Ability for a Stateful Path Computation Element (PCE) to Request and Obtain Control of a Label Switched Path (LSP)AT&T200 S Laurel AvenueMiddletownNJ07748United States of Americaar2521@att.comAT&T200 S Laurel AvenueMiddletownNJ07748United States of Americaag6941@att.comCisco Systems, Inc.125 High StreetBostonMassachusetts02110United States of Americajakarthi@cisco.comCisco Systems, Inc.2000 Innovation DriveKanataOntarioK2K 3E8Canadamsiva@cisco.comHuawei TechnologiesDivyashree Techno Park, WhitefieldBangaloreKarnataka560066Indiamahend.ietf@gmail.comPCE Working GroupA stateful Path Computation Element (PCE) retains information about
the placement of Multiprotocol Label Switching (MPLS) Traffic
Engineering Label Switched Paths (TE LSPs). When a PCE has stateful
control over LSPs, it may send indications to LSP head-ends to modify the
attributes (especially the paths) of the LSPs. A Path Computation Client
(PCC) that has set up LSPs under local configuration may delegate
control of those LSPs to a stateful PCE.There are use cases in which a stateful PCE may wish to obtain
control of locally configured LSPs that it is aware of but have
not been delegated to the PCE.This document describes an extension to the Path Computation Element
Communication Protocol (PCEP) to enable a PCE to make requests for
such control.Status of This Memo
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by
the Internet Engineering Steering Group (IESG). Further
information on Internet Standards is available in Section 2 of
RFC 7841.
Information about the current status of this document, any
errata, and how to provide feedback on it may be obtained at
.
Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
() in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this
document must include Simplified BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Simplified BSD License.
Table of Contents
. Introduction
. Terminology
. Requirements Language
. LSP Control Request Flag
. Operation
. Security Considerations
. IANA Considerations
. Manageability Considerations
. Control of Function and Policy
. Information and Data Models
. Liveness Detection and Monitoring
. Verify Correct Operations
. Requirements on Other Protocols
. Impact on Network Operations
. References
. Normative References
. Informative References
Acknowledgements
Contributors
Authors' Addresses
Introduction"Path Computation Element Communication Protocol (PCEP) Extensions
for Stateful PCE"
specifies a set of
extensions to PCEP to enable
stateful control of Traffic Engineering Label Switched Paths (TE LSPs)
between and across PCEP sessions in compliance with .
It includes mechanisms to
synchronize LSP state between Path Computation Clients (PCCs) and PCEs,
delegate control of LSPs to PCEs, and allow PCEs to control the timing and sequence
of path computations within and across PCEP sessions. The stateful PCEP
defines the following two useful network operations:
Delegation:
As per , an operation to
grant a PCE temporary rights to modify a
subset of LSP parameters on one or more LSPs of a PCC. LSPs are
delegated from a PCC to a PCE and are referred to as "delegated"
LSPs.
Revocation:
As per , an operation
performed by a PCC on a previously delegated LSP. Revocation revokes
the rights granted to the PCE in the delegation operation.
For redundant stateful PCEs (), during a PCE failure, one of the redundant PCEs
might want to request to take control over an LSP. The redundant PCEs
may use a local policy or a proprietary election mechanism to decide
which PCE would take control. In this case, a mechanism is needed for a
stateful PCE to request control of one or more LSPs from a PCC so that
a newly elected primary PCE can request to take over control.In case of virtualized PCEs (vPCEs) running in virtual network
function (VNF) mode, as the computation load in the network increases, a
new instance of vPCE could be instantiated to balance the current
load.
The PCEs could use a proprietary algorithm to decide which LSPs can
be assigned to the new vPCE. Thus, having a mechanism for the PCE to
request control of some LSPs is needed.In some deployments, the operator would like to use stateful PCE for
global optimization algorithms but would still like to keep the control
of the LSP at the PCC. In such cases, a stateful PCE could request to
take control during the global optimization and return the delegation
once done.Note that specifies a
mechanism for a PCC to delegate an orphaned LSP to another PCE. The
mechanism defined in this document can be used in conjunction with . Ultimately, it is the PCC that
decides which PCE to delegate the orphaned LSP to.This specification provides a simple extension that allows a PCE
to request control of one or more LSPs from any PCC over the stateful
PCEP session. The procedures for granting and relinquishing control of
the LSPs are specified in accordance with unless explicitly set aside in this
document.Terminology This document uses the following terms defined in :
PCC:
Path Computation Client
PCE:
Path Computation Element
PCEP:
Path Computation Element communication Protocol
This document uses the following terms defined in :
PCRpt:
Path Computation State Report message
PCUpd:
Path Computation Update Request message
PLSP-ID:
A PCEP-specific identifier for the LSP
SRP:
Stateful PCE Request Parameters
Readers of this document are expected to have some familiarity with .Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED",
"MAY", and "OPTIONAL" in this document are to be interpreted as
described in BCP 14
when, and only when, they appear in all capitals, as shown here.
