| none | L. Qiang, Ed. |
| Internet-Draft | Huawei |
| Intended status: Informational | P. Martinez-Julia |
| Expires: January 4, 2018 | NICT |
| L. Geng | |
| China Mobile | |
| J. Dong | |
| K. Makhijani | |
| Huawei | |
| A. Galis | |
| University College London | |
| S. Hares | |
| Hickory Hill Consulting | |
| S. Kuklinski | |
| Orange | |
| July 3, 2017 |
Gap Analysis for Transport Network Slicing
draft-qiang-netslices-gap-analysis-01
This document presents network slicing differentiation from the non-partition network or from simply partition of connectivity resources. It lists 7 standardization gaps related to 4 key requirements for network slicing in transport network. It also presents an analysis of existing related work and other potential solutions on network slicing.
This gap analysis document aims to provide a basis for future works in transport network slicing.
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 4, 2018.
Copyright (c) 2017 IETF Trust and the persons identified as the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
Network slicing is an approach to enable flexible isolation of network resources and functions for dedicated services, providing a certain level of customization and quality guarantee. It establishes customized dedicated network upon a common infrastructure for vertical industries with flexible design of functions, different performance requirements, system isolation and OAM tools.
Several SDOs have investigated network slicing. To list a few: NGMN initiated a study of network slicing in the context of 5G from the mobile network point of view [NGMN-2016]. Around the same time ITU-T IMT 2020 and ITU-T SG13 studied network softwarization that also included network slicing concept. ITU-T has issued a number of recommendations, such as: Gap Analysis [IMT2020-2015], Network Softwarization [IMT2020-2016], Terms & Definitions [IMT2020-2016bis]. Open Network Foundation (ONF) has developed a recommendation on applying SDN architecture to Network Slicing [ONF-2016]. Finally, 3GPP standards development for 5G includes network slicing in radio access and core networks. 3GPP issued TS 23.501 [TS23-501] about the system architecture for 5G in 2017. BBF started the project SD-406 focusing on the end-to-end architecture enhancement and requirements gathering for transport networks. Although these SDOs have done a lot of work, potential requirements especially in the transport network and end-to-end enabling need to be investigated in order to elicit and identify the technical gaps in IETF for transport network slicing.
In order to establish a network slice that meets various customer's demands, an infrastructure owner needs to understand how these demands map with the available network resources and accessible capabilities. This also requires end-to-end coverage and inter-domain coordination. Meanwhile, the slice provider provides customized OAM to the tenants under provisioning. Slicing OAM approach is a fundamental capability to guarantee stable, effective and reliable services for the vertical industries. It is also expected to be capable of operations with customized granularity levels that provides robust management flexibilities.
This document presents the identified key requirements and investigates potential technical gaps accordingly. To assist understanding of this document, Section 2 outlines the terminology. Section 3 introduces overall requirements of network slicing. Sections 4~7 illustrates resource specification, end-to-end consideration, performance guarantee and OAM concerns respectively. Section 8 summarizes the identified gaps.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.
