idnits 2.17.1 draft-xu-mpls-in-udp-06.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (December 10, 2012) is 4156 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC5332' is defined on line 292, but no explicit reference was found in the text == Unused Reference: 'RFC6391' is defined on line 302, but no explicit reference was found in the text == Unused Reference: 'RFC6790' is defined on line 307, but no explicit reference was found in the text == Unused Reference: 'RFC5512' is defined on line 312, but no explicit reference was found in the text == Unused Reference: 'I-D.ietf-6man-udpchecksums' is defined on line 339, but no explicit reference was found in the text == Unused Reference: 'I-D.ietf-6man-udpzero' is defined on line 344, but no explicit reference was found in the text == Outdated reference: A later version (-06) exists of draft-ietf-mpls-entropy-label-01 -- Obsolete informational reference (is this intentional?): RFC 5512 (Obsoleted by RFC 9012) == Outdated reference: A later version (-11) exists of draft-ietf-l2vpn-evpn-00 == Outdated reference: A later version (-08) exists of draft-ietf-6man-udpchecksums-04 == Outdated reference: A later version (-12) exists of draft-ietf-6man-udpzero-07 Summary: 0 errors (**), 0 flaws (~~), 11 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Network working group X. Xu 2 Internet Draft Huawei 3 Category: Standard Track N. Sheth 4 Contrail Systems 5 L. Yong 6 Huawei 7 C Pignataro 8 Cisco 9 Y. Fan 10 China Telecom 12 Expires: May 2013 December 10, 2012 14 Encapsulating MPLS in UDP 16 draft-xu-mpls-in-udp-06 18 Abstract 20 Existing technologies to encapsulate Multi-Protocol Label Switching 21 (MPLS) over IP are not adequate for efficient load balancing of MPLS 22 application traffic, such as MPLS-based Layer2 Virtual Private 23 Network (L2VPN) or Layer3 Virtual Private Network (L3VPN) traffic 24 across IP networks. This document specifies additional IP-based 25 encapsulation technology, referred to as MPLS-in-User Datagram 26 Protocol (UDP), which can facilitate the load balancing of MPLS 27 application traffic across IP networks. 29 Status of this Memo 31 This Internet-Draft is submitted to IETF in full conformance with 32 the provisions of BCP 78 and BCP 79. 34 Internet-Drafts are working documents of the Internet Engineering 35 Task Force (IETF), its areas, and its working groups. Note that 36 other groups may also distribute working documents as Internet- 37 Drafts. 39 Internet-Drafts are draft documents valid for a maximum of six 40 months and may be updated, replaced, or obsoleted by other documents 41 at any time. It is inappropriate to use Internet-Drafts as reference 42 material or to cite them other than as "work in progress." 44 The list of current Internet-Drafts can be accessed at 45 http://www.ietf.org/ietf/1id-abstracts.txt. 47 The list of Internet-Draft Shadow Directories can be accessed at 48 http://www.ietf.org/shadow.html. 50 This Internet-Draft will expire on May 10, 2013. 52 Copyright Notice 54 Copyright (c) 2009 IETF Trust and the persons identified as the 55 document authors. All rights reserved. 57 This document is subject to BCP 78 and the IETF Trust's Legal 58 Provisions Relating to IETF Documents 59 (http://trustee.ietf.org/license-info) in effect on the date of 60 publication of this document. Please review these documents 61 carefully, as they describe your rights and restrictions with 62 respect to this document. 64 Conventions used in this document 66 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 67 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 68 document are to be interpreted as described in RFC-2119 [RFC2119]. 70 Table of Contents 72 1. Introduction ................................................ 3 73 1.1. Existing Technologies .................................. 3 74 1.2. Motivations for MPLS-in-UDP Encapsulation .............. 4 75 2. Terminology ................................................. 4 76 3. Encapsulation in UDP......................................... 4 77 4. Processing Procedures ....................................... 