Internet DRAFT - draft-mack-crane-l2vpn-spb-o-mpls
draft-mack-crane-l2vpn-spb-o-mpls
Network Working Group
Internet Draft B. Mack-Crane
Intended status: Informational L. Yong
Huawei
Expires: April 2012 October 17, 2011
Shortest Path Bridging (SPB) over an MPLS Packet Switched Network
draft-mack-crane-l2vpn-spb-o-mpls-00.txt
Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with
the provisions of BCP 78 and BCP 79.
Distribution of this document is unlimited. Comments should be sent
to the DNSEXT working group mailing list: <rbridge@postel.org>.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other documents
at any time. It is inappropriate to use Internet-Drafts as
reference material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/1id-abstracts.html
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html
Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this
Mack-Crane & Yong Expires April 17, 2012 [Page 1]
�
Internet-Draft SPB over MPLS October 2011
document must include Simplified BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the BSD License.
Abstract
This informational document describes ways to interconnect a
Shortest Path Tree (SPT) Region over WAN connections using MPLS
Pseudo Wires (PWs) with existing SPB and MPLS standards. It also
describes how a combination of SPB and MPLS can provide a
hierarchical scalable L2VPN.
Table of Contents
1. Introduction...................................................2
2. Use Cases......................................................3
2.1. Point-To-Point Interconnection............................4
2.2. Multiple Interconnections.................................5
2.3. Hierarchical L2VPN with SPB and MPLS......................7
3. Security Considerations........................................9
4. IANA Considerations............................................9
5. Acknowledgements...............................................9
6. References.....................................................9
6.1. Normative References......................................9
6.2. Informative References...................................10
1. Introduction
The IEEE Shortest Path Bridging (SPB) standard [802.1aq] provides
optimal pair-wise data frame forwarding with little or no
configuration in multi-hop networks of arbitrary topology. This
network behavior is implemented by Shortest Path Tree (SPT) Bridges
that automatically confederate (i.e., recognize compatibly
configured neighbors) to form SPT Regions within which shortest path
bridging is provided. The data plane controlled by SPT Bridges is
unchanged from earlier bridging standards except for the addition of
a reverse path forwarding check option. The ECMP project [802.1Qbp]
will add support for multipath load spreading for both unicast and
multicast traffic. SPB enables a new method to construct enterprise
and cloud data center networks.
This document describes use cases for SPB over an MPLS Packet
Switched Network (PSN) and introduces a new hierarchical L2VPN
architecture that uses SPB and IP/MPLS and documents the related
Mack-Crane & Yong Expires April 17, 2012 [Page 2]
�
Internet-Draft SPB over MPLS October 2011
configurations and references for proper interworking. In the use
cases described the SPBM mode (MAC address based) is used, implying
the existence of a Provider Backbone Edge Bridge function (MAC-in-
MAC encapsulation) [802.1Q] at the boundary of the SPT Region.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
Acronyms used in this document include the following:
AC - Attachment Circuit
CE - Customer Edge
IS-IS - Intermediate System to Intermediate System
MPLS - Multi-Protocol Label Switching
PE - Provider Edge
PPP - Point to Point Protocol
PW - Pseudo Wire
SPB - Shortest Path Bridging
SPT - Shortest Path Tree
VSI - Virtual Switching Instance
2. Use Cases
SPT Regions at different locations may be interconnected by networks
that are implemented with different technologies to form one larger
SPT Region. This section describes use cases assuming that IP/MPLS
technology is available. From the MPLS network view, SPT Bridges act
as Customer Edge (CE) devices and connect to PEs via an attachment
circuit (AC). SPT Bridges [802.1aq] support deterministic forwarding
behavior over point-to-point links. Section 2.1 describes SPT Region
interconnection over a single point-to-point link provided by an
MPLS network. Section 2.2 describes interconnecting multiple SPT
Regions using multiple PWs. Section 2.3 introduces a hierarchical
L2VPN solution that uses SPT Bridges and MPLS in a tiered
architecture.
Mack-Crane & Yong Expires April 17, 2012 [Page 3]
�
Internet-Draft SPB over MPLS October 2011
2.1. Point-To-Point Interconnection
Two SPT Bridges are interconnected by either an Ethernet or PPP PW
over a MPLS network. The PW is configured between a pair of PEs to
provide part of the point-to-point link between two SPT Bridges.
