draft-ietf-teas-rsvp-ingress-protection-01.txt   draft-ietf-teas-rsvp-ingress-protection-02.txt 
Internet Engineering Task Force H. Chen, Ed. Internet Engineering Task Force H. Chen, Ed.
Internet-Draft Huawei Technologies Internet-Draft Huawei Technologies
Intended status: Standards Track R. Torvi, Ed. Intended status: Standards Track R. Torvi, Ed.
Expires: July 14, 2015 Juniper Networks Expires: September 10, 2015 Juniper Networks
January 10, 2015 March 9, 2015
Extensions to RSVP-TE for LSP Ingress Local Protection Extensions to RSVP-TE for LSP Ingress Local Protection
draft-ietf-teas-rsvp-ingress-protection-01.txt draft-ietf-teas-rsvp-ingress-protection-02.txt
Abstract Abstract
This document describes extensions to Resource Reservation Protocol - This document describes extensions to Resource Reservation Protocol -
Traffic Engineering (RSVP-TE) for locally protecting the ingress node Traffic Engineering (RSVP-TE) for locally protecting the ingress node
of a Traffic Engineered (TE) Label Switched Path (LSP) in a Multi- of a Traffic Engineered (TE) Label Switched Path (LSP), which is a
Protocol Label Switching (MPLS) and Generalized MPLS (GMPLS) network. Point-to-Point (P2P) LSP or a Point-to-Multipoint (P2MP) LSP.
Status of this Memo Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on July 14, 2015. This Internet-Draft will expire on September 10, 2015.
Copyright Notice Copyright Notice
Copyright (c) 2015 IETF Trust and the persons identified as the Copyright (c) 2015 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 18 skipping to change at page 2, line 18
2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2.1. An Example of Ingress Local Protection . . . . . . . . . . 3 2.1. An Example of Ingress Local Protection . . . . . . . . . . 3
2.2. Ingress Local Protection with FRR . . . . . . . . . . . . 4 2.2. Ingress Local Protection with FRR . . . . . . . . . . . . 4
3. Ingress Failure Detection . . . . . . . . . . . . . . . . . . 4 3. Ingress Failure Detection . . . . . . . . . . . . . . . . . . 4
3.1. Source Detects Failure . . . . . . . . . . . . . . . . . . 4 3.1. Source Detects Failure . . . . . . . . . . . . . . . . . . 4
3.2. Backup and Source Detect Failure . . . . . . . . . . . . . 5 3.2. Backup and Source Detect Failure . . . . . . . . . . . . . 5
4. Backup Forwarding State . . . . . . . . . . . . . . . . . . . 5 4. Backup Forwarding State . . . . . . . . . . . . . . . . . . . 5
4.1. Forwarding State for Backup LSP . . . . . . . . . . . . . 5 4.1. Forwarding State for Backup LSP . . . . . . . . . . . . . 5
5. Protocol Extensions . . . . . . . . . . . . . . . . . . . . . 6 5. Protocol Extensions . . . . . . . . . . . . . . . . . . . . . 6
5.1. INGRESS_PROTECTION Object . . . . . . . . . . . . . . . . 6 5.1. INGRESS_PROTECTION Object . . . . . . . . . . . . . . . . 6
5.1.1. Subobject: Backup Ingress IPv4/IPv6 Address . . . . . 7 5.1.1. Subobject: Backup Ingress IPv4 Address . . . . . . . . 7
5.1.2. Subobject: Ingress IPv4/IPv6 Address . . . . . . . . . 8 5.1.2. Subobject: Backup Ingress IPv6 Address . . . . . . . . 8
5.1.3. Subobject: Traffic Descriptor . . . . . . . . . . . . 8 5.1.3. Subobject: Ingress IPv4 Address . . . . . . . . . . . 8
5.1.4. Subobject: Label-Routes . . . . . . . . . . . . . . . 9 5.1.4. Subobject: Ingress IPv6 Address . . . . . . . . . . . 8
6. Behavior of Ingress Protection . . . . . . . . . . . . . . . . 9 5.1.5. Subobject: Traffic Descriptor . . . . . . . . . . . . 9
6.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . . 9 5.1.6. Subobject: Label-Routes . . . . . . . . . . . . . . . 9
6.2. Ingress Behavior . . . . . . . . . . . . . . . . . . . . . 9 6. Behavior of Ingress Protection . . . . . . . . . . . . . . . . 10
6.3. Backup Ingress Behavior . . . . . . . . . . . . . . . . . 11 6.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . . 10
6.3.1. Backup Ingress Behavior in Off-path Case . . . . . . . 11 6.1.1. Relay-Message Method . . . . . . . . . . . . . . . . . 10
6.3.2. Backup Ingress Behavior in On-path Case . . . . . . . 13 6.1.2. Proxy-Ingress Method . . . . . . . . . . . . . . . . . 11
6.3.3. Failure Detection and Refresh PATH Messages . . . . . 13 6.1.3. Comparing Two Methods . . . . . . . . . . . . . . . . 11
6.4. Revertive Behavior . . . . . . . . . . . . . . . . . . . . 14 6.2. Ingress Behavior . . . . . . . . . . . . . . . . . . . . . 12
