Network Working Group D. Dhody, Ed. Internet-Draft Huawei Technologies Intended status: Standards Track A. Farrel, Ed. Expires: December 30, 2017 Juniper Networks Z. Li Huawei Technologies June 28, 2017 PCEP Extension for Flow Specification draft-li-pce-pcep-flowspec-02 Abstract The Path Computation Element (PCE) is a functional component capable of selecting the paths through a traffic engineered networks. These paths may be supplied in response to requests for computation, or may be unsolicited directions issued by the PCE to network elements. Both approaches use the PCE Communication Protocol (PCEP) to convey the details of the computed path. Traffic flows may be categorized and described using "Flow Specifications". RFC 5575 defines the Flow Specification and describes how it may be distributed in BGP to allow specific traffic flows to be associated with routes. This document specifies a set of extensions to PCEP to support dissemination of Flow Specifications. This allows a PCE to indicate what traffic should be placed on each flow that it is aware of. It also allows a PCE to play a role in a BGP network by installing Flow Specification information at BGP speakers. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Dhody, et al. Expires December 30, 2017 [Page 1] Internet-Draft PCEP-FlowSpec June 2017 Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on December 30, 2017. Copyright Notice Copyright (c) 2017 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 3. Procedures for PCE Use of Flow Specifications . . . . . . . . 5 3.1. Capability Advertisement . . . . . . . . . . . . . . . . 5 3.1.1. PCEP OPEN Message . . . . . . . . . . . . . . . . . . 5 3.1.2. IGP PCE Capabilities Advertisement . . . . . . . . . 6 3.2. Dissemination Procedures . . . . . . . . . . . . . . . . 6 3.3. Flow Specification Synchronization . . . . . . . . . . . 7 4. PCE FlowSpec Capability TLV . . . . . . . . . . . . . . . . . 8 5. PCE Flow Spec Object . . . . . . . . . . . . . . . . . . . . 8 6. Flow Filter TLV . . . . . . . . . . . . . . . . . . . . . . . 9 7. Flow Specification TLVs . . . . . . . . . . . . . . . . . . . 10 8. Detailed Procedures . . . . . . . . . . . . . . . . . . . . . 13 8.1. Default Behavior . . . . . . . . . . . . . . . . . . . . 14 8.2. Composite Flow Specifications . . . . . . . . . . . . . . 14 8.2.1. Modifying Flow Specifications . . . . . . . . . . . . 14 8.3. Multiple Flow Specifications . . . . . . . . . . . . . . 14 8.3.1. Adding and Removing Flow Specifications . . . . . . . 15 8.4. Priorities and Overlapping Flow Specifications . . . . . 15 8.5. Error Processing . . . . . . . . . . . . . . . . . . . . 15 9. PCEP Messages . . . . . . . . . . . . . . . . . . . . . . . . 15 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 18 10.1. PCEP Objects . . . . . . . . . . . . . . . . . . . . . . 18 10.2. PCEP TLV Type Indicators . . . . . . . . . . . . . . . . 18 Dhody, et al. Expires December 30, 2017 [Page 2] Internet-Draft PCEP-FlowSpec June 2017 10.3. Flow Specification TLV Type Indicators . . . . . . . . . 19 10.4. PCEP Error Codes . . . . . . . . . . . . . . . . . . . . 19 10.5. PCE Capability Flag . . . . . . . . . . . . . . . . . . 20 11. Security Considerations . . . . . . . . . . . . . . . . . . . 20 12. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 20 13. References . . . . . . . . . . . . . . . . . . . . . . . . . 20 13.1. Normative References . . . . . . . . . . . . . . . . . . 20 13.2. Informative References . . . . . . . . . . . . . . . . . 21 Appendix A. Contributor Addresses . . . . . . . . . . . . . . . 23 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 24 1. Introduction Dissemination of traffic flow specifications (Flow Specifications) was introduced for BGP in [RFC5575]. A Flow Specification is comprised of traffic filtering rules and actions. The routers that receive a Flow Specification can classify received packets according to the traffic filtering rules and shape, rate limit, filter, or redirect packets based on the actions. The Flow Specification carried by BGP can be used to automate inter-domain coordination of traffic filtering to mitigate (distributed) denial-of-service attacks and can also be used to provide traffic filtering in the context of a BGP/MPLS Virtual Private Network (VPN) service. [RFC5575] also defines that a Flow Specification received from an external autonomous system will need to be validated against unicast routing before being accepted. [I-D.ietf-idr-bgp-flowspec-oid] describes a modification to the validation procedure to enable Flow Specifications to be originated