draft-ietf-pce-applicability-actn-12.txt   rfc8637.txt 
PCE Working Group D. Dhody Internet Engineering Task Force (IETF) D. Dhody
Internet-Draft Y. Lee Request for Comments: 8637 Huawei Technologies
Intended status: Informational Huawei Technologies Category: Informational Y. Lee
Expires: November 17, 2019 D. Ceccarelli ISSN: 2070-1721 Futurewei Technologies
D. Ceccarelli
Ericsson Ericsson
May 16, 2019 July 2019
Applicability of the Path Computation Element (PCE) to the Abstraction Applicability of the Path Computation Element (PCE)
and Control of TE Networks (ACTN) to the Abstraction and Control of TE Networks (ACTN)
draft-ietf-pce-applicability-actn-12
Abstract Abstract
Abstraction and Control of TE Networks (ACTN) refers to the set of Abstraction and Control of TE Networks (ACTN) refers to the set of
virtual network (VN) operations needed to orchestrate, control and virtual network (VN) operations needed to orchestrate, control, and
manage large-scale multi-domain TE networks so as to facilitate manage large-scale multidomain TE networks so as to facilitate
network programmability, automation, efficient resource sharing, and network programmability, automation, efficient resource sharing, and
end-to-end virtual service aware connectivity and network function end-to-end virtual service-aware connectivity and network function
virtualization services. virtualization services.
The Path Computation Element (PCE) is a component, application, or The Path Computation Element (PCE) is a component, application, or
network node that is capable of computing a network path or route network node that is capable of computing a network path or route
based on a network graph and applying computational constraints. The based on a network graph and applying computational constraints. The
PCE serves requests from Path Computation Clients (PCCs) that PCE serves requests from Path Computation Clients (PCCs) that
communicate with it over a local API or using the Path Computation communicate with it over a local API or using the Path Computation
Element Communication Protocol (PCEP). Element Communication Protocol (PCEP).
This document examines the applicability of PCE to the ACTN This document examines the applicability of PCE to the ACTN
framework. framework.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This document is not an Internet Standards Track specification; it is
provisions of BCP 78 and BCP 79. published for informational purposes.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months This document is a product of the Internet Engineering Task Force
and may be updated, replaced, or obsoleted by other documents at any (IETF). It represents the consensus of the IETF community. It has
time. It is inappropriate to use Internet-Drafts as reference received public review and has been approved for publication by the
material or to cite them other than as "work in progress." Internet Engineering Steering Group (IESG). Not all documents
approved by the IESG are candidates for any level of Internet
Standard; see Section 2 of RFC 7841.
This Internet-Draft will expire on November 17, 2019. Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
https://www.rfc-editor.org/info/rfc8637.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 26 skipping to change at page 2, line 26
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Background Information . . . . . . . . . . . . . . . . . . . 3 2. Background Information . . . . . . . . . . . . . . . . . . . 3
2.1. Path Computation Element (PCE) . . . . . . . . . . . . . 3 2.1. Path Computation Element (PCE) . . . . . . . . . . . . . 3
2.1.1. Role of PCE in SDN . . . . . . . . . . . . . . . . . 4 2.1.1. Role of PCE in SDN . . . . . . . . . . . . . . . . . 4
2.1.2. PCE in Multi-domain and Multi-layer Deployments . . . 4 2.1.2. PCE in Multidomain and Multilayer Deployments . . . . 4
2.1.3. Relationship to PCE Based Central Control . . . . . . 5 2.1.3. Relationship to PCE-Based Central Control . . . . . . 5
2.2. Abstraction and Control of TE Networks (ACTN) . . . . . . 5 2.2. Abstraction and Control of TE Networks (ACTN) . . . . . . 5
3. Architectural Considerations . . . . . . . . . . . . . . . . 7 3. Architectural Considerations . . . . . . . . . . . . . . . . 7
3.1. Multi-Domain Coordination via Hierarchy . . . . . . . . . 7 3.1. Multidomain Coordination via Hierarchy . . . . . . . . . 7
3.2. Abstraction . . . . . . . . . . . . . . . . . . . . . . . 8 3.2. Abstraction . . . . . . . . . . . . . . . . . . . . . . . 8
3.3. Customer Mapping . . . . . . . . . . . . . . . . . . . . 9 3.3. Customer Mapping . . . . . . . . . . . . . . . . . . . . 9
3.4. Virtual Service Coordination . . . . . . . . . . . . . . 10 3.4. Virtual Service Coordination . . . . . . . . . . . . . . 10
4. Interface Considerations . . . . . . . . . . . . . . . . . . 10 4. Interface Considerations . . . . . . . . . . . . . . . . . . 10
5. Realizing ACTN with PCE (and PCEP) . . . . . . . . . . . . . 11 5. Realizing ACTN with PCE (and PCEP) . . . . . . . . . . . . . 11
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 14
7. Security Considerations . . . . . . . . . . . . . . . . . . . 15 7. Security Considerations . . . . . . . . . . . . . . . . . . . 15
8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 16 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 16
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 16 8.1. Normative References . . . . . . . . . . . . . . . . . . 16
9.1. Normative References . . . . . . . . . . . . . . . . . . 16 8.2. Informative References . . . . . . . . . . . . . . . . . 16
9.2. Informative References . . . . . . . . . . . . . . . . . 17
Appendix A. Additional Information . . . . . . . . . . . . . . . 21 Appendix A. Additional Information . . . . . . . . . . . . . . . 21
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 21 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 21
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 22
1. Introduction 1. Introduction
Abstraction and Control of TE Networks (ACTN) [RFC8453] refers to the Abstraction and Control of TE Networks (ACTN) [RFC8453] refers to the
set of virtual network (VN) operations needed to orchestrate, control set of virtual network (VN) operations needed to orchestrate,
and manage large-scale multi-domain TE networks so as to facilitate control, and manage large-scale multidomain TE networks so as to
network programmability, automation, efficient resource sharing, and facilitate network programmability, automation, efficient resource
end-to-end virtual service aware connectivity and network function sharing, and end-to-end virtual service-aware connectivity and
virtualization services. network function virtualization services.
The Path Computation Element (PCE) [RFC4655] is a component, The Path Computation Element (PCE) [RFC4655] is a component,
application, or network node that is capable of computing a network application, or network node that is capable of computing a network
path or route based on a network graph and applying computational path or route based on a network graph and applying computational
constraints. The PCE serves requests from Path Computation Clients constraints. The PCE serves requests from Path Computation Clients
(PCCs) that communicate with it over a local API or using the Path (PCCs) that communicate with it over a local API or using the Path
Computation Element Communication Protocol (PCEP). Computation Element Communication Protocol (PCEP).
This document examines the PCE and ACTN architecture and describes This document examines the PCE and ACTN architecture and describes
how PCE architecture is applicable to ACTN. It also lists the PCEP how PCE architecture is applicable to ACTN. It also lists the PCEP
extensions that are needed to use PCEP as an ACTN interface. This extensions that are needed to use PCEP as an ACTN interface. This
document also identifies any gaps in PCEP, that exist at the time of document also identifies any gaps in PCEP that exist at the time of
publication of this document. publication of this document.
Further, ACTN, stateful H-PCE [I-D.ietf-pce-stateful-hpce], and PCE Further, ACTN, stateful Hierarchical PCE (H-PCE) [PCE-HPCE], and PCE
as a central controller (PCECC) [RFC8283] are based on the same basic as a central controller (PCECC) [RFC8283] are based on the same basic
hierarchy framework and thus compatible with each other. hierarchy framework and are thus compatible with each other.
2. Background Information 2. Background Information
2.1. Path Computation Element (PCE) 2.1. Path Computation Element (PCE)
The Path Computation Element Communication Protocol (PCEP) [RFC5440] The Path Computation Element Communication Protocol (PCEP) [RFC5440]
provides mechanisms for Path Computation Clients (PCCs) to request a provides mechanisms for Path Computation Clients (PCCs) to request a
Path Computation Element (PCE) [RFC4655] to perform path Path Computation Element (PCE) [RFC4655] to perform path
computations. computations.