6.4.1. Revert to Primary Ingress . . . . . . . . . . . . . . 14 6.2.1. Relay-Message Method . . . . . . . . . . . . . . . . . 12
6.4.2. Global Repair by Backup Ingress . . . . . . . . . . . 14 6.2.2. Proxy-Ingress Method . . . . . . . . . . . . . . . . . 13
7. Security Considerations . . . . . . . . . . . . . . . . . . . 15 6.3. Backup Ingress Behavior . . . . . . . . . . . . . . . . . 14
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15 6.3.1. Backup Ingress Behavior in Off-path Case . . . . . . . 14
9. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 15 6.3.2. Backup Ingress Behavior in On-path Case . . . . . . . 17
10. Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . 16 6.3.3. Failure Detection and Refresh PATH Messages . . . . . 17
11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 16 6.4. Revertive Behavior . . . . . . . . . . . . . . . . . . . . 18
11.1. Normative References . . . . . . . . . . . . . . . . . . . 16 6.4.1. Revert to Primary Ingress . . . . . . . . . . . . . . 18
11.2. Informative References . . . . . . . . . . . . . . . . . . 17 6.4.2. Global Repair by Backup Ingress . . . . . . . . . . . 19
A. Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 17 7. Security Considerations . . . . . . . . . . . . . . . . . . . 19
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 19
8.1. A New Class Number . . . . . . . . . . . . . . . . . . . . 19
9. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 20
10. Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . 21
11. Normative References . . . . . . . . . . . . . . . . . . . . . 21
A. Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 22
1. Co-authors 1. Co-authors
Ning So, Autumn Liu, Alia Atlas, Yimin Shen, Tarek Saad, Fengman Xu, Ning So, Autumn Liu, Alia Atlas, Yimin Shen, Tarek Saad, Fengman Xu,
Mehmet Toy, Lei Liu Mehmet Toy, Lei Liu
2. Introduction 2. Introduction
For MPLS LSPs it is important to have a fast-reroute method for For MPLS LSPs it is important to have a fast-reroute method for
protecting its ingress node as well as transit nodes. This is not protecting its ingress node as well as transit nodes. This is not
skipping to change at page 6, line 27 skipping to change at page 6, line 27
local protection. It is backward compatible. local protection. It is backward compatible.
5.1. INGRESS_PROTECTION Object 5.1. INGRESS_PROTECTION Object
The INGRESS_PROTECTION object with the FAST_REROUTE object in a PATH The INGRESS_PROTECTION object with the FAST_REROUTE object in a PATH
message is used to control the backup for protecting the primary message is used to control the backup for protecting the primary
ingress of a primary LSP. The primary ingress MUST insert this ingress of a primary LSP. The primary ingress MUST insert this
object into the PATH message to be sent to the backup ingress for object into the PATH message to be sent to the backup ingress for
protecting the primary ingress. It has the following format: protecting the primary ingress. It has the following format:
Class-Num = TBD C-Type = TBD Class-Num = TBD C-Type = 1 for INGRESS_PROTECTION_IPv4
C-Type = 2 for INGRESS_PROTECTION_IPv6
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Length (bytes) | Class-Num | C-Type | | Length (bytes) | Class-Num | C-Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Secondary LSP ID | Flags | Options | | Secondary LSP ID | Flags | Options |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~ (Subobjects) ~ ~ (Subobjects) ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 7, line 40 skipping to change at page 7, line 41
when the primary ingress is restored. when the primary ingress is restored.
o P2MP Backup: This option is set to ask for the backup ingress to o P2MP Backup: This option is set to ask for the backup ingress to
use P2MP backup LSP to protect the primary ingress. Note that one use P2MP backup LSP to protect the primary ingress. Note that one
spare bit of the flags in the FAST-REROUTE object can be used to spare bit of the flags in the FAST-REROUTE object can be used to
indicate whether P2MP or P2P backup LSP is desired for protecting indicate whether P2MP or P2P backup LSP is desired for protecting
an ingress and transit node. an ingress and transit node.
The INGRESS_PROTECTION object may contain some sub objects below. The INGRESS_PROTECTION object may contain some sub objects below.
