idnits 2.17.00 (12 Aug 2021) /tmp/idnits65287/draft-zzhang-mvpn-evpn-controller-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (25 October 2021) is 201 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC4360' is mentioned on line 281, but not defined -- Looks like a reference, but probably isn't: '6514' on line 281 -- Looks like a reference, but probably isn't: '7432' on line 281 == Unused Reference: 'I-D.ietf-bess-mvpn-evpn-aggregation-label' is defined on line 326, but no explicit reference was found in the text == Outdated reference: A later version (-14) exists of draft-ietf-bess-evpn-bum-procedure-updates-11 == Outdated reference: A later version (-09) exists of draft-ietf-bess-bgp-multicast-controller-07 == Outdated reference: A later version (-08) exists of draft-ietf-bess-mvpn-evpn-aggregation-label-06 == Outdated reference: A later version (-04) exists of draft-ietf-pim-sr-p2mp-policy-03 Summary: 0 errors (**), 0 flaws (~~), 7 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 bess Z. Zhang 3 Internet-Draft Juniper Networks 4 Intended status: Standards Track R. Parekh 5 Expires: 28 April 2022 Cisco Systems 6 Z. Zhang 7 ZTE 8 H. Bidgoli 9 Nokia 10 25 October 2021 12 MVPN and EVPN BUM Signaling with Controllers 13 draft-zzhang-mvpn-evpn-controller-01 15 Abstract 17 This document specifies optional procedures for BGP-MVPN and EVPN BUM 18 signaling with controllers. When P2MP tunnels used for BGP-MVPN and 19 EVPN BUM are to be signaled from controllers, the controllers can 20 learn tunnel information (identifier, root, leaf) by participating 21 BGP-MVPN and EVPN BUM signaling, instead of relying on ingress PEs to 22 collect the information and then pass to the controllers. 23 Additionally, Inclusive/Selective PMSI Auto Discovery Routes can be 24 originated from controllers based on central provisioning, instead of 25 from PEs based on local provisioning. 27 Requirements Language 29 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 30 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 31 "OPTIONAL" in this document are to be interpreted as described in BCP 32 14 [RFC2119] [RFC8174] when, and only when, they appear in all 33 capitals, as shown here. 35 Status of This Memo 37 This Internet-Draft is submitted in full conformance with the 38 provisions of BCP 78 and BCP 79. 40 Internet-Drafts are working documents of the Internet Engineering 41 Task Force (IETF). Note that other groups may also distribute 42 working documents as Internet-Drafts. The list of current Internet- 43 Drafts is at https://datatracker.ietf.org/drafts/current/. 45 Internet-Drafts are draft documents valid for a maximum of six months 46 and may be updated, replaced, or obsoleted by other documents at any 47 time. It is inappropriate to use Internet-Drafts as reference 48 material or to cite them other than as "work in progress." 49 This Internet-Draft will expire on 28 April 2022. 51 Copyright Notice 53 Copyright (c) 2021 IETF Trust and the persons identified as the 54 document authors. All rights reserved. 56 This document is subject to BCP 78 and the IETF Trust's Legal 57 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 58 license-info) in effect on the date of publication of this document. 59 Please review these documents carefully, as they describe your rights 60 and restrictions with respect to this document. Code Components 61 extracted from this document must include Simplified BSD License text 62 as described in Section 4.e of the Trust Legal Provisions and are 63 provided without warranty as described in the Simplified BSD License. 65 Table of Contents 67 1. Terminologies . . . . . . . . . . . . . . . . . . . . . . . . 2 68 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 69 3. Specification . . . . . . . . . . . . . . . . . . . . . . . . 4 70 3.1. Controller Address Extended Community . . . . . . . . . . 4 71 3.2. Targeting Leaf A-D Routes to Controllers . . . . . . . . 4 72 3.3. Controller Originated I/S-PMSI Routes . . . . . . . . . . 5 73 3.3.1. Inter-AS/Region Segmentation . . . . . . . . . . . . 5 74 3.4. Automatic DCB Label Allocation by Controllers . . . . . . 6 75 4. Security Considerations . . . . . . . . . . . . . . . . . . . 