-
Notifications
You must be signed in to change notification settings - Fork 1
/
draft-barth-pce-segment-routing-policy-cp-02.txt
952 lines (627 loc) · 37.4 KB
/
draft-barth-pce-segment-routing-policy-cp-02.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
PCE Working Group C. Barth
Internet-Draft Juniper Networks, Inc.
Intended status: Standards Track M. Koldychev
Expires: September 6, 2019 S. Sivabalan
Cisco Systems, Inc.
C. Li
Huawei Technologies
March 05, 2019
PCEP extension to support Segment Routing Policy Candidate Paths
draft-barth-pce-segment-routing-policy-cp-02
Abstract
This document introduces a mechanism to specify an Segment Routing
(SR) policy, as a collection of SR candidate paths. An SR policy is
identified by <headend, color, end-point> tuple. An SR policy can
contain one or more candidate paths where each candidate path is
identified in PCEP via an PLSP-ID. This document proposes extension
to PCEP to support association among candidate paths of a given SR
policy. The mechanism proposed in this document is applicable to
both MPLS and IPv6 data planes of SR.
Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 6, 2019.
Barth, et al. Expires September 6, 2019 [Page 1]
Internet-Draft SR Policy March 2019
Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. Motivation . . . . . . . . . . . . . . . . . . . . . . . . . 4
3.1. Group Candidate Paths belonging to the same SR policy . . 5
3.2. Instantiation of SR policy candidate paths . . . . . . . 5
3.3. Avoid computing lower preference candidate paths . . . . 5
3.4. Minimal signaling overhead . . . . . . . . . . . . . . . 5
4. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 6
5. SR Policy Association Group . . . . . . . . . . . . . . . . . 7
5.1. SR Policy Association Group Policy Identifiers TLV . . . 8
5.2. SR Policy Association Group Candidate Path Identifiers
TLV . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
5.3. SR Policy Association Group Candidate Path Attributes TLV 10
6. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 11
6.1. PCC Initiated SR Policy with single candidate-path . . . 11
6.2. PCC Initiated SR Policy with multiple candidate-paths . . 11
6.3. PCE Initiated SR Policy with single candidate-path . . . 12
6.4. PCE Initiated SR Policy with multiple candidate-paths . . 13
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13
7.1. Association Type . . . . . . . . . . . . . . . . . . . . 13
7.2. PCEP Errors . . . . . . . . . . . . . . . . . . . . . . . 13
7.3. SRPAG TLVs . . . . . . . . . . . . . . . . . . . . . . . 14
8. Security Considerations . . . . . . . . . . . . . . . . . . . 14
9. Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . 15
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 15
10.1. Normative References . . . . . . . . . . . . . . . . . . 15
10.2. Informative References . . . . . . . . . . . . . . . . . 16
Appendix A. Contributors . . . . . . . . . . . . . . . . . . . . 16
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 17
Barth, et al. Expires September 6, 2019 [Page 2]
Internet-Draft SR Policy March 2019
1. Introduction
Path Computation Element (PCE) Communication Protocol (PCEP)
[RFC5440] enables the communication between a Path Computation Client
(PCC) and a Path Control Element (PCE), or between two PCEs based on
the PCE architecture [RFC4655].
PCEP Extensions for the Stateful PCE Model [RFC8231] describes a set
of extensions to PCEP to enable active control of Multiprotocol Label
Switching Traffic Engineering (MPLS-TE) and Generalized MPLS (GMPLS)
tunnels. [RFC8281] describes the setup and teardown of PCE-initiated
LSPs under the active stateful PCE model, without the need for local
configuration on the PCC, thus allowing for dynamic centralized
control of a network.
PCEP Extensions for Segment Routing [I-D.ietf-pce-segment-routing]
specifies extensions to the Path Computation Element Protocol (PCEP)
that allow a stateful PCE to compute and initiate Traffic Engineering
(TE) paths, as well as a PCC to request a path subject to certain
constraint(s) and optimization criteria in SR networks.
PCEP Extensions for Establishing Relationships Between Sets of LSPs
[I-D.ietf-pce-association-group] introduces a generic mechanism to
create a grouping of LSPs which can then be used to define
associations between a set of LSPs and a set of attributes (such as
configuration parameters or behaviors) and is equally applicable to
stateful PCE (active and passive modes) and stateless PCE.
