draft-ietf-detnet-data-plane-framework-02.txt   draft-ietf-detnet-data-plane-framework-03.txt 
DetNet B. Varga, Ed. DetNet B. Varga, Ed.
Internet-Draft J. Farkas Internet-Draft J. Farkas
Intended status: Informational Ericsson Intended status: Informational Ericsson
Expires: March 15, 2020 L. Berger Expires: April 29, 2020 L. Berger
D. Fedyk D. Fedyk
LabN Consulting, L.L.C. LabN Consulting, L.L.C.
A. Malis A. Malis
Independent Independent
S. Bryant S. Bryant
Futurewei Technologies Futurewei Technologies
J. Korhonen J. Korhonen
September 12, 2019 October 27, 2019
DetNet Data Plane Framework DetNet Data Plane Framework
draft-ietf-detnet-data-plane-framework-02 draft-ietf-detnet-data-plane-framework-03
Abstract Abstract
This document provides an overall framework for the Deterministic This document provides an overall framework for the DetNet data
Networking data plane. It covers concepts and considerations that plane. It covers concepts and considerations that are generally
are generally common to any Deterministic Networking data plane common to any Deterministic Networking data plane specification.
specification.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on March 15, 2020. This Internet-Draft will expire on April 29, 2020.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
2.1. Terms Used in This Document . . . . . . . . . . . . . . . 4 2.1. Terms Used in This Document . . . . . . . . . . . . . . . 4
2.2. Abbreviations . . . . . . . . . . . . . . . . . . . . . . 4 2.2. Abbreviations . . . . . . . . . . . . . . . . . . . . . . 4
3. DetNet Data Plane Overview . . . . . . . . . . . . . . . . . 5 3. DetNet Data Plane Overview . . . . . . . . . . . . . . . . . 5
3.1. Data Plane Characteristics . . . . . . . . . . . . . . . 6 3.1. Data Plane Characteristics . . . . . . . . . . . . . . . 6
3.2. Encapsulation . . . . . . . . . . . . . . . . . . . . . . 7 3.1.1. Data Plane Technology . . . . . . . . . . . . . . . . 6
3.1.2. Data Plane Format . . . . . . . . . . . . . . . . . . 6
3.2. Encapsulation . . . . . . . . . . . . . . . . . . . . . . 6
3.3. DetNet Specific Metadata . . . . . . . . . . . . . . . . 7 3.3. DetNet Specific Metadata . . . . . . . . . . . . . . . . 7
3.4. DetNet IP Data Plane . . . . . . . . . . . . . . . . . . 8 3.4. DetNet IP Data Plane . . . . . . . . . . . . . . . . . . 8
3.5. DetNet MPLS Data Plane . . . . . . . . . . . . . . . . . 9 3.5. DetNet MPLS Data Plane . . . . . . . . . . . . . . . . . 9
3.6. Further DetNet Data Plane Considerations . . . . . . . . 9 3.6. Further DetNet Data Plane Considerations . . . . . . . . 9
3.6.1. Service Protection . . . . . . . . . . . . . . . . . 11 3.6.1. Per Flow Related Functions . . . . . . . . . . . . . 9
3.6.2. Aggregation Considerations . . . . . . . . . . . . . 13 3.6.2. Service Protection . . . . . . . . . . . . . . . . . 11
3.6.3. End-System Specific Considerations . . . . . . . . . 14 3.6.3. Aggregation Considerations . . . . . . . . . . . . . 13
3.6.4. Sub-Network Considerations . . . . . . . . . . . . . 15 3.6.4. End-System-Specific Considerations . . . . . . . . . 14
3.6.5. Sub-Network Considerations . . . . . . . . . . . . . 15
4. Controller Plane (Management and Control) 4. Controller Plane (Management and Control)
Considerations . . . . . . . . . . . . . . . . . . . . . . . 16 Considerations . . . . . . . . . . . . . . . . . . . . . . . 16
4.1. DetNet Controller Plane Requirements . . . . . . . . . . 16 4.1. DetNet Controller Plane Requirements . . . . . . . . . . 16
4.2. Generic Controller Plane Considerations . . . . . . . . . 17 4.2. Generic Controller Plane Considerations . . . . . . . . . 17
4.2.1. Flow Aggregation Control . . . . . . . . . . . . . . 18 4.2.1. Flow Aggregation Control . . . . . . . . . . . . . . 18
4.2.2. Explicit Routes . . . . . . . . . . . . . . . . . . . 19 4.2.2. Explicit Routes . . . . . . . . . . . . . . . . . . . 19
4.2.3. Contention Loss and Jitter Reduction . . . . . . . . 19 4.2.3. Contention Loss and Jitter Reduction . . . . . . . . 19
4.2.4. Bidirectional Traffic . . . . . . . . . . . . . . . . 20 4.2.4. Bidirectional Traffic . . . . . . . . . . . . . . . . 20
4.3. Packet Replication, Elimination, and Ordering (PREOF) . . 21 4.3. Packet Replication, Elimination, and Ordering (PREOF) . . 21
5. Security Considerations . . . . . . . . . . . . . . . . . . . 21 5. Security Considerations . . . . . . . . . . . . . . . . . . . 21
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 22 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 22
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 22 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 22
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 22 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 22
8.1. Normative References . . . . . . . . . . . . . . . . . . 22 8.1. Normative References . . . . . . . . . . . . . . . . . . 22
8.2. Informative References . . . . . . . . . . . . . . . . . 22 8.2. Informative References . . . . . . . . . . . . . . . . . 22
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 25 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 25
1. Introduction 1. Introduction
Deterministic Networking (DetNet) provides a capability to carry DetNet (Deterministic Networking) provides a capability to carry
specified unicast or multicast data flows for real-time applications specified unicast or multicast data flows for real-time applications
with extremely low packet loss rates and assured maximum end-to-end with extremely low packet loss rates and assured maximum end-to-end
delivery latency. A description of the general background and delivery latency. A description of the general background and
concepts of DetNet can be found in [I-D.ietf-detnet-architecture]. concepts of DetNet can be found in [I-D.ietf-detnet-architecture].
This document describes the concepts needed by any DetNet data plane This document describes the concepts needed by any DetNet data plane
specification and provides considerations for any corresponding specification and provides considerations for any corresponding
implementation. It covers the building blocks that provide the implementation. It covers the building blocks that provide the
DetNet service, the DetNet service sub-layer and the DetNet DetNet service, the DetNet service sub-layer and the DetNet
forwarding sub-layer functions as described in the DetNet forwarding sub-layer functions as described in the DetNet
Architecture. Architecture.
The DetNet Architecture models the DetNet related data plane The DetNet Architecture models the DetNet related data plane
functions decomposed into two sub-layers: a service sub-layer and a functions decomposed into two sub-layers: a service sub-layer and a
forwarding sub-layer. The service sub-layer is used to provide forwarding sub-layer. The service sub-layer is used to provide
DetNet service protection and reordering. The forwarding sub-layer DetNet service protection and reordering. The forwarding sub-layer
is used to provide congestion protection (low loss, assured latency, leverages Traffic Engineering mechanisms and provides congestion
and limited out-of-order delivery) and leverages Traffic Engineering protection (low loss, assured latency, and limited out-of-order
mechanisms. delivery).
As part of the service sub-layer functions, this document describes As part of the service sub-layer functions, this document describes
typical DetNet node data plane operation. It describes the function typical DetNet node data plane operation. It describes the function
and operation of the Packet Replication (PRF) Packet Elimination and operation of the Packet Replication (PRF) Packet Elimination
(PEF) and the Packet Ordering (POF) functions within the service sub- (PEF) and the Packet Ordering (POF) functions within the service sub-
layer. It also describes the forwarding sub-layer that is used to layer. Furthermore, it also describes the forwarding sub-layer.
eliminate (or reduce) contention loss and provide bounded latency for
DetNet flows.
