Internet-Draft | PREOF DetNet IP | April 2023 |
Varga, et al. | Expires 28 October 2023 | [Page] |
This document describes how DetNet IP data plane can support the Packet Replication, Elimination, and Ordering Functions (PREOF) built on the existing MPLS PREOF solution [RFC8964] and the mechanisms defined in [RFC9025].¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 28 October 2023.¶
Copyright (c) 2023 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
The DetNet Working Group has defined Packet Replication (PRF), Packet Elimination (PEF) and Packet Ordering (POF) functions to provide service protection by the DetNet service sub-layer [RFC8655]. The PREOF service protection method relies on copies of the same packet sent over multiple maximally disjoint paths and uses sequencing information to eliminate duplicates. A possible implementation of the PRF and PEF functions is described in [IEEE8021CB] and the related YANG data model is defined in [IEEEP8021CBcv]. A possible implementation of POF function is described in [I-D.ietf-detnet-pof]. Figure 1 shows a DetNet flow on which PREOF functions are applied during forwarding from the source to the destination.¶
In general, the use of PREOF functions require sequencing information to be included in the packets of a DetNet compound flow. This may be done by adding a sequence number or time stamp as part of DetNet encapsulation. Sequencing information is typically added once, at or close to the source.¶
The DetNet MPLS data plane [RFC8964] specifies how sequencing information is encoded in the MPLS header. However, the DetNet IP data plane described in [RFC8939] does not specify how sequencing information can be encoded in the IP header. This document describes a DetNet IP encapsulation that includes sequencing information based on the DetNet MPLS over UDP/IP data plane [RFC9025], i.e., leveraging the MPLS-over-UDP technology.¶
This document uses the terminology established in the DetNet architecture [RFC8655], and the reader is assumed to be familiar with that document and its terminology.¶
The following abbreviations are used in this document:¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
The requirements for adding PREOF to DetNet IP are:¶
The described solution practically gains from MPLS header fields without requiring the support of the MPLS forwarding plane.¶
The DetNet IP encapsulation supporting DetNet Service sub-layer is based on the "UDP tunneling" concept. The solution creates a set of underlay UDP/IP tunnels between an overlay set of DetNet relay nodes.¶
At the edge of a PREOF capable DetNet IP domain the DetNet flow is encapsulated in an UDP packet containing the sequence number used by PREOF functions within the domain. This solution maintains the 6-tuple-based DetNet flow identification in DetNet transit nodes, which operate at the DetNet forwarding sub-layer between the DetNet service sub-layer nodes; therefore, it is compatible with [RFC8939]. Figure 2 shows how the PREOF capable DetNet IP data plane fits into the DetNet sub-layers.¶
The PREOF capable DetNet IP encapsulation builds on encapsulating DetNet PW directly over UDP. That is, it combines DetNet MPLS [RFC8964] with DetNet MPLS-in-UDP [RFC9025], without using any F-Labels as shown in Figure 3. DetNet flows are identified at the receiving DetNet service sub-layer processing node via the S-Label and/or the UDP/IP header information. Sequencing information for PREOF is provided by the DetNet Control Word (d-CW) as per [RFC8964]. The S-label is used to identify both the DetNet flow and the DetNet App-flow type. The UDP tunnel is used to direct the packet across the DetNet domain to the next DetNet service sub-layer processing node.¶
IP ingress and egress nodes of the PREOF capable DetNet IP domain MUST add and remove a DetNet service-specific d-CW and Service-ID (i.e., S-Label). Relay nodes MAY change Service-ID values when processing a DetNet flow, i.e., incoming and outgoing Service-IDs of a DetNet flow can be different. Service-ID values MUST be provisioned per DetNet service via configuration, i.e., via the Controller Plane described in [RFC8938]. In some PREOF topologies, the node performing replication sends the packets to multiple nodes performing e.g., PEF or POF and the replication node may need to use different Service-ID values for the different member flows for the same DetNet service.¶
Note, that Service-IDs is a local ID on the receiver side providing identification of the DetNet flow at the downstream DetNet service sub-layer receiver.¶
Two methods can be used for flow aggregation:¶
In the first case, the different DetNet PWs use the same UDP tunnel, so they are treated as a single (aggregated) flow at the forwarding sub-layer. At the service sub-layer, each flow uses a different Service ID.¶
For the second option, an additional hierarchy is created thanks to an additional Service-ID and d-CW tuple added to the encapsulation. The Aggregate-ID is a special case of a Service-ID, whose properties are known only at the aggregation and de-aggregation end points. It is a property of the Aggregate-ID that it is followed by a d-CW followed by an Service-ID/d-CW tuple. Figure 4 shows the encapsulation in case of aggregation.¶
A node operating on a received DetNet flow at the DetNet service sub-layer uses the local context associated with a received Service-ID to determine which local DetNet operation(s) are applied to received packet. A Service-ID may be allocated to be unique and enabling DetNet flow identification regardless of which input interface or UDP tunnel the packet is received. It is important to note that Service-ID values are driven by the receiver, not the sender.¶
The DetNet forwarding sub-layer is supported by the UDP tunnel and is responsible for providing resource allocation and explicit routes.¶
To support outgoing PREOF capable DetNet IP encapsulation, an implementation MUST support the provisioning of UDP and IP header information. Note, when PRF is performed at the DetNet service sub-layer, there are multiple member flows, and each member flow requires their own Service-ID, UDP and IP header information. The headers for each outgoing packet MUST be formatted according to the configuration information, and the UDP Source Port value MUST be set to uniquely identify the DetNet flow. The packet MUST then be handled as a PREOF capable DetNet IP packet.¶
To support the receive processing, an implementation MUST also support the provisioning of received Service-ID, UDP and IP header information. The provisioned information MUST be used to identify incoming app-flows based on the combination of Service-ID and/or incoming encapsulation header information.¶
Figure 5 shows using PREOF in a PREOF capable DetNet IP network.¶
The information needed to identify individual and aggregated DetNet flows is summarized as follows:¶
For the IPv4 Type of Service and IPv6 Traffic Class Fields:¶
This information MUST be provisioned per DetNet flow via configuration, e.g., via the controller plane.¶
An implementation MUST support ordering of the set of information used to identify an individual DetNet flow. This can, for example, be used to provide a DetNet service for a specific UDP flow, with unique Source and Destination Port field values, while providing a different service for the aggregate of all other flows with that same UDP Destination Port value.¶
The minimum set of information for the configuration of the DetNet service sub-layer is summarized as follows:¶
The minimum set of information for the configuration of the DetNet forwarding sub-layer is summarized as follows:¶
Note: this document focuses on the use of MPLS over UDP/IP encapsulation throughout an entire DetNet IP network, making MPLS-based DetNet OAM techniques applicable. Using the described encapsulation only for a portion of a DetNet IP network that handles the PREOF functionality would complicate OAM.¶
There are no new DetNet related security considerations introduced by this solution.¶
This document makes no IANA requests.¶
Authors extend their appreciation to Stewart Bryant, Pascal Thubert, David Black, Shirley Yangfan and Greg Mirsky for their insightful comments and productive discussion that helped to improve the document.¶