MPLS S. Bryant Internet-Draft Independent Intended status: Informational G. Swallow Expires: December 12, 2016 S. Sivabalan Cisco Systems G. Mirsky Ericsson M. Chen Z. Li Huawei June 10, 2016 Synonymous Flow Label Framework draft-bryant-mpls-sfl-framework-01 Abstract draft-ietf-mpls-flow-ident describes the requirement for introducing flow identities within the MPLS architecture. This document describes a method of accomplishing this by using a technique called Synonymous Flow Labels in which labels which mimic the behaviour of other labels provide the identification service. These identifiers can be used to trigger per-flow operations on the on the packet at the receiving label switching router. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on December 12, 2016. Copyright Notice Copyright (c) 2016 IETF Trust and the persons identified as the document authors. All rights reserved. Bryant, et al. Expires December 12, 2016 [Page 1] Internet-Draft SFL Framework June 2016 This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Synonymous Flow Labels . . . . . . . . . . . . . . . . . . . 2 3. User Service Traffic in the Data Plane . . . . . . . . . . . 4 3.1. Applications Label Present . . . . . . . . . . . . . . . 4 3.1.1. Setting TTL and the Traffic Class Bits . . . . . . . 4 3.2. Single Label Stack . . . . . . . . . . . . . . . . . . . 5 3.2.1. Setting TTL and the Traffic Class Bits . . . . . . . 6 3.3. Aggregation of SFL Actions . . . . . . . . . . . . . . . 6 4. Equal Cost Multipath Considerations . . . . . . . . . . . . . 7 5. Privacy Considerations . . . . . . . . . . . . . . . . . . . 8 6. Security Considerations . . . . . . . . . . . . . . . . . . . 8 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 8 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 9.1. Normative References . . . . . . . . . . . . . . . . . . 8 9.2. Informative References . . . . . . . . . . . . . . . . . 9 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 9 1. Introduction [I-D.ietf-mpls-flow-ident] describes the requirement for introducing flow identities within the MPLS architecture. This document describes a method of accomplishing this by using a technique called Synonymous Flow Labels (SFL) (see (Section 2)) in which labels which mimic the behaviour of other labels provide the identification service. These identifiers can be used to trigger per-flow operations on the packet at the receiving label switching router. 2. Synonymous Flow Labels An SFL is defined to be a label that causes exactly the same behaviour at the egress Label Switching Router (LSR) as the label it replaces, but in addition also causes an agreed action to take place on the packet. There are many possible additional actions such as Bryant, et al. Expires December 12, 2016 [Page 2] Internet-Draft SFL Framework June 2016 the measurement of the number of received packets in a flow, triggering IPFIX inspection, triggering other types of Deep Packet Inspection, or identification of the packet source. In, for example, a Performance Monitoring (PM) application, the agreed action could be the recording of the receipt of the packet by incrementing a packet counter. This is a natural action in many MPLS implementations, and where supported this permits the implementation of high quality packet loss measurement without any change to the packet forwarding system. Consider an MPLS application such as a pseudowire (PW), and consider that it is desired to use the approach specified in this document to make a packet loss measurement. By some method outside the scope of this text, two labels, synonymous with the PW labels are obtained from the egress terminating provider edge (T-PE). By alternating between these SFLs and using them in place of the PW label, the PW packets may be batched for counting without any impact on the PW forwarding behaviour (note that strictly only one SFL is needed in this application, but that is an optimization that is a matter for the implementor). Now consider an MPLS application that is multi-point to point such as a VPN. Here it is necessary to identify a packet batch from a specific source. This is achieved by making the SFLs source specific, so that batches from one source are marked differently from batches from another source. The sources all operate independently and asynchronously from each other, independently co-ordinating with the destination. Each ingress is thus able to establish its own SFL to identify the sub-flow and thus enable PM per flow. Finally we need to consider the case where there is no MPLS application label such as occurs when sending IP over an LSP. In this case introducing an SFL that was synonymous with the LSP label would introduce network wide forwarding state. This would not be acceptable for scaling reasons. We therefore have no choice but to introduce an additional label. Where penultimate hop popping (PHP) is in use, the semantics of this additional label can be similar to the LSP label. Where PHP is not in use, the semantics are similar to an MPLS explicit NULL. In both of these cases the label has the additional semantics of the SFL. Note that to achieve the goals set out in Section 1 SFLs need to be allocated from the platform label table. Bryant, et al. Expires December 12, 2016 [Page 3] Internet-Draft SFL Framework June 2016 3. User Service Traffic in the Data Plane As noted in Section 2 it is necessary to consider two cases: 1. Applications label present 2. Single label stack 3.1. Applications Label Present Figure 1 shows the case in which both an LSP label and an application label are present in the MPLS label stack. Traffic with no SFL function present runs over the "normal" stack, and SFL enabled flows run over the SFL stack with the SFL used to indicate the packet batch. +-----------------+ +-----------------+ | | | | | LSP | | LSP | . Bryant, et al. Expires December 12, 2016 [Page 8] Internet-Draft SFL Framework June 2016 9.2. Informative References [I-D.ietf-mpls-flow-ident] Bryant, S., Pignataro, C., Chen, M., Li, Z., and G. Mirsky, "MPLS Flow Identification Considerations", draft- ietf-mpls-flow-ident-00 (work in progress), December 2015. [RFC6790] Kompella, K., Drake, J., Amante, S., Henderickx, W., and L. Yong, "The Use of Entropy Labels in MPLS Forwarding", RFC 6790, DOI 10.17487/RFC6790, November 2012, . [RFC7258] Farrell, S. and H. Tschofenig, "Pervasive Monitoring Is an Attack", BCP 188, RFC 7258, DOI 10.17487/RFC7258, May 2014, . Authors' Addresses Stewart Bryant Independent Email: stewart.bryant@gmail.com George Swallow Cisco Systems Email: swallow@cisco.com Siva Sivabalan Cisco Systems Email: msiva@cisco.com Greg Mirsky Ericsson Email: gregory.mirsky@ericsson.com Mach(Guoyi) Chen Huawei Email: mach.chen@huawei.com Bryant, et al. Expires December 12, 2016 [Page 9] Internet-Draft SFL Framework June 2016 Zhenbin(Robin) Li Huawei Email: lizhenbin@huawei.com Bryant, et al. Expires December 12, 2016 [Page 10]