Application of Ethernet Pseudowires to MPLS Transport Networks
draft-ietf-pwe3-mpls-transport-02

Status of this Memo

By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work in progress.”

The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt.

The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html.

This Internet-Draft will expire on August 10, 2008.

Abstract

A requirement has been identified by the operator community for the transparent carriage of the MPLS network of one party over the MPLS network of another party. This document describes an IETF-recommended method of satisfying this need using the existing RFC4448 PWE3 Ethernet pseudowire standard.

Requirements Language

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC2119 (Bradner, S., “Key words for use in RFCs to Indicate Requirement Levels,” March 1997.) [RFC2119].

Table of Contents

1.  Introduction
2.  PWE3 Configuration
3.  OAM
    3.1.  VCCV profile 1: BFD without IP/UDP Headers
    3.2.  VCCV profile 2: BFD with IP/UDP Headers
4.  MPLS Layer
    4.1.  External Configuration
    4.2.  Control Plane Configuration
5.  Congestion Considerations
6.  Security Considerations
7.  IANA Considerations
8.  Acknowledgements
9.  References
    9.1.  Normative References
    9.2.  Informative References
§  Authors' Addresses
§  Intellectual Property and Copyright Statements

1.  Introduction

The operator community has identified the need for the transparent carriage of the MPLS network of one party over the MPLS network of another party. This document describes one IETF-recommended mechanism to satisfy this requirement using the existing RFC4448 (Martini, L., Rosen, E., El-Aawar, N., and G. Heron, “Encapsulation Methods for Transport of Ethernet over MPLS Networks,” April 2006.) [RFC4448] PWE3 Ethernet pseudowire standard. The mechanism described here fulfills the requirements liaised to the IETF PWE3 working group by the ITU: -and.

The key purpose of this document is to demonstrate that there is an existing IETF-recommended mechanism that satisfies the requirements posed by the operator community. It is recognised that it is possible to design a more efficient method of satisfying the requirement, and the IETF anticipates that improved solutions will be proposed in the future.

The architecture required for this mechanism is illustrated in Figure 1 below.

  +----------------------------------------------------------------+
  |                                                                |
  |                  IP/MPLS PSN (PHP may be enabled)              |
  |                            (client)                            |
  |                                                                |
  |                  +---------------------------+                 |
  |                  |                           |                 |
  |                  |      MPLS PSN (No PHP)    |                 |
  |                  |         (server)          |                 |
  |                  |                           |                 |
  |     CE1          |PE1                     PE2|           CE2   |
  |   +-----+      +-----+                   +-----+      +-----+  |
  |   | | | |      | | | |                   | | | |      | | | |  |
  |   | | | +------+ | | |                   | | | +------+ | | |  |
  |   | | | | 802.3| | | |                   | | | | 802.3| | | |  |
  |   +-----+      +-----+                   +-----+      +-----+  |
  |     |   |        |  |                      | |        |   |    |
  |     |   |        +-- ---------------------- -+        |   |    |
  +----- --- -------- -- ---------------------- - -------- --- ----+
        |   |        |  |<--MPLS LSP (no PHP)->| |        |   |
        |   |        |  |       (server)       | |        |   |
        |   |        |                           |        |   |
        |   |        |<------------PW----------->|        |   |
        |   |        |          (server)         |        |   |
        |   |                                             |   |
        |   |<-------------802.3 (Ethernet)-------------->|   |
        |   |                   (client)                  |   |
        |                                                     |
        |<---------IP/MPLS LSP (PHP may be supported)-------->|
        |                       (client)                      |

Figure 1: Application Ethernet over MPLS PW to MPLS Transport Networks

An 802.3 (Ethernet) circuit is established between CE1 and CE2. This circuit may be used for the concurrent transport of MPLS packets as well as IPv4 and IPv6 packets. The MPLS packets may carry IPv4, IPV6, or Pseudowire payloads, and Penultimate-Hop-Popping (PHP) may be used. For clarity these paths are labeled as the client in Figure 1.

