draft-ietf-mpls-tp-li-lb-05.txt   draft-ietf-mpls-tp-li-lb-06.txt 
Network Working Group Sami Boutros (Ed.) Network Working Group Sami Boutros (Ed.)
Internet Draft Siva Sivabalan (Ed.) Internet Draft Siva Sivabalan (Ed.)
Intended status: Standards Track Cisco Systems, Inc. Intended status: Standards Track Cisco Systems, Inc.
Expires: March 15, 2012 Updates: 6371 (if approved)
Expires: March 29, 2012
Rahul Aggarwal (Ed.) Rahul Aggarwal (Ed.)
Arktan, Inc. Arktan, Inc.
Martin Vigoureux (Ed.) Martin Vigoureux (Ed.)
Alcatel-Lucent Alcatel-Lucent
Xuehui Dai (Ed.) Xuehui Dai (Ed.)
ZTE Corporation ZTE Corporation
September 15, 2011 September 29, 2011
MPLS Transport Profile lock Instruct and Loopback Functions MPLS Transport Profile lock Instruct and Loopback Functions
draft-ietf-mpls-tp-li-lb-05.txt draft-ietf-mpls-tp-li-lb-06.txt
Status of this Memo Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
skipping to change at page 1, line 42 skipping to change at page 1, line 43
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html http://www.ietf.org/shadow.html
This Internet-Draft will expire on March 15, 2012. This Internet-Draft will expire on March 29, 2012.
Abstract Abstract
This document specifies one function and describes a second This document specifies one function and describes a second function
function which are applicable to MPLS transport networks. The first which are applicable to MPLS transport networks. The first function
function enables an operator to lock a transport path while the enables an operator to lock a transport path while the second enables
second enables an operator to set, in loopback, a given node along an operator to set, in loopback, a given node along a transport path.
a transport path. This document also defines the extension to MPLS This document also defines the extension to MPLS operation,
operation, administration, and maintenance (OAM) to perform the administration, and maintenance (OAM) to perform the lock function.
lock function. This document updates RFC 6371 section 7.1.1.
Table of Contents Table of Contents
1. Introduction...................................................2 1. Introduction...................................................2
2. Terminology....................................................4 1.1. Updates RFC 6371..........................................5
2. Terminology....................................................5
3. Lock Message...................................................5 3. Lock Message...................................................5
3.1. Message Identification....................................5 3.1. Message Identification....................................5
3.2. LI Message Format.........................................5 3.2. LI Message Format.........................................6
4. Lock, Loopback and maintenance operations......................6 4. Lock, Loopback and maintenance operations......................6
5. Operation......................................................6 5. Operation......................................................7
5.1. Lock Operation............................................6 5.1. Lock Operation............................................7
5.2. UnLock Operation..........................................7 5.2. UnLock Operation..........................................7
5.3. General Procedures........................................7 5.3. General Procedures........................................7
5.4. Example Topology..........................................7 5.4. Example Topology..........................................8
5.5. Locking a transport path..................................8 5.5. Locking a transport path..................................8
5.6. UnLocking a transport path................................8 5.6. UnLocking a transport path................................8
6. Security Considerations........................................8 6. Security Considerations........................................8
7. IANA Considerations............................................9 7. IANA Considerations............................................9
7.1. Pseudowire Associated Channel Type........................9 7.1. Pseudowire Associated Channel Type........................9
8. Acknowledgements...............................................9 8. Acknowledgements...............................................9
9. References.....................................................9 9. References.....................................................9
9.1. Normative References......................................9 9.1. Normative References......................................9
9.2. Informative References...................................10 9.2. Informative References...................................10
Author's Addresses...............................................10 Author's Addresses...............................................10
Full Copyright Statement.........................................11 Full Copyright Statement.........................................12
Intellectual Property Statement..................................12 Intellectual Property Statement..................................12
1. Introduction 1. Introduction
This document specifies one function and describes another function This document specifies one function and describes another function
which are applicable to MPLS transport networks. which are applicable to MPLS transport networks.
The first function enables an operator to lock a transport path. The The first function enables an operator to lock a transport path. The
second function enables an operator to set that transport path in second function enables an operator to set that transport path in
loopback at a specified node along the path. This document also loopback at a specified node along the path. This document also
defines the extensions to the MPLS operation, administration and specifies the extensions to the MPLS operation, administration and
maintenance (OAM) to perform the lock function. maintenance (OAM) to perform the lock function.