Segment Routing Policy for Traffic Engineering
[I-D.ietf-spring-segment-routing-policy] details the concepts of SR
Policy and approaches to steering traffic into an SR Policy.
An SR policy contains one or more candidate paths where one or more
such paths can be computed via PCE. This document specifies PCEP
extensions to signal additional information to map candidate paths to
their SR policies. Each candidate path maps to a unique PLSP-ID in
PCEP. By associating multiple candidate paths together, a PCE
becomes aware of the hierarchical structure of an SR policy. Thus
the PCE can take computation and control decisions about the
candidate paths, with the additional knowledge that these candidate
paths belong to the same SR policy. This is accomplished via the use
of the existing PCEP Association object, by defining a new
association type specifically for associating SR candidate paths into
a single SR policy.
[Editor's Note- Currently it is assumed that each candidate path has
only one ERO (SID-List) within the scope of this document. A future
Barth, et al. Expires September 6, 2019 [Page 3]
Internet-Draft SR Policy March 2019
update or another document will deal with a way to allow multiple
ERO/SID-Lists for a candidate path within PCEP.]
2. Terminology
The following terminologies are used in this document:
Endpoint: The IPv4 or IPv6 endpoint address of the SR policy in
question, as described in
[I-D.ietf-spring-segment-routing-policy].
Association parameters: As described in
[I-D.ietf-pce-association-group], the combination of the mandatory
fields Association type, Association ID and Association Source in
the ASSOCIATION object uniquely identify the association group.
If the optional TLVs - Global Association Source or Extended
Association ID are included, then they MUST be included in
combination with mandatory fields to uniquely identify the
association group.
Association information: As described in
[I-D.ietf-pce-association-group], the ASSOCIATION object could
also include other optional TLVs based on the association types,
that provides 'information' related to the association type.
PCC: Path Computation Client. Any client application requesting a
path computation to be performed by a Path Computation Element.
PCE: Path Computation Element. An entity (component, application,
or network node) that is capable of computing a network path or
route based on a network graph and applying computational
constraints.
PCEP: Path Computation Element Protocol.
3. Motivation
The new Association Type (SR Policy Association) and the new TLVs for
the ASSOCIATION object, defined in this document, allow a PCEP peer
to exchange additional parameters of SR candidate paths and of their
parent SR policy. For the SR policy, the parameters are: color and
endpoint. For the candidate path, the parameters are: protocol
origin, originator, discriminator and preference.
[I-D.ietf-spring-segment-routing-policy] describes the concept of SR
Policy and these parameters.
The motivation for signaling these parameters is summarized in the
following subsections.
Barth, et al. Expires September 6, 2019 [Page 4]
Internet-Draft SR Policy March 2019
3.1. Group Candidate Paths belonging to the same SR policy
Since each candidate path of an SR policy appears as a different LSP
(identified via a PLSP-ID) in PCEP, it is useful to group together
all the candidate paths that belong to the same SR policy.
Furthermore, it is useful for the PCE to have knowledge of the SR
candidate path parameters such as color, protocol origin,
discriminator, and preference.
3.2. Instantiation of SR policy candidate paths
A PCE may want to instantiate one or more candidate paths on the PCC,
as specified in [RFC8281]. In this scenario, the PCE needs to signal
to a PCC <headend, color, end-point, originator, discriminator,
preference> tuple using which the PCC can instantiate a candidate
path for the SR policy identified. Current PCEP standards (as of the
time of this writing) do not provide a way to signal color and
preference. Although end-point can be signaled via the PCEP END-
POINTS object, this object may not be suitable because the end-point
to which the path is computed is not required to be the same IPv4/
IPv6 address as the actual endpoint of the SR policy. Thus, a
separate way to specify SR policy's end-point is provided in this
document.
3.3. Avoid computing lower preference candidate paths
When a PCE knows that a given set of candidate paths all belong to
the same SR policy, then path computation MAY be done on only the
highest preference candidate-path(s). Path computation for lower
preference paths is not necessary if one or two higher preference
paths are already computed. Since computing their paths will not
affect traffic steering, it MAY be postponed until the higher
preference paths become invalid, thus saving computation resources on
the PCE.