5 78 5. Applicability ............................................... 6 79 6. Security Considerations ..................................... 6 80 7. IANA Considerations ......................................... 6 81 8. Acknowledgements ............................................ 6 82 9. References .................................................. 7 83 9.1. Normative References ................................... 7 84 9.2. Informative References ................................. 7 85 Authors' Addresses ............................................. 8 87 1. Introduction 89 To fully utilize the bandwidth available in IP networks and/or 90 facilitate recovery from a link or node failure, load balancing of 91 traffic over Equal Cost Multi-Path (ECMP) and/or Link Aggregation 92 Group (LAG) across IP networks is widely used. In effect, most 93 existing core routers in IP networks are already capable of 94 distributing IP traffic flows over ECMP paths and/or LAG based on 95 the hash of the five-tuple of User Datagram Protocol (UDP)[RFC768] 96 and Transmission Control Protocol (TCP) packets (i.e., source IP 97 address, destination IP address, source port, destination port, and 98 protocol). 100 In practice, there are some scenarios for Multi-Protocol Label 101 Switching (MPLS) applications (e.g., MPLS-based Layer2 Virtual 102 Private Network (L2VPN) or Layer3 Virtual Private Network (L3VPN)) 103 where the MPLS application traffic needs to be transported through 104 IP-based tunnels, rather than MPLS tunnels. For example, MPLS-based 105 L2VPN or L3VPN technologies may be used for interconnecting 106 geographically dispersed enterprise data centers or branch offices 107 across IP Wide Area Networks (WAN) where enterprise own router 108 devices are deployed as L2VPN or L3VPN Provider Edge (PE) routers. 109 In this case, efficient load balancing of the MPLS application 110 traffic across IP networks is much desirable. 112 1.1. Existing Technologies 114 With existing IP-based encapsulation methods for MPLS applications, 115 such as MPLS-in-IP and MPLS-in-Generic Routing Encapsulation (GRE) 116 [RFC4023] or even MPLS-in-Layer Two Tunneling Protocol - Version 3 117 (L2TPv3)[RFC4817], distinct customer traffic flows between a given 118 PE router pair would be encapsulated with the same IP-based tunnel 119 headers prior to traversing the core of the IP WAN. Since the 120 encapsulated traffic is neither TCP nor UDP traffic, for many 121 existing core routers which could only perform hash calculation on 122 fields in the IP headers of those tunnels (i.e., source IP address, 123 destination IP address), it would be hard to achieve a fine-grained 124 load balancing of these traffic flows across the network core due to 125 the lack of adequate entropy information. 127 [RFC5640] describes a method for improving the load balancing 128 efficiency in a network carrying Softwire Mesh service over L2TPv3 129 and GRE encapsulation. However, this method requires core routers to 130 be capable of performing hash calculation on the "load-balancing" 131 field contained in the tunnel encapsulation headers (i.e., the 132 Session ID field in the L2TPv3 header or the Key field in the GRE 133 header), which means a non-trivial change to the date plane of many 134 existing core routers. 136 1.2. Motivations for MPLS-in-UDP Encapsulation 138 On basis of the fact that most existing core routers (i.e., P 139 routers in the context of MPLS-based L2VPN or L3VPN) are already 140 capable of balancing IP traffic flows over the IP networks based on 141 the hash of the five-tuple of UDP packets, it would be advantageous 142 to use MPLS-in-UDP encapsulation instead of MPLS-in-GRE or MPLS-in- 143 L2TPv3 in the environments where the load balancing of MPLS 144 application traffic across IP networks is much desired but the load 145 balancing mechanisms defined in [RFC5640] have not yet been widely 146 supported by most existing core routers. In this way, the default 147 load balancing capability of most existing core routers as mentioned 148 above can be utilized directly without requiring any change to them. 150 2. Terminology 152 This memo makes use of the terms defined in [RFC4364] and [RFC4664]. 154 3. Encapsulation in UDP 156 MPLS-in-UDP encapsulation format is shown as follows: 158 0 1 2 159 3 160 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 161 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 162 | Source Port = entropy | Dest Port = MPLS | 163 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 164 | UDP Length | UDP Checksum | 165 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 166 | | 167 ~ MPLS Label Stack ~ 168 | | 169 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 170 | | 171 ~ Message Body ~ 172 | | 173 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 175 Source Port of UDP 177 This field contains an entropy value that is generated 178 by the ingress PE router. For example, the entropy value 179 can be generated by performing hash calculation on 180 certain fields in the customer packets (e.g., the five 181 tuple of UDP/TCP packets). 183 Destination Port of UDP 185 This field is set to a value (TBD) indicating the MPLS 186 packet encapsulated in the UDP header is a MPLS one or a 187 MPLS one with upstream-assigned label. 189 UDP Length 191 The usage of this field is in accordance with the 192 current UDP specification. 194 UDP Checksum 196 The usage of this field is in accordance with the 197 current UDP specification. To simplify the operation on 198 egress PE routers, this field is recommended to be set 199 to zero. 201 MPLS Label Stack 203 This field contains an MPLS Label Stack as defined in 204 [RFC3032]. 206 Message Body 208 This field contains one MPLS message body. 210 4. Processing Procedures 212 This MPLS-in-UDP encapsulation causes MPLS packets to be forwarded 213 through "UDP tunnels". When performing MPLS-in-UDP encapsulation by 214 an ingress PE router, the entropy value would be generated by the 215 ingress PE router and then be filled in the Source Port field of the 216 UDP header. 218 P routers, upon receiving these UDP encapsulated packets, could 219 balance these packets based on the hash of the five-tuple of UDP 220 packets. 222 Upon receiving these UDP encapsulated packets, egress PE routers 223 would decapsulate them by removing the UDP headers and then process 224 them accordingly. 226 As for other common processing procedures associated with tunneling 227 encapsulation technologies including but not limited to Maximum 228 Transmission Unit (MTU) and preventing fragmentation and reassembly, 229 Time to Live (TTL) and differentiated services, the corresponding 230 procedures defined in [RFC4023] which are applicable for MPLS-in-IP 231 and MPLS-in-GRE encapsulation formats SHOULD be followed. 233 5. Applicability 235 Besides the MPLS-based L3VPN [RFC4364] and L2VPN [RFC4761, RFC4762] 236 [E-VPN] applications, MPLS-in-UDP encapsulation could apply to other 237 MPLS applications including but not limited to 6PE [RFC4798] and 238 PWE3 services. 240 6. Security Considerations 242 Just like MPLS-in-GRE and MPLS-in-IP encapsulation formats, the 243 MPLS-in-UDP encapsulation format defined in this document by itself 244 cannot ensure the integrity and privacy of data packets being 245 transported through the MPLS-in-UDP tunnels and cannot enable the 246 tunnel decapsulators to authenticate the tunnel encapsulator. In the 247 case where any of the above security issues is concerned, the MPLS- 248 in-UDP tunnels SHOULD be secured with IPsec in transport mode. In 249 this way, the UDP header would not be seeable to P routers anymore. 250 As a result, the meaning of adopting MPLS-in-UDP encapsulation 251 format as an alternative to MPLS-in-GRE and MPLS-in-IP encapsulation 252 formats is lost. Hence, MPLS-in-UDP encapsulation format SHOULD be 253 used only in the scenarios where all the security issues as 254 mentioned above are not significant concerns. For example, in a data 255 center environment, the whole network including P routers and PE 256 routers are under the control of a single administrative entity and 257 therefore there is no need to worry about the above security issues. 