The Lock function pertains to Label Switched Paths (LSPs), The Lock function pertains to Label Switched Paths (LSPs),
Pseudowires(including multi-segment Pseudowires) and Sections. As per Pseudowires (including multi-segment Pseudowires) and Sections. As
RFC 5860 [1], lock is an administrative state in which it is expected per RFC 5860 [1], lock is an administrative state in which it is
that no client traffic may be carried. expected that no client traffic may be carried. However, test traffic
However, test traffic and OAM messages dedicated to the transport and OAM messages can be mapped on the locked transport path.
path can be mapped on that transport path.
Taking the example of an LSP, lock is initiated by an operator. Taking the example of an LSP, lock is initiated by an operator.
Typically when an LSP is locked, both ends of the LSP are Typically when an LSP is locked, both ends of the LSP are
independently locked by the operator. It is often difficult to independently locked by the operator. It is often difficult to
coordinate these lock operations within a tight window. This document coordinate these lock operations within a tight window. This document
defines a new OAM message, Lock Instruct (LI) in order to provide the defines a new OAM message, Lock Instruct (LI) in order to provide the
desired tight coordination. desired timely coordination.
When an endpoint of an LSP or PW is locked by an operator, the MEP When an endpoint of an LSP or PW is locked by an operator, the MEP
sends LI messages to its peer MEP. An endpoint considers the LSP to sends LI messages to its peer MEP. An endpoint considers the LSP to
be locked when either it receives an external operator command or be locked when either it receives an external operator command or
when it receives an LI message. when it receives an LI message.
The Lock function can be performed using an extension to the MPLS OAM The Lock function can be performed using an extension to the MPLS OAM
as described in the next sections. This is a common mechanism to lock as described in the next sections. This is a common mechanism to lock
PWs, LSPs and Sections. PWs, LSPs and Sections.
The Lock function can as well be realized using a management plane. The Lock function can as well be realized using a management plane.
The Loopback function is operated by NMS from MEP to MEP on The Loopback function is operated by management from MEP to MEP on
bidirectional (associated and co-routed) Label Switched Paths (LSPs), bidirectional (associated and co-routed) Label Switched Paths (LSPs),
Pseudowires (including multi-segment Pseudowires) and Sections. The Pseudowires (including multi-segment Pseudowires) and Sections.
Loopback function is additionally operated from MEP to MIP on co-
routed bidirectional LSPs, on multi-segment Pseudowires and Sections. The Loopback function is additionally operated from MEP to MIP on
The Loopback is a function that enables a MEP to request a MEP or a co-routed bidirectional LSPs, on multi-segment Pseudowires and
MIP to enter a loopback state. This state corresponds to the Sections.
situation where, at a given node, a forwarding plane loop is
configured and the incoming direction of a transport path is cross- Loopback is a function that enables a receiving MEP to return
connected to the outgoing reverse direction. Therefore, except in the traffic to the sending MEP when in the loopback state. This state
case of early TTL expiry, traffic sent by the source will be received corresponds to the situation where, at a given node, a forwarding
by that source. Note that before setting a given node in Loopback for plane loop is configured and the incoming direction of a transport
a specific transport path, this transport path MUST be locked. path is cross-connected to the outgoing reverse direction. Therefore,
except in the case of early TTL expiry, traffic sent by the source
will be received by that source.
Note that before setting a given node in Loopback for a specific
transport path, this transport path MUST be locked.
Data plane loopback is an out-of-service function, as required in Data plane loopback is an out-of-service function, as required in
section 2.2.5 of RFC 5860 [1]. This function loops back all traffic section 2.2.5 of RFC 5860 [1]. This function loops back all traffic
(including user data and OAM). The traffic can be originated from one (including user data and OAM). The traffic can be originated from one
internal point at the ingress of a transport path within an interface internal point at the ingress of a transport path within an interface
or inserted from input port of an interface using an external test or inserted from input port of an interface using an external test
equipment. The traffic is looped back unmodified (other than normal equipment. The traffic is looped back unmodified (other than normal
per hop processing such as TTL decrement) in the direction of the per hop processing such as TTL decrement) in the direction of the
point of origin by an interface at either an intermediate node or a point of origin by an interface at either an intermediate node or a
terminating node. It should be noted that data plane loopback terminating node.
function itself is applied to data plane loopback points that can
resides on different interfaces from MIPs/MEPs. All traffic
(including both payload and OAM) received on the looped back
interface is sent on the reverse direction of the transport path.