DetNet flows may be carried over network technologies that can DetNet flows may be carried over network technologies that can
provide the DetNet required service characteristics. For example, provide the DetNet required service characteristics. For example,
DetNet MPLS flows can be carried over IEEE 802.1 Time Sensitive DetNet MPLS flows can be carried over IEEE 802.1 Time Sensitive
Network (TSN) [IEEE802.1TSNTG] sub-networks. However, IEEE 802.1 TSN Network (TSN) [IEEE802.1TSNTG] sub-networks. However, IEEE 802.1 TSN
support is not required and some of the DetNet benefits can be gained support is not required and some of the DetNet benefits can be gained
by running over a data link layer that has not been specifically by running over a data link layer that has not been specifically
enhanced to support TSN. enhanced to support TSN.
Different traffic types, or application flows, can be mapped on top Different application flows (e.g., Ethernet, IP, etc.), can be mapped
of DetNet. DetNet can optionally reuse header information provided on top of DetNet. DetNet can optionally reuse header information
by, or shared with, applications. An example of shared header fields provided by, or shared with, applications. An example of shared
can be found in [I-D.ietf-detnet-ip]. header fields can be found in [I-D.ietf-detnet-ip].
This document also covers concepts related to the controller plane This document also covers basic concepts related to the controller
and Operations, Administration, and Maintenance (OAM) functions plane and Operations, Administration, and Maintenance (OAM). Data
related to the control plane. Data plane OAM specifics are out of plane OAM specifics are out of scope for this docuement.
scope for this docuement.
2. Terminology 2. Terminology
2.1. Terms Used in This Document 2.1. Terms Used in This Document
This document uses the terminology established in the DetNet This document uses the terminology established in the DetNet
architecture [I-D.ietf-detnet-architecture], and the reader is architecture [I-D.ietf-detnet-architecture], and the reader is
assumed to be familiar with that document and its terminology. assumed to be familiar with that document and its terminology.
2.2. Abbreviations 2.2. Abbreviations
The following abbreviations are used in this document: The following abbreviations are used in this document:
CW Control Word. CW Control Word.
d-CW DetNet Control Word.
DetNet Deterministic Networking. DetNet Deterministic Networking.
DN DetNet.
GRE Generic Routing Encapsulation. GRE Generic Routing Encapsulation.
IPSec IP Security. IPSec IP Security.
L2 Layer 2. L2 Layer 2.
LSR Label Switching Router. LSR Label Switching Router.
MPLS Multiprotocol Label Switching. MPLS Multiprotocol Label Switching.
skipping to change at page 4, line 49 skipping to change at page 5, line 5
PREOF Packet Replication, Elimination and Ordering Functions. PREOF Packet Replication, Elimination and Ordering Functions.
POF Packet Ordering Function. POF Packet Ordering Function.
PSN Packet Switched Network. PSN Packet Switched Network.
PW PseudoWire. PW PseudoWire.
QoS Quality of Service. QoS Quality of Service.
S-Label DetNet "service" label.
TDM Time-Division Multiplexing.
TSN Time-Sensitive Network. TSN Time-Sensitive Network.
3. DetNet Data Plane Overview 3. DetNet Data Plane Overview
This document describes how application flows, or app-flows, are This document describes how application flows, or app-flows, are
carried over DetNet networks. The DetNet Architecture, carried over DetNet networks. The DetNet Architecture,
[I-D.ietf-detnet-architecture], models the DetNet related data plane [I-D.ietf-detnet-architecture], models the DetNet related data plane
functions decomposed into two sub-layers: a service sub-layer and a functions as decomposed into two sub-layers: a service sub-layer and
forwarding sub-layer. a forwarding sub-layer.
Figure 1 reproduced from the [I-D.ietf-detnet-architecture],shows a Figure 1 reproduced from the [I-D.ietf-detnet-architecture],shows a
logical DetNet service with the two sub-layers. logical DetNet service with the two sub-layers.
| packets going | ^ packets coming ^ | packets going | ^ packets coming ^
v down the stack v | up the stack | v down the stack v | up the stack |
+-----------------------+ +-----------------------+ +-----------------------+ +-----------------------+
| Source | | Destination | | Source | | Destination |
+-----------------------+ +-----------------------+ +-----------------------+ +-----------------------+
| Service sub-layer: | | Service sub-layer: | | Service sub-layer: | | Service sub-layer: |
skipping to change at page 5, line 44 skipping to change at page 5, line 50
Figure 1: DetNet data plane protocol stack Figure 1: DetNet data plane protocol stack
The DetNet forwarding sub-layer may be directly provided by the The DetNet forwarding sub-layer may be directly provided by the
DetNet service sub-layer, for example by IP tunnels or MPLS. DetNet service sub-layer, for example by IP tunnels or MPLS.
Alternatively, an overlay approach may be used in which the packet is Alternatively, an overlay approach may be used in which the packet is
natively carried between key nodes within the DetNet network (say natively carried between key nodes within the DetNet network (say
between PREOF nodes) and a sub-layer is used to provide the between PREOF nodes) and a sub-layer is used to provide the
information needed to reach the next hop in the overlay. information needed to reach the next hop in the overlay.
The forwarding sub-layer provides the quality underpin needed by the The forwarding sub-layer provides the QoS related functions needed by
DetNet flow. It may do this directly through the use of queuing the DetNet flow. It may do this directly through the use of queuing
techniques and traffic engineering methods, or it may do this through techniques and traffic engineering methods, or it may do this through
the assistance of its underlying connectivity. For example it may the assistance of its underlying connectivity. For example it may
call upon Ethernet TSN capabilities defined in IEEE 802.1 TSN call upon Ethernet TSN capabilities defined in IEEE 802.1 TSN
[IEEE802.1TSNTG]. [IEEE802.1TSNTG].
The service sub-layer provides additional support beyond the The service sub-layer provides additional support beyond the
connectivity function of the forwarding sub-layer. An example of connectivity function of the forwarding sub-layer. An example of
this is Packet Replication, Elimination, and Ordering (PREOF) this is Packet Replication, Elimination, and Ordering functions see
functions see Section 4.3. Section 4.3.
The method of instantiating each of the layers is specific to the The method of instantiating each of the layers is specific to the
particular DetNet data plane method. There may be more than one particular DetNet data plane method, and more than one approach may
approach that is applicable to a given bearer network type. be applicable to a given bearer network type.
3.1. Data Plane Characteristics 3.1. Data Plane Characteristics
There are two major characteristics to the data plane: There are two major characteristics to the data plane: the technology
and the encapsulation, as discussed below.
1. Data plane technology: The DetNet data plane is provided by the 3.1.1. Data Plane Technology
DetNet service and forwarding sub layers. The DetNet service
sub-layer generally provides its functions for the DetNet
application flows by using or applying existing standardized
headers and/or encapsulations. The Detnet forwarding sub-layer
may provide capabilities leveraging that same header or
encapsulation technology e.g. Figure 2 or it may be achieved by
other technologies e.g. Figure 3. DetNet is currently defined
for operation over packet switched (IP) networks or label
switched (MPLS) networks.