3.4. Minimal signaling overhead
When an SR policy contains multiple candidate paths computed by a
PCE, such candidate paths can be created, updated and deleted
independently of each other. This is achieved by making each
candidate path correspond to a unique LSP (identified via PLSP-ID).
For example, if an SR policy has 4 candidate paths, then if the PCE
wants to update one of those candidate paths, only one set of PCUpd
and PCRpt messages needs to be exchanged.
Barth, et al. Expires September 6, 2019 [Page 5]
Internet-Draft SR Policy March 2019
4. Overview
As per [I-D.ietf-pce-association-group], LSPs are placed into an
association group. In this document, each LSP corresponds to a
candidate path of an SR policy, and the association group corresponds
to the SR policy itself. Segment-lists within a candidate path are
not represented by different LSPs (and identified via PLSP-IDs).
[Editor's Note - The subject of encoding multiple segment lists
within a candidate path is left to a future document and is not
specified in this document. It is not a good idea to have each
segment-list correspond to a different LSP/PLSP-ID, because when the
PCC wants to get a path, it must know in advance how many multipaths
(i.e., segment-lists) there will be and create that many LSPs/PLSP-
IDs. For example, if the PCC supports 32 multipaths, then it must
delegate 32 LSPs/PLSP-IDs for every candidate path, which may not be
scalable.]
A new Association Type is defined in this document, based on the
generic ASSOCIATION object. Association type = TBD1 "SR Policy
Association Type" for SR Policy Association Group (SRPAG).
The SRPAG Association is only meant to be used for SR LSPs and with
PCEP peers which advertise SR capability.
An Association object of SRPAG group contains TLVs that carry
Association Information. The association information can be
subdivided into three parts: Policy identifiers, Candidate path
identifiers, and Candidate path attributes.
Policy Identifiers uniquely identify the SR policy to which a given
LSP belongs, within the context of the head-end. Policy Identifiers
MUST be the same for all candidate paths in the same SRPAG. Policy
Identifiers MUST NOT change for a given LSP during its lifetime.
Policy Identifiers MUST be different for different SRPAG
associations. When these rules are not satisfied, the PCE MUST send
a PCErr message with Error Code = 26 "Association Error", Error Type
= TBD5 "Conflicting SRPAG TLV". Policy Identifiers consist of:
o Color of SR policy.
o End-point of SR policy.
Candidate Path Identifiers uniquely identify the SR candidate path
within the context of an SR policy. Candidate path Identifiers MUST
NOT change for a given LSP during its lifetime. Candidate path
Identifiers MUST be different for different LSPs within the same
SRPAG. When these rules are not satisfied, the PCE MUST send a PCErr
Barth, et al. Expires September 6, 2019 [Page 6]
Internet-Draft SR Policy March 2019
message with Error Code = 26 "Association Error", Error Type = TBD5
"Conflicting SRPAG TLV". Candidate path Identifiers consist of:
o Protocol Origin of candidate path.
o Originator of candidate path.
o Discriminator of candidate path.
Candidate Path Attributes MUST NOT be used to identify the candidate
path. Candidate path attributes carry additional information about
the candidate path and MAY change during the lifetime of the LSP.
Candidate path Attributes consist of:
o Preference of candidate path.
As described in [RFC8231], an LSP is uniquely identified in PCEP via
PLSP-ID.
A mapping between the Association Parameters (see Section 2) and
Policy Identifiers (the Color and End-point) needs to be maintained.
The mapping is left up to the implementation. An implementation MAY
choose Association Parameters in such a way that every possible Color
and End-point maps to a unique value of Association Parameters, which
may require the use of Extended Association ID TLV. Alternatively,
an implementation MAY implement a lookup table to generate
Association Parameters incrementally as new Color and End-point
values are created, which may not require the use of Extended
Association ID TLV.
As per the processing rules specified in section 5.4 of
[I-D.ietf-pce-association-group], if a PCEP speaker does not support
the SRPAG association type, it MUST return a PCErr message with
Error-Type 26 (Early allocation by IANA) "Association Error" and
Error-Value 1 "Association-type is not supported". Please note that
the corresponding PCEP session is not reset.
