draft-ietf-teas-actn-framework-01.txt   draft-ietf-teas-actn-framework-02.txt 
TEAS Working Group Daniele Ceccarelli (Ed) TEAS Working Group Daniele Ceccarelli (Ed)
Internet Draft Ericsson Internet Draft Ericsson
Intended status: Informational Young Lee (Ed) Intended status: Informational Young Lee (Ed)
Expires: January 2017 Huawei Expires: June 2017 Huawei
October 25, 2016 December 22, 2016
Framework for Abstraction and Control of Traffic Engineered Networks Framework for Abstraction and Control of Traffic Engineered Networks
draft-ietf-teas-actn-framework-01 draft-ietf-teas-actn-framework-02
Abstract
Traffic Engineered networks have a variety of mechanisms to
facilitate the separation of the data plane and control plane. They
also have a range of management and provisioning protocols to
configure and activate network resources. These mechanisms
represent key technologies for enabling flexible and dynamic
networking.
Abstraction of network resources is a technique that can be applied
to a single network domain or across multiple domains to create a
single virtualized network that is under the control of a network
operator or the customer of the operator that actually owns
the network resources.
This document provides a framework for Abstraction and Control of
Traffic Engineered Networks (ACTN).
Status of this Memo Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with This Internet-Draft is submitted to IETF in full conformance with
the provisions of BCP 78 and BCP 79. the provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
skipping to change at page 1, line 27 skipping to change at page 2, line 4
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
Internet-Drafts are draft documents valid for a maximum of six Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other documents months and may be updated, replaced, or obsoleted by other documents
at any time. It is inappropriate to use Internet-Drafts as at any time. It is inappropriate to use Internet-Drafts as
reference material or to cite them other than as "work in progress." reference material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on January 25, 2017. This Internet-Draft will expire on January 22, 2017.
Copyright Notice Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this respect to this document. Code Components extracted from this
document must include Simplified BSD License text as described in document must include Simplified BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Simplified BSD License. warranty as described in the Simplified BSD License.
Abstract
Traffic Engineered networks have a variety of mechanisms to
facilitate the
separation of the data plane and control plane. They also have a
range of management and provisioning protocols to configure and
activate network resources. These mechanisms represent key
technologies for enabling flexible and dynamic networking.
Abstraction of network resources is a technique that can be applied
to a single network domain or across multiple domains to create a
single virtualized network that is under the control of a network
operator or the customer of the operator that actually owns
the network resources.
This draft provides a framework for Abstraction and Control of
Traffic Engineered Networks (ACTN).
Table of Contents Table of Contents
1. Introduction...................................................3 1. Introduction...................................................3
1.1. Terminology...............................................5 1.1. Terminology...............................................6
2. Business Model of ACTN.........................................8 2. Business Model of ACTN.........................................9
2.1. Customers.................................................8 2.1. Customers.................................................9
2.2. Service Providers........................................10 2.2. Service Providers........................................10
2.3. Network Providers........................................11 2.3. Network Providers........................................12
3. ACTN architecture.............................................12 3. ACTN Architecture.............................................12
3.1. Customer Network Controller..............................14 3.1. Customer Network Controller..............................14
3.2. Multi Domain Service Coordinator.........................15 3.2. Multi Domain Service Coordinator.........................15
3.3. Physical Network Controller..............................16 3.3. Physical Network Controller..............................16
3.4. ACTN interfaces..........................................17 3.4. ACTN Interfaces..........................................17
4. VN creation process...........................................19 4. VN Creation Process...........................................19
5. Access Points and Virtual Network Access Points...............20 5. Access Points and Virtual Network Access Points...............20
5.1. Dual homing scenario.....................................22 5.1. Dual homing scenario.....................................22
6. End point selection & mobility................................23 6. End Point Selection and Mobility..............................23
6.1. End point selection & mobility...........................23 6.1. End Point Selection......................................23
6.2. Preplanned end point migration...........................24 6.2. Pre-Planned End Point Migration..........................24
6.3. On the fly end point migration...........................25 6.3. On the Fly End Point Migration...........................25
7. Security......................................................25 7. Manageability Considerations..................................25
8. References....................................................25 7.1. Policy...................................................26
8.1. Informative References...................................25 7.2. Policy applied to the Customer Network Controller........26
9. Contributors..................................................28 7.3. Policy applied to the Multi Domain Service Coordinator...27
Authors' Addresses...............................................28 7.4. Policy applied to the Physical Network Controller........27
8. Security Considerations.......................................28
8.1. Interface between the Application and Customer Network
Controller (CNC)..............................................29
8.2. Interface between the Customer Network Controller and Multi
Domain Service Coordinator (MDSC), CNC-MDSC Interface (CMI)...29
8.3. Interface between the Multi Domain Service Coordinator and
Physical Network Controller (PNC), MDSC-PNC Interface (MPI)...30
9. References....................................................30
9.1. Informative References...................................30
10. Contributors.................................................31
Authors' Addresses...............................................32
1. Introduction 1. Introduction
Traffic Engineered networks have a variety of mechanisms to Traffic Engineered networks have a variety of mechanisms to
facilitate separation of data plane and control plane including facilitate separation of data plane and control plane including
distributed signaling for path setup and protection, centralized distributed signaling for path setup and protection, centralized
path computation for planning and traffic engineering, and a range path computation for planning and traffic engineering, and a range
of management and provisioning protocols to configure and activate of management and provisioning protocols to configure and activate
network resources. These mechanisms represent key technologies for network resources. These mechanisms represent key technologies for
enabling flexible and dynamic networking. enabling flexible and dynamic networking.
The term Traffic Engineered Network in this draft refers to any The term Traffic Engineered network is used in this document to
connection-oriented network that has the ability of dynamic refer to a network that uses any connection-oriented technology
provisioning, abstracting and orchestrating network resource to the under the control of a distributed or centralized control plane to
network's clients. Some examples of networks that are in scope of support dynamic provisioning of end-to-end connectivity. Some
this definition are optical networks, MPLS Transport Profile (MPLS- examples of networks that are in scope of this definition are
TP), MPLS Traffic Engineering (MPLS-TE), and other emerging optical networks, MPLS Transport Profile (MPLS-TP) networks
technologies with connection-oriented behavior. [RFC5654], and MPLS Traffic Engineering (MPLS-TE) networks
[RFC2702].
One of the main drivers for Software Defined Networking (SDN) is a One of the main drivers for Software Defined Networking (SDN)
decoupling of the network control plane from the data plane. This [RFC7149] is a decoupling of the network control plane from the data
separation of the control plane from the data plane has been already plane. This separation of the control plane from the data plane has
achieved with the development of MPLS/GMPLS [GMPLS] and PCE [PCE] been already achieved with the development of MPLS/GMPLS [GMPLS] and
for TE-based transport networks. One of the advantages of SDN is its the Path Computation Element (PCE) [RFC4655] for TE-based networks.
logically centralized control regime that allows a global view of One of the advantages of SDN is its logically centralized control
the underlying network under its control. Centralized control in SDN regime that allows a global view of the underlying networks.
helps improve network resources utilization compared with Centralized control in SDN helps improve network resource
distributed network control. For TE-based transport network control, utilization compared with distributed network control. For TE-based
PCE is essentially equivalent to a logically centralized control for networks, PCE is essentially equivalent to a logically centralized
path computation function. path computation function.
Two key aspects that need to be solved by SDN are: Three key aspects that need to be solved by SDN are:
. Network and service abstraction: Detach the network and service . Separation of service requests from service delivery so that
control from underlying technology and help customer express the orchestration of a network is transparent from the point of
the network as desired by business needs. view of the customer but remains responsive to the customer's
services and business needs.
. Network abstraction: As described in [RFC7926], abstraction is
the process of applying policy to a set of information about a
TE network to produce selective information that represents the
potential ability to connect across the domain. The process of
abstraction presents the connectivity graph in a way that is
independent of the underlying network technologies,
capabilities, and topology so that it can be used to plan and
deliver network services in a uniform way
. Coordination of resources across multiple domains and multiple . Coordination of resources across multiple domains and multiple
layers to provide end-to-end services regardless of whether the layers to provide end-to-end services regardless of whether the
domains use SDN or not. domains use SDN or not.
As networks evolve, the need to provide resource and service As networks evolve, the need to provide separated service
abstraction has emerged as a key requirement for operators; this request/orchestration and resource abstraction has emerged as a key
implies in effect the virtualization of network resources so that requirement for operators. In order to support multiple clients each
the network is "sliced" for different tenants shown as a dedicated with its own view of and control of the server network, a network
portion of the network resources operator needs to partition (or "slice") the network resources. The
resulting slices can be assigned to each client for guaranteed usage
which is a step further than shared use of common network resources.
Particular attention needs to be paid to the multi-domain case, where Furthermore, each network represented to a client can be built from
Abstraction and Control of Traffic Engineered Networks (ACTN) can abstractions of the underlying networks so that, for example, a link
facilitate virtual network operation via the creation of a single in the client's network is constructed from a path or collection of
virtualized network or a seamless service. This supports operators in paths in the underlying network.
viewing and controlling different domains (at any dimension: applied
technology, administrative zones, or vendor-specific technology We call the set of management and control functions used to provide
islands) as a single virtualized network. these features Abstraction and Control of Traffic Engineered
Networks (ACTN).
Particular attention needs to be paid to the multi-domain case, ACTN
can facilitate virtual network operation via the creation of a
single virtualized network or a seamless service. This supports
operators in viewing and controlling different domains (at any
dimension: applied technology, administrative zones, or vendor-
specific technology islands) as a single virtualized network.
Network virtualization refers to allowing the customers of network Network virtualization refers to allowing the customers of network
operators (see Section 2.1) to utilize a certain amount of network operators (see Section 2.1) to utilize a certain amount of network
resources as if they own them and thus control their allocated resources as if they own them and thus control their allocated
resources with higher layer or application processes that enables resources with higher layer or application processes that enables
the resources to be used in the most optimal way. More flexible, the resources to be used in the most optimal way. More flexible,
dynamic customer control capabilities are added to the traditional dynamic customer control capabilities are added to the traditional
VPN along with a customer specific virtual network view. Customers VPN along with a customer-specific virtual network view. Customers
control a view of virtual network resources, specifically allocated control a view of virtual network resources, specifically allocated
to each one of them. This view is called an abstracted network to each one of them. This view is called an virtual network
topology. Such a view may be specific to a specific service, the set topology. Such a view may be specific to a service, the set of
of consumed resources or to a particular customer. Customer consumed resources, or to a particular customer.
controller of the virtual network is envisioned to support a
plethora of distinct applications. This means that there may be a
further level of virtualization that provides a view of resources in
the customer's virtual network for use by an individual application.
