Carrying Binding Label/Segment Identifier in
PCE-based Networks.Ciena Corporationmsiva282@gmail.comCisco Systems, Inc.Pegasus ParcDe kleetlaan 6aDIEGEMBRABANT 1831BELGIUMcfilsfil@cisco.comJuniper Networksjefftant.ietf@gmail.comHuawei Technologiesstefano@previdi.netHuawei TechnologiesHuawei Campus, No. 156 Beiqing Rd.Beijing100095Chinac.l@huawei.com
Routing Area
PCE Working GroupIn order to provide greater scalability, network opacity, and service
independence, Segment Routing (SR) utilizes a Binding Segment Identifier
(BSID). It is possible to associate a BSID to an RSVP-TE signaled Traffic
Engineering Label Switching Path or an SR
Traffic Engineering path. The BSID can be used by an
upstream node for steering traffic into the appropriate TE path to
enforce SR policies. This document specifies the binding value as an MPLS label or Segment Identifier. It further specify an approach for reporting
binding label/SID by a Path Computation Client (PCC) to the Path Computation Element (PCE) to support
PCE-based Traffic Engineering policies.A Path Computation Element (PCE) can compute Traffic Engineering paths (TE paths) through a
network where those paths are subject to various constraints. Currently, TE paths are
either set up using the RSVP-TE signaling protocol or Segment Routing
(SR). We refer to such paths as RSVP-TE paths and SR-TE paths
respectively in this document.As per SR allows a headend node to steer a
packet flow along any path. The headend node is said to steer a flow
into an Segment Routing Policy (SR Policy). Further, as per , an SR Policy is a
framework that enables instantiation of an ordered list of segments on a
node for implementing a source routing policy with a specific intent for
traffic steering from that node.As described in , a Binding Segment Identifier
(BSID) is bound to a Segment Routed (SR) Policy, instantiation of which
may involve a list of SIDs. Any packets received with an active segment
equal to a BSID are steered onto the bound SR Policy. A BSID may be either
a local (SR Local Block (SRLB)) or a global (SR Global Block (SRGB))
SID. As per Section 6.4 of a BSID can also be
associated with any type of interfaces or tunnel to enable the use of a
non-SR interface or tunnel as a segment in a SID-list. In this document, binding label/SID is used to generalize the allocation of binding value for both SR and non-SR paths. describes the Path Computation Element
Protocol (PCEP) for communication between a Path Computation Client
(PCC) and a PCE or between a pair of PCEs as per . specifies extensions to PCEP
that allow a PCC to delegate its Label Switched Paths (LSPs) to a stateful PCE. A stateful PCE
can then update the state of LSPs delegated to it. specifies a mechanism allowing a PCE to dynamically
instantiate an LSP on a PCC by sending the path and characteristics. provides a mechanism for a network
controller (acting as a PCE) to instantiate SR-TE paths (candidate paths) for an SR
Policy onto a head-end node (acting as a PCC) using PCEP. For more
information on the SR Policy Architecture, see .
A binding label/SID has local significance to the ingress node of the
corresponding TE path. When a stateful PCE is deployed for setting up TE
paths, it may be desirable for PCC to report the binding label/SID to the
stateful PCE for the purpose of enforcing end-to-end TE/SR policy. A
sample Data Center (DC) use-case is illustrated in the . In the MPLS DC network, an SR LSP (without traffic engineering)
is established using a prefix SID advertised by BGP (see ). In the IP/MPLS WAN, an SR-TE LSP is set up using the
PCE. The list of SIDs of the SR-TE LSP is {A, B, C, D}. The gateway node
1 (which is the PCC) allocates a binding SID X and reports it to the
PCE. In order for the access node to steer the traffic over the SR-TE
LSP, the PCE passes the SID stack {Y, X} where Y is the prefix SID of
the gateway node-1 to the access node. In the absence of the binding SID
X, the PCE should pass the SID stack {Y, A, B, C, D} to the access node.