6 76 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 77 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 7 78 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 79 7.1. Normative References . . . . . . . . . . . . . . . . . . 7 80 7.2. Informative References . . . . . . . . . . . . . . . . . 7 81 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8 83 1. Terminologies 85 Familiarity with MVPN/EVPN protocols and procedures is assumed. Some 86 terminologies are listed below for convenience. 88 * PMSI: P-Multicast Service Interface - a conceptual interface for a 89 PE to send customer multicast traffic to all or some PEs in the 90 same VPN/BD. 92 * I-PMSI: Inclusive PMSI - to all PEs in the same VPN/BD. 94 * S-PMSI: Selective PMSI - to some of the PEs in the same VPN/BD. 96 * Leaf A-D routes: For explicit leaf tracking purpose. Triggered by 97 S-PMSI A-D routes and targeted at triggering route's originator. 99 * IMET A-D route: Inclusive Multicast Ethernet Tag A-D route. The 100 EVPN equivalent of MVPN Intra-AS I-PMSI A-D route. 102 As pointed out above, the EVPN IMET route is the equivalent of MVPN 103 I-PMSI A-D route. In the rest of the document, unless explicitly 104 stated, I-PMSI A-D route refers to MVPN Intra-AS I-PMSI A-D route 105 and/or EVPN IMET route. 107 2. Introduction 109 Consider a provider network with BGP-MVPN/EVPN where controllers are 110 used to set up P2MP tunnels per 111 [I-D.ietf-bess-bgp-multicast-controller] or 112 [I-D.ietf-pim-sr-p2mp-policy]. For a controller to calculate the 113 corresponding trees and set up the tunnels, it needs to learn the 114 (ID, root, leaf) information for those trees. Currently, 115 [I-D.ietf-bess-mvpn-evpn-sr-p2mp] specifies that an ingress PE 116 assigns the SR P2MP ID and collects leaf information via Leaf A-D 117 routes, and then pass onto the controller. Observing that BGP-MVPN/ 118 EVPN signaling typically involves Router Reflectors, which may 119 typically be hosted on or co-located with controllers, it makes sense 120 to have the controllers participating BGP-MVPN/EVPN signaling to 121 learn (ID, root, leaf) information. This will relieve the PEs from 122 maintaining Leaf A-D routes, and remove the extra hop of leaf 123 information propagation. 125 Also Consider that in the same network many selective tunnels are 126 used, and their usages are dynamically provisioned based on specific 127 needs at different time. For example, the provider provides video 128 transmission services for events at various time, location and to 129 various receivers. With traditional methods the provider would 130 provision the PEs at the transmission sources with various selective 131 tunnels, which triggers corresponding S-PMSI A-D routes. The 132 provisioning is put in place shortly before an event takes place and 133 removed shortly after the event ends. Alternatively and preferrably, 134 a controller can originate S-PMSI A-D routes based on centralized 135 provisioning on behalf of the source PEs. The controller also 136 collects the leaf information (either based on centralized 137 provisioning or based on Leaf A-D routes), calculates the tree and 138 signal tree nodes. Additionally, when tunnel aggregation labels are 139 allocated from Domain-wide Common Block (DCB), originating I/S-PMSI 140 A-D routes from controllers makes the DCB label allocation a lot 141 easier. 143 It is possible that an operator prefers automatic DCB aggregation 144 label allocation by the controller but prefers I/S-PMSI A-D routes 145 origination from individual PEs. In that case, a PE can target an I/ 146 S-PMSI A-D route at the controller and the controller will allocate a 147 DCB label and return it in a corresponding Leaf A-D route. 149 3. Specification 151 The procedures specified in this section applies if one or more 152 controllers participate MVPN/EVPN signaling for the purpose of leaf 153 discovery for P2MP tree calculation, and/or if controllers are to 154 originate I/S-PMSI A-D routes or BGP-MVPN and/or BGP-EVPN BUM. 156 3.1. Controller Address Extended Community 158 This document defines a new Transitive IPv4-Address-Specific Extended 159 Community Sub-Type: "Controller Address". This document also defines 160 a new BGP Transitive IPv6-Address-Specific Extended Community Sub- 161 Type: "Controller Address". 