[Docs] [txt|pdf|xml|html] [Tracker] [Email] [Nits]

Versions: 00

NVO3                                                       L. Huang, Ed.
Internet-Draft                                                     S. Hu
Intended status: Standards Track                            China Mobile
Expires: January 17, 2018                                        M. Wang
                                                                  Huawei
                                                                   T. Ao
                                                         ZTE Corporation
                                                           July 16, 2017


VXLAN GPE Extension for Packets Exchange Between Control and User Plane
                                of vBNG
            draft-huang-nvo3-vxlan-gpe-extension-for-vbng-00

Abstract

   This document briefly describes the architecture of control plane and
   user plane separated vBNG and define the extension of VXLAN-GPE for
   PPPoE/IPoE dialup packets exchange between control plane and user
   plane.

Status of This Memo

   This Internet-Draft is submitted to IETF in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on January 17, 2018.

Copyright Notice

   Copyright (c) 2017 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents




Huang, et al.           Expires January 17, 2018                [Page 1]


Internet-Draft       vxlan-gpe-extension-for-vbng-00           July 2017


   carefully, as they describe your rights and restrictions with respect
   to this document.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Terminology and Abbreviations . . . . . . . . . . . . . . . .   2
   3.  Requirement . . . . . . . . . . . . . . . . . . . . . . . . .   2
   4.  Mechanism . . . . . . . . . . . . . . . . . . . . . . . . . .   4
     4.1.  vBNG service header . . . . . . . . . . . . . . . . . . .   4
     4.2.  Optional solution for vBNG service header . . . . . . . .   5
     4.3.  Inner packets encapsulation and decapsulation . . . . . .   6
     4.4.  User dialup process . . . . . . . . . . . . . . . . . . .   6
   5.  Security Considerations . . . . . . . . . . . . . . . . . . .   7
   6.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   8
   7.  Normative References  . . . . . . . . . . . . . . . . . . . .   8
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .   8

1.  Introduction

   For migration of vBNG, one way is separating the control plane(CP)
   and user plane(UP) of traditional BNG.  CP is deployed in centrolized
   cloud DC and UP is fulfilled by high performance hardware device,
   e.g. router, switch, etc.  VXLAN-GPE is used to transfer PPPoE/IPoE
   dialup packets between CP and UP.  This document describes how to
   extend VXLAN-GPE to carry necessary information of access user in
   VXLAN packets.

2.  Terminology and Abbreviations

   BNG: Broadband Network Gateway.  It is usually the layer 3 edge node
   of ISP's core network and provides users access control for broadband
   service.  It's also known as BRAS(Broadband Remote Access Server) or
   BAS(Broadband Access Server).

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

3.  Requirement

   The architecture of C/U separated BNG is shown as the following
   figure.








Huang, et al.           Expires January 17, 2018                [Page 2]


Internet-Draft       vxlan-gpe-extension-for-vbng-00           July 2017


                   +----------------------------------+
                   |              BNG-CP              |
                   +--+--------------+--------------+-+
                      |              |              |
             Service  |     Control  |    Management|
            Interface |    Interface |    Interface |
                |     |        |     |        |     |
            VXLAN-GPE |    OpenFlow  |      NETCONF |
                      |              |              |
                   +--+--------------+--------------+-+
                   |              BNG-UP              |
                   +-----------------+----------------+
                                     |
                                     |
                            +--------+--------+
                            | Access Network  |
                            +--------+--------+
                                     |
                                +----+----+
                                |   User  |
                                +---------+


               Figure 1: Architecture of C/U separated vBNG

   In this architecture, CP is responsible for user access
   authentication and setting forwarding entries of UP if authentication
   is successful.  UP need to relay PPPoE/IPoE dialup packets between
   users and CP and forward PPPoE/IPoE data packets to Internet based on
   the forwarding entries set by CP.  CP should do some basic
   configurations on UP, e.g. user profile configuration.

   There are three interfaces between CP and UP.  Management interface
   is used by CP to carry out basic configurations of UP through
   NETCONF.  Control interface is used for seting forwarding entries on
   UP through OpenFlow.  Service interface is used to transmitting
   PPPoE/IPoE dialup packets between user plane and control plane.
   VXLAN-GPE is chosen for service interface since it's a relatively
   mature technology and can carry L2 packets through L3 network.  For
   user access authentication, CP need to know which port of UP the user
   is connected to for the authentication of access location because a
   specfic user is only permitted to access on specific port/location.
   The necessary information include: node ID, slot ID, subcard ID, port
   ID and so on.  The access port information should be carried in VXLAN
   packets encapsulated by UP.  The next section describes how to extend
   VXLAN-GPE this requirement.





Huang, et al.           Expires January 17, 2018                [Page 3]


Internet-Draft       vxlan-gpe-extension-for-vbng-00           July 2017


4.  Mechanism

   In order to extend VXLAN-GPE for carrying user access port
   information, a new next protocol value will be requested from IANA
   based on Generic Protocol Extension for VXLAN
   [I-D.ietf-nvo3-vxlan-gpe], see section IANA Considerations.  The new
   next protocol is called vBNG service header.