This example also illustrates the additional benefit of using the
binding SID to reduce the number of SIDs imposed on the access nodes
with a limited forwarding capacity.A PCC could report the binding label/SID allocated by it to the
stateful PCE via Path Computation State Report (PCRpt) message. It is
also possible for a stateful PCE to request a PCC to allocate a specific
binding label/SID by sending a Path Computation Update Request (PCUpd)
message. If the PCC can successfully allocate the specified binding
value, it reports the binding value to the PCE. Otherwise, the PCC sends
an error message to the PCE indicating the cause of the failure. A local
policy or configuration at the PCC SHOULD dictate if the binding
label/SID needs to be assigned.In this document, we introduce a new OPTIONAL TLV that a PCC can use
in order to report the binding label/SID associated with a TE LSP, or a
PCE to request a PCC to allocate a specific binding label/SID value.
This TLV is intended for TE LSPs established using RSVP-TE, SR, or any
other future method. Also, in the case of SR-TE LSPs, the TLV can carry
a binding label (for SR-TE path with MPLS data-plane) or a binding
IPv6 SID (e.g., IPv6 address for SR-TE paths with IPv6 data-plane).
Throughout this document, the term "binding value" means either an MPLS label or SID.Additionally, to support the PCE based central controller operation where the PCE would take responsibility for
managing some part of the MPLS label space for each of the routers that
it controls, the PCE could directly make the binding label/SID
allocation and inform the PCC. See for
details.The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP 14
when, and only when,
they appear in all capitals, as shown here.The following terminologies are used in this document: Binding Segment Identifier.Label Switched Path.Path Computation Client.Path Computation ElementPath Computation Element Protocol.Resource ReserVation Protocol-Traffic
Engineering.Segment Identifier.Segment Routing.Type, Length, and Value.The new optional TLV is called "TE-PATH-BINDING TLV" (whose format is
shown in the ) is defined to carry the binding label/SID
for a TE path. This TLV is associated with the LSP object specified in
. This TLV can also be carried in the PCEP-ERROR object in case of error. Multiple instance of TE-PATH-BINDING TLVs MAY be present in the LSP and PCEP-ERROR object. The type of this TLV is 55 (early allocated by IANA). The length is variable.TE-PATH-BINDING TLV is a generic TLV such that it is able to carry binding label/SID (i.e. MPLS label or SRv6 SID). It is formatted
according to the rules specified in . The value portion of the TLV comprise of:Binding Type (BT): A one-octet field identifies the type of binding
included in the TLV. This document specifies the following BT values:
BT = 0: The binding value is a 20-bit MPLS label value. The TLV is padded to 4-bytes alignment. The Length MUST be set to 7 and first 20 bits are used to encode the MPLS label value.BT = 1: The binding value is a 32-bit MPLS label stack entry as per with Label, TC , S, and TTL values encoded. Note that the
receiver MAY choose to override TC, S, and TTL values according to its
local policy. The Length MUST be set to 8.BT = 2: The binding value is an SRv6 SID with a format of a 16
octet IPv6 address, representing the binding SID for SRv6. The
Length MUST be set to 20.BT = 3: The binding value is a 24 octet field, defined in , that contains the SRv6 SID as well as
its Behavior and Structure. The Length MUST be set to 28. defines the IANA registry used to
maintain all these binding types as well as any future ones. Note that, multiple TE-PATH-BINDING TLVs with different Binding Types MAY be present for the same LSP.Flags: 1 octet of flags. Following flag is defined in the new
registry "TE-PATH-BINDING TLV Flag field" as described in :where: R (Removal - 1 bit): When set, the requesting PCEP peer requires
the removal of the binding value for the LSP. When unset,
the PCEP peer indicates that the binding value is added or retained for the LSP.
