idnits 2.17.00 (12 Aug 2021) /tmp/idnits7566/draft-ietf-pce-binding-label-sid-10.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (July 8, 2021) is 317 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: draft-ietf-pce-pcep-extension-for-pce-controller has been published as RFC 9050 == Outdated reference: A later version (-13) exists of draft-ietf-pce-segment-routing-ipv6-09 == Outdated reference: A later version (-22) exists of draft-ietf-spring-segment-routing-policy-11 == Outdated reference: A later version (-18) exists of draft-ietf-pce-pcep-yang-16 Summary: 0 errors (**), 0 flaws (~~), 5 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 PCE Working Group S. Sivabalan 3 Internet-Draft Ciena Corporation 4 Intended status: Standards Track C. Filsfils 5 Expires: January 9, 2022 Cisco Systems, Inc. 6 J. Tantsura 7 Microsoft Corporation 8 S. Previdi 9 C. Li, Ed. 10 Huawei Technologies 11 July 8, 2021 13 Carrying Binding Label/Segment Identifier in PCE-based Networks. 14 draft-ietf-pce-binding-label-sid-10 16 Abstract 18 In order to provide greater scalability, network confidentiality, and 19 service independence, Segment Routing (SR) utilizes a Binding Segment 20 Identifier (BSID). It is possible to associate a BSID to an RSVP-TE- 21 signaled Traffic Engineering Label Switched Path or an SR Traffic 22 Engineering path. The BSID can be used by an upstream node for 23 steering traffic into the appropriate TE path to enforce SR policies. 24 This document specifies the binding value as an MPLS label or Segment 25 Identifier. It further specifies an approach for reporting binding 26 label/SID by a Path Computation Client (PCC) to the Path Computation 27 Element (PCE) to support PCE-based Traffic Engineering policies. 29 Status of This Memo 31 This Internet-Draft is submitted in full conformance with the 32 provisions of BCP 78 and BCP 79. 34 Internet-Drafts are working documents of the Internet Engineering 35 Task Force (IETF). Note that other groups may also distribute 36 working documents as Internet-Drafts. The list of current Internet- 37 Drafts is at https://datatracker.ietf.org/drafts/current/. 39 Internet-Drafts are draft documents valid for a maximum of six months 40 and may be updated, replaced, or obsoleted by other documents at any 41 time. It is inappropriate to use Internet-Drafts as reference 42 material or to cite them other than as "work in progress." 44 This Internet-Draft will expire on January 9, 2022. 46 Copyright Notice 48 Copyright (c) 2021 IETF Trust and the persons identified as the 49 document authors. All rights reserved. 51 This document is subject to BCP 78 and the IETF Trust's Legal 52 Provisions Relating to IETF Documents 53 (https://trustee.ietf.org/license-info) in effect on the date of 54 publication of this document. Please review these documents 55 carefully, as they describe your rights and restrictions with respect 56 to this document. Code Components extracted from this document must 57 include Simplified BSD License text as described in Section 4.e of 58 the Trust Legal Provisions and are provided without warranty as 59 described in the Simplified BSD License. 61 Table of Contents 63 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 64 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 5 65 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 66 4. Path Binding TLV . . . . . . . . . . . . . . . . . . . . . . 5 67 4.1. SRv6 Endpoint Behavior and SID Structure . . . . . . . . 7 68 5. Operation . . . . . . . . . . . . . . . . . . . . . . . . . . 8 69 6. Binding SID in SR-ERO . . . . . . . . . . . . . . . . . . . . 10 70 7. Binding SID in SRv6-ERO . . . . . . . . . . . . . . . . . . . 11 71 8. PCE Allocation of Binding label/SID . . . . . . . . . . . . . 11 72 9. Implementation Status . . . . . . . . . . . . . . . . . . . . 13 73 9.1. Huawei . . . . . . . . . . . . . . . . . . . . . . . . . 13 74 9.2. Cisco . . . . . . . . . . . . . . . . . . . . . . . . . . 13 75 10. Security Considerations . . . . . . . . . . . . . . . . . . . 14 76 11. Manageability Considerations . . . . . . . . . . . . . . . . 14 77 11.1. Control of Function and Policy . . . . . . . . . . . . . 14 78 11.2. Information and Data Models . . . . . . . . . . . . . . 14 79 11.3. Liveness Detection and Monitoring . . . . . . . . . . . 15 80 11.4. Verify Correct Operations . . . . . . . . . . . . . . . 15 81 11.5. Requirements On Other Protocols . . . . . . . . . . . . 15 82 11.6. Impact On Network Operations . . . . . . . . . . . . . . 15 83 12. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15 84 12.1. PCEP TLV Type Indicators . . . . . . . . . . . . . . . . 15 85 12.1.1. TE-PATH-BINDING TLV . . . . . . . . . . . . . . . . 15 86 12.2. LSP Object . . . . . . . . . . . . . . . . . . . . . . . 16 87 12.3. PCEP Error Type and Value . . . . . . . . . . . . . . . 16 88 13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 17 89 14. References . . . . . . . . . . . . . . . . . . . . . . . . . 17 90 14.1. Normative References . . . . . . . . . . . . . . . . . . 17 91 14.2. Informative References . . . . . . . . . . . . . . . . . 