2. Encapsulation format: DetNet encodes specific flow attributes The DetNet data plane is provided by the DetNet service and
(namely flow identity and sequence number) in packets. For forwarding sub layers. The DetNet service sub-layer generally
example, in DetNet IP, zero encapsulation may be used and no provides its functions for the DetNet application flows by using or
sequence number is available, and in DetNet MPLS, DetNet specific applying existing standardized headers and/or encapsulations. The
information may be added explicitly to the packets in the format Detnet forwarding sub-layer may provide capabilities leveraging that
of S-label and d-CW. same header or encapsulation technology (e.g., DN IP or DN MPLS) or
it may be achieved by other technologies (e.g., Figure 2). DetNet is
currently defined for operation over packet switched (IP) networks or
label switched (MPLS) networks.
+-------+ +---------+ 3.1.2. Data Plane Format
| DN IP | | DN MPLS |
+-------+ +---------+ DetNet encodes specific flow attributes (flow identity and sequence
number) in packets. For example, in DetNet IP, zero encapsulation is
used and no sequence number is available, and in DetNet MPLS, DetNet
specific information may be added explicitly to the packets in the
format of S-label and d-CW.
3.2. Encapsulation
The encapsulation of a DetNet flow allows it to be sent over a data
plane technology other than its native type. DetNet uses header
information to perform traffic classification, i.e., identify DetNet
flows, and provide DetNet service and forwarding functions. As
mentioned above, DetNet may add headers, as is the case for DN MPLS,
or may use headers that are already present, as is the case in DN IP.
Figure 2 illustrates some relationships between the components.
Figure 2: DetNet Services
+-----+ +-----+
| TSN | | TSN |
+-------+ +-+-----+-+ +-------+ +-+-----+-+
| DN IP | | DN MPLS | | DN IP | | DN MPLS |
+--+--+----+----+ +-+---+-----+-+ +--+--+----+----+ +-+---+-----+-+
| TSN | DN MPLS | | TSN | DN IP | | TSN | DN MPLS | | TSN | DN IP |
+-----+---------+ +-----+-------+ +-----+---------+ +-----+-------+
Figure 3: DetNet Service Examples Figure 2: DetNet Service Examples
3.2. Encapsulation
The encapsulation of the DetNet flows allows them to be sent over a
data plane technology other than their native type. Encapsulation is
essential if, for example, it is required to send Ethernet TSN stream
as a DetNet Application over a data plane such as MPLS. Figure 3
illustrates some relationships between the components.
The use of encapsulation is also required if additional information The use of encapsulation is also required if additional information
(meta-data) is needed by the DetNet data plane and there is either no (metadata) is needed by the DetNet data plane and there is either no
ability to include it in the client data packet, or the specification ability to include it in the client data packet, or the specification
of the client data plane does not permit the modification of the of the client data plane does not permit the modification of the
packet to include additional data. An example of such meta-data is packet to include additional data. An example of such metadata is
the inclusion of a sequence number required by the PREOF function. the inclusion of a sequence number required by the PREOF function.
Encapsulation may also be used to carry or aggregate flows for Encapsulation may also be used to carry or aggregate flows for
equipment with limited DetNet capability. equipment with limited DetNet capability.
3.3. DetNet Specific Metadata 3.3. DetNet Specific Metadata
The DetNet data plane can provide or carry meta-data: The DetNet data plane can provide or carry metadata:
1. Flow-ID 1. Flow-ID
2. Sequence Number 2. Sequence Number
Both of these metadata are required for DetNet service sub-layer The DetNet data plane framework supports a Flow-ID (for
specific functions (e.g., PREOF). DetNet forwarding sub-layer identification of the flow or aggregate flow) and/or a Sequence
related functions require only Flow-ID. Number (for PREOF) for each DetNet flow. The DetNet Service sub-
layer requires both; the DetNet forwarding sub-layer requires only
Flow-ID. Metadata can also be used for OAM indications and
instrumentation of DetNet data plane operation.
Metadata can be a useful way of identifying packets that need to be Metadata can be included implicit or explicit. Explicit means that a
treated as a flow or flow aggregate. It is also useful as a way of dedicated header field is used to include metadata in a DetNet
including a sequence number the packet for use by the PREOF function packet. In case of implicit method a part of an already existing
or as a place to carry OAM indications or OAM information to header field is used to encode the metadata.
instrument DetNet data plane operation.
Explicit inclusion of metadata is possible through the use of IP Explicit inclusion of metadata is possible through the use of IP
options or IP extension headers. New IP options are almost options or IP extension headers. New IP options are almost
impossible to get standardized or to deploy in an operational network impossible to get standardized or to deploy in an operational network
and will not be discussed further in this text. IPv6 extensions and will not be discussed further in this text. IPv6 extensions
headers are finding popularity in current IPv6 development work, headers are finding popularity in current IPv6 development work,
particularly in connection with Segment Routing of IPv6 (SRv6) and IP particularly in connection with Segment Routing of IPv6 (SRv6) and IP
OAM. The design of a new IPv6 extension header or the modification OAM. The design of a new IPv6 extension header or the modification
of an existing one is a technique available in the tool box of the of an existing one is a technique available in the tool box of the
DetNet IP data plane designer. DetNet IP data plane designer.
Explicit inclusion of metadata in an IP packet is also possible Explicit inclusion of metadata in an IP packet is also possible
through the inclusion of an MPLS label stack and the MPLS DetNet through the inclusion of an MPLS label stack and the MPLS DetNet
Control Word using one of the methods for carrying MPLS over IP Control Word using one of the methods for carrying MPLS over IP
[I-D.ietf-detnet-mpls-over-udp-ip]. This is described in more detail [I-D.ietf-detnet-mpls-over-udp-ip]. This is described in more detail
in Section 3.6.4. in Section 3.6.5.
Implicit metadata in IP can be included through the use of the Implicit metadata in IP can be included through the use of the
network programming paradigm network programming paradigm
[I-D.ietf-spring-srv6-network-programming] in which the suffix of an [I-D.ietf-spring-srv6-network-programming] in which the suffix of an
IPv6 address is used to encode additional information for use by the IPv6 address is used to encode additional information for use by the
network of the receiving host. network of the receiving host.
Some MPLS examples of implicit metadata include the sequence number Some MPLS examples of implicit metadata include the sequence number
for use by the PREOF function, or even all the essential information for use by the PREOF function, or even all the essential information
being included into the DetNet over MPLS label stack (the DetNet being included into the DetNet over MPLS label stack (the DetNet
Control Word and the DetNet Service label). Control Word and the DetNet Service label).
3.4. DetNet IP Data Plane 3.4. DetNet IP Data Plane
An IP data plane may operate natively or through the use of an An IP data plane may operate natively or through the use of an
encapsulation. Many types of IP encapsulation can satisfy DetNet encapsulation. Many types of IP encapsulation can satisfy DetNet
requirements and it is anticipated that more than one encapsulation requirements and it is anticipated that more than one encapsulation
may be deployed for example GRE, IPSec etc. may be deployed, for example GRE, IPSec etc.
One method of operating an IP DetNet data plane without encapsulation One method of operating an IP DetNet data plane without encapsulation
is to use "6-tuple" based flow identification, where "6-tuple" refers is to use "6-tuple" based flow identification, where "6-tuple" refers
to information carried in IP and higher layer protocol headers. to information carried in IP and higher layer protocol headers.
General background on the use of IP headers, and "6-tuples", to General background on the use of IP headers, and "6-tuples", to
identify flows and support Quality of Service (QoS) can be found in identify flows and support Quality of Service (QoS) can be found in
[RFC3670]. [RFC7657] also provides useful background on the delivery [RFC3670]. [RFC7657] provides useful background on differentiated
differentiated services (DiffServ) and "tuple" based flow services (DiffServ) and "tuple" based flow identification. DetNet
identification. DetNet flow aggregation may be enabled via the use flow aggregation may be enabled via the use of wildcards, masks,
of wildcards, masks, prefixes and ranges. The operation of this prefixes and ranges. The operation of this method is described in
method is described in detail in [I-D.ietf-detnet-ip]. detail in [I-D.ietf-detnet-ip].
