Internet DRAFT - draft-zhang-rtgwg-mechanism-computing-network
draft-zhang-rtgwg-mechanism-computing-network
Network Working Group X. Zhang
Internet-Draft F. Yang
Intended status: Standards Track W. Cheng
Expires: August 6, 2023 China Mobile
Z. Fu
New H3C Technologies
February 6, 2023
Collaborative Mechanism for Integrated Computing and Network Service
draft-zhang-rtgwg-mechanism-computing-network-01
Abstract
This document introduces a collaborative mechanism of the SLA policy
for integrated computing and network service when users access to
the computing interconnection network and consume both computing and
network resources.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other
documents at any time. It is inappropriate to use
Internet-Drafts as reference material or to cite them other than as
"work in progress."
This Internet-Draft will expire on August 6, 2023.
Copyright Notice
Copyright (c) 2023 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your
rights and restrictions with respect to this document. Code
Components extracted from this document must include Simplified BSD
License text as described in Section 4.e of the Trust Legal
Provisions and are provided without warranty as described in the
Simplified BSD License.
Zhang, et al. Expires 6 August 2023 [Page 1]
Internet-Draft Mechanism for Computing and Network Service February 2023
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Current mechanism . . . . . . . . . . . . . . . . . . . . . . 2
3. Usecase of AAA for intergrated computing and network service . 2
4. AAA Process based on SLA policy for intergrated computing and
network service . . . . . . . . . . . . . . . . . . . . . . . 3
4.1 Process of static SLA policy distribution during
user authentication . . . . . . . . . . . . . . . . . . . . . 3
4.2 Process of dynamic SLA policy updating during authorization . 4
5. Security Considerations . . . . . . . . . . . . . . . . . . . 5
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5
7. Normative References . . . . . . . . . . . . . . . . . . . . 5
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 5
1. Introduction
AAA (Authentication Authorization Accounting) is an important
function for service providers, including network services and
popular cloud services. With the trend of computing and network
convergence, AAA and user management are important process that
needs to be reconsidered. The current AAA process and related
systems for networking and computing are independent. This
document introduces a collaborative mechanism of AAA process based
on SLA policy for integrated computing and network service.
2. Current mechanism
In traditional network architecture, network nodes are responsible
for forwarding and corresponding statistics. Therefore, network
nodes such as BRAS devices and AAA servers which provide AAA
abilities especially accounting only need to concern the consumption
of network resources, such as access time, bandwidth, etc. Whereas
there is often another independent system for computing service such
as cloud service. The authentication, authorization and accounting
for using cloud services is completed by cloud service providers
themselves. Therefore, under the current mechanism, the
service for networking and computing is totally separated. This is
determined by the fact that they are two independent systems.
3. Usecase of AAA for intergrated computing and network service
Computing interconnection network is a system of computing and
network convergence. The information of computing resource is
transmitted and aggregated in the network. Network nodes can collect
the location and status of these computing resources and combine
them with original network information to form routing strategies
which are used to steer packets to optimal service node. Users
encapsulate their own requirements for computing and network
resources in packets, and network nodes match appropriate routing
strategies based on these requirements. This is a process of
simultaneous consumption of network resources and computing
Zhang, et al. Expires 6 August 2023 [Page 2]
Internet-Draft Mechanism for Computing and Network Service February 2023
resources by users. Therefore, for network nodes providing AAA
abilities, it is necessary to consider the consumption of both
network and computing resources at the same time.
4. AAA Process based on SLA policy for intergrated computing and network
service
The following figure shows a typical architecture of AAA process
based on SLA policy for intergrated computing and network service.
There are three roles here, including user device, service node and
AAA server.
user device
+------+
| A |----+
+------+ |
|
user device | +-------------------+ +-------------------+
+------+ +---->| |<-------| |
| B |--------->| Service Node | | AAA server |
+------+ +---->| |------->| |
| +-------------------+ +-------------------+
user device |
+------+ |
| C |----+
+------+
Figure 1: AAA Process based on SLA policy for intergrated computing
and network service
User device: The enterprise or home user device in the fixed network.
Service node: That consists of network device such as BRAS routers
and computing devices such as servers, providing
both computing and network resources.
