draft-ietf-bess-datacenter-gateway-03.txt   draft-ietf-bess-datacenter-gateway-04.txt 
BESS Working Group A. Farrel BESS Working Group A. Farrel
Internet-Draft Old Dog Consulting Internet-Draft Old Dog Consulting
Intended status: Standards Track J. Drake Intended status: Standards Track J. Drake
Expires: February 21, 2020 E. Rosen Expires: February 22, 2020 E. Rosen
Juniper Networks Juniper Networks
K. Patel K. Patel
Arrcus, Inc. Arrcus, Inc.
L. Jalil L. Jalil
Verizon Verizon
August 20, 2019 August 21, 2019
Gateway Auto-Discovery and Route Advertisement for Segment Routing Gateway Auto-Discovery and Route Advertisement for Segment Routing
Enabled Domain Interconnection Enabled Domain Interconnection
draft-ietf-bess-datacenter-gateway-03 draft-ietf-bess-datacenter-gateway-04
Abstract Abstract
Data centers are critical components of the infrastructure used by Data centers are critical components of the infrastructure used by
network operators to provide services to their customers. Data network operators to provide services to their customers. Data
centers are attached to the Internet or a backbone network by gateway centers are attached to the Internet or a backbone network by gateway
routers. One data center typically has more than one gateway for routers. One data center typically has more than one gateway for
commercial, load balancing, and resiliency reasons. commercial, load balancing, and resiliency reasons.
Segment Routing is a popular protocol mechanism for use within a data Segment Routing is a popular protocol mechanism for use within a data
skipping to change at page 2, line 15 skipping to change at page 2, line 15
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on February 21, 2020. This Internet-Draft will expire on February 22, 2020.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 44 skipping to change at page 2, line 44
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Requirements Language . . . . . . . . . . . . . . . . . . . . 5 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 5
3. SR Domain Gateway Auto-Discovery . . . . . . . . . . . . . . 5 3. SR Domain Gateway Auto-Discovery . . . . . . . . . . . . . . 5
4. Relationship to BGP Link State and Egress Peer Engineering . 7 4. Relationship to BGP Link State and Egress Peer Engineering . 7
5. Advertising an SR Domain Route Externally . . . . . . . . . . 7 5. Advertising an SR Domain Route Externally . . . . . . . . . . 7
6. Encapsulation . . . . . . . . . . . . . . . . . . . . . . . . 7 6. Encapsulation . . . . . . . . . . . . . . . . . . . . . . . . 7
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7
8. Security Considerations . . . . . . . . . . . . . . . . . . . 8 8. Security Considerations . . . . . . . . . . . . . . . . . . . 8
9. Manageability Considerations . . . . . . . . . . . . . . . . 9 9. Manageability Considerations . . . . . . . . . . . . . . . . 9
10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 9 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 9
11. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 10
11.1. Normative References . . . . . . . . . . . . . . . . . . 9 11.1. Normative References . . . . . . . . . . . . . . . . . . 10
11.2. Informative References . . . . . . . . . . . . . . . . . 10 11.2. Informative References . . . . . . . . . . . . . . . . . 10
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 11 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 12
1. Introduction 1. Introduction
Data centers (DCs) are critical components of the infrastructure used Data centers (DCs) are critical components of the infrastructure used
by network operators to provide services to their customers. DCs are by network operators to provide services to their customers. DCs are
attached to the Internet or a backbone network by gateway routers attached to the Internet or a backbone network by gateway routers
(GWs). One DC typically has more than one GW for various reasons (GWs). One DC typically has more than one GW for various reasons
including commercial preferences, load balancing, and resiliency including commercial preferences, load balancing, and resiliency
against connection of device failure. against connection of device failure.
skipping to change at page 4, line 49 skipping to change at page 4, line 49
not only will the next hop change several times, but the Add-Paths not only will the next hop change several times, but the Add-Paths
technique will experience scaling issues. This all means that the technique will experience scaling issues. This all means that the
Add-Paths approach is limited to SR domains connected over a single Add-Paths approach is limited to SR domains connected over a single
AS. AS.
This document defines a solution that overcomes this limitation and This document defines a solution that overcomes this limitation and
works equally well with a backbone constructed from one or more ASes. works equally well with a backbone constructed from one or more ASes.