163 A Controller Address Extended Community (referred to as Controller 164 EC) is constructed by setting the Global Administrator field to the 165 IP address of the controller and the Local Administrator field to 0. 167 3.2. Targeting Leaf A-D Routes to Controllers 169 When a PE originates an I/S-PMSI A-D route with PTA's tunnel type set 170 to PIM-SSM/ASM, mLDP or SR P2MP that are to be set up by controllers, 171 the PE MUST attach a Controller EC constructed as above. If there 172 are multiple controllers, then one Controller EC is attached for each 173 of the controllers. 175 In case of tunnel segmentation and a new controller is used for the 176 next segmentation region, when an ABR/ASBR/RBR re-advertises the I/ 177 S-PMSI A-D route to the next segmentation region it MUST modify the 178 Controller EC to specify the new controller address. 180 When a PE/ABR/ASBR/RBR receives an I/S-PMSI A-D route with the 181 Controller EC, it MUST originate a corresponding Leaf A-D route. The 182 PTA from the I/S-PMSI A-D route is copied to the Leaf A-D route, and 183 an IP Address Specific Route Target to attached to the Leaf A-D 184 route. The Global Administrator field of the RT is set to the 185 address of the controller (as encoded in the received Controller EC), 186 and the Local Administrator field is set to 0. 188 Note that, the above is done even if the Leaf Information Required 189 (LIR) bit in the Flags field of the I/S-PMSI A-D route's PMSI Tunnel 190 Attribute (PTA) is not set. If the LIR bit in the Flags field of the 191 I/S-PMSI A-D route's PTA is set, then the above mentioned RTs are in 192 addition to the RT that the PE attaches according to the procedures 193 in [RFC6514], [RFC7524], or 194 [I-D.ietf-bess-evpn-bum-procedure-updates]. In other words, the Leaf 195 A-D route will have RTs for both the controllers and the upstream PE 196 or segmentation points in this case. 198 When a controller receives the advertisement and/or withdrawl of Leaf 199 A-D routes, it derives the set of leaves for the tunnel identified in 200 the PTA, calculate and set up the tree according to procedurs in 201 [I-D.ietf-bess-bgp-multicast-controller] or 202 [I-D.ietf-pim-sr-p2mp-policy]. The controller does not further 203 propagate the received advertisement and/or withdrawl, unless there 204 are other RTs attached. 206 3.3. Controller Originated I/S-PMSI Routes 208 When I/S-PMSI A-D routes are to be originated from the controllers, 209 it is expected that the controller, based on central planning, has 210 the knowledge of each VPN/BD's Route Target, each PE's RD for the 211 VPN/BD, and the Tunnel Type and Identifier for each I/S-PMSI. If the 212 tunnel aggregation is used, the controllers also allocate labels from 213 the DCB for the I/S-PMSIs. 215 The controller constructs the I/S-PMSI A-D route the same way as if 216 an ingress PE would be originating the routes. There are some 217 exceptions in case inter-AS/region segmentation is used, as specified 218 in Section 3.3.1. 220 Specifically, the controller uses the ingress PE's RD and RTs for the 221 VPN/BD, and use the ingress PE's address as "Originating Router's IP 222 Address" when constructing the I/S-PMSI A-D routes. The routes are 223 sent with the controller's address as next-hop initially, though the 224 next-hop may change as the routes propagates. 226 When the Ingress PE router receives the I/S-PMSI A-D routes, it sets 227 up corresponding forwarding state as if it originated the routes per 228 its local provisioning. Note that the next-hop address of the routes 229 will be different from the case where the ingress PE originates the 230 routes, but that does not matter. 232 3.3.1. Inter-AS/Region Segmentation 234 In case of segmentation, instead of using the Route Target for the 235 VPN/BD, the controller constructs an IP Address specific Route Target 236 with the Global Administrator Field set to the corresponding ingress 237 PE's address and the Local Administrator Field set to 0. This 238 targets the I/S-PMSI A-D routes to the Ingress PEs only. 240 The controller also sets the Originating Router's IP Address field of 241 the I/S-PMSI A-D route to its own address. 