The framework described in this draft is named Abstraction and Network abstraction refers to presenting a customer with a view of
Control of Traffic Engineered Network (ACTN) and facilitates: the operator's network in such a way that the links and nodes in
that view constitute an aggregation or abstraction of the real
resources in the operator's network in a way that is independent of
the underlying network technologies, capabilities, and topology.
The customer operates an abstract network as if it was their own
network, but the operational commands are mapped onto the underlying
network through orchestration.
- Abstraction of the underlying network resources to higher-layer The customer controller for a virtual or abstract network is
applications and customers [TE-INFO]. envisioned to support many distinct applications. This means that
there may be a further level of virtualization that provides a view
of resources in the customer's virtual network for use by an
individual application.
- Virtualization of particular underlying resources, whose The ACTN framework described in this document facilitates:
. Abstraction of the underlying network resources to higher-layer
applications and customers [RFC7926].
. Virtualization of particular underlying resources, whose
selection criterion is the allocation of those resources to a selection criterion is the allocation of those resources to a
particular customer, application or service. [ONF-ARCH] particular customer, application or service [ONF-ARCH].
- Slicing infrastructure to connect multiple customers to meet . Slicing of infrastructure to meet specific customers' service
specific customer's service requirements. requirements.
- Creation of a virtualized environment allowing operators to . Creation of a virtualized environment allowing operators to
view and control multi-domain networks into a single view and control multi-domain networks as a single virtualized
virtualized network; network.
- Possibility of providing a customer with virtualized network or . The possibility of providing a customer with a virtualized
services (totally hiding the network). network.
- A virtualization/mapping network function that adapts customer . A virtualization/mapping network function that adapts the
requests to the virtual resources (allocated to them) to the customer's requests for control of the virtual resources that
supporting physical network control and performs the necessary have been allocated to the customer to control commands applied
mapping, translation, isolation and security/policy to the underlying network resources. Such a function performs
enforcement, etc.; This function is often referred to as the necessary mapping, translation, isolation and
orchestration. security/policy enforcement, etc. This function is often
referred to as orchestration.
- The presentation of the networks as a virtualized topology to . The presentation to customers of networks as a virtualized
the customers via open and programmable interfaces. This allows topology via open and programmable interfaces. This allows for
for the recursion of controllers in a customer-provider the recursion of controllers in a customer-provider
relationship. relationship.
1.1. Terminology 1.1. Terminology
The following terms are used in this document. Some of them are The following terms are used in this document. Some of them are
newly defined, some others reference existing definition: newly defined, some others reference existing definition:
- Node: A node is a topological entity describing the "opaque" . Node: A node is a vertex on the graph representation of a TE
forwarding aspect of the topological component which represents topology. In a physical network a node corresponds to a network
the opportunity to enable forwarding between points at the edge element (NE). In a sliced network, a node is some subset of the
of the node. It provides the context for instructing the capabilities of a physical network element. In an abstract
formation, adjustment and removal of the forwarding. A node, in network, a node (sometimes called an abstract node) is a
a VN network, can be represented by single physical entity or representation as a single vertex in the topology of the
by a group of nodes moving from physical to virtual network. abstract network of one or more nodes and their connecting
links from the physical network. The concept of a node
represents the ability to connect from any access to the node
(a link end) to any other access to that node, although
"limited cross-connect capabilities" may also be defined to
restrict this functionality. Just as network slicing and
network abstraction may be applied recursively, so a node in a
topology may be created by applying slicing or abstraction on
the nodes in the underlying topology.
- Link: A link is a topological entity describing the effective . Link: A link is an edge on the graph representation of a TE
adjacency between two or more forwarding entities, such as two topology. Two nodes connected by a link are said to be
or more nodes. In its basic form (i.e., point-to-point Link) it "adjacent" in the TE topology. In a physical network, a link
associates an edge point of a node with an equivalent edge corresponds to a physical connection. In a sliced topology, a
point on another node. Links in virtual network is in fact link is some subset of the capabilities of a physical
connectivity, realized by bandwidth engineering between any two connection. In an abstract network, a link (sometimes called an
nodes meeting certain criteria, for example, redundancy, abstract link) is a representation as an edge in the topology
protection, latency, not tied to any technology specific of the abstract network of one or more links and the nodes they
characteristics like timeslots or wavelengths. The link can be connect from the physical network. Abstract links may be
dynamic, realized by a service in underlay, or static. realized by Label Switched Paths (LSPs) across the physical
network that may be pre-established or could be only
potentially achievable. Just as network slicing and network
abstraction may be applied recursively, so a link in a topology
may be created by applying slicing or abstraction on the links
in the underlying topology. While most links are point-to-
point, connecting just two nodes, the concept of a multi-access
link exists where more than two nodes are collectively adjacent
and data sent on the link by one node will be equally delivered
to all other nodes connected by the link.
- PNC domain: A PNC domain includes all the resources under the . PNC: A Physical Network Controller is a domain controller that
control of a single PNC. It can be composed by different is responsible for controlling devices or NEs under its direct
routing domains, administrative domains and different layers. control.
The interconnection between PNC domains can be a link or a
node.
border . PNC domain: A PNC domain includes all the resources under the
------- link ------- control of a single PNC. It can be composed of different
( )---------( ) routing domains and administrative domains, and the resources
- - __ - - may come from different layers. The interconnection between PNC
( PNC )+---+( PNC ) domains can be a link or a node.
( Domain X ) ( Domain Y )
( )+---+( )
- - border- -
( ) node ( )
------- -------
Figure 1 : PNC domain borders _______ Border Link _______
_( )================( )_
_( )_ _( )_
( ) ---- ( )
( PNC )| |( PNC )
( Domain X )| |( Domain Y )
( )| |( )
(_ _) ---- (_ _)
(_ _) Border (_ _)
(_______) Node (_______)
- A Virtual Network is a client view (typically a network slice) Figure 1: PNC Domain Borders
of the transport network. It is presented by the provider as a
set of physical and/or abstracted resources. Depending on the
agreement between client and provider various VN operations and
VN views are possible.
(1) VN Creation - VN could be pre-configured and created via . A Virtual Network (VN) is a customer view of the TE
static negotiation between customer and provider. In other network. It is presented by the provider as a set of physical
cases, VN could also be created dynamically based on the and/or abstracted resources. Depending on the agreement between
request from the customer with given SLA attributes which client and provider various VN operations and VN views are
satisfy the customer's objectives. possible as follows:
(2) Dynamic Operations - VN could be further modified and o VN Creation - VN could be pre-configured and created via
deleted based on customer request to request changes in the offline negotiation between customer and provider. In
network resources reserved for the customer. The customer can other cases, the VN could also be created dynamically
further act upon the virtual network resources to perform E2E based on a request from the customer with given SLA
tunnel management (set-up/release/modify). These changes will attributes which satisfy the customer's objectives.
incur subsequent LSP management on the operator's level.
(3) VN View - (a) VN can be seen as an (or set of) e2e o Dynamic Operations - The VN could be further modified or
tunnel(s) from a customer point of view where an e2e tunnel is deleted based on a customer request to request. The
referred as a VN member. Each VN member (i.e., e2e tunnel) can customer can further act upon the virtual network
then be formed by recursive aggregation of lower level paths at resources to perform end-to-end tunnel management (set-
a provider level. Such end to end tunnels may comprise of up/release/modify). These changes will result in
customer end points, access links, intra domain paths and subsequent LSP management at the operator's level.
inter-domain link. In this view VN is thus a list of VN
members. (b) VN can also be seen as a terms of topology
comprising of physical and abstracted nodes and links. The
nodes in this case include physical customer end points, border
nodes, and internal nodes as well as abstracted nodes.
Similarly the links includes physical access, inter-domain and
intra-domain links as well as abstracted links. The abstracted
nodes and links in this view can be pre-negotiated or created
dynamically.
- Abstraction is the process of applying policy to the available o VN View:
TE information within a domain, to produce selective
information that represents the potential ability to connect
across the domain. Thus, abstraction does not necessarily
offer all possible connectivity options, but it presents a
general view of potential connectivity according to the
policies that determine how the domain's administrator wants to
allow the domain resources to be used. [RFC7926]
- Abstract Link: An abstract link is the representation of the a. The VN can be seen as set of end-to-end tunnels from a
characteristics of a path between two nodes in a domain customer point of view, where each tunnel is referred
produced by abstraction. The abstract link is advertised as a VN member. Each VN member can then be formed by
outside that domain as a TE link for use in signaling in other recursive slicing or abstraction of paths in
domains. Thus, an abstract link represents the potential to underlying networks. Such end-to-end tunnels may
connect between a pair of nodes. [RFC7926] comprise of customer end points, access links, intra
domain paths, and inter-domain links. In this view VN
is thus a set of VN members.
- Abstract Topology: Every lower controller in the provider b. The VN can also be seen as a topology comprising of
network, when is representing its network topology to an higher physical, sliced, and abstract nodes and links. The
layer, it may want to hide details of the actual network nodes in this case include physical customer end
topology. In such case, an abstract topology may be used for points, border nodes, and internal nodes as well as
this purpose. Abstract topology enhances scalability for the abstracted nodes. Similarly the links include physical
MDSC to operate multi-domain networks access links, inter-domain links, and intra-domain
links as well as abstract links. The abstract nodes
and links in this view can be pre-negotiated or
created dynamically.
- Access link: A link between a customer node and a provider . Abstraction. This process is defined in [RFC7926].
. Abstract Link: The term "abstract link" is defined in
[RFC7926].
. Abstract Topology: The topology of abstract nodes and abstract
links presented through the process of abstraction by a lower
layer network for use by a higher layer network.
. Access link: A link between a customer node and a provider
node. node.
