Network Working Group Sami Boutros (Ed.)
Internet Draft Siva Sivabalan (Ed.)
Intended status: Standards Track Cisco Systems, Inc.
Expires: February 15, 2012
Rahul Aggarwal (Ed.)
Juniper Networks, Inc.
Martin Vigoureux (Ed.)
Alcatel-Lucent
Xuehui Dai (Ed.)
ZTE Corporation
August 15, 2011
MPLS Transport Profile lock Instruct and Loopback Functions
draft-ietf-mpls-tp-li-lb-03.txt
Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html
This Internet-Draft will expire on February 15, 2012.
Abstract
Boutros Expires February 15, 2012 [Page 1]
�
�Internet-Draft draft-ietf-mpls-tp-li-lb-03.txt August 2011
This document specifies one function and describes a second
function which are applicable to MPLS transport networks. The first
function enables an operator to lock a transport path while the
second enables an operator to set, in loopback, a given node along
a transport path. This document also defines the extension to MPLS
operation, administration, and maintenance (OAM) to perform the
lock function.
Table of Contents
1. Introduction...................................................2
2. Terminology....................................................4
3. Lock Message...................................................4
3.1. In-band Message Identification............................4
3.2. LI Message Format.........................................5
4. Lock Operation.................................................5
4.1. UnLock Operation..........................................6
5. Loopback and maintenance operations............................6
6. Operation......................................................6
6.1. General Procedures........................................6
6.2. Example Topology..........................................6
6.3. Locking a transport path..................................7
6.4. UnLocking a transport path................................7
7. Security Considerations........................................7
8. IANA Considerations............................................8
8.1. Pseudowire Associated Channel Type........................8
9. Acknowledgements...............................................8
10. References....................................................8
10.1. Normative References.....................................8
10.2. Informative References...................................9
Author's Addresses................................................9
Full Copyright Statement.........................................11
Intellectual Property Statement..................................11
1. Introduction
This document specifies one function and describes another function
which are applicable to MPLS transport networks.
The first function enables an operator to lock a transport path. The
second function enables an operator to set that transport path in
loopback at a specified node along the path. This document also
defines the extensions to the MPLS operation, administration and
maintenance (OAM) to perform the lock function.
Boutros Expires February 15, 2012 [Page 2]
�Internet-Draft draft-ietf-mpls-tp-li-lb-03.txt August 2011
The Lock function is operated from MEP to MEP on bidirectional
(associated and co-routed) Label Switched Paths (LSPs), Pseudowires
(including multi-segment Pseudowires). As per RFC 5860 [1], lock is
an administrative state in which it is expected that only test
traffic and control traffic (such as OAM messages dedicated to the
transport path) can be mapped on that transport path.
The Lock function can be performed using an extension to the MPLS OAM
as described in the next sections. This is a common mechanism to lock
PWs and LSPs.
The Lock function can as well be realized using a management plane.
The Loopback function is operated from MEP to MEP on bidirectional
(associated and co-routed) Label Switched Paths (LSPs), Pseudowires
(including multi-segment Pseudowires). The Loopback function is
additionally operated from MEP to MIP on co-routed bidirectional
LSPs, and on multi-segment Pseudowires. The Loopback is a function
that enables a MEP to request a MEP or a MIP to enter a loopback
state. This state corresponds to the situation where, at a given
node, a forwarding plane loop is configured and the incoming
direction of a transport path is cross-connected to the outgoing
reverse direction. Therefore, except in the case of early TTL expiry,
traffic sent by the source will be received by that source.
Note that before setting a given node in Loopback for a specific
transport path, this transport path MUST be locked.
The Loopback can be performed using a management plane. Management
plane MUST insure that the two MEPs are locked before performing the
loopback function.
The Lock function is based on a new G-ACH message using a new channel
type as well as an existing TLV.
When an LSP is locked, the management or control function is expected
to lock both ends. The purpose of the Lock message is to ensure the
tight coordination of locking and unlocking the two ends. Lock
Instruct messages may be lost during looping or maintenance
operations, thus locking both ends is required, before such
operations occur.
Boutros Expires February 15, 2012 [Page 3]
�Internet-Draft draft-ietf-mpls-tp-li-lb-03.txt August 2011
Conventions used in this document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC-2119 [2].
