--- 1/draft-ietf-detnet-mpls-05.txt 2020-04-23 23:13:04.589732092 -0700 +++ 2/draft-ietf-detnet-mpls-06.txt 2020-04-23 23:13:04.653733723 -0700 @@ -1,26 +1,25 @@ DetNet B. Varga, Ed. Internet-Draft J. Farkas Intended status: Standards Track Ericsson -Expires: August 6, 2020 L. Berger - D. Fedyk +Expires: October 25, 2020 L. Berger LabN Consulting, L.L.C. A. Malis - Independent + Malis Consulting S. Bryant Futurewei Technologies J. Korhonen - February 3, 2020 + April 23, 2020 DetNet Data Plane: MPLS - draft-ietf-detnet-mpls-05 + draft-ietf-detnet-mpls-06 Abstract This document specifies the Deterministic Networking data plane when operating over an MPLS Packet Switched Networks. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. @@ -28,21 +27,21 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on August 6, 2020. + This Internet-Draft will expire on October 25, 2020. Copyright Notice Copyright (c) 2020 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents @@ -78,23 +77,24 @@ 4.6. Forwarding Sub-Layer Considerations . . . . . . . . . . . 20 4.6.1. Class of Service . . . . . . . . . . . . . . . . . . 20 4.6.2. Quality of Service . . . . . . . . . . . . . . . . . 20 5. Management and Control Information Summary . . . . . . . . . 21 5.1. Service Sub-Layer Information Summary . . . . . . . . . . 22 5.1.1. Service Aggregation Information Summary . . . . . . . 23 5.2. Forwarding Sub-Layer Information Summary . . . . . . . . 23 6. Security Considerations . . . . . . . . . . . . . . . . . . . 24 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 25 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 25 - 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 25 - 9.1. Normative References . . . . . . . . . . . . . . . . . . 25 - 9.2. Informative References . . . . . . . . . . . . . . . . . 27 + 9. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 25 + 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 25 + 10.1. Normative References . . . . . . . . . . . . . . . . . . 25 + 10.2. Informative References . . . . . . . . . . . . . . . . . 27 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 29 1. Introduction Deterministic Networking (DetNet) is a service that can be offered by a network to DetNet flows. DetNet provides these flows extremely low packet loss rates and assured maximum end-to-end delivery latency. General background and concepts of DetNet can be found in [RFC8655]. The DetNet Architecture models the DetNet related data plane @@ -446,21 +446,22 @@ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 5: DetNet Control Word (bits 0 to 3) Per [RFC4385], MUST be set to zero (0). Sequence Number (bits 4 to 31) - An unsigned value implementing the DetNet sequence number. + An unsigned value implementing the DetNet sequence number. The + sequence number space is a circular one. A separate sequence number space MUST be maintained by the node that adds the d-CW for each DetNet app-flow. The following sequence number field lengths MUST be supported: 0 bits 16 bits 28 bits @@ -1077,22 +1078,24 @@ provision both flow identification information and the flow specific resources needed to provided the traffic treatment needed to meet each flow's service requirements. This applies for aggregated and individual flows. 6. Security Considerations General security considerations are described in [RFC8655]. Additionally, security considerations and a threat analysis are described in [I-D.ietf-detnet-security]. This section considers - exclusively security considerations which are specific to the DetNet - MPLS data plane. + security considerations which are specific to the DetNet MPLS data + plane. The considerations raised related to MPLS networks in general + in [RFC5920] are equally applicable to the the DetNet MPLS data + plane. Security aspects which are unique to DetNet are those whose aim is to provide the specific quality of service aspects of DetNet, which are primarily to deliver data flows with extremely low packet loss rates and bounded end-to-end delivery latency. The primary considerations for the data plane is to maintain integrity of data and delivery of the associated DetNet service traversing the DetNet network. Application flows can be protected through whatever means is provided by the underlying technology. For @@ -1107,42 +1110,52 @@ per-flow basis, which may provide controller plane attackers with additional information about the data flows (when compared to controller planes that do not include per-flow identification). This is an inherent property of DetNet which has security implications that should be considered when determining if DetNet is a suitable technology for any given use case. To provide uninterrupted availability of the DetNet service, provisions can be made against DOS attacks and delay attacks. To protect against DOS attacks, excess traffic due to malicious or - malfunctioning devices can be prevented or mitigated, for example - through the use of existing mechanism such as policing and shaping - applied at the input of a DetNet domain. To prevent DetNet packets - from being delayed by an entity external to a DetNet domain, DetNet - technology definition can allow for the mitigation of Man-In-The- - Middle attacks, for example through use of authentication and - authorization of devices within the DetNet domain. + malfunctioning devices is prevented or mitigated through the use of + existing mechanisms, for example by policing and shaping incoming + traffic. To prevent DetNet packets from being delayed by an entity + external to a DetNet domain, DetNet technology definition can allow + for the mitigation of Man-In-The-Middle attacks, for example through + use of authentication and authorization of devices within the DetNet + domain. 