4.1.  vBNG service header


      0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |R|R|R|F|R|R|Ver| Next Protocol |           Reserved            |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                            Node ID                            |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |    Slot ID    |  Subcard ID   |    Port ID    |   Port Type   |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+


                       Figure 2: vBNG service header

   Flag (8 bits): The first 8 bits are the flag field.  "R" bits are
   reserved bits which MUST be set to zero and ignored.

   F (1 bit): The F bit is set to indicated the inner packet following
   the vBNG service header SHOULD be forwarded based on the routing
   table by UP instead of forwarded to users.  F bit is set only in the
   packets from CP to UP for some specific scenarios, e.g.  DHCP relay,
   L2TP.

   Ver (2 bits): Version of vBNG service header.  In this document the
   version is 0.

   Next protocol (8 bit): This field indicates the protocol immediatly
   following the vBNG service header.  This doocument defines two next
   protocol value, 0x00 for PPPoE and 0x01 for IPoE.

   Node ID (32 bit): This field indicates which UP node is processing
   the user access.  It COULD be one of the UP's IP addresses which MUST
   be unique in all related UPs.

   Slot ID (8 bit): This field indicates which slot of the indicated UP
   is processing the user access.  If there is no different slots on the
   indicated UP this field MUST be set to 0x00.




Huang, et al.           Expires January 17, 2018                [Page 4]


Internet-Draft       vxlan-gpe-extension-for-vbng-00           July 2017


   Subcard ID (8 bit): This field indicates which subcard of the
   indicated slot is processing the user access.  If there is no
   different subcards on the indicated slot this field MUST be set to
   0x00.

   Port ID (8 bit): This field indicates which port of the indicated
   subcard is processing the user access.

   Port Type (8 bit): This field indicates the type of the user access
   port.  This document defines the following types:

     +-------------------+----------+
     |     Port Type     |   Value  |
     +-------------------+----------+
     |        GE         |   0x01   |
     +-------------------+----------+
     |       10GE        |   0x02   |
     +-------------------+----------+
     |       40GE        |   0x03   |
     +-------------------+----------+
     |       100GE       |   0x04   |
     +-------------------+----------+
     |       LAG         |   0x05   |
     +-------------------+----------+
     | Virtual Interface |   0x06   |
     +-------------------+----------+

                     Figure 3: User Access Port Types

4.2.  Optional solution for vBNG service header

   One optional solution is using ifIndex to indicate the port
   information.

   The ifIndex of the interface MAY be included.  This is the 32-bit
   ifIndex assigned to the interface by the device as specified by the
   Interfaces Group MIB [RFC2863].

   The ifIndex can be utilized within a management domain to map to an
   actual interface, but it is also valuable in public applications.
   The ifIndex can be used as an opaque token to discern which interface
   of UP is processing the user access.  And based on this index, the
   information binding with the interface of UP, such as the Slot ID,
   subcard ID, Port ID, etc, can be retrieved by the CP.







Huang, et al.           Expires January 17, 2018                [Page 5]


Internet-Draft       vxlan-gpe-extension-for-vbng-00           July 2017


      0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |R|R|R|F|R|R|Ver| Next Protocol |           Reserved            |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                            Node ID                            |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                            IfIndex                            |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+


                  Figure 4: Optional vBNG service header

   IfIndex (32 bit): This field indicates which interface of UP is
   processing the user access.  And based on this index, the information
   which binding with the interface of UP, such as the Slot ID, subcard
   ID, Port ID, etc, can be retrieved by the CP.

   Other fields have the same definition as the previous section.

4.3.  Inner packets encapsulation and decapsulation

   Following the vBNG service header it's the original PPPoE/IPoE dialup
   packet which SHOULD includes MAC, C-VLAN, S-VLAN, PPPoE/IPoE header,
   PPPoE/IPoE payload and so on.  UP SHOULD NOT modify the original
   PPPoE/IPoE dialup packets when encapsulating them into VXLAN-GPE
   packets or decapsulating them from VXLAN-GPE packets.

4.4.  User dialup process

   When UP receives PPPoE/IPoE dialup packets from users, it
   encapsulates the original dialup packets in VXLAN-GPE with the user
   access port information and sends to CP.  CP decapsulates VXLAN-GPE
   packets and processes PPPoE/IPoE related things, including AAA
   authentication and addresses allocation.  CP encapsulates the PPPoE/
   IPoE response packets in VXLAN-GPE and sends to UP.  UP decapsulates
   VXLAN-GPE packets and sends PPPoE/IPoE response packets to users.
   The following diagram shows the PPPoE process by UP and CP.