- Inter domain link: A link between domains managed by different . Inter-domain link: A link between domains managed by different
PNCs. The MDSC is in charge of managing inter-domain links. PNCs. The MDSC is in charge of managing inter-domain links.
- Border node: A node whose interfaces belong to different . Access Point (AP): An access point is used to keep
domains. It may be managed by different PNCs or by the MDSC. confidentiality between the customer and the provider. It is a
logical identifier shared between the customer and the
- Access Point (AP): An access point is defined on an access provider, used to map the end points of the border node in both
link. It is used to keep confidentiality between the customer the customer and the provider NW. The AP can be used by the
and the provider. It is an identifier shared between the customer when requesting VN service to the provider.
customer and the provider, used to map the end points of the
border node in the provider NW. The AP can be used by the
customer when requesting connectivity service to the provider.
A number of parameters, e.g. available bandwidth, need to be
associated to the AP to qualify it.
- VN Access Point (VNAP): A VNAP is defined within an AP as part . VN Access Point (VNAP): A VNAP is defined as the binding
of a given VN and is used to identify the portion of the AP, between an AP and a given VN and is used to identify the
and hence of the access link) dedicated to a given VN. portion of the access and/or inter-domain link dedicated to a
given VN.
2. Business Model of ACTN 2. Business Model of ACTN
The Virtual Private Network (VPN) [RFC4026] and Overlay Network (ON) The Virtual Private Network (VPN) [RFC4026] and Overlay Network (ON)
models [RFC4208] are built on the premise that one single network models [RFC4208] are built on the premise that the network provider
provider provides all virtual private or overlay networks to its provides all virtual private or overlay networks to its customers.
customers. These models are simple to operate but have some These models are simple to operate but have some disadvantages in
disadvantages in accommodating the increasing need for flexible and accommodating the increasing need for flexible and dynamic network
dynamic network virtualization capabilities. virtualization capabilities.
The ACTN model is built upon entities that reflect the current There are three key entities in the ACTN model:
landscape of network virtualization environments. There are three
key entities in the ACTN model [ACTN-PS]:
- Customers - Customers
- Service Providers - Service Providers
- Network Providers - Network Providers
These are described in the following sections.
2.1. Customers 2.1. Customers
Within the ACTN framework, different types of customers may be taken Within the ACTN framework, different types of customers may be taken
into account depending on the type of their resource needs, on their into account depending on the type of their resource needs, and on
number and type of access. As example, it is possible to group them their number and type of access. For example, it is possible to
into two main categories: group them into two main categories:
Basic Customer: Basic customers include fixed residential users, Basic Customer: Basic customers include fixed residential users,
mobile users and small enterprises. Usually the number of basic mobile users and small enterprises. Usually, the number of basic
customers is high; they require small amounts of resources and are customers for a service provider is high: they require small amounts
characterized by steady requests (relatively time invariant). A of resources and are characterized by steady requests (relatively
typical request for a basic customer is for a bundle of voice time invariant). A typical request for a basic customer is for a
services and internet access. Moreover basic customers do not modify bundle of voice services and internet access. Moreover, basic
their services themselves; if a service change is needed, it is customers do not modify their services themselves: if a service
performed by the provider as proxy and they generally have very few change is needed, it is performed by the provider as a proxy and the
dedicated resources (subscriber drop), with everything else shared services generally have very few dedicated resources (such as for
on the basis of some SLA, which is usually best-efforts. subscriber drop), with everything else shared on the basis of some
Service Level Agreement (LSA), which is usually best-efforts.
Advanced Customer: Advanced customers typically include enterprises, Advanced Customer: Advanced customers typically include enterprises,
governments and utilities. Such customers can ask for both point to governments and utilities. Such customers can ask for both point-to
point and multipoint connectivity with high resource demand point and multipoint connectivity with high resource demands varying
significantly varying in time and from customer to customer. This is significantly in time and from customer to customer. This is one of
one of the reasons why a bundled service offering is not enough and the reasons why a bundled service offering is not enough and it is
it is desirable to provide each of them with a customized virtual desirable to provide each advanced customer with a customized
network service. virtual network service.
Advanced customers may own dedicated virtual resources, or share Advanced customers may own dedicated virtual resources, or share
resources. They may also have the ability to modify their service resources. They may also have the ability to modify their service
parameters within the scope of their virtualized environments. parameters within the scope of their virtualized environments. The
primary focus of ACTN is Advanced Customers.
As customers are geographically spread over multiple network As customers are geographically spread over multiple network
provider domains, they have to interface multiple providers and may provider domains, they have to interface to multiple providers and
have to support multiple virtual network services with different may have to support multiple virtual network services with different
underlying objectives set by the network providers. To enable these underlying objectives set by the network providers. To enable these
customers to support flexible and dynamic applications they need to customers to support flexible and dynamic applications they need to
control their allocated virtual network resources in a dynamic control their allocated virtual network resources in a dynamic
fashion, and that means that they need an abstracted view of the fashion, and that means that they need a view of the
topology that spans all of the network providers. topology that spans all of the network providers.
ACTN's primary focus is Advanced Customers.
Customers of a given service provider can in turn offer a service to Customers of a given service provider can in turn offer a service to
other customers in a recursive way. An example of recursiveness with other customers in a recursive way.
2 service providers is shown below.
- Customer (of service B)
- Customer (of service A) & Service Provider (of service B)
- Service Provider (of service A)
- Network Provider
+------------------------------------------------------------+ ---
| | ^
| Customer (of service B)| .
| +--------------------------------------------------------+ | B
| | | |--- .
| |Customer (of service A) & Service Provider(of service B)| | ^ .
| | +---------------------------------------------------+ | | . .
| | | | | | . .
| | | Service Provider (of service A)| | | A .
| | |+------------------------------------------+ | | | . .
| | || | | | | . .
| | || Network provider| | | | v v
| | |+------------------------------------------+ | | |------
| | +---------------------------------------------------+ | |
| +--------------------------------------------------------+ |
+------------------------------------------------------------+
Figure 2 : Service Recursiveness.
2.2. Service Providers 2.2. Service Providers
Service providers are the providers of virtual network services to Service providers are the providers of virtual network services to
their customers. Service providers may or may not own physical their customers. Service providers may or may not own physical
network resources. When a service provider is the same as the network resources (i.e, may or may not be network providers as
network provider, this is similar to traditional VPN models. This described in Section 2.3). When a service provider is the same as
model works well when the customer maintains a single interface with the network provider, this is similar to existing VPN models applied
a single provider. When customer location spans across multiple to a single provider. This approach works well when the customer
independent network provider domains, then it becomes hard to maintains a single interface with a single provider. When customer
facilitate the creation of end-to-end virtual network services with spans multiple independent network provider domains, then it becomes
this model. hard to facilitate the creation of end-to-end virtual network
services with this model.
A more interesting case arises when network providers only provide A more interesting case arises when network providers only provide
infrastructure while service providers directly interface their infrastructure, while distinct service providers interface to the
customers. In this case, service providers themselves are customers customers. In this case, service providers are, themselves customers
of the network infrastructure providers. One service provider may of the network infrastructure providers. One service provider may
need to keep multiple independent network providers as its end-users need to keep multiple independent network providers as its end-users
span geographically across multiple network provider domains as span geographically across multiple network provider domains.
shown in Figure 2 where Service Provider A uses resources from
Network Provider A and Network Provider B to offer a virtualized
network to its customer.
Customer X -----------------------------------X
Service Provider A X -----------------------------------X
Network Provider B X-----------------X
Network Provider A X------------------X
Figure 3 : A service Provider as Customer of Two Network Providers.
The ACTN network model is predicated upon this three tier model and The ACTN network model is predicated upon this three tier model and
is summarized in Figure 3: is summarized in Figure 2:
+----------------------+ +----------------------+
| customer | | customer |
+----------------------+ +----------------------+
| |
| /\ Service/Customer specific | /\ Service/Customer specific
| || Abstract Topology | || Abstract Topology
| || | ||
+----------------------+ E2E abstract +----------------------+ E2E abstract
| Service Provider | topology creation | Service Provider | topology creation
+----------------------+ +----------------------+
/ | \ / | \
/ | \ Network Topology / | \ Network Topology
/ | \ (raw or abstract) / | \ (raw or abstract)
/ | \ / | \
+------------------+ +------------------+ +------------------+ +------------------+ +------------------+ +------------------+
|Network Provider 1| |Network Provider 2| |Network Provider 3| |Network Provider 1| |Network Provider 2| |Network Provider 3|
+------------------+ +------------------+ +------------------+ +------------------+ +------------------+ +------------------+
Figure 4 : Three tier model. Figure 2: Three tier model.
There can be multiple types of service providers. There can be multiple service providers to which a customer may
interface.
. Data Center providers: can be viewed as a service provider type There are multiple types of service providers:
as they own and operate data center resources to various WAN
customers, they can lease physical network resources from . Data Center providers can be viewed as a service provider type
as they own and operate data center resources for various WAN
customers, and they can lease physical network resources from
network providers. network providers.
. Internet Service Providers (ISP): can be a service provider of . Internet Service Providers (ISP) are service providers of
internet services to their customers while leasing physical internet services to their customers while leasing physical
network resources from network providers. network resources from network providers.
. Mobile Virtual Network Operators (MVNO): provide mobile . Mobile Virtual Network Operators (MVNO) provide mobile services
services to their end-users without owning the physical network to their end-users without owning the physical network
infrastructure. infrastructure.
2.3. Network Providers 2.3. Network Providers
Network Providers are the infrastructure providers that own the Network Providers are the infrastructure providers that own the
physical network resources and provide network resources to their physical network resources and provide network resources to their
customers. The layered model proposed by this draft separates the customers. The layered model described in this architecture
concerns of network providers and customers, with service providers separates the concerns of network providers and customers, with
acting as aggregators of customer requests. service providers acting as aggregators of customer requests.
3. ACTN architecture 3. ACTN Architecture
This section provides a high-level control and interface model of This section provides a high-level model of ACTN showing the
ACTN. interfaces and the flow of control between components.