19 92 Appendix A. Contributor Addresses . . . . . . . . . . . . . . . 20 93 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 20 95 1. Introduction 97 A Path Computation Element (PCE) can compute Traffic Engineering 98 paths (TE paths) through a network where those paths are subject to 99 various constraints. Currently, TE paths are set up using either the 100 RSVP-TE signaling protocol or Segment Routing (SR). We refer to such 101 paths as RSVP-TE paths and SR-TE paths respectively in this document. 103 As per [RFC8402] SR allows a head-end node to steer a packet flow 104 along any path. The head-end node is said to steer a flow into a 105 Segment Routing Policy (SR Policy). Further, as per 106 [I-D.ietf-spring-segment-routing-policy], an SR Policy is a framework 107 that enables the instantiation of an ordered list of segments on a 108 node for implementing a source routing policy with a specific intent 109 for traffic steering from that node. 111 As described in [RFC8402], a Binding Segment Identifier (BSID) is 112 bound to a Segment Routing (SR) Policy, instantiation of which may 113 involve a list of SIDs. Any packets received with an active segment 114 equal to a BSID are steered onto the bound SR Policy. A BSID may be 115 either a local (SR Local Block (SRLB)) or a global (SR Global Block 116 (SRGB)) SID. As per Section 6.4 of 117 [I-D.ietf-spring-segment-routing-policy] a BSID can also be 118 associated with any type of interface or tunnel to enable the use of 119 a non-SR interface or tunnel as a segment in a SID list. In this 120 document, binding label/SID is used to generalize the allocation of 121 binding value for both SR and non-SR paths. 123 [RFC5440] describes the PCE communication Protocol(PCEP) for 124 communication between a Path Computation Client (PCC) and a PCE or 125 between a pair of PCEs as per [RFC4655]. [RFC8231] specifies 126 extensions to PCEP that allow a PCC to delegate its Label Switched 127 Paths (LSPs) to a stateful PCE. A stateful PCE can then update the 128 state of LSPs delegated to it. [RFC8281] specifies a mechanism 129 allowing a PCE to dynamically instantiate an LSP on a PCC by sending 130 the path and characteristics. 132 [RFC8664] provides a mechanism for a PCE (acting as a network 133 controller) to instantiate SR-TE paths (candidate paths) for an SR 134 Policy onto a head-end node (acting as a PCC) using PCEP. For more 135 information on the SR Policy Architecture, see 136 [I-D.ietf-spring-segment-routing-policy]. 138 A binding label/SID has local significance to the ingress node of the 139 corresponding TE path. When a stateful PCE is deployed for setting 140 up TE paths, it may be desirable for PCC to report the binding label/ 141 SID to the stateful PCE for the purpose of enforcing end-to-end TE/SR 142 policy. A sample Data Center (DC) use-case is illustrated in the 143 Figure 1. In the MPLS DC network, an SR LSP (without traffic 144 engineering) is established using a prefix SID advertised by BGP (see 145 [RFC8669]). In the IP/MPLS WAN, an SR-TE LSP is set up using the 146 PCE. The list of SIDs of the SR-TE LSP is {A, B, C, D}. The gateway 147 node 1 (which is the PCC) allocates a binding SID X and reports it to 148 the PCE. In order for the access node to steer the traffic over the 149 SR-TE LSP, the PCE passes the SID stack {Y, X} where Y is the prefix 150 SID of the gateway node-1 to the access node. In the absence of the 151 binding SID X, the PCE should pass the SID stack {Y, A, B, C, D} to 152 the access node. This example also illustrates the additional 153 benefit of using the binding SID to reduce the number of SIDs imposed 154 on the access nodes with a limited forwarding capacity. 156 SID stack 157 {Y, X} +-----+ 158 _ _ _ _ _ _ _ _ _ _ _ _ _ _| PCE | 159 | +-----+ 160 | ^ 161 | | Binding 162 | .-----. | SID (X) .-----. 163 | ( ) | ( ) 164 V .--( )--. | .--( )--. 165 +------+ ( ) +-------+ ( ) +-------+ 166 |Access|_( MPLS DC Network )_|Gateway|_( IP/MPLS WAN )_|Gateway| 167 | Node | ( ==============> ) |Node-1 | ( ================> ) |Node-2 | 168 +------+ ( SR path ) +-------+ ( SR-TE path ) +-------+ 169 '--( )--' Prefix '--( )--' 170 ( ) SID of ( ) 171 '-----' Node-1 '-----' 172 is Y SIDs for SR-TE LSP: 173 {A, B, C, D} 175 Figure 1: A sample Use-case of Binding SID 177 A PCC could report to the stateful PCE the binding label/SID it 178 allocated via a Path Computation LSP State Report (PCRpt) message. 179 It is also possible for a stateful PCE to request a PCC to allocate a 180 specific binding label/SID by sending a Path Computation LSP Update 181 Request (PCUpd) message. If the PCC can successfully allocate the 182 specified binding value, it reports the binding value to the PCE. 183 Otherwise, the PCC sends an error message to the PCE indicating the 184 cause of the failure. A local policy or configuration at the PCC 185 SHOULD dictate if the binding label/SID needs to be assigned. 