243 The receiving Ingress PE associate the I/S-PMSI A-D route to the 244 corresponding VRF/BD based on the RD of the received route. It then 245 re-originate a corresponding I/S-PMSI A-D route based on the received 246 I/S-PMSI A-D route from the controller by doing the following: 248 * Changing the Originating Router's IP address to its own 250 * Replacing the Route Target with the Route Target for the VPN/BD 252 3.4. Automatic DCB Label Allocation by Controllers 254 If it is desired for a PE to originate I/S-PMSI A-D routes on its own 255 but with DCB labels dynamically allcated by a controller, the PE 256 originates the I/S-PMSI A-D route with the Tunnel Type in the PTA set 257 to "no tunnel information present", the LIR bit in the PTA'S Flags 258 field set to 1, and attaches an IP Address Specific RT. The RT's 259 Global Administrator Field is set to the Controller's address and 260 Local Administrator field is set to 0. 262 When the controller receives the I/S-PMSI A-D route, it allocates a 263 DCB label and responds with a Leaf A-D route. The Label field of the 264 Leaf A-D route's PTA is set to the allocated DCB label. 266 When the PE receives the Leaf A-D route, it re-advertises the I/ 267 S-PMSI A-D route, with an additional RT for the corresponding VPN/BD. 268 The PTA's tunnel information is set as needed and the Label field is 269 set to the DCB label received in the Leaf A-D route. The LIR bit in 270 the Flags field of the PTA is set to 1 or 0 as needed. If it is set 271 to 0, the controller withdraws the Leaf A-D route but does not 272 release the allocated label. 274 When the PE withdraws the I/S-PMSI A-D route, the controller release 275 the DCB label and withdraws the corresponding Leaf A-D route if it 276 had not been withdrawn before. 278 4. Security Considerations 280 This document does not change security aspects as discussed in 281 [RFC4360], [6514], [7432], and 282 [I-D.ietf-bess-evpn-bum-procedure-updates]. 284 5. IANA Considerations 286 To be added. 288 6. Acknowledgements 290 7. References 292 7.1. Normative References 294 [I-D.ietf-bess-evpn-bum-procedure-updates] 295 Zhang, Z., Lin, W., Rabadan, J., Patel, K., and A. 296 Sajassi, "Updates on EVPN BUM Procedures", Work in 297 Progress, Internet-Draft, draft-ietf-bess-evpn-bum- 298 procedure-updates-11, 7 October 2021, 299 . 302 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 303 Requirement Levels", BCP 14, RFC 2119, 304 DOI 10.17487/RFC2119, March 1997, 305 . 307 [RFC6514] Aggarwal, R., Rosen, E., Morin, T., and Y. Rekhter, "BGP 308 Encodings and Procedures for Multicast in MPLS/BGP IP 309 VPNs", RFC 6514, DOI 10.17487/RFC6514, February 2012, 310 . 312 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 313 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 314 May 2017, . 316 7.2. Informative References 318 [I-D.ietf-bess-bgp-multicast-controller] 319 Zhang, Z., Raszuk, R., Pacella, D., and A. Gulko, 320 "Controller Based BGP Multicast Signaling", Work in 321 Progress, Internet-Draft, draft-ietf-bess-bgp-multicast- 322 controller-07, 12 July 2021, 323 . 326 [I-D.ietf-bess-mvpn-evpn-aggregation-label] 327 Zhang, Z., Rosen, E., Lin, W., Li, Z., and I. Wijnands, 328 "MVPN/EVPN Tunnel Aggregation with Common Labels", Work in 329 Progress, Internet-Draft, draft-ietf-bess-mvpn-evpn- 330 aggregation-label-06, 19 April 2021, 331 . 334 [I-D.ietf-bess-mvpn-evpn-sr-p2mp] 335 Parekh, R., Filsfils, C., Venkateswaran, A., Bidgoli, H., 336 Voyer, D., and Z. Zhang, "Multicast and Ethernet VPN with 337 Segment Routing P2MP", Work in Progress, Internet-Draft, 338 draft-ietf-bess-mvpn-evpn-sr-p2mp-04, 19 October 2021, 339 . 342 [I-D.ietf-pim-sr-p2mp-policy] 343 (editor), D. V., Filsfils, C., Parekh, R., Bidgoli, H., 344 and Z. Zhang, "Segment Routing Point-to-Multipoint 345 Policy", Work in Progress, Internet-Draft, draft-ietf-pim- 346 sr-p2mp-policy-03, 23 August 2021, 347 . 350 [RFC7524] Rekhter, Y., Rosen, E., Aggarwal, R., Morin, T., 351 Grosclaude, I., Leymann, N., and S. Saad, "Inter-Area 352 Point-to-Multipoint (P2MP) Segmented Label Switched Paths 353 (LSPs)", RFC 7524, DOI 10.17487/RFC7524, May 2015, 354 . 356 Authors' Addresses 358 Zhaohui Zhang 359 Juniper Networks 361 Email: zzhang@juniper.net 363 Rishabh Parekh 364 Cisco Systems 366 Email: riparekh@cisco.com 368 Zheng Zhang 369 ZTE 371 Email: zhang.zheng@zte.com.cn 373 Hooman Bidgoli 374 Nokia 376 Email: hooman.bidgoli@nokia.com