All of the network slicing related words used in this document are to interpreted as described in [NS-Framework]
This section introduces 4 key requirements of network slicing derived from [NS-UseCase] as shown in Table 1. These 4 requirements are organized according to a general network slice working process as shown in Figure 1:
+----------------------------------------------------------+
| network slice management and orchestration <-----+
+----------------------^-------^---------------------------+ |
| | resource/functions
| OAM | specification
| | |
+------------------------v-------+------------------------------+ |
| abstracted network slice instance 1 | |
+--------------------------------+------------------------------+ |
| |
+--------------------------------v------------------------------+ |
| abstracted network slice instance 2 | |
+---------------------------------------------------------------+ |
|
|
+---------+ +---------+ +---------+ |
|NS-Domain| cross-domain |NS-Domain| cross-domain |NS-Domain<-----+
| Manager <--------------> Manager <--------------> Manager |
+---------+ coordination +---------+ coordination +---------+
+---------+ +---------+ +---------+
| | | | | |
+-+---------+--------------+---------+--------------+---------+-+
| network slice instance 1 <---+
+-+---------+--------------+---------+--------------+---------+-+ |
| Domain 1| | Domain 2| | Domain 3| isolation
+-+---------+--------------+---------+--------------+---------+-+ |
| network slice instance 2 <---+
+-+---------+--------------+---------+--------------+---------+-+
| | | | | |
+---------+ +---------+ +---------+
Figure 1: Illustration of Key Requirements
+-----------------------------------------+------------------------------+ | Requirements Illustrated in NS UseCase | Extracted KEY Requirements | +-----------------------------------------+------------------------------+ |1) Resource Reservation | | |2) Abstraction | Req 1. Network Slicing | |3) Multi-Access Knowledge | | |4) Multi-Dimensional Service Vertical | Specification | |5) Agile Resource Adjustment | | +-----------------------------------------+------------------------------+ |6) Multi-Domain Coordination | Req 2. Network Slicing | | | Cross-Domain | |7) Resource Assurance | Coordination | +-----------------------------------------+------------------------------+ | | Req 3. Network Slicing | |8) Performance/Operation Isolation | Performance Guarantee | | | and Isolation | +-----------------------------------------+------------------------------+ |9) Independent Slice Management Plane | Req 4. Network Slicing OAM | | Reliability | | +-----------------------------------------+------------------------------+
Network Slicing Specification (NSS) is meant to describe the network slicing resources and capture requirements from tenants or peer networks to characterize the service expected to be delivered by a network. These requirements include (non-exhaustive): reachability scope (e.g., limited scope, Internet-wide), direction, bandwidth requirements, performance metrics (e.g., one-way delay [RFC2679], loss [RFC2680], or one-way delay variation [RFC3393]), protection and high-availability guidelines (e.g., uRLLC service restoration in less than 50 ms, 100 ms, or 1 second), traffic isolation constraints, and flow identification. NSS is used by a network provider to decide whether existing network slice instances can be reused or (some of them) even combined, or if another network slice instance is needed for a given service.
Technology-specific actions are then derived from the technology-agnostic requirements depicted in an NSS. Such actions include configuration tasks and operational procedures. A standard definition of NSS is needed to facilitate the dynamic/ automated negotiation procedure of NSS parameters, but also to homogenize the processing of service requirements.
To explain by an example, a network slice may cross multiple domains:
The network slice is a combination of the above technologies. It creates a compelling need for a common resource specification interface across these domains.
As rightfully discussed in [I-D.wu-opsawg-service-model-explained], the IETF has already published several YANG data models that are used to model monolithic functions as well as very few services (e.g., L2SM, L3SM, EVPN). These models may be used in the context of network slicing if corresponding technologies are required for a given network slice, but none of them can be used to model an NSRD.
[RFC7297] describes the Connectivity Provisioning Profile (CPP) and proposes a CPP template to capture connectivity requirements to be met within a service delivery context. Such a generic CPP template is meant to
[RFC7297] may be considered as a candidate specification for NSRD. Releasing a RFC7297-bis to take into account specific requirements from network slicing is needed. Since [RFC7297] may not be implemented by all providers, the [SLA-Exchange] may be adopted to implement indirect SLA negotiation and SLA events report. [SLA-Exchange] provides an in-band method to exchange the SLA parameters, and then by the receiving devices to translate SLA in technical specific provisioning languages. However, there still does not exist any standard protocol to translate SLA agreements into technical clauses and configurations.
The NSS requirement for reachability, direction, bandwidth requirements, performance metrics, traffic isolation constraints, and flow identification can be built utilizing protocol which can perform operations (read, write, notification, actions (aka rpcs)) on a yang service layer that supports these traffic engineer and resource definition at the service layers. The network slicing service data model can extend existing work in the TEAS and I2RS working group for protocol-independent topology models. These models support configuration or the dynamic datastores defined in [NMDA] which will be abbreviated as NMDA in this section. This section provides the detail on how the NSS can be built from these models and the RESTCONF protocol.
