I2RS D. Liu Internet-Draft China Mobile Intended status: Informational B. Khasnabish Expires: January 9, 2014 ZTE H. Deng China Mobile July 8, 2013 Architecture Discussion of I2RS draft-liu-i2rs-architecture-01 Abstract This document discusses the high level architecture of I2RS. We plan to include discussion on virtualization, service chaining, and grouping in a future version of this draft. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on January 9, 2014. Copyright Notice Copyright (c) 2013 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as Liu, et al. Expires January 9, 2014 [Page 1] Internet-Draft i2rs architecture July 2013 described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Conventions used in this document . . . . . . . . . . . . . . . 4 3. Architecture of I2RS . . . . . . . . . . . . . . . . . . . . . 5 4. I2RS Application/Agent . . . . . . . . . . . . . . . . . . . . 6 5. I2RS Interfaces . . . . . . . . . . . . . . . . . . . . . . . . 6 6. Network/Service Control . . . . . . . . . . . . . . . . . . . . 6 7. Management Considerations . . . . . . . . . . . . . . . . . . . 6 8. Security Considerations . . . . . . . . . . . . . . . . . . . . 7 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 7 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . 7 11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 7 11.1. Normative References . . . . . . . . . . . . . . . . . . . 7 11.2. Informative References . . . . . . . . . . . . . . . . . . 7 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 7 Liu, et al. Expires January 9, 2014 [Page 2] Internet-Draft i2rs architecture July 2013 1. Introduction This document discusses the high level architecture of I2RS. As illustrated in figure 1, the I2RS architecture is composed by three types of building blocks. The first type of the building block is the user of I2RS interface. The users could be network controllers, network management functions, other user applications etc. The user application uses the I2RS interface interacts with the routing system. The second type of the building block is management functions. This include configuration management function and security management function. The configuration management function is used to configure the I2RS interface. The security function is used to enforce the security polices of the I2RS interface. The third type of the building block is routing function. This build block includes routing information base, IP forwarding table etc. The routing information base could be accessed by the I2RS users using the I2RS interface. Figure 1 architecture of I2RS Liu, et al. Expires January 9, 2014 [Page 3] Internet-Draft i2rs architecture July 2013 +------------------+ +------------------+ +-----------------+ |Network Controller| |Network Management| | User Application|.. +------------------+ +------------------+ +-----------------+ | | | | \---------------| |--------------------/ | | I2RS Interface +----------------------+ | | +------------------+ |Configuration Function|----| |-----|Security Function | +----------------------+ | | +------------------+ | | | | Routing Function +---------------------------| |--------------------------------+ | | | | | +------------+ | | +-----------+ | | |OSPF process| | | |BGP process| ... | | +------------+ | | +-----------+ | | | | | | | | | +------------------------+ | | | +-----|Routing Information Base|-------+ | | +------------------------+ | | | | +---------------------------|----------------------------------+ | {OF, ForCES, .. Protocol} | Forwarding Function +---------------------------|----------------------------------+ | | | | | | | +--------------------+ | | | IP Forwarding Table| | | +--------------------+ | | | +--------------------------------------------------------------+ Figure 1 2. Conventions used in this document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119 [RFC2119]. In this document, these words will appear with that interpretation only when in ALL CAPS. Lower case uses of these words are not to be interpreted as carrying RFC-2119 significance. A list of acronyms and abbreviations used in this document are Liu, et al. Expires January 9, 2014 [Page 4] Internet-Draft i2rs architecture July 2013 presented below. o ForCES: Forwarding and Control Element separation o I2RS: Interface to Routing System o NSC: Network Service Chaining o NSG: Network Service Grouping o OF: Open Flow o RIB: Routing Information Base o TIB: Topology Information Base 3. Architecture of I2RS This section discusses the function of the building block of the I2RS architecture. i. I2RS user application The I2RS user application communicate with the routing information base using the I2RS interface. The user application can read the routing information from the routing information base, it can also inject polices, routing information etc into the routing information base. The I2RS interface could be RESTful API or websocket etc. There should be an authentication mechanism in the I2RS architecture that only allow the authorized application communicate with the routing system. ii. Configuration function The I2RS interface could be configured by the configuration function. The I2RS user application could customize the I2RS interface function and set the I2RS interface parameters by the configuration function. iii. Security function Security function is an important building block of the I2RS architecture. It will ensure only authorized application can use the I2RS interface and communicate with the routing system. There could be different level of authorization. For example, the security function can allow some application only read from the routing system while other application can both read and inject polices into the routing system. iv. Routing function The routing function is composed of routing information base (RIB), IP forwarding table and the routing processes. The I2RS application could communicate with the routing information base using the I2RS Liu, et al. Expires January 9, 2014 [Page 5] Internet-Draft i2rs architecture July 2013 interface. It can read or inject routing information into the routing information base. The routing processes can also inject routing information into the routing information base. iv. Forwarding function The forwarding function facilitates forwarding of flows/packets. It can operate using simple Table or sophisticated dynamic matrix for intelligent processing of flows. 4. I2RS Application/Agent This section discusses the I2RS application and agent function in the architecture. There are many applications can use the I2RS interfaces. For example, network management application can use I2RS interface to get the network topology information. I2RS agent locates in the routing function and communicates with the I2RS application. 5. I2RS Interfaces This section discusses the I2RS interfaces in the architecture. The I2RS interface is the interface between the I2RS application and the I2RS agent. 6. Network/Service Control This section discusses the network and service control in the architecture. Network control may include control of both virtual and physical network entities. The services may include chaining of network services (NSCs) and grouping network services (NSGs). 7. Management Considerations This section discusses the management consideration of the architecture. In addition to managing the configurations of the virtual and physical network entities, this may include managing service-specific meta-data and configurations of the hosts that provide network-based value-added services like policy, compliance, load-balancing, and so on. Liu, et al. Expires January 9, 2014 [Page 6] Internet-Draft i2rs architecture July 2013 8. Security Considerations Security function is very important for the I2RS architecture. It should provide authentication mechanism and data protection mechanism to protect critical routing information. 9. IANA Considerations No IANA action is required. 10. Acknowledgments . 11. References 11.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. 11.2. Informative References [RFC2328] Moy, J., "OSPF Version 2", STD 54, RFC 2328, April 1998. [RFC4271] Rekhter, Y., Li, T., and S. Hares, "A Border Gateway Protocol 4 (BGP-4)", RFC 4271, January 2006. Authors' Addresses Dapeng Liu China Mobile Unit2, 28 Xuanwumenxi Ave,Xuanwu District Beijing 100053 China Email: liudapeng@chinamobile.com Liu, et al. Expires January 9, 2014 [Page 7] Internet-Draft i2rs architecture July 2013 Bhumip Khasnabish ZTE 55 Madison Avenue, Suite 160 Morristown, New Jersey 07960 USA Phone: +001-781-752-8003 Email: vumip1@gmail.com, bhumip.khasnabish@zteusa.com Hui Deng China Mobile Unit2, 28 Xuanwumenxi Ave,Xuanwu District Beijing 100053 China Email: denghui@chinamobile.com Liu, et al. Expires January 9, 2014 [Page 8] =