PCE Working Group S. Sidor Internet-Draft Cisco Systems, Inc. Intended status: Standards Track P. Maheshwari Expires: 9 May 2025 Airtel India A. Stone Nokia L. Jalil Verizon S. Peng Huawei Technologies 5 November 2024 Path Computation Element Communication Protocol (PCEP) extensions for Circuit Style Policies draft-ietf-pce-circuit-style-pcep-extensions-07 Abstract Segment Routing (SR) enables a node to steer packet flows along a specified path without the need for intermediate per-path states, due to the utilization of source routing. An SR Policy comprises a sequence of segments, which are essentially instructions that define a source-routed policy This document proposes a set of extensions to the Path Computation Element Communication Protocol (PCEP) for Segment Routing Policies that are designed to satisfy requirements for connection-oriented transport services (Circuit-Style SR policies). They include the ability to control path recomputation and the option to request path with strict hops only and are also applicable for generic SR policy use cases where controlling path recomputation or distinct hop requirements are applicable. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." Sidor, et al. Expires 9 May 2025 [Page 1] Internet-Draft PCEP extensions for CS Policies November 2024 This Internet-Draft will expire on 9 May 2025. Copyright Notice Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 3. Overview of Extensions to PCEP . . . . . . . . . . . . . . . 4 3.1. New flags in STATEFUL-PCE-CAPABILITY TLV . . . . . . . . 4 3.2. New flag in the LSP-EXTENDED-FLAG TLV . . . . . . . . . . 4 3.3. PATH-RECOMPUTATION TLV . . . . . . . . . . . . . . . . . 5 4. Operation . . . . . . . . . . . . . . . . . . . . . . . . . . 5 4.1. Strict Path Enforcement . . . . . . . . . . . . . . . . . 6 4.2. Path Recomputation . . . . . . . . . . . . . . . . . . . 6 5. Manageability Considerations . . . . . . . . . . . . . . . . 7 5.1. Control of Function and Policy . . . . . . . . . . . . . 7 5.2. Information and Data Models . . . . . . . . . . . . . . . 7 5.3. Liveness Detection and Monitoring . . . . . . . . . . . . 8 5.4. Verify Correct Operations . . . . . . . . . . . . . . . . 8 5.5. Requirements On Other Protocols . . . . . . . . . . . . . 8 5.6. Impact On Network Operations . . . . . . . . . . . . . . 8 6. Implementation Status . . . . . . . . . . . . . . . . . . . . 8 6.1. Cisco . . . . . . . . . . . . . . . . . . . . . . . . . . 9 7. Security Considerations . . . . . . . . . . . . . . . . . . . 9 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 8.1. STATEFUL-PCE-CAPABILITY . . . . . . . . . . . . . . . . . 9 8.2. LSP-EXTENDED-FLAG TLV . . . . . . . . . . . . . . . . . . 10 8.3. PATH-RECOMPUTATION TLV . . . . . . . . . . . . . . . . . 10 8.4. PATH-RECOMPUTATION TLV Flag Field . . . . . . . . . . . . 10 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 9.1. Normative References . . . . . . . . . . . . . . . . . . 11 9.2. Informative References . . . . . . . . . . . . . . . . . 12 Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . 13 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 14 Sidor, et al. Expires 9 May 2025 [Page 2] Internet-Draft PCEP extensions for CS Policies November 2024 1. Introduction Segment Routing (SR) leverages the source routing paradigm, where the sender of a packet can define the path that the packet takes through the network. This is achieved by encoding the path information as a sequence of segments within the packet header. SR can be applied to both MPLS and IPv6 data planes, providing a flexible and scalable method for traffic engineering. The Path Computation Element (PCE) is a network component, application, or node that is capable of computing a network path or route based on a network graph and applying computational constraints. The PCE Communication Protocol (PCEP) enables communication between a PCE and Path Computation Clients (PCCs), facilitating the computation of optimal paths for traffic flows. [RFC8664] introduces the concept of Segment Routing Policy (SR Policy), which is a set of candidate paths that can be used to steer traffic through a network. Each candidate path is represented by a list of segments, and the path can be dynamically adjusted based on network conditions and requirements. In