Internet DRAFT - draft-boucadair-sfc-requirements
draft-boucadair-sfc-requirements
SFC M. Boucadair
Internet-Draft C. Jacquenet
Intended status: Informational France Telecom
Expires: August 17, 2015 Y. Jiang
Huawei Technologies Co., Ltd.
R. Parker
Affirmed Networks
K. Naito
NTT
February 13, 2015
Requirements for Service Function Chaining (SFC)
draft-boucadair-sfc-requirements-06
Abstract
This document identifies the requirements for the Service Function
Chaining (SFC).
Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 17, 2015.
Copyright Notice
Copyright (c) 2015 IETF Trust and the persons identified as the
document authors. All rights reserved.
Boucadair, et al. Expires August 17, 2015 [Page 1]
Internet-Draft SFC Requirements February 2015
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 2
3. Detailed Requirements List . . . . . . . . . . . . . . . . . 3
3.1. Instantiating and Invoking Service Functions . . . . . . 3
3.2. Chaining Service Functions . . . . . . . . . . . . . . . 4
3.3. MTU Requirements . . . . . . . . . . . . . . . . . . . . 5
3.4. Independence from the Underlying Transport Infrastructure
Requirements . . . . . . . . . . . . . . . . . . . . . . 6
3.5. Traffic Classification Requirements . . . . . . . . . . . 6
3.6. Data Plane Requirements . . . . . . . . . . . . . . . . . 7
3.7. OAM Requirements . . . . . . . . . . . . . . . . . . . . 8
3.8. Recovery and Load Balancing Requirements . . . . . . . . 10
3.9. Compatibility with Legacy Service Functions Requirements 11
3.10. QoS Requirements . . . . . . . . . . . . . . . . . . . . 11
3.11. Security Requirements . . . . . . . . . . . . . . . . . . 11
4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12
5. Security Considerations . . . . . . . . . . . . . . . . . . . 12
6. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 12
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 13
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 13
8.1. Normative References . . . . . . . . . . . . . . . . . . 13
8.2. Informative References . . . . . . . . . . . . . . . . . 13
1. Introduction
This document identifies the requirements for the Service Function
Chaining (SFC).
The overall problem space is described in
[I-D.ietf-sfc-problem-statement].
2. Terminology
The reader should be familiar with the terms defined in
[I-D.ietf-sfc-problem-statement].
Boucadair, et al. Expires August 17, 2015 [Page 2]
Internet-Draft SFC Requirements February 2015
The document makes use of the following terms:
o SFC-enabled domain: denotes a network (or a region thereof) that
implements SFC.
o Service Function Loop: If a Service Function Chain is structured
to not invoke Service Functions multiple times, a loop is the
error that occurs when the same Service Function is invoked
several times when handling data bound to that Service Function
Chain. In other words, a loop denotes an error that occurs when a
packet handled by a Service Function, forwarded onwards, and
arrives once again at that Service Function while this is not
allowed by the Service Function Chain it is bound to.
o Service Function Spiral: denotes a Service Function Chain in which
data is handled by a Service Function, forwarded onwards, and
arrives once again at that Service Function.
* Note that some Service Functions support built-in functions to
accommodate spirals; these service-specific functions may
require that the data received in a spiral should differ in a
way that will result in a different processing decision than
the original data. This document does not make such
assumption.
* A Service Function Chain may involve one or more Service
Function Spirals.
* Unlike Service Function loop, spirals are not considered as
errors.
3. Detailed Requirements List
The following set of functional requirements should be considered for
the design of the Service Function Chaining solution.
3.1. Instantiating and Invoking Service Functions
SF_REQ#1: The solution MUST NOT make any assumption on whether
Service Functions (SF) are deployed directly on physical
hardware, as one or more Virtual Machines, or any
combination thereof.
SF_REQ#2: The solution MUST NOT make any assumption on whether
Service Functions each reside on a separate addressable
Network Element, or as a horizontal scaling of Service
Functions, or are co-resident in a single addressable
Network Element, or any combination thereof.
Boucadair, et al. Expires August 17, 2015 [Page 3]
Internet-Draft SFC Requirements February 2015
Note: Communications between Service Functions having
the same locator are considered implementation-
specific. These considerations are therefore out of
scope of the SFC specification effort.
