Internet-Draft | EXPLICIT-INC-EXC-ABSTRACT-NODES | October 2013 |
Dhody, et al. | Expires 4 May 2014 | [Page] |
The ability to determine paths of point-to-multipoint (P2MP) Multiprotocol Label Switching (MPLS) and Generalized MPLS (GMPLS) Traffic Engineering Label Switched Paths (TE LSPs) is one the key requirements for Path Computation Element (PCE). [RFC6006] and [PCE-P2MP-PROCEDURES] describes these mechanisms for intra and inter domain path computation via PCE(s).¶
This document describes the motivation and PCEP extension for explicitly specifying abstract nodes for inclusion or exclusion for a subset of destinations during P2MP path computation via PCE(s).¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at http://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 4 April 2014.¶
Copyright (c) 2013 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.¶
The PCE architecture is defined in [RFC4655]. [RFC5862] lay out the requirements for PCEP to support P2MP path computation. [RFC6006] describe an extension to PCEP to compute optimal constrained intra-domain (G)MPLS P2MP TE LSPs. [PCE-P2MP-PROCEDURES] describes the mechanism for inter-domain P2MP path computation.¶
Further [RFC6006] describes mechanism to specify a list of nodes that can be used as branch nodes or a list of nodes that cannot be used as branch nodes via Branch Node Capability (BNC) object. The BNC object is used to specify which nodes have the capability to act as a branch nodes or which nodes lack the capabilty. It supports IPv4 and IPv6 prefix sub-objects only.¶
This document explains the need to add the capability to explicitly specify any abstract nodes (not just nodes with branch node capabiltiy) for inclusion or exclusion for a subset of destinations.¶
[PCE-P2MP-PROCEDURES] describes the core-tree procedure to compute inter-domain P2MP tree. It assumes that, due to deployment and commercial limitations, the sequence of domains for a path (the path domain tree) will be known in advance. For a group of destination which belong to a particular destination domain, the domain-sequence needs to be encoded separately as described in [DOMAIN-SEQ]. The mechanism, as described in this document, of explicitly specifying abstract nodes for inclusion or exclusion for a subset of destinations can be used for this purpose, where abstract nodes are domains.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].¶
The following terminology is used in this document.¶
[PCE-P2MP-PROCEDURES] describes the core-tree procedure for inter-domain path computation. The procedure assumes that the sequence of domains for a path (the path domain tree) will be known in advance due to deployment and commercial limitations (e.g., inter-AS peering agreements).¶
In the Figure 1 below, D1 is the root domain; D5 and D6 are the destination domains. The ingress is A in domain D1; egresses are X, Y in Domain D6 and Z in Domain D5.¶
In the Figure 2 below, the P2MP tree spans 5 domains. Destination in D6 (X and Y) would use the domain-sequence: D1-D3-D4-D6; and destination in D5 (Z) would use the domain-sequence: D1-D3-D4-D5.¶
Since destinations in different destination domain will have different domain sequence within the domain tree, it requires following encoding-¶
An extension in P2MP Path Computation request is needed to support this. (Refer Section 4.2)¶
The abstract nodes MAY include (but not limited to) domain subobjects AS number and IGP Area as described in [DOMAIN-SEQ].¶
[PCE-P2MP-PROCEDURES] also mentions PCE-sequence (i.e. list of PCE for each domain in the path domain tree). [RFC5886] specify PCE-ID object (used to specify a PCE's IP address) and <pce-list> (list of PCE or PCE-sequence). Like domain-sequence as explained above, PCE-sequence will be different for different destinations and thus should be encoded per destination.¶
[RFC6006] describes four possible types of leaves in a P2MP request encoded in P2MP END-POINTS object.¶
[RFC6006] only allows to encode a list of nodes that have (or have not) the branch node capability by using the Branch Node Capability (BNC) Object. This object apply to all destinations (old and new) in the P2MP tree.¶