2. Terminology
ACH: Associated Channel Header
LSR: Label Switching Router
MEP: Maintenance Entity Group End Point
MIP: Maintenance Entity Group Intermediate Point.
MPLS-TP: MPLS Transport Profile
MPLS-OAM: MPLS Operations, Administration and Maintenance
MPLS-TP LSP: Bidirectional Label Switch Path
NMS: Network Management System
TLV: Type Length Value
TTL: Time To Live
LI: Lock Instruct
Transport path: MPLS-TP LSP or MPLS Pseudowire.
3. Lock Message
3.1. In-band Message Identification
The proposed mechanism uses a new code point in the Associated
Channel Header (ACH) described in [4].
In the in-band option, the LI channel is identified by the ACH as
defined in RFC 5586 [4] with the Channel Type set to the LI code
point = 0xHH. [HH to be assigned by IANA from the PW Associated
Channel Type registry] The LI Channel does not use ACH TLVs and MUST
NOT include the ACH TLV header. The LI ACH Channel is shown below.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
Boutros Expires February 15, 2012 [Page 4]
�Internet-Draft draft-ietf-mpls-tp-li-lb-03.txt August 2011
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|0 0 0 1|Version|Reserved | 0xHH (LI) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 1: ACH Indication of LI
The LI Channel is 0xHH (to be assigned by IANA)
3.2. LI Message Format
The format of an LI Message is shown below.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Vers | Reserved | Refresh Timer |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MEP Source ID TLV |
~ ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 2: MPLS LI Message Format
Version: The Version Number is currently 1. (Note: the version
number is to be incremented whenever a change is made that affects
the ability of an implementation to correctly parse or process the
message. These changes include any syntactic or semantic changes made
to any of the fixed fields, or to any Type-Length-Value (TLV) or sub-
TLV assignment or format that is defined at a certain version number.
The version number may not need to be changed if an optional TLV or
sub-TLV is added.)
Refresh Timer: The maximum time between successive LI messages
specified in seconds. The default value is 1. The value 0 is not
permitted. When a lock is applied, a refresh timer is chosen. This
value MUST NOT be changed for the duration of that lock.
MEP Source ID TLV: This is the "CC/CV MEP ID TLV" defined in [3].
4. Lock Operation
lock is used to request a MEP to take a transport path out of service
so that some form of maintenance can be done.
When performing a lock, a sender MEP in response to a management
system request MUST take the transport path out of service and MUST
send LI messages periodically to the target MEP at the end of the
transport path. LI messages will be sent once every refresh time
interval.
Boutros Expires February 15, 2012 [Page 5]
�Internet-Draft draft-ietf-mpls-tp-li-lb-03.txt August 2011
The receiver MEP, will lock the transport path as long as it is
receiving the periodic LI messages.
The receiver MEP once locked, MUST take the transport path out of
service.
4.1. UnLock Operation
Unlock is used to request a MEP to bring the previously locked
transport path back in service.
When a MEP is unlocked via management or control it MUST cease
sending LI messages. Further, it must have stopped receiving LI
messages for a period of 3.5 times the previously received refresh
timer before it brings the transport path back in service.
A MEP would unlock transport path and put it back to service if and
only if there is no management request to lock the path and it is not
receiving in-band LI messages.
5. Loopback and maintenance operations
When an LSP is locked, the management or control function is expected
to lock both ends. The purpose of the LI message is to ensure the
tight coordination of locking and unlocking the two ends. LI
messages may be lost during looping or maintenance operations, thus
locking both ends is required, before such operations occur.
When a transport path is put in loopback, traffic sent from the
sender MEP will be looped back to that sender MEP. OAM packets not
intercepted by TTL expiry will as well be looped back. The use of
traffic to measure packet loss, delay and delay variation is outside
the scope of this document.
6. Operation
6.1. General Procedures
When taking a transport path out of service, the operation MUST first
be preceded by a lock operation.
6.2. Example Topology
The next sections discuss the procedures for locking, Unlocking a
transport path. Assume a transport path traverses nodes A <--> B <--
> C <--> D. We will refer to the Maintenance Entities involved as
MEP-A, MIP-B, MIP-C, and MEP-D respectively. Suppose a maintenance
operation invoked at MEP-A requires to lock the transport path.