The DetNet forwarding plane may use explicit route capabilities and The DetNet forwarding plane may use explicit route capabilities and
traffic engineering capabilities to provide a forwarding sub-layer traffic engineering capabilities to provide a forwarding sub-layer
that is responsible for providing resource allocation and explicit that is responsible for providing resource allocation and explicit
routes. It is possible to include such information in a native IP routes. It is possible to include such information in a native IP
packet explicitly, or implicitly. packet explicitly, or implicitly.
3.5. DetNet MPLS Data Plane 3.5. DetNet MPLS Data Plane
MPLS provides the ability to forward traffic over implicit and MPLS provides the ability to forward traffic over implicit and
explicit paths to the point in the network where the next DetNet explicit paths to the point in the network where the next DetNet
service sub-layer action needs to take place. It does this through service sub-layer action needs to take place. It does this through
the use of a stack of one or more labels with various forwarding the use of a stack of one or more labels with various forwarding
semantics. semantics.
MPLS also provides the ability to identify a service instance that is MPLS also provides the ability to identify a service instance that is
used to process the packet through the use of a label that maps the used to process the packet through the use of a label that maps the
packet to a service instance. packet to a service instance.
In cases where metadata is needed to process an MPLS encapsulated In cases where metadata is needed to process an MPLS encapsulated
packet at the service sub-layer, a shim layer also called a control packet at the service sub-layer, a shim layer called a control word
word (CW) [RFC4385] can be used. Although such CWs are frequently 32 (CW) [RFC4385] can be used. Although such CWs are frequently 32 bits
bits long, there is no architectural constraint on its size of this long, there is no architectural constraint on its size of this
structure, only the requirement that it is fully understood by all structure, only the requirement that it is fully understood by all
parties operating on it in the DetNet service sub-layer. The parties operating on it in the DetNet service sub-layer. The
operation of this method is described in detail in operation of this method is described in detail in
[I-D.ietf-detnet-mpls]. [I-D.ietf-detnet-mpls].
3.6. Further DetNet Data Plane Considerations 3.6. Further DetNet Data Plane Considerations
This section provides informative considerations related to providing This section provides informative considerations related to providing
DetNet service to flows which are identified based on their header DetNet service to flows which are identified based on their header
information. At a high level, the following are provided on a per information.
flow basis:
Reservation and Allocation of resources: 3.6.1. Per Flow Related Functions
Reservation of resources can allocate resources to specific DetNet At a high level, the following functions are provided on a per flow
flows. This can eliminate packet contention and loss for DetNet basis.
traffic. This also can reduce jitter for the DetNet traffic.
DetNet flows are assumed to behave with respect to the reserved
traffic profile. If other traffic shares the link resources, the
use of (queuing, policing, shaping) policies can be used to ensure
that the allocation of resources reserved for DetNet is met.
Queuing and shaping of DetNet traffic could be required to ensure
that DetNet traffic does not exceed its reserved profile but this
would impact the DetNet service characteristics.
Explicit routes: 3.6.1.1. Reservation and Allocation of resources
Use of a specific path for a flow. This allows control of the Reservation of resources can allocate resources to specific DetNet
network delay by steering the packet with the ability to influence flows. This can eliminate packet contention and packet loss for
the physical path. Explicit routes complement reservation by DetNet traffic. This also can reduce jitter for DetNet traffic.
ensuring that a consistent path can be associated with its Resources allocated to a DetNet flow protect it from other traffic
resources for the duration of that path. Coupled with the traffic flows. On the other hand, DetNet flows are assumed to behave with
mechanism, this limits misordering and bounds latency. Explicit respect to the reserved traffic profile. Misbehaving DetNet flows
route computation can encompass a wide set of constraints and must be detected and it have to be ensured that they do not
optimize the path for a certain characteristic e.g. highest compromise QoS of other flows. The use of (queuing, policing,
bandwidth or lowest jitter. In these cases the "best" path for shaping) policies can be used to ensure that the allocation of
any set of characteristics may not be a shortest path. The resources reserved for DetNet is met.
selection of path can take into account multiple network metrics.
Some of these metrics are measured and distributed by the routing
system as traffic engineering metrics.
Service protection: 3.6.1.2. Explicit routes
Use of multiple packet streams using multiple paths, for example Use of a specific path for a flow. This allows control of the
1+1 or 1:1 linear protection. For DetNet this primarily relates network delay by steering the packet with the ability to influence
to packet replication and elimination capabilities. MPLS offers a the physical path. Explicit routes complement reservation by
number of protection schemes. MPLS hitless protection can be used ensuring that a consistent path can be associated with its resources
to switch traffic to an already established path in order to for the duration of that path. Coupled with the traffic mechanism,
restore delivery rapidly after a failure. Path changes, even in this limits misordering and bounds latency. Explicit route
the case of failure recovery, can lead to the out of order computation can encompass a wide set of constraints and optimize the
delivery of data requiring packet ordering functions either within path for a certain characteristic e.g. highest bandwidth or lowest
the DetNet service or at a high layer in the application traffic. jitter. In these cases the "best" path for any set of
Establishment of new paths after a failure is out of scope for characteristics may not be a shortest path. The selection of path
DetNet services. can take into account multiple network metrics. Some of these
metrics are measured and distributed by the routing system as traffic
engineering metrics.
Network Coding: 3.6.1.3. Service protection
Network Coding, not to be confused with network programming, Use of multiple packet streams using multiple paths, for example 1+1
comprises several techniques where multiple data flows are or 1:1 linear protection. For DetNet this primarily relates to
encoded. These resulting flows can then be sent on different packet replication and elimination capabilities. MPLS offers a
paths. The encoding operation can combine flows and error number of protection schemes. MPLS hitless protection can be used to
recovery information. When the encoded flows are decoded and switch traffic to an already established path in order to restore
recombined the original flows can be recovered. Note that Network delivery rapidly after a failure. Path changes, even in the case of
coding uses an alternative to packet by packet PREOF. Therefore, failure recovery, can lead to the out of order delivery of data
for certain network topologies and traffic loads, Network Coding requiring packet ordering functions either within the DetNet service
can be used to improve a network's throughput, efficiency, or at a high layer in the application traffic. Establishment of new
latency, and scalability, as well as resilience to partition, paths after a failure is out of scope for DetNet services.
attacks, and eavesdropping, as compared to traditional methods.
DetNet could utilized Network coding as an alternative to other
protection means. Network coding is often applied in wireless
networks and is being explored for other network types.
Load sharing: 3.6.1.4. Network Coding
Use of packet by packet distribution of the same DetNet flow over Network Coding, not to be confused with network programming,
multiple paths is not recommended except for the cases listed comprises several techniques where multiple data flows are encoded.
above where PREOF is utilized to improve protection of traffic and These resulting flows can then be sent on different paths. The
maintain order. Packet by packet load sharing, e.g., via ECMP or encoding operation can combine flows and error recovery information.
UCMP, impacts ordering and possibly jitter. When the encoded flows are decoded and recombined the original flows
can be recovered. Note that Network coding uses an alternative to
packet by packet PREOF. Therefore, for certain network topologies
and traffic loads, Network Coding can be used to improve a network's
throughput, efficiency, latency, and scalability, as well as
resilience to partition, attacks, and eavesdropping, as compared to
traditional methods. DetNet could utilized Network coding as an
alternative to other protection means. Network coding is often
applied in wireless networks and is being explored for other network
types.
