SFC WG Ting. Ao Internet-Draft Bo. Wu Intended status: Standards Track ZTE Corporation Expires: April 17, 2016 October 15, 2015 Hierarchical SFC for DC Interconnection draft-ao-sfc-for-dc-interconnect-01.txt Abstract In a SFC, sometimes some SFs are provided by several DC networks, which means these SFs my locates in different DC network . How to establish such SFC that is across several DCs is what the draft wants to present. In this document, a hierarchical SFC method is proposed. It covers data plane, control plane to archieve such hierarchical SFC. And it includes requirements of the SFC Gateway for every DC network that provide SF for SFC. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on April 17, 2016. Copyright Notice Copyright (c) 2015 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of Ao & Wu Expires April 17, 2016 [Page 1] Internet-Draft Hierarchical SFC for DC Interconnection October 2015 the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 2 3. Architecture of Hierarchical SFC . . . . . . . . . . . . . . 3 3.1. SFC-GW . . . . . . . . . . . . . . . . . . . . . . . . . 5 3.2. Classifier for Complex SF . . . . . . . . . . . . . . . . 5 4. Encapsulation . . . . . . . . . . . . . . . . . . . . . . . . 6 4.1. Overlap SFC encapsulation . . . . . . . . . . . . . . . . 6 4.2. Metadata SFC encapsulation . . . . . . . . . . . . . . . 6 4.3. Exchange SFC encapsulation . . . . . . . . . . . . . . . 7 5. Coordination . . . . . . . . . . . . . . . . . . . . . . . . 7 5.1. Controllers . . . . . . . . . . . . . . . . . . . . . . . 7 5.2. Controller to Classifier . . . . . . . . . . . . . . . . 7 5.3. Controller to SFF . . . . . . . . . . . . . . . . . . . . 7 6. Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 7. Security Considerations . . . . . . . . . . . . . . . . . . . 8 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 9. Information References . . . . . . . . . . . . . . . . . . . 8 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8 1. Introduction Service Function Chain (SFC) is the chain with a series of ordered Service Functions(SF). These SFs are distributed in a DC network or some DC networks. So it's common that a SFC is across several DC networks, which incurs the problem of DC network interconnection. Every part of the SFC in one DC network is a SFC within DC network. We call such SFC to be hierarchical SFC. And the part of such SFC within a DC network is called to be Complex SF. Complex SF may contain one or more SFs that are within one DC network, but is a logical SF from the view of the hierarchical SFC. This document is going to describe the architecture for such scenario. And data plane and control plane will be provided to specify how the hierarchical SFC works. Meantime, some concepts are proposed. 2. Terminology SFC(Service Function Chain): An ordered set of some abstract SFs. H-SFC(Hierarchical SFC): A SFC that transfers one or more Data center networks. Every Datacenter network provide a complex SF for H-SFC. Ao & Wu Expires April 17, 2016 [Page 2] Internet-Draft Hierarchical SFC for DC Interconnection October 2015 Complex SF: A logical SF that is provided by a SFC in Datacenter network. For H-SFC, the SFC in one Datacenter network is regarded as a complex SF on the path of this H-SFC. I-SFC( Internal-SFC): A Service Function Chain within the Datacenter network which is corresponding to the complex SF in H-SFC. SFC-GW: A gateway for SFC in a Datacenter network which is used to interconnect with H-SFC. 3. Architecture of Hierarchical SFC Hierarchical SFC is composed of an ordered of SFs or Complex SFs. Complex SF is a logic SF that is composed of an ordered of SFs which form a SFC in DC network. The Complex SF is managed by the operator of the DC network. With H-SFC mechanism, we can interconnect every SFC of every Datacenter network as a whole H-SFC. For the architecture of the H-SFC, please see Figure 1 below. For controller1, it set up a SFC which path is Complex SF#1->Complex SF#2->Complex SF#3.Every Complex SF in such SFC is actually a SFC in datacenter network, and such SFC is set up by the controller in the DC network(Controller2). In the Figure 1, a Complex SF#2 is a SFC which path is SF#21->SF#22. To setup a H-SFC, we need to: 1) To deteremin what kind of service the Complex SF should provide has been determined by the Orchestration; 2) To establish the corresponding SFC in the Datacenter network of the Complex SF has been established by the controller of the Datacenter network; 3) Complex SF also has its SFID in H-SFC; 4) Complex SF as next hop of the H-SFC also has its locator, which may be the address of the SFC-GW. This locator information has been exchanged with Controller1. Ao & Wu Expires April 17, 2016 [Page 3] Internet-Draft Hierarchical SFC for DC Interconnection October 2015 +-------------+ | Controller1 |<-------------------------------------+ +-------------+ | ^ | | | +--------------+--------------------+----+-------------------+ | | | | | | | | .........