5.1.1. Subobject: Backup Ingress IPv4/IPv6 Address 5.1.1. Subobject: Backup Ingress IPv4 Address
When the primary ingress of a protected LSP sends a PATH message with When the primary ingress of a protected LSP sends a PATH message with
an INGRESS_PROTECTION object to the backup ingress, the object may an INGRESS_PROTECTION object to the backup ingress, the object may
have a Backup Ingress IPv4/IPv6 Address sub object containing an have a Backup Ingress IPv4 Address sub object containing an IPv4
IPv4/IPv6 address belonging to the backup ingress. The Type of the address belonging to the backup ingress. The Type of the sub object
sub object is TBD-1/TBD-2 for Backup Ingress IPv4/IPv6 Address. The is TBD-1, and the body of the sub object is given below:
body of the sub object is given below:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IPv4/IPv6 address (4/16 bytres) | | IPv4 address (4 bytes) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
IPv4/IPv6 address: A 32/128-bit unicast, host address. IPv4 address: A 32-bit unicast, host address.
5.1.2. Subobject: Ingress IPv4/IPv6 Address 5.1.2. Subobject: Backup Ingress IPv6 Address
The INGRESS_PROTECTION object may have an Ingress IPv4/IPv6 Address When the primary ingress of a protected LSP sends a PATH message with
sub object containing an IPv4/IPv6 address belonging to the primary an INGRESS_PROTECTION object to the backup ingress, the object may
ingress. The Type of the sub object is TBD-3/TBD-4 for Ingress IPv4/ have a Backup Ingress IPv6 Address sub object containing an IPv6
IPv6 Address. The sub object has the following body: address belonging to the backup ingress. The Type of the sub object
is TBD-2, the body of the sub object is given below:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IPv4/IPv6 address (4/16 bytres) | | IPv6 address (16 bytes) |
~ ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
IPv4/IPv6 address: A 32/128-bit unicast, host address. IPv6 address: A 128-bit unicast, host address.
5.1.3. Subobject: Traffic Descriptor 5.1.3. Subobject: Ingress IPv4 Address
The INGRESS_PROTECTION object may have an Ingress IPv4 Address sub
object containing an IPv4 address belonging to the primary ingress.
The Type of the sub object is TBD-3. The sub object has the
following body:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IPv4 address (4 bytes) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
IPv4 address: A 32-bit unicast, host address.
5.1.4. Subobject: Ingress IPv6 Address
The INGRESS_PROTECTION object may have an Ingress IPv6 Address sub
object containing an IPv6 address belonging to the primary ingress.
The Type of the sub object is TBD-4. The sub object has the
following body:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IPv6 address (16 bytes) |
~ ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
IPv6 address: A 128-bit unicast, host address.
5.1.5. Subobject: Traffic Descriptor
The INGRESS_PROTECTION object may have a Traffic Descriptor sub The INGRESS_PROTECTION object may have a Traffic Descriptor sub
object describing the traffic to be mapped to the backup LSP on the object describing the traffic to be mapped to the backup LSP on the
backup ingress for locally protecting the primary ingress. The Type backup ingress for locally protecting the primary ingress. The Type
of the sub object is TBD-5/TBD-6/TBD-7 for Interface/IPv4/6 Prefix of the sub object is TBD-5/TBD-6/TBD-7 for Interface/IPv4/IPv6 Prefix
respectively. The sub object has the following body: respectively. The sub object has the following body:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Traffic Element 1 | | Traffic Element 1 |
~ ~ ~ ~
| Traffic Element n | | Traffic Element n |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The Traffic Descriptor sub object may contain multiple Traffic The Traffic Descriptor sub object may contain multiple Traffic
Elements of same type as follows: Elements of same type as follows:
o Interface Traffic (Type TBD-5): Each of the Traffic Elements is a o Interface Traffic (Type TBD-5): Each of the Traffic Elements is a
32 bit index of an interface, from which the traffic is imported 32 bit index of an interface, from which the traffic is imported
into the backup LSP. into the backup LSP.
o IPv4/6 Prefix Traffic (Type TBD-6/TBD-7): Each of the Traffic o IPv4/IPv6 Prefix Traffic (Type TBD-6/TBD-7): Each of the Traffic
Elements is an IPv4/6 prefix, containing an 8-bit prefix length Elements is an IPv4/IPv6 prefix, containing an 8-bit prefix length
followed by an IPv4/6 address prefix, whose length, in bits, was followed by an IPv4/IPv6 address prefix, whose length, in bits,
specified by the prefix length, padded to a byte boundary. was specified by the prefix length, padded to a byte boundary.