LSP Control Request FlagThe Stateful PCE Request Parameters (SRP) object is defined in
and includes
a Flags field.A new "LSP Control Request" flag (30), also called the C
flag, is introduced in the SRP object. In a PCUpd message, a PCE sets
the C flag to 1 to indicate that it wishes to gain control of LSPs. The
LSPs are identified by the PLSP-ID in the LSP object following the SRP
object. A PLSP-ID value other than 0 and 0xFFFFF is used to identify
the LSP for which the PCE requests control. A PLSP-ID value of 0
indicates that the PCE is requesting control of all LSPs originating
from the PCC that it wishes to delegate. The C flag has no meaning in
other PCEP messages that carry SRP objects and for which the C flag
MUST be set to 0 on transmission and MUST
be ignored on receipt.The C flag is ignored in case the R flag in the SRP object
is set.OperationDuring normal operation, a PCC that wishes to delegate the control of
an LSP sets the Delegate (D) flag () to 1 in all PCRpt messages pertaining to the
LSP. The PCE confirms the delegation by setting the D flag to 1 in all PCUpd
messages pertaining to the LSP. The PCC revokes the control of the LSP
from the PCE by setting the D flag to 0 in PCRpt messages pertaining to the
LSP. If the PCE wishes to relinquish the control of the LSP, it sets the
D flag to 0 in all PCUpd messages pertaining to the LSP.If a PCE wishes to gain control over an LSP, it sends a PCUpd message
with the C flag set to 1 in the SRP object. The LSP for which the PCE requests
control is identified by the PLSP-ID in the associated LSP object. A
PLSP-ID value of 0 indicates that the PCE wants control over all LSPs
originating from the PCC.
An implementation of this feature needs to make
sure to check for the LSP control feature (C flag set to 1) before any
check for PLSP-ID (as per ). The D flag and C flag are mutually exclusive in a
PCUpd message. The PCE MUST NOT send a control request
for the LSP that is already delegated to the PCE, i.e., if the D flag is
set in the PCUpd message, then the C flag MUST NOT be
set. If a PCC receives a PCUpd message with the D flag set in the LSP object
(i.e., LSP is already delegated) and
the C flag is also set (i.e., PCE is making a control request), the PCC
MUST ignore the C flag. A PCC can decide to delegate the
control of the LSP at its own discretion. If the PCC grants or denies the
control, it sends a PCRpt message with the D flag set to 1 and 0, respectively, in
accordance with stateful PCEP . If
the PCC does not grant the control, it MAY choose to not
respond, and the PCE MAY choose to retry requesting the control,
preferably using an exponentially increasing timer. Note that, if the PCUpd
message with the C flag set is received for a currently non-delegated LSP (for
which the PCE is requesting delegation), this MUST NOT trigger
the error handling as specified in
(a PCErr with Error-type=19 (Invalid Operation) and error-value 1 (Attempted
LSP Update Request for a non-delegated
LSP)).As per , a PCC cannot
delegate an LSP to more than one PCE at any time. If a PCE requests
control of an LSP that has already been delegated by the PCC to another
PCE, the PCC MAY ignore the request or
MAY revoke
the delegation to the first PCE before delegating it to the second. This
choice is a matter of local policy.