If the data plane loopback point is set somewhere at an intermediate It should be noted that data plane loopback function itself is
point in bidirectional transport path, the side of loop back function applied to data plane loopback points residing on different
(one side or both side) needs to be configured. A management system interfaces from MIPs/MEPs. All traffic (including both payload and
can configure one side or both sides to loopback at an intermediate OAM) received on the looped back interface is sent on the reverse
point. direction of the transport path.
For data plane loopback at an intermediate point in a transport
path, the loopback needs to be configured to occur at either the
ingress or egress interface. This is done using management.
The Loopback can be performed using a management plane. Management The Loopback can be performed using a management plane. Management
plane MUST insure that the two MEPs are locked before performing the plane MUST ensure that the two MEPs are locked before performing the
loopback function. loopback function.
The Lock function is based on a new G-ACH message using a new
The Lock function is based on a new G-ACH message using a new channel channel type as well as an existing TLV.
type as well as an existing TLV.
When an LSP is locked, the management or control function is expected When an LSP is locked, the management or control function is expected
to lock both ends. The purpose of the Lock instruct LI message is to to lock both ends. The purpose of the Lock instruct LI message is to
ensure the tight coordination of locking and unlocking the two ends. ensure the timely coordination of locking and unlocking the two ends.
Lock Instruct messages may be lost during looping or maintenance Lock Instruct messages may be lost during looping or maintenance
operations, thus locking both ends is required, before such operations, thus locking both ends is required, before such
operations occur. operations occur.
This document updates RFC 6371 section 7.1.1.
Conventions used in this document Conventions used in this document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC-2119 [2]. document are to be interpreted as described in RFC-2119 [2].
1.1. Updates RFC 6371
This document updates section 7.1.1 of RFC 6371. The mechanism
proposed to send the LI OAM message requires the LI OAM message to be
sent periodically and doesn't require a reply to the LI message.
2. Terminology 2. Terminology
ACH: Associated Channel Header ACH: Associated Channel Header
LSR: Label Switching Router LSR: Label Switching Router
MEP: Maintenance Entity Group End Point MEP: Maintenance Entity Group End Point
MIP: Maintenance Entity Group Intermediate Point. MIP: Maintenance Entity Group Intermediate Point.
MPLS-TP: MPLS Transport Profile MPLS-TP: MPLS Transport Profile
MPLS-OAM: MPLS Operations, Administration and Maintenance MPLS-OAM: MPLS Operations, Administration and Maintenance
MPLS-TP LSP: Bidirectional Label Switch Path MPLS-TP LSP: Bidirectional Label Switch Path
skipping to change at page 6, line 24 skipping to change at page 6, line 40
Version: The Version Number is currently 1. (Note: the version Version: The Version Number is currently 1. (Note: the version
number is to be incremented whenever a change is made that affects number is to be incremented whenever a change is made that affects
the ability of an implementation to correctly parse or process the the ability of an implementation to correctly parse or process the
message. These changes include any syntactic or semantic changes made message. These changes include any syntactic or semantic changes made
to any of the fixed fields, or to any Type-Length-Value (TLV) or sub- to any of the fixed fields, or to any Type-Length-Value (TLV) or sub-
TLV assignment or format that is defined at a certain version number. TLV assignment or format that is defined at a certain version number.
The version number may not need to be changed if an optional TLV or The version number may not need to be changed if an optional TLV or
sub-TLV is added.) sub-TLV is added.)
Refresh Timer: The maximum time between successive LI messages Refresh Timer: The maximum time between successive LI messages
specified in seconds. The default value is 1. The value 0 is not specified in seconds. The default value is 1. The value 0 is not
permitted. When a lock is applied, a refresh timer is chosen. This permitted. When a lock is applied, a refresh timer is chosen. This
value MUST NOT be changed for the duration of that lock. value MUST NOT be changed for the duration of that lock.
MEP Source ID TLV: This is the "CC/CV MEP ID TLV" defined in [3]. MEP Source ID TLV: This is the "CC/CV MEP ID TLV" defined in [3].
4. Lock, Loopback and maintenance operations 4. Lock, Loopback and maintenance operations
When an LSP is locked, the management or control function is expected When an LSP is locked, the management or control function is expected
to lock both ends. The purpose of the LI message is to ensure the to lock both ends. The purpose of the LI message is to ensure the
tight coordination of locking and unlocking the two ends. LI timely coordination of locking and unlocking the two ends. LI
messages may be lost during looping or maintenance operations, thus messages may be lost during looping or maintenance operations, thus
locking both ends is required, before such operations occur. locking both ends is required, before such operations occur.