The ACTN architecture, while being aligned with the ONF SDN The ACTN architecture is aligned with the ONF SDN architecture [ONF-
architecture [ONF-ARCH], is presenting a 3-tiers reference model. It ARCH] and presents a 3-tiers reference model. It allows for
allows for hierarchy and recursiveness not only of SDN controllers hierarchy and recursiveness not only of SDN controllers but also of
but also of traditionally controlled domains. It defines three types traditionally controlled domains that use a control plane. It
of controllers depending on the functionalities they implement. The defines three types of controllers depending on the functionalities
main functionalities that are identified are: they implement. The main functionalities that are identified are:
. Multi domain coordination function: This function oversees the . Multi-domain coordination function: This function oversees the
specific aspects of the different domains and builds a single specific aspects of the different domains and builds a single
abstracted end-to-end network topology in order to coordinate abstracted end-to-end network topology in order to coordinate
end-to-end path computation and path/service provisioning. end-to-end path computation and path/service provisioning.
Domain sequence path calculation/determination is also a part Domain sequence path calculation/determination is also a part
of this function. of this function.
. Virtualization/Abstraction function: This function provides an . Virtualization/Abstraction function: This function provides an
abstracted view of the underlying network resources towards abstracted view of the underlying network resources for use by
customer, being it the client or a higher level controller the customer - a customer may be the client or a higher level
entity. It includes network path computation based on customer controller entity. This function includes network path
service connectivity request constraints, based on the global computation based on customer service connectivity request
network-wide abstracted topology and the creation of an constraints, path computation based on the global network-wide
abstracted view of network slices allocated to each customer, abstracted topology, and the creation of an abstracted view of
according to customer-specific network objective functions, and network slices allocated to each customer. These operations
to the customer traffic profile. depend on customer-specific network objective functions and
customer traffic profiles.
. Customer mapping/translation function: This function is to map . Customer mapping/translation function: This function is to map
customer intent-like commands into network provisioning customer requests/commands into network provisioning requests
requests to the Physical Network Controller (PNC) according to that can be sent to the Physical Network Controller (PNC)
business OSS/NMS provisioned static or dynamic policy. according to business policies provisioned statically or
Specifically, it provides mapping and translation of customer's dynamically at the OSS/NMS. Specifically, it provides mapping and
service request into a set of parameters that are specific to a translation of a customer's service request into a set of
network type and technology such that network configuration parameters that are specific to a network type and technology
process is made possible. such that network configuration process is made possible.
. Virtual service coordination: This function translates customer . Virtual service coordination function: This function translates
service-related information into the virtual network service customer service-related information into virtual network
operations in order to seamlessly operate virtual networks service operations in order to seamlessly operate virtual
while meeting customer's service requirements. In the context networks while meeting a customer's service requirements. In
of ACTN, service/virtual service coordination includes a number the context of ACTN, service/virtual service coordination
of service orchestration functions such as multi-destination includes a number of service orchestration functions such as
load balancing, guarantees of service quality, bandwidth and multi-destination load balancing, guarantees of service
throughput and notification for service fault and performance quality, bandwidth and throughput. It also includes
degradation and so forth. notifications for service fault and performance degradation and
so forth.
The virtual services that are coordinated under ACTN can be split The virtual services that are coordinated under ACTN can be split
into two categories: into two categories:
. Service-aware Connectivity Services: This category includes all . Service-aware Connectivity Services: This category includes all
the network service operations used to provide connectivity the network service operations used to provide connectivity
between customer end-points while meeting policies and service between customer end-points while meeting policies and service
related constraints. The data model for this category would related constraints. The data model for this category would
include topology entities such as virtual nodes, virtual links, include topology entities such as virtual nodes, virtual links,
adaptation and termination points and service-related entities adaptation and termination points and service-related entities
such as policies and service related constraints. (See Section such as policies and service related constraints. (See Section
4.2.2) 4.2.2)
. Network Function Virtualization Services: These kinds of . Network Function Virtualization (NFV) Services: These kinds of
services are usually setup in NFV (e.g. cloud) providers and service are usually set up in NFV (e.g. cloud) providers and
require connectivity between a customer site and the NFV require connectivity between a customer site and the NFV
provider site (e.g. a data center). These VNF services may provider site (e.g., a data center). These NFV services may
include a security function like firewall, a traffic optimizer, include a security function like a firewall, a traffic
the provisioning of storage or computation capacity. In these optimizer, and the provisioning of storage or computation
cases the customer does not care whether the service is capacity. In these cases the customer does not care whether the
implemented in a given data center or another. This allows the service is implemented in one data center or another. This
network provider divert customer requests where most suitable. allows the network provider divert customer requests to the
This is also known as "end points mobility" case. (See Section most suitable data center. This is also known as the "end
4.2.3) points mobility" case (see Section 4.2.3).
The types of controller defined are shown in Figure 4 below and are The types of controller defined in the ACTN architecture are shown
the following: in Figure 3 below and are as follows:
. CNC - Customer Network Controller . CNC - Customer Network Controller
. MDSC - Multi Domain Service Coordinator . MDSC - Multi Domain Service Coordinator
. PNC - Physical Network Controller . PNC - Physical Network Controller
Figure 3 also shows the following interfaces:
. CMI - CNC-MPI Interface
. MPI - MDSC-PNC Interface
VPN customer NW Mobile Customer ISP NW service Customer VPN customer NW Mobile Customer ISP NW service Customer
| | | | | |
+-------+ +-------+ +-------+ +-------+ +-------+ +-------+
| CNC-A | | CNC-B | | CNC-C | | CNC-A | | CNC-B | | CNC-C |
+-------+ +-------+ +-------+ +-------+ +-------+ +-------+
\ | / \ | /
----------- |CMI I/F -------------- ----------- |CMI I/F --------------
\ | / \ | /
+-----------------------+ +-----------------------+
| MDSC | | MDSC |
skipping to change at page 14, line 35 skipping to change at page 14, line 35
( ) ( ) | PNC | | PCE | \ ( ) ( ) | PNC | | PCE | \
- - ( Phys ) +-----+ +-----+ ----- - - ( Phys ) +-----+ +-----+ -----
( GMPLS ) (Netw) | / ( ) ( GMPLS ) (Netw) | / ( )
( Physical ) ---- | / ( Phys. ) ( Physical ) ---- | / ( Phys. )
( Network ) ----- ----- ( Net ) ( Network ) ----- ----- ( Net )
- - ( ) ( ) ----- - - ( ) ( ) -----
( ) ( Phys. ) ( Phys ) ( ) ( Phys. ) ( Phys )
-------- ( Net ) ( Net ) -------- ( Net ) ( Net )
----- ----- ----- -----
Figure 5 : ACTN Control Hierarchy Figure 3: ACTN Control Hierarchy
3.1. Customer Network Controller 3.1. Customer Network Controller
A Virtual Network Service is instantiated by the Customer Network A Virtual Network Service is instantiated by the Customer Network
Controller via the CMI (CNC-MDSC Interface). As the Customer Network Controller via the CNC-MDSC Interface (CMI). As the Customer Network
Controller directly interfaces the applications, it understands Controller directly interfaces to the applications, it understands
multiple application requirements and their service needs. It is multiple application requirements and their service needs. It is
assumed that the Customer Network Controller and the MDSC have a assumed that the Customer Network Controller and the MDSC have a
common knowledge on the end-point interfaces based on their business common knowledge of the end-point interfaces based on their business
negotiation prior to service instantiation. End-point interfaces negotiations prior to service instantiation. End-point interfaces
refer to customer-network physical interfaces that connect customer refer to customer-network physical interfaces that connect customer
premise equipment to network provider equipment. premise equipment to network provider equipment.
In addition to abstract networks, ACTN allows to provide the CNC 3.2. Multi Domain Service Coordinator
with services. Example of services include connectivity between one
of the customer's end points with a given set of resources in a data
center from the service provider.
3.2. Multi Domain Service Coordinator
The MDSC (Multi Domain Service Coordinator) sits between the CNC The Multi Domain Service Coordinator (MDSC) sits between the CNC
(the one issuing connectivity requests) and the PNCs (Physical that issues connectivity requests and the Physical Network
Network Controllersr - the ones managing the physical network Controllers (PNCs) that manage the physical network resources. The
resources). The MDSC can be collocated with the PNC, especially in MDSC can be collocated with the PNC, especially in those cases where
those cases where the service provider and the network provider are the service provider and the network provider are the same entity.
the same entity.
The internal system architecture and building blocks of the MDSC are The internal system architecture and building blocks of the MDSC are
out of the scope of ACTN. Some examples can be found in the out of the scope of ACTN. Some examples can be found in the
Application Based Network Operations (ABNO) architecture [ABNO] and Application Based Network Operations (ABNO) architecture [RFC7491]
the ONF SDN architecture [ONF-ARCH]. and the ONF SDN architecture [ONF-ARCH].
The MDSC is the only building block of the architecture that is able The MDSC is the only building block of the architecture that is able
to implement all the four ACTN main functionalities, i.e. multi to implement all four ACTN main functions, i.e., multi domain
domain coordination function, virtualization/abstraction function, coordination, virtualization/abstraction, customer
customer mapping function and virtual service coordination. The key mapping/translation, and virtual service coordination. The first two
point of the MDSC and the whole ACTN framework is detaching the functions of the MDSC, namely, multi domain coordination and
network and service control from underlying technology and help virtualization/abstraction are referred to as network
customer express the network as desired by business needs. The MDSC control/orchestration functions while the last two functions,
envelopes the instantiation of right technology and network control namely, customer mapping/translation and virtual service
to meet business criteria. In essence it controls and manages the coordination are referred to as service control/orchestration
primitives to achieve functionalities as desired by CNC functions.
The key point of the MDSC (and of the whole ACTN framework) is
detaching the network and service control from underlying technology
to help the customer express the network as desired by business
needs. The MDSC envelopes the instantiation of the right technology
and network control to meet business criteria. In essence it
controls and manages the primitives to achieve functionalities as
desired by CNC
A hierarchy of MDSCs can be foreseen for scalability and A hierarchy of MDSCs can be foreseen for scalability and
administrative choices. administrative choices as shown in Figure 4.