SF_REQ#3: The solution MUST NOT require any IANA registry for
Service Functions.
SF_REQ#4: The solution MUST allow multiple instances of a given
Service Function ( i.e., instances of a Service Function
can be embedded in or attached to multiple Network
Elements).
A. This is used for load-balancing, load-sharing, to
minimize the impact of failures (e.g., by means of a
hot or cold standby protection design), to accommodate
planned maintenance operations, etc.
B. How these multiple devices are involved in the service
delivery is deployment-specific.
SF_REQ#5: The solution MUST separate SF-specific policy
provisioning-related aspects from the actual handling of
packets (including forwarding decisions).
3.2. Chaining Service Functions
SFC_REQ#1: The solution MUST NOT assume any predefined order of
Service Functions. In particular, the solution MUST NOT
require any IANA registry to store typical Service
Function Chains.
SFC_REQ#2: The identification of instantiated Service Function
Chains is local to each administrative domain; it is
policy-based and deployment-specific.
SFC_REQ#3: The solution MUST allow for multiple Service Chains to be
simultaneously enforced within an administrative domain.
SFC_REQ#4: The solution MUST allow the same Service Function to
belong to multiple Service Function Chains.
SFC_REQ#5: The solution MUST support the ability to deploy multiple
SFC-enabled domains within the same administrative
domain.
SFC_REQ#6: The solution MUST be able to associate the same or
distinct Service Function Chains for each direction
Boucadair, et al. Expires August 17, 2015 [Page 4]
Internet-Draft SFC Requirements February 2015
(inbound/outbound) of the traffic pertaining to a
specific service. In particular, unidirectional Service
Function Chains, bi-directional Service Function Chains,
or any combination thereof MUST be supported.
Note, the solution must allow to involve distinct SFC
Boundary Nodes for upstream and downstream. Multiple
SFC Boundary Nodes may be deployed within an
administrative domain.
SFC_REQ#7: The solution MUST be able to dynamically enforce Service
Function Chains. In particular, the solution MUST allow
the update or the withdrawal of existing Service Function
Chains, the definition of a new Service Function Chain,
the addition of new Service Functions without having any
impact on other existing Service Functions or other
Service Function Chains.
SFC_REQ#8: The solution MUST provide means to control the SF-
inferred information to be leaked outside an SFC-enabled
domain. In particular, an administrative entity MUST be
able to prevent the exposure of the Service Function
Chaining logic and its related policies outside the
administrative domain.
SFC_REQ#9: The solution MUST prevent infinite Service Function
Loops.
A. Service Functions MAY be invoked multiple times in
the same Service Function Chain (denoted as SF
Spiral), but the solution MUST prevent infinite
forwarding loops.
3.3. MTU Requirements
Packet fragmentation can be very expensive in SFC environment where
fragmented packets have to be reassembled before sending to each SF
on the chain. It is also worth noting that IPv6 traffic can only be
fragmented by the end systems.
MTU_REQ#1: The solution SHOULD minimize fragmentation; in
particular, a minimal set of SFC-specific information
should be conveyed in the data packet.
MTU_REQ#2: Traffic forwarding on a SFC basis MUST be undertaken
without relying on dedicated resources to treat
fragments. In particular, Out of order fragments MUST be
Boucadair, et al. Expires August 17, 2015 [Page 5]
Internet-Draft SFC Requirements February 2015
forwarded on a per-SFC basis without relying on any
state.
MTU_REQ#3: Some SFs (e.g., NAT) may require dedicated resources
(e.g., resources to store fragmented packets) or they may
adopt a specific behavior (e.g, limit the time interval
to accept fragments). The solution MUST NOT interfere
with such practices.
3.4. Independence from the Underlying Transport Infrastructure
Requirements
UN_REQ#1: The solution MUST NOT make any assumption on how RIBs
(Routing Information Bases) and FIBs (Forwarding
Information Bases) are populated. Particularly, the
solution does not make any assumption on protocols and
mechanisms used to build these tables.
UN_REQ#2: The solution MUST be transport independent.
A. The Service Function Chaining should operate
regardless of the network transport used by the
administrative entity. In particular, the solution
can be used whatever the switching technologies
deployed in the underlying transport infrastructure.
B. Techniques such as MPLS are neither required nor
excluded.