connection-oriented transport services, such as those defined in [I-D.ietf-spring-cs-sr-policy], there is a need for path persistency and per-hop behavior for PCE-computed paths. This ensures that the paths remain stable and predictable, which is crucial for services that require high reliability and performance guarantees. To support the requirements of connection-oriented transport services, this document specifies extensions to PCEP that enable the use of Circuit Style Policies. These extensions allow for the request of strict paths from the PCE, the encoding of information to disable path recomputation for specific paths, and the clarification of the usage of existing flags within PCEP messages. The PCEP extensions described in this document are designed to be compatible with any Path Setup Type and are not limited to Circuit Style SR policies, ensuring broad applicability across different network environments and use cases. 1.1. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. Sidor, et al. Expires 9 May 2025 [Page 3] Internet-Draft PCEP extensions for CS Policies November 2024 2. Terminology The following terminologies are used in this document: ERO: Explicit Route Object IGP: Interior Gateway Protocol LSP: Label Switched Path. LSPA: Label Switched Path Attributes. OTN: Optical Transport Network. PCC: Path Computation Client PCE: Path Computation Element PCEP: Path Computation Element Protocol. SID: Segment Identifier SR: Segment Routing. SR-TE: Segment Routing Traffic Engineering. 3. Overview of Extensions to PCEP 3.1. New flags in STATEFUL-PCE-CAPABILITY TLV The STATEFUL-PCE-CAPABILITY TLV is an optional TLV introduced in [RFC8231] in the OPEN object for stateful PCEP peer capability advertisement. This document defines the following new flags in that TLV: * STRICT-PATH-CAPABILITY - 1 bit (Bit Position 18) - If set to 1, it indicates support for Strict-Path flag in LSP-EXTENDED-FLAG TLV. See Section 4.1 for details. * PATH-RECOMPUTATION-CAPABILITY - 1 bit (Bit Position 19) - If set to 1, it indicates support for PATH-RECOMPUTATION TLV. See Section 4.2 for details. 3.2. New flag in the LSP-EXTENDED-FLAG TLV O-flag is proposed in the LSP-EXTENDED-FLAG TLV, which was introduced in 3.1 of [RFC9357]. Sidor, et al. Expires 9 May 2025 [Page 4] Internet-Draft PCEP extensions for CS Policies November 2024 O (Strict-Path) - 1 bit (Bit Position 4): If set to 1, this indicates to the PCE that a path exclusively made of strict hops is required. Strict hop definition is described in Section 4.1 3.3. PATH-RECOMPUTATION TLV This document defines new TLV for the LSPA Object for encoding information whether path recomputation is allowed for delegated LSP. The TLV is optional. If the TLV is included in LSPA object, the PCE MUST NOT recompute path in cases specified by flags in the TLV. Only the first instance of this TLV MUST be processed, subsequent instances MUST be ignored. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type = 72 | Length = 4 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Reserved | Flags |P|F| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Type: the value is 72 Length: 4 octets Reserved: MUST be set to zero by the sender and MUST be ignored by the receiver. Flags: This document defines the following flag bits. The other bits MUST be set to zero by the sender and MUST be ignored by the receiver. * P (Permanent): If set to 1, the PCE MUST NOT recompute path even if current path is not satisfying path computation constraints. If this flag is cleared, then the PCE SHOULD recompute path if original path is invalidated. * F (Force): If set to 1, the PCE MUST NOT update path (exceptions description in Section 4.2). If flag is cleared, the PCE MAY update path based on explicit request from operator. 