Network Working Group T. Suzuki Internet-Draft Hitachi, Ltd. Intended status: Informational February 16, 2015 Expires: August 20, 2015 ACTN Use-case for Multi-domain Operation Plane Change draft-suzuki-actn-multidomain-opc-00 Abstract This document provides a use-case that addresses the need for facilitating dynamic change of an operation plane, which includes multiple virtual networks and/or data transmission paths, from a current operation one to a backup one during a scheduled maintenance or an emergency such as network disaster. Specifically, the necessity of interfaces between domain management systems to establish consistent end-to-end data transmission paths over multiple domain networks is addressed. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on August 20, 2015. Copyright Notice Copyright (c) 2015 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must Suzuki Expires August 20, 2015 [Page 1] Internet-Draft Network Disaster Recovery February 2015 include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Problem Statement . . . . . . . . . . . . . . . . . . . . . . 4 3. Use Case . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 4. Requirement for Interface of operation plane change system . . 7 4.1. Interface for preparing backup operation planes . . . . . 7 4.2. Interface for requesting change of operation plane . . . . 7 5. Security Considerations . . . . . . . . . . . . . . . . . . . 8 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 7. Informative References . . . . . . . . . . . . . . . . . . . . 10 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 11 Suzuki Expires August 20, 2015 [Page 2] Internet-Draft Network Disaster Recovery February 2015 1. Introduction This draft provides a use case that addresses the necessity of a dynamic change of an operation plane, which includes multiple virtual networks and/or data transmission paths, from a current operation one to a backup one through cooperation between inter domain networks during a scheduled maintenance or an emergency such as network disaster. Recently, as reflected in the popularity of acquiring a large amount of information from the Internet and using various services, such as Internet banking, networks have been indispensable in daily life. Therefore, it is important to provide highly reliable end-to-end data transmission services. In addition, even if network facilities are extensively damaged due to a natural disaster, data transmission services must be promptly restored. To meet these requirements, a highly reliable packet transport network, such as the Multi Protocol Label Switching - Transport Profile (MPLS-TP) network, may be used to transmit data not only between countries but also between data centers. In conventional packet transport network management, a data transmission path protection function is used for recovering from a small network failure such as a node or link failure. However, the path protection is not always usable in a network disaster. Plenty of data transmission paths are calculated individually after detecting a network disaster. As a result, much time is needed to calculate all the paths. In another case, multiple path configurations will be changed for maintenance to add, delete, and check network resources. Therefore, a novel network management scheme is necessary to change plenty of path configurations instantaneously from the current operation plane to the backup one. Related documents are the ACTN-framework [ACTN-Framework] and the problem statement [ACTN-Problem]. In Section 2, specific issues on the prompt changing of network configurations are discussed. In Section 3, a use case for an inter- domain network management system is described. In Section 4, requirements that the system should satisfy are prescribed. Suzuki Expires August 20, 2015 [Page 3] Internet-Draft Network Disaster Recovery February 2015 2. Problem Statement There are two major techniques for recovering from network failures. These are protection and restoration. In protection, a backup data transmission path for a current one is calculated in advance. When a data transmission failure is detected, a data transmission path is changed from the current path to the backup one. In restoration, the backup path is not prepared in advance. When a data transmission failure is detected, a new data transmission path is calculated and data are transmitted through the new calculated data path. In a network disaster due to an earthquake, for example, protection paths might not be useful for some situations. When the protection paths are not useful, another backup path should be calculated. If there are plenty of current data transmission paths, it takes an enormous amount of time to calculate the backup paths. In the same way, a huge amount of time is needed to calculate plenty of paths for restoration. Enhancement of protection is envisaged as a new recovery procedure from a network disaster. Specifically, a concept of a virtual operation plane is adopted. The virtual operation plane includes multiple data transmission paths. Multiple current data transmission paths are included in the current operation plane. Multiple backup data transmission paths are included in a recovery operation plane. In the new recovery procedure, multiple backup operation planes are prepared in advance. When a network disaster is detected, the most suitable backup operation plane is selected and configurations for recovery are distributed to data transmission nodes. In addition, a network system must be able to change plenty of path configurations instantaneously when it adds or deletes network resources or stops to use resources to execute maintenance. The system explained above can be easily managed if there is only one management server. However, if the network is composed of multiple domains and there are multiple management servers, cooperated network disaster recovery procedures are not easy to execute. Therefore, a cooperative management scheme for recovering from a network disaster is needed. Suzuki Expires August 20, 2015 [Page 4] Internet-Draft Network Disaster Recovery February 2015 3. Use Case A target operation plane change system through cooperation of multiple domain management servers is shown in Figure 1. A whole network is composed of multiple domain networks such as a domain-A network and a domain-B network. Each domain has a domain management server. In addition, each domain is composed of multiple packet transport nodes. An end-to-end data transmission path is managed through cooperating between domain management servers. Each domain management server calculates multiple current data transmission paths and manages them as one current operation plane. In addition, the management server calculates multiple backup operation planes and manages them in case of a network disaster. For example, the domain-A management server prepares a backup operation plane, plane-A1, based on the assumption of network failures or maintenance. Plane-A1 includes multiple data transmission paths or virtual networks. The domain-B management server prepares another