5. SR Policy Association Group
Two ASSOCIATION object types for IPv4 and IPv6 are defined in
[I-D.ietf-pce-association-group]. The ASSOCIATION object includes
"Association type" indicating the type of the association group.
This document adds a new Association type.
Association type = TBD1 "SR Policy Association Type" for SR Policy
Association Group (SRPAG).
Barth, et al. Expires September 6, 2019 [Page 7]
Internet-Draft SR Policy March 2019
The operator configured Association Range SHOULD NOT be set for this
association type and MUST be ignored.
SRPAG MUST carry additional TLVs to communicate Association
Information. This document specifies three new TLVs to carry
Association Information: SRPAG-POL-ID-TLV, SRPAG-CPATH-ID-TLV, SRPAG-
CPATH-ATTR-TLV. These three TLVs encode the Policy Identifiers,
Candidate path Identifiers and Candidate path Attributes,
respectively. When any of the mandatory TLVs are missing from the
SRPAG association object, the PCE MUST send a PCErr message with
Error Code = 26 "Association Error", Error Type = TBD6 "Missing
mandatory SRPAG TLV".
A given LSP MUST belong to at most one SRPAG, since a candidate path
cannot belong to multiple SR policies. If a PCEP speaker receives a
PCEP message with more than one SRPAG for an LSP, then the PCEP
speaker MUST send a PCErr message with Error-Type 26 "Association
Error" and Error-Value TBD7 "Multiple SRPAG for one LSP". If the
message is a PCRpt message, then the PCEP speaker MUST close the PCEP
connection. Closing the PCEP connection is necessary because
ignoring PCRpt messages may lead to inconsistent LSP DB state between
the two PCEP peers.
If the PCEP speaker receives the SRPAG association when the SR
capability (as per [I-D.ietf-pce-segment-routing] or
[I-D.negi-pce-segment-routing-ipv6]) was not exchanged, the PCEP
speaker MUST send a PCErr message with Error-Type 26 "Association
Error" and Error-Value TBD8 "Use of SRPAG without SR capability
exchange". If the Path Setup Type (PST) of the LSP in SRPAG is not
set to SR or SRv6, then the PCEP speaker MUST send a PCErr message
with Error-Type 26 "Association Error" and Error-Value TBD9 "non-SR
LSP in SRPAG".
5.1. SR Policy Association Group Policy Identifiers TLV
The SRPOLICY-POL-ID TLV is a mandatory TLV for the SRPAG Association.
Only one SRPOLICY-POL-ID TLV can be carried and only the first
occurrence is processed and any others MUST be ignored.
Barth, et al. Expires September 6, 2019 [Page 8]
Internet-Draft SR Policy March 2019
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Color |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~ End-point ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 1: The SRPOLICY-POL-ID TLV format
Type: TBD2 for "SRPOLICY-POL-ID" TLV.
Length: 8 or 20, depending on length of End-point (IPv4 or IPv6)
Color: any unsigned 32-bit number.
End-point: can be either IPv4 or IPv6, depending on whether the
policy endpoint has IPv4 or IPv6 address. This value may be
different from the one contained in the END-POINTS object, or in the
LSP IDENTIFIERS TLV of the LSP object. Endpoint is meant to strictly
correspond to the endpoint of the SR policy, as it is defined in
[I-D.ietf-spring-segment-routing-policy].
5.2. SR Policy Association Group Candidate Path Identifiers TLV
The SRPOLICY-CPATH-ID TLV is a mandatory TLV for the SRPAG
Association. Only one SRPOLICY-CPATH-ID TLV can be carried and only
the first occurrence is processed and any others MUST be ignored.
Barth, et al. Expires September 6, 2019 [Page 9]
Internet-Draft SR Policy March 2019
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Proto. Origin | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Originator ASN |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
| Originator Address |
| |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Discriminator |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 2: The SRPOLICY-CPATH-ID TLV format
Type: TBD3 for "SRPOLICY-CPATH-ID" TLV.
Length: 28.
Protocol Origin: 8-bit value that encodes the protocol origin, as
specified in [I-D.ietf-spring-segment-routing-policy] Section 2.3.
Reserved: MUST be set to zero on transmission and ignored on receipt.