Troubleshooting: 3.6.1.5. Load sharing
Since Detnet leverages many different forwarding sub-layers, those Use of packet-by-packet distribution of the same DetNet flow over
technologies also support a number of tools to troubleshoot multiple paths is not recommended except for the cases listed above
connectivity for example, to support identification of misbehaving where PREOF is utilized to improve protection of traffic and maintain
flows. At the service layer again there are existing mechanisms order. Packet by packet load sharing, e.g., via ECMP or UCMP,
to troubleshoot or monitor flows. Many of these mechanisms exist impacts ordering and possibly jitter.
for IP and MPLS networks. A client of a DetNet service can
introduce any monitoring applications which can detect and monitor
delay and loss.
Recognize flow(s) for analytics: 3.6.1.6. Troubleshooting
To a large degree this follows the logic in the previous section. Detnet leverages many different forwarding sub-layers, each of which
Analytics can be inherited from the two sub-layers. At the DetNet supports various tools to troubleshoot connectivity, for example
service edge packet and bit counters e.g. sent, received, dropped, identification of misbehaving flows. The DetNet Service layer can
and out of sequence are maintained. leverage existing mechanisms to troubleshoot or monitor flows, such
as those in use by IP and MPLS networks. At the Application layer a
client of a DetNet service can use existing techniques to detect and
monitor delay and loss.
Correlate events with flows: 3.6.1.7. Flow recognition for analytics
The provider of a DetNet service may allow other capabilities to Network analytics can be inherited from the technologies of the
monitor flows such as more detail loss statistics and time Service and Forwarding sub-layers. At the DetNet service edge,
stamping of events. The details of these capabilities are packet and bit counters (e.g. sent, received, dropped, and out-of-
currently out of scope for this document. sequence) can be maintained.
Several of these capabilities are expanded upon in more detail below. 3.6.1.8. Correlation of events with flows
3.6.1. Service Protection The provider of a DetNet service may provide other capabilities to
monitor flows, such as more detailed loss statistics and time
stamping of events. The details of these capabilities are currently
out of scope for this document.
3.6.2. Service Protection
Service protection allow DetNet services to increase reliability and Service protection allow DetNet services to increase reliability and
maintain a DetNet Service Assurance in the case of network congestion maintain a DetNet Service Assurance in the case of network congestion
or some failures. Detnet relies on the underlying technology or network failure. Detnet relies on the underlying technology
capabilities for various protection schemes. Protection schemes capabilities for various protection schemes. Protection schemes
enable partial or complete coverage of the network paths and active enable partial or complete coverage of the network paths and active
protection with combinations of PRF, PRE, and POF. protection with combinations of PRF, PEF, and POF.
3.6.1.1. Linear Service Protection 3.6.2.1. Linear Service Protection
An example DetNet MPLS network fragment and packet flow is An example DetNet MPLS network fragment and packet flow is
illustrated in Figure 4. illustrated in Figure 3.
1 1.1 1.1 1.2.1 1.2.1 1.2.2 1 1.1 1.1 1.2.1 1.2.1 1.2.2
CE1----EN1--------R1-------R2-------R3--------EN2-----CE2 CE1----EN1--------R1-------R2-------R3--------EN2-----CE2
\ 1.2.1 / / \ 1.2.1 / /
\1.2 /-----+ / \1.2 /-----+ /
+------R4------------------------+ +------R4------------------------+
1.2.2 1.2.2
Figure 4: Example Packet Flow in DetNet protected Network Figure 3: Example Packet Flow in DetNet protected Network
In Figure 4 the numbers are used to identify the instance of a In Figure 3 the numbers are used to identify the instance of a
packet. Packet 1 is the original packet, and packets 1.1, and 1.2 packet. Packet 1 is the original packet, and packets 1.1, and 1.2
are two first generation copies of packet 1. Packet 1.2.1 is a are two first generation copies of packet 1. Packet 1.2.1 is a
second generation copy of packet 1.2 etc. Note that these numbers second generation copy of packet 1.2 etc. Note that these numbers
never appear in the packet, and are not to be confused with sequence never appear in the packet, and are not to be confused with sequence
numbers, labels or any other identifier that appears in the packet. numbers, labels or any other identifier that appears in the packet.
They simply indicate the generation number of the original packet so They simply indicate the generation number of the original packet so
that its passage through the network fragment can be identified to that its passage through the network fragment can be identified to
the reader. the reader.
Customer Equipment CE1 sends a packet into the DetNet enabled Customer Equipment CE1 sends a packet into the DetNet enabled
network. This is packet (1). Edge Node EN1 encapsulates the packet network. This is packet (1). Edge Node EN1 encapsulates the packet
as a DetNet Packet and sends it to Relay node R1 (packet 1.1). EN1 as a DetNet Packet and sends it to Relay node R1 (packet 1.1). EN1
makes a copy of the packet (1.2), encapsulates it and sends this copy makes a copy of the packet (1.2), encapsulates it and sends this copy
to Relay node R4. to Relay node R4.
Note that along the path from EN1 to R1 there may be zero or more Note that along the path from EN1 to R1 there may be zero or more
nodes which, for clarity, are not shown. The same is true for any nodes which, for clarity, are not shown. The same is true for any
other path between two DetNet entities shown in Figure 4 . other path between two DetNet entities shown in Figure 3 .
Relay node R4 has been configured to send one copy of the packet to Relay node R4 has been configured to send one copy of the packet to
Relay Node R2 (packet 1.2.1) and one copy to Edge Node EN2 (packet Relay Node R2 (packet 1.2.1) and one copy to Edge Node EN2 (packet
1.2.2). 1.2.2).
R2 receives packet copy 1.2.1 before packet copy 1.1 arrives, and, R2 receives packet copy 1.2.1 before packet copy 1.1 arrives, and,
having been configured to perform packet elimination on this DetNet having been configured to perform packet elimination on this DetNet
flow, forwards packet 1.2.1 to Relay Node R3. Packet copy 1.1 is of flow, forwards packet 1.2.1 to Relay Node R3. Packet copy 1.1 is of
no further use and so is discarded by R2. no further use and so is discarded by R2.
Edge Node EN2 receives packet copy 1.2.2 from R4 before it receives Edge Node EN2 receives packet copy 1.2.2 from R4 before it receives
packet copy 1.2.1 from R2 via relay Node R3. EN2 therefore strips packet copy 1.2.1 from R2 via relay Node R3. EN2 therefore strips
any DetNet encapsulation from packet copy 1.2.2 and forwards the any DetNet encapsulation from packet copy 1.2.2 and forwards the
packet to CE2. When EN2 receives the later packet copy 1.2.1 this is packet to CE2. When EN2 receives the later packet copy 1.2.1 this is
discarded. discarded.
The above is of course illustrative of many network scenarios that The above is of course illustrative of many network scenarios that
can be configured. can be configured.
This example also illustrates 1:1 protection scheme meaning there is This example also illustrates 1:1 protection scheme meaning there is
traffic and path for each segment of the end to end path. Local traffic over each segment of the end to end path. Local DetNet relay
DetNet relay nodes determine which packets are eliminated and which nodes determine which packets are eliminated and which packets are
packets are forwarded. A 1+1 scheme where only one path is used for forwarded. A 1+1 scheme where only one path is used for traffic at a
traffic at a time, could use the same topology. In this case there time, could use the same topology. In this case there is no PRF
is no PRF function and traffic is switched upon detection of failure. function and traffic is switched upon detection of failure. An OAM
An OAM scheme that monitors the paths detects the loss of path or scheme that monitors the paths detects the loss of path or traffic is
traffic is required to initiate the switch. A POF may still be used required to initiate the switch. A POF may still be used in this
in this case to prevent misordering of packets. In both cases the case to prevent misordering of packets. In both cases the protection
protection paths are established and maintained for the duration of paths are established and maintained for the duration of the DetNet
the DetNet service. service.