backup operation plane, plane-B1, to connect data transmission paths to plane-A1 of the domain-A. On the other hand, the domain-B management server prepares another backup operation plane, plane-B2, based on the assumption of other network failures or maintenance. The domain-A management server prepares another backup operation plane, plane-A2, to connect data transmission paths to plane-B2 of the domain-B. When the domain-A management server changes the operation plane from the current operation one to plane-A1 during the network operation, it transmits an identifier of plane-A1 to the domain-B management server to show a change of the operation plane of the domain-A management server. After receiving the identifier of plane-A1, the domain-B management server changes the operation plane from the current one to plane-B1. To develop the above-mentioned system, two interfaces must be created. One is an interface to maintain consistency of the end-to- end data transmission paths between domains in the backup operation plane. Specifically, an interface to transmit information of the backup operation planes including multiple data transmission paths from one domain management server to another domain management server is needed between domain management servers. Another domain management server can then calculate backup operation planes according to the received backup operation plane information. The other interface is used for transmitting the identifier to change the operation plane from one domain management server to another. Suzuki Expires August 20, 2015 [Page 5] Internet-Draft Network Disaster Recovery February 2015 +--------------------+ +--------------------+ | Domain-A | | Domain-B | | Management Server | | Management Server | +---------+----------+ +---------+----------+ | | | | +------------+-------------+ +-----------+--------------+ | | | | | +--------------------+ | | +--------------------+ | | | Current +----------+ Current | | | | Operation Plane +----------+ Operation Plane | | | | A0 +----------+ B0 | | | +--------------------+ | | +--------------------+ | | | | | | ======================== | | ======================== | | | | | | +--------------------+ | | +--------------------+ | | | Backup +----------+ Backup | | | | Operation Plane +----------+ Operation Plane | | | | A1 +----------+ B1 | | | +--------------------+ | | +--------------------+ | | | | | | +--------------------+ | | +--------------------+ | | | Backup +----------+ Backup | | | | Operation Plane +----------+ Operation Plane | | | | A2 +----------+ B2 | | | +--------------------+ | | +--------------------+ | | - | | - | | - | | - | | - | | - | | +--------------------+ | | +--------------------+ | | | Backup +----------+ Backup | | | | Operation Plane +----------+ Operation Plane | | | | An +----------+ Bn | | | +--------------------+ | | +--------------------+ | | | | | +--------------------------+ +--------------------------+ Domain-A Network Domain-B Network Figure 1: Example of target operation plane change system Suzuki Expires August 20, 2015 [Page 6] Internet-Draft Network Disaster Recovery February 2015 4. Requirement for Interface of operation plane change system The interfaces shown in Figure 1 must be prepared to execute consistent changing of operation planes to establish end-to-end data transmission paths between multiple domain networks for network disaster recovery or maintenance. The requirements for each interface are briefly described below. 4.1. Interface for preparing backup operation planes This interface is used to prepare consistent backup operation planes by cooperating between domain management servers. For example, the domain-A management server prepares multiple backup operation planes for the current operation plane composed of multiple data transmission paths. A backup operation plane is prepared for each assumed network failure or maintenance. The domain-A management server transmits "information of sharing paths for each link between domains" and "the identifier of a backup operation plane" to the domain-B management server when it attempts to change the operation plane to recover from a network disaster or to execute maintenance. When the domain-B management server receives them, it prepares a backup operation plane for each received domain-A management server backup plane to establish consistent data transmission paths. In addition, configurations of prepared backup operation planes are stored. 4.2. Interface for requesting change of operation plane This interface is used to send a change of the operation plane from the current one to the backup one when the domain management server detects a network disaster or starts to execute maintenance. For example, when the domain-A management server detects a network disaster, it determines the most suitable backup operation plane and starts management according to the configurations of the selected operation plane. In addition, the server transmits "the identifier of the backup operation plane" to the domain-B management server to establish consistent end-to-end paths when it changes the operation plane. When the domain-B management server receives the identifier of the backup operation plane, it changes the operation plane from the current one to the backup one specified by the received identifier. In addition, information of the time to change path configurations is exchanged through this interface between domain management servers. Suzuki Expires August 20, 2015 [Page 7] Internet-Draft Network Disaster Recovery February 2015 5. Security Considerations This document describes problems and requirements for network disaster recovery or maintenance by cooperating between domain management functions or servers. The system might be composed of multiple management functions to manage each domain network, and each management function might be implemented in different computational equipment. To achieve network disaster recovery in a coordinated manner between multiple network domains, it is necessary to exchange information between them. It is therefore necessary to use a secure communication channel between the domain management functions. Suzuki Expires August 20, 2015 [Page 8] Internet-Draft Network Disaster Recovery February 2015 6. IANA Considerations This document includes no request for IANA. Suzuki Expires August 20, 2015 [Page 9] Internet-Draft Network Disaster Recovery February 2015 7. Informative References [ACTN-Framework] Ceccarelli, D., Fang, L., Lee, Y., Lopez, D., Belotti, S., and D. King, "Framework for Abstraction and Control of Transport Networks", December 2014. [ACTN-Problem] Lee, Y., King, D., Boucadair, M., Jing, R., and L. Murillo, "Problem Statement for Abstraction and Control of Transport Networks", September 2014. Suzuki Expires August 20, 2015 [Page 10] Internet-Draft Network Disaster Recovery February 2015 Author's Address Toshiaki Suzuki Central Research Laboratory, Hitachi, Ltd. 292 Yoshida-cho Totsuka-ku, Yokohama, Kanagawa 244-0817 Japan Phone: +81-50-3135-3066 Email: toshiaki.suzuki.cs@hitachi.com Suzuki Expires August 20, 2015 [Page 11]