The solution uses the Tunnel Encapsulation attribute The solution uses the Tunnel Encapsulation attribute
[I-D.ietf-idr-tunnel-encaps] as follows: [I-D.ietf-idr-tunnel-encaps] as follows:
We define a new tunnel type, "SR tunnel". When the GWs to a given We define a new tunnel type, "SR Tunnel". When the GWs to a given
SR domain advertise a route to a prefix X within the SR domain, SR domain advertise a route to a prefix X within the SR domain,
they will each include a Tunnel Encapsulation attribute with they will each include a Tunnel Encapsulation attribute with
multiple tunnel instances each of type "SR tunnel", one for each multiple tunnel instances each of type "SR Tunnel" (value TBD1
GW, and each containing a Remote Endpoint sub-TLV with that GW's assigned by IANA), one for each GW, and each containing a Remote
address. Endpoint sub-TLV with that GW's address.
In other words, each route advertised by a GW identifies all of the In other words, each route advertised by a GW identifies all of the
GWs to the same SR domain (see Section 3 for a discussion of how GWs GWs to the same SR domain (see Section 3 for a discussion of how GWs
discover each other). Therefore, even if only one of the routes is discover each other). Therefore, even if only one of the routes is
distributed to other ASes, it will not matter how many times the next distributed to other ASes, it will not matter how many times the next
hop changes, as the Tunnel Encapsulation attribute (and its remote hop changes, as the Tunnel Encapsulation attribute (and its remote
endpoint sub-TLVs) will remain unchanged. endpoint sub-TLVs) will remain unchanged.
To put this in the context of Figure 1, GW1 and GW2 discover each To put this in the context of Figure 1, GW1 and GW2 discover each
other as gateways for the egress SR domain. Both GW1 and GW2 other as gateways for the egress SR domain. Both GW1 and GW2
skipping to change at page 6, line 23 skipping to change at page 6, line 23
current set of active GWs for the SR domain. current set of active GWs for the SR domain.
The auto-discovery route that each GW advertises consists of the The auto-discovery route that each GW advertises consists of the
following: following:
o An IPv4 or IPv6 NLRI containing one of the GW's loopback addresses o An IPv4 or IPv6 NLRI containing one of the GW's loopback addresses
(that is, with an AFI/SAFI pair that is one of 1/1, 2/1, 1/4, or (that is, with an AFI/SAFI pair that is one of 1/1, 2/1, 1/4, or
2/4). 2/4).
o A Tunnel Encapsulation attribute containing the GW's encapsulation o A Tunnel Encapsulation attribute containing the GW's encapsulation
information, which at a minimum consists of an SR tunnel TLV (type information, which at a minimum consists of an SR Tunnel TLV (type
to be allocated by IANA) with a Remote Endpoint sub-TLV as TBD2 to be allocated by IANA) with a Remote Endpoint sub-TLV as
specified in [I-D.ietf-idr-tunnel-encaps]. specified in [I-D.ietf-idr-tunnel-encaps].
To avoid the side effect of applying the Tunnel Encapsulation To avoid the side effect of applying the Tunnel Encapsulation
attribute to any packet that is addressed to the GW itself, the GW attribute to any packet that is addressed to the GW itself, the GW
SHOULD use a different loopback address for the two cases. SHOULD use a different loopback address for the two cases.
As described in Section 1, each GW will include a Tunnel As described in Section 1, each GW will include a Tunnel
Encapsulation attribute for each GW that is active for the SR domain Encapsulation attribute for each GW that is active for the SR domain
(including itself), and will include these in every route advertised (including itself), and will include these in every route advertised
externally to the SR domain by each GW. As the current set of active externally to the SR domain by each GW. As the current set of active
skipping to change at page 7, line 23 skipping to change at page 7, line 23
and correlated using the SR domain identity. SR Egress Peer and correlated using the SR domain identity. SR Egress Peer
Engineering (EPE) [I-D.ietf-idr-bgpls-segment-routing-epe] can be Engineering (EPE) [I-D.ietf-idr-bgpls-segment-routing-epe] can be
used to supplement the information advertised in BGP-LS. used to supplement the information advertised in BGP-LS.
5. Advertising an SR Domain Route Externally 5. Advertising an SR Domain Route Externally
When a packet destined for prefix X is sent on an SR TE path to a GW When a packet destined for prefix X is sent on an SR TE path to a GW
for the SR domain containing X, it needs to carry the receiving GW's for the SR domain containing X, it needs to carry the receiving GW's
label for X such that this label rises to the top of the stack before label for X such that this label rises to the top of the stack before
the GW completes its processing of the packet. To achieve this we the GW completes its processing of the packet. To achieve this we
place a prefix-SID sub-TLV for X in each SR tunnel instance in the place a Prefix SID sub-TLV [I-D.ietf-idr-tunnel-encaps] for X in each
Tunnel Encapsulation attribute in the externally advertised route for SR tunnel instance in the Tunnel Encapsulation attribute in the
X. externally advertised route for X.
Alternatively, if the GWs for a given SR domain are configured to Alternatively, if the GWs for a given SR domain are configured to
allow remote GWs to perform SR TE through that SR domain for a prefix allow remote GWs to perform SR TE through that SR domain for a prefix
X, then each GW computes an SR TE path through that SR domain to X X, then each GW computes an SR TE path through that SR domain to X
from each of the currently active GWs, and places each in an MPLS from each of the currently active GWs, and places each in an MPLS
label stack sub-TLV [I-D.ietf-idr-tunnel-encaps] in the SR tunnel label stack sub-TLV [I-D.ietf-idr-tunnel-encaps] in the SR tunnel
instance for that GW. instance for that GW.