4. Operation Sidor, et al. Expires 9 May 2025 [Page 5] Internet-Draft PCEP extensions for CS Policies November 2024 4.1. Strict Path Enforcement PCC MAY set the O flag in LSP-EXTENDED-FLAG TLV in PCRpt message sent to the PCE to indicate that a path exclusively made of strict hops is required. It MUST NOT be set to 1 if one or both PCEP speakers have not set STRICT-PATH-CAPABILITY to 1 in STATEFUL-PCE-CAPABILITY TLV. If PCEP peer received LSP-EXTENDED-FLAG TLV with O flag set, but it does not support that flag, it MUST send PCErr with Error-Type = 2 (Capability not supported). O flag cleared or LSP-EXTENDED-FLAG TLV not included indicates that a loose path is acceptable. In PCUpd or PCInitiate messages, PCE MAY set O bit if strict path is provided. The flag is applicable only for stateful messages. Existing O flag in RP object MAY be used to indicate similar behavior in PCReq and PCRep messages as described in as described in Section 7.4.1 of [RFC5440]. If O flag is set to 1 for both stateful and stateless messages for SR paths introduced in [RFC8664], PCE MUST use only SIDs that explicitly specify adjacencies for packet forwarding. For example Adjacency SIDs MAY be used, but Prefix SIDs MUST NOT be used (even if there is only one adjacency). 4.2. Path Recomputation PCC MAY set flags in PATH-RECOMPUTATION TLV to control path computation behavior on PCE side. If TLV is not included, then the PCE MAY use local policy to trigger path-computation or LSP path update. If a PCEP speaker does not recognize the PATH-RECOMPUTATION TLV, it MUST ignore the TLV based on Section 7.1 of [RFC5440]. If a PCEP speaker recognizes the TLV but does not support the TLV, it MUST send PCErr with Error-Type = 2 (Capability not supported). The presence of the TLV is blocking path recomputation based on various triggers like topology update, any periodic update or changed state of other LSPs in the network. LSP path MAY be modified if forwarded packets will still use same path - for example if same path can be encoded using Adjacency, Binding, Prefix or other SIDs, then PCE MAY switch between various representations of same path. Sidor, et al. Expires 9 May 2025 [Page 6] Internet-Draft PCEP extensions for CS Policies November 2024 If P flag is cleared, the PCE MAY recompute if current path is not considered valid, for example after topology update resulting in path not satisfying LSP's path constraints, but it MUST NOT recompute path if current path is not optimal. If P flag is set, the PCE MUST NOT recompute path during LSP lifetime even if path is invalidated. Only exception is explicit request from operator to recompute path If F flag is cleared, path update triggered manually by operator or any northbound interface of PCE MAY be done. If flag is set then PCE can update path only to tear down LSP by sending PCUpd message with empty ERO ERO or to bring it up again with path, which was used before LSP was tore down. TLV MAY be included in PCInitiate and PCUpd messages to indicate, which triggers will be disabled on the PCE. PCC should reflect flag values in PCRpt messages to forward requirement to other PCEs in the network. 5. Manageability Considerations All manageability requirements and considerations listed in [RFC5440], [RFC8231] and [RFC8281] apply to PCEP protocol extensions defined in this document. In addition, requirements and considerations listed in this section apply. 5.1. Control of Function and Policy A PCE or PCC implementation MAY allow the capability of supporting PCEP extensions introduced in this document to be enabled/disabled as part of the global configuration. 5.2. Information and Data Models An implementation SHOULD allow the operator to view the PCEP peer capability defined in this document. Section 4.1 and 4.1.1 of [I-D.ietf-pce-pcep-yang] should be extended to include that capability for PCEP peer. Section 4.2 of [I-D.ietf-pce-pcep-yang] module should be extended to add notification for blocked recomputation satisfying specified constraints if recomputation is blocked using PATH-RECOMPUTATION TLV. Sidor, et al. Expires 9 May 2025 [Page 7] Internet-Draft PCEP extensions for CS Policies November 2024 5.3. Liveness Detection and Monitoring Circuit-Style Policy draft [I-D.ietf-spring-cs-sr-policy] is already describing connectivity verification and path validity considerations for Circuit Style Policies. 5.4. Verify Correct Operations A PCE implementation SHOULD notify operator in case blocked recomputation for LSP, which is no longer satisfying specified constraints and it SHOULD allow the operator to view LSPs on PCE, which are not satisfying specified constraints. 5.5. Requirements On Other Protocols The PCEP extensions defined in this document do not imply any new requirements on other protocols. Overall concept of Circuit Style policies requires interaction with other protocols, but those requirements are already described in [I-D.ietf-spring-cs-sr-policy]. 