Figure 1 illustrates this architecture. Each SPT Bridge connects to
a PE via an AC and acts as a CE device. The MPLS PSN is bounded by
the PEs. The link across the IP/MPLS PSN enables the site A and site
B SPT Bridges to form one SPT Region.
MPLS supports many pseudo wire transport encapsulations [RFC4446].
Two types of links between Bridges have been standardized: Ethernet
[RFC4448] and PPP [RFC3518, RFC4618]. A Bridge port connected to an
AC may be mapped to a PW with Ethernet encapsulation [RFC4448]. The
PW between two PEs can be auto-configured [RFC4447] or manually
configured; the two Bridges then appear directly interconnected with
an Ethernet link.
When the Bridge ports connected to the ACs are configured with PPP,
the PEs may be configured as a PW with PPP encapsulation [RFC4618].
After the PW is established between two PEs, the two RBridges then
appear directly interconnected with a PPP link. Because the frames
between the bridges are encapsulated within PPP, if the PEs have the
capability to add or remove PPP encapsulation, it is an independent
decision for each AC and for the PW whether each is PPP or Ethernet.
An SPB adjacency is automatically established over an Ethernet link
or PPP link. The PW provides transparent transport between ACs.
Note: For Ethernet PW configuration, PE SHOULD use the raw mode and
non-service-delimiting options.
<---------- SPB Link ---------->
*-------* <-------PW-------> *-------*
| | AC +----+ +---+ +----+ AC | |
| SPT +----| PE |----| P |---| PE |----+ SPT |
|Bridge | +----+ +---+ +----+ |Bridge |
|Site A | { PSN } |Site B |
*-------* *-------*
{ One SPT Region }
Figure 1 P2P SPB Link over IP/MPLS PSN Use Case I
Mack-Crane & Yong Expires April 17, 2012 [Page 4]
�
Internet-Draft SPB over MPLS October 2011
As networks converge, it is possible that one operator controls both
the SPT Region as well as the core MPLS network. Figure 2
illustrates this use case, in which SPT Bridges are also MPLS PE
enabled. The interworking between the SPT network and the MPLS PSN
is within one device. In this case, a virtual Ethernet interface is
configured between the SPT Bridge component and PE component on the
SPT/PE device and a Packet-PW is configured between two PE
components on two devices to emulate the virtual Ethernet link. An
SPB adjacency is established between two RB/PE devices after the PW
is established. In this case, SPB runs in the client layer and MPLS
runs in the Server Layer; SPB/PE devices support both client and
server layer control plane and data plane functions.
*---------* *---------*
| SPT |<------- SPB Link ------>| SPT |
| Site A | (Client Layer) | Site B |
| +-------+ +---+ +-------+ |
| |SPB/PE |-----| P |------| PE/SPB| |
| +-------+ +---+ +-------+ |
| |<--------- PW ---------->| |
| | (Server Layer) | |
*---------* *---------*
{ PSN }
{ One SPT Region }
Figure 2 P2P SPB-Link over IP/MPLS PSN Use Case II
In both case I and II, the PE treats an SPT Bridge as a generic CE
and has no awareness of SPB capability on the CE. Use case I enables
the business models when the SPT Region and Core MPLS may be
operated by different operators or the same operator. In the case of
different operators, the core MPLS operator can sell a VPWS service
to the SPB operator. Use case II provides the model where the SPT
Region and the core network are operated by the same operator but
use different technologies in edge and core domains of the network.
A PW may cross multiple MPLS domains [RFC5659]. In this case, SPT
Bridges connect to T-PEs and it works in the same way as single
domain.
2.2. Multiple Interconnections
More than two SPT sites may be interconnected by a full or partial
mesh of PWs. The PWs provide a set of links interconnecting the SPT
sites and enable the formation of one SPT Region. Interconnecting
Mack-Crane & Yong Expires April 17, 2012 [Page 5]
�
Internet-Draft SPB over MPLS October 2011
multiple sites using PWs is preferable to using a VPLS (VLAN)
service because it allows deterministic control of traffic placement
and traffic engineering (assuming the PWs provide a bandwidth SLA).
PWs can provide multiple connections to a single physical interface
if VLAN tags are used for service selection (Ethernet VLAN ACs).
Virtual ports can be provisioned on the SPT Bridge by using a port-
mapping S-VLAN component [802.1Qbc]. The S-VID is then used for
service selection to map traffic to each PW connection. Figure 3
shows the use of PWs to interconnect three SPT Bridges. One SPT
Region is formed across three different sites. Three PWs are
configured, providing a full mesh between the three sites. Each SPT
site connects to the others via PWs selected by the service-
delimiting S-VID on the AC. So in this use case the PEs should use
raw mode with service-delimiting.