3.6.1.2. Ring Service Protection 3.6.2.2. Ring Service Protection
Ring protection may also be supported if the underlying technology Ring protection may also be supported if the underlying technology
supports it. Many of the same concepts apply however Rings are supports it. Many of the same concepts apply however rings are
normally 1+1 protection for data efficiency reasons. [RFC8227] is an normally 1+1 protection for data efficiency reasons. [RFC8227] is an
example of MPLS-TP data plane that supports Ring protection. example of MPLS-TP data plane that supports Ring protection.
3.6.2. Aggregation Considerations 3.6.3. Aggregation Considerations
The DetNet data plane also allows for the aggregation of DetNet The DetNet data plane also allows for the aggregation of DetNet
flows, to improved scaling by reducing the state per hop. How this flows, which can improve scalability by reducing the per-hop state.
is accomplished is data plane or control plane dependent. When How this is accomplished is data plane or control plane dependent.
DetNet flows are aggregated, transit nodes provide service to the When DetNet flows are aggregated, transit nodes provide service to
aggregate and not on a per-DetNet flow basis. When aggregating the aggregate and not on a per-DetNet flow basis. When aggregating
DetNet flows the flows should be compatible i.e. the same or very DetNet flows the flows should be compatible i.e. the same or very
similar QoS and CoS characteristics. In this case, nodes performing similar QoS and CoS characteristics. In this case, nodes performing
aggregation will ensure that per-flow service requirements are aggregation will ensure that per-flow service requirements are
achieved. achieved.
If bandwidth reservations are used, the sum of the reservations If bandwidth reservations are used, the sum of the reservations
should be the sum of all the individual reservations, in other words, should be the sum of all the individual reservations; in other words,
the reservations should not create an over subscription of bandwidth the reservations should not add up to an over-subscription of
reservation. If maximum delay bounds are used the system should bandwidth reservation. If maximum delay bounds are used, the system
ensure that the aggregate does not exceed the delay bounds of the should ensure that the aggregate does not exceed the delay bounds of
individual flows. the individual flows.
DetNet encapsulation is a data plane mechanism that can be used to When an encapsulation is used the choice of reserving a maximum
aggregate traffic. Encapsulation can either be in the same service resource level and then tracking the services in the aggregated
type or in a different service type see Figure 3 for example. When service or adjusting the aggregated resources as the services are
an encapsulation is used the choice of reserving a maximum resource added is implementation and technology specific.
level and then tracking the services in the aggregated service or
adjusting the aggregated resources as the services are added is
implementation and technology specific.
DetNet flows at edges must be able to handle rejection to an DetNet flows at edges must be able to handle rejection to an
aggregation group due to lack of resources as well as conditions aggregation group due to lack of resources as well as conditions
where general requirements are not satisfied. where requirements are not satisfied.
3.6.2.1. IP Aggregation 3.6.3.1. IP Aggregation
IP aggregation has both data plane and controller plane aspects. For IP aggregation has both data plane and controller plane aspects. For
the data plane flows may be aggregated for treatment based on shared the data plane, flows may be aggregated for treatment based on shared
characteristics such as 6-tuple. Alternatively, an IP encapsulation characteristics such as 6-tuple. Alternatively, an IP encapsulation
may be used to tunnel an aggregate number of DetNet Flows between may be used to tunnel an aggregate number of DetNet Flows between
relay nodes. relay nodes.
3.6.2.2. MPLS Aggregation 3.6.3.2. MPLS Aggregation
MPLS aggregation similarly has data plane and controller plane MPLS aggregation also has data plane and controller plane aspects.
aspects. In the case of MPLS flows are often tunneled in a MPLS flows are often tunneled in a forwarding sub-layer, under the
forwarding sub-layer and reservation is associated with that MPLS reservation associated with that MPLS tunnel.
tunnel.
3.6.3. End-System Specific Considerations 3.6.4. End-System-Specific Considerations
Data-flows requiring DetNet service are generated and terminated on Data-flows requiring DetNet service are generated and terminated on
end-systems. Encapsulation depends on the application and its end-systems. Encapsulation depends on the application and its
preferences. For example, a DetNet MPLS domain the DN functions use preferences. For example, in a DetNet MPLS domain the sub-layer
the d-CWs, S-Labels and F-Labels to provide DetNet services. functions use the d-CWs, S-Labels and F-Labels to provide DetNet
However, an application may exchange further flow related parameters services. However, an application may exchange further flow related
(e.g., time-stamp), which are not provided by DN functions. parameters (e.g., time-stamp), which are not provided by DetNet
functions.
As a general rule, DetNet domains are capable of forwarding any As a general rule, DetNet domains are capable of forwarding any
DetNet flows and the DetNet domain does not mandate the end-system or DetNet flows and the DetNet domain does not mandate the end-system or
edge system encapsulation format. Unless there is a proxy of some edge node encapsulation format. Unless there is a proxy of some form
form present, end-systems peer with similar end-systems using the present, end-systems peer with similar end-systems using the same
same application encapsulation format. For example, as shown in application encapsulation format. For example, as shown in Figure 4,
Figure 5, IP applications peer with IP applications and Ethernet IP applications peer with IP applications and Ethernet applications
applications peer with Ethernet applications. peer with Ethernet applications.
+-----+ +-----+
| X | +-----+ | X | +-----+
+-----+ | X | +-----+ | X |
| Eth | ________ +-----+ | Eth | ________ +-----+
+-----+ _____ / \ | Eth | +-----+ _____ / \ | Eth |
\ / \__/ \___ +-----+ \ / \__/ \___ +-----+
\ / \ / \ / \ /
0======== tunnel-1 ========0_ 0======== tunnel-1 ========0_
| \ | \
\ | \ |
0========= tunnel-2 =========0 0========= tunnel-2 =========0
/ \ __/ \ / \ __/ \
+-----+ \__ DetNet MPLS domain / \ +-----+ \__ DetNet MPLS domain / \
| X | \ __ / +-----+ | X | \ __ / +-----+
+-----+ \_______/ \_____/ | X | +-----+ \_______/ \_____/ | X |
| IP | +-----+ | IP | +-----+
+-----+ | IP | +-----+ | IP |
+-----+ +-----+
Figure 5: End-Systems and The DetNet MPLS Domain Figure 4: End-Systems and The DetNet MPLS Domain
3.6.4. Sub-Network Considerations 3.6.5. Sub-Network Considerations
Any of the DetNet service types may be transported by another DetNet Any of the DetNet service types may be transported by another DetNet
service. MPLS nodes may interconnected by different sub-network service. MPLS nodes may interconnected by different sub-network
technologies, which may include point-to-point links. Each of these technologies, which may include point-to-point links. Each of these
sub-network technologies need to provide appropriate service to sub-network technologies need to provide appropriate service to
DetNet flows. In some cases, e.g., on dedicated point-to-point links DetNet flows. In some cases, e.g., on dedicated point-to-point links
or TDM technologies, all that is required is for a DetNet node to or TDM technologies, all that is required is for a DetNet node to
appropriately queue its output traffic. In other cases, DetNet nodes appropriately queue its output traffic. In other cases, DetNet nodes
will need to map DetNet flows to the flow semantics (i.e., will need to map DetNet flows to the flow semantics (i.e.,
identifiers) and mechanisms used by an underlying sub-network identifiers) and mechanisms used by an underlying sub-network
technology. Figure 6 shows several examples of header formats that technology. Figure 5 shows several examples of header formats that
can be used to carry DetNet MPLS flows over different sub-network can be used to carry DetNet MPLS flows over different sub-network
technologies. L2 represent a generic layer-2 encapsulation that technologies. L2 represent a generic layer-2 encapsulation that
might be used on a point-to-point link. TSN represents the might be used on a point-to-point link. TSN represents the
encapsulation used on an IEEE 802.1 TSN network, as described in encapsulation used on an IEEE 802.1 TSN network, as described in
[I-D.ietf-detnet-mpls-over-tsn]. UDP/IP represents the encapsulation [I-D.ietf-detnet-mpls-over-tsn]. UDP/IP represents the encapsulation
used on a DetNet IP PSN, as described in used on a DetNet IP PSN, as described in
[I-D.ietf-detnet-mpls-over-udp-ip]. [I-D.ietf-detnet-mpls-over-udp-ip].