For an existing P2MP tree with an overloaded branch node, when adding a set of new leaves, administrator may want to exclude that particular branch node to balance the final P2MP tree. This cannot be achieved via the BNC object but by explicitly excluding a particular node or including a different node, for the P2MP END-POINTS object for new leaves only.¶
Administrator at the Ingress can exert stronger control by providing explicit inclusion or exclusion of any abstract nodes (not limited to specifying nodes with branch node capability) for a group (subset) of destinations and not all destinations.¶
[RFC6006] defines Request Message Format and Objects, along with <end-point-rro-pair-list>. This section introduce the use of <pce-list>, <IRO> and <XRO> which are added to the <end-point-rro-pair-list>.¶
To allow abstract nodes to be explicitly included or excluded for a subset of destinations (encoded in one <END-POINTS> object), changes are made as shown below.¶
The abstract node (encoded as subobject in <IRO> and <XRO>) MAY be an absolute hop, IP-Prefix, Autonomous system or IGP Area. The subobjects are described in [RFC3209], [RFC3477], [RFC4874] and [DOMAIN-SEQ].¶
Note that one P2MP Path request can have multiple <END-POINTS> objects and each P2MP <END-POINTS> object may have multiple destinations, the <pce-list>, <IRO> and <XRO> is applied for all destinations in one such P2MP <END-POINTS> object.¶
The format of PCReq message is modified as follows:¶
<PCReq Message>::= <Common Header> <request> where: <request>::= <RP> <end-point-pce-iro-xro-rro-pair-list> [<OF>] [<LSPA>] [<BANDWIDTH>] [<metric-list>] [<IRO>] [<LOAD-BALANCING>] where: <end-point-pce-iro-xro-rro-pair-list>::= <END-POINTS> [<pce-list>] [<IRO>] [<XRO>] [<RRO-List>][<BANDWIDTH>] [<end-point-pce-iro-xro-rro-pair-list>] <pce-list>::=<PCE-ID>[<pce-list>] <RRO-List>::=<RRO>[<BANDWIDTH>][<RRO-List>] <metric-list>::=<METRIC>[<metric-list>]¶
From [RFC6006] usage of <end-point-rro-pair-list> is changed to <end-point-pce-iro-xro-rro-pair-list> in this document.¶
[RFC6006] describes Branch Node Capability (BNC) Object which is different from the use of <IRO> and <XRO> to specify inclusion/exclusion of abstract nodes for a subset of destinations as described here.¶
<pce-list> can be used to specify the Pce-sequence instead of domain-sequence.¶
A legacy implementation that does not support explicit inclusion or exclusion of abstract nodes for a subset of P2MP destinations will act according to the procedures set out in [RFC5440], that is it will find the P2MP Path Request message out of order with respect to the format specified in [RFC6006].¶
There are no new IANA allocation in this document.¶
PCEP security mechanisms as described in [RFC5440], [RFC6006] and [PCE-P2MP-PROCEDURES] are applicable for this document.¶
The new explicit inclusion or exclusion of abstract nodes for a subset of P2MP destination defined in this document allow finer and more specific control of the path computed by a PCE. Such control increases the risk if a PCEP message is intercepted, modified, or spoofed because it allows the attacker to exert control over the path that the PCE will compute or to make the path computation impossible. Therefore, the security techniques described in [RFC5440], [RFC6006] and [PCE-P2MP-PROCEDURES] are considered more important.¶
Note, however, that the route exclusion mechanisms also provide the operator with the ability to route around vulnerable parts of the network and may be used to increase overall network security.¶
Mechanisms defined in this document do not add any new control function/policy requirements in addition to those already listed in [RFC6006].¶
Mechanisms defined in this document do not imply any new MIB requirements.¶
Mechanisms defined in this document do not imply any new liveness detection and monitoring requirements in addition to those already listed in [RFC6006].¶
Mechanisms defined in this document do not imply any new operation verification requirements in addition to those already listed in [RFC6006].¶
Mechanisms defined in this document do not imply any requirements on other protocols in addition to those already listed in [RFC6006].¶
Mechanisms defined in this document do not have any impact on network operations in addition to those already listed in [RFC6006].¶
We would like to thank Pradeep Shastry, Suresh babu, Quintin Zhao, Daniel King and Chen Huaimo for their useful comments and suggestions.¶