RFC 8821 | PCE in Native IP | April 2021 |
Wang, et al. | Informational | [Page] |
This document defines an architecture for providing traffic engineering in a native IP network using multiple BGP sessions and a Path Computation Element (PCE)-based central control mechanism. It defines the Centralized Control Dynamic Routing (CCDR) procedures and identifies needed extensions for the Path Computation Element Communication Protocol (PCEP).¶
This document is not an Internet Standards Track specification; it is published for informational purposes.¶
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Not all documents approved by the IESG are candidates for any level of Internet Standard; see Section 2 of RFC 7841.¶
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at https://www.rfc-editor.org/info/rfc8821.¶
Copyright (c) 2021 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.¶
[RFC8283], based on an extension of the PCE architecture described in [RFC4655], introduced a broader use applicability for a PCE as a central controller. PCEP continues to be used as the protocol between the PCE and the Path Computation Client (PCC). Building on that work, this document describes a solution of using a PCE for centralized control in a native IP network to provide end-to-end (E2E) performance assurance and QoS for traffic. The solution combines the use of distributed routing protocols and a centralized controller, referred to as Centralized Control Dynamic Routing (CCDR).¶
[RFC8735] describes the scenarios and simulation results for traffic engineering in a native IP network based on use of a CCDR architecture. Per [RFC8735], the architecture for traffic engineering in a native IP network should meet the following criteria:¶
Building on the above documents, this document defines an architecture meeting these requirements by using a strategy of multiple BGP sessions and a PCE as the centralized controller. The architecture depends on the central control element (PCE) to compute the optimal path and utilizes the dynamic routing behavior of IGP and BGP for forwarding the traffic.¶
This document uses the following terms defined in [RFC5440]:¶
Other terms are used in this document:¶
Figure 1 illustrates the CCDR architecture for traffic engineering in a simple topology. The topology is composed of four devices, which are SW1, SW2, R1, and R2. There are multiple physical links between R1 and R2. Traffic between prefix PF11 (on SW1) and prefix PF21 (on SW2) is normal traffic; traffic between prefix PF12 (on SW1) and prefix PF22 (on SW2) is priority traffic that should be treated accordingly.¶
In the intra-domain scenario, IGP and BGP combined with a PCE are deployed between R1 and R2. In the inter-domain scenario, only native BGP is deployed. The traffic between each address pair may change in real time and the corresponding source/destination addresses of the traffic may also change dynamically.¶
The key ideas of the CCDR architecture for this simple topology are the following:¶
After the above actions, the bidirectional traffic between the PF11 and PF21, and the bidirectional traffic between PF12 and PF22, will go through different physical links between R1 and R2.¶
If there is more traffic between PF12 and PF22 that needs assured transport, one can add more physical links between R1 and R2 to reach the next hop for BGP session 2. In this case, the prefixes that are advertised by the BGP peers need not be changed.¶
If, for example, there is bidirectional priority traffic from another address pair (for example, prefix PF13/PF23), and the total volume of priority traffic does not exceed the capacity of the previously provisioned physical links, one need only advertise the newly added source/destination prefixes via the BGP session 2. The bidirectional traffic between PF13/PF23 will go through the same assigned, dedicated physical links as the traffic between PF12/PF22.¶
Such a decoupling philosophy of the IGP/BGP traffic link and the physical link achieves a flexible control capability for the network traffic, satisfying the needed QoS assurance to meet the application's requirement. The router needs only to support native IP and multiple BGP sessions set up via different loopback addresses.¶
When the priority traffic spans a large-scale network, such as that illustrated in Figure 2, the multiple BGP sessions cannot be established hop by hop within one autonomous system. For such a scenario, we propose using a Route Reflector (RR) [RFC4456] to achieve a similar effect. Every edge router will establish two BGP sessions with the RR via different loopback addresses respectively. The other steps for traffic differentiation are the same as that described in the CCDR architecture for the simple topology.¶
As shown in Figure 2, if we select R3 as the RR, every edge router (R1 and R7 in this example) will build two BGP sessions with the RR. If the PCE selects the dedicated path as R1-R2-R4-R7, then the operator should set the explicit peer routes via PCEP on these routers respectively, pointing to the BGP next hop (loopback addresses of R1 and R7, which are used to send the prefix of the priority traffic) to the selected forwarding address.¶
Generally, different applications may require different QoS criteria, which may include:¶
These different traffic requirements are summarized in Table 1.¶
Prefix Set No. | Latency | Packet Loss | Jitter |
---|---|---|---|
1 | Low | Normal | Don't care |
2 | Normal | Low | Don't care |
3 | Normal | Normal | Low |
For Prefix Set No.1, we can select the shortest distance path to carry the traffic; for Prefix Set No.2, we can select the path that has E2E under-loaded links; for Prefix Set No.3, we can let traffic pass over a determined single path, as no ECMP distribution on the parallel links is desired.¶