Boutros Expires February 15, 2012 [Page 6]
�Internet-Draft draft-ietf-mpls-tp-li-lb-03.txt August 2011
The following sections describe MEP-A setting and unsetting a lock at
MEP-D.
6.3. Locking a transport path
1. MEP-A sends an in-band LI Message in response to a Management
system request to lock the transport path. The message will include
the source MEP-ID TLV.
2. Upon receiving the LI message, D uses the received label stack and
the source MEP-ID as per [3] to identify the transport path. If no
label binding exists or there is no associated transport path back to
the originator, or if the source MEP-ID does not match, the event is
logged. Processing ceases. Otherwise the message is processed.
6.4. UnLocking a transport path
1. In response to a Management system request to unlock the transport
path MEP-A stops sending LI Messages.
2. After 3.5 times the refresh timer, both sender MEP A and receive
MEP D unlock the transport path and put the transport path back in
service.
7. Security Considerations
MPLS-TP is a subset of MPLS and so builds upon many of the aspects of
the security model of MPLS. MPLS networks make the assumption that it
is very hard to inject traffic into a network, and equally hard to
cause traffic to be directed outside the network. The control plane
protocols utilize hop-by-hop security, and assume a "chain-of-trust"
model such that end-to-end control plane security is not used. For
more information on the generic aspects of MPLS security, see [5].
This document describes a protocol carried in the G-ACh [4], and so
is dependent on the security of the G-ACh, itself. The G-ACh is a
generalization of the Associated Channel defined in [6]. Thus, this
document relies heavily on the security mechanisms provided for the
Associated Channel and described in those two documents.
A specific concern for the G-ACh is that is can be used to provide a
covert channel. This problem is wider than the scope of this
document and does not need to be addressed here, but it should be
noted that the channel provides end-to-end connectivity and SHOULD
NOT be policed by transit nodes. Thus, there is no simple way of
Boutros Expires February 15, 2012 [Page 7]
�Internet-Draft draft-ietf-mpls-tp-li-lb-03.txt August 2011
preventing any traffic being carried between in the G-ACh consenting
nodes.
A good discussion of the data plane security of an associated channel
may be found in [7]. That document also describes some mitigation
techniques.
It should be noted that the G-ACh is essentially connection-oriented
so injection or modification of control messages specified in this
document require the subversion of a transit node. Such subversion is
generally considered hard in MPLS networks, and impossible to protect
against at the protocol level. Management level techniques are more
appropriate.
8. IANA Considerations
8.1. Pseudowire Associated Channel Type
LI OAM requires a unique Associated Channel Type which is assigned by
IANA from the Pseudowire Associated Channel Types Registry.
Registry:
Value Description TLV Follows Reference
----------- ----------------------- ----------- ---------
0xHHHH LI No (Section 3.1)
9. Acknowledgements
The authors would like to thank Loa Andersson for his valuable
comments.
10. References
10.1. Normative References
[1] Vigoureux, M., Ward, D., and M. Betts, "Requirements for
Operations, Administration, and Maintenance (OAM) in MPLS
Transport Networks", RFC 5860, May 2010.
[2] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, March 1997.
[3] D. Allan, et. al., Proactive Connectivity Verification,
Continuity Check and Remote Defect indication for MPLS
Transport Profile draft-ietf-mpls-tp-cc-cv-rdi-06, work in
progress, June 2010
Boutros Expires February 15, 2012 [Page 8]
�Internet-Draft draft-ietf-mpls-tp-li-lb-03.txt August 2011
[4] Bocci, M., Vigoureux, M., and S. Bryant, "MPLS Generic
Associated Channel", RFC 5586, June 2009.
[5] L. Fang, "Security Framework for MPLS and GMPLS Networks", RFC
5920, July 2010.
[6] S. Bryant, G. Swallow, L. Martini "Pseudowire Emulation Edge-
to-Edge (PWE3) Control Word for Use over an MPLS PSN", RFC
4385, Feb 2006.
[7] T. Nadeau, C. Pignataro, "Pseudowire Virtual Circuit
Connectivity Verification (VCCV): A Control Channel for
Pseudowires", RFC 5085, Dec 2007.