*-------* ........................... *-------*
| | . . | |
| SPT | +----+ PWs +----+ | SPT |
| Region|---| ********************** |--| Region|
| Site 1|---| PE ***** ***** PE |--| Site 2|
| | ^ +----+ **** **** +----+ | |
| | | . +*--*+ . *-------*
*-------* | ..........| |...........
| | PE |
| +----+
S-Tagged | |
Ethernet VLAN ACs | |
*---------*
| SPT |
| Region |
| Site 3 |
*---------*
Figure 3 Multiple SPT sites interconnected by PWs
The scenario in Figure 3 can also be applied to interconnect
multiple SPT Bridges when a device serves both SPT Bridge and PE
functions. This use case is addressed in the following section.
Note: If CEs at a site happen to be regular C-VLAN bridges, the site
may be connected to a SPT Bridge via a virtual port bound to an I-
Component. This enables MAC-in-MAC encapsulation to be performed
Mack-Crane & Yong Expires April 17, 2012 [Page 6]
�
Internet-Draft SPB over MPLS October 2011
before the traffic enters the SPT Region without requiring upgrade
at the C-VLAN bridging site. In this case the PW at the PE connected
to the C-VLAN bridging site could be configured as raw mode, non
service-delimiting.
2.3. Hierarchical L2VPN with SPB and MPLS
H-VPLS in [RFC4762] describes a two-tier hierarchical solution for
the purpose of pseudo wire (PW) scalability improvement. This
improvement is achieved by reducing the number of PE devices
connected in a full-mesh topology through connecting CE devices via
the lower-tier access network, which in turn is connected to the
top-tier core network. However, H-VPLS solutions in [RFC4762]
require learning and forwarding based on customer MAC addresses,
which poses scalability issues as the number of VPLS instances and
customer MAC addresses increase. [PBB-VPLS] describes how to use PBB
(Provider Backbone Bridges) at the lower-tier access network to
solve the scalability issue, in which the transit network nodes only
learn and forward on PBB port MAC addresses instead of customer MAC
addresses.
Figure 4 depicts the hierarchical L2VPN architecture with SPT
Bridge/MPLS technologies. An IP/MPLS network serves the top-tier
core network function while an SPT Region serves as the low-tier
access network function. A SPB/PE enabled device is placed at the
border of the two-tier networks. Ethernet PWs, as described in
Section 2.1, are configured between pairs of PE components in the
top-tier IP/MPLS network, which construct a full mesh of links among
the SPB/PE devices. The SPT Bridge component on a SPB/PE device and
other SPT Bridges at the same site serve as the low-tier access
network. Customer CEs connect to SPT Bridges at each site directly.
This architecture provides E-LAN or E-VLAN connectivity among
customer CEs connecting to the SPT Region sites. The transit SPT
Bridge node only forwards and learns other SPT Bridge addresses and
the number of PWs in the top-tier core network is not related to the
number of devices connecting to Customer CEs. This makes the
solution scale very well. In addition, SPB technology supports
multiple links from one SPT Bridge to multiple other SPT Bridges and
prevents loops, which provides the flexibility to construct the
networks based on traffic demands and dynamically reroute traffic
when necessary. Figure 4 shows that one SPT Bridge in campus site 1
connects to two SPB/PE devices and one SPB/PE device connects two
SPT Bridges at Site 3.
Mack-Crane & Yong Expires April 17, 2012 [Page 7]
�
Internet-Draft SPB over MPLS October 2011
+---------+ ........................... +--------+
| | . IP/MPLS Core . | |
| | . . | +--
CE--+ | +----+ PW +----+ | |
| SPT +---|SPB/|********************|SPB/|--+ SPT |CEs
. --+ Region +-+ | PE |**** ****| PE |\ | Region +--
. | Site 1 | | +----+ **** **** +----+ -+ Site 3 |
. --+ | | . +*--*+ . | |
| | | ..........|SPB/|........... +--------+
CE--+ | +--------------| PE |
| | +----+
+---------+ |
|
+---------+
| SPT |
| Region |
| Site 2 |
+-+----+--+
|... |
CEs
Figure 4 Hierarchical L2VPN with SPB and MPLS
There are several advantages to using SPT Bridge/MPLS based L2VPNs:
1) Scalability improvement; 2) Auto-configuration; 3) Good
efficiency and loop prevention; 4) Multipath support (based on
802.1Qbp).