The basic topology model is defined in [I2RS-Yang] to include a service layer. This topology model is protocol independent and can be utilized as a configuration data model or a dynamic datastores model. The configuration data model must abide by the configuration persistence and referential requirements. The dynamic datastores do not need to abide by the same requirements as the configuration datastore. I2RS is defining a dynamic datastores reference model for a data store which ephemeral. The network slices may want to use configuration, ephemeral datastores, or define a third type of dynamic datastores. The I2RS WG provides a place to collaborate this work on the dynamic datastores.
The TEAS topology model [TE-Yang] provides a general description of a Traffic engineering model that provides:
Options that need to be consider are:
The network slicing cross-domain coordination (NS-CDC) requirement includes the following aspects:
From terminal to server, an end-to-end network slice will involve different infrastructure domains (e.g., RAN, TN and CN). An infrastructure domain may be further divided into multiple domains due to geographic isolation, administrative isolation and other reasons. There are two ways to enable an end-to-end network slice: based on a common platform or based on cross-domain coordination.
If all of the involved domains belong to the same operator or the same operator union, the common platform solution may be work. In this case, all of the domain controllers only need to communicate with the common platform, and follow the coordination management of this common platform. Whilst the most common case is that the domains belong to different owners/operators/administrators, making it difficult to realize such a common platform. Consequently, the cross-domain coordination will be essential throughout the whole lifecycle of an end-to-end network slice.
There are some related works studies the inter-operation/coordination between different entities. Coordination of different components of a slice requires automation. It can be achieved either by
1. Coordination protocols such as ANIMA, CPNP
2. Or through abstraction and corresponding interfaces as in ACTN.
This subsection will briefly review these related work to provide a basis for the gap analysis.
Autonomic Networking Integrated Model and Approach (ANIMA) WG provides a series of tools for distributed and automatic management, which includes: Generic Autonomic Signaling Protocol (GRASP), Autonomic Networking Infrastructure (ANI), etc.
GRASP [ANIMA-GRASP] is a protocol for the negotiation between ASAs (Autonomic Service Agent). In GRASP, ASAs could be considered as "APPs" installed on a device. Different ASAs fulfill different management tasks such as parameter configuration, service delivery, etc. Based on GRASP, the same purpose ASAs that installed on different devices are able to inter-operate and negotiate with each other. Network slicing could make use of GRASP for the coordination among devices in the underlying infrastructure layer, as well as the negotiation among different domain managers. However, the security issue incurred by cross-domain usage should be fixed in GRASP.
ANI [ANI] is a technical packet consisting of BootStrap (for authentication, domain certification distribution, etc.), ACP (a separate control plane), and GRASP (for control message coordination). ANI could be used to construct the management tunnel among devices in underlying infrastructure layer within a single domain. While the network slicing and cross-domain oriented extensions are necessary.
[I-D.boucadair-connectivity-provisioning-protocol] defines the Connectivity Provisioning Negotiation Protocol (CPNP) that is meant to dynamically exchange and negotiate connectivity provisioning parameters, and other service-specific parameters, between a Customer and a Provider. CPNP is a tool that introduces automation in service negotiation and activation procedures, thus fostering the overall service provisioning process.
CPNP runs between a Customer and a Provider carrying service orders from the Customer and respective responses from the Provider to the end of reaching a connectivity service provisioning agreement. As the services offered by the Provider are well-described, by means of the CPP template, the negotiation process is essentially a value- settlement process, where an agreement is pursued on the values of the commonly understood information items (service parameters) included in the service description template.
The protocol is transparent to the content that it carries and to the negotiation logic, at Customer and Provider sides, that manipulates the content.