An Ethernet pseudowire (PW) is provisioned between PE1 and PE2 and used to carry the Ethernet from PE1 to PE2. The Ethernet PW is carried over an MPLS PSN, but this PSN MUST NOT be configured with PHP. For clarity this Ethernet PW and the MPLS PSN are labeled as the server in Figure 1. In the remainder of this draft call the server network a transport network.

2.  PWE3 Configuration

The PWE3 encapsulation used by this specification to satisfy the transport requirement is Ethernet RFC4448 (Martini, L., Rosen, E., El-Aawar, N., and G. Heron, “Encapsulation Methods for Transport of Ethernet over MPLS Networks,” April 2006.) [RFC4448]. This is used in "raw" mode.

The Control Word MUST be used. The Sequence number MUST be zero.

The use of the Pseudowire Setup and Maintenance Label Distribution Protocol RFC4447 (Martini, L., Rosen, E., El-Aawar, N., Smith, T., and G. Heron, “Pseudowire Setup and Maintenance Using the Label Distribution Protocol (LDP),” April 2006.) [RFC4447] is not required by the profile of the PWE3 Ethernet pseudowire functionality defined in this document.

The Pseudowire Label is statically provisioned.

3.  OAM

Within a connection, traffic units sent from the single source are constrained to stay within the connection under defect-free conditions. During misconnected defects, a connection can no longer be assumed to be constrained and traffic units (and by implication also OAM packets) can 'leak' uni-directionally outside a connection. Therefore during a misconnected state, it is not possible to rely on OAM which relies on a request/response mechanism ; and, for this reason such OAM should be treated with caution if used for diagnostic purposes.

Further, when implementing an ECMP function with MPLS, use of the label stack as the path selector such that the OAM and data are not in a co-path as any failure in the data path will note be reflected in the OAM path. Therefore, an OAM that is carried within the data-path below the PW label such as VCCV is NOT vulnerable to the above failure mode. For these reasons the OAM mechanism is RFC5085 (Nadeau, T. and C. Pignataro, “Pseudowire Virtual Circuit Connectivity Verification (VCCV): A Control Channel for Pseudowires,” December 2007.) [RFC5085], using Bidirectional Forwarding Detection (BDF) BFD (Katz, D. and D. Ward, “Bidirectional Forwarding Detection,” January 2010.) [I‑D.ietf‑bfd‑base] for connection verification (CV). The method of using BFD as a CV method in VCCV is described in [I-D.draft-ietf-pwe3-vccv-bfd] . One of the VCCV profiles described in Section 3.1 or Section 3.2 MUST be used. Once a VCCV is provisioned, and the operational status of the PW is UP, no other profile SHOULD be used until such time as the PW's operational status is set to DOWN.

3.1.  VCCV profile 1: BFD without IP/UDP Headers

When PE1 and PE1 are not IP capable or have not been configured with IP addresses, the following VCCV mechanism SHOULD be used.

The connection verification method used by VCCV is BFD with diagnostics as defined in [I-D.draft-ietf-pwe3-vccv-bfd].

RFC5085 (Nadeau, T. and C. Pignataro, “Pseudowire Virtual Circuit Connectivity Verification (VCCV): A Control Channel for Pseudowires,” December 2007.) [RFC5085] specifies that the first nibble is set to 0x1 to indicate a channel associated with a pseudowire RFC4385 (Bryant, S., Swallow, G., Martini, L., and D. McPherson, “Pseudowire Emulation Edge-to-Edge (PWE3) Control Word for Use over an MPLS PSN,” February 2006.) [RFC4385].

The Version and the Reserved fields are set to 0, and the Channel Type is set to [TBD] to indicate that the payload carried is BFD without IP/UDP headers, as is defined in [I-D.draft-ietf-pwe3-vccv-bfd].

3.2.  VCCV profile 2: BFD with IP/UDP Headers

When PE1 and PE1 are IP capable and have been configured with IP addresses, the following VCCV mechanism MAY be used.

The connection verification method used by VCCV is BFD with diagnostics as defined in [I-D.draft-ietf-pwe3-vccv-bfd].