When a transport path is put in loopback, traffic sent from the When a transport path is put in loopback, traffic sent from the
sender MEP will be looped back to that sender MEP. OAM packets not sending MEP will be looped back to that sending MEP. OAM packets not
intercepted by TTL expiry will as well be looped back. The use of intercepted by TTL expiry will as well be looped back. The use of
traffic to measure packet loss, delay and delay variation is outside traffic to measure packet loss, delay and delay variation is outside
the scope of this document. the scope of this document.
5. Operation 5. Operation
5.1. Lock Operation 5.1. Lock Operation
Lock is used to request a MEP to take a transport path out of service Lock is used to request a MEP to take a transport path out of service
so that some form of maintenance can be done or other administrative for administrative reasons. For example, Lock can be used to allow
reasons. some form of maintenance to be done for a transport path.
When performing a lock, a sender MEP in response to a management
system request MUST take the transport path out of service and MUST
send LI messages periodically to the target MEP at the end of the
transport path. LI messages will be sent once every refresh time
interval.
The receiver MEP, will lock the transport path as long as it is When performing Lock, in response to a management request, the MEP
receiving the periodic LI messages. MUST take the transport path out of service and MUST begin sending LI
messages periodically to the remote MEP at the remote end of the
transport path.
The receiver MEP once locked, MUST take the transport path out of The receiver MEP once locked, MUST take the transport path out of
service. service.
A MEP can be locked because it was requested by NMS to lock and as The receiver MEP, will lock the transport path as long as it is
such it is sending LI OAM messages, and/or it is receiving OAM LI receiving the periodic LI messages.
messages from the other MEP.
A MEP is locked either Lock was requested by management (and - as a
result it is sending LI messages), or it is receiving LI messages
from the remote MEP.
5.2. UnLock Operation 5.2. UnLock Operation
Unlock is used to request a MEP to bring the previously locked Unlock is used to request a MEP to bring the previously locked
transport path back in service. transport path back in service.
When a MEP is unlocked via management or control it MUST cease When a MEP is unlocked via management or control it MUST cease
sending LI messages. Further, it must have stopped receiving LI sending LI messages. Further, it must have stopped receiving LI
messages for a period of 3.5 times the previously received refresh messages for a period of 3.5 times the previously received refresh
timer before it brings the transport path back in service. timer before it brings the transport path back in service.
A MEP would unlock transport path and put it back to service if and A MEP would unlock transport path and put it back to service if and
only if there is no management request to lock the path and it is not only if there is no management request to lock the path and it is not
receiving in-band LI messages. receiving in-band LI messages.
A MEP is unlocked when there is no NMS request to Lock and no LI OAM A MEP is unlocked when there is no management request to Lock and no
messages are received. LI OAM messages are received.
5.3. General Procedures 5.3. General Procedures
When taking a transport path out of service, the operation MUST first When taking a transport path out of service, the operation MUST be
be preceded by a lock operation. preceded by a lock operation.
5.4. Example Topology 5.4. Example Topology
The next sections discuss the procedures for locking, Unlocking a The next sections discuss the procedures for locking, Unlocking a
transport path. Assume a transport path traverses nodes A <--> B <-- transport path. Assume a transport path traverses nodes A <--> B <--
> C <--> D. We will refer to the Maintenance Entities involved as > C <--> D. We will refer to the Maintenance Entities involved as
MEP-A, MIP-B, MIP-C, and MEP-D respectively. Suppose a maintenance MEP-A, MIP-B, MIP-C, and MEP-D respectively. Suppose a maintenance
operation invoked at MEP-A requires to lock the transport path. operation invoked at MEP-A requires to lock the transport path.
The following sections describe MEP-A setting and unsetting a lock at The following sections describe MEP-A setting and unsetting a lock at
MEP-D. MEP-D.
5.5. Locking a transport path 5.5. Locking a transport path
1. MEP-A sends an in-band LI Message in response to a Management 1. MEP-A sends an in-band LI Message in response to a management
system request to lock the transport path. The message will include request to lock the transport path. The message will include the
the source MEP-ID TLV. source MEP-ID TLV.