187 In this document, we introduce a new OPTIONAL TLV that a PCC can use 188 in order to report the binding label/SID associated with a TE LSP, or 189 a PCE to request a PCC to allocate a specific binding label/SID 190 value. This TLV is intended for TE LSPs established using RSVP-TE, 191 SR, or any other future method. Also, in the case of SR-TE LSPs, the 192 TLV can carry a binding label (for SR-TE path with MPLS data-plane) 193 or a binding IPv6 SID (e.g., IPv6 address for SR-TE paths with IPv6 194 data-plane). Throughout this document, the term "binding value" 195 means either an MPLS label or a SID. 197 Additionally, to support the PCE-based central controller [RFC8283] 198 operation where the PCE would take responsibility for managing some 199 part of the MPLS label space for each of the routers that it 200 controls, the PCE could directly make the binding label/SID 201 allocation and inform the PCC. See Section 8 for details. 203 2. Requirements Language 205 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 206 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 207 "OPTIONAL" in this document are to be interpreted as described in BCP 208 14 [RFC2119] [RFC8174] when, and only when, they appear in all 209 capitals, as shown here. 211 3. Terminology 213 The following terminologies are used in this document: 215 BSID: Binding Segment Identifier. 217 LSP: Label Switched Path. 219 PCC: Path Computation Client. 221 PCEP: Path Computation Element communication Protocol. 223 RSVP-TE: Resource ReserVation Protocol-Traffic Engineering. 225 SID: Segment Identifier. 227 SR: Segment Routing. 229 4. Path Binding TLV 231 The new optional TLV called "TE-PATH-BINDING TLV" (whose format is 232 shown in the Figure 2) is defined to carry the binding label/SID for 233 a TE path. This TLV is associated with the LSP object specified in 234 [RFC8231]. This TLV can also be carried in the PCEP-ERROR object 236 [RFC5440] in case of error. Multiple instance of TE-PATH-BINDING 237 TLVs MAY be present in the LSP and PCEP-ERROR object. The type of 238 this TLV is 55 (early allocated by IANA). The length is variable. 240 0 1 2 3 241 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 242 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 243 | Type = 55 | Length | 244 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 245 | BT | Flags | Reserved | 246 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 247 ~ Binding Value (variable length) ~ 248 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 250 Figure 2: TE-PATH-BINDING TLV 252 TE-PATH-BINDING TLV is a generic TLV such that it is able to carry 253 binding label/SID (i.e. MPLS label or SRv6 SID). It is formatted 254 according to the rules specified in [RFC5440]. The value portion of 255 the TLV comprises: 257 Binding Type (BT): A one-octet field identifies the type of binding 258 included in the TLV. This document specifies the following BT 259 values: 261 o BT = 0: The binding value is a 20-bit MPLS label value. The TLV 262 is padded to 4-bytes alignment. The Length MUST be set to 7 and 263 the first 20 bits are used to encode the MPLS label value. 265 o BT = 1: The binding value is a 32-bit MPLS label stack entry as 266 per [RFC3032] with Label, TC [RFC5462], S, and TTL values encoded. 267 Note that the receiver MAY choose to override TC, S, and TTL 268 values according to its local policy. The Length MUST be set to 269 8. 271 o BT = 2: The binding value is an SRv6 SID with a format of a 272 16-octet IPv6 address, representing the binding SID for SRv6. The 273 Length MUST be set to 20. 275 o BT = 3: The binding value is a 24 octet field, defined in 276 Section 4.1, that contains the SRv6 SID as well as its Behavior 277 and Structure. The Length MUST be set to 28. 279 Section 12.1.1 defines the IANA registry used to maintain all these 280 binding types as well as any future ones. Note that multiple TE- 281 PATH-BINDING TLVs with different Binding Types MAY be present for the 282 same LSP. 284 Flags: 1 octet of flags. The following flag is defined in the new 285 registry "TE-PATH-BINDING TLV Flag field" as described in 286 Section 12.1.1: 288 0 1 2 3 4 5 6 7 289 +-+-+-+-+-+-+-+-+ 290 |R| | 291 +-+-+-+-+-+-+-+-+ 293 Figure 3: Flags 295 where: 297 o R (Removal - 1 bit): When set, the requesting PCEP peer requires 298 the removal of the binding value for the LSP. When unset, the 299 PCEP peer indicates that the binding value is added or retained 300 for the LSP. This flag is used in the PCRpt and PCUpd messages. 301 It is ignored in other PCEP messages. 303 o The unassigned flags MUST be set to 0 while sending and ignored on 304 receipt. 306 Reserved: MUST be set to 0 while sending and ignored on receipt. 308 Binding Value: A variable-length field, padded with trailing zeros to 309 a 4-octet boundary. When the BT is 0, the 20 bits represent the MPLS 310 label. When the BT is 1, the 32 bits represent the MPLS label stack 311 entry as per [RFC3032]. When the BT is 2, the 128 bits represent the 312 SRv6 SID. When the BT is 3, the Binding Value also contains the SRv6 313 Endpoint Behavior and SID Structure, defined in Section 4.1. 315 4.1. SRv6 Endpoint Behavior and SID Structure 317 This section specifies the format of the Binding Value in the TE- 318 PATH-BINDING TLV when the BT is set to 3 for the SRv6 Binding SIDs 319 [RFC8986], as shown in Figure 4. 