from a centralized BGP route controller. [I-D.ietf-ospf-flowspec-extensions] defines extensions to OSPF to distribute Flow Specifications in the networks that only deploy an IGP (Interior Gateway Protocol) (i.e., OSPF). It also defines the validation procedures for imposing filtering information at routers. [RFC4655] defines the Path Computation Element (PCE), a functional component capable of computing paths for use in networks. PCE was originally conceived for use in Multiprotocol Label Switching (MPLS) for Traffic Engineering networks to derive the routes of Label Switched Paths (LSPs). However, the scope of PCE was quickly extended to make it applicable to Generalized MPLS (GMPLS) networks, and more recent work has brought other traffic engineering technologies and planning applications into scope (for example, Segment Routing [I-D.ietf-pce-segment-routing]). [RFC5440] describes the Path Computation Element Protocol (PCEP). PCEP defines the communication between a Path Computation Client Dhody, et al. Expires December 30, 2017 [Page 3] Internet-Draft PCEP-FlowSpec June 2017 (PCC) and a PCE, or between PCE and PCE, enabling computation of MPLS for Traffic Engineering LSP (TE-LSP) characteristics. Stateful PCE [I-D.ietf-pce-stateful-pce] specifies a set of extensions to PCEP to enable stateful control of TE-LSPs between and across PCEP sessions in compliance with [RFC4657]. It includes mechanisms to effect LSP state synchronization between PCCs and PCEs, delegation of control of LSPs to PCEs, and PCE control of timing and sequence of path computations within and across PCEP sessions and focuses on a model where LSPs are configured on the PCC and control over them is delegated to the PCE. [I-D.ietf-pce-pce-initiated-lsp] describes the setup, maintenance, and teardown of PCE-initiated LSPs under the stateful PCE model, without the need for local configuration on the PCC, thus allowing for a dynamic network that is centrally controlled and deployed. [I-D.ietf-teas-pce-central-control] introduces the architecture for PCE as a central controller and describes how PCE can be viewed as a component that performs computation to place 'flows' within the network and decide how these flows are routed. When a PCE is used to initiate tunnels (such as TE-LSPs) using PCEP, it is important that the head end of the tunnels understands what traffic to place on each tunnel. The data flows intended for a tunnel can be described using Flow Specifications, and when PCEP is in use for tunnel initiation it makes sense for that same protocol to be used to distribute the Flow Specifications that describe what data flows on those tunnels. This document specifies a set of extensions to PCEP to support dissemination of Flow Specifications. The extensions include the creation, update, and withdrawal of Flow Specifications via PCEP and can be applied to tunnels initiated by the PCE or to tunnels where control is delegated to the PCE by the PCC. Furthermore, a PCC requesting a new path can include Flow Specifications in the request to indicate the purpose of the tunnel allowing the PCE to factor this in during the path computation. Flow Specifications are carried in TLVs within a new Flow Spec Object defined in this document. The flow filtering rules indicated by the Flow Specifications are mainly defined by BGP Flow Specifications. 2. Terminology This document uses the following terms defined in [RFC5440]: PCC, PCE, PCEP Peer. Dhody, et al. Expires December 30, 2017 [Page 4] Internet-Draft PCEP-FlowSpec June 2017 The following term from [RFC5575] is used frequently throughout this document: Flow Specification (FlowSpec): A Flow Specification is an n-tuple consisting of several matching criteria that can be applied to IP traffic, including filters and actions. Each FlowSpec consists of a set of filters and a set of actions. This document uses the terms "stateful PCE" and "active PCE" as advocated in [RFC7399]. 3. Procedures for PCE Use of Flow Specifications There are three elements of procedure: o A PCE and a PCC must be able to indicate whether or not they support the use of Flow Specifications. o A PCE or PCC must be able to include Flow Specifications in PCEP messages with clear understanding of the applicability of those Flow Specifications in each case including whether the use of such information is mandatory, constrained, or optional. o Synchronization of Flow Specification information/state between PCEP peers. The following subsections describe these points. 3.1. Capability Advertisement 3.1.1. PCEP OPEN Message During PCEP session establishment, a PCC or PCE that supports the procedures described in this document announces this fact by including the "PCE FlowSpec Capability" TLV, described in Section 4, in the OPEN Object carried in the to advertise its support for PCEP extensions for PCE FlowSpec Capability. The presence of the PCE FlowSpec Capability TLV in the OPEN Object in a PCE's OPEN message indicates that the PCE can support distribute the FlowSpec to PCCs and can receive FlowSpecs in messages from the PCCs. The presence of the PCE FlowSpec Capability TLV in the OPEN Object in a PCC's OPEN message indicates that the PCC supports the FlowSpec functionality described in this document. Dhody, et al. Expires December 30, 2017 [Page 5] Internet-Draft PCEP-FlowSpec June 2017 If either one of a pair of PCEP peers does not indicate support of the FlowSpec functionality described in this document by including the PCE FlowSpec Capability TLV in the OPEN Object in its OPEN message, then the other peer MUST NOT include a FlowSpec object in any PCEP message send to the peer that does not support the procedures. If a FlowSpec object is received even though support has not been indicated, the receiver will respond with a PCErr message reporting the objects containing the FlowSpec as described in [RFC5440]: that is, it will use 'Unknown Object' if it does not support this specification, and 'Not supported object' if it supports this specification but has not chosen to support FlowSpec objects on this PCEP session. 3.1.2. IGP PCE Capabilities Advertisement The ability to advertise support for PCEP and PCE features in IGP advertisements is provided for OSPF in [RFC5088] and for IS-IS in [RFC5089]. The mechanism uses the PCE Discovery TLV which has a PCE- CAP-FLAGS sub-TLV containing bit-flags each of which indicates support for a different feature. This document defines a new PCE-CAP-FLAGS sub-TLV bit, the FlowSpec Capable flag (bit number TBD1). Setting the bit indicates that an advertising PCE supports the procedures defined in this document. Note that while PCE FlowSpec Capability may be advertised during discovery, PCEP speakers that wish to use Flow Specification in PCEP MUST negotiate PCE FlowSpec Capability during PCEP session setup, as specified in Section 3.1.1. A PCC MAY initiate PCE FlowSpec Capability negotiation at PCEP session setup even if it did not receive any IGP PCE capability advertisement. 3.2. Dissemination Procedures This section introduces the procedures to support Flow Specifications in PCEP messages. The primary purpose of distributing Flow Specifications information is to allow a PCE to indicate to a PCC what traffic it should place on a path (such as an LSP or a Segment Routing path). This means that the Flow Specification may be included in: o PCInitiate messages so that an active PCE can indicate the traffic to place on a path at the time that the PCE instantiates the path. o PCUpd messages so that an active PCE can indicate or change the traffic to place on a path that has already been set up. Dhody, et al. Expires December 30, 2017 [Page 6] Internet-Draft PCEP-FlowSpec June 2017 o PCRpt messages so that a PCC could report the traffic that the PCC plans to place on the path. o PCReq messages so that a PCC can indicate what traffic it plans to place on a path at the time it requests the PCE to perform a computation in case that information aids the PCE in its work. o PCRep messages so that a PCE that has been asked to compute a path can suggest which traffic could be placed on a path that a PCC may be about to set up. o PCErr messages so that issues related to paths and the traffic they carry can be reported to the PCE by the PCC, and so that problems with other PCEP messages that carry Flow Specifications can be reported. To carry Flow Specifications in PCEP messages, this document defines a new PCEP object called the PCE Flow Spec Object. The object optional can appear more than once in any of the messages described above. The PCE Flow Spec Object carries one or more Flow Filter TLVs, each of which describes a traffic flow. The inclusion of multiple PCE Flow Spec Objects allow multiple traffic flows to be placed on a single path. Once a PCE and PCC have established that they can both support the use of Flow Specifications in PCEP messages such information may be exchanged at any time for new or existing paths. 3.3. Flow Specification Synchronization The Flow Specifications are carried along with the LSP State information as per [I-D.ietf-pce-stateful-pce], making the Flow Specifications as part of the LSP database (LSP-DB). Thus, the synchronization of the Flow Specification information is done as part of the LSP-DB synchronization. This may be achieved using normal state synchronization procedures as described in [I-D.ietf-pce-stateful-pce] or enhanced state synchronization procedures as defined in [I-D.ietf-pce-stateful-sync-optimizations]. The approach selected will be implementation and deployment specific and will depend on issues such as how the databases are constructed and what level of synchronization support is needed. Dhody, et al. Expires December 30, 2017 [Page 7] Internet-Draft PCEP-FlowSpec June 2017 4. PCE FlowSpec Capability TLV The PCE-FLOWSPEC-CAPABILITY TLV is an optional TLV associated with the OPEN Object [RFC5440] to exchange PCE FlowSpec capabilities of PCEP speakers. The format of the PCE-FLOWSPEC-CAPABILITY TLV follows the format of all PCEP TLVs as defined in [RFC5440] and is shown in Figure 1. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type=[TBD2] | Length=2 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Value=0 | Padding | +---------------------------------------------------------------+ Figure 1: PCE-FLOWSPEC-CAPABILITY TLV format The type of the PCE-FLOWSPEC-CAPABILITY TLV is TBD2 and it has a fixed length of 2 octets. The Value field is set to default value 0. The inclusion of this TLV in an OPEN object indicate that the sender can perform FlowSpec handling as defined in this document. 5. PCE Flow Spec Object The PCEP Flow Spec object defined in this document are compliant with the PCEP object format defined in [RFC5440]. The PCEP Flow Spec object carries a FlowSpec filter rule encoded in a TLV (as defined in Section 6 and is OPTIONAL in the PCReq, PCRep, PCErr, PCInitiate, PCRpt, and PCUpd messages. It MAY be present zero, one, or more times. Each instance of the object specifies a traffic flow. The FLOW SPEC Object-Class is TBD3 (to be assigned by IANA). The FLOW SPEC Object-Type is 1. The format of the body of the PCE Flow Spec object is shown in Figure 2 Dhody, et al. Expires December 30, 2017 [Page 8] Internet-Draft PCEP-FlowSpec June 2017 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | FS-ID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Reserved |R| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | Flow Filter TLV (variable) | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 2: PCE Flow Spec Object Body Format FS-ID(32-bit): A PCEP-specific identifier for the FlowSpec information. A PCE creates an unique FS-ID for each FlowSpec that is constant for the lifetime of a PCEP session. All subsequent PCEP messages then address the FlowSpec by the FS-ID. The values 0 and 0xFFFFFFFF are reserved. Reserved bits: MUST be set to zero on transmission and ignored on receipt. R bit: The Remove bit is set when a PCE Flow Spec Object is included in a PCEP message to indicate removal of the Flow Specification from the associated tunnel. If the bit is clear, the Flow Specification is being added or modified. Flow Filter TLV (variable): One TLV MAY be included. The Flow Filter TLV is OPTIONAL when the R bit is set. The TLV MUST be present when the R bit is clear. If the TLV is missing when the R bit is clear, the PCEP peer MUST respond with a PCErr message with error-type TBD8 (FlowSpec Error), error-value 1 (Malformed FlowSpec). 6. Flow Filter TLV A new PCEP TLV is defined to convey Flow Specification filtering rules that specify what traffic is carried on a path. The TLV follows the format of all PCEP TLVs as defined in [RFC5440]. The Type field values come from the codepoint space for PCEP TLVs an has the value TBD4. The Value field contains one or more sub-TLVs (the Flow Specification TLVs) as defined in Section 7. Only one Flow Filter TLV can be present which represents the complete definition of a Flow Specification for traffic to be placed on the tunnel indicated by the Dhody, et al. Expires December 30, 2017 [Page 9] Internet-Draft PCEP-FlowSpec June 2017 PCEP message in which the PCE Flow Spec Object is carried. The set of Flow Specification TLVs in a single instance of a Flow Filter TLV are combined to indicate the specific Flow Specification. 7. Flow Specification TLVs The Flow Specification TLVs carried as sub-TLVs of the Flow Filter TLV also follow the format of all PCEP TLVs as defined in [RFC5440], however, the Type values are selected from a separate IANA registry (see Section 10) rather than from the common PCEP TLV registry. Type values are chosen so that there can be commonality with Flow Specifications defined for use with BGP. This is possible because the BGP Flow Spec encoding uses a single octet to encode the type where PCEP uses two octets. Thus the space of values for the Type field is partitioned as shown in Figure 3. Range | ---------------+--------------------------------------------------- 0 | Reserved - must not be allocated. | 1 .. 