UN_REQ#3: The solution MUST allow for chaining logics where involved
Service Functions are not within the same layer 3 subnet.
UN_REQ#4: The solution MUST NOT exclude Service Functions to be
within the same IP subnet (because this is deployment-
specific).
3.5. Traffic Classification Requirements
TC_REQ#1: The solution MUST NOT make any assumption on how the
traffic is to be bound to a given chaining policy. In
other words, classification rules are deployment-specific
and policy-based. For instance, classification can rely
on a subset of the information carried in a received
packet such as 5-tuple classification, be subscriber-
aware, be driven by traffic engineering considerations, or
any combination thereof.
Boucadair, et al. Expires August 17, 2015 [Page 6]
Internet-Draft SFC Requirements February 2015
Because a large number (e.g., 1000s) of classification
policy entries may be configured, means .Means to
reduce classification look-up time such as optimizing
the size of the classification table (e.g.,
aggregation) should be supported by the Classifier.
TC_REQ#2: The solution MUST NOT require every Service Function to be
co-located with a SFC Classifier; this is a deployment-
specific decision.
TC_REQ#3: The solution MAY allow traffic re-classification at the
level of Service Functions (i.e., a Service Function can
also be co-located with a Classifier). The configuration
of classification rules in such context are the
responsibility of the administrative entity that operates
the SFC-enabled domain.
TC_REQ#4: The solution MUST allow Service Function Nodes to be
configured (or pushed) with the detailed policies on which
local Service Functions to invoke for packets associated
with some Service Function Chains. The solution MUST
allow those steering policies to be updated based on
demand.
3.6. Data Plane Requirements
DP_REQ#1: The solution MUST be able to forward traffic between two
Service Functions (involved in the same Service Function
Chain) without relying upon the destination address field
of the a data packet.
DP_REQ#2: The solution MUST allow for the association of a context
with the data packets. In particular:
A. The solution MUST support the ability to invoke
differentiated sets of policies for a Service Function
(such sets of policies are called Profiles). A
profile denotes a set of policies configured to a
local Service Function (e.g., content-filter-child,
content-filter-adult).
a. Few profiles should be assumed per Service
Function to accommodate the need for scalable
solutions.
b. A finer granularity of profiles may be configured
directly to each Service Function; there is indeed
Boucadair, et al. Expires August 17, 2015 [Page 7]
Internet-Draft SFC Requirements February 2015
no need to overload the design of Service Function
Chains with policies of low-level granularity.
DP_REQ#3: Service Functions may be reachable using IPv4 and/or IPv6.
The administrative domain entity MUST be able to define
and enforce policies with regards to the address family to
be used when invoking a Service Function.
A. A Service Function Chain may be composed of IPv4
addresses, IPv6 addresses, or a mix of both IPv4 and
IPv6 addresses.
B. Multiple Service Functions can be reachable using the
same IP address. Each of these Service Functions is
unambiguously identified with a Service Function
Identifier.
DP_REQ#4:
3.7. OAM Requirements
OAM_REQ#1: The solution MUST allow for Operations, Administration,
and Maintenance (OAM) features [RFC6291]. In particular,
the solution MUST:
A. Support means to verify the completion of the
forwarding actions until the SFC Border Node is
reached (see Section 3.4.1 of [RFC5706]).
B. Support means to ensure coherent classification rules
are installed in and enforced by all the Classifiers
of the SFC domain.
C. Support means to correlate classification policies
with observed forwarding actions.
D. Support in-band liveliness and functionality checking
mechanisms for the instantiated Service Function
Chains and the Service Functions that belong to these
chains.
OAM_REQ#2: The solution MUST support means to detect the liveliness
of Service Functions of an SFC-enabled domain. In
particular, the solution MUST support means to
(dynamically) detect that a Service Function instance is
out of service and notify the relevant elements
accordingly (PDP and Classifiers, for one).
Boucadair, et al. Expires August 17, 2015 [Page 8]
Internet-Draft SFC Requirements February 2015
OAM_REQ#3: Detailed diagnosis requirements are listed below:
A. The solution MUST allow to assess the status of the
serviceability of a Service Function (i.e., the
Service Function provides the service(s) it is
configured for).
B. The solution MUST NOT rely only on IP reachability to
assess whether a Service Function is up and running.