5.1.4. Subobject: Label-Routes 5.1.6. Subobject: Label-Routes
The INGRESS_PROTECTION object in a PATH message from the primary The INGRESS_PROTECTION object in a PATH message from the primary
ingress to the backup ingress will have a Label-Routes sub object ingress to the backup ingress will have a Label-Routes sub object
containing the labels and routes that the next hops of the ingress containing the labels and routes that the next hops of the ingress
use. The Type of the sub object is TBD-8. The sub object has the use. The Type of the sub object is TBD-8. The sub object has the
following body: following body:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 9, line 43 skipping to change at page 10, line 26
6. Behavior of Ingress Protection 6. Behavior of Ingress Protection
6.1. Overview 6.1. Overview
There are four parts of ingress protection: 1) setting up the There are four parts of ingress protection: 1) setting up the
necessary backup LSP forwarding state; 2) identifying the failure and necessary backup LSP forwarding state; 2) identifying the failure and
providing the fast repair (as discussed in Sections 3 and 4); 3) providing the fast repair (as discussed in Sections 3 and 4); 3)
maintaining the RSVP-TE control plane state until a global repair can maintaining the RSVP-TE control plane state until a global repair can
be done; and 4) performing the global repair(see Section 6.4). be done; and 4) performing the global repair(see Section 6.4).
There are two different proposed signaling approaches to obtain
ingress protection. They both use the same new INGRESS_PROTECTION
object. The object is sent in both PATH and RESV messages.
6.1.1. Relay-Message Method
The primary ingress relays the information for ingress protection of
an LSP to the backup ingress via PATH messages. Once the LSP is
created, the ingress of the LSP sends the backup ingress a PATH
message with an INGRESS_PROTECTION object with Label-Routes
subobject, which is populated with the next-hops and labels. This
provides sufficient information for the backup ingress to create the
appropriate forwarding state and backup LSP(s).
The ingress also sends the backup ingress all the other PATH messages
for the LSP with an empty INGRESS_PROTECTION object. Thus, the
backup ingress has access to all the PATH messages needed for
modification to refresh control-plane state after a failure.
The advantages of this method include: 1) the primary LSP is
independent of the backup ingress; 2) simple; 3) less configuration;
and 4) less control traffic.
6.1.2. Proxy-Ingress Method
Conceptually, a proxy ingress is created that starts the RSVP
signaling. The explicit path of the LSP goes from the proxy ingress
to the backup ingress and then to the real ingress. The behavior and
signaling for the proxy ingress is done by the real ingress; the use
of a proxy ingress address avoids problems with loop detection.
[ traffic source ] *** Primary LSP
$ $ --- Backup LSP
$ $ $$ Link
$ $
[ proxy ingress ] [ backup ]
[ & ingress ] |
* |
*****[ MP ]----|
Figure 2: Example Protected LSP with Proxy Ingress Node
The backup ingress must know the merge points or next-hops and their
associated labels. This is accomplished by having the RSVP PATH and
RESV messages go through the backup ingress, although the forwarding
path need not go through the backup ingress. If the backup ingress
fails, the ingress simply removes the INGRESS_PROTECTION object and
forwards the PATH messages to the LSP's next-hop(s). If the ingress
has its LSP configured for ingress protection, then the ingress can
add the backup ingress and itself to the ERO and start forwarding the
PATH messages to the backup ingress.
Slightly different behavior can apply for the on-path and off-path
cases. In the on-path case, the backup ingress is a next hop node
after the ingress for the LSP. In the off-path, the backup ingress
is not any next-hop node after the ingress for all associated sub-
LSPs.
The key advantage of this approach is that it minimizes the special
handling code requires. Because the backup ingress is on the
signaling path, it can receive various notifications. It easily has
access to all the PATH messages needed for modification to be sent to
refresh control-plane state after a failure.
6.1.3. Comparing Two Methods
+-------+-----------+-------+--------------+---------------+---------+
|\_ Item|Primary LSP|Config |PATH Msg from |RESV Msg from |Reuse |
| \_ |Depends on |Proxy- |Backup Ingress|Primary Ingress|Some |
| \|Backup |Ingress|to Primary |to Backup |Existing |
|Method |Ingress |ID |Ingress |Ingress |Functions|
+-------+-----------+-------+--------------+---------------+---------+
|Relay- | No | No | No | No | Yes- |
|Message| | | | | |
+-------+-----------+-------+--------------+---------------+---------+
|Proxy- | Yes | Yes | Yes | Yes | Yes |
|Ingress| | | | | |
+-------+-----------+-------+--------------+---------------+---------+
6.2. Ingress Behavior 6.2. Ingress Behavior
The primary ingress must be configured with a couple of pieces of The primary ingress must be configured with a couple of pieces of
information for ingress protection. information for ingress protection.
o Backup Ingress Address: The primary ingress must know an IP o Backup Ingress Address: The primary ingress must know an IP
address for it to be included in the INGRESS_PROTECTION object. address for it to be included in the INGRESS_PROTECTION object.
o Proxy-Ingress-Id (only needed for Proxy-Ingress Method): The
Proxy-Ingress-Id is only used in the Record Route Object for
recording the proxy-ingress. If no proxy-ingress-id is specified,
then a local interface address that will not otherwise be included
in the Record Route Object can be used. A similar technique is
used in [RFC4090 Sec 6.1.1].