The protocol aims at facilitating the execution of the negotiation logic by providing the required generic communication primitives.
CPNP can be used in the context of network slicing to request for network resources together with a set of requirements that need to be satisfied by the Provider. Such requirements are not restricted to basic IP forwarding capabilities, but may also include a characterization of a set of service functions that may be invoked.
ACTN [TEAS-ACTN] is an information model proposed by TEAS WG, which enables the multi-domain coordination in Traffic Engineering (TE) network. In order to enable network slicing in transport networks, portion of transport domain will need to be engineered. In particular, building a TE entity and stitching service for this entity is within the scope of ACTN. As an end-to-end network slicing solution, ACTN is able to provide cross-domain coordination. In ACTN, each physical transport network domain is under the control of a Physical Network Controller (PNC) as shown in Figure 2. A Multi-Domain Service Coordinator (MDSC) controls multiple PNCs. Although the MDSCs may form a hierarchical structure, a hierarchical MDSC can still be regarded as a logical common platform. As Section 5.1 discussed, such a common platform solution has a strict presumption that all domains are assumed to follow a common coordination management.
While ACTN does carry out network slicing-related work, some proposed concepts are similar the concepts of today's network slicing: in particular, the virtual network (VN) is similar to a slice instance. ACTN enables VN based on LSP technique, different LSP tunnels correspond to different VNs. However, ACTN focuses on resource abstraction and management on Layer 2 and Layer 1. For transport network slicing, resources abstraction and management on Layer 3+ (e.g., IP routing table, etc.) may also be necessary but have not been addressed by ACTN.
+-------+ +-------+ +-------+
| CNC-A | | CNC-B | | CNC-C |
+---+---+ +---+---+ +---+---+
| | |
+-------\ |CMI /------+
\ | /
+---------+----------+
| (Hierarchical)MDSC |
+---------+----------+
/ | \
+-------+ |MPI +---------+
| | |
+---+---+ +-------+ +----+--+
| PNC | | PNC | | PNC |
+-------+ +-------+ +-------+
Figure 2: A Three-tier ACTN Control Hierarchy
5G Exchange (5GEx) [FGEx] is a 5G-PPP project which aims to enable cross-domain orchestration of services over multiple administrations or over multi-domain single administration networks. The main infrastructure considered in 5GEx is the NFV/SDN compatible software defined infrastructure, which limits the scope of network slicing to SDN based architecture.
Network slicing is expected to enable the deployment of various services with diverse requirements, independently on a common physical network. Each network slice is characterized by particular service requirements, which usually are expressed using in the form of several key performance indicators (KPIs) such as bandwidth, latency, jitter, packet loss, etc., and different degrees of isolation. Isolation requirements include performance isolation, which means performance guarantee are maintained regardless of activity in other slices, as well as secure isolation (e.g., including privacy), and management (or OAM) isolation. Additionally, performance isolation in network slicing has to maintain while scaling up or down computing capabilities of a slice (i.e., for elastic scaling). Moreover, since IoT is also a use case for NS, and since some IoT applications are sensitive to data plane or bits on wire overheads, data path encapsulation in the form of labels, VLANs, VxLANs should be optional, or minimized for those cases.
As we will discuss in the detailed sections below, each of these technologies can address some but not all performance and isolation requirements:
Section 5, to form a single abstracted network slice.
A Network Slicing solution, to support performance guarantee and isolation requirements, will therefore need to merge in some way characteristics from these two families of technologies, through the combination of (possibly enhanced) existing technologies and/or specifically developed ones. We can also consider the possibility that multiple such technology stacks may be deployed in different domains, and rely on cross-domain coordination, as described in
VPN technologies such as L3VPN [RFC4364], L2VPN [RFC4664], EVPN [RFC7432], etc. have been widely deployed to provide different virtual networks on common service provider networks. Although VPNs can provide logically separated routing/bridging domains between different VPN customers, essentially it is an overlay network technology with little control of the network resources, so it is challenging for VPN to meet the performance and isolation requirement of some emerging application scenarios such as industrial verticals. VPNs essentially are private networks of enterprises by connecting remote sites. The following two issues illustrate limitations of VPNs for network slicing:
[NVO3-WG] defines several network encapsulations which support the network virtualization and multi-tenancy in the data center networks. Similar to the VPN technologies of service provider networks, NVO3 is also an overlay network technology, which relies on the performance characteristics provided by the IP-based underlay networks. Thus NVO3 may not meet by itself the performance and isolation requirements of network slicing.