Originator ASN: Represented as 4 byte number, part of the originator
identifier, as specified in [I-D.ietf-spring-segment-routing-policy]
Section 2.4.
Originator Address: Represented as 128 bit value where IPv4 address
are encoded in lowest 32 bits, part of the originator identifier, as
specified in [I-D.ietf-spring-segment-routing-policy] Section 2.4.
Discriminator: 32-bit value that encodes the Discriminator of the
candidate path.
5.3. SR Policy Association Group Candidate Path Attributes TLV
The SRPOLICY-CPATH-ATTR TLV is an optional TLV for the SRPAG
Association. Only one SRPOLICY-CPATH-ATTR TLV can be carried and
only the first occurrence is processed and any others MUST be
ignored.
Barth, et al. Expires September 6, 2019 [Page 10]
Internet-Draft SR Policy March 2019
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Preference |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 3: The SRPOLICY-CPATH-ATTR TLV format
Type: TBD4 for "SRPOLICY-CPATH-ATTR" TLV.
Length: 4.
Preference: Numerical preference of the candidate path, as specified
in [I-D.ietf-spring-segment-routing-policy] Section 2.7.
If the TLV is missing, a default preference of 100 as specified in
[I-D.ietf-spring-segment-routing-policy] is used.
6. Examples
6.1. PCC Initiated SR Policy with single candidate-path
PCReq and PCRep messages are exchanged in the following sequence:
1. PCC sends PCReq message to the PCE, encoding the SRPAG
ASSOCIATION object and TLVs in the PCReq message.
2. PCE returns the path in PCRep message, and echoes back the SRPAG
object that was used in the computation.
PCRpt and PCUpd messages are exchanged in the following sequence:
1. PCC sends PCRpt message to the PCE, including the LSP object and
the SRPAG ASSOCIATION object.
2. PCE computes path, possibly making use of the Association
Information from the SRPAG ASSOCIATION object.
3. PCE updates the SR policy candidate path's ERO using PCUpd
message.
6.2. PCC Initiated SR Policy with multiple candidate-paths
PCReq and PCRep messages are exchanged using the sequence specified
in section 6.1 with individual query for each candidate-path.
Barth, et al. Expires September 6, 2019 [Page 11]
Internet-Draft SR Policy March 2019
PCRpt and PCUpd messages are exchanged in the following sequence:
1. Step 1: For each candidate path of the SR policy, the PCC
generates a different PLSP-ID and symbolic-name and sends
multiple PCRpt messages (or one message with multiple LSP
objects) to the PCE. Each LSP object is followed by SRPAG
ASSOCIATION object with identical Color and Endpoint values.
2. Step 2: PCE takes into account that all the LSPs belong to the
same SR policy. PCE prioritizes computation for the highest
preference LSP and sends PCUpd message(s) back to the PCC.
3. Step 3: If a new candidate path is added on the PCC by the
operator, then a new PLSP-ID and symbolic name is generated for
that candidate path and a new PCRpt is sent to the PCE.
4. Step 4: If an existing candidate path is removed from the PCC by
the operator, then that PLSP-ID is deleted from the PCE by
sending PCRpt with the R-flag in the LSP object set.
6.3. PCE Initiated SR Policy with single candidate-path
A candidate-path is created using the following steps:
1. PCE sends PCInitiate message, as usual containing the SRPAG
Association object. PCE needs to generate a symbolic-name for
this LSP that will not clash with other symbolic names on the
same PCC.
2. PCC uses the color, endpoint and preference from the SRPAG object
to create a new candidate path. If no SR policy exists to hold
the candidate path, then a new SR policy is created to hold the
new candidate-path. The Originator of the candidate path is set
to be the address of the PCE that is sending the PCInitiate
message.
3. PCC allocates a locally unique PLSP-ID for the newly created
candidate path. This PLSP-ID is sent to the PCE in the PCRpt
message.
A candidate-path is deleted using the following steps:
1. PCE sends PCInitiate message, setting the R-flag in the LSP
object.
2. PCC uses the PLSP-ID from the LSP object to find the candidate
path and delete it. If this is the last candidate path under the
SR policy, then the containing SR policy is deleted as well.
