| PCE Working Group | M. Negi |
| Internet-Draft | Z. Li |
| Intended status: Standards Track | X. Geng |
| Expires: February 23, 2020 | Huawei Technologies |
| August 22, 2019 |
PCEP Procedures and Protocol Extensions for Using PCE as a Central Controller (PCECC) for SRv6
draft-dhody-pce-pcep-extension-pce-controller-srv6-02
The Path Computation Element (PCE) is a core component of Software- Defined Networking (SDN) systems. It can compute optimal paths for traffic across a network and can also update the paths to reflect changes in the network or traffic demands.
PCE was developed to derive paths for MPLS Label Switched Paths (LSPs), which are supplied to the head end of the LSP using the Path Computation Element Communication Protocol (PCEP). But SDN has a broader applicability than signaled (G)MPLS traffic-engineered (TE) networks, and the PCE may be used to determine paths in a range of use cases. PCEP has been proposed as a control protocol for use in these environments to allow the PCE to be fully enabled as a central controller.
A PCE-based central controller (PCECC) can simplify the processing of a distributed control plane by blending it with elements of SDN and without necessarily completely replacing it. This document specifies the procedures and PCEP protocol extensions when a PCE-based controller is also responsible for configuring the forwarding actions on the routers for Segment Routing in IPv6 (SRv6), in addition to computing the SRv6 paths for packet flows and telling the edge routers what instructions to attach to packets as they enter the network.
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."
This Internet-Draft will expire on February 23, 2020.
Copyright (c) 2019 IETF Trust and the persons identified as the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
The Path Computation Element (PCE) [RFC4655] was developed to offload path computation function from routers in an MPLS traffic-engineered network. Since then, the role and function of the PCE has grown to cover a number of other uses (such as GMPLS [RFC7025]) and to allow delegated control [RFC8231] and PCE-initiated use of network resources [RFC8281].
According to [RFC7399], Software-Defined Networking (SDN) refers to a separation between the control elements and the forwarding components so that software running in a centralized system, called a controller, can act to program the devices in the network to behave in specific ways. A required element in an SDN architecture is a component that plans how the network resources will be used and how the devices will be programmed. It is possible to view this component as performing specific computations to place traffic flows within the network given knowledge of the availability of network resources, how other forwarding devices are programmed, and the way that other flows are routed. This is the function and purpose of a PCE, and the way that a PCE integrates into a wider network control system (including an SDN system) is presented in [RFC7491].
In early PCE implementations, where the PCE was used to derive paths for MPLS Label Switched Paths (LSPs), paths were requested by network elements (known as Path Computation Clients (PCCs)), and the results of the path computations were supplied to network elements using the Path Computation Element Communication Protocol (PCEP) [RFC5440]. This protocol was later extended to allow a PCE to send unsolicited requests to the network for LSP establishment [RFC8281].
[RFC8283] introduces the architecture for PCE as a central controller as an extension of the architecture described in [RFC4655] and assumes the continued use of PCEP as the protocol used between PCE and PCC. [RFC8283] further examines the motivations and applicability for PCEP as a Southbound Interface (SBI), and introduces the implications for the protocol. [I-D.ietf-teas-pcecc-use-cases] describes the use cases for the PCECC architecture.
[I-D.ietf-pce-pcep-extension-for-pce-controller] specify the procedures and PCEP protocol extensions for using the PCE as the central controller for static LSPs, where LSPs can be provisioned as explicit label instructions at each hop on the end-to-end path.
Segment Routing (SR) technology leverages the source routing and tunneling paradigms. A source node can choose a path without relying on hop-by-hop signaling protocols such as LDP or RSVP-TE. Each path is specified as a set of "segments" advertised by link-state routing protocols (IS-IS or OSPF). [RFC8402] provides an introduction to SR architecture. The corresponding IS-IS and OSPF extensions are specified in [I-D.ietf-isis-segment-routing-extensions] and [I-D.ietf-ospf-segment-routing-extensions] , respectively. It relies on a series of forwarding instructions being placed in the header of a packet. The list of segment forming the path is called the Segment List and is encoded in the packet header. Segment Routing can be applied to the IPv6 architecture with the Segment Routing Header (SRH) [I-D.ietf-6man-segment-routing-header]. A segment is encoded as an IPv6 address. An ordered list of segments is encoded as an ordered list of IPv6 addresses in the routing header. The active segment is indicated by the Destination Address of the packet. Upon completion of a segment, a pointer in the new routing header is incremented and indicates the next segment. The segment routing architecture supports operations that can be used to steer packet flows in a network, thus providing a form of traffic engineering. [I-D.ietf-pce-segment-routing] and [I-D.ietf-pce-segment-routing-ipv6] specify the SR specific PCEP extensions.