+-------+ +-------+ +-------+ +-------+ +-------+ +-------+
| CNC-A | | CNC-B | | CNC-C | | CNC-A | | CNC-B | | CNC-C |
+-------+ +-------+ +-------+ +-------+ +-------+ +-------+
\ | / \ | /
---------- | ---------- ---------- | ----------
\ | / \ | /
+-----------------------+ +-----------------------+
| MDSC | | MDSC |
+-----------------------+ +-----------------------+
skipping to change at page 16, line 26 skipping to change at page 16, line 26
/ | \ / | \
+----------+ +----------+ +--------+ +----------+ +----------+ +--------+
| MDSC | | MDSC | | MDSC | | MDSC | | MDSC | | MDSC |
+----------+ +----------+ +--------+ +----------+ +----------+ +--------+
| / | / \ | / | / \
| / | / \ | / | / \
+-----+ +-----+ +-----+ +-----+ +-----+ +-----+ +-----+ +-----+ +-----+ +-----+
| PNC | | PNC | | PNC | | PNC | | PNC | | PNC | | PNC | | PNC | | PNC | | PNC |
+-----+ +-----+ +-----+ +-----+ +-----+ +-----+ +-----+ +-----+ +-----+ +-----+
Figure 6 : Controller recursiveness Figure 4: Controller recursiveness
A key requirement for allowing recursion of MDSCs is that a single
interface needs to be defined both for the north and the south
bounds.
In order to allow for multi-domain coordination a 1:N relationship In order to allow for multi-domain coordination a 1:N relationship
must be allowed between MDSCs and between MDSCs and PNCs (i.e. 1 must be allowed between MDSCs and between MDSCs and PNCs (i.e. 1
parent MDSC and N child MDSC or 1 MDSC and N PNCs). In addition to parent MDSC and N child MDSC or 1 MDSC and N PNCs). In the case
that it could be possible to have also a M:1 relationship between where there is a hierarchy of MDSCs, the interface above the top
MDSC and PNC to allow for network resource partitioning/sharing MDSC (i.e., CMI) and the interface below the bottom MDSCs (i.e.,
among different customers not necessarily connected to the same MDSC SBI) remain the same. The recursion of MDSCs in the middle layers
(e.g. different service providers). within this hierarchy of MDSCs may take place.
3.3. Physical Network Controller In addition to that, it could also be possible to have an M:1
relationship between MDSCs and PNC to allow for network resource
partitioning/sharing among different customers not necessarily
connected to the same MDSC (e.g., different service providers).
The Physical Network Controller is the one in charge of configuring 3.3. Physical Network Controller
The Physical Network Controller (PNC) is in charge of configuring
the network elements, monitoring the physical topology of the the network elements, monitoring the physical topology of the
network and passing it, either raw or abstracted, to the MDSC. network, and passing information about the topology (either raw or
abstracted) to the MDSC.
The internal architecture of the PNC, his building blocks and the The internal architecture of the PNC, its building blocks, and the
way it controls its domain, are out of the scope of ACTN. Some way it controls its domain are out of the scope of ACTN. Some
examples can be found in the Application Based Network Operations examples can be found in the Application Based Network Operations
(ABNO) architecture [ABNO] and the ONF SDN architecture [ONF-ARCH] (ABNO) architecture [RFC7491] and the ONF SDN architecture [ONF-
ARCH]
The PNC, in addition to being in charge of controlling the physical The PNC, in addition to being in charge of controlling the physical
network, is able to implement two of the four ACTN main network, is able to implement two of the four main ACTN main
functionalities: multi domain coordination function and functions: multi domain coordination and virtualization/abstraction
virtualization/abstraction function function.
A hierarchy of PNCs can be foreseen for scalability and A hierarchy of PNCs can be foreseen for scalability and
administrative choices. administrative choices.
3.4. ACTN interfaces 3.4. ACTN Interfaces
To allow virtualization and multi domain coordination, the network To allow virtualization and multi domain coordination, the network
has to provide open, programmable interfaces, in which customer has to provide open, programmable interfaces, through which customer
applications can create, replace and modify virtual network applications can create, replace and modify virtual network
resources and services in an interactive, flexible and dynamic resources and services in an interactive, flexible and dynamic
fashion while having no impact on other customers. Direct customer fashion while having no impact on other customers. Direct customer
control of transport network elements and virtualized services is control of transport network elements and virtualized services is
not perceived as a viable proposition for transport network not perceived as a viable proposition for transport network
providers due to security and policy concerns among other reasons. providers due to security and policy concerns among other reasons.
In addition, as discussed in the previous section, the network In addition, as discussed in Section 3.3, the network control plane
control plane for transport networks has been separated from data for transport networks has been separated from the data plane and as
plane and as such it is not viable for the customer to directly such it is not viable for the customer to directly interface with
interface with transport network elements. transport network elements.
Figure 5 depicts a high-level control and interface architecture for Figure 5 depicts a high-level control and interface architecture for
ACTN. A number of key ACTN interfaces exist for deployment and ACTN. A number of key ACTN interfaces exist for deployment and
operation of ACTN-based networks. These are highlighted in Figure 5 operation of ACTN-based networks. These are highlighted in Figure 5
(ACTN Interfaces) below: (ACTN Interfaces).
.-------------- .--------------
------------- | ------------- |
| Application |-- | Application |--
------------- -------------
^ ^
| I/F A -------- | I/F A --------
v ( ) v ( )
-------------- - - -------------- - -
| Customer | ( Customer ) | Customer | ( Customer )
skipping to change at page 18, line 38 skipping to change at page 18, line 38
--------------- ( ) -------- --------------- ( ) --------
| |<----> - - ( ) | |<----> - - ( )
-------------- | ( ) - - -------------- | ( ) - -
| Physical |-- -------- ( Physical ) | Physical |-- -------- ( Physical )
| Network |<---------------------->( Network ) | Network |<---------------------->( Network )
| Controller | I/F D ( ) | Controller | I/F D ( )
-------------- - - -------------- - -
( ) ( )
-------- --------
Figure 7 : ACTN Interfaces Figure 5: ACTN Interfaces
The interfaces and functions are described below: The interfaces and functions are described below:
. Interface A: A north-bound interface (NBI) that will . Interface A: A north-bound interface (NBI) that communicates
communicate the service request or application demand. A the service request or application demand. A request includes
request will include specific service properties, including: specific service properties, including service type, topology,
services, topology, bandwidth and constraint information. bandwidth, and constraint information.
. Interface B: The CNC-MDSC Interface (CMI) is an interface . Interface B: The CNC-MDSC Interface (CMI) is an interface
between a Customer Network Controller and a Multi Service between a CNC and an MDSC. It is used to request the creation
Domain Controller. It requests the creation of the network of network resources, topology or services for the
resources, topology or services for the applications. The applications. Note that all service related information
Virtual Network Controller may also report potential network conveyed via Interface A (i.e., specific service properties,
topology availability if queried for current capability from including service type, topology, bandwidth, and constraint
the Customer Network Controller. information) needs to be transparently carried over this
interface. The MDSC may also report potential network topology
availability if queried for current capability from the CNC.
. Interface C: The MDSC-PNC Interface (MPI) is an interface . Interface C: The MDSC-PNC Interface (MPI) is an interface
between a Multi Domain Service Coordinator and a Physical between an MDSC and a PNC. It communicates the creation
Network Controller. It communicates the creation request, if requests for new connectivity or for bandwidth changes in the
required, of new connectivity of bandwidth changes in the physical network. In multi-domain environments, the MDSC needs
physical network, via the PNC. In multi-domain environments, to establish multiple MPIs, one for each PNC, as there is one
the MDSC needs to establish multiple MPIs, one for each PNC, as PNC responsible for control of each domain.
there are multiple PNCs responsible for its domain control.
. Interface D: The provisioning interface for creating forwarding . Interface D: The provisioning interface for creating forwarding
state in the physical network, requested via the Physical state in the physical network, requested via the Physical
Network Controller. Network Controller.
The interfaces within the ACTN scope are B and C. The interfaces within the ACTN scope are B and C.
4. VN creation process 4. VN Creation Process
The provider can present to the customer different level of network The provider can present different level of network abstraction to
abstraction, spanning from one extreme (say "black") where nothing the customer, spanning from one extreme (say "black") where nothing
is shown, just the APs, to the other extreme (say "white") where a except the Access Points (APs) is shown to the other extreme (say
slice of the network is shown to the customer. There are shades of "white") where an actual network topology is shown to the customer.
gray in between where a number of abstract links and nodes can be There are shades of "gray" in between where a number of abstract
shown. links and nodes can be shown.
The VN creation is composed by two phases: Negotiation and VN creation is composed of two phases: Negotiation and
Implementation. Implementation.
Negotiation: In the case of grey/white topology abstraction, there Negotiation: In the case of gray/white topology abstraction, there
is an a priori phase in which the customer agrees with the provider is an initial phase in which the customer agrees with the provider
on the type of topology to be shown, e.q. 10 virtual links and 5 on the type of topology to be shown (e.g., 10 virtual links and 5
virtual nodes with a given interconnectivity. This is something that virtual nodes) with a given interconnectivity. This is something
is assumed to be preconfigured by the operator off-line, what is that is assumed to be preconfigured by the operator off-line. What
online is the capability of modifying/deleting something (e.g. a is on-line is the capability to modify/delete something (e.g., a
virtual link). In the case of "black" abstraction this negotiation virtual link). In the case of "black" abstraction this negotiation
phase does not happen, in the sense that the customer can only see phase does not happen because there is nothing to negotiate: the
the APs of the network. customer can only see the APs of the network.
Implementation: In the case of black topology abstraction, the Implementation: In the case of black topology abstraction, the
customers can ask for connectivity with given constraints/SLA customers can ask for connectivity with given constraints/SLA
between the APs and LSPs/tunnels are created by the provider to between the APs and LSPs/tunnels created by the provider to satisfy
satisfy the request. What the customer sees is only that his CEs are the request. What the customer sees is only that his CEs are
connected with a given SLA. In the case of grey/white topology the connected with a given SLA. In the case of grey/white topology the
customer creates his own LSPs accordingly to the topology that was customer creates his own LSPs accordingly to the topology that was
presented to him. presented to him.
5. Access Points and Virtual Network Access Points 5. Access Points and Virtual Network Access Points
In order not to share unwanted topological information between the In order not to share unwanted topological information between the
customer domain and provider domain, a new entity is defined and customer domain and provider domain, a new entity is defined which
associated to an access link, the Access Point (AP). See the is referred to as the Access Point (AP). See the definition of AP in
definition of AP in Section 1.1. Section 1.1.