It should be noted that a legacy implementation of PCC that does not
support this extension may receive an LSP control request: a PCUpd
message with the C flag set and the D flag unset. The legacy implementation
would ignore the C flag and trigger the error condition for the D flag, as
specified in (i.e., a PCErr with
Error-type=19 (Invalid Operation) and error-value 1 (Attempted LSP Update
Request for a non-delegated LSP)). Further, in case of a PLSP-ID value of
0, the error condition, as specified in , (i.e., a PCErr with Error-type=19 (Invalid Operation)
and error-value 3 (Attempted LSP Update Request for an LSP identified by an
unknown PLSP-ID)) would be triggered. describes the setup,
maintenance, and teardown of PCE-initiated LSPs under the stateful PCE
model. It also specifies how a PCE may obtain control over an orphaned LSP
that was PCE-initiated. A PCE implementation can apply the mechanism described
in this document in conjunction with those in .Security ConsiderationsThe security considerations listed in and
apply to this document as well. However, this document also
introduces a new attack vector. An attacker may flood the PCC with requests
to delegate all of its LSPs
at a rate that exceeds the PCC's ability to process them, either by
spoofing messages or by compromising the PCE itself.
The PCC SHOULD be configured with a threshold rate for the
delegation requests received from the PCE. If the threshold is reached,
it is RECOMMENDED to log the issue.A PCC is the ultimate arbiter of delegation. As per , a local policy at the PCC is used to
influence the delegation. A PCC can also revoke the delegation at any
time. A PCC need not blindly trust the control requests and
SHOULD take local policy and other factors into
consideration before honoring the request. Note that a PCE may not be sure if a PCC supports this feature. A
PCE would try sending a control request to a 'legacy' PCC that would
in turn respond with an error, as described in . So, a PCE would learn this fact only when it wants to
take control over an LSP. A PCE might also be susceptible to downgrade
attacks by falsifying the error condition.As per , it is RECOMMENDED
that these PCEP extensions only be activated on authenticated and
encrypted sessions across PCEs and PCCs belonging to the same
administrative authority, using Transport Layer Security (TLS)
, as per the recommendations and
best current practices in
BCP 195 (unless explicitly
excluded in ).
IANA ConsiderationsIANA has allocated the following code point in the "SRP Object Flag
Field" subregistry in the "Path Computation Element Protocol (PCEP)
Numbers" registry.
Bit
Description
Reference
30
LSP Control Request
RFC 8741
Manageability Considerations
All manageability requirements and considerations listed in
and
apply to PCEP extensions defined in this document. In addition,
requirements and considerations listed in this section apply.
Control of Function and Policy
A PCC implementation SHOULD allow the operator to configure
the policy rules that specify the conditions under which it honors the
request to control the LSPs. This includes the handling of the case where an
LSP control request is received for an LSP that is currently delegated to
some other PCE. A PCC implementation SHOULD also allow the
operator to configure the threshold rate for the delegation requests
received from the PCE. Further, the operator MAY be allowed
to trigger the LSP control request for a particular LSP at the PCE. A PCE
implementation SHOULD also allow the operator to configure an
exponentially increasing timer to retry the control requests for which the
PCE did not get a response.
Information and Data ModelsThe PCEP YANG module could be extended to include a mechanism to trigger
the LSP control request.Liveness Detection and Monitoring
Mechanisms defined in this document do not imply any new liveness detection
and monitoring requirements in addition to those already listed in .
Verify Correct Operations
Mechanisms defined in this document do not imply any new operation
verification requirements in addition to those already listed in
and .
Requirements on Other ProtocolsMechanisms defined in this document do not imply any new
requirements on other protocols.Impact on Network Operations
Mechanisms defined in
and
also apply to PCEP extensions defined in this document.