o Application Traffic Identifier: The primary ingress and backup o Application Traffic Identifier: The primary ingress and backup
ingress must both know what application traffic should be directed ingress must both know what application traffic should be directed
into the LSP. If a list of prefixes in the Traffic Descriptor into the LSP. If a list of prefixes in the Traffic Descriptor
sub-object will not suffice, then a commonly understood sub-object will not suffice, then a commonly understood
Application Traffic Identifier can be sent between the primary Application Traffic Identifier can be sent between the primary
ingress and backup ingress. The exact meaning of the identifier ingress and backup ingress. The exact meaning of the identifier
should be configured similarly at both the primary ingress and should be configured similarly at both the primary ingress and
backup ingress. The Application Traffic Identifier is understood backup ingress. The Application Traffic Identifier is understood
within the unique context of the primary ingress and backup within the unique context of the primary ingress and backup
ingress. ingress.
With this additional information, the primary ingress can create and With this additional information, the primary ingress can create and
signal the necessary RSVP extensions to support ingress protection. signal the necessary RSVP extensions to support ingress protection.
The primary ingress relays the information for ingress protection of 6.2.1. Relay-Message Method
an LSP to the backup ingress via PATH messages. Once the LSP is
created, the ingress of the LSP sends the backup ingress a PATH
message with an INGRESS_PROTECTION object with Label-Routes
subobject, which is populated with the next-hops and labels. This
provides sufficient information for the backup ingress to create the
appropriate forwarding state and backup LSP(s).
The ingress also sends the backup ingress all the other PATH messages
for the LSP with an empty INGRESS_PROTECTION object. Thus, the
backup ingress has access to all the PATH messages needed for
modification to refresh control-plane state after a failure.
To protect the ingress of an LSP, the ingress does the following To protect the ingress of an LSP, the ingress does the following
after the LSP is up. after the LSP is up.
1. Select a PATH message. 1. Select a PATH message.
2. If the backup ingress is off-path, then send it a PATH message 2. If the backup ingress is off-path, then send it a PATH message
with the content from the selected PATH message and an with the content from the selected PATH message and an
INGRESS_PROTECTION object; else (the backup ingress is a next INGRESS_PROTECTION object; else (the backup ingress is a next
hop, i.e., on-path case) add an INGRESS_PROTECTION object into hop, i.e., on-path case) add an INGRESS_PROTECTION object into
skipping to change at page 11, line 10 skipping to change at page 13, line 24
object. The flags is set to indicate whether a Backup P2MP LSP object. The flags is set to indicate whether a Backup P2MP LSP
is desired. A second LSP-ID is allocated (if it is not allocated is desired. A second LSP-ID is allocated (if it is not allocated
yet) and used in the object. The Label-Routes sub-object yet) and used in the object. The Label-Routes sub-object
contains the next-hops of the ingress and their labels. contains the next-hops of the ingress and their labels.
3. For each of the other PATH messages, send the backup ingress a 3. For each of the other PATH messages, send the backup ingress a
PATH message with the content copied from the message and an PATH message with the content copied from the message and an
empty INGRESS_PROTECTION object, which is an object without any empty INGRESS_PROTECTION object, which is an object without any
Traffic-Descriptor sub-object. Traffic-Descriptor sub-object.
6.2.2. Proxy-Ingress Method
The primary ingress is responsible for starting the RSVP signaling
for the proxy-ingress node. To do this, the following is done for
the RSVP PATH message.
1. Compute the EROs for the LSP as normal for the ingress.
2. If the selected backup ingress node is not the first node on the
path (for all sub-LSPs), then insert at the beginning of the ERO
first the backup ingress node and then the ingress node.
3. In the PATH RRO, instead of recording the ingress node's address,
replace it with the Proxy-Ingress-Id.
4. Leave the HOP object populated as usual with information for the
ingress-node.
5. Add the INGRESS_PROTECTION object to the PATH message. Allocate
a second LSP-ID to be used in the INGRESS-PROTECTION object.
Include the Backup Ingress Address (IPv4 or IPv6) sub-object and
the Traffic-Descriptor sub-object. Set or clear the flag
indicating that a Backup P2MP LSP is desired.
6. Optionally, add the FAST-REROUTE object [RFC4090] to the Path
message. Indicate whether one-to-one backup is desired.
Indicate whether facility backup is desired.
7. The RSVP PATH message is sent to the backup node as normal.
If the ingress detects that it can't communicate with the backup
ingress, then the ingress should instead send the PATH message to the
next-hop indicated in the ERO computed in step 1. Once the ingress
detects that it can communicate with the backup ingress, the ingress
SHOULD follow the steps 1-7 to obtain ingress failure protection.