Barth, et al. Expires September 6, 2019 [Page 12]
Internet-Draft SR Policy March 2019
6.4. PCE Initiated SR Policy with multiple candidate-paths
A candidate-path is created using the following steps:
1. PCE sends a separate PCInitiate message for every candidate path
that it wants to create, or it sends multiple LSP objects within
a single PCInitiate message. Each candidate-path must get a
unique symbolic-name generated on the PCE. SRPAG object is sent
for every LSP in the PCInitiate message.
2. PCC creates multiple candidate paths under the same SR policy,
identified by Color and Endpoint. PCC generates a unique PLSP-ID
for every candidate path.
3. PCC allocates a locally unique PLSP-ID for each newly created
candidate path. This PLSP-ID is sent to the PCE in the PCRpt
message.
A candidate path is deleted using the following steps:
1. PCE sends PCInitiate message, setting the R-flag in the LSP
object.
2. PCC uses the PLSP-ID from the LSP object to find the candidate
path and delete it.
7. IANA Considerations
7.1. Association Type
This document defines a new association type: SR Policy Association
Group (SRPAG). IANA is requested to make the assignment of a new
value for the sub-registry "ASSOCIATION Type Field" (request to be
created in [I-D.ietf-pce-association-group]), as follows:
+----------------------+-------------------------+------------------+
| Association Type | Association Name | Reference |
| Value | | |
+----------------------+-------------------------+------------------+
| TBD1 | SR Policy Association | This document |
+----------------------+-------------------------+------------------+
7.2. PCEP Errors
This document defines three new Error-Values within the "Association
Error" Error-Type. IANA is requested to allocate new error values
within the "PCEP-ERROR Object Error Types and Values" sub-registry of
the PCEP Numbers registry, as follows:
Barth, et al. Expires September 6, 2019 [Page 13]
Internet-Draft SR Policy March 2019
+-------+----------+-----------------------------+------------------+
| Error | Error | Meaning | Reference |
| Type | Value | | |
+-------+----------+-----------------------------+------------------+
| 29 | TBD5 | Conflicting SRPAG TLV | This document |
+-------+----------+-----------------------------+------------------+
| 29 | TBD6 | Missing mandatory SRPAG TLV | This document |
+-------+----------+-----------------------------+------------------+
| 29 | TBD7 | Multiple SRPAG for one LSP | This document |
+-------+----------+-----------------------------+------------------+
| 29 | TBD8 | Use of SRPAG without SR | This document |
| | | capability exchange | |
+-------+----------+-----------------------------+------------------+
| 29 | TBD9 | non-SR LSP in SRPAG | This document |
+-------+----------+-----------------------------+------------------+
7.3. SRPAG TLVs
This document defines three new TLVs for carrying additional
information about SR policy and SR candidate paths. IANA is
requested to make the assignment of a new value for the existing
"PCEP TLV Type Indicators" registry as follows:
+------------+-----------------------------------+------------------+
| TLV Type | TLV Name | Reference |
| Value | | |
+------------+-----------------------------------+------------------+
| TBD2 | SRPOLICY-POL-ID | This document |
+------------+-----------------------------------+------------------+
| TBD3 | SRPOLICY-CPATH-ID | This document |
+------------+-----------------------------------+------------------+
| TBD4 | SRPOLICY-CPATH-ATTR | This document |
+------------+-----------------------------------+------------------+
8. Security Considerations
This document defines one new type for association, which do not add
any new security concerns beyond those discussed in [RFC5440],
[RFC8231], [I-D.ietf-pce-segment-routing],
[I-D.negi-pce-segment-routing-ipv6] and
[I-D.ietf-pce-association-group] in itself.
The information carried in the SRPAG Association object, as per this
document is related to SR Policy. It often reflects information that
can also be derived from the SR Database, but association provides a
much easier grouping of related LSPs and messages. The SRPAG
association could provides an adversary with the opportunity to
Barth, et al. Expires September 6, 2019 [Page 14]
Internet-Draft SR Policy March 2019
eavesdrop on the relationship between the LSPs. Thus securing the
PCEP session using Transport Layer Security (TLS) [RFC8253], as per
the recommendations and best current practices in [RFC7525], is
RECOMMENDED.