Further, the mechanism described in this document can help the operator to
request control of the LSPs at a particular PCE.ReferencesNormative ReferencesKey words for use in RFCs to Indicate Requirement LevelsIn many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.Path Computation Element (PCE) Communication Protocol (PCEP)This document specifies the Path Computation Element (PCE) Communication Protocol (PCEP) for communications between a Path Computation Client (PCC) and a PCE, or between two PCEs. Such interactions include path computation requests and path computation replies as well as notifications of specific states related to the use of a PCE in the context of Multiprotocol Label Switching (MPLS) and Generalized MPLS (GMPLS) Traffic Engineering. PCEP is designed to be flexible and extensible so as to easily allow for the addition of further messages and objects, should further requirements be expressed in the future. [STANDARDS-TRACK]Ambiguity of Uppercase vs Lowercase in RFC 2119 Key WordsRFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.Path Computation Element Communication Protocol (PCEP) Extensions for Stateful PCEThe Path Computation Element Communication Protocol (PCEP) provides mechanisms for Path Computation Elements (PCEs) to perform path computations in response to Path Computation Client (PCC) requests.Although PCEP explicitly makes no assumptions regarding the information available to the PCE, it also makes no provisions for PCE control of timing and sequence of path computations within and across PCEP sessions. This document describes a set of extensions to PCEP to enable stateful control of MPLS-TE and GMPLS Label Switched Paths (LSPs) via PCEP.Path Computation Element Communication Protocol (PCEP) Extensions for PCE-Initiated LSP Setup in a Stateful PCE ModelThe Path Computation Element Communication Protocol (PCEP) provides mechanisms for Path Computation Elements (PCEs) to perform path computations in response to Path Computation Client (PCC) requests.The extensions for stateful PCE provide active control of Multiprotocol Label Switching (MPLS) Traffic Engineering Label Switched Paths (TE LSPs) via PCEP, for a model where the PCC delegates control over one or more locally configured LSPs to the PCE. This document describes the creation and deletion of PCE-initiated LSPs under the stateful PCE model.Informative ReferencesA YANG Data Model for Path Computation Element Communications Protocol (PCEP)This document defines a YANG data model for the management of Path Computation Element communications Protocol (PCEP) for communications between a Path Computation Client (PCC) and a Path Computation Element (PCE), or between two PCEs. The data model includes configuration and state data.Work in ProgressPath Computation Element (PCE) Communication Protocol Generic RequirementsThe PCE model is described in the "PCE Architecture" document and facilitates path computation requests from Path Computation Clients (PCCs) to Path Computation Elements (PCEs). This document specifies generic requirements for a communication protocol between PCCs and PCEs, and also between PCEs where cooperation between PCEs is desirable. Subsequent documents will specify application-specific requirements for the PCE communication protocol. This memo provides information for the Internet community.Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) are widely used to protect data exchanged over application protocols such as HTTP, SMTP, IMAP, POP, SIP, and XMPP. Over the last few years, several serious attacks on TLS have emerged, including attacks on its most commonly used cipher suites and their modes of operation. This document provides recommendations for improving the security of deployed services that use TLS and DTLS. The recommendations are applicable to the majority of use cases.Applicability of a Stateful Path Computation Element (PCE)A stateful Path Computation Element (PCE) maintains information about Label Switched Path (LSP) characteristics and resource usage within a network in order to provide traffic-engineering calculations for its associated Path Computation Clients (PCCs). This document describes general considerations for a stateful PCE deployment and examines its applicability and benefits, as well as its challenges and limitations, through a number of use cases. PCE Communication Protocol (PCEP) extensions required for stateful PCE usage are covered in separate documents.PCEPS: Usage of TLS to Provide a Secure Transport for the Path Computation Element Communication Protocol (PCEP)The Path Computation Element Communication Protocol (PCEP) defines the mechanisms for the communication between a Path Computation Client (PCC) and a Path Computation Element (PCE), or among PCEs. This document describes PCEPS -- the usage of Transport Layer Security (TLS) to provide a secure transport for PCEP. The additional security mechanisms are provided by the transport protocol supporting PCEP; therefore, they do not affect the flexibility and extensibility of PCEP.This document updates RFC 5440 in regards to the PCEP initialization phase procedures.AcknowledgementsThanks to for reminding the authors to not use
suggested values in IANA section.Thanks to , , and for their
valuable comments.Thanks to for his Security Directorate review.Thanks to for GENART review.Thanks to , , , and
for IESG reviews.ContributorsThe following people contributed substantially to the content of this
document and should be considered coauthors:Huawei TechnologiesDivyashree Techno Park, WhitefieldBangaloreKarnataka560066Indiadhruv.ietf@gmail.comCisco Systems, Inc.2000 Innovation DriveKanataOntarioK2K 3E8Canadajdparker@cisco.comAT&T200 S Laurel AvenueMiddletownNJ07748United States of Americacy098@att.comAuthors' AddressesAT&T200 S Laurel AvenueMiddletownNJ07748United States of Americaar2521@att.comAT&T200 S Laurel AvenueMiddletownNJ07748United States of Americaag6941@att.comCisco Systems, Inc.125 High StreetBostonMassachusetts02110United States of Americajakarthi@cisco.comCisco Systems, Inc.2000 Innovation DriveKanataOntarioK2K 3E8Canadamsiva@cisco.comHuawei TechnologiesDivyashree Techno Park, WhitefieldBangaloreKarnataka560066Indiamahend.ietf@gmail.com