PCECC may further use PCEP protocol for SR SID (Segment Identifier) distribution on the SR nodes with some benefits. [I-D.zhao-pce-pcep-extension-pce-controller-sr] specifies the procedures and PCEP protocol extensions when a PCE-based controller is also responsible for configuring the forwarding actions on the routers (SR SID distribution in this case), in addition to computing the paths for packet flows in a segment routing network and telling the edge routers what instructions to attach to packets as they enter the network. This document extends this to include SRv6 SID distribution as well.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.
Terminologies used in this document is same as described in the draft [RFC8283] and [I-D.ietf-teas-pcecc-use-cases].
[I-D.ietf-pce-segment-routing] specifies extensions to PCEP that allow a stateful PCE to compute, update or initiate SR-TE paths for MPLS dataplane. An ingress node of an SR-TE path appends all outgoing packets with a list of MPLS labels (SIDs). This is encoded in SR-ERO subobject, capable of carrying a label (SID) as well as the identity of the node/adjacency label (SID). [I-D.ietf-pce-segment-routing-ipv6] extends the procedure to include support for SRv6 paths.
As per [I-D.ietf-6man-segment-routing-header], an SRv6 Segment is a 128-bit value. "SRv6 SID" or simply "SID" are often used as a shorter reference for "SRv6 Segment". Further details are in an illustration provided in [I-D.ietf-spring-srv6-network-programming]. The SR is applied to IPV6 forwarding plane using SRH. A SR path can be derived from an IGP Shortest Path Tree (SPT), but SR-TE paths may not follow IGP SPT. Such paths may be chosen by a suitable network planning tool, or a PCE and provisioned on the ingress node. [I-D.ietf-pce-segment-routing-ipv6] extended SR-ERO subobject capable of carrying an SRv6 SID as well as the identity of the node/adjacency represented by the SID.
As per [RFC8283], PCE as a central controller can allocate and provision the node/prefix/adjacency label (SID) via PCEP. As per [I-D.ietf-teas-pcecc-use-cases] this is also applicable to SRv6 SIDs.
Rest of the processing is similar to existing stateful PCE with SRv6 mechanism.
Following key requirements for PCECC-SRv6 should be considered when` designing the PCECC based solution:
Active stateful PCE is described in [RFC8231]. PCE as a central controller (PCECC) reuses existing Active stateful PCE mechanism as much as possible to control the LSP.
This document uses the same PCEP messages and its extensions which are described in [I-D.ietf-pce-pcep-extension-for-pce-controller] and [I-D.zhao-pce-pcep-extension-pce-controller-sr] for PCECC-SRv6 as well.
PCEP messages PCRpt, PCInitiate, PCUpd are also used to send LSP Reports, LSP setup and LSP update respectively. The extended PCInitiate message described in [I-D.ietf-pce-pcep-extension-for-pce-controller] is used to download or cleanup central controller's instructions (CCIs) (SRv6 SID in scope of this document). The extended PCRpt message described in [I-D.ietf-pce-pcep-extension-for-pce-controller] is also used to report the CCIs (SRv6 SIDs) from PCC to PCE.
[I-D.ietf-pce-pcep-extension-for-pce-controller] specify an object called CCI for the encoding of central controller's instructions. [I-D.zhao-pce-pcep-extension-pce-controller-sr] extends the CCI by defining a object-type for segment routing. This document further extends the CCI by defining another object-type for SRv6.
During PCEP Initialization Phase, PCEP Speakers (PCE or PCC) advertise their support of PCECC extensions. A PCEP Speaker includes the "PCECC Capability" sub-TLV, described in [I-D.ietf-pce-pcep-extension-for-pce-controller].