This flag is used in the PCRpt and PCUpd messages. It is ignored in
other PCEP messages.The unassigned flags MUST be set to 0 while sending and ignored on
receipt.Reserved: MUST be set to 0 while sending and ignored on receipt.Binding Value: A variable-length field, padded with trailing zeros to
a 4-octet boundary. For the BT as 0, the 20 bits represent the MPLS
label. For the BT as 1, the 32-bits represent the MPLS label stack entry as
per . For the BT as 2, the 128-bits represent
the SRv6 SID. For the BT as 3, the Binding Value also contains the SRv6 Endpoint
Behavior and SID Structure, defined in .This section specify the format of the Binding Value in the TE-PATH-BINDING TLV when the BT
is set to 3 for the SRv6 Binding SIDs , as shown in .The Binding Value consist of:SRv6 Binding SID: 16 octets. The 128-bits IPv6 address, representing the binding SID for SRv6.Reserved: 2 octets. It MUST be set to 0 on transmit and ignored on
receipt.Endpoint Behavior: 2 octets. The Endpoint Behavior code point for
this SRv6 SID as per the IANA subregistry called "SRv6 Endpoint Behaviors", created by . When the field is set with the
value 0, the endpoint behavior is considered unknown.The following fields are used to advertise the length of
each individual part of the SRv6 SID as defined in :LB Length: 1 octet. SRv6 SID Locator Block length in bits.LN Length: 1 octet. SRv6 SID Locator Node length in bits.Function Length: 1 octet. SRv6 SID Function length in bits.Argument Length: 1 octet. SRv6 SID Arguments length in bits.The binding value is allocated by the PCC and reported to a PCE via
PCRpt message. If a PCE does not recognize the TE-PATH-BINDING TLV, it
would ignore the TLV in accordance with . If a
PCE recognizes the TLV but does not support the TLV, it MUST send PCErr
with Error-Type = 2 (Capability not supported).Multiple TE-PATH-BINDING TLVs are allowed to be present in the same
LSP object. This signifies the presence of multiple binding SIDs for the
given LSP. In the case of multiple TE-PATH-BINDING TLVs, existing instances of TE-PATH-BINDING TLVs MAY be included in the LSP object. In case of an error condition, the whole message is rejected and the resulting PCErr message MAY include the offending TE-PATH-BINDING TLV in the PCEP-ERROR object.If a PCE
recognizes an invalid binding value (e.g., label value from the reserved
MPLS label space), it MUST send a PCErr
message with Error-Type = 10 ("Reception of an invalid object") and
Error Value = 2 ("Bad label value") as specified in .For SRv6 BSIDs, it is RECOMMENDED to always explicitly specify the
SRv6 Endpoint Behavior and SID Structure in the TE-PATH-BINDING TLV
by setting the BT (Binding Type) to 3. This enables the sender to have
control of the SRv6 Endpoint Behavior and SID Structure. A sender MAY
choose to set the BT to 2, in which case the receiving implementation
chooses how to interpret the SRv6 Endpoint Behavior and SID Structure
according to local policy.If a PCC wishes to withdraw a previously reported binding value,
it MUST send a PCRpt message with the specific TE-PATH-BINDING TLV with R flag set to 1. If a PCC wishes to modify
a previously reported binding, it MUST withdraw the old binding value (with R flag set in the old TE-PATH-BINDING TLV) and include a new
TE-PATH-BINDING TLV containing the new binding value. Note that, other instances of TE-PATH-BINDING TLVs that are unchanged MAY also be included.If a PCE requires a PCC to allocate a specific binding value(s), it may
do so by sending a PCUpd or PCInitiate message containing a
TE-PATH-BINDING TLV(s). If the value(s) can be successfully allocated, the PCC
reports the binding value(s) to the PCE. If the PCC considers the binding
value specified by the PCE invalid, it MUST send a PCErr message with
Error-Type = TBD2 ("Binding label/SID failure") and Error Value = TBD3