+------+ +------+ +------+ +------+ +------+ +------+
App-Flow | X | | X | | X | App-Flow | X | | X | | X |
skipping to change at page 16, line 19 skipping to change at page 16, line 19
+------+ +------+ +------+ +------+ +------+ +------+
|Labels| |Labels| |Labels| |Labels| |Labels| |Labels|
+-----+======+--+======+--+======+-----+ +-----+======+--+======+--+======+-----+
Sub-Network | L2 | | TSN | | UDP | Sub-Network | L2 | | TSN | | UDP |
+------+ +------+ +------+ +------+ +------+ +------+
| IP | | IP |
+------+ +------+
| L2 | | L2 |
+------+ +------+
Figure 6: Example DetNet MPLS Sub-Network Formats Figure 5: Example DetNet MPLS Sub-Network Formats
4. Controller Plane (Management and Control) Considerations 4. Controller Plane (Management and Control) Considerations
4.1. DetNet Controller Plane Requirements 4.1. DetNet Controller Plane Requirements
While the definition of controller plane for DetNet is out of the While the definition of controller plane for DetNet is out of the
scope of this document, there are particular considerations and scope of this document, there are particular considerations and
requirements for such that result from the unique characteristics of requirements for such that result from the unique characteristics of
the DetNet architecture [I-D.ietf-detnet-architecture] and data plane the DetNet architecture [I-D.ietf-detnet-architecture] and data plane
as defined herein. as defined herein.
skipping to change at page 18, line 15 skipping to change at page 18, line 15
Controller Plane are discussed in Section 4.1. Controller Plane are discussed in Section 4.1.
Each respective data plane document also covers the control plane Each respective data plane document also covers the control plane
considerations for that technology. For example [I-D.ietf-detnet-ip] considerations for that technology. For example [I-D.ietf-detnet-ip]
covers IP control plane normative considerations and covers IP control plane normative considerations and
[I-D.ietf-detnet-mpls] covers MPLS control plane normative [I-D.ietf-detnet-mpls] covers MPLS control plane normative
considerations. considerations.
4.2.1. Flow Aggregation Control 4.2.1. Flow Aggregation Control
Flow aggregation includes aggregation accomplished through the use of Flow aggregation means that multiple App-flows are served by a single
hierarchical LSPs in MPLS and tunnels, in the case of IP, MPLS and new DetNet flow. There are many techniques to achieve aggregation,
TSN, all of which aggregate multiple DetNet flows into a single new for example in case of IP, it can be grouping of IP flows that share
DetNet flow. Aggregation can also be grouping of IP flows that share
6-tuple attributes or flow identifiers at the DetNet sub-layer. 6-tuple attributes or flow identifiers at the DetNet sub-layer.
Another example includes aggregation accomplished through the use of
hierarchical LSPs in MPLS and tunnels.
Control of aggregation involves a set of procedures listed here. Control of aggregation involves a set of procedures listed here.
Aggregation may use some or all of these capabilities and the order Aggregation may use some or all of these capabilities and the order
may vary: may vary:
o Traffic engineering resource collection and distribution: o Traffic engineering resource collection and distribution:
Available resources are tracked through control plane or Available resources are tracked through control plane or
management plane databases and distributed amongst controllers management plane databases and distributed amongst controllers
or nodes that can manage resources. or nodes that can manage resources.
skipping to change at page 18, line 46 skipping to change at page 18, line 47
o Resource assignment and data plane co-ordination: o Resource assignment and data plane co-ordination:
The assignment of resources along the path depends on the The assignment of resources along the path depends on the
technology and it includes assignment of specific links and technology and it includes assignment of specific links and
coordination of the queuing and other traffic management coordination of the queuing and other traffic management
capabilities such as policing and shaping. capabilities such as policing and shaping.
o Assigned Resource recording and updating: o Assigned Resource recording and updating:
Depending on the specific technology the assigned resources are Depending on the specific technology, the assigned resources
updated and distributed in the databases preventing over are updated and distributed in the databases, preventing over-
subscription. subscription.
4.2.2. Explicit Routes 4.2.2. Explicit Routes
Explicit routes are used to ensure that packets are routed through Explicit routes are used to ensure that packets are routed through
the resources that have been reserved for them, and hence provide the the resources that have been reserved for them, and hence provide the
DetNet application with the required service. A requirement for the DetNet application with the required service. A requirement for the
DetNet Controller Plane will be the ability to assign a particular DetNet Controller Plane will be the ability to assign a particular
identified DetNet IP flow to a path through the DetNet domain that identified DetNet IP flow to a path through the DetNet domain that
has been assigned the required nodal resources. This provides the has been assigned the required nodal resources. This provides the
skipping to change at page 20, line 42 skipping to change at page 20, line 42
the data plane other than the need for the two directions of a co- the data plane other than the need for the two directions of a co-
routed bidirectional flow to take the same path. That is to say that routed bidirectional flow to take the same path. That is to say that
bidirectional DetNet flows are solely represented at the management bidirectional DetNet flows are solely represented at the management
and control plane levels, without specific support or knowledge and control plane levels, without specific support or knowledge
within the DetNet data plane. Fate sharing and associated or co- within the DetNet data plane. Fate sharing and associated or co-
routed bidirectional flows, can be managed at the control level. routed bidirectional flows, can be managed at the control level.
DetNet's use of PREOF may increase the complexity of using co-routing DetNet's use of PREOF may increase the complexity of using co-routing
bidirectional flows, since if PREOF is used, then the replication bidirectional flows, since if PREOF is used, then the replication
points in one direction would have to match the elimination points in points in one direction would have to match the elimination points in
the other direction, and vice versa, and the optimal points for these the other direction, and vice versa. In such cases the optimal
functions in one direction may not match the optimal points in the points for these functions in one direction may not match the optimal
other subsequent to the network and traffic constraints. points in the other, due to network and traffic constraints.
Furthermore, due to the per packet service protection nature, Furthermore, due to the per packet service protection nature,
bidirectional forwarding per packet may not be ensured. The first bidirectional forwarding per packet may not be ensured. The first
packet of received member flows is selected by the elimination packet of received member flows is selected by the elimination
function independently of which path it has taken through the function independently of which path it has taken through the
network. network.
Control and management mechanisms need to support bidirectional Control and management mechanisms need to support bidirectional
flows, but the specification of such mechanisms are out of scope of flows, but the specification of such mechanisms are out of scope of
this document. An example control plane solution for MPLS can be this document. An example control plane solution for MPLS can be
found in [RFC3473] , [RFC6387] and [RFC7551]. These requirements are found in [RFC3473] , [RFC6387] and [RFC7551]. These requirements are
skipping to change at page 21, line 41 skipping to change at page 21, line 41
and bounded end-to-end delivery latency. and bounded end-to-end delivery latency.