C. The solution MUST allow to diagnose the availability
of a Service Function Chain (including the
availability of a particular Service Function Path
bound to a given Service Function Chain).
D. The solution MUST allow to retrieve the set of
Service Function Chains that are enabled within a
domain.
E. The solution MUST allow to retrieve the set of s
Service Function Chains in which a given Service
Function is involved.
F. The solution MUST allow to assess whether an SFC-
enabled domain is appropriately configured (including
the configured chains are matching what should be
configured in that domain).
G. The solution MUST allow to assess the output of the
classification rule applied on a packet presented to
a Classifier of an SFC-enabled domain.
H. The solution MUST support the correlation between a
Service Function Chain and the actual forwarding path
followed by a packet matching that SFC.
I. The solution MUST allow to diagnose the availability
of a segment of a Service Function Chain, i.e., a
subset of Service Functions that belong to the said
chain.
J. The solution MUST support means to notify the PDPs
whenever some events occur (for example, a
malfunctioning Service Function instance).
K. The solution MUST allow for local diagnostic
procedures specific to each Service Function (i.e.,
SF built-in diagnostic procedures).
Boucadair, et al. Expires August 17, 2015 [Page 9]
Internet-Draft SFC Requirements February 2015
L. The solution MUST allow for customized service
diagnostic.
OAM_REQ#4: Liveness status records for all Service Functions
(including Service Function instances), Service Function
Nodes, Service Function Chains (including the Service
Function Paths bound to a given chain) MUST be
maintained.
OAM_REQ#5: SFC-specific counters and statistics MUST be provided.
These data include (but not limited to):
* Number of flows ever and currently assigned to a given
Service Function Chain and a given Service Function
Path.
* Number of flows, packets, bytes dropped due to policy.
* Number of packets and bytes in/out per Service
Function Chain and per Service Function Path.
* Number of flows, packets, bytes dropped due to unknown
Service Function Chain or Service Function Path (this
is valid in particular for a Service Function Node).
3.8. Recovery and Load Balancing Requirements
LB_REQ#1: The solution MUST allow for load-balancing among multiple
instances of the same Service Function.
A. Load-balancing may be provided by legacy technologies
or protocols (e.g., make use of load-balancers)
B. Load-balancing may be part of the Service Function
itself.
C. Load-balancer may be considered as a Service Function
element.
D. Because of the possible complications, load balancing
SHOULD NOT be driven by the SFC Classifier.
LB_REQ#2: The solution MUST separate SF-specific policy
provisioning-related aspects from the actual handling of
packets (including forwarding decisions).
LB_REQ#3: The solution SHOULD support protection of the failed or
over-utilized Service Function instances. The protection
Boucadair, et al. Expires August 17, 2015 [Page 10]
Internet-Draft SFC Requirements February 2015
mechanism can rely on local decisions among the nodes that
are connected to both active/standby Service Function
instances.
3.9. Compatibility with Legacy Service Functions Requirements
LEG_REQ#1: The solution MUST allow for gradual deployment in legacy
infrastructures, and therefore coexist with legacy
technologies that cannot support SFC-specific
capabilities, such as Service Function Chain
interpretation and processing. The solution MUST be able
to work in a domain that may be partly composed of opaque
elements, i.e., elements that do not support SFC-specific
capabilities.
3.10. QoS Requirements
QoS_REQ#1: The solution MUST be able to provide different SLAs
(Service Level Agreements, [RFC7297]). In particular,
A. The solution MUST allow for different levels of
service to be provided for different traffic streams
(e.g., configure Classes of Service (CoSes)).
B. The solution MUST be able to work properly within a
Diffserv domain [RFC2475].
C. The solution SHOULD support the two modes defined in
[RFC2983].
QoS_REQ#2: ECN re-marking, when required, MUST be performed
according to [RFC6040].
3.11. Security Requirements
SEC_REQ#1: The solution MUST provide means to prevent any
information leaking that would be used as a hint to guess
internal engineering practices (e.g., network topology,
service infrastructure topology, hints on the enabled
mechanisms to protect internal service infrastructures,
etc.).
The solution MUST support means to protect the SFC
domain as a whole against attacks that would lead to
the discovery of Service Functions enabled in a SFC
domain.