10.2. Informative References
[1] Bocci, M. and G. Swallow, "MPLS-TP Identifiers", draft-ietf-
mpls-tp-identifiers-07 (work in progress), June 2010.
[2] Niven-Jenkins, B., Brungard, D., Betts, M., Sprecher, N., and
S.Ueno, "Requirements of an MPLS Transport Profile", RFC 5654,
September 2009.
[3] Nabil Bitar, et. al, "Requirements for Multi-Segment Pseudowire
Emulation Edge-to-Edge (PWE3) ", RFC 5254, October 2008.
Author's Addresses
Sami Boutros
Cisco Systems, Inc.
Email: sboutros@cisco.com
Siva Sivabalan
Cisco Systems, Inc.
Email: msiva@cisco.com
Rahul Aggarwal
Juniper Networks.
EMail: rahul@juniper.net
Martin Vigoureux
Alcatel-Lucent.
Email: martin.vigoureux@alcatel-lucent.com
Xuehui Dai
ZTE Corporation.
Boutros Expires February 15, 2012 [Page 9]
�Internet-Draft draft-ietf-mpls-tp-li-lb-03.txt August 2011
Email: dai.xuehui@zte.com.cn
George Swallow
Cisco Systems, Inc.
Email: swallow@cisco.com
David Ward
Juniper Networks.
Email: dward@juniper.net
Stewart Bryant
Cisco Systems, Inc.
Email: stbryant@cisco.com
Carlos Pignataro
Cisco Systems, Inc.
Email: cpignata@cisco.com
Eric Osborne
Cisco Systems, Inc.
Email: eosborne@cisco.com
Nabil Bitar
Verizon.
Email: nabil.bitar@verizon.com
Italo Busi
Alcatel-Lucent.
Email: italo.busi@alcatel-lucent.it
Lieven Levrau
Alcatel-Lucent.
Email: llevrau@alcatel-lucent.com
Laurent Ciavaglia
Alcatel-Lucent.
Email: laurent.ciavaglia@alcatel-lucent.com
Bo Wu
ZTE Corporation.
Email: wu.bo@zte.com.cn
Boutros Expires February 15, 2012 [Page 10]
�Internet-Draft draft-ietf-mpls-tp-li-lb-03.txt August 2011
Jian Yang
ZTE Corporation.
Email: yang_jian@zte.com.cn
Full Copyright Statement
Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
All IETF Documents and the information contained therein are provided
on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE
REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE
IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL
WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY
WARRANTY THAT THE USE OF THE INFORMATION THEREIN WILL NOT INFRINGE
ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS
FOR A PARTICULAR PURPOSE.
Intellectual Property Statement
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights.
Copies of Intellectual Property disclosures made to the IETF
Secretariat and any assurances of licenses to be made available, or
the result of an attempt made to obtain a general license or
permission for the use of such proprietary rights by implementers or
users of this specification can be obtained from the IETF on-line IPR
repository at http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
Boutros Expires February 15, 2012 [Page 11]
�Internet-Draft draft-ietf-mpls-tp-li-lb-03.txt August 2011
any standard or specification contained in an IETF Document. Please
address the information to the IETF at ietf-ipr@ietf.org.
The definitive version of an IETF Document is that published by, or
under the auspices of, the IETF. Versions of IETF Documents that are
published by third parties, including those that are translated into
other languages, should not be considered to be definitive versions
of IETF Documents. The definitive version of these Legal Provisions
is that published by, or under the auspices of, the IETF. Versions of
these Legal Provisions that are published by third parties, including
those that are translated into other languages, should not be
considered to be definitive versions of these Legal Provions.
For the avoidance of doubt, each Contributor to the UETF Standards
Process licenses each Contribution that he or she makes as part of
the IETF Standards Process to the IETF Trust pursuant to the
provisions of RFC 5378. No language to the contrary, or terms,
conditions or rights that differ from or are inconsistent with the
rights and licenses granted under RFC 5378, shall have any effect and
shall be null and void, whether published or posted by such
Contributor, or included with or in such Contribution.
Acknowledgment
Funding for the RFC Editor function is currently provided by the
Internet Society.
Boutros Expires February 15, 2012 [Page 12]
