Network working group X. Xu Internet Draft Huawei Technologies Category: Standard Track Expires: July 2011 January 14, 2011 Virtual Private LAN Service (VPLS) Using IS-IS draft-xu-l2vpn-vpls-isis-00 Status of this Memo This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on July 13, 2011. Copyright Notice Copyright (c) 2009 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Xu Expires July 14, 2011 [Page 1] Internet-Draft VPLS Using IS-IS January 2011 Abstract This document describes a light-weight Virtual Private LAN Service (VPLS) using IS-IS for auto-discovery and signaling. Conventions used in this document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119 [RFC2119]. Table of Contents 1. Introduction................................................3 2. Terminology.................................................3 3. Assumption..................................................3 4. Control Plane...............................................4 4.1. Extended IS-IS TLV for VPLS............................4 4.2. Auto-Discovery.........................................5 4.3. Signaling..............................................5 5. Data Plane..................................................6 5.1. Data Encapsulation.....................................6 5.1.1. Unicast...........................................6 5.1.2. Multicast/Broadcast...............................6 5.2. Data Forwarding........................................7 5.3. MAC Address Learning...................................7 6. Summary.....................................................7 7. Security Considerations.....................................7 8. IANA Considerations.........................................7 9. Acknowledgements............................................8 10. References.................................................8 10.1. Normative References..................................8 10.2. Informative References................................8 Authors' Addresses.............................................9 Xu Expires July 14, 2011 [Page 2] Internet-Draft VPLS Using IS-IS January 2011 1. Introduction Cloud data center requires such a large layer 2 network that SHOULD not only be able to support shortest path forwarding and Equal Cost Multi-Path (ECMP) forwarding for maximizing the bandwidth capacity between servers, but also be able to provide a huge amount of VPN instances for isolating tens or even hundreds of thousands of tenements within the cloud data centers. VPLS seems as a good option for such scenario. However, both BGP VPLS [RFC4761] and LDP VPLS [RFC4762] are not much acceptable for most data center operators since they are a bit heavy-weight. Hence, this document describes a light-weight VPLS solution using IS-IS [IS-IS][RFC1195] which is intended for the specific data center network scenario as mentioned above. On the control plane, IS-IS is run between P and PE routers, and an extended IS-IS TLV is used by PE routers to distribute their own VPLS membership information including the attached VPLS instances and their associated VPLS labels among each other. On the data plane, the VPLS label is carried in the inner MPLS header of L2VPN data packets (e.g., MAC-in-MPLS-in-IP). Note that the VPLS label (i.e., the MPLS label) here is just used to identify a particular VPLS instance, but not to identify both a particular VPLS instance and a particular ingress PE router as the PW label does. With IS-IS based VPLS, the network operators only need to run a single routing protocol (i.e., IS-IS) on the backbone of their data center networks, rather than to run separate BGP and/or LDP for VPLS while running IGP (e.g., IS-IS) for the routing protocol between PE routers. 2. Terminology This memo makes use of the terms defined in [RFC4664], [VPLS-MCAST], [RFC4761] and [RFC4762]. 3. Assumption In IS-IS VPLS, IP based tunnel is the default choice for the PE-to- PE tunnel technology. In the sparse case where MPLS traffic- engineering is desired, ISIS-TE [RFC5305] and RSVP-TE [RFC3209] could be seamlessly enabled on the basis of IS-IS VPLS. Note that the LDP based MP2P LSP tunnel MUST NOT be used as the PE-to-PE tunnel in IS-IS VPLS due to the fact that the egress PE router would not be able to perform the MAC learning correctly without the Xu Expires July 14, 2011 [Page 3] Internet-Draft VPLS Using IS-IS January 2011 knowledge of the ingress PE router of the L2VPN data packet received from the backbone. 4. Control Plane There are two primary functions of the VPLS control plane: auto- discovery and signaling. In IS-IS VPLS, both of these functions are accomplished with a single IS-IS TLV advertisement. 4.1. Extended IS-IS TLV for VPLS +-----------+ |Type=VPLS | (8 bits) +-----------+ |Length | (8 bits) +-----------+---------------------------------------------------+ | PE's IPv4 or IPv6 Address (128 bits) | +--------------------------------+------------------------------+ | VPLS_ID (20 bits) | +--------------------------------+ | VPLS Label (20 bits) | +--------------------------------+ | | | ...... | +--------------------------------+ | VPLS_ID (20 bits) | +--------------------------------+ | VPLS Label (20 bits) | +--------------------------------+ Type TLV Type code for VPLS: TBD. Length Total number of bytes contained in the value field. PE's IPv4 or IPv6 Address This 128-bit field is filled with one of the PE router's IP addresses which are reachable across the backbone. The address filled in this field SHOULD be used as tunnel destination addresses by remote PE routers when sending a CE packet to such PE router. If the IP address is IPv4, the last four octets of this field are filled with the IPv4 Xu Expires July 14, 2011 [Page 4] Internet-Draft VPLS Using IS-IS January 2011 address while the remaining part is set to zero. In other words, it is filled with an IPv4-mapped IPv6 address. VPLS_ID This field is filled with a 20-bit globally unique VPLS ID for a particular attached VPLS instance. VPLS Label This field is filled with a 20-bit MPLS label corresponding to the VPLS instance which is identified by the VPLS ID. 4.2. Auto-Discovery In IS-IS VPLS, each PE router could automatically discover which other PE routers are part of a given VPLS instance identified by the globally unique VPLS ID. This allows each PE router's configuration to consist only of the identity of the VPLS instance established on this PE router, not the identity of every other PE router in that VPLS instance. 4.3. Signaling In IS-IS VPLS, it is REQUIRED that a PE router SHOULD assign the same MPLS label for a given VPLS instance to any other PE router. In other words, this VPLS label is used for identifying a particular VPLS instance, rather than for identifying both a particular VPLS instance and the corresponding ingress PE router as the PW label does. The VPLS label in IS-IS VPLS just needs to be locally unique, rather than globally unique for most cases except the aggregate P-Multicast tree based VPLS multicast case where a single P-Multicast tree is shared by more than one VPLS instance. For example, in unicast and ingress-replication multicast cases [VPLS-MCAST], it is no necessary for the VPLS label to be globally unique. Besides, in the non-aggregative P-Multicast tree [VPLS-MCAST] based VPLS multicast case where a single P-Multicast tree is exclusively used by no more than one VPLS instance, the MAC-in-IP encapsulation is used since the multicast address itself in the IP based tunnel header is enough for identifying a particular VPLS instance. Therefore, it doesn't require the VPLS label to be globally unique either. Xu Expires July 14, 2011 [Page 5] Internet-Draft VPLS Using IS-IS January 2011 For the aggregate P-Multicast tree [VPLS-MCAST] based VPLS multicast, the VPLS label for a given VPLS instance directly equals the VPLS ID of that VPLS instance. If the globally unique label assignment can not be met in some cases, such multicast mode SHOULD be prohibited. 5. Data Plane 5.1. Data Encapsulation 5.1.1. Unicast MAC-in-MPLS-in-IP encapsulation [RFC4448][RFC4023] SHOULD be used for unicast. The IP here means any of IP based encapsulations, such as MPLS-in-IP and MPLS-in-GRE (Generic Routing Encapsulation). For unknown destination unicast, the encapsulation is the same as that for multicast/broadcast described in the following section. 5.1.2. Multicast/Broadcast There are two major multicast modes for IS-IS VPLS: ingress replication mode and P-Multicast tree mode. The encapsulation corresponding to each mode is described in the following sub-sections. 5.1.2.1. Ingress Replication Mode In the ingress replication mode, an ingress PE router forward the CE multicast/broadcast frames received via its attachment circuits towards each remote PE router of the same VPLS instance in the separate IP based tunnels destined for each remote PE router. Hence, the encapsulation in this mode has no difference from that for unicast. 