In particular, topology hiding means MUST be supported
to avoid the exposure of the SFC-enabled domain
Boucadair, et al. Expires August 17, 2015 [Page 11]
Internet-Draft SFC Requirements February 2015
topology (including the set of the service function
chains supported within the domain and the
corresponding Service Functions that belong to these
chains).
SEC_REQ#2: The solution MUST support means to protect the SFC-
enabled domain against any kind of denial-of-service and
theft of service (e.g., illegitimate access to the
service) attack.
For example, a user should not be granted access to
connectivity services he/she didn't subscribe to
(including direct access to some SFs), at the risk of
providing illegitimate access to network resources.
SEC_REQ#3: The solution MUST NOT interfere with IPsec [RFC4301] (in
particular IPsec integrity checks).
4. IANA Considerations
This document does not require any action from IANA.
5. Security Considerations
Some security-related requirements to be taken into account when
designing the Service Function Chaining solution are listed in
Section 3.11. These requirements do not cover the provisioning
interface used to enforce policies into the Classifier, Service
Functions, and Service Function Nodes.
6. Contributors
The following individuals contributed text to the document:
Boucadair, et al. Expires August 17, 2015 [Page 12]
Internet-Draft SFC Requirements February 2015
Hongyu Li
Huawei Technologies Co., Ltd.
Bantian, Longgang district
Shenzhen 518129,
China
EMail: hongyu.lihongyu@huawei.com
Jim Guichard
Cisco Systems, Inc.
USA
EMail: jguichar@cisco.com
Paul Quinn
Cisco Systems, Inc.
USA
Email: paulq@cisco.com
Linda Dunbar
Huawei Technologies
5430 Legacy Drive, Suite #175
Plano TX
USA
EMail: linda.dunbar@huawei.com
7. Acknowledgements
Many thanks to K. Gray, N. Takaya, H. Kitada, H. Kojima, D.
Dolson, B. Wright, and J. Halpern for their comments.
8. References
8.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
8.2. Informative References
[I-D.ietf-sfc-problem-statement]
Quinn, P. and T. Nadeau, "Service Function Chaining
Problem Statement", draft-ietf-sfc-problem-statement-11
(work in progress), February 2015.
Boucadair, et al. Expires August 17, 2015 [Page 13]
Internet-Draft SFC Requirements February 2015
[RFC2475] Blake, S., Black, D., Carlson, M., Davies, E., Wang, Z.,
and W. Weiss, "An Architecture for Differentiated
Services", RFC 2475, December 1998.
[RFC2983] Black, D., "Differentiated Services and Tunnels", RFC
2983, October 2000.
[RFC4301] Kent, S. and K. Seo, "Security Architecture for the
Internet Protocol", RFC 4301, December 2005.
[RFC5706] Harrington, D., "Guidelines for Considering Operations and
Management of New Protocols and Protocol Extensions", RFC
5706, November 2009.
[RFC6040] Briscoe, B., "Tunnelling of Explicit Congestion
Notification", RFC 6040, November 2010.
[RFC6291] Andersson, L., van Helvoort, H., Bonica, R., Romascanu,
D., and S. Mansfield, "Guidelines for the Use of the "OAM"
Acronym in the IETF", BCP 161, RFC 6291, June 2011.
[RFC7297] Boucadair, M., Jacquenet, C., and N. Wang, "IP
Connectivity Provisioning Profile (CPP)", July 2014.
Authors' Addresses
Mohamed Boucadair
France Telecom
Rennes 35000
France
EMail: mohamed.boucadair@orange.com
Christian Jacquenet
France Telecom
Rennes 35000
France
EMail: christian.jacquenet@orange.com
Boucadair, et al. Expires August 17, 2015 [Page 14]
Internet-Draft SFC Requirements February 2015
Yuanlong Jiang
Huawei Technologies Co., Ltd.
Bantian, Longgang district
Shenzhen 518129,
China
EMail: jiangyuanlong@huawei.com
Ron Parker
Affirmed Networks
Acton, MA
USA
EMail: Ron_Parker@affirmednetworks.com
Kengo Naito
NTT
Midori-Cho 3-9-11
Musashino-shi, Tokyo 180-8585
Japan
EMail: naito.kengo@lab.ntt.co.jp
Boucadair, et al. Expires August 17, 2015 [Page 15]