I2RS | D. Liu |
Internet-Draft | China Mobile |
Intended status: Informational | B. Khasnabish |
Expires: January 10, 2014 | ZTE |
H. Deng | |
China Mobile | |
July 09, 2013 |
Architecture Discussion of I2RS
draft-liu-i2rs-architecture-01
This document discusses the high level architecture of I2RS. We plan to include discussion on virtualization, service chaining, and grouping in a future version of this draft.
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 10, 2014.
Copyright (c) 2013 IETF Trust and the persons identified as the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
This document discusses the high level architecture of I2RS. As illustrated in figure 1, the I2RS architecture is composed by three types of building blocks. The first type of the building block is the user of I2RS interface. The users could be network controllers, network management functions, other user applications etc. The user application uses the I2RS interface interacts with the routing system. The second type of the building block is management functions. This include configuration management function and security management function. The configuration management function is used to configure the I2RS interface. The security function is used to enforce the security polices of the I2RS interface. The third type of the building block is routing function. This build block includes routing information base, IP forwarding table etc. The routing information base could be accessed by the I2RS users using the I2RS interface.
Figure 1 architecture of I2RS
+------------------+ +------------------+ +-----------------+ |Network Controller| |Network Management| | User Application|.. +------------------+ +------------------+ +-----------------+ | | | | \---------------| |--------------------/ | | I2RS Interface +----------------------+ | | +------------------+ |Configuration Function|----| |-----|Security Function | +----------------------+ | | +------------------+ | | | | Routing Function +---------------------------| |--------------------------------+ | | | | | +------------+ | | +-----------+ | | |OSPF process| | | |BGP process| ... | | +------------+ | | +-----------+ | | | | | | | | | +------------------------+ | | | +-----|Routing Information Base|-------+ | | +------------------------+ | | | | +---------------------------|----------------------------------+ | {OF, ForCES, .. Protocol} | Forwarding Function +---------------------------|----------------------------------+ | | | | | | | +--------------------+ | | | IP Forwarding Table| | | +--------------------+ | | | +--------------------------------------------------------------+
Figure 1
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119 [RFC2119].
In this document, these words will appear with that interpretation only when in ALL CAPS. Lower case uses of these words are not to be interpreted as carrying RFC-2119 significance.
A list of acronyms and abbreviations used in this document are presented below.
This section discusses the function of the building block of the I2RS architecture.
i. I2RS user application
The I2RS user application communicate with the routing information base using the I2RS interface. The user application can read the routing information from the routing information base, it can also inject polices, routing information etc into the routing information base. The I2RS interface could be RESTful API or websocket etc. There should be an authentication mechanism in the I2RS architecture that only allow the authorized application communicate with the routing system.
ii. Configuration function
The I2RS interface could be configured by the configuration function. The I2RS user application could customize the I2RS interface function and set the I2RS interface parameters by the configuration function.
iii. Security function
Security function is an important building block of the I2RS architecture. It will ensure only authorized application can use the I2RS interface and communicate with the routing system. There could be different level of authorization. For example, the security function can allow some application only read from the routing system while other application can both read and inject polices into the routing system.
iv. Routing function
The routing function is composed of routing information base (RIB), IP forwarding table and the routing processes. The I2RS application could communicate with the routing information base using the I2RS interface. It can read or inject routing information into the routing information base. The routing processes can also inject routing information into the routing information base.
iv. Forwarding function
The forwarding function facilitates forwarding of flows/packets. It can operate using simple Table or sophisticated dynamic matrix for intelligent processing of flows.
This section discusses the I2RS application and agent function in the architecture. There are many applications can use the I2RS interfaces. For example, network management application can use I2RS interface to get the network topology information. I2RS agent locates in the routing function and communicates with the I2RS application.
This section discusses the I2RS interfaces in the architecture. The I2RS interface is the interface between the I2RS application and the I2RS agent.
This section discusses the network and service control in the architecture. Network control may include control of both virtual and physical network entities. The services may include chaining of network services (NSCs) and grouping network services (NSGs).
This section discusses the management consideration of the architecture. In addition to managing the configurations of the virtual and physical network entities, this may include managing service-specific meta-data and configurations of the hosts that provide network-based value-added services like policy, compliance, load-balancing, and so on.
Security function is very important for the I2RS architecture. It should provide authentication mechanism and data protection mechanism to protect critical routing information.
No IANA action is required.
.
[RFC2119] | Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. |
[RFC2328] | Moy, J., "OSPF Version 2", STD 54, RFC 2328, April 1998. |
[RFC4271] | Rekhter, Y., Li, T. and S. Hares, "A Border Gateway Protocol 4 (BGP-4)", RFC 4271, January 2006. |