321 0 1 2 3 322 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 323 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 324 | SRv6 Binding SID (16 octets) | 325 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 326 | Reserved | Endpoint Behavior | 327 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 328 | LB Length | LN Length | Fun. Length | Arg. Length | 329 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 331 Figure 4: SRv6 Endpoint Behavior and SID Structure 333 The Binding Value consists of: 335 o SRv6 Binding SID: 16 octets. The 128-bit IPv6 address, 336 representing the binding SID for SRv6. 338 o Reserved: 2 octets. It MUST be set to 0 on transmit and ignored 339 on receipt. 341 o Endpoint Behavior: 2 octets. The Endpoint Behavior code point for 342 this SRv6 SID as per the IANA subregistry called "SRv6 Endpoint 343 Behaviors", created by [RFC8986]. When the field is set with the 344 value 0, the endpoint behavior is considered unknown. 346 o The following fields are used to advertise the length of each 347 individual part of the SRv6 SID as defined in [RFC8986]: 349 * LB Length: 1 octet. SRv6 SID Locator Block length in bits. 351 * LN Length: 1 octet. SRv6 SID Locator Node length in bits. 353 * Function Length: 1 octet. SRv6 SID Function length in bits. 355 * Argument Length: 1 octet. SRv6 SID Arguments length in bits. 357 5. Operation 359 The binding value is allocated by the PCC and reported to a PCE via a 360 PCRpt message. If a PCE does not recognize the TE-PATH-BINDING TLV, 361 it would ignore the TLV in accordance with [RFC5440]. If a PCE 362 recognizes the TLV but does not support the TLV, it MUST send a PCErr 363 with Error-Type = 2 (Capability not supported). 365 Multiple TE-PATH-BINDING TLVs are allowed to be present in the same 366 LSP object. This signifies the presence of multiple binding SIDs for 367 the given LSP. In the case of multiple TE-PATH-BINDING TLVs, the 368 existing instances of TE-PATH-BINDING TLVs MAY be included in the LSP 369 object. In case of an error condition, the whole message is rejected 370 and the resulting PCErr message MAY include the offending TE-PATH- 371 BINDING TLV in the PCEP-ERROR object. 373 If a PCE recognizes an invalid binding value (e.g., label value from 374 the reserved MPLS label space), it MUST send a PCErr message with 375 Error-Type = 10 ("Reception of an invalid object") and Error Value = 376 2 ("Bad label value") as specified in [RFC8664]. 378 For SRv6 BSIDs, it is RECOMMENDED to always explicitly specify the 379 SRv6 Endpoint Behavior and SID Structure in the TE-PATH-BINDING TLV 380 by setting the BT (Binding Type) to 3. This enables the sender to 381 have control of the SRv6 Endpoint Behavior and SID Structure. A 382 sender MAY choose to set the BT to 2, in which case the receiving 383 implementation chooses how to interpret the SRv6 Endpoint Behavior 384 and SID Structure according to local policy. 386 If a PCC wishes to withdraw a previously reported binding value, it 387 MUST send a PCRpt message with the specific TE-PATH-BINDING TLV with 388 R flag set to 1. If a PCC wishes to modify a previously reported 389 binding, it MUST withdraw the former binding value (with R flag set 390 in the former TE-PATH-BINDING TLV) and include a new TE-PATH-BINDING 391 TLV containing the new binding value. Note that other instances of 392 TE-PATH-BINDING TLVs that are unchanged MAY also be included. 394 If a PCE requires a PCC to allocate a (or several) specific binding 395 value(s), it may do so by sending a PCUpd or PCInitiate message 396 containing a TE-PATH-BINDING TLV(s). If the value(s) can be 397 successfully allocated, the PCC reports the binding value(s) to the 398 PCE. If the PCC considers the binding value specified by the PCE 399 invalid, it MUST send a PCErr message with Error-Type = TBD2 400 ("Binding label/SID failure") and Error Value = TBD3 ("Invalid SID"). 401 If the binding value is valid, but the PCC is unable to allocate the 402 binding value, it MUST send a PCErr message with Error-Type = TBD2 403 ("Binding label/SID failure") and Error Value = TBD4 ("Unable to 404 allocate the specified binding value"). Note that, in case of an 405 error, the PCC rejects the PCUpd or PCInitiate message in its 406 entirety and can include the offending TE-PATH-BINDING TLV in the 407 PCEP-ERROR object. 409 If a PCE wishes to request the withdrawal of a previously reported 410 binding value, it MUST send a PCUpd message with the specific TE- 411 PATH-BINDING TLV with R flag set to 1. If a PCE wishes to modify a 412 previously requested binding value, it MUST request the withdrawal of 413 the former binding value (with R flag set in the former TE-PATH- 414 BINDING TLV) and include a new TE-PATH-BINDING TLV containing the new 415 binding value. 