("Invalid SID"). If the binding value is valid, but the PCC is unable to
allocate the binding value, it MUST send a PCErr message with Error-Type
= TBD2 ("Binding label/SID failure") and Error Value = TBD4 ("Unable to allocate the specified binding value"). Note that in case of an error, the PCC rejects the PCUpd or PCInitiate message in its entirety and can carry the offending TE-PATH-BINDING TLV in the PCEP-ERROR object.If a PCE wishes to request withdrawal of a previously reported binding value, it MUST send a PCUpd message with the specific TE-PATH-BINDING TLV with R flag set to 1. If a PCE wishes to modify a previously requested binding value, it
MUST request withdrawal of the old binding value (with R flag set in the old TE-PATH-BINDING TLV) and include a new TE-PATH-BINDING TLV containing the new binding value. In some cases, a stateful PCE can request the PCC to allocate any
binding value. It instructs the PCC by sending a PCUpd message containing an
empty TE-PATH-BINDING TLV, i.e., no binding value is specified (making
the length field of the TLV as 4). A PCE can also request PCC to
allocate a binding value at the time of initiation by sending a
PCInitiate message with an empty TE-PATH-BINDING TLV. Only one such instance of empty TE-PATH-BINDING TLV SHOULD be included in the LSP object and others ignored on receipt. If the PCC is
unable to allocate a new binding value as per the specified BT, it MUST send a PCErr message with
Error-Type = TBD2 ("Binding label/SID failure") and Error-Value = TBD5
("Unable to allocate a new binding label/SID"). As previously noted, if a message contains an invalid TE-PATH-BINDING TLV that leads to an error condition, the whole message is rejected including any other valid instances of TE-PATH-BINDING TLVs, if any. The resulting error message MAY include the offending TE-PATH-BINDING TLV in the PCEP-ERROR object.If a PCC receives a TE-PATH-BINDING TLV in any message other than PCUpd
or PCInitiate, it MUST close the corresponding PCEP session with the
reason "Reception of a malformed PCEP message" (according to ). Similarly, if a PCE receives a TE-PATH-BINDING TLV
in any message other than a PCRpt or if the TE-PATH-BINDING TLV is
associated with any object other than an LSP or PCEP-ERROR object, the PCE MUST close the
corresponding PCEP session with the reason "Reception of a malformed
PCEP message" (according to ).If a TE-PATH-BINDING TLV is absent in the PCRpt message and no binding values were reported before, the PCE MUST
assume that the corresponding LSP does not have any binding. Similarly, if TE-PATH-BINDING TLV is absent in the PCUpd message and no binding values were reported before, the PCC's local policy dictates how the binding allocations are made for a given LSP.In PCEP messages, LSP route information is carried in the Explicit
Route Object (ERO), which consists of a sequence of subobjects. defines a new ERO subobject "SR-ERO subobject"
capable of carrying a SID as well as the identity of the node/adjacency
(NAI) represented by the SID. The NAI Type (NT) field indicates the type
and format of the NAI contained in the SR-ERO. In case of binding SID,
the NAI MUST NOT be included and NT MUST be set to zero. So as per
Section 5.2.1 of , for NT=0, the F bit is set to
1, the S bit needs to be zero and the Length is 8. Further, the M bit is
set. If these conditions are not met, the entire ERO MUST be considered
invalid and a PCErr message is sent by the PCC with Error-Type = 10 ("Reception of
an invalid object") and Error-Value = 11 ("Malformed object"). defines a new ERO subobject "SRv6-ERO
subobject" for an SRv6 SID. As stated in , in case of binding SID, the NAI is not included and NT is set
to zero i.e., NT=0, the F bit is set to 1, the S bit needs to be zero and the Length is 24 .