A S-bit is added in PCECC-CAPABILITY sub-TLV to indicate support for PCECC-SR in [I-D.zhao-pce-pcep-extension-pce-controller-sr]. This document adds another I-bit to indicate support for SR in IPv6. A PCC MUST set I-bit in PCECC-CAPABILITY sub-TLV and include SRv6-PCE-CAPABILITY sub-TLV ([I-D.ietf-pce-segment-routing-ipv6]) in OPEN Object (inside the the PATH-SETUP-TYPE-CAPABILITY TLV) to support the PCECC SRv6 extensions defined in this document. If I-bit is set in PCECC-CAPABILITY sub-TLV and SRv6-PCE-CAPABILITY sub-TLV is not advertised in OPEN Object, PCE SHOULD send a PCErr message with Error-Type=19 (Invalid Operation) and Error-value=TBD(SRv6 capability was not advertised) and terminate the session.
As described in [I-D.zhao-pce-pcep-extension-pce-controller-sr], it is important to link the session IP address with the Router ID in TEDB for successful PCECC operations.
The PCEP messages pertaining to PCECC-SRv6 MUST include PATH-SETUP-TYPE TLV [RFC8408] with PST=TBD in the SRP object to clearly identify the PCECC-SRv6 setup is intended.
Segment Routing (SR) as described in [RFC8402] depends on "segments" that are advertised by Interior Gateway Protocols (IGPs). The SR-node allocates and advertises the SID (node, adj etc) and flood via the IGP. This document proposes a new mechanism where PCE allocates the SRv6 SID centrally and uses PCEP to advertise the SRv6 SID. In some deployments PCE (and PCEP) are better suited than IGP because of centralized nature of PCE and direct TCP based PCEP session to the node.
Each node (PCC) is allocated a node SRv6 SID by the PCECC. The PCECC sends PCInitiate message to update the SID table of each node. The TE router ID is determined from the TEDB or from "IPv4/IPv6 Router-ID" Sub-TLV [I-D.dhodylee-pce-pcep-ls], in the OPEN Object.
On receiving the SRv6 node SID allocation, each node (PCC) uses the local routing information to determine the next-hop and download the forwarding instructions accordingly. The PCInitiate message in this case MUST have FEC object.
On receiving the SRv6 node SID allocation:
The PCInitiate message in this case MUST have FEC object.
The forwarding behavior and the end result is similar to IGP based "Node-SID" in SRv6. Thus, from anywhere in the domain, it enforces the ECMP-aware shortest-path forwarding of the packet towards the related node.
PCE relies on the Node/Prefix SRv6 SID cleanup using the same PCInitiate message.
[I-D.ietf-pce-segment-routing] extends PCEP to allow a stateful PCE to compute and initiate SR-TE paths, as well as a PCC to request a path subject to certain constraint(s) and optimization criteria in SR networks.
For PCECC SR, apart from node-SID, Adj-SID is used where each adjacency is allocated an Adj-SID by the PCECC. The PCECC sends PCInitiate message to update the label map of each Adj to the corresponding nodes in the domain. Each node (PCC) download the SRv6 SID instructions accordingly. Similar to SRv6 Node/Prefix Label allocation, the PCInitiate message in this case uses the FEC object.
The forwarding behavior and the end result is similar to IGP based "Adj-SID" in SRv6.
The Path Setup Type for segment routing MUST be set for PCECC SRv6 = TBD (see Section 7.2). All PCEP procedures and mechanism are similar to [I-D.ietf-pce-segment-routing].
PCE relies on the Adj label cleanup using the same PCInitiate message.
[I-D.litkowski-pce-state-sync] describes synchronization mechanism between the stateful PCEs. The SRv6 SIDs allocated by a PCE MUST also be synchronized among PCEs for PCECC SRv6 state synchronization. Note that the SRv6 SIDs are independent to the PCECC-SRv6 paths, and remains intact till any topology change. The redundant PCEs MUST have a common view of all SRv6 SIDs allocated in the domain.
[I-D.ietf-pce-pcep-extension-for-pce-controller] describes the action needed for CCIs for the Basic PCECC LSP on this terminated session. Similarly actions should be applied for the SRv6 SID as well.
[I-D.ietf-pce-pcep-extension-for-pce-controller] describes the synchronization of Central Controller's Instructions (CCI) via LSP state synchronization as described in [RFC8231] and [RFC8232]. Same procedures should be applied for SRv6 SIDs as well.
The PCEP message is as per [I-D.zhao-pce-pcep-extension-pce-controller-sr].
[I-D.ietf-pce-pcep-extension-for-pce-controller] defined the PCECC-CAPABILITY TLV.
A new I-bit is defined in PCECC-CAPABILITY sub-TLV for PCECC-SRv6:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type=TBD | Length=4 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Flags |I|S|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
I (PCECC-SRv6-CAPABILITY - 1 bit): If set to 1 by a PCEP speaker, it indicates that the PCEP speaker is capable for PCECC-SRv6 capability and PCE would allocate node and Adj SRv6 SID on this session.