417 In some cases, a stateful PCE can request the PCC to allocate any 418 binding value. It instructs the PCC by sending a PCUpd message 419 containing an empty TE-PATH-BINDING TLV, i.e., no binding value is 420 specified (bringing the Length field of the TLV to 4). A PCE can 421 also request a PCC to allocate a binding value at the time of 422 initiation by sending a PCInitiate message with an empty TE-PATH- 423 BINDING TLV. Only one such instance of empty TE-PATH-BINDING TLV 424 SHOULD be included in the LSP object and others ignored on receipt. 425 If the PCC is unable to allocate a new binding value as per the 426 specified BT, it MUST send a PCErr message with Error-Type = TBD2 427 ("Binding label/SID failure") and Error-Value = TBD5 ("Unable to 428 allocate a new binding label/SID"). 430 As previously noted, if a message contains an invalid TE-PATH-BINDING 431 TLV that leads to an error condition, the whole message is rejected 432 including any other valid instances of TE-PATH-BINDING TLVs, if any. 433 The resulting error message MAY include the offending TE-PATH-BINDING 434 TLV in the PCEP-ERROR object. 436 If a PCC receives a TE-PATH-BINDING TLV in any message other than 437 PCUpd or PCInitiate, it MUST close the corresponding PCEP session 438 with the reason "Reception of a malformed PCEP message" (according to 439 [RFC5440]). Similarly, if a PCE receives a TE-PATH-BINDING TLV in 440 any message other than a PCRpt or if the TE-PATH-BINDING TLV is 441 associated with any object other than an LSP or PCEP-ERROR object, 442 the PCE MUST close the corresponding PCEP session with the reason 443 "Reception of a malformed PCEP message" (according to [RFC5440]). 445 If a TE-PATH-BINDING TLV is absent in the PCRpt message and no 446 binding values were reported before, the PCE MUST assume that the 447 corresponding LSP does not have any binding. Similarly, if TE-PATH- 448 BINDING TLV is absent in the PCUpd message and no binding values were 449 reported before, the PCC's local policy dictates how the binding 450 allocations are made for a given LSP. 452 6. Binding SID in SR-ERO 454 In PCEP messages, LSP route information is carried in the Explicit 455 Route Object (ERO), which consists of a sequence of subobjects. 456 [RFC8664] defines a new ERO subobject "SR-ERO subobject" capable of 457 carrying a SID as well as the identity of the node/adjacency (NAI) 458 represented by the SID. The NAI Type (NT) field indicates the type 459 and format of the NAI contained in the SR-ERO. In case of binding 460 SID, the NAI MUST NOT be included and NT MUST be set to zero. So as 461 per Section 5.2.1 of [RFC8664], for NT=0, the F bit is set to 1, the 462 S bit needs to be zero and the Length is 8. Further, the M bit is 463 set. If these conditions are not met, the entire ERO MUST be 464 considered invalid and a PCErr message is sent by the PCC with Error- 465 Type = 10 ("Reception of an invalid object") and Error-Value = 11 466 ("Malformed object"). 468 7. Binding SID in SRv6-ERO 470 [I-D.ietf-pce-segment-routing-ipv6] defines a new ERO subobject 471 "SRv6-ERO subobject" for an SRv6 SID. As stated in Section 6, in 472 case of binding SID, the NAI is not included and NT is set to zero 473 i.e., NT=0, the F bit is set to 1, the S bit needs to be zero and the 474 Length is 24 [I-D.ietf-pce-segment-routing-ipv6]. As per [RFC8664], 475 if these conditions are not met, the entire ERO is considered invalid 476 and a PCErr message is sent by the PCC with Error-Type = 10 477 ("Reception of an invalid object") and Error-Value = 11 ("Malformed 478 object"). 480 8. PCE Allocation of Binding label/SID 482 Section 5 already includes the scenario where a PCE requires a PCC to 483 allocate a specified binding value by sending a PCUpd or PCInitiate 484 message containing a TE-PATH-BINDING TLV. This section specifies an 485 OPTIONAL feature for the PCE to allocate the binding label/SID of its 486 own accord in the case where the PCE also controls the label space of 487 the PCC and can make the label allocation on its own as described in 488 [RFC8283]. Note that the act of requesting a specific binding value 489 (Section 5) is different from the act of allocating a binding label/ 490 SID as described in this section. 492 [RFC8283] introduces the architecture for PCE as a central controller 493 as an extension of the architecture described in [RFC4655] and 494 assumes the continued use of PCEP as the protocol used between PCE 495 and PCC. [I-D.ietf-pce-pcep-extension-for-pce-controller] specifies 496 the procedures and PCEP extensions for using the PCE as the central 497 controller. 499 For an implementation that supports PCECC operations as per 500 [I-D.ietf-pce-pcep-extension-for-pce-controller], the binding label/ 501 SID MAY also be allocated by the PCE itself. Both peers need to 502 exchange the PCECC capability as described in 503 [I-D.ietf-pce-pcep-extension-for-pce-controller] before the PCE can 504 allocate the binding label/SID on its own. 506 A new P flag in the LSP object [RFC8231] is introduced to indicate 507 the allocation needs to be made by the PCE: 509 o P (PCE-allocated binding label/SID): If the bit is set to 1, it 510 indicates that the PCC requests PCE to make allocations for this 511 LSP. The TE-PATH-BINDING TLV in the LSP object identifies that 512 the allocation is for binding label/SID. A PCC MUST set this bit 513 to 1 and include a TE-PATH-BINDING TLV in the LSP object to 514 request for allocation of binding label/SID by the PCE in the PCEP 515 message. A PCE MUST also set this bit to 1 and include a TE-PATH- 516 BINDING TLV to indicate that the binding label/SID is allocated by 517 PCE and encoded in the PCEP message towards the PCC. Further, a 518 PCE MUST set this bit to 0 and include a TE-PATH-BINDING TLV in 519 the LSP object to indicate that the binding label/SID should be 520 allocated by the PCC as described in Section 5. 