When the ingress node receives an RSVP PATH message with an INGRESS-
PROTECTION object and the object specifies that node as the ingress
node and the PHOP as the backup ingress node, the ingress node SHOULD
remove the INGRESS_PROTECTION object from the PATH message before
sending it out. Additionally, the ingress node must store that it
will install ingress forwarding state for the LSP rather than
midpoint forwarding.
When an RSVP RESV message is received by the ingress, it uses the
NHOP to determine whether the message is received from the backup
ingress or from a different node. The stored associated PATH message
contains an INGRESS_PROTECTION object that identifies the backup
ingress node. If the RESV message is not from the backup node, then
ingress forwarding state should be set up, and the INGRESS_PROTECTION
object MUST be added to the RESV before it is sent to the NHOP, which
should be the backup node. If the RESV message is from the backup
node, then the LSP should be considered available for use.
If the backup ingress node is on the forwarding path, then a RESV is
received with an INGRESS_PROTECTION object and an NHOP that matches
the backup ingress. In this case, the ingress node's address will
not appear after the backup ingress in the RRO. The ingress node
should set up ingress forwarding state, just as is done if the LSP
weren't ingress-node protected.
6.3. Backup Ingress Behavior 6.3. Backup Ingress Behavior
An LER determines that the ingress local protection is requested for An LER determines that the ingress local protection is requested for
an LSP if the INGRESS_PROTECTION object is included in the PATH an LSP if the INGRESS_PROTECTION object is included in the PATH
message it receives for the LSP. The LER can further determine that message it receives for the LSP. The LER can further determine that
it is the backup ingress if one of its addresses is in the Backup it is the backup ingress if one of its addresses is in the Backup
Ingress Address sub-object of the INGRESS_PROTECTION object. The LER Ingress Address sub-object of the INGRESS_PROTECTION object. The LER
as the backup ingress will assume full responsibility of the ingress as the backup ingress will assume full responsibility of the ingress
after the primary ingress fails. In addition, the LER determines after the primary ingress fails. In addition, the LER determines
that it is off-path if it is not a next hop of the primary ingress. that it is off-path if it is not a next hop of the primary ingress.
skipping to change at page 12, line 39 skipping to change at page 16, line 18
primary ingress, and tear down the one-to-one backup LSPs for primary ingress, and tear down the one-to-one backup LSPs for
protecting the primary ingress if one-to-one backup is used or unbind protecting the primary ingress if one-to-one backup is used or unbind
the facility backup LSPs if facility backup is used. the facility backup LSPs if facility backup is used.
When the backup ingress receives a PATH message from the primary When the backup ingress receives a PATH message from the primary
ingress for locally protecting the primary ingress of a protected ingress for locally protecting the primary ingress of a protected
LSP, it checks to see if any critical information has been changed. LSP, it checks to see if any critical information has been changed.
If the next hops of the primary ingress are changed, the backup If the next hops of the primary ingress are changed, the backup
ingress SHALL update its backup LSP(s) accordingly. ingress SHALL update its backup LSP(s) accordingly.
6.3.1.1. Relay-Message Method
When the backup ingress receives a PATH message with an non empty When the backup ingress receives a PATH message with an non empty
INGRESS_PROTECTION object, it examines the object to learn what INGRESS_PROTECTION object, it examines the object to learn what
traffic associated with the LSP. It determines the next-hops to be traffic associated with the LSP. It determines the next-hops to be
merged to by examining the Label-Routes sub-object in the object. merged to by examining the Label-Routes sub-object in the object.
The backup ingress stores the PATH message received from the primary The backup ingress stores the PATH message received from the primary
ingress, but does NOT forward it. ingress, but does NOT forward it.
The backup ingress responds with a RESV to the PATH message received The backup ingress responds with a RESV to the PATH message received
from the primary ingress. If the INGRESS_PROTECTION object is not from the primary ingress. If the INGRESS_PROTECTION object is not
"empty", the backup ingress SHALL send the RESV message with the "empty", the backup ingress SHALL send the RESV message with the
state indicating protection is available after the backup LSP(s) are state indicating protection is available after the backup LSP(s) are
successfully established. successfully established.
6.3.1.2. Proxy-Ingress Method
The backup ingress determines the next-hops to be merged to by
collecting the set of the pair of (IPv4/IPv6 sub-object, Label sub-
object) from the Record Route Object of each RESV that are closest to
the top and not the Ingress router; this should be the second to the
top pair. If a Label-Routes sub-object is included in the
INGRESS_PROTECTION object, the included IPv4/IPv6 sub-objects are
used to filter the set down to the specific next-hops where
protection is desired. A RESV message must have been received before
the Backup Ingress can create or select the appropriate backup LSP.
When the backup ingress receives a PATH message with the
INGRESS_PROTECTION object, the backup ingress examines the object to
learn what traffic associated with the LSP. The backup ingress
forwards the PATH message to the ingress node with the normal RSVP
changes.