|......... | | | +--------------+ . +--------------+ . +--------------+ v | | SFF1 | . | SFF2 | . | SFF3 | +-----------------+ | +--------------+ . +--------------+ . +--------------+ | | | | . | . | | Orchestration | | | . | . | | | v v . v . v +-----------------+ +--------+ +---------------+ . +--------------+ . +--------------+ ^ --->| CF1 |--->| Complex SF#1 |--.-->| Complex SF#2 |--.--->| Complex SF#3 |-----> | +--------+ +---------------+ . +--------------+ . +--------------+ | . .................. | || | || | || | \/ | (-------------------) | / +-------------+ \ | / | Controller2 |<---\-------------------------------+ / +-------------+ \ / ^ )--------------------\ /--------( | \ / +------------+----------------+---------------+ \ / | | | \ / v | | \ / +------------------------------+ v v \ / | +----------+ +--------+ | +---------+ +---------+ \ <=============>| | SFC-GW |---->| CF2 |-|----->| SN#21 |---->| SN#22 | \ | | +----------+ +--------+ | +---------+ +---------+ \ | +-------^----------------------+ | | | | | | | +--------------------------------------------------+ | | DC Network | (--------------------------------------------------------------------------) Figure 1 H-SFC architecture In the Figure 1, the Complex SF#1, Complex SF#2, Complex SF#3 which is provided by a separate Datacenter network are an ordered set of a Hierarchical SFC(H-SFC). For this H-SFC, they are logical SFs. But for this datacenter network, it's actually a SFC within the datacenter network. Ao & Wu Expires April 17, 2016 [Page 4] Internet-Draft Hierarchical SFC for DC Interconnection October 2015 CF1 classifies the traffic and assign it a H-SFC. The traffic traverses along the path according to this H-SFC. Whenever the traffic enters into Complex SF#n, it actually enters into the corresponding Datacenter network through SFC-GW to begin its SFC. The setup of this SFC in the datacenter is invisible to H-SFC. The path of the SFC in the datacenter network is also invisible to H-SFC. 3.1. SFC-GW SFC-GW is the component that interconnect the DC networks, and through which Complex SF#n communicate with H-SFC. For H-SFC, the SFC-GW can be considered as a SFF for the corresponding Complex SF#n,see Figure 2. And the SFC-GW's locator is regard as the next hope address of the HSFC. Traffic enters into Complex SF#n arrives the SFC-GW firstly, and then is forwarded to the Classifier in Datacenter network by the SFC-GW . When the traffic finishes this SFC in the Datacenter network, it should be forwarded back to SFC-GW, and then be forwarded to next SF or Complex SF by the SFC-GW. +------------------------------+ +---------+ | SFC-GW | =======>| SFF | +------------------------------+ +---------+ | | | | v | ................................... v . +------+ +------+ +------+ . +---------+ . | CF |-->| SF1 |-->| SF2 | . ========>| SF | . +------+ +------+ +------+ . +---------+ ................................... ^ ^ * * * * * I-SFC view H-SFC view Figure 2 View of the SFC-GW 3.2. Classifier for Complex SF Classifier for Complex SF receives the traffic from SFC-GW. For the traffic, the Classifier classifies the traffic and maps the traffic into corresponding I-SFC in the Datacenter network according to the H-SFC header information. The Classifier assigns the traffic the SFC header and the traffic is forwarded alone the SFP specified by the SFC header. Ao & Wu Expires April 17, 2016 [Page 5] Internet-Draft Hierarchical SFC for DC Interconnection October 2015 4. Encapsulation As description in section 3, SFC in Datacenter network is invisible to H-SFC. So it's not feasible to use the forwarding method of SFC that is in one Datacenter network. We need to assign a new SFC header for the specific SFC in the Datacenter network. Here is the analysis for the methods to handle the SFC in the Datacenter network. 