522 Note that - 524 o A PCE could allocate the binding label/SID of its own accord for a 525 PCE-initiated or delegated LSP, and inform the PCC in the 526 PCInitiate message or PCUpd message by setting P=1 and including 527 TE-PATH-BINDING TLV in the LSP object. 529 o To let the PCC allocates the binding label/SID, a PCE MUST set P=0 530 and include an empty TE-PATH-BINDING TLV ( i.e., no binding value 531 is specified) in the LSP object in PCInitiate/PCUpd message. 533 o To request that the PCE allocate the binding label/SID, a PCC MUST 534 set P=1, D=1, and include an empty TE-PATH-BINDING TLV in PCRpt 535 message. The PCE SHOULD allocate it and respond to the PCC with 536 PCUpd message including the allocated binding label/SID in the TE- 537 PATH-BINDING TLV and P=1, D=1 in the LSP object. If the PCE is 538 unable to allocate, it MUST send a PCErr message with Error-Type = 539 TBD2 ("Binding label/SID failure") and Error-Value = TBD5 ("Unable 540 to allocate a new binding label/SID"). 542 o If both peers have not exchanged the PCECC capabilities as per 543 [I-D.ietf-pce-pcep-extension-for-pce-controller] and a PCEP peer 544 receives P=1 in the LSP object, it needs to act as per 545 [I-D.ietf-pce-pcep-extension-for-pce-controller]: 547 * Send a PCErr message with Error-Type=19 (Invalid Operation) and 548 Error-Value=16 (Attempted PCECC operations when PCECC 549 capability was not advertised) 551 * Terminate the PCEP session 553 It is assumed that the label range to be used by a PCE is known and 554 set on both PCEP peers. The exact mechanism is out of the scope of 555 [I-D.ietf-pce-pcep-extension-for-pce-controller] or this document. 556 Note that the specific BSID could be from the PCE-controlled or the 557 PCC-controlled label space. The PCE can directly allocate the label 558 from the PCE-controlled label space using P=1 as described above, 559 whereas the PCE can request for the allocation of a specific BSID 560 from the PCC-controlled label space with P=0 as described in 561 Section 5. 563 9. Implementation Status 565 [Note to the RFC Editor - remove this section before publication, as 566 well as remove the reference to RFC 7942.] 568 This section records the status of known implementations of the 569 protocol defined by this specification at the time of posting of this 570 Internet-Draft, and is based on a proposal described in [RFC7942]. 571 The description of implementations in this section is intended to 572 assist the IETF in its decision processes in progressing drafts to 573 RFCs. Please note that the listing of any individual implementation 574 here does not imply endorsement by the IETF. Furthermore, no effort 575 has been spent to verify the information presented here that was 576 supplied by IETF contributors. This is not intended as, and must not 577 be construed to be, a catalog of available implementations or their 578 features. Readers are advised to note that other implementations may 579 exist. 581 According to [RFC7942], "this will allow reviewers and working groups 582 to assign due consideration to documents that have the benefit of 583 running code, which may serve as evidence of valuable experimentation 584 and feedback that have made the implemented protocols more mature. 585 It is up to the individual working groups to use this information as 586 they see fit". 588 9.1. Huawei 590 o Organization: Huawei 592 o Implementation: Huawei's Router and Controller 594 o Description: An experimental code-point is used and will be 595 modified to the value allocated in this document. 597 o Maturity Level: Production 599 o Coverage: Full 601 o Contact: c.l@huawei.com 603 9.2. Cisco 605 o Organization: Cisco Systems 607 o Implementation: Head-end and controller. 609 o Description: An experimental code-point is used and will be 610 modified to the value allocated in this document. 612 o Maturity Level: Production 614 o Coverage: Full 616 o Contact: mkoldych@cisco.com 618 10. Security Considerations 620 The security considerations described in [RFC5440], [RFC8231], 621 [RFC8281] and [RFC8664] are applicable to this specification. No 622 additional security measure is required. 624 As described [RFC8664], SR allows a network controller to instantiate 625 and control paths in the network. A rogue PCE can manipulate binding 626 SID allocations to move traffic around for some other LSP that uses 627 BSID in its SR-ERO. 629 Thus, as per [RFC8231], it is RECOMMENDED that these PCEP extensions 630 only be activated on authenticated and encrypted sessions across PCEs 631 and PCCs belonging to the same administrative authority, using 632 Transport Layer Security (TLS) [RFC8253], as per the recommendations 633 and best current practices in BCP195 [RFC7525] (unless explicitly set 634 aside in [RFC8253]). 