When the backup ingress receives a RESV message with the
INGRESS_PROTECTION object, the backup ingress records an IMPLICIT-
NULL label in the RRO. Then the backup ingress forwards the RESV
message to the ingress node, which is acting for the proxy ingress.
6.3.2. Backup Ingress Behavior in On-path Case 6.3.2. Backup Ingress Behavior in On-path Case
An LER as the backup ingress determines that it is on-path if one of An LER as the backup ingress determines that it is on-path if one of
its addresses is a next hop of the primary ingress. The LER on-path its addresses is a next hop of the primary ingress (and the primary
sends the corresponding PATH messages without any INGRESS_PROTECTION ingress is not its next hop via checking the PATH message with the
object to its next hops. It creates a number of backup P2P LSPs or a INGRESS_PROTECTION object received from the primary ingress for
backup P2MP LSP from itself to the other next hops (i.e., the next Proxy-Ingress Method). The LER on-path sends the corresponding PATH
hops other than the backup ingress) of the primary ingress. The messages without any INGRESS_PROTECTION object to its next hops. It
other next hops are from the Label-Routes sub object. creates a number of backup P2P LSPs or a backup P2MP LSP from itself
to the other next hops (i.e., the next hops other than the backup
ingress) of the primary ingress. The other next hops are from the
Label-Routes sub object.
It also creates a forwarding entry, which sends/multicasts the It also creates a forwarding entry, which sends/multicasts the
traffic from the source to the next hops of the backup ingress along traffic from the source to the next hops of the backup ingress along
the protected LSP when the primary ingress fails. The traffic is the protected LSP when the primary ingress fails. The traffic is
described by the Traffic-Descriptor. described by the Traffic-Descriptor.
After the forwarding entry is created, all the backup P2P LSPs or the After the forwarding entry is created, all the backup P2P LSPs or the
backup P2MP LSP is up and associated with the protected LSP, the backup P2MP LSP is up and associated with the protected LSP, the
backup ingress sends the primary ingress the RESV message with the backup ingress sends the primary ingress the RESV message with the
INGRESS_PROTECTION object containing the state of the local INGRESS_PROTECTION object containing the state of the local
skipping to change at page 15, line 27 skipping to change at page 19, line 35
protected LSP, and then resignal the new LSP with bandwidth. protected LSP, and then resignal the new LSP with bandwidth.
7. Security Considerations 7. Security Considerations
In principle this document does not introduce new security issues. In principle this document does not introduce new security issues.
The security considerations pertaining to RFC 4090, RFC 4875 and The security considerations pertaining to RFC 4090, RFC 4875 and
other RSVP protocols remain relevant. other RSVP protocols remain relevant.
8. IANA Considerations 8. IANA Considerations
TBD IANA is requested to administer the assignment of new values defined
in this document and summarized in this section.
8.1. A New Class Number
IANA maintains a registry called "Class Names, Class Numbers, and
Class Types" under "Resource Reservation Protocol-Traffic Engineering
(RSVP-TE) Parameters". IANA is requested to assign a new Class
Number for new object EGRESS_BACKUP as follows:
+====================+===============+============================+
| Class Names | Class Numbers | Class Types |
+====================+===============+============================+
| INGRESS_PROTECTION | TBD1 (>192) | 1: INGRESS_PROTECTION_IPv4 |
| | +----------------------------+
| | | 2: INGRESS_PROTECTION_IPv6 |
+--------------------+---------------+----------------------------+
IANA is requested to assign Types for new TLVs in the new objects as
follows:
Type Name Allowed in
1 BACKUP_INGRESS_IPv4_ADDRESS INGRESS_PROTECTION_IPv4
2 BACKUP_INGRESS_IPv6_ADDRESS INGRESS_PROTECTION_IPv6
3 INGRESS_IPv4_ADDRESS INGRESS_PROTECTION_IPv4
4 INGRESS_IPv6_ADDRESS INGRESS_PROTECTION_IPv6
5 TRAFFIC_DESCRIPTOR_INTERFACE INGRESS_PROTECTION
6 TRAFFIC_DESCRIPTOR_IPv4_PREFIX INGRESS_PROTECTION_IPv4
7 TRAFFIC_DESCRIPTOR_IPv6_PREFIX INGRESS_PROTECTION_IPv6
8 LabeL_Routes INGRESS_PROTECTION
9. Contributors 9. Contributors
Renwei Li Renwei Li
Huawei Technologies Huawei Technologies
2330 Central Expressway 2330 Central Expressway
Santa Clara, CA 95050 Santa Clara, CA 95050
USA USA
Email: renwei.li@huawei.com Email: renwei.li@huawei.com
skipping to change at page 16, line 33 skipping to change at page 21, line 26
Email: mjork@juniper.net Email: mjork@juniper.net
10. Acknowledgement 10. Acknowledgement
The authors would like to thank Nobo Akiya, Rahul Aggarwal, Eric The authors would like to thank Nobo Akiya, Rahul Aggarwal, Eric
Osborne, Ross Callon, Loa Andersson, Daniel King, Michael Yue, Osborne, Ross Callon, Loa Andersson, Daniel King, Michael Yue,
Olufemi Komolafe, Rob Rennison, Neil Harrison, Kannan Sampath, and Olufemi Komolafe, Rob Rennison, Neil Harrison, Kannan Sampath, and
Ronhazli Adam for their valuable comments and suggestions on this Ronhazli Adam for their valuable comments and suggestions on this
draft. draft.