Huang, et al.           Expires January 17, 2018                [Page 6]


Internet-Draft       vxlan-gpe-extension-for-vbng-00           July 2017


    +----+               +---+                +---+            +------+
    |User|               |UP |                |CP |            |Radius|
    +-+--+               +-+-+                +-+-+            +---+--+
      |                    |     PPPoE PADI     |                  |
      |    PPPoE PADI      |    in VXLAN-GPE    |                  |
      |------------------->|------------------->|                  |
      |                    |     PPPoE PADO     |                  |
      |    PPPoE PADO      |    in VXLAN-GPE    |                  |
      |<-------------------|<-------------------|                  |
      |                    |     PPPoE PADR     |                  |
      |    PPPoE PADR      |    in VXLAN-GPE    |                  |
      |------------------->|------------------->|                  |
      |                    |     PPPoE PADS     |                  |
      |    PPPoE PADS      |    in VXLAN-GPE    |                  |
      |<-------------------|<-------------------|                  |
      |                    |   CHAP_Challenge   |                  |
      |   CHAP_Challenge   |    in VXLAN-GPE    |                  |
      |<-------------------|<-------------------|                  |
      |                    |   CHAP_Response    |                  |
      |   CHAP_Response    |    in VXLAN-GPE    |                  |
      |------------------->|------------------->|                  |
      |                    |                    |  Access-request  |
      |                    |                    |----------------->|
      |                    |                    |  Access-accept   |
      |                    |                    |<-----------------|
      |                    |    CHAP_Success    |                  |
      |   CHAP_Success     |    in VXLAN-GPE    |                  |
      |<-------------------|<-------------------|                  |
      |                    |        IPCP        |                  |
      |       IPCP         |    in VXLAN-GPE    |                  |
      |<==================>|<==================>|                  |
      |                    |   Set Forwarding   |                  |
      |                    |    Entries on UP   |                  |
      |                    |<-------------------|                  |
      |                    |
      | User Data in PPPoE |   User Data    +--------------------+
      |<==================>|<==============>|      Internet      |
      |                    |                +--------------------+


                          Figure 5: PPPoE Process

5.  Security Considerations

   This document only defines new "Next Protocol" for C/U seperated
   vBNG.  So, this document itself does not directly introduce more
   security issues.  The same security considerations as Generic
   Protocol Extension for VXLAN [I-D.ietf-nvo3-vxlan-gpe].



Huang, et al.           Expires January 17, 2018                [Page 7]


Internet-Draft       vxlan-gpe-extension-for-vbng-00           July 2017


6.  IANA Considerations

   IANA is requested to assign a new next protocol value in VXLAN-GPE
   header as the following:

     +---------------+---------------------+----------------+
     | Next Protocol |     Description     |   Reference    |
     +---------------+---------------------+----------------+
     |      TBD      | vBNG service header | This Document  |
     +---------------+---------------------+----------------+

                   Figure 6: Requested new next protocol

7.  Normative References

   [I-D.ietf-nvo3-vxlan-gpe]
              Maino, F., Kreeger, L., and U. Elzur, "Generic Protocol
              Extension for VXLAN", draft-ietf-nvo3-vxlan-gpe-04 (work
              in progress), April 2017.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <http://www.rfc-editor.org/info/rfc2119>.

   [RFC2863]  McCloghrie, K. and F. Kastenholz, "The Interfaces Group
              MIB", RFC 2863, DOI 10.17487/RFC2863, June 2000,
              <http://www.rfc-editor.org/info/rfc2863>.

   [RFC7348]  Mahalingam, M., Dutt, D., Duda, K., Agarwal, P., Kreeger,
              L., Sridhar, T., Bursell, M., and C. Wright, "Virtual
              eXtensible Local Area Network (VXLAN): A Framework for
              Overlaying Virtualized Layer 2 Networks over Layer 3
              Networks", RFC 7348, DOI 10.17487/RFC7348, August 2014,
              <http://www.rfc-editor.org/info/rfc7348>.

Authors' Addresses

   Lu Huang (editor)
   China Mobile
   32 Xuanwumen West Ave, Xicheng District
   Beijing  100053
   China

   Email: hlisname@yahoo.com






Huang, et al.           Expires January 17, 2018                [Page 8]


Internet-Draft       vxlan-gpe-extension-for-vbng-00           July 2017


   Shujun Hu
   China Mobile
   32 Xuanwumen West Ave, Xicheng District
   Beijing  100053
   China

   Email: 13488683482@139.com


   Michael Wang
   Huawei
   101 Software Avenue, Yuhua District
   Nanjing, Jiangsu  210012
   China

   Email: wangzitao@huawei.com


   Ting Ao
   ZTE Corporation
   No.889, BiBo Road
   Shanghai  201203
   China

   Email: ao.ting@zte.com.cn


























Huang, et al.           Expires January 17, 2018                [Page 9]


Html markup produced by rfcmarkup 1.122, available from https://tools.ietf.org/tools/rfcmarkup/