259 7. IANA Considerations 261 Two distinct UDP destination port numbers indicating MPLS and MPLS 262 with upstream-assigned label respectively need to be assigned by 263 IANA. 265 8. Acknowledgements 267 Thanks to Shane Amante, Dino Farinacci, Keshava A K, Ivan Pepelnjak, 268 Eric Rosen, Andrew G. Malis, Kireeti Kompella, Marshall Eubanks, 269 Vivek Kumar, Weiguo Hao, Zhenxiao Liu and Xing Tong for their 270 valuable comments on the idea of MPLS-in-UDP encapsulation. Thanks 271 to Daniel King, Gregory Mirsky and Eric Osborne for their valuable 272 reviews on this draft. 274 9. References 276 9.1. Normative References 278 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 279 Requirement Levels", BCP 14, RFC 2119, March 1997. 281 9.2. Informative References 283 [RFC4364] Rosen, E and Y. Rekhter, "BGP/MPLS IP Virtual Private 284 Networks (VPNs)", RFC 4364, February 2006. 286 [RFC4664] Andersson, L. and Rosen, E. (Editors),"Framework for Layer 287 2 Virtual Private Networks (L2VPNs)", RFC 4664, Sept 2006. 289 [RFC4023] Worster, T., Rekhter, Y., and E. Rosen, "Encapsulating 290 MPLS in IP or GRE", RFC4023, March 2005. 292 [RFC5332] Eckert, T., Rosen, E., Aggarwal, R., and Y. Rekhter, "MPLS 293 Multicast Encapsulations", RFC 5332, August 2008. 295 [RFC4817] M. Townsley, C. Pignataro, S. Wainner, T. Seely and J. 296 Young, "Encapsulation of MPLS over Layer 2 Tunneling 297 Protocol Version 3, March 2007. 299 [RFC5640] Filsfils, C., Mohapatra, P., and C. Pignataro, "Load- 300 Balancing for Mesh Softwires", RFC 5640, August 2009. 302 [RFC6391] Bryant, S., Filsfils, C., Drafz, U., Kompella, V., Regan, 303 J., and S. Amante, "Flow Aware Transport of Pseudowires 304 over an MPLS Packet Switched Network", RFC6391, November 305 2011 307 [RFC6790] Kompella, K., Drake, J., Amante, S., Henderickx, W., and L. 308 Yong, "The Use of Entropy Labels in MPLS Forwarding", 309 draft-ietf-mpls-entropy-label-01, work in progress, 310 October, 2011. 312 [RFC5512] Mohapatra, P. and E. Rosen, "The BGP Encapsulation 313 Subsequent Address Family Identifier (SAFI) and the 314 BGP Tunnel Encapsulation Attribute", RFC 5512, April 315 2009. 317 [RFC4798] J Declerq et al., "Connecting IPv6 Islands over IPv4 MPLS 318 using IPv6 Provider Edge Routers (6PE)", RFC4798, February 319 2007. 321 [RFC4761] Kompella, K. and Y. Rekhter, "Virtual Private LAN Service 322 (VPLS) Using BGP for Auto-Discovery and Signaling", RFC 323 4761, January 2007. 325 [RFC4762] Lasserre, M. and V. Kompella, "Virtual Private LAN Service 326 (VPLS) Using Label Distribution Protocol (LDP) Signaling", 327 RFC 4762, January 2007. 329 [E-VPN] Aggarwal et al., "BGP MPLS Based Ethernet VPN", draft-ietf- 330 l2vpn-evpn-00.txt, work in progress, February, 2012. 332 [RFC3032] Rosen, E., Tappan, D., Fedorkow, G., Rekhter, Y., 333 Farinacci, D., Li, T., and A. Conta, "MPLS Label Stack 334 Encoding", RFC 3032, January 2001. 336 [RFC768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, 337 August 1980. 339 [I-D.ietf-6man-udpchecksums] Eubanks, M., Chimento, P., and M. 340 Westerlund, "UDP Checksums for Tunneled Packets", 341 draft-ietf-6man-udpchecksums-04 (work in progress), 342 September 2012. 344 [I-D.ietf-6man-udpzero] Fairhurst, G. and M. Westerlund, 345 "Applicability Statement for the use of IPv6 UDP Datagrams 346 with Zero Checksums", draft-ietf-6man-udpzero-07 (work in 347 progress), October 2012. 349 Authors' Addresses 351 Xiaohu Xu 352 Huawei Technologies, 353 Beijing, China 354 Phone: +86-10-60610041 355 Email: xuxiaohu@huawei.com 357 Nischal Sheth 358 Contrail Systems 359 Email: nsheth@contrailsystems.com 361 Lucy Yong 362 Huawei USA 363 5340 Legacy Dr. 364 Plano TX75025 365 Phone: 469-277-5837 366 Email: Lucy.yong@huawei.com 367 Carlos Pignataro 368 Cisco Systems 369 7200-12 Kit Creek Road 370 Research Triangle Park, NC 27709 371 USA 372 EMail: cpignata@cisco.com 374 Yongbing Fan 375 China Telecom 376 Guangzhou, China. 377 Phone: +86 20 38639121 378 Email: fanyb@gsta.com 380 Zhenbin Li 381 Huawei Technologies, 382 Beijing, China 383 Phone: +86-10-60613676 384 Email: lizhenbin@huawei.com