4.1. Overlap SFC encapsulation When the packets with H-SFC header arrives the Classifier in the Datacenter network, this Classifier would assign a new I-SFC header based on the H-SFC header. An example is showed like the following format, Figure 3. +------------------+ | Overlay Header | +------------------+ | I-SFC Header | +------------------+ | H-SFC Header | +------------------+ | Original Packet | +------------------+ Figure 3 View of the SFC-GW The traffic with the above 2 layer-SFC header would be forwarded according to the I-SFC header in the Datacenter network. H-SFC header is just preserved in the packets. At the last SFF of the Service Function Chain of the network, the I-SFC header is removed from the packet and then the packet is forwarded to the SFC-GW of the Datacenter network for further forwarding based on the H-SFC header. With such encapsulation, H-SFC information is carried along the the whole H-SFC life without modification, so that the last SFF in the Datacenter center of the I-SFC is not required to be aware of the H-SFC. This forwarding method eliminates the last SFF's awareness of the H-SFC. 4.2. Metadata SFC encapsulation In this method, H-SFC header is transferred as a metadata that is stored in the I-SFC header. And at the last SFF of the I-SFC, the SFF need to restore metadata information into H-SFC header, then pass such traffic to SFC-GW. Ao & Wu Expires April 17, 2016 [Page 6] Internet-Draft Hierarchical SFC for DC Interconnection October 2015 This method requires that the last SFF must transfer I-SFC header to H-SFC header before forward the traffic to SFC-GW. 4.3. Exchange SFC encapsulation In this kind of encapsulation, there is 1 layer SFC header with the packet all the time. The Classifier in the Datacenter network maps the H-SFC header to the I-SFC header. And the last SFF of the I-SFC maps the I-SFC header back to H-SFC header. This method requires the last SFF in Datacenter networknot only map the I-SFC header back to H-SFC, but also must learn the mapping information from controller. 5. Coordination 5.1. Controllers To make sure that the H-SFC and I-SFC can work coordinately, Controller1 in Figure 1 and Controller2 should communicate each other. a. Controller2 setup Internal Service Function Chain(I-SFC) corresponding to Complex SF provided to H-SFC. The service the Complex SF provides is communicated between Controller1 and Controller2. b. Once Controller1 get the information of Complex SF, Controller1 setup the Hierarchical SFC. Furthermore, Controller1 need to get SFC-GW locator as next hop address of the H-SFC. c. The relationship between H-SFC and I-SFC, especially SPFID, Index, etc information. 5.2. Controller to Classifier d. Sometimes, the classifier policy in DC network may also take considerate of SFPID in H-SFC. 5.3. Controller to SFF e. For each Complex SF, controller2 should tell the last SFF of the I-SFC that the next hop is SFC-GW, so that the traffic can be forwarded to such SFF after the process of the complex SF. Ao & Wu Expires April 17, 2016 [Page 7] Internet-Draft Hierarchical SFC for DC Interconnection October 2015 6. Summary As we discuss above, H-SFC is very useful in the Service Function Chain across several Datacenter networks so that the SFC is more scalability. With the overlap SFC encapsulation, we keep the principle that the two level SFC decouple as possible as it can. And we can use the existing SFC in Datacenter to be a Complex SF without modification and with no new requirement for SFF. 7. Security Considerations To be added later 8. IANA Considerations N/A 9. Information References [I-D.ietf-sfc-architecture] Halpern, J. and C. Pignataro, "Service Function Chaining (SFC) Architecture", draft-ietf-sfc-architecture-11 (work in progress), July 2015. [I-D.ietf-sfc-dc-use-cases] Surendra, S., Tufail, M., Majee, S., Captari, C., and S. Homma, "Service Function Chaining Use Cases In Data Centers", draft-ietf-sfc-dc-use-cases-03 (work in progress), July 2015. [I-D.ietf-sfc-nsh] Quinn, P. and U. Elzur, "Network Service Header", draft- ietf-sfc-nsh-01 (work in progress), July 2015. [RFC7498] Quinn, P., Ed. and T. Nadeau, Ed., "Problem Statement for Service Function Chaining", RFC 7498, DOI 10.17487/RFC7498, April 2015, . Authors' Addresses Ao & Wu Expires April 17, 2016 [Page 8] Internet-Draft Hierarchical SFC for DC Interconnection October 2015 Ting Ao ZTE Corporation No.50, Ruanjian Road Nanjing 210012 China Phone: +86 25 88016576 Email: ao.ting@zte.com.cn Bo Wu ZTE Corporation No.50, Ruanjian Road Nanjing 210012 China Email: wu.bo@zte.com.cn Ao & Wu Expires April 17, 2016 [Page 9]