The solution also has advantages over some alternative solutions:
1. SPT Bridges provide deterministic forwarding behavior, allowing
network tuning and traffic engineering;
2. SPB supports shortest path for both unicast and multicast
traffic;
3. SPT Bridge core interfaces do not have to be upgraded to support
a new encapsulation;
4. I-SID supports over 16M tenants; 5) Mature OAM functionality,
Ethernet OAM (802.1ag and Y.1731) can be applied to SPB VLANs.
Note: It is possible to construct a Tiered L2VPN in the combination
of Figure 4 and 3, i.e. some locations use SPB/PE enabled device and
some location use separated SPT Bridge and PE devices in a
Hierarchical L2VPN.
Mack-Crane & Yong Expires April 17, 2012 [Page 8]
�
Internet-Draft SPB over MPLS October 2011
3. Security Considerations
The IS-IS authentication mechanism [RFC5304] [RFC5310] can be used
to prevent fabrication of link-state control messages including
those discussed in this document.
The use cases do not introduce any new security considerations for
MPLS networks.
4. IANA Considerations
This document requires no IANA actions.
5. Acknowledgements
The authors would like to acknowledge the contributions of Donald E. rd Eastlake, 3 , Sue Hares, and Sam Aldrin.
6. References
6.1. Normative References
[RFC2119] S. Bradner, "Key words for use in RFCs to Indicate
Requirement Levels," BCP 14 and RFC 2119, March 1997
[RFC3518] Higashiyama, M., etc, "Point-to-Point Protocol (PPP)
Bridging Control Protocol (BCP)", RFC 3518, April 2003.
[RFC4446] Martini, L., "IANA Allocations for Pseudowire Edge to Edge
Emulation (PWE3)", BCP 116, RFC 4446, April 2006.
[RFC4447] Martini, L., etc, "Pseudowire Setup and Maintenance Using
the Label Distribution Protocol (LDP)", RFC4447, April
2006.
[RFC4448] Martini, L., "Encapsulation Methods for Transport of
Ethernet over MPLS Networks", BCP 116, RFC 4446, April
2006.
[RFC4618] Martini, L., "Encapsulation Methods for Transport of
PPP/High-Level Data Link Control (HDLC) over MPLS
Networks", BCP 116, RFC 4618, September 2006.
[RFC4762] Lasserre, M., and Kompella, V., "Virtual Private LAN
Service (VPLS) Using Label Distribution Protocol (LDP)
Signaling", RFC4762, January 2007
Mack-Crane & Yong Expires April 17, 2012 [Page 9]
�
Internet-Draft SPB over MPLS October 2011
[RFC5304] Li, T. and Atkinson, R, "IS-IS Cryptographic
Authentication," RFC 5304, October 2008
[RFC5310] Bhatia, M., Manral, V., Li, T., Atkinson, R., White, R.,
and M. Fanto, "IS-IS Generic Cryptographic
Authentication", RFC 5310, February 2009
[RFC5659] Bocci, M and Bryant, S, "An Architecture for Multi-Segment
Pseudowire Emulation Edge-to-Edge", RFC 5659, October
2009.
[802.1Q] IEEE Std 802.1Q 2011, Media Access Control (MAC) Bridges
and Virtual Bridge Local Area Networks, August 2011.
[802.1Qbc] IEEE Std 802.1Qbc 2011, Media Access Control (MAC)
Bridges and Virtual Bridged Local Area Networks-Amendment
16: Provider Bridging-Remote Customer Service Interfaces,
September 2011.
6.2. Informative References
[PBB-VPLS] Sajassi, A, etc, "VPLS Interoperability with Provider
Backbone Bridges", draft-ietf-l2vpn-pbb-vpls-interop, work
in progress, 2011
Mack-Crane & Yong Expires April 17, 2012 [Page 10]
�
Internet-Draft SPB over MPLS October 2011
Authors' Addresses
Ben Mack-Crane
Huawei Technologies
5340 Legacy Drive
Plano, TX 75025
Phone: 630-810-1132
Email: ben.mackcrane@huawei.com
Lucy Yong
Huawei Technologies
5340 Legacy Drive
Plano, TX 75025
Phone: 469-227-5837
Email: lucy.yong@huawei.com
Mack-Crane & Yong Expires April 17, 2012 [Page 11]
�
