PCEP Extensions for MPSL-TE LSP Path Protection with stateful PCEPacket Design1 South Almaden Blvd, #1150,San Jose, CA, 95113USAhari@packetdesign.comCisco2000 Innovation DriveKananta, Ontaria K2K 3E8Canadamsiva@cisco.comJuniper Networks1194 N Mathilda Ave,Sunnyvale, CA, 94086USAcbarth@juniper.netJuniper Networks1194 N Mathilda Ave,Sunnyvale, CA, 94086USArtorvi@juniper.netGoogle, Inc1600 Amphitheatre ParkwayMountain View, CA, 94043USAinaminei@google.comIndividual Contributoredward.crabbe@gmail.comHuawei TechnologiesDivyashree Techno Park, WhitefieldBangaloreKarnataka560066Indiadhruv.ietf@gmail.comPCE Working GroupPCEP A stateful Path Computation Element (PCE) is capable of computing as well as controlling via
Path Computation Element Protocol (PCEP) Multiprotocol Label Switching Traffic Engineering Label Switched Paths (MPLS LSP).
Furthermore, it is also possible for a stateful PCE to create, maintain, and delete LSPs. This document describes
PCEP extension to associate two or more LSPs to provide end-to-end path protection. describes PCEP for communication between a Path Computation Client (PCC) and a PCE or
between one a pair of PCEs as per . A PCE computes paths for MPLS-TE LSPs based on various constraints and optimization criteria. Stateful pce specifies a set of extensions to PCEP to enable
stateful control of paths such as MPLS TE LSPs between and across PCEP sessions in compliance with .
It includes mechanisms to effect LSP state synchronization between PCCs and PCEs, delegation of control of LSPs
to PCEs, and PCE control of timing and sequence of path computations within and across PCEP sessions and focuses
on a model where LSPs are configured on the PCC and control over them is delegated to the PCE. Furthermore, a
mechanism to dynamically instantiate LSPs on a PCC based on the requests from a stateful PCE or a controller
using stateful PCE, is specified in .Path protection refers to a paradigm in which the working LSP is protected by one or more protection LSP(s).
When the working LSP fails, protection LSP(s) is/are activated. When the working LSPs are computed and controlled
by the PCE, there is benefit in a mode of operation where protection LSPs are as well. This document specifies a stateful PCEP extension to associate two or more LSPs for the purpose of setting up
path protection. The proposed extension covers the following scenarios:
A PCC initiates a protection LSP and retains the control of the LSP. The PCC computes the path itself or makes a
request for path computation to a PCE. After the path setup, it reports the information and state of the path to the PCE.
This is the passive stateful mode .
A PCC initiates a protection LSP and delegates the control of the LSP to a stateful PCE. The PCE
may compute the path for the LSP and update the PCC with the information about the path as long as it controls the LSP.
This is the active stateful mode .
A protection LSP could be initiated by a stateful PCE, which retains the control of the LSP.
The PCE is responsible for computing the path of the LSP and updating to the PCC with the information about the path.
This is the PCE Initiated mode .
Note that protection LSP can be established prior to the failure (in which case the LSP is said to me in standby mode) or post failure of the corresponding working LSP according to the operator choice/policy.
introduces a generic mechanism to
create a grouping of LSPs which can then be used to define
associations between a set of LSPs that is equally applicable to
stateful PCE (active and passive modes) and stateless PCE.This document specifies a PCEP extension to associate one working LSP with one or more
protection LSPs using the generic association mechanism.This document describes a PCEP
extension to associate protection LSPs by creating Path Protection Association Group (PPAG)
and encoding this association in PCEP messages for stateful PCEP
sessions.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED",
"MAY", and "OPTIONAL" in this document are to be interpreted as
described in BCP 14 when, and only when, they
appear in all capitals, as shown here.The following terminologies are used in this document:
Explicit Route Object. Label Switched Path. Path Computation Client. Path Computation Element Path Computation Element Protocol. Path Protection Association Group. Type, Length, and Value.LSPs are not associated by listing the other LSPs with which they interact, but rather by making them
belong to an association group referred to as "Path Protection Association Group" (PPAG) in this document.
All LSPs join a PPAG individually. PPAG is based on the generic Association object used to associate two
or more LSPs specified in . A member of a PPAG can
take the role of working or protection LSP. This document defines a new association type called
"Path Protection Association Type" of value TBD1. A PPAG can have one working LSP and/or one or more
protection LSPs. The source, destination and Tunnel ID (as carried in LSP-IDENTIFIERS TLV , with description as per ) of all LSPs within a PPAG MUST be the same. As per , TE tunnel is used to associate a set of LSPs during reroute or to spread a traffic trunk over multiple paths.The format of the Association object used for PPAG is specified in
and
reproduced in this document for easy reference in
and .This document defines a new Association type, the Path Protection Association type,
value will be assigned by IANA (TBD1).
This Association-Type is dynamic in nature and created by the PCC or PCE for
the LSPs belonging to the same TE tunnel (as described in ) originating at the same head node and terminating at the same destination.
These associations are
conveyed via PCEP messages to the PCEP peer. Operator-configured
Association Range SHOULD NOT be set for this association-type and
MUST be ignored.The Path Protection Association TLV is an optional TLV for use with the Path Protection
Association Object Type. The Path Protection Association TLV MUST NOT be present more than once.
If it appears more than once,
only the first occurrence is processed and any others MUST be ignored. The Path Protection Association TLV follows the PCEP TLV format of . The type (16 bits) of the TLV is to be assigned by IANA. The length
field is 16 bit-long and has a fixed value of 4.The value comprises a single field, the Path Protection Association Flags (32 bits), where each bit represents a
flag option. The format of the Path Protection Association TLV is as follows:P (PROTECTION-LSP 1 bit) - Indicates whether the LSP associated with the PPAG is working or
protection LSP. If this flag is set, the LSP is a protection LSP.S (STANDBY 1 bit)- When the P flag is set, the S flag indicates whether the protection LSP associated
with the PPAG is in standby mode. The S flag is ignored if the P flag is not set.Unassigned bits are considered reserved. They MUST be set to 0 on
transmission and MUST be ignored on receipt. If the Path Protection Association TLV is missing, it means the LSP is the working LSP.LSPs are associated with
other LSPs with which they interact by adding them to a common
association group via ASSOCIATION object. All procedures and error-handling for the ASSOCIATION
object is as per .A PCC can associate a set of LSPs under its control for path protection purpose. Similarly, the PCC can
remove on or more LSPs under its control from the corresponding PPAG. In both cases, the PCC must report
the change in association to PCE(s) via PCRpt message. A PCC can also delegate the working and protection
LSPs to a stateful PCE, where PCE would control the LSPs. The stateful PCE could update the paths and attributes of the LSPs in the association group
via PCUpd message. A PCE could also update the association to PCC via PCUpd message. The procedures are described in .
A PCE can create/update working and protection LSPs independently.
As specified in ,
Association Groups can be created by both PCE and PCC. Further, a PCE can remove a protection LSP from a PPAG as specified in
. During state synchronization, a PCC MUST report all the existing path protection association groups
as well as any path protection flags to PCE(s). Following the state synchronization, the PCE would
remove all stale information as per .As per the association information is cleared along with the LSP state
information. When a PCEP
session is terminated, after expiry of State Timeout Interval at PCC,
the LSP state associated with that PCEP session is reverted to
operator-defined default parameters or behaviors as per . Same procedure is
also followed for the association information. On session
termination at the PCE, when the LSP state reported by PCC is
cleared, the association information is also cleared. Where there
are no LSPs in a association group, the association is considered to
be deleted..All LSPs (working or protection) within a PPAG MUST belong to the same TE Tunnel (as described in ) and have the same source and destination.
If a PCE attempts to add an LSP to a PPAG and the Tunnel ID (as carried in LSP-IDENTIFIERS TLV , with description as per ) or source or destination of the LSP is different from
the LSP(s) in the PPAG, the PCC MUST send PCErr with Error-Type= TBD (Association Error)
and Error-Value = TBD3 (Tunnel ID or End points mismatch for Path Protection Association). There MUST be only one working LSP within a PPAG. If a PCEP Speaker attempts to add another working LSP,
the PCEP peer MUST send PCErr with Error-Type=TBD (Association Error)
and Error-Value = TBD4
(Attempt to add another working LSP for Path Protection Association).The diversity requirement for a group of LSPs is handled via another association type called
"Disjointness Association", as described in .
The diversity requirements for the the protection LSP are also handled by including both ASSOCIATION
object for the group of LSPs.This document defines a new association type, originally
defined in , for path protection.
IANA is requested to make the assignment of a new value for the
sub-registry "ASSOCIATION Type Field" (request to be created in ), as follows: Association Type ValueAssociation Name Reference TBD1 Path Protection Association This document This document defines a new TLV for carrying additional information of LSPs within a path protection association group.
IANA is requested to make the assignment of a new value for the
existing "PCEP TLV Type Indicators" registry as follows:TLV Type ValueTLV Name Reference TBD2 Path Protection Association Group TLV This document This document requests that a new sub-registry, named "Path protection Association Group TLV Flag Field",
is created within the "Path Computation
Element Protocol (PCEP) Numbers" registry to manage the Flag field in
the Path Protection Association Group TLV.
New values are to be assigned by Standards Action . Each
bit should be tracked with the following qualities:
Each bit should be tracked with the following qualities:Bit number (count from 0 as the most significant bit) Name flag Reference Bit NumberNameReference31P - PROTECTION-LSP This document 30S - STANDBYThis documentThis document defines new Error-Type and Error-Value related to path protection association.
IANA is requested to allocate new error values within the "PCEP-ERROR
Object Error Types and Values" sub-registry of the PCEP Numbers
registry, as follows: Error-Type Meaning Reference TBD Association error Error-value=TBD3: Tunnel ID or End points mismatch for Path Protection Association This document Error-value=TBD4: Attempt to add another working LSP for Path Protection Association This document
The security considerations described in ,
, and
apply to the extensions described in this document as
well. Additional considerations related to associations where
a malicious PCEP speaker could be spoofed and could be used as
an attack vector by creating associations is described in .
Thus securing the PCEP session using
Transport Layer Security (TLS) , as per the
recommendations and best current practices in , is
RECOMMENDED.
Mechanisms defined in this document do not imply any control or policy
requirements in addition to those already listed in
, , and
. describes the PCEP MIB, there are no new MIB Objects
for this document.The PCEP YANG module supports
associations.Mechanisms defined in this document do not imply any new liveness detection
and monitoring requirements in addition to those already listed in
, , and
.Mechanisms defined in this document do not imply any new operation
verification requirements in addition to those already listed in
, , and
.Mechanisms defined in this document do not imply any new requirements
on other protocols.Mechanisms defined in this document do not have any impact on
network operations in addition to those already listed in
, , and
.We would like to thank Jeff Tantsura and Xian Zhang for their contributions to this document.