The PATH-SETUP-TYPE TLV is defined in [RFC8408]. PST = TBD is used when Path is setup via PCECC SRv6 mode.
On a PCRpt/PCUpd/PCInitiate message, the PST=TBD indicates that this path was setup via a PCECC-SRv6 based mechanism where either the SIDs were allocated/instructed by PCE via PCECC mechanism.
The Central Control Instructions (CCI) Object is used by the PCE to specify the forwarding instructions is defined in [I-D.ietf-pce-pcep-extension-for-pce-controller]. This document defines another object-type for SRv6 purpose.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| CC-ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MT-ID | Algorithm | Flags |N|E|V|L|O|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved | SRv6 Endpoint Function |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
| SRv6 Identifier |
| (128-bit) |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
// Optional TLV //
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
CCI Object-Type is TBD for SRv6 as below -
The field CC-ID is as described in [I-D.ietf-pce-pcep-extension-for-pce-controller]. The field MT-ID, Algorithm, Flags are defined in [I-D.zhao-pce-pcep-extension-pce-controller-sr].
Reserved: MUST be set to 0 while sending and ignored on receipt.
SRv6 Endpoint Function: 16 bit field representing supported functions associated with SRv6 SIDs.
SRv6 Identifier: 128 bit IPv6 addresses representing SRv6 segment.
[Editor's Note - It might be useful to seperate the LOC:FUNC part in the SRv6 SID]
The FEC Object is used to specify the FEC information and MAY be carried within PCInitiate or PCRpt message.
FEC Object (and various Object-Types) are described in [I-D.zhao-pce-pcep-extension-pce-controller-sr]. SRv6 Node SID MUST includes the FEC Object-Type 2 for IPv6 Node. SRv6 Adjacency SID MUST include the FEC Object-Type=4 for IPv6 adjacency. Further FEC object types would be added in future revisions.
The security considerations described in [I-D.ietf-pce-pcep-extension-for-pce-controller] apply to the extensions described in this document.
As per [RFC8231], it is RECOMMENDED that these PCEP extensions only be activated on authenticated and encrypted sessions across PCEs and PCCs belonging to the same administrative authority, using Transport Layer Security (TLS) [RFC8253] as per the recommendations and best current practices in [RFC7525] (unless explicitly set aside in [RFC8253]).
A PCE or PCC implementation SHOULD allow to configure to enable/disable PCECC SR capability as a global configuration.
[RFC7420] describes the PCEP MIB, this MIB can be extended to get the PCECC SR capability status.
The PCEP YANG module [I-D.ietf-pce-pcep-yang] could be extended to enable/disable PCECC SR capability.
Mechanisms defined in this document do not imply any new liveness detection and monitoring requirements in addition to those already listed in [RFC5440].
Mechanisms defined in this document do not imply any new operation verification requirements in addition to those already listed in [RFC5440] and [RFC8231].
PCEP extensions defined in this document do not put new requirements on other protocols.
PCEP implementation SHOULD allow a limit to be placed on the rate of PCInitiate/PCUpd messages (as per [RFC8231]) sent by PCE and processed by PCC. It SHOULD also allow sending a notification when a rate threshold is reached.
[I-D.ietf-pce-pcep-extension-for-pce-controller] defines the PCECC-CAPABILITY TLV and requests that IANA creates a registry to manage the value of the PCECC-CAPABILITY TLV's Flag field. IANA is requested to allocate a new bit in the PCECC-CAPABILITY TLV Flag Field registry, as follows:
| Bit | Description | Reference |
|---|---|---|
| TBD | I((PCECC-SRv6-CAPABILITY)) | This document |
IANA is requested to allocate new PST Field in PATH- SETUP-TYPE TLV. The allocation policy for this new registry should be by IETF Consensus. The new registry should contain the following value:
| Value | Description | Reference |
|---|---|---|
| TBD | Path is | This document |
| setup using PCECC-SRv6 mode |
IANA is requested to allocate new error types and error values within the "PCEP-ERROR Object Error Types and Values" sub-registry of the PCEP Numbers registry for the following errors:
Dhruv Dhody
Huawei Technologies
Divyashree Techno Park, Whitefield
Bangalore, Karnataka 560066
India
EMail: dhruv.ietf@gmail.com