5.6. Impact On Network Operations The mechanisms defined in [RFC5440], [RFC8231], and [RFC8281] also apply to the PCEP extensions defined in this document. 6. Implementation Status [Note to the RFC Editor - remove this section before publication, as well as remove the reference to RFC 7942.] This section records the status of known implementations of the protocol defined by this specification at the time of posting of this Internet-Draft, and is based on a proposal described in [RFC7942]. The description of implementations in this section is intended to assist the IETF in its decision processes in progressing drafts to RFCs. Please note that the listing of any individual implementation here does not imply endorsement by the IETF. Furthermore, no effort has been spent to verify the information presented here that was supplied by IETF contributors. This is not intended as, and must not be construed to be, a catalog of available implementations or their features. Readers are advised to note that other implementations may exist. Sidor, et al. Expires 9 May 2025 [Page 8] Internet-Draft PCEP extensions for CS Policies November 2024 According to [RFC7942], "this will allow reviewers and working groups to assign due consideration to documents that have the benefit of running code, which may serve as evidence of valuable experimentation and feedback that have made the implemented protocols more mature. It is up to the individual working groups to use this information as they see fit". 6.1. Cisco * Organization: Cisco Systems * Implementation: IOS-XR PCC and PCE. * Description: PCEP extensions supported using VENDOR-INFORMATION Object. * Maturity Level: Production. * Coverage: Partial. * Contact: ssidor@cisco.com 7. Security Considerations The security considerations described in [RFC5440], [RFC8231], [RFC8253],[RFC8281] and [RFC8664] in itself. Note that this specification introduces possibility to block path recomputation after various topology events. This creates an additional vulnerability if the security mechanisms of [RFC5440], [RFC8231], and [RFC8281] are not used. If there is no integrity protection on the session, then an attacker could block path updates from PCE potentially resulting in traffic drop. As per [RFC8231] it is RECOMMENDED that these PCEP extensions only be activated on authenticated and encrypted sessions across PCEs and PCCs using Transport Layer Security (TLS) [RFC8253], as per the recommendations and best current practices in RFC 9325 [BCP195] (unless explicitly set aside in [RFC8253]). 8. IANA Considerations 8.1. STATEFUL-PCE-CAPABILITY [RFC8231] defines the STATEFUL-PCE-CAPABILITY. IANA is requested to make the following assignment from the "STATEFUL-PCE-CAPABILITY TLV Flag Field" registry: Sidor, et al. Expires 9 May 2025 [Page 9] Internet-Draft PCEP extensions for CS Policies November 2024 +=====+===============================+===============+ | Bit | Description | Reference | +=====+===============================+===============+ | 18 | STRICT-PATH-CAPABILITY | This document | +-----+-------------------------------+---------------+ | 19 | PATH-RECOMPUTATION-CAPABILITY | This document | +-----+-------------------------------+---------------+ Table 1 8.2. LSP-EXTENDED-FLAG TLV [RFC9357] defines the LSP-EXTENDED-FLAG TLV. IANA is requested to make the following assignment from the "LSP-EXTENDED-FLAG TLV Flag Field" registry: +=====+======================+===============+ | Bit | Description | Reference | +=====+======================+===============+ | 4 | Strict-Path Flag (O) | This document | +-----+----------------------+---------------+ Table 2 8.3. PATH-RECOMPUTATION TLV IANA is requested to make the assignment of a new value for the existing "PCEP TLV Type Indicators" registry as follows: +==========+========================+===============+ | TLV Type | TLV Name | Reference | +==========+========================+===============+ | 72 | PATH-RECOMPUTATION TLV | This document | +----------+------------------------+---------------+ Table 3 8.4. PATH-RECOMPUTATION TLV Flag Field IANA has created a new registry named "PATH-RECOMPUTATION TLV Flag Field" within the "Path Computation Element Protocol (PCEP) Numbers" registry group. New values are to be assigned by "IETF Review" [RFC8126]. Each bit should be tracked with the following qualities: * Bit number (count from 0 as the most significant bit) * Description Sidor, et al. Expires 9 May 2025 [Page 10] Internet-Draft PCEP extensions for CS Policies November 2024 * Reference The registry contains the following codepoints, with initial values, to be assigned by IANA with the reference set to this document: +======+=============+===============+ | Bit | Description | Reference | +======+=============+===============+ | 0-13 | Unassigned | | +------+-------------+---------------+ | 14 | Permanent | This document | +------+-------------+---------------+ | 15 | Force | This document | +------+-------------+---------------+ Table 4 9. References 9.1. Normative References [BCP195] Best Current Practice 195, . At the time of writing, this BCP comprises the following: Moriarty, K. and S. Farrell, "Deprecating TLS 1.0 and TLS 1.1", BCP 195, RFC 8996, DOI 10.17487/RFC8996, March 2021, . Sheffer, Y., Saint-Andre, P., and T. Fossati, "Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)", BCP 195, RFC 9325, DOI 10.17487/RFC9325, November 2022, . [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC5440] Vasseur, JP., Ed. and JL. Le Roux, Ed., "Path Computation Element (PCE) Communication Protocol (PCEP)", RFC 5440, DOI 10.17487/RFC5440, March 2009, . Sidor, et al. Expires 9 May 2025 [Page 11] Internet-Draft PCEP extensions for CS Policies November 2024 [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 8126, DOI 10.17487/RFC8126, June 2017, . [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, . [RFC8231] Crabbe, E., Minei, I., Medved, J., and R. Varga, "Path Computation Element Communication Protocol (PCEP) Extensions for Stateful PCE", RFC 8231, DOI 10.17487/RFC8231, September 2017, . [RFC8281] Crabbe, E., Minei, I., Sivabalan, S., and R. Varga, "Path Computation Element Communication Protocol (PCEP) Extensions for PCE-Initiated LSP Setup in a Stateful PCE Model", RFC 8281, DOI 10.17487/RFC8281, December 2017, . [RFC8664] Sivabalan, S., Filsfils, C., Tantsura, J., Henderickx, W., and J. Hardwick, "Path Computation Element Communication Protocol (PCEP) Extensions for Segment Routing", RFC 8664, DOI 10.17487/RFC8664, December 2019, . [RFC9357] Xiong, Q., "Label Switched Path (LSP) Object Flag Extension for Stateful PCE", RFC 9357, DOI 10.17487/RFC9357, February 2023, . 9.2. Informative References [I-D.ietf-pce-pcep-yang] Dhody, D., Beeram, V. P., Hardwick, J., and J. Tantsura, "A YANG Data Model for Path Computation Element Communications Protocol (PCEP)", Work in Progress, Internet-Draft, draft-ietf-pce-pcep-yang-26, 19 October 2024, . Sidor, et al. Expires 9 May 2025 [Page 12] Internet-Draft PCEP extensions for CS Policies November 2024 [I-D.ietf-spring-cs-sr-policy] Schmutzer, C., Ali, Z., Maheshwari, P., Rokui, R., and A. Stone, "Circuit Style Segment Routing Policies", Work in Progress, Internet-Draft, draft-ietf-spring-cs-sr-policy- 03, 18 October 2024, . [RFC7942] Sheffer, Y. and A. Farrel, "Improving Awareness of Running Code: The Implementation Status Section", BCP 205, RFC 7942, DOI 10.17487/RFC7942, July 2016, . [RFC8253] Lopez, D., Gonzalez de Dios, O., Wu, Q., and D. Dhody, "PCEPS: Usage of TLS to Provide a Secure Transport for the Path Computation Element Communication Protocol (PCEP)", RFC 8253, DOI 10.17487/RFC8253, October 2017, . Contributors Daniel Voyer Bell Canada Email: daniel.voyer@bell.ca Reza Rokui Ciena Email: rrokui@ciena.com Tarek Saad Cisco Systems, Inc. Email: tsaad.net@gmail.com Zafar Ali Cisco Systems, Inc. Email: zali@cisco.com Ran Chen ZTE Corporation Email: chen.ran@zte.com.cn Quan Xiong ZTE Corporation Sidor, et al. Expires 9 May 2025 [Page 13] Internet-Draft PCEP extensions for CS Policies November 2024 Email: xiong.quan@zte.com.cn Dhruv Dhody Huawei Email: dhruv.ietf@gmail.com Christian Schmutzer Cisco Systems, Inc. Email: cschmutz@cisco.com Authors' Addresses Samuel Sidor Cisco Systems, Inc. Eurovea Central 3. 811 09 Bratislava Slovakia Email: ssidor@cisco.com Praveen Maheshwari Airtel India Email: Praveen.Maheshwari@airtel.com Andrew Stone Nokia Email: andrew.stone@nokia.com Luay Jalil Verizon Email: luay.jalil@verizon.com Shuping Peng Huawei Technologies Email: pengshuping@huawei.com Sidor, et al. Expires 9 May 2025 [Page 14]