A customer node will use APs as the end points for the request of A customer node will use APs as the end points for the request of
VNs. VNs as shown in Figure 6.
A number of parameters need to be associated to the APs. Such
parameters need to include at least: the maximum reservable
bandwidth on the link, the available bandwidth and the link
characteristics (e.g. switching capability, type of mapping).
Editor note: it is not appropriate to define link characteristics
like bandwidth against a point (AP). A solution needs to be found.
------------- -------------
( ) ( )
- - - -
+---+ X ( ) Z +---+ +---+ X ( ) Z +---+
|CE1|---+----( )---+---|CE2| |CE1|---+----( )---+---|CE2|
+---+ | ( ) | +---+ +---+ | ( ) | +---+
AP1 - - AP2 AP1 - - AP2
( ) ( )
------------- -------------
Figure 8 : APs definition customer view Figure 6: APs definition customer view
Let's take as example a scenario in which CE1 is connected to the Let's take as an example a scenario shown in Figure 6. CE1 is
network via a 10Gb link and CE2 via a 40Gb link. Before the creation connected to the network via a 10Gb link and CE2 via a 40Gb link.
of any VN between AP1 and AP2 the customer view can be summarized as Before the creation of any VN between AP1 and AP2 the customer view
follows: can be summarized as shown in Table 1:
+-----+----------+-------------+----------+ +----------+------------------------+
|AP id| MaxResBw | AvailableBw | CE,port | |End Point | Access Link Bandwidth |
+-----+----------+-------------+----------+ +-----+----------+----------+-------------+
| AP1 | 10Gb | 10Gb |CE1,portX | |AP id| CE,port | MaxResBw | AvailableBw |
+-----+----------+-------------+----------+ +-----+----------+----------+-------------+
| AP2 | 40Gb | 40Gb |CE2,portZ | | AP1 |CE1,portX | 10Gb | 10Gb |
+-----+----------+-------------+----------+ +-----+----------+----------+-------------+
| AP2 |CE2,portZ | 40Gb | 40Gb |
+-----+----------+----------+-------------+
Table 1: AP - customer view Table 1: AP - customer view
On the other side what the provider sees is: On the other hand, what the provider sees is shown in Figure 7.
------- ------- ------- -------
( ) ( ) ( ) ( )
- - - - - - - -
W (+---+ ) ( +---+) Y W (+---+ ) ( +---+) Y
-+---( |PE1| Dom.X )----( Dom.Y |PE2| )---+- -+---( |PE1| Dom.X )----( Dom.Y |PE2| )---+-
| (+---+ ) ( +---+) | | (+---+ ) ( +---+) |
AP1 - - - - AP2 AP1 - - - - AP2
( ) ( ) ( ) ( )
------- ------- ------- -------
Figure 9 : Provider view of the AP Figure 7: Provider view of the AP
Which in the example above ends up in a summarization as follows: Which results in a summarization as shown in Table 2.
+-----+----------+-------------+----------+ +----------+------------------------+
|AP id| MaxResBw | AvailableBw | PE,port | |End Point | Access Link Bandwidth |
+-----+----------+-------------+----------+ +-----+----------+----------+-------------+
| AP1 | 10Gb | 10Gb |PE1,portW | |AP id| PE,port | MaxResBw | AvailableBw |
+-----+----------+-------------+----------+ +-----+----------+----------+-------------+
| AP2 | 40Gb | 40Gb |PE2,portY | | AP1 |PE1,portW | 10Gb | 10Gb |
+-----+----------+-------------+----------+ +-----+----------+----------+-------------+
| AP2 |PE2,portY | 40Gb | 40Gb |
+-----+----------+----------+-------------+
Table 2: AP - provider view Table 2: AP - provider view
The second entity that needs to be defined is a structure within the A Virtual Network Access Point (VNAP) needs to be defined as binding
AP that is linked to a VN and that is used to allow for different VN between the AP that is linked to a VN and that is used to allow for
to be provided starting from the same AP. It also allows reserving different VNs to start from the same AP. It also allows for traffic
the bandwidth for the VN on the access link. Such entity is called engineering on the access and/or inter-domain links (e.g., keeping
Virtual Network Access Point. For each virtual network is defined on track of bandwidth allocation). A different VNAP is created on an AP
an AP, a different VNAP is created. for each VN.
In the simple scenario depicted above we suppose to create two In the simple scenario depicted above we suppose we want to create
virtual networks. The first one has with VN identifier 9 between AP1 two virtual networks. The first with VN identifier 9 between AP1 and
and AP2 with and bandwidth of 1Gbps, while the second one with VN id AP2 with bandwidth of 1Gbps, while the second with VN id 5, again
5, again between AP1 and AP2 and bandwidth 2Gbps. between AP1 and AP2 and with bandwidth 2Gbps.
The customer view would evolve as follows: The provider view would evolve as shown in Table 3.
+---------+----------+-------------+----------+ +----------+------------------------+
|AP/VNAPid| MaxResBw | AvailableBw | PE,port | |End Point | Access Link/VNAP Bw |
+---------+----------+-------------+----------+ +---------+----------+----------+-------------+
|AP1 | 10Gbps | 7Gbps |PE1,portW | |AP/VNAPid| PE,port | MaxResBw | AvailableBw |
| -VNAP1.9| 1Gbps | N.A. | | +---------+----------+----------+-------------+
| -VNAP1.5| 2Gbps | N.A | | |AP1 |PE1,portW | 10Gbps | 7Gbps |
+---------+----------+-------------+----------+ | -VNAP1.9| | 1Gbps | N.A. |
|AP2 | 40Gb | 37Gb |PE2,portY | | -VNAP1.5| | 2Gbps | N.A |
| -VNAP2.9| 1Gbps | N.A. | | +---------+----------+----------+-------------+
| -VNAP2.5| 2Gbps | N.A | | |AP2 |PE2,portY | 40Gbps | 37Gbps |
+---------+----------+-------------+----------+ | -VNAP2.9| | 1Gbps | N.A. |
| -VNAP2.5| | 2Gbps | N.A |
+---------+----------+----------+-------------+
Table 3: AP and VNAP - provider view after VN creation Table 3: AP and VNAP - provider view after VN creation
5.1. Dual homing scenario 5.1. Dual homing scenario
Often there is a dual homing relationship between a CE and a pair of Often there is a dual homing relationship between a CE and a pair of
PE. This case needs to be supported also by the definition of VN, AP PEs. This case needs to be supported by the definition of VN, APs
and VNAP. Suppose to have CE1 connected to two different PE in the and VNAPs. Suppose CE1 connected to two different PEs in the
operator domain via AP1 and AP2 and the customer needing 5Gbps of operator domain via AP1 and AP2 and that the customer needs 5Gbps of
bandwidth between CE1 and CE2. bandwidth between CE1 and CE2. This is shown in Figure 8.
AP1 -------------- AP3 ____________
-------(PE1) (PE3) ------- AP1 ( ) AP3
W / - - \X -------(PE1) (PE3)-------
+---+ / ( ) \ +---+ W/ ( ) \X
|CE1| ( ) |CE2| +---+/ ( ) \+---+
+---+ \ ( ) / +---+ |CE1| ( ) |CE2|
Y \ - - /Z +---+\ ( ) /+---+
-------(PE2) (PE4) ------- Y\ ( ) /Z
AP2 -------------- AP4 -------(PE2) (PE4)-------
AP2 (____________)
Figure 10 : Dual homing scenario Figure 8: Dual homing scenario
In this case the customer will request for a VN between AP1, AP2 and In this case, the customer will request for a VN between AP1, AP2
AP3 specifying a dual homing relationship between AP1 and AP2. As a and AP3 specifying a dual homing relationship between AP1 and AP2.
consequence no traffic will be flowing between AP1 and AP2. The dual As a consequence no traffic will flow between AP1 and AP2. The dual
homing relationship would then be mapped against the VNAPs (since homing relationship would then be mapped against the VNAPs (since
other independent VNs might have AP1 and AP2 as end points). other independent VNs might have AP1 and AP2 as end points).
The customer view would be as follows: The customer view would be shown in Table 4.
+---------+----------+-------------+----------+-----------+ +----------+------------------------+
|AP/VNAPid| MaxResBw | AvailableBw | CE,port |Dual Homing| |End Point | Access Link/VNAP Bw |
+---------+----------+-------------+----------+-----------+ +---------+----------+----------+-------------+-----------+
|AP1 | 10Gbps | 5Gbps |CE1,portW | | |AP/VNAPid| CE,port | MaxResBw | AvailableBw |Dual Homing|
| -VNAP1.9| 5Gbps | N.A. | | VNAP2.9 | +---------+----------+----------+-------------+-----------+
+---------+----------+-------------+----------+-----------+ |AP1 |CE1,portW | 10Gbps | 5Gbps | |
|AP2 | 40Gbps | 35Gbps |CE1,portY | | | -VNAP1.9| | 5Gbps | N.A. | VNAP2.9 |
| -VNAP2.9| 5Gbps | N.A. | | VNAP1.9 | +---------+----------+----------+-------------+-----------+
+---------+----------+-------------+----------+-----------+ |AP2 |CE1,portY | 40Gbps | 35Gbps | |
|AP3 | 40Gbps | 35Gbps |CE2,portZ | | | -VNAP2.9| | 5Gbps | N.A. | VNAP1.9 |
| -VNAP3.9| 5Gbps | N.A. | | NONE | +---------+----------+----------+-------------+-----------+
+---------+----------+-------------+----------+-----------+ |AP3 |CE2,portX | 40Gbps | 35Gbps | |
| -VNAP3.9| | 5Gbps | N.A. | NONE |
+---------+----------+----------+-------------+-----------+
Table 4: Dual homing - customer view after VN creation Table 4: Dual homing - customer view after VN creation
6. End point selection & mobility 6. End Point Selection and Mobility
Virtual networks could be used as the infrastructure to connect a Virtual networks could be used as the infrastructure to connect a
number of sites of a customer among them or to provide connectivity number of sites belonging to a customer or to provide connectivity
between customer sites and virtualized network functions (VNF) like between customer sites and Virtualized Network Functions (VNF) such
for example virtualized firewall, vBNG, storage, computational as virtualized firewalls, virtual Broadband Network Gateway (vBNG),
functions. storage, or computational functions.