11. References 11. Normative References
11.1. Normative References
[RFC1700] Reynolds, J. and J. Postel, "Assigned Numbers", RFC 1700,
October 1994.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC3692] Narten, T., "Assigning Experimental and Testing Numbers
Considered Useful", BCP 82, RFC 3692, January 2004.
[RFC2205] Braden, B., Zhang, L., Berson, S., Herzog, S., and S.
Jamin, "Resource ReSerVation Protocol (RSVP) -- Version 1
Functional Specification", RFC 2205, September 1997.
[RFC3031] Rosen, E., Viswanathan, A., and R. Callon, "Multiprotocol [RFC3031] Rosen, E., Viswanathan, A., and R. Callon, "Multiprotocol
Label Switching Architecture", RFC 3031, January 2001. Label Switching Architecture", RFC 3031, January 2001.
[RFC3209] Awduche, D., Berger, L., Gan, D., Li, T., Srinivasan, V., [RFC3209] Awduche, D., Berger, L., Gan, D., Li, T., Srinivasan, V.,
and G. Swallow, "RSVP-TE: Extensions to RSVP for LSP and G. Swallow, "RSVP-TE: Extensions to RSVP for LSP
Tunnels", RFC 3209, December 2001. Tunnels", RFC 3209, December 2001.
[RFC3473] Berger, L., "Generalized Multi-Protocol Label Switching
(GMPLS) Signaling Resource ReserVation Protocol-Traffic
Engineering (RSVP-TE) Extensions", RFC 3473, January 2003.
[RFC4090] Pan, P., Swallow, G., and A. Atlas, "Fast Reroute [RFC4090] Pan, P., Swallow, G., and A. Atlas, "Fast Reroute
Extensions to RSVP-TE for LSP Tunnels", RFC 4090, Extensions to RSVP-TE for LSP Tunnels", RFC 4090,
May 2005. May 2005.
[RFC4461] Yasukawa, S., "Signaling Requirements for Point-to-
Multipoint Traffic-Engineered MPLS Label Switched Paths
(LSPs)", RFC 4461, April 2006.
[RFC4875] Aggarwal, R., Papadimitriou, D., and S. Yasukawa, [RFC4875] Aggarwal, R., Papadimitriou, D., and S. Yasukawa,
"Extensions to Resource Reservation Protocol - Traffic "Extensions to Resource Reservation Protocol - Traffic
Engineering (RSVP-TE) for Point-to-Multipoint TE Label Engineering (RSVP-TE) for Point-to-Multipoint TE Label
Switched Paths (LSPs)", RFC 4875, May 2007. Switched Paths (LSPs)", RFC 4875, May 2007.
[P2MP-FRR]
Le Roux, J., Aggarwal, R., Vasseur, J., and M. Vigoureux,
"P2MP MPLS-TE Fast Reroute with P2MP Bypass Tunnels",
draft-leroux-mpls-p2mp-te-bypass , March 1997.
11.2. Informative References
[RFC2702] Awduche, D., Malcolm, J., Agogbua, J., O'Dell, M., and J.
McManus, "Requirements for Traffic Engineering Over MPLS",
RFC 2702, September 1999.
[RFC3032] Rosen, E., Tappan, D., Fedorkow, G., Rekhter, Y.,
Farinacci, D., Li, T., and A. Conta, "MPLS Label Stack
Encoding", RFC 3032, January 2001.
Appendix A. Authors' Addresses Appendix A. Authors' Addresses
Huaimo Chen Huaimo Chen
Huawei Technologies Huawei Technologies
Boston, MA Boston, MA
USA USA
Email: huaimo.chen@huawei.com Email: huaimo.chen@huawei.com
Raveendra Torvi Raveendra Torvi
Juniper Networks Juniper Networks
10 Technology Park Drive 10 Technology Park Drive
Westford, MA 01886 Westford, MA 01886
 End of changes. 32 change blocks. 
105 lines changed or deleted 302 lines changed or added

This html diff was produced by rfcdiff 1.42. The latest version is available from http://tools.ietf.org/tools/rfcdiff/