2. Upon receiving the LI message, D uses the received label stack and 2. Upon receiving the LI message, D uses the received label stack and
the source MEP-ID as per [3] to identify the transport path. If no the source MEP-ID as per [3] to identify the transport path. If no
label binding exists or there is no associated transport path back to label binding exists or there is no associated transport path back to
the originator, or if the source MEP-ID does not match, the event is the originator, or if the source MEP-ID does not match, the event is
logged. Processing ceases. Otherwise the message is processed. logged and processing of the LI message ceases.
5.6. UnLocking a transport path 5.6. UnLocking a transport path
1. In response to a Management system request to unlock the transport 1. In response to a management request to unlock the transport path
path MEP-A stops sending LI Messages. MEP-A stops sending LI Messages.
2. After 3.5 times the refresh timer, both sender MEP A and receive 2. After both MEP A and MEP D have not received an LI message in at
MEP D unlock the transport path and put the transport path back in least 3.5 times the refresh timer, and each MEP has not received a
service. new management request to Lock the transport path, both MEPs SHALL
put the transport path back in service.
6. Security Considerations 6. Security Considerations
MPLS-TP is a subset of MPLS and so builds upon many of the aspects of MPLS-TP is a subset of MPLS and so builds upon many of the aspects of
the security model of MPLS. MPLS networks make the assumption that it the security model of MPLS. MPLS networks make the assumption that it
is very hard to inject traffic into a network, and equally hard to is very hard to inject traffic into a network, and equally hard to
cause traffic to be directed outside the network. The control plane cause traffic to be directed outside the network. The control plane
protocols utilize hop-by-hop security, and assume a "chain-of-trust" protocols utilize hop-by-hop security, and assume a "chain-of-trust"
model such that end-to-end control plane security is not used. For model such that end-to-end control plane security is not used. For
more information on the generic aspects of MPLS security, see [6]. more information on the generic aspects of MPLS security, see [6].
This document describes a protocol carried in the G-ACh [4], and so This document describes a protocol carried in the G-ACh [4], and so
is dependent on the security of the G-ACh, itself. The G-ACh is a is dependent on the security of the G-ACh, itself. The G-ACh is a
generalization of the Associated Channel defined in [7]. Thus, this generalization of the Associated Channel defined in [7]. Thus, this
document relies heavily on the security mechanisms provided for the document relies heavily on the security mechanisms provided for the
Associated Channel and described in those two documents. Associated Channel and described in [4] and [7].
A specific concern for the G-ACh is that is can be used to provide a A specific concern for the G-ACh is that is can be used to provide a
covert channel. This problem is wider than the scope of this covert channel. This problem is wider than the scope of this
document and does not need to be addressed here, but it should be document and does not need to be addressed here, but it should be
noted that the channel provides end-to-end connectivity and SHOULD noted that the channel provides end-to-end connectivity and SHOULD
NOT be policed by transit nodes. Thus, there is no simple way of NOT be policed by transit nodes. Thus, there is no simple way of
preventing any traffic being carried between in the G-ACh consenting preventing any traffic being carried between in the G-ACh consenting
nodes. nodes.
A good discussion of the data plane security of an associated channel A good discussion of the data plane security of an associated channel
skipping to change at page 9, line 26 skipping to change at page 9, line 36
7. IANA Considerations 7. IANA Considerations
7.1. Pseudowire Associated Channel Type 7.1. Pseudowire Associated Channel Type
LI OAM requires a unique Associated Channel Type which is assigned by LI OAM requires a unique Associated Channel Type which is assigned by
IANA from the Pseudowire Associated Channel Types Registry. IANA from the Pseudowire Associated Channel Types Registry.
Registry: Registry:
Value Description TLV Follows Reference Value Description TLV Follows Reference
----------- ----------------------- ----------- --------- ----------- ----------------------- ----------- ---------
0xHHHH LI No (Section 3.1) 0xHH LI No (Section 3.1)
8. Acknowledgements 8. Acknowledgements
The authors would like to thank Loa Andersson, Yoshinori Koike, The authors would like to thank Loa Andersson, Yoshinori Koike,
D'Alessandro Alessandro Gerardo, Shahram Davari, Greg Mirsky, Yaacov D'Alessandro Alessandro Gerardo, Shahram Davari, Greg Mirsky, Yaacov
Weingarten, Liu Guoman, Matthew Bocci, Stewart Bryant and Adrian Weingarten, Liu Guoman, Matthew Bocci, Stewart Bryant and Adrian
Farrel for their valuable comments. Farrel for their valuable comments.
9. References 9. References
 End of changes. 38 change blocks. 
84 lines changed or deleted 98 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/