P., Sheth, N., Raszuk, R., Greene, B., Mauch, J., 872 and D. McPherson, "Dissemination of Flow Specification 873 Rules", RFC 5575, DOI 10.17487/RFC5575, August 2009, 874 . 876 13.2. Informative References 878 [I-D.ietf-idr-bgp-flowspec-oid] 879 Uttaro, J., Alcaide, J., Filsfils, C., Smith, D., and P. 880 Mohapatra, "Revised Validation Procedure for BGP Flow 881 Specifications", draft-ietf-idr-bgp-flowspec-oid-04 (work 882 in progress), March 2017. 884 [I-D.ietf-ospf-flowspec-extensions] 885 liangqiandeng, l., You, J., Wu, N., Fan, P., Patel, K., 886 and A. Lindem, "OSPF Extensions for Flow Specification", 887 draft-ietf-ospf-flowspec-extensions-01 (work in progress), 888 April 2016. 890 [I-D.ietf-pce-pce-initiated-lsp] 891 Crabbe, E., Minei, I., Sivabalan, S., and R. Varga, "PCEP 892 Extensions for PCE-initiated LSP Setup in a Stateful PCE 893 Model", draft-ietf-pce-pce-initiated-lsp-10 (work in 894 progress), June 2017. 896 [I-D.ietf-pce-segment-routing] 897 Sivabalan, S., Filsfils, C., Tantsura, J., Henderickx, W., 898 and J. Hardwick, "PCEP Extensions for Segment Routing", 899 draft-ietf-pce-segment-routing-09 (work in progress), 900 April 2017. 902 [I-D.ietf-pce-stateful-pce] 903 Crabbe, E., Minei, I., Medved, J., and R. Varga, "PCEP 904 Extensions for Stateful PCE", draft-ietf-pce-stateful- 905 pce-21 (work in progress), June 2017. 907 [I-D.ietf-pce-stateful-sync-optimizations] 908 Crabbe, E., Minei, I., Medved, J., Varga, R., Zhang, X., 909 and D. Dhody, "Optimizations of Label Switched Path State 910 Synchronization Procedures for a Stateful PCE", draft- 911 ietf-pce-stateful-sync-optimizations-10 (work in 912 progress), March 2017. 914 [I-D.ietf-teas-pce-central-control] 915 Farrel, A., Zhao, Q., Li, Z., and C. Zhou, "An 916 Architecture for Use of PCE and PCEP in a Network with 917 Central Control", draft-ietf-teas-pce-central-control-03 918 (work in progress), June 2017. 920 [RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private 921 Networks (VPNs)", RFC 4364, DOI 10.17487/RFC4364, February 922 2006, . 924 [RFC4655] Farrel, A., Vasseur, J., and J. Ash, "A Path Computation 925 Element (PCE)-Based Architecture", RFC 4655, 926 DOI 10.17487/RFC4655, August 2006, 927 . 929 [RFC4657] Ash, J., Ed. and J. Le Roux, Ed., "Path Computation 930 Element (PCE) Communication Protocol Generic 931 Requirements", RFC 4657, DOI 10.17487/RFC4657, September 932 2006, . 934 [RFC5088] Le Roux, JL., Ed., Vasseur, JP., Ed., Ikejiri, Y., and R. 935 Zhang, "OSPF Protocol Extensions for Path Computation 936 Element (PCE) Discovery", RFC 5088, DOI 10.17487/RFC5088, 937 January 2008, . 939 [RFC5089] Le Roux, JL., Ed., Vasseur, JP., Ed., Ikejiri, Y., and R. 940 Zhang, "IS-IS Protocol Extensions for Path Computation 941 Element (PCE) Discovery", RFC 5089, DOI 10.17487/RFC5089, 942 January 2008, . 944 [RFC7399] Farrel, A. and D. King, "Unanswered Questions in the Path 945 Computation Element Architecture", RFC 7399, 946 DOI 10.17487/RFC7399, October 2014, 947 . 949 [RFC7761] Fenner, B., Handley, M., Holbrook, H., Kouvelas, I., 950 Parekh, R., Zhang, Z., and L. Zheng, "Protocol Independent 951 Multicast - Sparse Mode (PIM-SM): Protocol Specification 952 (Revised)", STD 83, RFC 7761, DOI 10.17487/RFC7761, March 953 2016, . 955 [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for 956 Writing an IANA Considerations Section in RFCs", BCP 26, 957 RFC 8126, DOI 10.17487/RFC8126, June 2017, 958 . 960 Appendix A. Contributor Addresses 962 Shankara 963 Huawei Technologies 964 Divyashree Techno Park, 965 Whitefield Bangalore, 966 Karnataka 967 560066 968 India 970 Email: shankara@huawei.com 972 Qiandeng Liang 973 Huawei Technologies 974 101 Software Avenue, 975 Yuhuatai District 976 Nanjing 977 210012 978 China 980 Email: liangqiandeng@huawei.com 982 Cyril Margaria 983 Juniper Networks 984 200 Somerset Corporate Boulevard, Suite 4001 985 Bridgewater, NJ 986 08807 987 USA 989 Email: cmargaria@juniper.net 991 Colby Barth 992 Juniper Networks 993 200 Somerset Corporate Boulevard, Suite 4001 994 Bridgewater, NJ 995 08807 996 USA 998 Email: cbarth@juniper.net 1000 Xia Chen 1001 Huawei Technologies 1002 Huawei Bld., No.156 Beiqing Rd. 1003 Beijing 1004 100095 1005 China 1007 Email: jescia.chenxia@huawei.com 1009 Shunwan Zhuang 1010 Huawei Technologies 1011 Huawei Bld., No.156 Beiqing Rd. 1012 Beijing 1013 100095 1014 China 1016 Eemail: zhuangshunwan@huawei.com 1018 Authors' Addresses 1020 Dhruv Dhody (editor) 1021 Huawei Technologies 1022 Divyashree Techno Park, Whitefield 1023 Bangalore, Karnataka 560066 1024 India 1026 Email: dhruv.ietf@gmail.com 1028 Adrian Farrel (editor) 1029 Juniper Networks 1031 Email: afarrel@juniper.net 1033 Zhenbin Li 1034 Huawei Technologies 1035 Huawei Bld., No.156 Beiqing Rd. 1036 Beijing 100095 1037 China 1039 Email: lizhenbin@huawei.com