7. IANA Considerations This document makes no IANA requests. 8. Acknowledgements The authors wish to thank Pat Thaler, Norman Finn, Loa Anderson, David Black, Rodney Cummings, Ethan Grossman, Tal Mizrahi, David Mozes, Craig Gunther, George Swallow, Yuanlong Jiang and Carlos J. Bernardos for their various contributions to this work. -9. References +9. Contributors -9.1. Normative References + RFC7322 limits the number of authors listed on the front page of a + draft to a maximum of 5. The editor wishes to thank and acknowledge + the follow author for contributing text to this draft. + + Don Fedyk + LabN Consulting, L.L.C. + Email: dfedyk@labn.net + +10. References + +10.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC2211] Wroclawski, J., "Specification of the Controlled-Load Network Element Service", RFC 2211, DOI 10.17487/RFC2211, September 1997, . @@ -1210,50 +1223,48 @@ [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, . [RFC8655] Finn, N., Thubert, P., Varga, B., and J. Farkas, "Deterministic Networking Architecture", RFC 8655, DOI 10.17487/RFC8655, October 2019, . -9.2. Informative References +10.2. Informative References [I-D.ietf-detnet-data-plane-framework] - Varga, B., Farkas, J., Berger, L., Fedyk, D., Malis, A., - Bryant, S., and J. Korhonen, "DetNet Data Plane - Framework", draft-ietf-detnet-data-plane-framework-03 - (work in progress), October 2019. + Varga, B., Farkas, J., Berger, L., Malis, A., and S. + Bryant, "DetNet Data Plane Framework", draft-ietf-detnet- + data-plane-framework-04 (work in progress), February 2020. [I-D.ietf-detnet-ip] Varga, B., Farkas, J., Berger, L., Fedyk, D., Malis, A., - Bryant, S., and J. Korhonen, "DetNet Data Plane: IP", - draft-ietf-detnet-ip-04 (work in progress), November 2019. + and S. Bryant, "DetNet Data Plane: IP", draft-ietf-detnet- + ip-05 (work in progress), February 2020. [I-D.ietf-detnet-ip-over-mpls] - Varga, B., Farkas, J., Berger, L., Fedyk, D., Malis, A., - Bryant, S., and J. Korhonen, "DetNet Data Plane: IP over - MPLS", draft-ietf-detnet-ip-over-mpls-04 (work in - progress), November 2019. + Varga, B., Berger, L., Fedyk, D., Malis, A., Bryant, S., + and J. Korhonen, "DetNet Data Plane: IP over MPLS", draft- + ietf-detnet-ip-over-mpls-05 (work in progress), February + 2020. [I-D.ietf-detnet-mpls-over-tsn] Varga, B., Farkas, J., Malis, A., and S. Bryant, "DetNet Data Plane: MPLS over IEEE 802.1 Time Sensitive Networking - (TSN)", draft-ietf-detnet-mpls-over-tsn-01 (work in - progress), October 2019. + (TSN)", draft-ietf-detnet-mpls-over-tsn-02 (work in + progress), March 2020. [I-D.ietf-detnet-security] - Mizrahi, T., Grossman, E., Hacker, A., Das, S., Dowdell, - J., Austad, H., and N. Finn, "Deterministic Networking + Mizrahi, T. and E. Grossman, "Deterministic Networking (DetNet) Security Considerations", draft-ietf-detnet- - security-07 (work in progress), January 2020. + security-09 (work in progress), March 2020. [IEEE802.1AE-2018] IEEE Standards Association, "IEEE Std 802.1AE-2018 MAC Security (MACsec)", 2018, . [RFC2205] Braden, R., Ed., Zhang, L., Berson, S., Herzog, S., and S. Jamin, "Resource ReSerVation Protocol (RSVP) -- Version 1 Functional Specification", RFC 2205, DOI 10.17487/RFC2205, September 1997, . @@ -1293,20 +1304,24 @@ [RFC5440] Vasseur, JP., Ed. and JL. Le Roux, Ed., "Path Computation Element (PCE) Communication Protocol (PCEP)", RFC 5440, DOI 10.17487/RFC5440, March 2009, . [RFC5586] Bocci, M., Ed., Vigoureux, M., Ed., and S. Bryant, Ed., "MPLS Generic Associated Channel", RFC 5586, DOI 10.17487/RFC5586, June 2009, . + [RFC5920] Fang, L., Ed., "Security Framework for MPLS and GMPLS + Networks", RFC 5920, DOI 10.17487/RFC5920, July 2010, + . + [RFC5921] Bocci, M., Ed., Bryant, S., Ed., Frost, D., Ed., Levrau, L., and L. Berger, "A Framework for MPLS in Transport Networks", RFC 5921, DOI 10.17487/RFC5921, July 2010, . [RFC6003] Papadimitriou, D., "Ethernet Traffic Parameters", RFC 6003, DOI 10.17487/RFC6003, October 2010, . [RFC6073] Martini, L., Metz, C., Nadeau, T., Bocci, M., and M. @@ -1347,27 +1362,22 @@ Budapest 1117 Hungary Email: janos.farkas@ericsson.com Lou Berger LabN Consulting, L.L.C. Email: lberger@labn.net - Don Fedyk - LabN Consulting, L.L.C. - - Email: dfedyk@labn.net - Andrew G. Malis - Independent + Malis Consulting Email: agmalis@gmail.com Stewart Bryant Futurewei Technologies Email: stewart.bryant@gmail.com Jouni Korhonen