RFC5085 (Nadeau, T. and C. Pignataro, “Pseudowire Virtual Circuit Connectivity Verification (VCCV): A Control Channel for Pseudowires,” December 2007.) [RFC5085]specifies that the first nibble is set to 0x1 to indicate a channel associated with a pseudowire RFC4385 (Bryant, S., Swallow, G., Martini, L., and D. McPherson, “Pseudowire Emulation Edge-to-Edge (PWE3) Control Word for Use over an MPLS PSN,” February 2006.) [RFC4385].

The Version and the Reserved fields are set to 0, and the Channel Type is set to 0x21 for IPv4 and 0x56 for IPv6 payloads RFC4446 (Martini, L., “IANA Allocations for Pseudowire Edge to Edge Emulation (PWE3),” April 2006.) [RFC4446].

4.  MPLS Layer

The architecture of MPLS enabled networks is described in RFC3031 (Rosen, E., Viswanathan, A., and R. Callon, “Multiprotocol Label Switching Architecture,” January 2001.) [RFC3031] PSN . This section describes a subset of the functionality of the MPLS enabled PSN. There are two cases that need to be considered:

1. The case where external configuration is used.
2. The case where a control plane is available.

Where the use of a control plane is desired this may be based on GMPLS[RFC3945] (Mannie, E., “Generalized Multi-Protocol Label Switching (GMPLS) Architecture,” October 2004.)

4.1.  External Configuration

The use of external provisioning is not precluded from being supported by the current MPLS specifications. It is however expicitly described in this specification to addess the requirements specified by the ITU https://datatracker.ietf.org/public/liaison_detail.cgi?detail_id=286 and https://datatracker.ietf.org/public/liaison_detail.cgi?detail_id=287 to address the needs in a transport environment.

The MPLS encapsulation is specified inRFC3032 (Rosen, E., Tappan, D., Fedorkow, G., Rekhter, Y., Farinacci, D., Li, T., and A. Conta, “MPLS Label Stack Encoding,” January 2001.) [RFC3032]. All MPLS labels used in the server layer (Figure 1) MUST be statically provisioned. Labels may be selected from either the per-platform or the per-interface label space.

All transport LSPs utilized by the PWs described in section 2 MUST support both unidirectional and bi-directional point-to-point connections.

The transport LSPs SHOULD support unidirectional point-to-multipoint connections.

The forward and backward directions of a bi-directional connection should follow a symmetrically routed (reciprocal) LSP in the server network.

Equal cost multi-path (ECMP) load balancing MUST NOT be configured on the transport LSPs utilized by the PWs described in sections 2.

The merging of label switched paths is prohibited and MUST NOT be configured for the transport LSPs utilized by the PWs described in section 2.

Penultimate hop popping by the transport LSRs MUST be disabled on transport LSPs.

Both E-LSP and L-LSP MUST be supported as defined in RFC3270 (Le Faucheur, F., Wu, L., Davie, B., Davari, S., Vaananen, P., Krishnan, R., Cheval, P., and J. Heinanen, “Multi-Protocol Label Switching (MPLS) Support of Differentiated Services,” May 2002.) [RFC3270].

For the MPLS EXP field RFC3270 (Le Faucheur, F., Wu, L., Davie, B., Davari, S., Vaananen, P., Krishnan, R., Cheval, P., and J. Heinanen, “Multi-Protocol Label Switching (MPLS) Support of Differentiated Services,” May 2002.) [RFC3270] only the pipe and short-pipe models are supported.

4.2.  Control Plane Configuration

In this section we describe the control plane configuration whenRFC3209 (Awduche, D., Berger, L., Gan, D., Li, T., Srinivasan, V., and G. Swallow, “RSVP-TE: Extensions to RSVP for LSP Tunnels,” December 2001.) [RFC3209] “RSVP-TE: Extensions to RSVP for LSP Tunnels” or the bi-directional support in GMPLS RFC3471 (Berger, L., “Generalized Multi-Protocol Label Switching (GMPLS) Signaling Functional Description,” January 2003.) [RFC3471] “Generalized Multi-Protocol Label Switching (GMPLS) Signaling Functional Description" andRFC3473 (Berger, L., “Generalized Multi-Protocol Label Switching (GMPLS) Signaling Resource ReserVation Protocol-Traffic Engineering (RSVP-TE) Extensions,” January 2003.) [RFC3473] “Generalized Multi-Protocol Label Switching (GMPLS) Signaling Resource ReserVation Protocol-Traffic Engineering (RSVP-TE) Extensions” are used to configure the transport MPLS PSN. When these protocols are used to provide the control plane the following are automatically provided:

1. There is no label merging unless it is deliberately enabled to support Fast Re-route (FRR) RFC3209 (Awduche, D., Berger, L., Gan, D., Li, T., Srinivasan, V., and G. Swallow, “RSVP-TE: Extensions to RSVP for LSP Tunnels,” December 2001.) [RFC3209].
2. A single path is provided end-to-end (there is no ECMP).
3. Label switched paths may be unidirectional or bidirectional as required.

Additionally the following configurations restrictions required to support external configuration MUST be applied:

• Penultimate hop popping by the LSRs MUST be disabled on LSPs providing PWE3 transport network functionality NOPHP (Ali, Z., “Non PHP Behavior and out-of-band mapping for RSVP-TE LSPs,” July 2007.) [I‑D.ali‑mpls‑rsvp‑te‑no‑php‑oob‑mapping].
• Both E-LSP and L-LSP MUST be supported as defined in RFC3270 (Le Faucheur, F., Wu, L., Davie, B., Davari, S., Vaananen, P., Krishnan, R., Cheval, P., and J. Heinanen, “Multi-Protocol Label Switching (MPLS) Support of Differentiated Services,” May 2002.) [RFC3270].
• The MPLS EXP field is supported according to RFC3270 for only when the pipe and short-pipe models are utilized.

5.  Congestion Considerations

This draft describes a method of using the existing RFC4448 (Martini, L., Rosen, E., El-Aawar, N., and G. Heron, “Encapsulation Methods for Transport of Ethernet over MPLS Networks,” April 2006.) [RFC4448] PWE3 Ethernet pseudowire to solve a particular network application. The congestion considerations associated with that pseudowire and all subsequent work on congestion considerations regarding Ethernet pseudowires is applicable to this draft.

6.  Security Considerations

This draft is a description of the use of existing IETF proposed standards to solve a network problem, and raises no new security issues.

The PWE3 security considerations are described in RFC3985 (Bryant, S. and P. Pate, “Pseudo Wire Emulation Edge-to-Edge (PWE3) Architecture,” March 2005.) [RFC3985]and the Ethernet pseudowire security consoderations RFC4448 (Martini, L., Rosen, E., El-Aawar, N., and G. Heron, “Encapsulation Methods for Transport of Ethernet over MPLS Networks,” April 2006.) [RFC4448]

The Ethernet pseudowire is transported on an MPLS PSN; therefore, the security of the pseudowire itself will only be as good as the security of the MPLS PSN. The server MPLS PSN can be secured by various methods, as described in RFC3031. (Rosen, E., Viswanathan, A., and R. Callon, “Multiprotocol Label Switching Architecture,” January 2001.) [RFC3031]

The use of static configuration exposes an MPLS PSN to a different set of security risks to those found in a PSN using dynamic routing. If a path is missconfigured in a staticly configued network the result can be a persistent black hole, or much worst, a persistent forwarding loop. On the otherhand most of the distributed components are less complex. This is however offset by the need to provide failover and redundancy in the management and configuration system and the communications paths between those central systems and the LSRs.

Security achieved by access control of MAC addresses , and the security of the client layers is out of the scope of this document.

7.  IANA Considerations

There are no IANA actions required by this draft.

8.  Acknowledgements

The authors wish to thank John Dake, Adrian Farrel, Andy Malis, Ben Niven-Jenkins, and Yaakov Stein for their review and proposed enhancements to the text.

9.  References

9.1. Normative References

9.2. Informative References

Authors' Addresses

Full Copyright Statement

Copyright © The IETF Trust (2008).

This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.

This document and the information contained herein are provided on an “AS IS” basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Intellectual Property

The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.

Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.

The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.