6. Encapsulation 6. Encapsulation
skipping to change at page 8, line 6 skipping to change at page 8, line 6
instances. instances.
7. IANA Considerations 7. IANA Considerations
IANA maintains a registry called "Border Gateway Protocol (BGP) IANA maintains a registry called "Border Gateway Protocol (BGP)
Parameters" with a sub-registry called "BGP Tunnel Encapsulation Parameters" with a sub-registry called "BGP Tunnel Encapsulation
Attribute Tunnel Types." The registration policy for this registry Attribute Tunnel Types." The registration policy for this registry
is First-Come First-Served [RFC8126]. is First-Come First-Served [RFC8126].
IANA is requested to assign a codepoint from this sub-registry for IANA is requested to assign a codepoint from this sub-registry for
"SR Tunnel". The next available value may be used and reference "SR Tunnel" (TBD1). The next available value may be used and
should be made to this document. reference should be made to this document.
[[Note: This text is likely to be replaced with a specific code point [[Note: This text is likely to be replaced with a specific code point
value once FCFS allocation has been made.]] value once the FCFS allocation has been made.]]
IANA maintains a registry called "Border Gateway Protocol (BGP)
Parameters" with a sub-registry called "BGP Tunnel Encapsulation
Attribute Sub-TLVs." The registration policy for this registry is
Standards Action.[RFC8126].
IANA is requested to assign a codepoint from this sub-registry for
"SR Tunnel TLV" (TBD2). The next available value may be used and
reference should be made to this document.
8. Security Considerations 8. Security Considerations
From a protocol point of view, the mechanisms described in this From a protocol point of view, the mechanisms described in this
document can leverage the security mechanisms already defined for document can leverage the security mechanisms already defined for
BGP. Further discussion of security considerations for BGP may be BGP. Further discussion of security considerations for BGP may be
found in the BGP specification itself [RFC4271] and in the security found in the BGP specification itself [RFC4271] and in the security
analysis for BGP [RFC4272]. The original discussion of the use of analysis for BGP [RFC4272]. The original discussion of the use of
the TCP MD5 signature option to protect BGP sessions is found in the TCP MD5 signature option to protect BGP sessions is found in
[RFC5925], while [RFC6952] includes an analysis of BGP keying and [RFC5925], while [RFC6952] includes an analysis of BGP keying and
skipping to change at page 9, line 39 skipping to change at page 9, line 48
assigned to every GW to the same domain, and each domain MUST have a assigned to every GW to the same domain, and each domain MUST have a
different identifier. This requires coordination, probably through a different identifier. This requires coordination, probably through a
central management agent. central management agent.
It should be noted that BGP peerings are not discovered, but always It should be noted that BGP peerings are not discovered, but always
arise from explicit configuration. This is no different from any arise from explicit configuration. This is no different from any
other BGP operation. other BGP operation.
10. Acknowledgements 10. Acknowledgements
Thanks to Bruno Rijsman for review comments, and to Robert Raszuk for Thanks to Bruno Rijsman and Stephane Litkowsji for review comments,
useful discussions. and to Robert Raszuk for useful discussions.
11. References 11. References
11.1. Normative References 11.1. Normative References
[I-D.ietf-idr-bgpls-segment-routing-epe] [I-D.ietf-idr-bgpls-segment-routing-epe]
Previdi, S., Talaulikar, K., Filsfils, C., Patel, K., Ray, Previdi, S., Talaulikar, K., Filsfils, C., Patel, K., Ray,
S., and J. Dong, "BGP-LS extensions for Segment Routing S., and J. Dong, "BGP-LS extensions for Segment Routing
BGP Egress Peer Engineering", draft-ietf-idr-bgpls- BGP Egress Peer Engineering", draft-ietf-idr-bgpls-
segment-routing-epe-19 (work in progress), May 2019. segment-routing-epe-19 (work in progress), May 2019.
 End of changes. 13 change blocks. 
21 lines changed or deleted 30 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/