RSVP-TE [RFC3209] is the signaling protocol to establish end-to-end traffic-engineered Label Switched Paths (LSPs). It can reserve the required link bandwidth along an end-to-end path for specific network flows, which is suitable for services with particular requirement on traffic bandwidth. RSVP-TE LSPs can be used as the underlay tunnels of the VPN service connections. However, the requirement of some emerging services is not only about traffic bandwidth, but also has quite strict requirement on latency, jitter, etc. Such requirements can hardly be met with existing RSVP-TE.
[I-D.ietf-spring-segment-routing] provides the ability to specify a traffic-engineered path by the source node of data packets. It can provide traffic-engineering features comparable to RSVP-TE with better scalability, by eliminating the per-path state in the transit network nodes. It is therefore a candidate method of creating an NSI, mapping a packet into an NSI and specifying the passage of the packet through the resources dedicated to the NSI. Further study will be required to determine if/how SR as designed today can be used as a core technology for building an NSI. With respect to performance guarantee and isolation, some further investigation may be needed to understand whether SR can provide the same or better performance characteristics as RSVP-TE. In addition, it is not clear whether SR-based LSPs can provide the guaranteed latency and jitter performance required by network slicing.
[DETNET-WG] is working on the deterministic data paths over layer 2 and layer 3 network segments. Such deterministic paths can provide identified flows with extremely low packet loss rates, low packet delay variation (jitter) and assured maximum end-to-end delivery latency. This is accomplished by dedicating network resources such as link bandwidth and buffer space to DetNet flows and/or classes of DetNet flows. DetNet also aims to provide high reliability by replicating packets along multiple paths. It is a characteristic of DetNet that it is concerned solely with worst-case values for the end-to-end latency.
The primary target of DetNet is real-time systems and as such average, mean, or typical latency values are not protected, because they do not affect the ability of a real-time system to perform their tasks. This contrasts with a normal priority-based queuing scheme which will give better average latency to a data flow than DetNet, but, on the other side, the worst-case latency can be essentially unbounded. As such DetNet seems to be a useful technique that may be applied to either a complete NSI, or to part of the traffic within an NSI to address the emerging low latency requirement for real time application.
DetNet can therefore address some of the requirements of NS. It was however not designed with network slicing in mind, which means a mapping between an NSI and a DetNet service may need to be defined.
[FLEXE-1.0] was initially defined by Optical Internetworking Forum (OIF) as an interface technology which allows the complete decoupling of the Media Access Control layer (MAC) data rates and the standard-based Ethernet Physical layer (PHY) rates. The channelization capability of FlexE can be used to partition a FlexE interface into several independent sub-interfaces, which can be considered as a useful component for the slicing of network interfaces. Currently there is ongoing work in IETF to define the control plane framework for FlexE [FlexE-FWK], which aims to identify the routing and signaling extensions needed for establishing FlexE-based end-to-end LSPs in IP/MPLS networks.
In accordance with [RFC6291], OAM is used to denote the following:
[RFC6291], network slicing provisioning operations are not considered as part of OAM. Provisioning operations are discussed in other sections.
As per
Maintaining automatically-provisioned slices within a network raises the following requirements:
The reader may refer to [RFC7276] for an overview about available OAM tools. These technology-specific tools can be reused in the context of network slicing. Providers that deploy network slicing capabilities should be able to select whatever OAM technology-specific feature that would be address their needs. No gap that would legitimate specific requirements has been identified so far.