It is almost impossible to provide an E2E path efficiently with latency, jitter, and packet loss constraints to meet the above requirements in a large-scale, IP-based network only using a distributed routing protocol, but these requirements can be met with the assistance of PCE, as described in [RFC4655] and [RFC8283]. The PCE will have the overall network view, ability to collect the real-time network topology, and the network performance information about the underlying network. The PCE can select the appropriate path to meet the various network performance requirements for different traffic.¶
The architecture to implement the CCDR multiple BGP sessions strategy is as follows:¶
The PCE will be responsible for the optimal path computation for the different priority classes of traffic:¶
PCEP needs to be extended to transfer the following critical parameters:¶
Once the router receives such information, it should establish the BGP session with the peer appointed in the PCEP message, build the E2E dedicated path hop by hop, and advertise the prefixes that are contained in the corresponding PCEP message.¶
The dedicated path is preferred by making sure that the explicit route created by PCE has the higher priority (lower route preference) than the route information created by other dynamic protocols.¶
All of the above dynamically created states (BGP sessions, explicit routes, and advertised prefixes) will be cleared on the expiration of the state timeout interval, which is based on the existing stateful PCE [RFC8231] and PCE as a Central Controller (PCECC) [RFC8283] mechanism.¶
Regarding the BGP session, it is not different from that configured manually or via Network Configuration Protocol (NETCONF) and YANG. Different BGP sessions are used mainly for the clarification of the network prefixes, which can be differentiated via the different BGP next hop. Based on this strategy, if we manipulate the path to the BGP next hop, then the path to the prefixes that were advertised with the BGP sessions will be changed accordingly. Details of communications between PCEP and BGP subsystems in the router's control plane are out of scope of this document.¶
In the CCDR architecture, only the edge routers that connect with the PCE are responsible for the prefix advertisement via the multiple BGP sessions deployment. The route information for these prefixes within the on-path routers is distributed via BGP.¶
For multiple domain deployment, the PCE, or the pool of PCEs responsible for these domains, needs only to control the edge router to build the multiple External BGP (EBGP) sessions; all other procedures are the same as within one domain.¶
The on-path router needs only to keep the specific policy routes for the BGP next hop of the differentiated prefixes, not the specific routes to the prefixes themselves. This lessens the burden of the table size of policy-based routes for the on-path routers; and has more expandability compared with BGP Flowspec or OpenFlow solutions. For example, if we want to differentiate 1,000 prefixes from the normal traffic, CCDR needs only one explicit peer route in every on-path router, whereas the BGP Flowspec or OpenFlow solutions need 1,000 policy routes on them.¶
The CCDR architecture is based on the use of native IP. If the PCE fails, the forwarding plane will not be impacted, as the BGP sessions between all the devices will not flap, and the forwarding table remains unchanged.¶
If one node on the optimal path fails, the priority traffic will fall over to the best-effort forwarding path. One can even design several paths to load balance or to create a hot standby of the priority traffic to meet a path failure situation.¶
For ensuring high availability of a PCE/SDN-controllers architecture, an operator should rely on existing high availability solutions for SDN controllers, such as clustering technology and deployment.¶
Not every router within the network needs to support the necessary PCEP extension. For such situations, routers on the edge of a domain can be upgraded first, and then the traffic can be prioritized between different domains. Within each domain, the traffic will be forwarded along the best-effort path. A service provider can selectively upgrade the routers on each domain in sequence.¶
A PCE needs to assure calculation of the E2E path based on the status of network and the service requirements in real-time.¶
The PCE needs to consider the explicit route deployment order (for example, from tail router to head router) to eliminate any possible transient traffic loop.¶
It is necessary to deploy the corresponding E2E path performance monitoring mechanism to assure that the delay, jitter, or packet loss index meets the original path performance aim. The performance monitoring results should provide feedback to the PCE in order for it to accomplish the re-optimization process and send the update control message to the related PCC if necessary. Traditional OAM methods (ping, trace) can be used.¶
The setup of BGP sessions, prefix advertisement, and explicit peer route establishment are all controlled by the PCE. See [RFC4271] and [RFC4272] for BGP security considerations. The Security Considerations found in Section 10 of [RFC5440] and Section 10 of [RFC8231] should be considered. To prevent a bogus PCE sending harmful messages to the network nodes, the network devices should authenticate the validity of the PCE and ensure a secure communication channel between them. Mechanisms described in [RFC8253] should be used.¶
The CCDR architecture does not require changes to the forwarding behavior of the underlay devices. There are no additional security impacts on these devices.¶
This document has no IANA actions.¶
The author would like to thank Deborah Brungard, Adrian Farrel, Vishnu Beeram, Lou Berger, Dhruv Dhody, Raghavendra Mallya, Mike Koldychev, Haomian Zheng, Penghui Mi, Shaofu Peng, Donald Eastlake, Alvaro Retana, Martin Duke, Magnus Westerlund, Benjamin Kaduk, Roman Danyliw, Éric Vyncke, Murray Kucherawy, Erik Kline, and Jessica Chen for their supports and comments on this document.¶