255 | Per BGP registry defined by [RFC5575]. | Not to be allocated in this registry. | 256 .. 65535 | New PCEP Flow Specs allocated according to the | registry defined in this document. Figure 3: Flow Specification TLV Type Ranges The content of Value field each TLV is specific to the type and describes the parameters of the Flow Specification. The definition of the format of many of these Value fields is inherited from BGP specifications as shown in Figure 4. Specifically, the inheritance is from [RFC5575] and [I-D.ietf-idr-flow-spec-v6], but may also be inherited from future BGP specifications. When multiple Flow Specification TLVs are present in a single Flow Filter TLVs they are combined to produce a more detailed description of a flow. For examples and rules about how this is achieved, see [RFC5575]. When used in other protocols (such as BGP) these Flow Specifications are also associated with actions to indicate how traffic matching the Flow Specification should be treated. However, in PCEP the only action is to associated the traffic with a tunnel and to forward Dhody, et al. Expires December 30, 2017 [Page 10] Internet-Draft PCEP-FlowSpec June 2017 matching traffic on to that path, so no encoding of an action is needed. Section 8.4 describes how overlapping Flow Specifications are prioritized and handled. Dhody, et al. Expires December 30, 2017 [Page 11] Internet-Draft PCEP-FlowSpec June 2017 +-------+-------------------------+-----------------------------+ | Type | Description | Value defined in | | | | | +-------+-------------------------+-----------------------------+ | * | Destination IPv4 Prefix | [RFC5575] | +-------+-------------------------+-----------------------------+ | * | Source IPv4 Prefix | [RFC5575] | +-------+-------------------------+-----------------------------+ | * | IP Protocol | [RFC5575] | +-------+-------------------------+-----------------------------+ | * | Port | [RFC5575] | +-------+-------------------------+-----------------------------+ | * | Destination port | [RFC5575] | +-------+-------------------------+-----------------------------+ | * | Source port | [RFC5575] | +-------+-------------------------+-----------------------------+ | * | ICMP type | [RFC5575] | +-------+-------------------------+-----------------------------+ | * | ICMP code | [RFC5575] | +-------+-------------------------+-----------------------------+ | * | TCP flags | [RFC5575] | +-------+-------------------------+-----------------------------+ | * | Packet length | [RFC5575] | +-------+-------------------------+-----------------------------+ | * | DSCP | [RFC5575] | +-------+-------------------------+-----------------------------+ | * | Fragment | [RFC5575] | +-------+-------------------------+-----------------------------+ | * | Flow Label | [I-D.ietf-idr-flow-spec-v6] | +-------+-------------------------+-----------------------------+ | * | Destination IPv6 Prefix | [I-D.ietf-idr-flow-spec-v6] | +-------+-------------------------+-----------------------------+ | * | Source IPv6 Prefix | [I-D.ietf-idr-flow-spec-v6] | +-------+-------------------------+-----------------------------+ | * | Next Header | [I-D.ietf-idr-flow-spec-v6] | +-------+-------------------------+-----------------------------+ | TBD5 | Route Distinguisher | [I-D.dhodylee-pce-pcep-ls] | +-------+-------------------------+-----------------------------+ | TBD6 | IPv4 Multicast Flow | [This.I-D] | +-------+-------------------------+-----------------------------+ | TBD7 | IPv6 Multicast Flow | [This.I-D] | +-------+-------------------------+-----------------------------+ * Indicates that the TLV Type value comes from the value used in Figure 4: Table of Flow Specification TLV Types Dhody, et al. Expires December 30, 2017 [Page 12] Internet-Draft PCEP-FlowSpec June 2017 All Flow Specification TLVs with Types in the range 1 to 255 have Values defined for use in BGP (for example in [RFC5575] and [I-D.ietf-idr-flow-spec-v6]) and are set using the BGP encoding, but without the type or length octets (the relevant information is in the Type and Length fields of the TLV). The Value field is padded with trailing zeros to achieve 4-byte alignment if necessary. [I-D.dhodylee-pce-pcep-ls] defines a way to convey identification of a VPN in PCEP via a Route Distinguisher (RD) [RFC4364] and encoded in ROUTE-DISTINGUISHER TLV. A Flow Specification TLV with Type TBD5 carries a Value field matching that in the ROUTE-DISTINGUISHER TLV and is used to identify that other flow filter information (for example, an IPv4 destination prefix) is associated with a specific VPN identified by the RD. Although it may be possible to describe a multicast Flow Specification from the combination of other Flow Specification TLVs with specific values, it is more convenient to use a dedicated Flow Specification TLV. Flow Specification TLVs with Type values TBD6 and TBD7 are used to identify a multicast flow for IPv4 and IPv6 respectively. The Value field is encoded as shown in Figure 5. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Rsvd |S|W|R| Rsvd |B|Z| Src Mask Len | Grp Mask Len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ~ Source Address ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ~ Group multicast Address ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 5: Multicast Flow Specification TLV Encoding The fields of the two Multicast Flow Specification TLVs are as described in Section 4.9.1 of [RFC7761] noting that the two address fields are 32 bits for the IPv4 Multicast Flow and 128 bits for the IPv6 Multicast Flow. 8. Detailed Procedures This section outlines some specific detailed procedures for using the protocol extensions defined in this document. Dhody, et al. Expires December 30, 2017 [Page 13] Internet-Draft PCEP-FlowSpec June 2017 8.1. Default Behavior The default behavior is that no Flow Specification is applied to a tunnel. That is, the default is that the Flow Spec object is not used as in all systems before the implementation of this specification. In this case it is a local matter (such as through configuration) how tunnel head ends are instructed what traffic to place on a tunnel. 8.2. Composite Flow Specifications Flow Specifications may be represented by a single Flow Specification TLV or may require a more complex description using multiple Flow Specification TLVs. For example, a flow indicated by a source- destination pair of IPv6 addresses would be described by the combination of Destination IPv6 Prefix and Source IPv6 Prefix Flow Specification TLVs. 8.2.1. Modifying Flow Specifications A PCE may want to modify a Flow Specification associate with a tunnel, or a PCC may want to report a change to the Flow Specification it is using with a tunnel. It is important that the specific Flow Specification is identified so that it is clear that this is a modification of an existing flow and not the addition of a new flow as described in Section 8.3. The FS- ID field of the PCE Flow Spec Object is used to identify an specific Flow Specification. When modifying a Flow Specification, all Flow Specification TLVs for the intended specification of the flow MUST be included in the PCE Flow Spec Object and the FS-ID MUST be retained from the previous description of the flow. 8.3. Multiple Flow Specifications It is possible that multiple flows will be place on a single tunnel. In some cases it is possible to to define these within a single PCE Flow Spec Object: for example, two Destination IPv4 Prefix TLVs could be included to indicate that packets matching either prefix are acceptable. Note that from PCEP point of view it would be considered as a single Flow Specification identified by an FS-ID. However, in other scenarios using multiple Flow Specification TLVs would be confusing. For example, if flows from A to B and from C to D are to be included then using two Source IPv4 Prefix TLVs and two Dhody, et al. Expires December 30, 2017 [Page 14] Internet-Draft PCEP-FlowSpec June 2017 Destination IPv4 Prefix TLVs would be confusing. In these cases, each Flow Specification is carried in its own PCE Flow Spec Object with multiple objects present on a single PCEP message. Use of separate object allow easier removal and modification of Flow Specification. 8.3.1. Adding and Removing Flow Specifications The Remove bit in the the PCE Flow Spec Object is left clear when a Flow Specification is being added or modified. To remove a Flow Specification, a PCE Flow Spec Object is included with the FS-ID matching the one being removed, and the R bit set to indicate removal. In this case it is not necessary to include any Flow Specification TLVs. 8.4. Priorities and Overlapping Flow Specifications TBD 8.5. Error Processing TBD 9. PCEP Messages The FLOW SPEC Object is OPTIONAL and MAY be carried in the PCEP messages. The PCInitiate message is defined in [I-D.ietf-pce-pce-initiated-lsp] and updated as below: Dhody, et al. Expires December 30, 2017 [Page 15] Internet-Draft PCEP-FlowSpec June 2017 ::= Where: ::= [] ::= ( | ) ::= [] [] [] Where: ::= [] The PCUpd message is defined in [I-D.ietf-pce-stateful-pce] and updated as below: ::= Where: ::= [] ::= [] Where: ::= ::= [] The PCRpt message is defined in [I-D.ietf-pce-stateful-pce] and updated as below: Dhody, et al. Expires December 30, 2017 [Page 16] Internet-Draft PCEP-FlowSpec June 2017 ::= Where: ::= [] ::= [] [] Where: ::= [] ::= [] The PCReq message is defined in [RFC5440] and updated in [I-D.ietf-pce-stateful-pce], it is further updated below for flow specification: ::= [] Where: ::= [] ::= [] ::= [] [] [] [] [[]] [] [] [] Where: ::= [] Dhody, et al. Expires December 30, 2017 [Page 17] Internet-Draft PCEP-FlowSpec June 2017 The PCRep message is defined in [RFC5440] and updated in [I-D.ietf-pce-stateful-pce], it is further updated below for flow specification: ::= Where: ::=[] ::= [] [] [] [] [] Where: ::= [] 10. IANA Considerations IANA maintains the "Path Computation Element Protocol (PCEP) Numbers" registry. This document requests IANA actions to allocate code points for the protocol elements defined in this document. 10.1. PCEP Objects Each PCEP object has an Object-Class and an Object-Type. IANA maintains a subregistry called "PCEP Objects". IANA is requested to make an assingment from this subregistry as follows: Object-Class | Value Name | Object-Type | Reference -------------+---------------+----------------------+---------------- TBD3 | FLOW SPEC | 0 (Reserved) | [This.I-D] | 1 | [This.I-D] 10.2. PCEP TLV Type Indicators IANA maintains a subregistry called "PCEP TLV Type Indicators". IANA is requested to make an assingment from this subregistry as follows: Dhody, et al. Expires December 30, 2017 [Page 18] Internet-Draft PCEP-FlowSpec June 2017 Value | Meaning | Reference --------+------------------------------+------------- TBD2 | PCE-FLOWSPEC-CAPABILITY TLV | [This.I-D] TBD4 | FLOW FILTER TLV | [This.I-D] 10.3. Flow Specification TLV Type Indicators IANA is requested to create a new subregistry call the PCEP Flow Specification TLV Type Indicators registry. Allocations from this registry are to be made according to the following assignment policies [RFC8126]: Range | Assignment policy ---------------+--------------------------------------------------- 0 | Reserved - must not be allocated. | 1 .. 255 | Reserved - must not be allocated. | Usage mirrors the BGP FlowSpec registry [RFC5575]. | 258 .. 64506 | Specification Required | 64507 .. 65531 | First Come First Served | 65532 .. 65535 | Experimental IANA is requested to pre-populate this registry with values defined in this document as follows: Value | Meaning -------+------------------------ TBD5 | Route Distinguisher TBD6 | IPv4 Multicast TBD7 | IPv6 Multicast 10.4. PCEP Error Codes IANA maintains a subregistry called "PCEP-ERROR Object Error Types and Values". Entries in this subregistry are described by Error-Type and Error-value. IANA is requested to make the following assignment from this subregistry: Dhody, et al. Expires December 30, 2017 [Page 19] Internet-Draft PCEP-FlowSpec June 2017 Error-| Meaning | Error-value | Reference Type | | | -------+--------------------+----------------------------+----------- TBD8 | FlowSpec error | 0: Unassigned | [This.I-D] | | 1: Unsupported FlowSpec | [This.I-D] | | 2: Malformed FlowSpec | [This.I-D] | | 3: Unresolvable conflict | [This.I-D] | | 4-255: Unassigned | [This.I-D] 10.5. PCE Capability Flag IANA maintains a subregistry called "Open Shortest Path First v2 (OSPFv2) Parameters" with a sub-registry called "Path Computation Element (PCE) Capability Flags". IANA is requested to assign a new capability bit from this registry as follows: Bit | Capability Description | Reference -------+-------------------------------+------------ TBD1 | FlowSpec | [This.I-D] 11. Security Considerations TBD. 12. Acknowledgements Thanks to Julian Lucek and Sudhir Cheruathur for useful discussions. 13. References 13.1. Normative References [I-D.dhodylee-pce-pcep-ls] Dhody, D., Lee, Y., and D. Ceccarelli, "PCEP Extension for Distribution of Link-State and TE Information.", draft- dhodylee-pce-pcep-ls-08 (work in progress), June 2017. [I-D.ietf-idr-flow-spec-v6] McPherson, D., Raszuk, R., Pithawala, B., akarch@cisco.com, a., and S. Hares, "Dissemination of Flow Specification Rules for IPv6", draft-ietf-idr-flow-spec- v6-08 (work in progress), March 2017. Dhody, et al. Expires December 30, 2017 [Page 20] Internet-Draft PCEP-FlowSpec June 2017 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC5440] Vasseur, JP., Ed. and JL. Le Roux, Ed., "Path Computation Element (PCE) Communication Protocol (PCEP)", RFC 5440, DOI 10.17487/RFC5440, March 2009, . [RFC5575] Marques, P., Sheth, N., Raszuk, R., Greene, B., Mauch, J., and D. McPherson, "Dissemination of Flow Specification Rules", RFC 5575, DOI 10.17487/RFC5575, August 2009, . 13.2. Informative References [I-D.ietf-idr-bgp-flowspec-oid] Uttaro, J., Alcaide, J., Filsfils, C., Smith, D., and P. Mohapatra, "Revised Validation Procedure for BGP Flow Specifications", draft-ietf-idr-bgp-flowspec-oid-04 (work in progress), March 2017. [I-D.ietf-ospf-flowspec-extensions] liangqiandeng, l., You, J., Wu, N., Fan, P., Patel, K., and A. Lindem, "OSPF Extensions for Flow Specification", draft-ietf-ospf-flowspec-extensions-01 (work in progress), April 2016. [I-D.ietf-pce-pce-initiated-lsp] Crabbe, E., Minei, I., Sivabalan, S., and R. Varga, "PCEP Extensions for PCE-initiated LSP Setup in a Stateful PCE Model", draft-ietf-pce-pce-initiated-lsp-10 (work in progress), June 2017. [I-D.ietf-pce-segment-routing] Sivabalan, S., Filsfils, C., Tantsura, J., Henderickx, W., and J. Hardwick, "PCEP Extensions for Segment Routing", draft-ietf-pce-segment-routing-09 (work in progress), April 2017. [I-D.ietf-pce-stateful-pce] Crabbe, E., Minei, I., Medved, J., and R. Varga, "PCEP Extensions for Stateful PCE", draft-ietf-pce-stateful- pce-21 (work in progress), June 2017. Dhody, et al. Expires December 30, 2017 [Page 21] Internet-Draft PCEP-FlowSpec June 2017 [I-D.ietf-pce-stateful-sync-optimizations] Crabbe, E., Minei, I., Medved, J., Varga, R., Zhang, X., and D. Dhody, "Optimizations of Label Switched Path State Synchronization Procedures for a Stateful PCE", draft- ietf-pce-stateful-sync-optimizations-10 (work in progress), March 2017. [I-D.ietf-teas-pce-central-control] Farrel, A., Zhao, Q., Li, Z., and C. Zhou, "An Architecture for Use of PCE and PCEP in a Network with Central Control", draft-ietf-teas-pce-central-control-03 (work in progress), June 2017. [RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private Networks (VPNs)", RFC 4364, DOI 10.17487/RFC4364, February 2006, . [RFC4655] Farrel, A., Vasseur, J., and J. Ash, "A Path Computation Element (PCE)-Based Architecture", RFC 4655, DOI 10.17487/RFC4655, August 2006, . [RFC4657] Ash, J., Ed. and J. Le Roux, Ed., "Path Computation Element (PCE) Communication Protocol Generic Requirements", RFC 4657, DOI 10.17487/RFC4657, September 2006, . [RFC5088] Le Roux, JL., Ed., Vasseur, JP., Ed., Ikejiri, Y., and R. Zhang, "OSPF Protocol Extensions for Path Computation Element (PCE) Discovery", RFC 5088, DOI 10.17487/RFC5088, January 2008, . [RFC5089] Le Roux, JL., Ed., Vasseur, JP., Ed., Ikejiri, Y., and R. Zhang, "IS-IS Protocol Extensions for Path Computation Element (PCE) Discovery", RFC 5089, DOI 10.17487/RFC5089, January 2008, . [RFC7399] Farrel, A. and D. King, "Unanswered Questions in the Path Computation Element Architecture", RFC 7399, DOI 10.17487/RFC7399, October 2014, . [RFC7761] Fenner, B., Handley, M., Holbrook, H., Kouvelas, I., Parekh, R., Zhang, Z., and L. Zheng, "Protocol Independent Multicast - Sparse Mode (PIM-SM): Protocol Specification (Revised)", STD 83, RFC 7761, DOI 10.17487/RFC7761, March 2016, . Dhody, et al. Expires December 30, 2017 [Page 22] Internet-Draft PCEP-FlowSpec June 2017 [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 8126, DOI 10.17487/RFC8126, June 2017, . Appendix A. Contributor Addresses Shankara Huawei Technologies Divyashree Techno Park, Whitefield Bangalore, Karnataka 560066 India Email: shankara@huawei.com Qiandeng Liang Huawei Technologies 101 Software Avenue, Yuhuatai District Nanjing 210012 China Email: liangqiandeng@huawei.com Cyril Margaria Juniper Networks 200 Somerset Corporate Boulevard, Suite 4001 Bridgewater, NJ 08807 USA Email: cmargaria@juniper.net Colby Barth Juniper Networks 200 Somerset Corporate Boulevard, Suite 4001 Bridgewater, NJ 08807 USA Email: cbarth@juniper.net Xia Chen Huawei Technologies Dhody, et al. Expires December 30, 2017 [Page 23] Internet-Draft PCEP-FlowSpec June 2017 Huawei Bld., No.156 Beiqing Rd. Beijing 100095 China Email: jescia.chenxia@huawei.com Shunwan Zhuang Huawei Technologies Huawei Bld., No.156 Beiqing Rd. Beijing 100095 China Eemail: zhuangshunwan@huawei.com Authors' Addresses Dhruv Dhody (editor) Huawei Technologies Divyashree Techno Park, Whitefield Bangalore, Karnataka 560066 India Email: dhruv.ietf@gmail.com Adrian Farrel (editor) Juniper Networks Email: afarrel@juniper.net Zhenbin Li Huawei Technologies Huawei Bld., No.156 Beiqing Rd. Beijing 100095 China Email: lizhenbin@huawei.com Dhody, et al. Expires December 30, 2017 [Page 24]