[I-D.ooamdt-rtgwg-ooam-header] specifies a generic OAM header that can be used if overlay technologies are enabled. Obviously, this effort can be reused in the context of network slicing when overlay techniques are in use. Nevertheless, For slice designs that do not assume an overlay technology, OAM packets must be able to fly over the appropriate slice and for a given service/customer. This is possible by reusing some existing tools if and only if no specific fields are required (e.g., carry a slice identifier as Req. 5 stated).
SFC WG [SFCWG] is chartered to describe data plane service encapsulation, control and manageability aspects of service functions. Extensions that will be specified by the SFC WG will be reused in the context of network slicing. Nevertheless, The current charter of the WG does not imply work on the automated discovery of SF instances and their capabilities, nor the automatic discovery of control elements. An additional specification effort is therefore required in this area.
A network slice data plane, may or may not follow traditional data plane tagging/labeling. However, each network element (router/switch) still has to classify an incoming packet and associated with the slice instance for proper treatment. Network slice instance identification is essential for network element to make local decisions on forwarding policies, QoS mechanism and etc. The performance requirements of a network slice instance can therefore been met by making the correct decision. Meanwhile, it is also important for OAM so that configuration and provisioning can be delicately performed to particular network slice instances by their identifications.
For flow identification, many existing technologies provide mature solutions. These approaches might be able to be re-used in network slicing by adding an additional layer of mapping to a network slice instance ID. The network slice instance ID further maps to a group of performance requirements and OAM profiles, based on which the network elements within the slice can make local decisions. However, per flow level identification could have adverse impact on the scale of the forwarding entries in the routers.
With traditional IP/MPLS VPNs, the set of Route Targets configured for the VPN can be used as some sort of identifier of the VPN in the control plane, and in the data plane, the VPN service labels can be used to identify the data packets belonging to a particular VPN. NVO3 uses the Virtual Network Identifiers (VNIs) in the header of data packets to identify different overlay network tenants. However, It is not clear if the existing identifiers can meet the requirements of network slicing in terms of making local decisions on forwarding policy, QoS and OAM mechanisms, etc.
The following table is a summary of the identified gaps based on previous analysis in this document.
+--------------------------------+---------------------------------------+ | Requirements | Gaps | +--------------------------------+---------------------------------------+ | | | |Req 1. Network Slicing | 1) A detailed specification of NSS | | Specification | | | (NSS) | 2) A companion YANG data model for | | | NSS | +--------------------------------+---------------------------------------+ | | | |Req 2. Network Slicing Cross- | | | Domain Coordination | 3) A companion data model for | | (NS-CDC) | NS-CDC | | | | +--------------------------------+---------------------------------------+ | | | |Req 3. Network Slicing | 4) Slicing specific extension on | | Performance Guarantee and| existing technologies | | Isolation (NS-PGI) | | | | | +--------------------------------+---------------------------------------+ | | | | | 5) Mechanisms for dynamic discovery | | | of service function instances and | | | their capabilities. Mechanisms for| |Req 4. Network Slicing OAM | dynamic discovery of instantiated | | (NS-OAM) | network slices | | | | | | 6) non-overlay OAM solution | | | | | | 7) Mechanisms for customized | | | granularity OAM | | | | +--------------------------------+---------------------------------------+
This document analyzes the standardization work on network slicing in different WGs. As no solution proposed in this document, no security concern raised.
There is no IANA action required by this document.
The authors wish to thank Hannu Flinck, Akbar Rahman, Ravi Ravindran, Xavier de Foy, Young Lee and Igor Bryskin for their detailed and constructive reviews. Many thanks to Mohamed Boucadair, Christian Jacquenet and Stewart Bryant for their valuable contributions and comments.
| [NS-Framework] | "NS Framework" |
| [NS-UseCase] | "NS Use Case" |