Internet DRAFT - draft-yong-gre-in-udp-encap-4-service-chaining

draft-yong-gre-in-udp-encap-4-service-chaining



Network Working Group                                          L. Yong
Internet Draft                                 Huawei Technologies, USA

Category: Standard Track


Expires: January 2014                                     July 13, 2013


              GRE-in-UDP Encapsulation for Service Chaining
          draft-yong-gre-in-udp-encap-4-service-chaining-00.txt



Abstract

   This document proposes use of the GRE-in-UDP encapsulation [GRE-in-
   UDP] for the packet encapsulation in service chaining.


Status of this document

   This Internet-Draft is submitted to IETF in full conformance with
   the provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups. Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six
   months and may be updated, replaced, or obsoleted by other documents
   at any time. It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on January 13, 2014.

Copyright Notice

   Copyright (c) 2013 IETF Trust and the persons identified as the
   document authors.  All rights reserved.





Yong & Xu              Expires August 13, 2013                 [Page 1]

Internet-Draft    GRE-in-UDP Encap. for Service Chaining      July 2013

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document. Please review these documents
   carefully, as they describe your rights and restrictions with
   respect to this document.



Table of Contents


   1. Introduction...................................................3
      1.1. Conventions used in this document.........................3
   2. GRE-in-UDP Encapsulation for Service Chaining..................3
   3. Procedures.....................................................5
   4. Security Considerations........................................5
   5. IANA Considerations............................................6
   6. References.....................................................6
      6.1. Normative References......................................6
      6.2. Informative References....................................6




























Yong                                                           [Page 2]

Internet-Draft    GRE-in-UDP Encap. for Service Chaining      July 2013


1. Introduction

   New Data Center and Cloud applications drive more flexible to deploy
   the services including network services such as firewall and load
   balancing, etc. To achieve that, the service chain technology is
   necessary.[SC-PS] [NSC-PS] Service chain denotes a sequence of
   service processes applying to flow packets before flow packets being
   delivered to the destination. Service Chaining refers to the
   mechanism of building service chains. [SC-REQ]

   IP forwarding is based on the IP destination address on the packet.
   Applying service chain technology in an IP network, the flow packets
   need to be forward along the service chain path not the shortest
   path. Therefore, directly forwarding on IP destination address on
   packets will not work. Hop-by-hop tunneling the flow packets along a
   service chain path is a way to address the issue. In addition, some
   service information are necessary to be inserted on the flow
   packets.[NSH]

   This document proposes use of the GRE-in-UDP encapsulation [GRE-in-
   UDP] for the packet encapsulation in the service chaining. The
   encapsulation allows a network protocol to be tunneled over an IP
   network. The payload type is identified in the protocol type field
   in GRE header and the flow entropy may be encoded in the UDP source
   port. The latter supports the network load balancing per flow basis.

   The benefit of this encapsulation scheme is not burning UDP ports
   for the payload identification and supports IP ECMP without changing
   existing transit routers.

  1.1. Conventions used in this document

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC-2119 [RFC2119].

2. GRE-in-UDP Encapsulation for Service Chaining

   Following figure illustrates the format of GRE-in-UDP encapsulation
   for service chaining with IPv4 outer headers. The IP protocol is
   filled with 17 (UDP). When the outer header is IPv6, the next header
   field is encoded with 17 (UDP).







Yong                                                           [Page 3]

Internet-Draft    GRE-in-UDP Encap. for Service Chaining      July 2013


      0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

      IPv4 Header:
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |Version|  IHL  |Type of Service|          Total Length         |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |         Identification        |Flags|      Fragment Offset    |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |  Time to Live |Protcol=17[UDP]|          Header Checksum      |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                       Source IPv4 Address                     |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                     Destination IPv4 Address                  |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

      UDP Header:
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |       Source Port = entropy   |  Dest Port = GRE-in-UDP       |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |           UDP Length          |        UDP Checksum           |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

      GRE Header:
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |0| |0|0| Reserved0       | Ver |Proto Type=Service Chain (TBD) |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

      Server Chain Header:
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |             Service Chain Header                              |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |             Service Chain Data (Variable)                     ~
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

      Original Payload:
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |             Original Payload                                  ~
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

          Figure 1 The format for Service Chaining Encapsulation


   In this encapsulation format, the UDP source port is for flow
   entropy. The value can be derived from the original payload header;



Yong                                                           [Page 4]

Internet-Draft    GRE-in-UDP Encap. for Service Chaining      July 2013

   the UDP destination port has a registered port value for GRE-in-UDP.
   The protocol type field in GRE header is used to indicate tunneled
   protocol type. To support Service Chaining application, the document
   proposes allocating a new protocol type for Service Chaining. In
   addition, for this application, the bits for checksum, key present,
   and sequence in GRE header MUST be clear. The usages of other fields
   in udp and gre headers MUST comply with the specification in the
   GRE-in-UDP document [GRE-in-UDP].

   Service header and data are inserted at the front of the original
   payload before adding gre-in-ugp encapsulation. The original payload
   may be an IP, Ethernet, MPLS, etc.

3. Procedures

   When the first service node in the service chain such as service
   classifier receives a packet and needs to send it to the next
   service node, it inserts the service data and service header on the
   packet first, performs the gre-in-udp encapsulation with the Service
   Chaining protocol type, and then adds IP header on the packet with
   the next service node IP address as the destination IP address and
   its IP address as the source IP address.

   When a transit service node in the service chain receives a packet,
   it decapsulates the packet and performs the service. When it needs
   to forward the packet to next service node, it performs the gre-in-
   udp encapsulation and adds IP outer header before sending the packet
   out. Note that, the transit service node may modify the service
   header and/or data on the packet.

   When the last service node in the service chain completes the
   service process on a packet, it removes the service header and data,
   and forwards the original payload directly.

   The gre-in-udp encapsulation process MUST comply with the procedures
   specified in the GRE-in-UDP Encapsulation document [GRE-in-UDP].

4. Security Considerations

   Coming soon.





Yong                                                           [Page 5]

Internet-Draft    GRE-in-UDP Encap. for Service Chaining      July 2013

5. IANA Considerations

   Request to allocate a protocol type value for Service Chaining.



6. References

  6.1. Normative References

   [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
             Requirement Levels", BCP 14, RFC2119, March 1997.

  6.2. Informative References

   [GRE-in-UDP] Crabbe, E. Yong, L., and Xu, X. "Generic UDP
             Encapsulation for IP Tunneling", draft-yong-tsvwg-gre-in-
             udp-encap-01, work in progress.

   [NHS]   Quinn, P., et al, "Network Service Header", draft-quinn-nsh-
             01.txt, work in progress.

   [NSC-PS]  Guichard, J., et al, "Network Service Chaining Problem
             Statement", draft-quinn-nsc-problem-statement-00.txt, work
             in progress.

   [SC-PS]   Dunbar, L. and Eastlake, D., "Layer 4-7 Service Chain
             problem statement", draft-dunbar-l4-l7-sc-problem-
             statement-00.txt, work in progress.

   [SC-REQ] Li, H. and Jiang Y., "Requirements for Service Chaining",
             draft-li-service-chaining-requirements-00 , work in
             progress.


   Authors' Addresses

   Lucy Yong
   Huawei Technologies 
   5340 Legacy Drive
   Plano, TX  75025
   U.S.A

   Phone:  469-277-5837
   Email: lucy.yong@huawei.com




Yong                                                           [Page 6]