5.1.2.2. P-Multicast Tree Mode In the non-aggregative P-Multicast tree mode where a single P- Multicast distribution tree in the backbone is exclusively used by one VPLS instance, the MAC-in-IP encapsulation is used directly since the destination IP address (i.e., multicast address) contained in the IP-based tunnel header is enough for the egress PE routers to determine which VPLS instance the encapsulated CE packets received from a remote PE router belongs to. For aggregative P-Multicast tree mode in which a single P-Multicast tree is shared by more than one VPLS instance, MAC-in-MPLS-IP Xu Expires July 14, 2011 [Page 6] Internet-Draft VPLS Using IS-IS January 2011 encapsulation SHOULD be used. The MPLS label contained in the inner MPLS header would be used by the egress PE routers to identify the particular VPLS instance that the received CE data packets belong to. 5.2. Data Forwarding In IS-IS VPLS, there is almost no difference from BGP VPLS and LDP VPLS from the aspect of data forwarding. 5.3. MAC Address Learning Like BGP VPLS and LDP VPLS, data driven MAC learning is available in IS-IS VPLS. Upon receiving an encapsulated CE data packet from a remote PE router, the MPLS label contained in the MPLS header of the data packet is used to identify the particular VPLS instance that the data packet belongs to, while the source IP address contained in the IP based tunnel header is used to tell from which ingress PE router the data packet is sent. If the CE MAC reachability information is desired to be distributed across PE routers on the control plane, such information SHOULD be fully transparent to P routers as if the packets containing that information were encapsulated CE data packets. Besides, the CE MAC reachability information of a given VPPLS instance SHOULD be distributed only to those PE routers of that VPLS instance. Details about how to advertise the CE MAC reachability information on the control plane is for further study. 6. Summary The major side-effect of using IGP to distribute the VPLS membership information is the VPLS membership information would have to be exposed to P routers unnecessarily. Fortunately, the extended IS-IS TLV for VPLS is partially transparent to P routers, that is to say, P routers don't need to process the VPLS membership information contained in that IS-IS TLV, but only need to synchronize the Link State PDUs (LSP) with their IS-IS neighbors. Anyway, this ought to be a necessary and affordable cost of achieving the configuration simplicity. 7. Security Considerations This document adds no additional security risks to IS-IS and VPLS. 8. IANA Considerations There is no requirement for IANA. Xu Expires July 14, 2011 [Page 7] Internet-Draft VPLS Using IS-IS January 2011 9. Acknowledgements Thanks to Tony Li, Peter Ashwood-Smith, Phil Bedard, Kris Price, Shahram Davari and other people for their valuable comments on the initial idea of this document. 10. References 10.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [IS-IS] ISO/IEC 10589, "Intermediate System to Intermediate System Intra-Domain Routing Exchange Protocol for use in Conjunction with the Protocol for Providing the Connectionless-mode Network Service (ISO 8473)", 2005. [RFC1195] Callon, R., "Use of OSI IS-IS for Routing in TCP/IP and Dual Environments", 1990. [RFC5305] Li, T. and H. Smit, "IS-IS Extensions for Traffic Engineering", 2008. [RFC3209] Awduche, D., Berger, L., Gan, D., Li, T., Srinivasan, V., and G. Swallow, "RSVP-TE: Extensions to RSVP for LSP Tunnels", RFC 3209, December 2001. [RFC4448] Martini, L., Rosen, E., El-Aawar, N., and G. Heron, "Encapsulation Methods for Transport of Ethernet over MPLS Networks", RFC 4448, April 2006. [RFC4023] Worster, T., Rekhter, Y., and E. Rosen, "Encapsulating MPLS in IP or Generic Routing Encapsulation (GRE)", RFC 4023, March 2005. 10.2. Informative References [RFC4761] Kompella, K. and Y. Rekhter, "Virtual Private LAN Service (VPLS) Using BGP for Auto-Discovery and Signaling", RFC 4761, January 2007. [RFC4762] Lasserre, M. and V. Kompella, "Virtual Private LAN Service (VPLS) Using Label Distribution Protocol (LDP) Signaling", RFC 4762, January 2007. Xu Expires July 14, 2011 [Page 8] Internet-Draft VPLS Using IS-IS January 2011 [VPLS-MCAST] R. Aggarwal., Y. Kamite., L. Fang, "Multicast in VPLS", draft-ietf-l2vpn-vpls-mcast-08 (work in progress), October 2010. Authors' Addresses Xiaohu Xu Huawei Technologies, No.3 Xinxi Rd., Shang-Di Information Industry Base, Hai-Dian District, Beijing 100085 P.R. China Phone: +86 10 82882573 Email: xuxh@huawei.com Xu Expires July 14, 2011 [Page 9]