The primary considerations for the data plane is to maintain The primary considerations for the data plane is to maintain
integrity of data and delivery of the associated DetNet service integrity of data and delivery of the associated DetNet service
traversing the DetNet network. Application flows can be protected traversing the DetNet network. Application flows can be protected
through whatever means is provided by the underlying technology. For through whatever means is provided by the underlying technology. For
example, encryption may be used, such as that provided by IPSec example, encryption may be used, such as that provided by IPSec
[RFC4301] for IP flows and/or by an underlying sub-net using MACSec [RFC4301] for IP flows and/or by an underlying sub-net using MACSec
[IEEE802.1AE-2018] for Ethernet (Layer-2) flows. [IEEE802.1AE-2018] for Ethernet (Layer-2) flows.
From a data plane perspective DetNet does not add or modify any
header information.
At the management and control level DetNet flows are identified on a At the management and control level DetNet flows are identified on a
per-flow basis, which may provide controller plane attackers with per-flow basis, which may provide controller plane attackers with
additional information about the data flows (when compared to additional information about the data flows (when compared to
controller planes that do not include per-flow identification). This controller planes that do not include per-flow identification). This
is an inherent property of DetNet which has security implications is an inherent property of DetNet which has security implications
that should be considered when determining if DetNet is a suitable that should be considered when determining if DetNet is a suitable
technology for any given use case. technology for any given use case.
To provide uninterrupted availability of the DetNet service, To provide uninterrupted availability of the DetNet service,
provisions can be made against DOS attacks and delay attacks. To provisions can be made against DOS attacks and delay attacks. To
protect against DOS attacks, excess traffic due to malicious or protect against DOS attacks, excess traffic due to malicious or
malfunctioning devices can be prevented or mitigated, for example malfunctioning devices can be prevented or mitigated, for example
through the use of existing mechanism such as policing and shaping through the use of existing mechanism such as policing and shaping
applied at the input of a DetNet domain. To prevent DetNet packets applied at the input of a DetNet domain. To prevent DetNet packets
from being delayed by an entity external to a DetNet domain, DetNet from being delayed by an entity external to a DetNet domain, DetNet
technology definition can allow for the mitigation of Man-In-The- technology definition can allow for the mitigation of Man-In-The-
Middle attacks, for example through use of authentication and Middle attacks, for example through use of authentication and
authorization of devices within the DetNet domain. authorization of devices within the DetNet domain.
In order to prevent or mitigate DetNet attacks on other networks via
flow escape, edge devices can for example use existing mechanism such
as policing and shaping applied at the output of a DetNet domain.
6. IANA Considerations 6. IANA Considerations
This document makes no IANA requests. This document makes no IANA requests.
7. Acknowledgements 7. Acknowledgements
The authors wish to thank Pat Thaler, Norman Finn, Loa Anderson, The authors wish to thank Pat Thaler, Norman Finn, Loa Anderson,
David Black, Rodney Cummings, Ethan Grossman, Tal Mizrahi, David David Black, Rodney Cummings, Ethan Grossman, Tal Mizrahi, David
Mozes, Craig Gunther, George Swallow, Yuanlong Jiang and Carlos J. Mozes, Craig Gunther, George Swallow, Yuanlong Jiang and Carlos J.
Bernardos for their various contributions to this work. Bernardos for their various contributions to this work.
skipping to change at page 23, line 30 skipping to change at page 23, line 30
[I-D.ietf-detnet-mpls-over-tsn] [I-D.ietf-detnet-mpls-over-tsn]
Varga, B., Farkas, J., Malis, A., Bryant, S., and J. Varga, B., Farkas, J., Malis, A., Bryant, S., and J.
Korhonen, "DetNet Data Plane: MPLS over IEEE 802.1 Time Korhonen, "DetNet Data Plane: MPLS over IEEE 802.1 Time
Sensitive Networking (TSN)", draft-ietf-detnet-mpls-over- Sensitive Networking (TSN)", draft-ietf-detnet-mpls-over-
tsn-00 (work in progress), May 2019. tsn-00 (work in progress), May 2019.
[I-D.ietf-detnet-mpls-over-udp-ip] [I-D.ietf-detnet-mpls-over-udp-ip]
Varga, B., Farkas, J., Berger, L., Malis, A., Bryant, S., Varga, B., Farkas, J., Berger, L., Malis, A., Bryant, S.,
and J. Korhonen, "DetNet Data Plane: MPLS over UDP/IP", and J. Korhonen, "DetNet Data Plane: MPLS over UDP/IP",
draft-ietf-detnet-mpls-over-udp-ip-01 (work in progress), draft-ietf-detnet-mpls-over-udp-ip-02 (work in progress),
July 2019. October 2019.
[I-D.ietf-detnet-security] [I-D.ietf-detnet-security]
Mizrahi, T., Grossman, E., Hacker, A., Das, S., Dowdell, Mizrahi, T., Grossman, E., Hacker, A., Das, S., Dowdell,
J., Austad, H., Stanton, K., and N. Finn, "Deterministic J., Austad, H., Stanton, K., and N. Finn, "Deterministic
Networking (DetNet) Security Considerations", draft-ietf- Networking (DetNet) Security Considerations", draft-ietf-
detnet-security-05 (work in progress), August 2019. detnet-security-05 (work in progress), August 2019.
[I-D.ietf-pce-pcep-extension-for-pce-controller] [I-D.ietf-pce-pcep-extension-for-pce-controller]
Zhao, Q., Li, Z., Negi, M., and C. Zhou, "PCEP Procedures Zhao, Q., Li, Z., Negi, M., and C. Zhou, "PCEP Procedures
and Protocol Extensions for Using PCE as a Central and Protocol Extensions for Using PCE as a Central
Controller (PCECC) of LSPs", draft-ietf-pce-pcep- Controller (PCECC) of LSPs", draft-ietf-pce-pcep-
extension-for-pce-controller-02 (work in progress), July extension-for-pce-controller-02 (work in progress), July
2019. 2019.
[I-D.ietf-spring-srv6-network-programming] [I-D.ietf-spring-srv6-network-programming]
Filsfils, C., Camarillo, P., Leddy, J., Filsfils, C., Camarillo, P., Leddy, J.,
daniel.voyer@bell.ca, d., Matsushima, S., and Z. Li, "SRv6 daniel.voyer@bell.ca, d., Matsushima, S., and Z. Li, "SRv6
Network Programming", draft-ietf-spring-srv6-network- Network Programming", draft-ietf-spring-srv6-network-
programming-01 (work in progress), July 2019. programming-05 (work in progress), October 2019.
[IEEE802.1AE-2018] [IEEE802.1AE-2018]
IEEE Standards Association, "IEEE Std 802.1AE-2018 MAC IEEE Standards Association, "IEEE Std 802.1AE-2018 MAC
Security (MACsec)", 2018, Security (MACsec)", 2018,
<https://ieeexplore.ieee.org/document/8585421>. <https://ieeexplore.ieee.org/document/8585421>.
[IEEE802.1TSNTG] [IEEE802.1TSNTG]
IEEE Standards Association, "IEEE 802.1 Time-Sensitive IEEE Standards Association, "IEEE 802.1 Time-Sensitive
Networking Task Group", <http://www.ieee802.org/1/tsn>. Networking Task Group", <http://www.ieee802.org/1/tsn>.
 End of changes. 88 change blocks. 
242 lines changed or deleted 250 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/