As per , if these conditions are not met, the entire ERO is considered invalid
and a PCErr message is sent by the PCC with Error-Type = 10 ("Reception of an
invalid object") and Error-Value = 11 ("Malformed object"). already includes the scenario where a PCE
requires a PCC to allocate a specified binding value by sending a PCUpd
or PCInitiate message containing a TE-PATH-BINDING TLV. This section
specifies an OPTIONAL feature for the PCE to allocate the binding label/SID on
its own accord in the case where the PCE also controls the label space
of the PCC and can make the label allocation on its own as described in
. Note that the act of requesting a specific
binding value () is different from the act of
allocating a binding label/SID as described in this section. introduces the architecture for PCE as a
central controller as an extension of the architecture described in
and assumes the continued use of PCEP as the
protocol used between PCE and PCC. specifies the
procedures and PCEP extensions for using the PCE as the central
controller.For an implementation that supports PCECC operations as per , the binding
label/SID MAY also be allocated by the PCE itself. Both peers need to
exchange the PCECC capability as described in before the PCE
can allocate the binding label/SID on its own.A new P flag in the LSP object is introduced
to indicate the allocation needs to be made by the PCE: P (PCE-allocated binding label/SID): If the bit is set to
1, it indicates that the PCC requests PCE to make allocations for
this LSP. The TE-PATH-BINDING TLV in the LSP object identifies that the allocation is for binding label/SID. A PCC would set this bit to 1 and include
a TE-PATH-BINDING TLV in the LSP object to request for allocation of
binding label/SID by the PCE in the PCEP message. A PCE would also
set this bit to 1 and include a TE-PATH-BINDING TLV to indicate that
the binding label/SID is allocated by PCE and encoded in the PCEP
message towards PCC. Further, a PCE would set this bit to 0 and
include a TE-PATH-BINDING TLV in the LSP object to indicate that the
binding label/SID should be allocated by the PCC as described in
.Note that - A PCE could allocate the binding label/SID on its own accord for
a PCE-initiated or delegated LSP, and inform the PCC in the
PCInitiate message or PCUpd message by setting P=1 and including
TE-PATH-BINDING TLV in the LSP object.To let the PCC allocates the binding label/SID, a PCE could set
P=0 and include an empty TE-PATH-BINDING TLV ( i.e., no binding value is
specified) in the LSP object in PCInitiate/PCUpd message.A PCC could request that the PCE allocate the binding label/SID
by setting P=1, D=1, and including an empty TE-PATH-BINDING TLV in PCRpt message.
The PCE would allocate it and respond to the PCC with PCUpd message
including the allocated binding label/SID in the TE-PATH-BINDING TLV
and P=1, D=1 in the LSP object.If both peers have not exchanged the PCECC capabilities as per
and
a PCEP peer receives P=1 in the LSP object, it needs to act as per : Send a PCErr message with Error-Type=19 (Invalid Operation)
and Error-Value=16 (Attempted PCECC operations when PCECC
capability was not advertised)Terminate the PCEP sessionIt is assumed that the label range to be used by a PCE is known and
set on both PCEP peers. The exact mechanism is out of scope of or this
document. Note that the specific BSID could be from the PCE-controlled
or the PCC-controlled label space. The PCE can directly allocate the label
from the PCE-controlled label space using P=1 as described above,
whereas the PCE can request for the allocation of a specific BSID from the
PCC-controlled label space with P=0 as described in .[Note to the RFC Editor - remove this section before publication, as
well as remove the reference to RFC 7942.]This section records the status of known implementations of the
protocol defined by this specification at the time of posting of this
Internet-Draft, and is based on a proposal described in . The description of implementations in this section
is intended to assist the IETF in its decision processes in progressing
drafts to RFCs. Please note that the listing of any individual
implementation here does not imply endorsement by the IETF. Furthermore,
no effort has been spent to verify the information presented here that
was supplied by IETF contributors. This is not intended as, and must not
be construed to be, a catalog of available implementations or their
features. Readers are advised to note that other implementations may
exist.According to , "this will allow reviewers and
working groups to assign due consideration to documents that have the
benefit of running code, which may serve as evidence of valuable
experimentation and feedback that have made the implemented protocols
more mature. It is up to the individual working groups to use this
information as they see fit".Organization: HuaweiImplementation: Huawei's Router and ControllerDescription: An experimental code-point is used and plan to
request early code-point allocation from IANA after WG
adoption.Maturity Level: ProductionCoverage: FullContact: chengli13@huawei.comOrganization: Cisco SystemsImplementation: Head-end and controller.Description: An experimental code-point is currently used.Maturity Level: ProductionCoverage: FullContact: mkoldych@cisco.comThe security considerations described in ,
, and are applicable to this specification. No additional
security measure is required.As described , SR allows a network controller
to instantiate and control paths in the network. A rogue PCE can
manipulate binding SID allocations to move traffic around for some other
LSP that uses BSID in its SR-ERO.Thus, as per , it is RECOMMENDED that these
PCEP extensions only be activated on authenticated and encrypted
sessions across PCEs and PCCs belonging to the same administrative
authority, using Transport Layer Security (TLS) , as per the recommendations and best current
practices in BCP195 (unless explicitly set
aside in ).All manageability requirements and considerations listed in , , and apply to PCEP protocol extensions defined in this
document. In addition, requirements and considerations listed in this
section apply.A PCC implementation SHOULD allow the operator to configure the
policy based on which PCC needs to allocates the binding
label/SID.The PCEP YANG module could
be extended to include policy configuration for binding label/SID
allocation.Mechanisms defined in this document do not imply any new liveness
detection and monitoring requirements in addition to those already
listed in .Mechanisms defined in this document do not imply any new operation
verification requirements in addition to those already listed in , , and .Mechanisms defined in this document do not imply any new
requirements on other protocols.Mechanisms defined in , , and also apply to PCEP
extensions defined in this document. Further, the mechanism described
in this document can help the operator to request control of the LSPs
at a particular PCE.IANA maintains the "Path Computation Element Protocol (PCEP) Numbers"
registry. This document requests IANA actions to allocate code points
for the protocol elements defined in this document.This document defines a new PCEP TLV; IANA is requested to confirm the
following early allocations from the "PCEP TLV Type Indicators" subregistry
of the PCEP Numbers registry, as follows:ValueDescriptionReference55TE-PATH-BINDINGThis documentIANA is requested to create a new subregistry "TE-PATH-BINDING
TLV BT field" to manage the value of the Binding Type field in the
TE-PATH-BINDING TLV. Initial values for the subregistry are given
below. New values are assigned by Standards Action .ValueDescriptionReference0MPLS LabelThis document1MPLS Label Stack EntryThis document2SRv6 SIDThis document3SRv6 SID with Behavior and StructureThis document4-255UnassignedThis documentIANA is requested to create a new subregistry "TE-PATH-BINDING
TLV Flag field" to manage the Flag field in the TE-PATH-BINDING TLV.
New values are to be assigned by Standards Action . Each bit should be tracked with the following
qualities:Bit number (count from 0 as the most significant bit)DescriptionReferenceBitDescriptionReference0R (Removal)This document1-7UnassignedThis documentIANA is requested to confirm the early allocation for a new code-point in the "LSP Object
Flag Field" sub-registry for the new P flag as follows:BitDescriptionReference0PCE-allocated binding label/SIDThis documentThis document defines a new Error-type and Error-Values for the
PCErr message. IANA is requested to allocate new error-type and
error-values within the "PCEP-ERROR Object Error Types and Values"
subregistry of the PCEP Numbers registry, as follows:Error-TypeMeaningError-valueReferenceTBD2Binding label/SID failureThis documentTBD3: Invalid SIDThis documentTBD4: Unable to allocate the specified binding valueThis documentTBD5: Unable to allocate a new binding label/SIDThis documentWe like to thank Milos Fabian, Mrinmoy Das, Andrew Stone, Tom Petch, Aijun Wang, Olivier Dugeon, and Adrian Farrel for their valuable comments.