9. Acknowledgement
10. References
10.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
[RFC5440] Vasseur, JP., Ed. and JL. Le Roux, Ed., "Path Computation
Element (PCE) Communication Protocol (PCEP)", RFC 5440,
DOI 10.17487/RFC5440, March 2009,
<https://www.rfc-editor.org/info/rfc5440>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8231] Crabbe, E., Minei, I., Medved, J., and R. Varga, "Path
Computation Element Communication Protocol (PCEP)
Extensions for Stateful PCE", RFC 8231,
DOI 10.17487/RFC8231, September 2017,
<https://www.rfc-editor.org/info/rfc8231>.
[RFC8281] Crabbe, E., Minei, I., Sivabalan, S., and R. Varga, "Path
Computation Element Communication Protocol (PCEP)
Extensions for PCE-Initiated LSP Setup in a Stateful PCE
Model", RFC 8281, DOI 10.17487/RFC8281, December 2017,
<https://www.rfc-editor.org/info/rfc8281>.
[I-D.ietf-spring-segment-routing-policy]
Filsfils, C., Sivabalan, S., [email protected], d.,
[email protected], b., and P. Mattes, "Segment Routing
Policy Architecture", draft-ietf-spring-segment-routing-
policy-02 (work in progress), October 2018.
Barth, et al. Expires September 6, 2019 [Page 15]
Internet-Draft SR Policy March 2019
[I-D.ietf-pce-association-group]
Minei, I., Crabbe, E., Sivabalan, S., Ananthakrishnan, H.,
Dhody, D., and Y. Tanaka, "PCEP Extensions for
Establishing Relationships Between Sets of LSPs", draft-
ietf-pce-association-group-07 (work in progress), December
2018.
[I-D.ietf-pce-segment-routing]
Sivabalan, S., Filsfils, C., Tantsura, J., Henderickx, W.,
and J. Hardwick, "PCEP Extensions for Segment Routing",
draft-ietf-pce-segment-routing-16 (work in progress),
March 2019.
10.2. Informative References
[RFC4655] Farrel, A., Vasseur, J., and J. Ash, "A Path Computation
Element (PCE)-Based Architecture", RFC 4655,
DOI 10.17487/RFC4655, August 2006,
<https://www.rfc-editor.org/info/rfc4655>.
[RFC7525] Sheffer, Y., Holz, R., and P. Saint-Andre,
"Recommendations for Secure Use of Transport Layer
Security (TLS) and Datagram Transport Layer Security
(DTLS)", BCP 195, RFC 7525, DOI 10.17487/RFC7525, May
2015, <https://www.rfc-editor.org/info/rfc7525>.
[RFC8253] Lopez, D., Gonzalez de Dios, O., Wu, Q., and D. Dhody,
"PCEPS: Usage of TLS to Provide a Secure Transport for the
Path Computation Element Communication Protocol (PCEP)",
RFC 8253, DOI 10.17487/RFC8253, October 2017,
<https://www.rfc-editor.org/info/rfc8253>.
[I-D.negi-pce-segment-routing-ipv6]
Negi, M., Li, C., Sivabalan, S., and P. Kaladharan, "PCEP
Extensions for Segment Routing leveraging the IPv6 data
plane", draft-negi-pce-segment-routing-ipv6-04 (work in
progress), February 2019.
Appendix A. Contributors
Dhruv Dhody
Huawei Technologies
Divyashree Techno Park, Whitefield
Bangalore, Karnataka 560066
India
Email: [email protected]
Barth, et al. Expires September 6, 2019 [Page 16]
Internet-Draft SR Policy March 2019
Authors' Addresses
Colby Barth
Juniper Networks, Inc.
Email: [email protected]
Mike Koldychev
Cisco Systems, Inc.
2000 Innovation Drive
Kanata, Ontario K2K 3E8
Canada
Email: [email protected]
Siva Sivabalan
Cisco Systems, Inc.
2000 Innovation Drive
Kanata, Ontario K2K 3E8
Canada
Email: [email protected]
Cheng Li
Huawei Technologies
Huawei Campus, No. 156 Beiqing Rd.
Beijing 100095
China
Email: [email protected]
Barth, et al. Expires September 6, 2019 [Page 17]