nmrg G. Li Internet-Draft Huawei Intended status: Informational C. Zhou Expires: 28 April 2022 China Mobile 25 October 2021 Opportunities of Flexible Addressing and Protocols in Digital Twin Network draft-li-nmrg-dtn-addressing-protocols-00 Abstract To build digital twin networks based on the digital twin network architecture in [DTNConcept], modeling of digital twins and virtual- physical mapping are critical. There are many ways to construct network twins, and they have different ways to realize virtual- physical mapping and information exchange between twins. Constructing a twin of network element that has communication requirement and function like a physical entity is a kind of network modeling. In this scenario, when implementing virtual-physical mapping and information exchange between twins based on network layer communication, It faces problems such as large addressing space consumption and low addressing efficiency. This document describes an idea to using flexible addressing and protocol techniques in digital twin network architecture that can help reduce the complexity of digital twin network implementations and improve digital twin network efficiency and security. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 28 April 2022. Li & Zhou Expires 28 April 2022 [Page 1] Internet-Draft NSA October 2021 Copyright Notice Copyright (c) 2021 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Requirements Notation . . . . . . . . . . . . . . . . . . . . 3 3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 4 4. Flexible Addressing for DTN . . . . . . . . . . . . . . . . . 4 4.1. Communication between Physical Network Entities . . . . . 5 4.2. Communication between Digital Twins . . . . . . . . . . . 5 4.3. Communication between Physical Network Entities and Digital Twins . . . . . . . . . . . . . . . . . . . . . . . . . . 5 5. Flexible Protocols for DTN . . . . . . . . . . . . . . . . . 5 6. Security Considerations . . . . . . . . . . . . . . . . . . . 6 7. IANA Considerations {#SEC:iana}. . . . . . . . . . . . . . . 6 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 8.1. Normative References . . . . . . . . . . . . . . . . . . 6 8.2. Informative References . . . . . . . . . . . . . . . . . 7 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 7 1. Introduction With the development of digital transformation, the network scale becomes larger and larger, and the types of network and network services become more complex. To improve the efficiency of network planning, construction, maintenance, and optimization, the digital twin technology is introduced into the network field to implement intelligent and automated networks. In [DTNConcept], a digital twin network is defined as a virtual representation of the physical network. In almost all digital twin use cases, real-time connections between physical entities and digital twins are necessary. In order to implement the mapping between network physical entities and digital twins, various data collection technologies are proposed [DTNTechs], such as the mature and widely used SNMP (Simple network management protocol) and NETCONF, which can collect NetFlow and sFlow Li & Zhou Expires 28 April 2022 [Page 2] Internet-Draft NSA October 2021 of original code streams. Supports network telemetry in push mode on the data source side. Different data collection solutions have different characteristics and are applicable to different application scenarios. However, these data collection methods depend on the complex mapping models to act on the correct object, resulting in poor readability of the data. In order to be compatible with device interfaces and configuration models of different vendors, those modelings of mapping needs to define complex data acquisition protocols and perform data parsing and conversion at the application layer,which increases the information transmission delay of the digital twin network. Constructing a twin of network element that has communication requirement and function like a physical entity is another modeling of mapping. It provides requirements of implementing virtual- physical mapping and information exchange between twins based on network layer communication. This document proposes a flexible network addressing technique to solve the problem of mapping network physical entities to digital twins. The physical network domain and the twin network domain use the same address configuration, that is, any network entity and its corresponding digital twin use the same IP address. Different NIA (Network Index Addresses) are allocated to different domains. The NIA and IP address of network element together constitute a globally unique communication identifier. In addition, a programmable flexible network layer protocol is used to carry communication traffic between physical entities and digital twins. Communication between network elements and between physical network elements and their digital twins is distinguished by using different addresses, and fields with different security levels are applied to network packet headers. Therefore, the state synchronization efficiency and security of the digital twin network are improved. 2. Requirements Notation The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] and [RFC8174] when, and only when, they appear in all capitals, as shown here. Li & Zhou Expires 28 April 2022 [Page 3] Internet-Draft NSA October 2021 3. Overview Currently, IPv6 (Internet Protocol version 6) is being deployed more and more. As the network scale increases, the distribution of IPv6 addresses will become more fragmented. If a 1:1 real-time digital twin network needs to be implemented, it is the most natural way to create an independent mirror IPv6 space for the digital twin network domain. However, the digital twin network architecture requires real-time state synchronization between the physical network layer and the twin network layer, which requires that the network physical entity and the network digital twin have unique network communication identifiers. Different NIAs are allocated to the physical network domain and the twin network domain to implement unique identifiers. During running of a digital twin network, communication between physical network entities, between network twins, and between physical network entities and network twins has different functions. However, the format of IPv6 is relatively fixed, and it is difficult to reflect characteristics of communication traffic in the digital twin network. In addition, security requirements for these communications are different. IPv6-based security protocols cannot flexibly configure security for data flows. Therefore, a flexible and extensible Internet communication protocol will be able to solve the above problems. First, the communication subject needs to carry a trusted digital identity in the data packet header. The network can efficiently differentiate traffic and guarantee QoS based on the digital identity. In addition, composite attributes such as a digital identity, a verification identifier, and a communication policy identifier may be flexibly carried in a data packet header. In this way, the communication between the physical IPv6 domain and the mirrored IPv6 domain can be implemented through a unified network layer protocol. 4. Flexible Addressing for DTN The mapping between digital twins and underlying entities is one of the four key elements of digital twin networks. Conceptually, mapping needs to include one-to-one mapping and one-to-many mapping, but one-to-one mapping helps achieve clearer digital twins and facilitates real-time network state synchronization. When a digital twin network validates a new technology, there may also be multiple network digital twins corresponding to the same physical network. One-to-one mapping makes this easier. The use of IPv6 as a communication identifier in physical networks has become a common understanding, and this is a technical requirement for many legacy networks. However, for new digital twin networks, using the same IPv6 address space will incur additional Li & Zhou Expires 28 April 2022 [Page 4] Internet-Draft NSA October 2021 mapping storage overhead. It is also not particularly readable for network O&M personnel. In this case, providing a separate address space for each digital twin of the physical network so that the digital twin can use the same IPv6 address as its corresponding physical entity greatly simplifies network operation complexity. Considering that in the case of one-to-one mapping, a continuous data flow is required between the physical entity and the digital twin to synchronize state, a globally unique identifier needs to be allocated to both parties in a communication process. To address this issue, this document introduces the concept of Network Index Address (NIA). The NIA uniquely identifies a network address space. For example, an IPv6 address space identifier of a physical network is 0x86, and an IPv6 address space identifier of a digital twin network is 0x96, 0xa6. For the three communication models, the communication protocol uses different forms of network address to identify the source and destination. 4.1. Communication between Physical Network Entities Native IPv6 protocols and addresses can be used for communication. 4.2. Communication between Digital Twins You can use independent IPv6 addresses for internal communication. Digital twins are generally carried on physical computing platforms. Therefore, when cross-physical-platforms communication is involved, how traffic in the digital twin space transit through physical network space needs to be considered. 4.3. Communication between Physical Network Entities and Digital Twins Because the communication parties are located in different address spaces, a combined NIA and IPv6 address is used as the identifier of the communication subject. 5. Flexible Protocols for DTN In a digital twin network system, traffic will have multiple levels of significance. such as traditional physical network traffic, traffic between digital twins, and state synchronization traffic between physical entities and digital twins. These types of traffic have different requirements for reliability, security, and real-time communication. However, the devices carrying the traffic are highly overlapped. Therefore, a unified protocol is required for interconnection. As mentioned earlier, in these communication models, the form of source and destination addresses goes beyond IPv6 Li & Zhou Expires 28 April 2022 [Page 5] Internet-Draft NSA October 2021 addresses. At the same time, the diversified requirements for security, real-time performance and network policies also require better scalability and security of network protocols. Flexible network protocols can meet the preceding requirements to the maximum extent. First, in the digital twin network, it is required that all virtual and physical elements have globally trusted identities. The identity may be used to sign a network instruction and monitoring data, and may be further used to generate a key to encrypt a key network parameter or status information. On the basis of trusted identity, the along path verification mechanism can efficiently verify the validity of traffic, thereby achieving higher security. Adding a digital identifier to a packet header facilitates refined traffic engineering and management policies according to these identifiers, and facilitates fast implementation of complex digital twin network applications. Based on scalable and flexible protocols, deterministic network technologies can be customized in packets to achieve real-time network communication. 6. Security Considerations The independent address space and flexible protocol encapsulation allow you to customize different security levels for different traffic. In particular, the mechanism of trusted identity can effectively detect illegal traffic and block it as early as possible, which enhances the security of digital twin networks. However, new address modes and protocols may break traditional end-to-end security mechanisms. 7. IANA Considerations {#SEC:iana}. In this document, it needs to apply for new registry for the NIA and apply for NIA numbers for protocols such as IPv6. 8. References 8.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, . Li & Zhou Expires 28 April 2022 [Page 6] Internet-Draft NSA October 2021 8.2. Informative References [DTNConcept] "Digital Twin Network: Concepts and Reference Architecture", n.d., . [DTNTechs] Sun Tao, Zhou Cheng, Duan Xiao-Dong, Lu Lu, Chen Dan-Yang, Yang Hong-Wei, Zhu Yan-Hong, Liu Chao, Li Qin, Wang Xiao, Shen Zhen, Qu Feng-Zhong, Jiang Huai-Guang, Wang Fei-Yue, ., "Digital twin network (DTN): concepts, architecture, and key technologies", June 2021, . Authors' Addresses Guangpeng Li Huawei Technologies Beiqing Road, Haidian District Beijing 100095 China Email: liguangpeng@huawei.com Cheng Zhou China Mobile No. 53, Xibianmen Inner Street, Xicheng District Beijing 100053 China Email: zhouchengyjy@chinamobile.com Li & Zhou Expires 28 April 2022 [Page 7]