AAA server: the server supports the function of authentication,
authorization and accounting.
This document proposes a new AAA mechanism based on SLA policy for
integrated computing and network services. Different SLA levels may
correspond to different prices because of different computing and
network resource allocation by the operator and user's contract.
Multiple service traffics of the same user (enterprise or individual)
are collected and charged based on the SLA service level specified in
the operator's contract. Two methods could be considered to
distribute the resource allocation and accounting strategy based on
SLA which are static policy configuration during user authentication
and dynamic policy updating during authorization.
4.1 Process of static SLA policy distribution during user authentication
Zhang, et al. Expires 6 August 2023 [Page 3]
Internet-Draft Mechanism for Computing and Network Service February 2023
This document assumes that the AAA server has been configured for
SLA accounting policies based on the contract. And the function of
granular accounting for integrated computing and network service is
enabled on the service node.
Firstly, the user device initiates an online authentication request
to the service node in the user authentication phase, and the
authentication request message could carry information such as: user
id, service id, enable tag of accounting for integrated computing and
network service, SLA level, etc, which could be achieved by extending
the option field of the DHCP discover message and other potentially
relevant protocols.
Secondly, the network device of service node receives the online
authentication request carrying the SLA service information from
user device, and sends it to the AAA server.
Thirdly, the AAA server can obtain SLA information in the request
from the user device and determine an SLA service policy on the
basis of the SLA service information. The SLA service policy contains
the information of both computing and network resources and some
value-added services which can be used by the user's SLA service.
The computing resources comprise CPU, GPU, storage, memory, etc. And
the network resources comprise latency, bandwidth, jitter,
reliability, etc. Additionally the value-added services comprise open
network capabilities, underlying industry capabilities, operation
and maintenance, security isolation and other functions. Then the AAA
server sends the response message for authentication success
including this policy to the service node.
Fouthly, the service node receives the SLA service policy for user
device from the AAA server. The policy could carry SLA service
information such as: user id, service id, enable tag of accounting
for integrated computing and network service, SLA level, etc. Then
the service node executes the service scheduling and controlling
including network and computing resource usage limits, and the
service node allocates the requested network and computing resources
in accordance with the stated new SLA policy.
4.2 Process of dynamic SLA policy updating during authorization
Firstly, the AAA server obtains information on SLA which are modified
or added by users accessing the portal server. The server sends the
COA (change-of-Authorization) request for user authorization
information change to the service node, which should carry the SLA
service policy of the modified or added SLA business information.
Secondly, the service node receives the stated SLA service policy in
the COA reuqest from the server. It change the service authorization
information of user device of the corresponding user-id and
service-id, and judge whether its network and computing resources can
meet the requirements of the stated SLA service policy. If the
Zhang, et al. Expires 6 August 2023 [Page 4]
Internet-Draft Mechanism for Computing and Network Service February 2023
authorization information of the user device is successfully changed
and its own network resources and computing resources can meet the
requirements of the SLA service policy, it sends a COA
acknowledgement response to the network device. Otherwise, sends a
COA Negative Answer message to the network device.
The subsequent accounting process will be further updated in the
future.
5. Security Considerations
To be done.
6. IANA Considerations
This document does not make any IANA request.
7. Informative References
[I-D.rtgwg-srv6-computing-connect-usecases]
X. Zhang, F. Yang, W. Cheng, Z. Fu, "Usecases of
SRv6 Based Computing Interconnection Network", Work in
Progress, Internet-Draft, draft-zhang-rtgwg-srv6-
computing-connect-usecases-01, <https://datatracker.ietf.
org/doc/draft-zhang-rtgwg-srv6-computing-connect-
usecases/>.
Authors' Addresses
Xiaoqiu Zhang
China Mobile
Email: zhangxiaoqiu@chinamobile.com
Feng Yang
China Mobile
Email: yangfeng@chinamobile.com
Weiqiang Cheng
China Mobile
Email: chengweiqiang@chinamobile.com
Zhihua Fu
New H3C Technologies
Email: fuzhihua@h3c.com
Zhang, et al. Expires 6 August 2023 [Page 5]