636 11. Manageability Considerations 638 All manageability requirements and considerations listed in 639 [RFC5440], [RFC8231], and [RFC8664] apply to PCEP protocol extensions 640 defined in this document. In addition, requirements and 641 considerations listed in this section apply. 643 11.1. Control of Function and Policy 645 A PCC implementation SHOULD allow the operator to configure the 646 policy the PCC needs to apply when allocating the binding label/SID. 648 11.2. Information and Data Models 650 The PCEP YANG module [I-D.ietf-pce-pcep-yang] could be extended to 651 include policy configuration for binding label/SID allocation. 653 11.3. Liveness Detection and Monitoring 655 The mechanisms defined in this document do not imply any new liveness 656 detection and monitoring requirements in addition to those already 657 listed in [RFC5440]. 659 11.4. Verify Correct Operations 661 The mechanisms defined in this document do not imply any new 662 operation verification requirements in addition to those already 663 listed in [RFC5440], [RFC8231], and [RFC8664]. 665 11.5. Requirements On Other Protocols 667 The mechanisms defined in this document do not imply any new 668 requirements on other protocols. 670 11.6. Impact On Network Operations 672 The mechanisms defined in [RFC5440], [RFC8231], and [RFC8664] also 673 apply to the PCEP extensions defined in this document. Further, the 674 mechanism described in this document can help the operator to request 675 control of the LSPs at a particular PCE. 677 12. IANA Considerations 679 IANA maintains the "Path Computation Element Protocol (PCEP) Numbers" 680 registry. This document requests IANA actions to allocate code 681 points for the protocol elements defined in this document. 683 12.1. PCEP TLV Type Indicators 685 This document defines a new PCEP TLV; IANA is requested to confirm 686 the following early allocations from the "PCEP TLV Type Indicators" 687 subregistry of the PCEP Numbers registry, as follows: 689 Value Description Reference 691 55 TE-PATH-BINDING This document 693 12.1.1. TE-PATH-BINDING TLV 695 IANA is requested to create a new subregistry "TE-PATH-BINDING TLV BT 696 field" to manage the value of the Binding Type field in the TE-PATH- 697 BINDING TLV. Initial values for the subregistry are given below. 698 New values are assigned by Standards Action [RFC8126]. 700 Value Description Reference 702 0 MPLS Label This document 703 1 MPLS Label Stack This document 704 Entry 705 2 SRv6 SID This document 706 3 SRv6 SID with This document 707 Behavior and 708 Structure 709 4-255 Unassigned This document 711 IANA is requested to create a new subregistry "TE-PATH-BINDING TLV 712 Flag field" to manage the Flag field in the TE-PATH-BINDING TLV. New 713 values are to be assigned by Standards Action [RFC8126]. Each bit 714 should be tracked with the following qualities: 716 o Bit number (count from 0 as the most significant bit) 718 o Description 720 o Reference 722 Bit Description Reference 724 0 R (Removal) This document 725 1-7 Unassigned This document 727 12.2. LSP Object 729 IANA is requested to confirm the early allocation for a new code- 730 point in the "LSP Object Flag Field" sub-registry for the new P flag 731 as follows: 733 Bit Description Reference 735 0 PCE-allocated binding This document 736 label/SID 738 12.3. PCEP Error Type and Value 740 This document defines a new Error-type and Error-Values for the PCErr 741 message. IANA is requested to allocate new error-type and error- 742 values within the "PCEP-ERROR Object Error Types and Values" 743 subregistry of the PCEP Numbers registry, as follows: 745 Error-Type Meaning Error-value Reference 747 TBD2 Binding label/SID 0: Unassigned This 748 failure document 749 TBD3: Invalid SID This 750 document 751 TBD4: Unable to allocate the This 752 specified binding value document 753 TBD5: Unable to allocate a This 754 new binding label/SID document 756 13. Acknowledgements 758 We like to thank Milos Fabian, Mrinmoy Das, Andrew Stone, Tom Petch, 759 Aijun Wang, Olivier Dugeon, and Adrian Farrel for their valuable 760 comments. 762 14. References 764 14.1. Normative References 766 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 767 Requirement Levels", BCP 14, RFC 2119, 768 DOI 10.17487/RFC2119, March 1997, 769 . 771 [RFC3032] Rosen, E., Tappan, D., Fedorkow, G., Rekhter, Y., 772 Farinacci, D., Li, T., and A. Conta, "MPLS Label Stack 773 Encoding", RFC 3032, DOI 10.17487/RFC3032, January 2001, 774 . 776 [RFC5440] Vasseur, JP., Ed. and JL. Le Roux, Ed., "Path Computation 777 Element (PCE) Communication Protocol (PCEP)", RFC 5440, 778 DOI 10.17487/RFC5440, March 2009, 779 . 781 [RFC5462] Andersson, L. and R. Asati, "Multiprotocol Label Switching 782 (MPLS) Label Stack Entry: "EXP" Field Renamed to "Traffic 783 Class" Field", RFC 5462, DOI 10.17487/RFC5462, February 784 2009, . 