The ability to compute shortest constrained TE LSPs in Multiprotocol The ability to compute shortest constrained TE LSPs in Multiprotocol
Label Switching (MPLS) and Generalized MPLS (GMPLS) networks across Label Switching (MPLS) and Generalized MPLS (GMPLS) networks across
multiple domains has been identified as a key motivation for PCE multiple domains has been identified as a key motivation for PCE
development. development.
A stateful PCE [RFC8231] is capable of considering, for the purposes A stateful PCE [RFC8231] is capable of considering, for the purposes
of path computation, not only the network state in terms of links and of path computation, not only the network state in terms of links and
nodes (referred to as the Traffic Engineering Database or TED) but nodes (referred to as the Traffic Engineering Database or TED), but
also the status of active services (previously computed paths), and also the status of active services (previously computed paths), and
currently reserved resources, stored in the Label Switched Paths currently reserved resources, stored in the Label Switched Paths
Database (LSP-DB). Database (LSP-DB).
[RFC8051] describes general considerations for a stateful PCE [RFC8051] describes general considerations for a stateful PCE
deployment and examines its applicability and benefits, as well as deployment and examines its applicability and benefits as well as its
its challenges and limitations through a number of use cases. challenges and limitations through a number of use cases.
[RFC8231] describes a set of extensions to PCEP to provide stateful [RFC8231] describes a set of extensions to PCEP to provide stateful
control. A stateful PCE has access to not only the information control. A stateful PCE has access to not only the information
carried by the network's Interior Gateway Protocol (IGP), but also carried by the network's Interior Gateway Protocol (IGP), but also
the set of active paths and their reserved resources for its the set of active paths and their reserved resources for its
computations. The additional state allows the PCE to compute computations. The additional state allows the PCE to compute
constrained paths while considering individual LSPs and their constrained paths while considering individual LSPs and their
interactions. [RFC8281] describes the setup, maintenance and interactions. [RFC8281] describes the setup, maintenance, and
teardown of PCE-initiated LSPs under the stateful PCE model. teardown of PCE-initiated LSPs under the stateful PCE model.
[RFC8231] also describes the active stateful PCE. The active PCE [RFC8231] also describes the active stateful PCE. The active PCE
functionality allows a PCE to reroute an existing LSP or make changes functionality allows a PCE to reroute an existing LSP or make changes
to the attributes of an existing LSP, or a PCC to delegate control of to the attributes of an existing LSP, or a PCC to delegate control of
specific LSPs to a new PCE. specific LSPs to a new PCE.
2.1.1. Role of PCE in SDN 2.1.1. Role of PCE in SDN
Software-Defined Networking (SDN) [RFC7149] refers to a separation Software-Defined Networking (SDN) [RFC7149] refers to a separation
between the control elements and the forwarding components so that between the control elements and the forwarding components so that
software running in a centralized system called a controller, can act software running in a centralized system, called a controller, can
to program the devices in the network to behave in specific ways. A act to program the devices in the network to behave in specific ways.
required element in an SDN architecture is a component that plans how A required element in an SDN architecture is a component that plans
the network resources will be used and how the devices will be how the network resources will be used and how the devices will be
programmed. It is possible to view this component as performing programmed. It is possible to view this component as performing
specific computations to place flows within the network given specific computations to place flows within the network given
knowledge of the availability of network resources, how other knowledge of the availability of network resources, how other
forwarding devices are programmed, and the way that other flows are forwarding devices are programmed, and the way that other flows are
routed. It is concluded in [RFC7399], that this is the same function routed. It is concluded in [RFC7399] that this is the same function
that a PCE might offer in a network operated using a dynamic control that a PCE might offer in a network operated using a dynamic control
plane. This is the function and purpose of a PCE, and the way that a plane. This is the function and purpose of a PCE, and the way that a
PCE integrates into a wider network control system including SDN is PCE integrates into a wider network control system including SDN is
presented in Application-Based Network Operation (ABNO) [RFC7491]. presented in Application-Based Network Operation (ABNO) [RFC7491].
2.1.2. PCE in Multi-domain and Multi-layer Deployments 2.1.2. PCE in Multidomain and Multilayer Deployments
Computing paths across large multi-domain environments requires Computing paths across large multidomain environments requires
special computational components and cooperation between entities in special computational components and cooperation between entities in
different domains capable of complex path computation. The PCE different domains capable of complex path computation. The PCE
provides an architecture and a set of functional components to provides an architecture and a set of functional components to
address this problem space. A PCE may be used to compute end-to-end address this problem space. A PCE may be used to compute end-to-end
paths across multi-domain environments using a per-domain path paths across multidomain environments using a per-domain path
computation technique [RFC5152]. The Backward Recursive PCE based computation technique [RFC5152]. The Backward-Recursive PCE-based
path computation (BRPC) mechanism [RFC5441] defines a PCE-based path path computation (BRPC) mechanism [RFC5441] defines a PCE-based path
computation procedure to compute inter-domain constrained MPLS and computation procedure to compute interdomain-constrained MPLS and
GMPLS TE networks. However, per-domain technique assumes that the GMPLS TE networks. However, per-domain technique assumes that the
sequence of domains to be crossed from source to destination is sequence of domains to be crossed from source to destination is
known, either fixed by the network operator or obtained by other known, either fixed by the network operator or obtained by other
means. BRPC can work best with a known domain sequence, and it will means. BRPC can work best with a known domain sequence, and it will
also work nicely with a small set of interconnected domains. also work nicely with a small set of interconnected domains.
However, it doesn't work well for is a large set of interconnected However, it doesn't work well for a large set of interconnected
domains. domains.
[RFC6805] describes a Hierarchical PCE (H-PCE) architecture which can [RFC6805] describes a Hierarchical PCE (H-PCE) architecture that can
be used for computing end-to-end paths for inter-domain MPLS Traffic be used for computing end-to-end paths for interdomain MPLS Traffic
Engineering (TE) and GMPLS Label Switched Paths (LSPs) when the Engineering (TE) and GMPLS Label Switched Paths (LSPs) when the
domain sequence is not known. Within the Hierarchical PCE (H-PCE) domain sequence is not known. Within the Hierarchical PCE (H-PCE)
architecture, the Parent PCE (P-PCE) is used to compute a multi- architecture, the Parent PCE (P-PCE) is used to compute a multidomain
domain path based on the domain connectivity information. A Child path based on the domain connectivity information. A Child PCE
PCE (C-PCE) may be responsible for a single domain or multiple (C-PCE) may be responsible for a single domain or multiple domains;
domains, it is used to compute the intra-domain path based on its it is used to compute the intradomain path based on its domain
domain topology information. topology information.
[I-D.ietf-pce-stateful-hpce] state the considerations for stateful [PCE-HPCE] states the considerations for stateful PCEs in
PCEs in hierarchical PCE architecture. In particular, the behavior Hierarchical PCE architecture. In particular, the behavior changes
changes and additions to the existing stateful PCE mechanisms and adds to the existing stateful PCE mechanisms (including PCE-
(including PCE- initiated LSP setup and active PCE usage) in the initiated LSP setup and active PCE usage) in the context of networks
context of networks using the H-PCE architecture. using the H-PCE architecture.
[RFC5623] describes a framework for applying the PCE-based [RFC5623] describes a framework for applying the PCE-based
architecture to inter-layer to (G)MPLS TE. It provides suggestions architecture to interlayer (G)MPLS TE. It provides suggestions for
for the deployment of PCE in support of multi-layer networks. It the deployment of PCE in support of multilayer networks. It also
also describes the relationship between PCE and a functional describes the relationship between PCE and a functional component in
component in charge of the control and management of the Virtual charge of the control and management of the Virtual Network Topology
Network Topology (VNT) [RFC5212], called the VNT Manager (VNTM). (VNT) [RFC5212] called the VNT Manager (VNTM).
2.1.3. Relationship to PCE Based Central Control 2.1.3. Relationship to PCE-Based Central Control
[RFC8283] introduces the architecture for PCE as a central controller [RFC8283] introduces the architecture for PCE as a central controller
(PCECC), it further examines the motivations and applicability for (PCECC); it further examines the motivations and applicability for
PCEP as a southbound interface, and introduces the implications for PCEP as a southbound interface (SBI) and introduces the implications
the protocol. Section 2.1.3 of [RFC8283] describe a hierarchy of for the protocol. Section 2.1.3 of [RFC8283] describes a hierarchy
PCE-based controller as per the Hierarchy of PCE framework defined in of PCE-based controllers as per the PCE Hierarchy Framework defined
[RFC6805]. in [RFC6805].
2.2. Abstraction and Control of TE Networks (ACTN) 2.2. Abstraction and Control of TE Networks (ACTN)
[RFC8453] describes the high-level ACTN requirements and the [RFC8453] describes the high-level ACTN requirements and the
architecture model for ACTN including the entities Customer Network architecture model for ACTN, including the entities Customer Network
Controller (CNC), Multi-domain Service Coordinator (MDSC), and Controller (CNC), Multidomain Service Coordinator (MDSC), and
Provisioning Network Controller (PNC) and their interfaces. Provisioning Network Controller (PNC) and their interfaces.
The ACTN reference architecture is shown in Figure 1 which is The ACTN reference architecture is shown in Figure 1, which is
reproduced here from [RFC8453] for convenience. [RFC8453] remains reproduced here from [RFC8453] for convenience. [RFC8453] remains
the definitive reference for the ACTN architecture. As depicted in the definitive reference for the ACTN architecture. As depicted in
Figure 1, the ACTN architecture identifies a three-tier hierarchy. Figure 1, the ACTN architecture identifies a three-tier hierarchy.
+---------+ +---------+ +---------+ +---------+ +---------+ +---------+
| CNC | | CNC | | CNC | | CNC | | CNC | | CNC |
+---------+ +---------+ +---------+ +---------+ +---------+ +---------+
\ | / \ | /
\ | / \ | /
Boundary =============\==============|==============/============ Boundary =============\==============|==============/============
skipping to change at page 6, line 38 skipping to change at page 6, line 38
( Plane ) ( Net ) | / ( ) ( Plane ) ( Net ) | / ( )
( Physical ) ----- | / ( Phys. ) ( Physical ) ----- | / ( Phys. )
( Network ) ----- ----- ( Net ) ( Network ) ----- ----- ( Net )
- - ( ) ( ) ----- - - ( ) ( ) -----
( ) ( Phys. ) ( Phys. ) ( ) ( Phys. ) ( Phys. )
--------- ( Net ) ( Net ) --------- ( Net ) ( Net )
----- ----- ----- -----
CMI - (CNC-MDSC Interface) CMI - (CNC-MDSC Interface)
MPI - (MDSC-PNC Interface) MPI - (MDSC-PNC Interface)
SBI - (Southbound Interface)
Figure 1: ACTN Hierarchy Figure 1: ACTN Hierarchy
There are two interfaces with respect to the MDSC: one north of the There are two interfaces with respect to the MDSC: one north of the
MDSC (the CNC-MDSC Interface : CMI), and one south (the MDSC-PNC MDSC (the CNC-MDSC Interface (CMI)), and one south (the MDSC-PNC
Interface : MPI). A hierarchy of MDSCs is possible with a recursive Interface (MPI)). A hierarchy of MDSCs is possible with a recursive
MPI interface. MPI interface.
[RFC8454] provides an information model for ACTN interfaces. [RFC8454] provides an information model for ACTN interfaces.
3. Architectural Considerations 3. Architectural Considerations
The ACTN architecture [RFC8453] is based on hierarchy and The ACTN architecture [RFC8453] is based on the hierarchy and
recursiveness of controllers. It defines three types of controllers recursiveness of controllers. It defines three types of controllers
(depending on the functionalities they implement). The main (depending on the functionalities they implement). The main
functionalities are - functionalities are:
o Multi-domain coordination o Multidomain coordination
o Abstraction o Abstraction
o Customer mapping/translation o Customer mapping/translation
o Virtual service coordination o Virtual service coordination
Section 3 of [RFC8453] describes these functions. Section 3 of [RFC8453] describes these functions.
It should be noted that this document lists all possible ways in It should be noted that this document lists all possible ways in
which PCE could be used for each of the above functions, but all which PCE could be used for each of the above functions, but all
functions are not required to be implemented via PCE. Similarly, functions are not required to be implemented via PCE. Similarly,
this document presents the ways in which PCEP could be used as the this document presents the ways in which PCEP could be used as the
communications medium between functional components. Operators may communications medium between functional components. Operators may
choose to use the PCEP for multi-domain coordination via stateful choose to use the PCEP for multidomain coordination via stateful
H-PCE, but alternatively use Network Configuration Protocol (NETCONF) H-PCE but alternatively use Network Configuration Protocol (NETCONF)
[RFC6241], RESTCONF [RFC8040], or BGP - Link State (BGP-LS) [RFC7752] [RFC6241], RESTCONF [RFC8040], or BGP - Link State (BGP-LS) [RFC7752]
to get access to the topology and support abstraction function. to get access to the topology and support abstraction function.
3.1. Multi-Domain Coordination via Hierarchy 3.1. Multidomain Coordination via Hierarchy
With the definition of domain being "everything that is under the With the definition of domain being everything that is under the
control of the single logical controller", as per [RFC8453], it is control of the single logical controller, as per [RFC8453], it is
needed to have a control entity that oversees the specific aspects of needed both to have a control entity that oversees the specific
the different domains and to build a single abstracted end-to-end aspects of the different domains and to build a single abstracted
network topology in order to coordinate end-to-end path computation end-to-end network topology in order to coordinate end-to-end path
and path/service provisioning. computation and path/service provisioning.
The MDSC in ACTN framework realizes this function by coordinating the The MDSC in ACTN framework realizes this function by coordinating the
per-domain PNCs in a hierarchy of controllers. It also needs to per-domain PNCs in a hierarchy of controllers. It also needs to
detach from the underlying network technology and express customer detach from the underlying network technology and express customer
concerns by business needs. concerns by business needs.
[RFC6805] and [I-D.ietf-pce-stateful-hpce] describe a hierarchy of [RFC6805] and [PCE-HPCE] describe a hierarchy of PCEs with the Parent
PCEs with the Parent PCE coordinating multi-domain path computation PCE coordinating multidomain path computation function between Child
function between Child PCEs. It is easy to see how these principles PCEs. It is easy to see how these principles align, and thus how the
align, and thus how the stateful H-PCE architecture can be used to stateful H-PCE architecture can be used to realize ACTN.
realize ACTN.
The per domain stitched LSP in the Hierarchical stateful PCE The per-domain stitched LSP in the Hierarchical stateful PCE
architecture, described in Section 3.3.1 of architecture, described in Section 3.3.1 of [PCE-HPCE], is well
[I-D.ietf-pce-stateful-hpce] is well suited for multi-domain suited for multidomain coordination function. This includes domain
coordination function. This includes domain sequence selection; End- sequence selection, End-to-End (E2E) path computation, and
to-End (E2E) path computation; Controller (PCE) initiated path setup controller-initiated (PCE-initiated) path setup and reporting. This
and reporting. This is also applicable to multi-layer coordination is also applicable to multilayer coordination in case of IP+optical
in case of IP+optical networks. networks.
[I-D.litkowski-pce-state-sync] describes the procedures to allow a [PCE-STATE-SYNC] describes the procedures to allow a stateful
stateful communication between PCEs for various use-cases. The communication between PCEs for various use cases. The procedures and
procedures and extensions are also applicable to Child and Parent PCE extensions are also applicable to Child and Parent PCE communication
communication and thus useful for ACTN as well. and are thus useful for ACTN as well.
3.2. Abstraction 3.2. Abstraction
To realize ACTN, an abstracted view of the underlying network To realize ACTN, an abstracted view of the underlying network
resources needs to be built. This includes global network-wide resources needs to be built. This includes global network-wide
abstracted topology based on the underlying network resources of each abstracted topology based on the underlying network resources of each
domain. This also includes abstract topology created as per the domain. This also includes abstract topology created as per the
customer service connectivity requests and represented as a VN slice customer service connectivity requests and represented as a VN slice
allocated to each customer. allocated to each customer.
In order to compute and provide optimal paths, PCEs require an In order to compute and provide optimal paths, PCEs require an
accurate and timely Traffic Engineering Database (TED). accurate and timely Traffic Engineering Database (TED).
Traditionally this TED has been obtained from a link state (LS) Traditionally, this TED has been obtained from a link-state (LS)
routing protocol supporting traffic engineering extensions. PCE may routing protocol supporting traffic engineering extensions. PCE may
construct its TED by participating in the IGP ([RFC3630] and construct its TED by participating in the IGP ([RFC3630] and
[RFC5305] for MPLS-TE; [RFC4203] and [RFC5307] for GMPLS). An [RFC5305] for MPLS-TE; [RFC4203] and [RFC5307] for GMPLS). An
alternative is offered by BGP-LS [RFC7752]. alternative is offered by BGP-LS [RFC7752].
In case of H-PCE [RFC6805], the Parent PCE needs to build the domain In case of H-PCE [RFC6805], the Parent PCE needs to build the domain
topology map of the child domains and their interconnectivity. topology map of the child domains and their interconnectivity.
[RFC6805] and [I-D.ietf-pce-inter-area-as-applicability] suggest that [RFC6805] and [PCE-INTER-AREA] suggest that BGP-LS could be used as a
BGP-LS could be used as a "northbound" TE advertisement from the "northbound" TE advertisement from the Child PCE to the Parent PCE.
Child PCE to the Parent PCE.
[I-D.dhodylee-pce-pcep-ls] proposes another approach for learning and [PCEP-LS] proposes another approach for learning and maintaining the
maintaining the Link-State and TE information as an alternative to Link-State and TE information as an alternative to IGPs and BGP
IGPs and BGP flooding, using PCEP itself. The Child PCE can use this flooding, using PCEP itself. The Child PCE can use this mechanism to
mechanism to transport Link-State and TE information from Child PCE transport Link-State and TE information from Child PCE to a Parent
to a Parent PCE using PCEP. PCE using PCEP.
In ACTN, there is a need to control the level of abstraction based on In ACTN, there is a need to control the level of abstraction based on
the deployment scenario and business relationship between the the deployment scenario and business relationship between the
controllers. The mechanism used to disseminate information from PNC controllers. The mechanism used to disseminate information from the
(Child PCE) to MDSC (Parent PCE) should support abstraction. PNC (Child PCE) to the MDSC (Parent PCE) should support abstraction.
[RFC8453] describes a few alternative approaches of abstraction. The [RFC8453] describes a few alternative approaches of abstraction. The
resulting abstracted topology can be encoded using the PCEP-LS resulting abstracted topology can be encoded using the PCEP-LS
mechanisms [I-D.dhodylee-pce-pcep-ls] and its optical network mechanisms [PCEP-LS] and its optical network extension
extension [I-D.lee-pce-pcep-ls-optical]. PCEP-LS is an attractive
option when the operator would wish to have a single control plane [PCEP-OPTICAL]. PCEP-LS is an attractive option when the operator
protocol (PCEP) to achieve ACTN functions. would wish to have a single control-plane protocol (PCEP) to achieve
ACTN functions.
[RFC8453] discusses two ways to build abstract topology from an MDSC [RFC8453] discusses two ways to build abstract topology from an MDSC
standpoint with interaction with PNCs. The primary method is called standpoint with interaction with PNCs. The primary method is called
automatic generation of abstract topology by configuration. With automatic generation of abstract topology by configuration. With
this method, automatic generation is based on the abstraction/ this method, automatic generation is based on the abstraction/
summarization of the whole domain by the PNC and its advertisement on summarization of the whole domain by the PNC and its advertisement on
the MPI. The secondary method is called on-demand generation of the MPI. The secondary method is called on-demand generation of
supplementary topology via Path Compute Request/Reply. This method supplementary topology via Path Compute Request/Reply. This method
may be needed to obtain further complementary information such as may be needed to obtain further complementary information such as
potential connectivity from Child PCEs in order to facilitate an end- potential connectivity from Child PCEs in order to facilitate an end-
skipping to change at page 9, line 29 skipping to change at page 9, line 29
methods. methods.
3.3. Customer Mapping 3.3. Customer Mapping
In ACTN, there is a need to map customer virtual network (VN) In ACTN, there is a need to map customer virtual network (VN)
requirements into a network provisioning request to the PNC. That requirements into a network provisioning request to the PNC. That
is, the customer requests/commands are mapped by the MDSC into is, the customer requests/commands are mapped by the MDSC into
network provisioning requests that can be sent to the PNC. network provisioning requests that can be sent to the PNC.
Specifically, the MDSC provides mapping and translation of a Specifically, the MDSC provides mapping and translation of a
customer's service request into a set of parameters that are specific customer's service request into a set of parameters that are specific
to a network type and technology such that network configuration to a network type and technology such that the network configuration
process is made possible. process is made possible.
[RFC8281] describes the setup, maintenance and teardown of PCE- [RFC8281] describes the setup, maintenance, and teardown of PCE-
initiated LSPs under the stateful PCE model, without the need for initiated LSPs under the stateful PCE model, without the need for
local configuration on the PCC, thus allowing for a dynamic network local configuration on the PCC, thus allowing for a dynamic network
that is centrally controlled and deployed. To instantiate or delete that is centrally controlled and deployed. To instantiate or delete
an LSP, the PCE sends the Path Computation LSP Initiate Request an LSP, the PCE sends the Path Computation LSP Initiate Request
(PCInitiate) message to the PCC. As described in (PCInitiate) message to the PCC. As described in [PCE-HPCE], for
[I-D.ietf-pce-stateful-hpce], for inter-domain LSP in Hierarchical interdomain LSP in Hierarchical PCE architecture, the initiation
PCE architecture, the initiation operations can be carried out at the operations can be carried out at the Parent PCE. In this case, after
Parent PCE. In which case, after Parent PCE finishes the E2E path Parent PCE finishes the E2E path computation, it can send the
computation, it can send the PCInitiate message to the Child PCE, the PCInitiate message to the Child PCE; the Child PCE further propagates
Child PCE further propagates the initiate request to the Label the initiate request to the Label Switching Router (LSR). The
Switching Router (LSR). The customer request is received by the MDSC customer request is received by the MDSC (Parent PCE), and, based on
(Parent PCE) and based on the business logic, global abstracted the business logic, global abstracted topology, network conditions,
topology, network conditions and local policy, the MDSC (Parent PCE) and local policy, the MDSC (Parent PCE) translates this into a per-
translates this into per domain LSP initiation request that a PNC domain LSP initiation request that a PNC (Child PCE) can understand
(Child PCE) can understand and act on. This can be done via the and act on. This can be done via the PCInitiate message.
PCInitiate message.
PCEP extensions for associating opaque policy between PCEP peer PCEP extensions for associating opaque policy between PCEP peer
[I-D.ietf-pce-association-policy] can be used. [ASSOC-POLICY] can be used.
3.4. Virtual Service Coordination 3.4. Virtual Service Coordination
Virtual service coordination function in ACTN incorporates customer Virtual service coordination function in ACTN incorporates customer
service-related information into the virtual network service service-related information into the virtual network service
operations in order to seamlessly operate virtual networks while operations in order to seamlessly operate virtual networks while
meeting customer's service requirements. meeting customers' service requirements.
[I-D.leedhody-pce-vn-association] describes the need for associating [PCEP-VN] describes the need for associating a set of LSPs with a VN
a set of LSPs with a VN "construct" to facilitate VN operations in "construct" to facilitate VN operations in PCE architecture. This
PCE architecture. This association allows the PCEs to identify which association allows the PCEs to identify which LSPs belong to a
LSPs belong to a certain VN. certain VN.
This association based on VN is useful for various optimizations at This association based on VN is useful for various optimizations at
the VN level which can be applied to all the LSPs that are part of the VN level, which can be applied to all the LSPs that are part of
the VN slice. During path computation, the impact of a path for an the VN slice. During path computation, the impact of a path for an
LSP is compared against the paths of other LSPs in the VN. This is LSP is compared against the paths of other LSPs in the VN. This is
to make sure that the overall optimization and SLA of the VN rather to ensure optimization and SLA attainment for the VN rather than for
than of a single LSP. Similarly, during re-optimization, advanced a single LSP. Similarly, during reoptimization, advanced path
path computation algorithm and optimization technique can be computation algorithms and optimization techniques can be considered
considered for all the LSPs belonging to a VN/customer and optimize for all the LSPs belonging to a VN/customer and optimize them all
them all together. together.
4. Interface Considerations 4. Interface Considerations
As per [RFC8453], to allow virtualization and multi-domain As per [RFC8453], to allow virtualization and multidomain
coordination, the network has to provide open, programmable coordination, the network has to provide open, programmable
interfaces, in which customer applications can create, replace and interfaces in which customer applications can create, replace, and
modify virtual network resources and services in an interactive, modify virtual network resources and services in an interactive,
flexible and dynamic fashion while having no impact on other flexible, and dynamic fashion while having no impact on other
customers. The two ACTN interfaces are - customers. The two ACTN interfaces are as follows:
o The CNC-MDSC Interface (CMI) is an interface between a Customer o The CNC-MDSC Interface (CMI) is an interface between a Customer
Network Controller and a Multi-Domain Service Coordinator. It Network Controller and a Multidomain Service Coordinator. It
requests the creation of the network resources, topology or requests the creation of the network resources, topology, or
services for the applications. The MDSC may also report potential services for the applications. The MDSC may also report potential
network topology availability if queried for current capability network topology availability if queried for current capability
from the Customer Network Controller. from the Customer Network Controller.
o The MDSC-PNC Interface (MPI) is an interface between a Multi- o The MDSC-PNC Interface (MPI) is an interface between a Multidomain
Domain Service Coordinator and a Provisioning Network Controller. Service Coordinator and a Provisioning Network Controller. It
It communicates the creation request, if required, of new communicates the creation request, if required, of new
connectivity of bandwidth changes in the physical network, via the connectivity of bandwidth changes in the physical network via the
PNC. In multi-domain environments, the MDSC needs to establish PNC. In multidomain environments, the MDSC needs to establish
multiple MPIs, one for each PNC, as there are multiple PNCs multiple MPIs, one for each PNC, as there are multiple PNCs
responsible for its domain control. responsible for its domain control.
In the case of hierarchy MDSCs, the MPI is applied recursively. From In the case of a hierarchy of MDSCs, the MPI is applied recursively.
an abstraction point of view, the top level MDSC which interfaces the From an abstraction point of view, the top-level MDSC, which
CNC operates on a higher level of abstraction (i.e., less granular interfaces the CNC, operates on a higher level of abstraction (i.e.,
level) than the lower level MSDCs. less granular level) than the lower-level MDSCs.
PCEP is especially suitable on the MPI as it meets the requirement PCEP is especially suitable on the MPI as it meets the requirement
and the functions as set out in the ACTN framework [RFC8453]. Its and the functions as set out in the ACTN framework [RFC8453]. Its
recursive nature is well suited via the multi-level hierarchy of PCE. recursive nature is well suited via the multilevel hierarchy of PCE.
PCEP can also be applied to the CMI as the CNC can be a path PCEP can also be applied to the CMI as the CNC can be a path
computation client while the MDSC can be a path computation server. computation client while the MDSC can be a path computation server.
Section 5 describes how PCE and PCEP could help realize ACTN on the Section 5 describes how PCE and PCEP could help realize ACTN on the
MPI. MPI.
5. Realizing ACTN with PCE (and PCEP) 5. Realizing ACTN with PCE (and PCEP)
As per the example in Figure 2, there are 4 domains, each with its As per the example in Figure 2, there are 4 domains, each with their
own PNC and an MDSC on top. The PNC and MDSC need PCE as an own PNC and MDSC on top. The PNC and MDSC need PCE as an important
important function. The PNC (or Child PCE) already uses PCEP to function. The PNC (or Child PCE) already uses PCEP to communicate to
communicate to the network device. It can utilize the PCEP as the the network device. It can utilize the PCEP as the MPI to
MPI to communicate between controllers too. communicate between controllers too.
****** ******
..........*MDSC*.............................. ..........*MDSC*..............................
. ****** .. MPI . . ****** .. MPI .
. . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . .
skipping to change at page 12, line 40 skipping to change at page 12, line 40
|DOMAIN 3 B| |DOMAIN 3 B|
+---------------+ +---------------+
MDSC -> Parent PCE MDSC -> Parent PCE
PNC -> Child PCE PNC -> Child PCE
MPI -> PCEP MPI -> PCEP
Figure 2: ACTN with PCE Figure 2: ACTN with PCE
o Building Domain Topology at MDSC: PNC (or Child PCE) needs to have o Building Domain Topology at MDSC: PNC (or Child PCE) needs to have
the TED to compute path in its domain. As described in the TED to compute the path in its domain. As described in
Section 3.2, it can learn the topology via IGP or BGP-LS. PCEP-LS Section 3.2, it can learn the topology via IGP or BGP-LS. PCEP-LS
is also a proposed mechanism to carry link state and traffic is also a proposed mechanism to carry link state and traffic
engineering information within PCEP. A mechanism to carry engineering information within PCEP. A mechanism to carry
abstracted topology while hiding technology specific information abstracted topology while hiding technology-specific information
between PNC and MDSC is described in [I-D.dhodylee-pce-pcep-ls]. between PNC and MDSC is described in [PCEP-LS]. At the end of
At the end of this step the MDSC (or Parent PCE) has the this step, the MDSC (or Parent PCE) has the abstracted topology
abstracted topology from each of its PNC (or Child PCE). This from each of its PNCs (or Child PCE). This could be as simple as
could be as simple as a domain topology map as described in a domain topology map as described in [RFC6805], or it can have
[RFC6805] or it can have full topology information of all domains. full topology information of all domains. The latter is not
The latter is not scalable and thus an abstracted topology of each scalable, and thus, an abstracted topology of each domain
domain interconnected by inter-domain links is the most common interconnected by interdomain links is the most common case.
case.
* Topology Change: When the PNC learns of any topology change, * Topology Change: When the PNC learns of any topology change,
the PNC needs to decide if the change needs to be notified to the PNC needs to decide if the change needs to be notified to
the MDSC. This is dependent on the level of abstraction the MDSC. This is dependent on the level of abstraction
between the MDSC and the PNC. between the MDSC and the PNC.
o VN Instantiate: When an MDSC is requested to instantiate a VN, the o VN Instantiate: When an MDSC is requested to instantiate a VN, the
minimal information that is required would be a VN identifier and minimal information that is required would be a VN identifier and
a set of end points. Various path computation, setup constraints a set of end points. Various path computation, setup constraints,
and objective functions may also be provided. In PCE terms, a VN and objective functions may also be provided. In PCE terms, a VN
Instantiate can be considered as a set of paths belonging to the Instantiate can be considered as a set of paths belonging to the
same VN. As described in Section 3.4 and same VN. As described in Section 3.4 and [PCEP-VN], the VN
[I-D.leedhody-pce-vn-association] the VN association can help in association can help in identifying the set of paths that belong
identifying the set of paths that belong to a VN. The rest of the to a VN. The rest of the information, like the endpoints,
information like the endpoints, constraints and objective function constraints, and objective function (OF), is already defined in
(OF) is already defined in PCEP in terms of a single path. PCEP in terms of a single path.
* Path Computation: As per the example in Figure 2, the VN * Path Computation: As per the example in Figure 2, the VN
instantiate requires two end to end paths between (A in Domain instantiate requires two end-to-end paths between (A in Domain
1 to B in Domain 3) and (A in Domain 1 to C in Domain 4). The 1 to B in Domain 3) and (A in Domain 1 to C in Domain 4). The
MDSC (or Parent PCE) triggers the end to end path computation MDSC (or Parent PCE) triggers the end-to-end path computation
for these two paths. MDSC can do path computation based on the for these two paths. MDSC can do path computation based on the
abstracted domain topology that it already has or it may use abstracted domain topology that it already has, or it may use
the H-PCE procedures (Section 3.1) using the PCReq and PCRep the H-PCE procedures (Section 3.1) using the PCReq and PCRep
messages to get the end to end path with the help of the Child messages to get the end-to-end path with the help of the Child
PCEs (PNC). Either way, the resultant E2E paths may be broken PCEs (PNC). Either way, the resultant E2E paths may be broken
into per-domain paths. into per-domain paths.
* A-B: (A-B13,B13-B31,B31-B) * A-B: (A-B13,B13-B31,B31-B)
* A-C: (A-B13,B13-B31,B31-B34,B34-B43,B43-C) * A-C: (A-B13,B13-B31,B31-B34,B34-B43,B43-C)
* Per Domain Path Instantiation: Based on the above path * Per-Domain Path Instantiation: Based on the above path
computation, MDSC can issue the path instantiation request to computation, MDSC can issue the path instantiation request to
each PNC via PCInitiate message (see each PNC via PCInitiate message (see [PCE-HPCE] and [PCEP-VN]).
[I-D.ietf-pce-stateful-hpce] and A suitable stitching mechanism would be used to stitch these
[I-D.leedhody-pce-vn-association]). A suitable stitching per-domain LSPs. One such mechanism is described in
mechanism would be used to stitch these per domain LSPs. One [PCE-INTERDOMAIN], where PCEP is extended to support stitching
such mechanism is described in in stateful H-PCE context.
[I-D.dugeon-pce-stateful-interdomain], where PCEP is extended
to support stitching in stateful H-PCE context.
* Per Domain Path Report: Each PNC should report the status of * Per-Domain Path Report: Each PNC should report the status of
the per-domain LSP to the MDSC via PCRpt message, as per the the per-domain LSP to the MDSC via PCRpt message, as per the
Hierarchy of stateful PCE ([I-D.ietf-pce-stateful-hpce]). The hierarchy of stateful PCEs ([PCE-HPCE]). The status of the
status of the end to end LSP (A-B and A-C) is made up when all end-to-end LSP (A-B and A-C) is made up when all the per-domain
the per domain LSP are reported up by the PNCs. LSPs are reported up by the PNCs.
* Delegation: It is suggested that the per domain LSPs are * Delegation: It is suggested that the per-domain LSPs are
delegated to respective PNC, so that they can control the path delegated to respective PNCs so that they can control the path
and attributes based on each domain network conditions. and attributes based on the conditions of each domain network.
* State Synchronization: The state needs to be synchronized * State Synchronization: The state needs to be synchronized
between the Parent PCE and Child PCE. The mechanism described between the Parent PCE and Child PCE. The mechanism described
in [I-D.litkowski-pce-state-sync] can be used. in [PCE-STATE-SYNC] can be used.
o VN Modify: MDSC is requested to modify a VN, for example the o VN Modify: MDSC is requested to modify a VN, for example, the
bandwidth for VN is increased. This may trigger path computation bandwidth for VN is increased. This may trigger path computation
at MDSC as described in the previous step and can trigger an at MDSC as described in the previous step and can trigger an
update to existing per-intra-domain path (via PCUpd message) or update to an existing per-intradomain path (via PCUpd message) or
creation (or deletion) of a per-domain path (via PCInitiate the creation (or deletion) of a per-domain path (via PCInitiate
message). As described in [I-D.ietf-pce-stateful-hpce], this message). As described in [PCE-HPCE], this should be done in
should be done in make-before-break fashion. make-before-break fashion.
o VN Delete: MDSC is requested to delete a VN, in this case, based o VN Delete: MDSC is requested to delete a VN, in this case, based
on the E2E paths and the resulting per-domain paths need to be on the E2E paths, and the resulting per-domain paths need to be
removed (via PCInitiate message). removed (via PCInitiate message).
o VN Update (based on network changes): Any change in the per-domain o VN Update (based on network changes): Any change in the per-domain
LSP is reported to the MDSC (via PCRpt message) as per LSP is reported to the MDSC (via PCRpt message) as per [PCE-HPCE].
[I-D.ietf-pce-stateful-hpce]. This may result in changes in the This may result in changes in the E2E path or VN status. This may
E2E path or VN status. This may also trigger a re-optimization also trigger a reoptimization leading to a new per-domain path, an
leading to a new per-domain path, update to existing path, or update to an existing path, or the deletion of the path.
deletion of the path.
o VN Protection: The VN protection/restoration requirements, need to o VN Protection: The VN protection/restoration requirements need to
be applied to each E2E path as well as each per domain path. The be applied to each E2E path as well as each per-domain path. The
MDSC needs to play a crucial role in coordinating the right MDSC needs to play a crucial role in coordinating the right
protection/restoration policy across each PNC. The existing protection/restoration policy across each PNC. The existing
protection/restoration mechanism of PCEP can be applied on each protection/restoration mechanism of PCEP can be applied on each
path. path.
o In case a PNC generates an abstract topology towards the MDSC, the o In case a PNC generates an abstract topology towards the MDSC, the
PCInitiate/PCUpd messages from the MDSC to a PNC will contain a PCInitiate/PCUpd messages from the MDSC to a PNC will contain a
path with abstract nodes and links. A PNC would need to take that path with abstract nodes and links. A PNC would need to take that
as an input for path computation to get a path with physical nodes as an input for path computation to get a path with physical nodes
and links. Similarly, a PNC would convert the path received from and links. Similarly, a PNC would convert the path received from
the device (with physical nodes and links) into an abstract path the device (with physical nodes and links) into an abstract path
(based on the abstract topology generated before with abstract (based on the abstract topology generated before with abstract
nodes and links) and report it to the MDSC. nodes and links) and report it to the MDSC.
6. IANA Considerations 6. IANA Considerations
This document makes no requests for IANA action. This document has no IANA actions.
7. Security Considerations 7. Security Considerations
Various security considerations for PCEP are described in [RFC5440] Various security considerations for PCEP are described in [RFC5440]
and [RFC8253]. Security considerations as stated in Section 10.1, and [RFC8253]. Security considerations as stated in Sections 10.1,
Section 10.6, and Section 10.7 of [RFC5440] continue to apply on PCEP 10.6, and 10.7 of [RFC5440] continue to apply on PCEP when used as an
when used as ACTN interface. Further, this document lists various ACTN interface. Further, this document lists various extensions of
extensions of PCEP that are applicable, each of them specify various PCEP that are applicable; each of them specify various security
security considerations which continue to apply here. considerations that continue to apply here.
The ACTN framework described in [RFC8453] defines key components and The ACTN framework described in [RFC8453] defines key components and
interfaces for managed traffic engineered networks. It also lists interfaces for managed traffic-engineered networks. It also lists
various security considerations such as request and control of various security considerations such as request and control of
resources, confidentially of the information, and availability of resources, confidentially of the information, and availability of
function which should be taken into consideration. function, which should be taken into consideration.
As per [RFC8453], securing the request and control of resources, As per [RFC8453], securing the request and control of resources,
confidentiality of the information, and availability of function confidentiality of the information, and availability of function
should all be critical security considerations when deploying and should all be critical security considerations when deploying and
operating ACTN platforms. From a security and reliability operating ACTN platforms. From a security and reliability
perspective, ACTN may encounter many risks such as malicious attack perspective, ACTN may encounter many risks such as malicious attack
and rogue elements attempting to connect to various ACTN components and rogue elements attempting to connect to various ACTN components
(with PCE being one of them). Furthermore, some ACTN components (with PCE being one of them). Furthermore, some ACTN components
represent a single point of failure and threat vector and must also represent a single point of failure and threat vector, and must also
manage policy conflicts and eavesdropping of communication between manage policy conflicts and eavesdropping of communication between
different ACTN components. [RFC8453] further states that all different ACTN components. [RFC8453] further states that all
protocols used to realize the ACTN framework should have rich protocols used to realize the ACTN framework should have rich
security features, and customer, application and network data should security features, and customer, application, and network data should
be stored in encrypted data stores. When PCEP is used as an ACTN be stored in encrypted data stores. When PCEP is used as an ACTN
interface, the security of PCEP provided by Transport Layer Security interface, the security of PCEP provided by Transport Layer Security
(TLS) [RFC8253], as per the recommendations and best current (TLS) [RFC8253], as per the recommendations and best current
practices in [RFC7525] (unless explicitly set aside in [RFC8253]), is practices in [RFC7525] (unless explicitly set aside in [RFC8253]), is
used. used.
As per [RFC8453], regarding the MPI, a PKI- based mechanism is As per [RFC8453], regarding the MPI, a PKI-based mechanism is
suggested, such as building a TLS or HTTPS connection between the suggested, such as building a TLS or HTTPS connection between the
MDSC and PNCs, to ensure trust between the physical network layer MDSC and PNCs, to ensure trust between the physical network layer
control components and the MDSC. Which MDSC the PNC exports topology control components and the MDSC. Which MDSC the PNC exports topology
information to, and the level of detail (full or abstracted), should information to, and the level of detail (full or abstracted), should
also be authenticated, and specific access restrictions and topology also be authenticated, and specific access restrictions and topology
views should be configurable and/or policy based. When PCEP is used views should be configurable and/or policy based. When PCEP is used
in MPI, the security functions as per [RFC8253] are used to fulfill in MPI, the security functions, as per [RFC8253], are used to fulfill
these requirements. these requirements.
As per [RFC8453], regarding the CMI, suitable authentication and As per [RFC8453], regarding the CMI, suitable authentication and
authorization of each CNC connecting to the MDSC will be required. authorization of each CNC connecting to the MDSC will be required.
If PCEP is used in CMI, the security functions as per [RFC8253] can If PCEP is used in CMI, the security functions, as per [RFC8253], can
be used to support peer authentication, message encryption, and be used to support peer authentication, message encryption, and
integrity checks. integrity checks.
8. Acknowledgments 8. References
The authors would like to thank Jonathan Hardwick for the inspiration
behind this document. Further thanks to Avantika for her comments
with suggested text.
Thanks to Adrian Farrel and Daniel King for their substantial
reviews.
Thanks to Yingzhen Qu for RTGDIR review.
Thanks to Rifaat Shekh-Yusef for SECDIR review.
Thanks to Meral Shirazipour for GENART review.
Thanks to Roman Danyliw and Barry Leiba for IESG review comments.
Thanks to Deborah Brungard for being the responsible AD.
9. References
9.1. Normative References 8.1. Normative References
[RFC4655] Farrel, A., Vasseur, J., and J. Ash, "A Path Computation [RFC4655] Farrel, A., Vasseur, J., and J. Ash, "A Path Computation
Element (PCE)-Based Architecture", RFC 4655, Element (PCE)-Based Architecture", RFC 4655,
DOI 10.17487/RFC4655, August 2006, DOI 10.17487/RFC4655, August 2006,
<https://www.rfc-editor.org/info/rfc4655>. <https://www.rfc-editor.org/info/rfc4655>.
[RFC5440] Vasseur, JP., Ed. and JL. Le Roux, Ed., "Path Computation [RFC5440] Vasseur, JP., Ed. and JL. Le Roux, Ed., "Path Computation
Element (PCE) Communication Protocol (PCEP)", RFC 5440, Element (PCE) Communication Protocol (PCEP)", RFC 5440,
DOI 10.17487/RFC5440, March 2009, DOI 10.17487/RFC5440, March 2009,
<https://www.rfc-editor.org/info/rfc5440>. <https://www.rfc-editor.org/info/rfc5440>.
skipping to change at page 17, line 10 skipping to change at page 16, line 30
Path Computation Element Architecture to the Determination Path Computation Element Architecture to the Determination
of a Sequence of Domains in MPLS and GMPLS", RFC 6805, of a Sequence of Domains in MPLS and GMPLS", RFC 6805,
DOI 10.17487/RFC6805, November 2012, DOI 10.17487/RFC6805, November 2012,
<https://www.rfc-editor.org/info/rfc6805>. <https://www.rfc-editor.org/info/rfc6805>.
[RFC8453] Ceccarelli, D., Ed. and Y. Lee, Ed., "Framework for [RFC8453] Ceccarelli, D., Ed. and Y. Lee, Ed., "Framework for
Abstraction and Control of TE Networks (ACTN)", RFC 8453, Abstraction and Control of TE Networks (ACTN)", RFC 8453,
DOI 10.17487/RFC8453, August 2018, DOI 10.17487/RFC8453, August 2018,
<https://www.rfc-editor.org/info/rfc8453>. <https://www.rfc-editor.org/info/rfc8453>.
9.2. Informative References 8.2. Informative References
[ASSOC-POLICY]
Litkowski, S., Sivabalan, S., Tantsura, J., Hardwick, J.,
and M. Negi, "Path Computation Element communication
Protocol extension for associating Policies and LSPs",
Work in Progress, draft-ietf-pce-association-policy-05,
February 2019.
[EXP] Casellas, R., Vilalta, R., Martinez, R., Munoz, R., Zheng,
H., and Y. Lee, "Experimental Validation of the ACTN
architecture for flexi-grid optical networks using Active
Stateful Hierarchical PCEs", 19th International Conference
on Transparent Optical Networks (ICTON),
DOI 10.5281/zenodo.832904, July 2017,
<https://zenodo.org/record/832904>.
[PCE-HPCE]
Dhody, D., Lee, Y., Ceccarelli, D., Shin, J., and D. King,
"Hierarchical Stateful Path Computation Element (PCE).",
Work in Progress, draft-ietf-pce-stateful-hpce-10, June
2019.
[PCE-INTER-AREA]
King, D. and H. Zheng, "Applicability of the Path
Computation Element to Interarea and Inter-AS MPLS and
GMPLS Traffic Engineering", Work in Progress,
draft-ietf-pce-inter-area-as-applicability-07, December
2018.
[PCE-INTERDOMAIN]
Dugeon, O., Meuric, J., Lee, Y., and D. Ceccarelli, "PCEP
Extension for Stateful Interdomain Tunnels", Work in
Progress, draft-dugeon-pce-stateful-interdomain-02, March
2019.
[PCE-STATE-SYNC]
Litkowski, S., Sivabalan, S., Li, C., and H. Zheng, "Inter
Stateful Path Computation Element (PCE) Communication
Procedures.", Work in Progress,
draft-litkowski-pce-state-sync-05, March 2019.
[PCEP-LS] Dhody, D., Lee, Y., and D. Ceccarelli, "PCEP Extension for
Distribution of Link-State and TE Information.", Work in
Progress, draft-dhodylee-pce-pcep-ls-13, February 2019.
[PCEP-OPTICAL]
Lee, Y., Zheng, H., Ceccarelli, D., Wang, W., Park, P.,
and B. Yoon, "PCEP Extension for Distribution of Link-
State and TE information for Optical Networks", Work in
Progress, draft-lee-pce-pcep-ls-optical-07, March 2019.
[PCEP-VN] Lee, Y., Zhang, X., and D. Ceccarelli, "Path Computation
Element communication Protocol (PCEP) extensions for
Establishing Relationships between sets of LSPs and
Virtual Networks", Work in Progress,
draft-leedhody-pce-vn-association-08, June 2019.
[RFC3630] Katz, D., Kompella, K., and D. Yeung, "Traffic Engineering [RFC3630] Katz, D., Kompella, K., and D. Yeung, "Traffic Engineering
(TE) Extensions to OSPF Version 2", RFC 3630, (TE) Extensions to OSPF Version 2", RFC 3630,
DOI 10.17487/RFC3630, September 2003, DOI 10.17487/RFC3630, September 2003,
<https://www.rfc-editor.org/info/rfc3630>. <https://www.rfc-editor.org/info/rfc3630>.
[RFC4203] Kompella, K., Ed. and Y. Rekhter, Ed., "OSPF Extensions in [RFC4203] Kompella, K., Ed. and Y. Rekhter, Ed., "OSPF Extensions in
Support of Generalized Multi-Protocol Label Switching Support of Generalized Multi-Protocol Label Switching
(GMPLS)", RFC 4203, DOI 10.17487/RFC4203, October 2005, (GMPLS)", RFC 4203, DOI 10.17487/RFC4203, October 2005,
<https://www.rfc-editor.org/info/rfc4203>. <https://www.rfc-editor.org/info/rfc4203>.
skipping to change at page 19, line 34 skipping to change at page 21, line 5
Architecture for Use of PCE and the PCE Communication Architecture for Use of PCE and the PCE Communication
Protocol (PCEP) in a Network with Central Control", Protocol (PCEP) in a Network with Central Control",
RFC 8283, DOI 10.17487/RFC8283, December 2017, RFC 8283, DOI 10.17487/RFC8283, December 2017,
<https://www.rfc-editor.org/info/rfc8283>. <https://www.rfc-editor.org/info/rfc8283>.
[RFC8454] Lee, Y., Belotti, S., Dhody, D., Ceccarelli, D., and B. [RFC8454] Lee, Y., Belotti, S., Dhody, D., Ceccarelli, D., and B.
Yoon, "Information Model for Abstraction and Control of TE Yoon, "Information Model for Abstraction and Control of TE
Networks (ACTN)", RFC 8454, DOI 10.17487/RFC8454, Networks (ACTN)", RFC 8454, DOI 10.17487/RFC8454,
September 2018, <https://www.rfc-editor.org/info/rfc8454>. September 2018, <https://www.rfc-editor.org/info/rfc8454>.
[I-D.ietf-pce-stateful-hpce] Appendix A. Additional Information
Dhody, D., Lee, Y., Ceccarelli, D., Shin, J., King, D.,
and O. Dios, "Hierarchical Stateful Path Computation
Element (PCE).", draft-ietf-pce-stateful-hpce-07 (work in
progress), April 2019.
[I-D.ietf-pce-inter-area-as-applicability]
King, D. and H. Zheng, "Applicability of the Path
Computation Element to Inter-Area and Inter-AS MPLS and
GMPLS Traffic Engineering", draft-ietf-pce-inter-area-as-
applicability-07 (work in progress), December 2018.
[I-D.dhodylee-pce-pcep-ls] In the paper [EXP], the application of the ACTN architecture is
Dhody, D., Lee, Y., and D. Ceccarelli, "PCEP Extension for presented to demonstrate the control of a multidomain flexi-grid
Distribution of Link-State and TE Information.", draft- optical network by proposing, adopting, and extending:
dhodylee-pce-pcep-ls-13 (work in progress), February 2019.
[I-D.lee-pce-pcep-ls-optical] o the Hierarchical active stateful PCE architectures and protocols
Lee, Y., Zheng, H., Ceccarelli, D., weiw@bupt.edu.cn, w.,
Park, P., and B. Yoon, "PCEP Extension for Distribution of
Link-State and TE information for Optical Networks",
draft-lee-pce-pcep-ls-optical-07 (work in progress), March
2019.
[I-D.leedhody-pce-vn-association] o the PCEP protocol to support efficient and incremental link-state
Lee, Y., Zhang, X., and D. Ceccarelli, "PCEP Extensions topological reporting, known as PCEP-LS
for Establishing Relationships Between Sets of LSPs and
Virtual Networks", draft-leedhody-pce-vn-association-07
(work in progress), February 2019.
[I-D.litkowski-pce-state-sync] o the per-link partitioning of the optical spectrum based on
Litkowski, S., Sivabalan, S., Li, C., and H. Zheng, "Inter variable-sized allocated frequency slots enabling network sharing
Stateful Path Computation Element (PCE) Communication and virtualization
Procedures.", draft-litkowski-pce-state-sync-05 (work in
progress), March 2019.
[I-D.ietf-pce-association-policy] o the use of a model-based interface to dynamically request the
Litkowski, S., Sivabalan, S., Tantsura, J., Hardwick, J., instantiation of virtual networks for specific clients/tenants.
and M. Negi, "Path Computation Element communication
Protocol extension for associating Policies and LSPs",
draft-ietf-pce-association-policy-05 (work in progress),
February 2019.
[I-D.dugeon-pce-stateful-interdomain] The design and implementation of the test bed are reported in order
Dugeon, O., Meuric, J., Lee, Y., and D. Ceccarelli, "PCEP to validate the approach.
Extension for Stateful Inter-Domain Tunnels", draft-
dugeon-pce-stateful-interdomain-02 (work in progress),
March 2019.
[EXP] Casellas, R., Vilalta, R., Martinez, R., Munoz, R., Zheng, Acknowledgments
H., and Y. Lee, "Experimental Validation of the ACTN
architecture for flexi-grid optical networks using Active
Stateful Hierarchical PCEs", 19th International Conference
on Transparent Optical Networks (ICTON) , July 2017,
<http://www.cttc.es/publication/experimental-validation-
of-the-actn-architecture-for-flexi-grid-optical-networks-
using-active-stateful-hierarchical-pces/>.
Appendix A. Additional Information The authors would like to thank Jonathan Hardwick for the inspiration
behind this document. Further thanks to Avantika for her comments
with suggested text.
In the paper [EXP], the application of the ACTN architecture is Thanks to Adrian Farrel and Daniel King for their substantial
presented to demonstrate the control of a multi-domain flexi-grid reviews.
optical network, by proposing, adopting and extending -
o the Hierarchical active stateful PCE architectures and protocols Thanks to Yingzhen Qu for RTGDIR review.
o the PCEP protocol to support efficient and incremental link state Thanks to Rifaat Shekh-Yusef for SECDIR review.
topological reporting, known as PCEP-LS
o the per link partitioning of the optical spectrum based on Thanks to Meral Shirazipour for GENART review.
variable-sized allocated frequency slots enabling network sharing
and virtualization
o the use of a model-based interface to dynamically request the Thanks to Roman Danyliw and Barry Leiba for IESG review comments.
instantiation of virtual networks for specific clients / tenants.
The design and the implementation of the testbed are reported in Thanks to Deborah Brungard for being the responsible AD.
order to validate the approach.
Authors' Addresses Authors' Addresses
Dhruv Dhody Dhruv Dhody
Huawei Technologies Huawei Technologies
Divyashree Techno Park, Whitefield Divyashree Techno Park, Whitefield
Bangalore, Karnataka 560066 Bangalore, Karnataka 560066
India India
EMail: dhruv.ietf@gmail.com Email: dhruv.ietf@gmail.com
Young Lee Young Lee
Huawei Technologies Futurewei Technologies
5340 Legacy Drive, Building 3 5340 Legacy Drive, Suite 173
Plano, TX 75023 Plano, TX 75024
USA United States of America
EMail: leeyoung@huawei.com Email: younglee.tx@gmail.com
Daniele Ceccarelli Daniele Ceccarelli
Ericsson Ericsson
Torshamnsgatan,48 Torshamnsgatan,48
Stockholm Stockholm
Sweden Sweden
EMail: daniele.ceccarelli@ericsson.com Email: daniele.ceccarelli@ericsson.com
 End of changes. 117 change blocks. 
327 lines changed or deleted 319 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/