6.1. End point selection & mobility 6.1. End Point Selection
A VNF could be deployed in different places (e.g. data centers A, B A VNF could be deployed in different places (e.g., data centers A,
or C in figure below) but the VNF provider (=ACTN customer) doesn't B, or C in Figure 9), but the VNF provider (that is, the ACTN
know which is the best site where to install the VNF from a network customer) doesn't know which is the best site in which to install
point of view (e.g. latency). For example it is possible to compute the VNF from a network point of view (e.g., to optimize for low
the path minimizing the delay between AP1 and AP2, but the customer latency). For example, it is possible to compute a path minimizing
doesn't know a priori if the path with minimum delay is towards A, B the delay between AP1 and AP2, but the customer doesn't know if the
or C. path with minimum delay is towards DC-A, DC-B, or DC-C.
------- ------- ------- -------
( ) ( ) ( ) ( )
- - - - - - - -
+---+ ( ) ( ) +----+ +---+ ( ) ( ) +----+
|CE1|---+----( Domain X )----( Domain Y )---+---|DC-A| |CE1|---+----( Domain X )----( Domain Y )---+---|DC-A|
+---+ | ( ) ( ) | +----+ +---+ | ( ) ( ) | +----+
AP1 - - - - AP2 AP1 - - - - AP2
( ) ( ) ( ) ( )
---+--- ---+--- ---+--- ---+---
AP3 | AP4 | AP3 | AP4 |
+----+ +----+ +----+ +----+
|DC-B| |DC-C| |DC-B| |DC-C|
+----+ +----+ +----+ +----+
Figure 11 : End point selection Figure 9: End point selection
In this case the VNF provider (=ACTN customer) should be allowed to In this case the VNF provider (that is, the ACTN customer) should be
ask for a VN between AP1 and a set of end points. The list of end allowed to ask for a VN between AP1 and a set of end points. The
points is provided by the VNF provider. When the end point is list of end points is supplied by the VNF provider. When the end
identified the connectivity can be instantiated and a notification point is identified the connectivity can be instantiated and a
can be sent to the VNF provider for the instantiation of the VNF. notification can be sent to the VNF provider for the instantiation
of the VNF.
6.2. Preplanned end point migration 6.2. Pre-Planned End Point Migration
A premium SLA for VNF service provisioning consists on the offering A premium SLA for VNF service provisioning consists of offering of a
of a protected VNF instantiated on two or more sites and with a hot protected VNF instantiated on two or more sites and with a hot
stand-by protection mechanism. In this case the VN should be stand-by protection mechanism. In this case the VN should be
provided so to switch from one end point to another upon a trigger provided so as to switch from one end point to another upon a
from the VNF provider or an automatic failure detection mechanism. trigger from the VNF provider or from an automatic failure detection
An example is provided in figure below where the request from the mechanism. An example is provided in Figure 10 where the request
VNF provider is for connectivity with given constraint and from the VNF provider is for connectivity with resiliency between
resiliency between CE1 and a VNF with primary installation in DC-A CE1 and a VNF with primary instantiation in DC-A and a protection
and a protection in DC-C. instance in DC-C.
------- ------- ------- -------
( ) ( ) ( ) ( )
- - __ - - - - __ - -
+---+ ( ) ( ) +----+ +---+ ( ) ( ) +----+
|CE1|---+----( Domain X )----( Domain Y )---+---|DC-A| |CE1|---+----( Domain X )----( Domain Y )---+---|DC-A|
+---+ | ( ) ( ) | +----+ +---+ | ( ) ( ) | +----+
AP1 - - - - AP2 | AP1 - - - - AP2 |
( ) ( ) | ( ) ( ) |
---+--- ---+--- | ---+--- ---+--- |
AP3 | AP4 | HOT STANDBY AP3 | AP4 | HOT STANDBY
+----+ | +----+ |
|DC-C|<------------- |DC-C|<-------------
+----+ +----+
Figure 12 : Preplanned endpoint migration Figure 10: Preplanned endpoint migration
6.3. On the fly end point migration 6.3. On the Fly End Point Migration
The one the fly end point migration concept is very similar to the On the fly end point migration concept is similar to the end point
end point selection one. The idea is to give the provider not only selection one. The idea is to give the provider not only the list of
the list of sites where the VNF can be installed, but also a sites where the VNF can be installed, but also a mechanism to notify
mechanism to notify changes in the network that have impacts on the changes in the network that have impacts on the SLA. After an
SLA. After an handshake with the customer controller/applications, handshake with the customer controller/applications, the bandwidth
the bandwidth in network would be moved accordingly with the moving in network would be moved accordingly with the moving of the VNFs.
of the VNFs.
7. Security 7. Manageability Considerations
TBD The objective of ACTN is to manage traffic engineered resources, and
provide a set of mechanism to allow clients to request virtual
connectivity across server network resources. ACTN will support
multiple clients each with its own view of and control of the server
network, the network operator will need to partition (or "slice")
their network resources, and manage them resources accordingly.
8. References The ACTN platform will, itself, need to support the request,
response, and reservations of client and network layer connectivity.
It will also need to provide performance monitoring and control of
traffic engineered resources. The management requirements may be
categorized as follows:
8.1. Informative References . Management of external ACTN protocols
. Management of internal ACTN protocols
. Management and monitoring of ACTN components
. Configuration of policy to be applied across the ACTN system
[PCE] Farrel, A., Vasseur, J.-P., and J. Ash, "A Path 7.1. Policy
Computation Element (PCE)-Based Architecture", IETF RFC
4655, August 2006. It is expected that a policy will be an important aspect of ACTN
control and management. Typically, policies are used via the
components and interfaces, during deployment of the service, to
ensure that the service is compliant with agreed policy factors
(often described in Service Level Agreements - SLAs), these include,
but are not limited to: connectivity, bandwidth, geographical
transit, technology selection, security, resilience, and economic
cost.
Depending on the deployment the ACTN deployment architecture, some
policies may have local or global significance. That is, certain
policies may be ACTN component specific in scope, while others may
have broader scope and interact with multiple ACTN components. Two
examples are provided below:
. A local policy might limit the number, type, size, and
scheduling of virtual network services a customer may request
via its CNC. This type of policy would be implemented locally on
the MDSC.
. A global policy might constrain certain customer types (or
specific customer applications) to only use certain MDSCs, and
be restricted to physical network types managed by the PNCs. A
global policy agent would govern these types of policies.
This objective of this section is to discuss the applicability of
ACTN policy: requirements, components, interfaces, and examples.
This section provides an analysis and does not mandate a specific
method for enforcing policy, or the type of policy agent that would
be responsible for propagating policies across the ACTN components.
It does highlight examples of how policy may be applied in the
context of ACTN, but it is expected further discussion in an
applicability or solution specific document, will be required.
7.2. Policy applied to the Customer Network Controller
A virtual network service for a customer application will be
requested from the CNC. It will reflect the application requirements
and specific service policy needs, including bandwidth, traffic type
and survivability. Furthermore, application access and type of
virtual network service requested by the CNC, will be need adhere to
specific access control policies.
7.3. Policy applied to the Multi Domain Service Coordinator
A key objective of the MDSC is to help the customer express the
application connectivity request via its CNC as set of desired
business needs, therefore policy will play an important role.
Once authorised, the virtual network service will be instantiated
via the CNC-MDSC Interface (CMI), it will reflect the customer
application and connectivity requirements, and specific service
transport needs. The CNC and the MDSC components will have agreed
connectivity end-points, use of these end-points should be defined
as a policy expression when setting up or augmenting virtual network
services. Ensuring that permissible end-points are defined for CNCs
and applications will require the MDSC to maintain a registry of
permissible connection points for CNCs and application types.
It may also be necessary for the MDSC to resolve policy conflicts,
or at least flag any issues to administrator of the MDSC itself.
Conflicts may occur when virtual network service optimisation
criterion are in competition. For example, to meet objectives for
service reachability a request may require an interconnection point
between multiple physical networks; however, this might break a
confidentially policy requirement of specific type of end-to-end
service. This type of situation may be resolved using hard and soft
policy constraints.
7.4. Policy applied to the Physical Network Controller
The PNC is responsible for configuring the network elements,
monitoring physical network resources, and exposing connectivity
(direct or abstracted) to the MDSC. It is therefore expected that
policy will dictate what connectivity information will be exported
between the PNC, via the MDSC-PNC Interface (MPI), and MDSC.
Policy interactions may arise when a PNC determines that it cannot
compute a requested path from the MDSC, or notices that (per a
locally configured policy) the network is low on resources (for
example, the capacity on key links become exhausted). In either
case, the PNC will be required to notify the MDSC, which may (again
per policy) act to construct a virtual network service across
another physical network topology.
Furthermore, additional forms of policy-based resource management
will be required to provide virtual network service performance,
security and resilience guarantees. This will likely be implemented
via a local policy agent and subsequent protocol methods.
8. Security Considerations
The ACTN framework described in this document defines key components
and interfaces for managed traffic engineered networks. Securing the
request and control of resources, confidentially of the information,
and availability of function, should all be critical security
considerations when deploying and operating ACTN platforms.
Several distributed ACTN functional components are required, and as
a rule implementations should consider encrypting data that flow
between components, especially when they are implemented at remote
nodes, regardless if these are external or internal network
interfaces.
The ACTN security discussion is further split into three specific
categories described in the following sub-sections:
. Interface between the Application and Customer Network
Controller (CNC)
. Interface between the Customer Network Controller and Multi
Domain Service Coordinator (MDSC), CNC-MDSC Interface (CMI)
. Interface between the Multi Domain Service Coordinator and
Physical Network Controller (PNC), MDSC-PNC Interface (MPI)
From a security and reliability perspective, ACTN may encounter many
risks such as malicious attack and rogue elements attempting to
connect to various ACTN components. Furthermore, some ACTN
components represent a single point of failure and threat vector,
and must also manage policy conflicts, and eavesdropping of
communication between different ACTN components.
The conclusion is that all protocols used to realize the ACTN
framework should have rich security features, and customer,
application and network data should be stored in encrypted data
stores. Additional security risks may still exist. Therefore,
discussion and applicability of specific security functions and
protocols will be better described in documents that are use case
and environment specific.