786 [RFC7525] Sheffer, Y., Holz, R., and P. Saint-Andre, 787 "Recommendations for Secure Use of Transport Layer 788 Security (TLS) and Datagram Transport Layer Security 789 (DTLS)", BCP 195, RFC 7525, DOI 10.17487/RFC7525, May 790 2015, . 792 [RFC7942] Sheffer, Y. and A. Farrel, "Improving Awareness of Running 793 Code: The Implementation Status Section", BCP 205, 794 RFC 7942, DOI 10.17487/RFC7942, July 2016, 795 . 797 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 798 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 799 May 2017, . 801 [RFC8231] Crabbe, E., Minei, I., Medved, J., and R. Varga, "Path 802 Computation Element Communication Protocol (PCEP) 803 Extensions for Stateful PCE", RFC 8231, 804 DOI 10.17487/RFC8231, September 2017, 805 . 807 [RFC8253] Lopez, D., Gonzalez de Dios, O., Wu, Q., and D. Dhody, 808 "PCEPS: Usage of TLS to Provide a Secure Transport for the 809 Path Computation Element Communication Protocol (PCEP)", 810 RFC 8253, DOI 10.17487/RFC8253, October 2017, 811 . 813 [RFC8281] Crabbe, E., Minei, I., Sivabalan, S., and R. Varga, "Path 814 Computation Element Communication Protocol (PCEP) 815 Extensions for PCE-Initiated LSP Setup in a Stateful PCE 816 Model", RFC 8281, DOI 10.17487/RFC8281, December 2017, 817 . 819 [RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L., 820 Decraene, B., Litkowski, S., and R. Shakir, "Segment 821 Routing Architecture", RFC 8402, DOI 10.17487/RFC8402, 822 July 2018, . 824 [RFC8664] Sivabalan, S., Filsfils, C., Tantsura, J., Henderickx, W., 825 and J. Hardwick, "Path Computation Element Communication 826 Protocol (PCEP) Extensions for Segment Routing", RFC 8664, 827 DOI 10.17487/RFC8664, December 2019, 828 . 830 [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for 831 Writing an IANA Considerations Section in RFCs", BCP 26, 832 RFC 8126, DOI 10.17487/RFC8126, June 2017, 833 . 835 [RFC8986] Filsfils, C., Ed., Camarillo, P., Ed., Leddy, J., Voyer, 836 D., Matsushima, S., and Z. Li, "Segment Routing over IPv6 837 (SRv6) Network Programming", RFC 8986, 838 DOI 10.17487/RFC8986, February 2021, 839 . 841 [I-D.ietf-pce-pcep-extension-for-pce-controller] 842 Li, Z., Peng, S., Negi, M. S., Zhao, Q., and C. Zhou, 843 "PCEP Procedures and Protocol Extensions for Using PCE as 844 a Central Controller (PCECC) of LSPs", draft-ietf-pce- 845 pcep-extension-for-pce-controller-14 (work in progress), 846 March 2021. 848 [I-D.ietf-pce-segment-routing-ipv6] 849 Li, C., Negi, M., Sivabalan, S., Koldychev, M., 850 Kaladharan, P., and Y. Zhu, "PCEP Extensions for Segment 851 Routing leveraging the IPv6 data plane", draft-ietf-pce- 852 segment-routing-ipv6-09 (work in progress), May 2021. 854 14.2. Informative References 856 [RFC4655] Farrel, A., Vasseur, J., and J. Ash, "A Path Computation 857 Element (PCE)-Based Architecture", RFC 4655, 858 DOI 10.17487/RFC4655, August 2006, 859 . 861 [RFC8283] Farrel, A., Ed., Zhao, Q., Ed., Li, Z., and C. Zhou, "An 862 Architecture for Use of PCE and the PCE Communication 863 Protocol (PCEP) in a Network with Central Control", 864 RFC 8283, DOI 10.17487/RFC8283, December 2017, 865 . 867 [RFC8669] Previdi, S., Filsfils, C., Lindem, A., Ed., Sreekantiah, 868 A., and H. Gredler, "Segment Routing Prefix Segment 869 Identifier Extensions for BGP", RFC 8669, 870 DOI 10.17487/RFC8669, December 2019, 871 . 873 [I-D.ietf-spring-segment-routing-policy] 874 Filsfils, C., Talaulikar, K., Voyer, D., Bogdanov, A., and 875 P. Mattes, "Segment Routing Policy Architecture", draft- 876 ietf-spring-segment-routing-policy-11 (work in progress), 877 April 2021. 879 [I-D.ietf-pce-pcep-yang] 880 Dhody, D., Hardwick, J., Beeram, V. P., and J. Tantsura, 881 "A YANG Data Model for Path Computation Element 882 Communications Protocol (PCEP)", draft-ietf-pce-pcep- 883 yang-16 (work in progress), February 2021. 885 Appendix A. Contributor Addresses 887 Jonathan Hardwick 888 Metaswitch Networks 889 33 Genotin Road 890 Enfield 891 United Kingdom 893 EMail: Jonathan.Hardwick@metaswitch.com 895 Dhruv Dhody 896 Huawei Technologies 897 Divyashree Techno Park, Whitefield 898 Bangalore, Karnataka 560066 899 India 901 EMail: dhruv.ietf@gmail.com 903 Mahendra Singh Negi 904 RtBrick India 905 N-17L, Floor-1, 18th Cross Rd, HSR Layout Sector-3 906 Bangalore, Karnataka 560102 907 India 909 EMail: mahend.ietf@gmail.com 911 Mike Koldychev 912 Cisco Systems, Inc. 913 2000 Innovation Drive 914 Kanata, Ontario K2K 3E8 915 Canada 917 Email: mkoldych@cisco.com 919 Zafar Ali 920 Cisco Systems, Inc. 922 Email: zali@cisco.com 924 Authors' Addresses 926 Siva Sivabalan 927 Ciena Corporation 929 EMail: msiva282@gmail.com 930 Clarence Filsfils 931 Cisco Systems, Inc. 932 Pegasus Parc 933 De kleetlaan 6a, DIEGEM BRABANT 1831 934 BELGIUM 936 EMail: cfilsfil@cisco.com 938 Jeff Tantsura 939 Microsoft Corporation 941 EMail: jefftant.ietf@gmail.com 943 Stefano Previdi 944 Huawei Technologies 946 EMail: stefano@previdi.net 948 Cheng Li (editor) 949 Huawei Technologies 950 Huawei Campus, No. 156 Beiqing Rd. 951 Beijing 100095 952 China 954 EMail: c.l@huawei.com