8.1. Interface between the Application and Customer Network Controller
(CNC)
This is the external interface between the application and CNC. The
application request for virtual network service connectivity may
also contain data about the application, requested network
connectivity and the service that is eventually delivered to the
customer. It is likely to use external protocols and must be
appropriately secured using session encryption.
As highlighted in the policy section (see Section 7), it may be
necessary to enable different policies based on identity, and to
manage the application requests of virtual network services. Since
access will be largely be through external protocols, and
potentially across the public Internet, AAA-based controls should
also be used.
Several additional challenges face the CNC, as the Application to
CNC interface will be used by multiple applications. These include:
. A need to verify the credibility of customer applications.
. Malicious applications may tamper with or perform unauthorized
operations, such as obtaining sensitive information, obtaining
higher rights, or request changes to existing virtual network
services.
. The ability to recognize and respond to spoofing attacks or
buffer overflow attacks will also need to be considered.
8.2. Interface between the Customer Network Controller and Multi Domain
Service Coordinator (MDSC), CNC-MDSC Interface (CMI)
The role of the MDSC is to detach the network and service control
from underlying technology to help the customer express the network
as desired by business needs. It should be noted that data stored by
the MDSC will reveal details of the virtual network services, and
which CNC and application is consuming the resource. The data stored
must therefore be considered as a candidate for encryption.
CNC Access rights to an MDSC must be managed. MDSC resources must be
properly allocated, and methods to prevent policy conflicts,
resource wastage and denial of service attacks on the MDSC by rogue
CNCs, should also be considered.
A CNC-MDSC protocol interface will likely be an external protocol
interface. Again, suitable authentication and authorization of each
CNC connecting to the MDSC will be required, especially, as these
are likely to be implemented by different organisations and on
separate functional nodes. Use of the AAA-based mechanisms would
also provide role-based authorization methods, so that only
authorized CNC's may access the different functions of the MDSC.
8.3. Interface between the Multi Domain Service Coordinator and
Physical Network Controller (PNC), MDSC-PNC Interface (MPI)
The function of the Physical Network Controller (PNC) is to
configure network elements, provide performance and monitoring
functions of the physical elements, and export physical topology
(full, partial, or abstracted) to the MDSC.
Where the MDSC must interact with multiple (distributed) PNCs, a
PKI-based mechanism is suggested, such as building a TLS or HTTPS
connection between the MDSC and PNCs, to ensure trust between the
physical network layer control components and the MDSC.
Which MDSC the PNC exports topology information to, and the level of
detail (full or abstracted) should also be authenticated and
specific access restrictions and topology views, should be
configurable and/or policy-based.
9. References
9.1. Informative References
[RFC2702] Awduche, D., et. al., "Requirements for Traffic
Engineering Over MPLS", RFC 2702, September 1999.
[RFC4026] L. Andersson, T. Madsen, "Provider Provisioned Virtual [RFC4026] L. Andersson, T. Madsen, "Provider Provisioned Virtual
Private Network (VPN) Terminology", RFC 4026, March 2005. Private Network (VPN) Terminology", RFC 4026, March 2005.
[RFC4208] G. Swallow, J. Drake, H.Ishimatsu, Y. Rekhter, [RFC4208] G. Swallow, J. Drake, H.Ishimatsu, Y. Rekhter,
"Generalized Multiprotocol Label Switching (GMPLS) User- "Generalized Multiprotocol Label Switching (GMPLS) User-
Network Interface (UNI): Resource ReserVation Protocol- Network Interface (UNI): Resource ReserVation Protocol-
Traffic Engineering (RSVP-TE) Support for the Overlay Traffic Engineering (RSVP-TE) Support for the Overlay
Model", RFC 4208, October 2005. Model", RFC 4208, October 2005.
[RFC4655] Farrel, A., Vasseur, J.-P., and J. Ash, "A Path
Computation Element (PCE)-Based Architecture", IETF RFC
4655, August 2006.
[RFC5654] Niven-Jenkins, B. (Ed.), D. Brungard (Ed.), and M. Betts
(Ed.), "Requirements of an MPLS Transport Profile", RFC
5654, September 2009.
[RFC7149] Boucadair, M. and Jacquenet, C., "Software-Defined
Networking: A Perspective from within a Service Provider
Environment", RFC 7149, March 2014.
[RFC7926] A. Farrel (Ed.), "Problem Statement and Architecture for [RFC7926] A. Farrel (Ed.), "Problem Statement and Architecture for
Information Exchange between Interconnected Traffic- Information Exchange between Interconnected Traffic-
Engineered Networks", RFC 7926, July 2016. Engineered Networks", RFC 7926, July 2016.
[PCE-S] Crabbe, E, et. al., "PCEP extension for stateful
PCE",draft-ietf-pce-stateful-pce, work in progress.
[GMPLS] Manning, E., et al., "Generalized Multi-Protocol Label [GMPLS] Manning, E., et al., "Generalized Multi-Protocol Label
Switching (GMPLS) Architecture", RFC 3945, October 2004. Switching (GMPLS) Architecture", RFC 3945, October 2004.
[NFV-AF] "Network Functions Virtualization (NFV); Architectural [ONF-ARCH] Open Networking Foundation, "OpenFlow Switch
Framework", ETSI GS NFV 002 v1.1.1, October 2013. Specification Version 1.4.0 (Wire Protocol 0x05)", October
2013.
[ACTN-PS] Y. Lee, D. King, M. Boucadair, R. Jing, L. Contreras
Murillo, "Problem Statement for Abstraction and Control of
Transport Networks", draft-leeking-actn-problem-statement,
work in progress.
[ONF] Open Networking Foundation, "OpenFlow Switch Specification
Version 1.4.0 (Wire Protocol 0x05)", October 2013.
[TE-INFO] A. Farrel, Editor, "Problem Statement and Architecture for
Information Exchange Between Interconnected Traffic
Engineered Networks", draft-ietf-teas-interconnected-te-
info-exchange, work in progress.
[ABNO] King, D., and Farrel, A., "A PCE-based Architecture for
Application-based Network Operations", draft-farrkingel-
pce-abno-architecture, work in progress.
[ACTN-Info] Y. Lee, S. Belotti, D. Dhody, "Information Model for
Abstraction and Control of Transport Networks", draft-
leebelotti-teas-actn-info, work in progress.
[Cheng] W. Cheng, et. al., "ACTN Use-cases for Packet Transport
Networks in Mobile Backhaul Networks", draft-cheng-actn-
ptn-requirements, work in progress.
[Dhody] D. Dhody, et. al., "Packet Optical Integration (POI) Use
Cases for Abstraction and Control of Transport Networks
(ACTN)", draft-dhody-actn-poi-use-case, work in progress.
[Fang] L. Fang, "ACTN Use Case for Multi-domain Data Center
Interconnect", draft-fang-actn-multidomain-dci, work in
progress.
[Klee] K. Lee, H. Lee, R. Vilata, V. Lopez, "ACTN Use-case for On-
demand E2E Connectivity Services in Multiple Vendor Domain
Transport Networks", draft-klee-actn-connectivity-multi-
vendor-domains, work in progress.
[Kumaki] K. Kumaki, T. Miyasaka, "ACTN : Use case for Multi Tenant [RFC7491] King, D., and Farrel, A., "A PCE-based Architecture for
VNO ", draft-kumaki-actn-multitenant-vno, work in Application-based Network Operations", RFC 7491, March
progress. 2015.
[Lopez] D. Lopez (Ed), "ACTN Use-case for Virtual Network Operation 10. Contributors
for Multiple Domains in a Single Operator Network", draft-
lopez-actn-vno-multidomains, work in progress.
[Shin] J. Shin, R. Hwang, J. Lee, "ACTN Use-case for Mobile Virtual Adrian Farrel
Network Operation for Multiple Domains in a Single Old Dog Consulting
Operator Network", draft-shin-actn-mvno-multi-domain, work Email: adrian@olddog.co.uk
in progress.
[Xu] Y. Xu, et. al., "Use Cases and Requirements of Dynamic Service Italo Bush
Control based on Performance Monitoring in ACTN Huawei
Architecture", draft-xu-actn-perf-dynamic-service-control, Email: Italo.Busi@huawei.com
work in progress.
9. Contributors Khuzema Pithewan
Infinera
Email: kpithewan@infinera.com
Authors' Addresses Authors' Addresses
Daniele Ceccarelli (Editor) Daniele Ceccarelli (Editor)
Ericsson Ericsson
Torshamnsgatan,48 Torshamnsgatan,48
Stockholm, Sweden Stockholm, Sweden
Email: daniele.ceccarelli@ericsson.com Email: daniele.ceccarelli@ericsson.com
Young Lee (Editor) Young Lee (Editor)
Huawei Technologies Huawei Technologies
5340 Legacy Drive 5340 Legacy Drive
Plano, TX 75023, USA Plano, TX 75023, USA
Phone: (469)277-5838 Phone: (469)277-5838
Email: leeyoung@huawei.com Email: leeyoung@huawei.com
Luyuan Fang Luyuan Fang
Microsoft
Email: luyuanf@gmail.com Email: luyuanf@gmail.com
Diego Lopez Diego Lopez
Telefonica I+D Telefonica I+D
Don Ramon de la Cruz, 82 Don Ramon de la Cruz, 82
28006 Madrid, Spain 28006 Madrid, Spain
Email: diego@tid.es Email: diego@tid.es
Sergio Belotti Sergio Belotti
Alcatel Lucent Alcatel Lucent
Via Trento, 30 Via Trento, 30
Vimercate, Italy Vimercate, Italy
Email: sergio.belotti@alcatel-lucent.com Email: sergio.belotti@nokia.com
Daniel King Daniel King
Lancaster University Lancaster University
Email: d.king@lancaster.ac.uk Email: d.king@lancaster.ac.uk
Dhruv Dhoddy Dhruv Dhoddy
Huawei Technologies Huawei Technologies
dhruv.ietf@gmail.com dhruv.ietf@gmail.com
Gert Grammel Gert Grammel
Juniper Networks Juniper Networks
 End of changes. 155 change blocks. 
622 lines changed or deleted 842 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/