rfc9168.original   rfc9168.txt 
Network Working Group D. Dhody Internet Engineering Task Force (IETF) D. Dhody
Internet-Draft Huawei Technologies Request for Comments: 9168 Huawei Technologies
Intended status: Standards Track A. Farrel Category: Standards Track A. Farrel
Expires: May 3, 2021 Old Dog Consulting ISSN: 2070-1721 Old Dog Consulting
Z. Li Z. Li
Huawei Technologies Huawei Technologies
October 30, 2020 January 2022
PCEP Extension for Flow Specification Path Computation Element Communication Protocol (PCEP) Extension for
draft-ietf-pce-pcep-flowspec-12 Flow Specification
Abstract Abstract
The Path Computation Element (PCE) is a functional component capable The Path Computation Element (PCE) is a functional component capable
of selecting paths through a traffic engineering network. These of selecting paths through a traffic engineering (TE) network. These
paths may be supplied in response to requests for computation, or may paths may be supplied in response to requests for computation or may
be unsolicited requests issued by the PCE to network elements. Both be unsolicited requests issued by the PCE to network elements. Both
approaches use the PCE Communication Protocol (PCEP) to convey the approaches use the PCE Communication Protocol (PCEP) to convey the
details of the computed path. details of the computed path.
Traffic flows may be categorized and described using "Flow Traffic flows may be categorized and described using "Flow
Specifications". RFC XXXX defines the Flow Specification and Specifications". RFC 8955 defines the Flow Specification and
describes how Flow Specification Components are used to describe describes how Flow Specification components are used to describe
traffic flows. RFC XXXX also defines how Flow Specifications may be traffic flows. RFC 8955 also defines how Flow Specifications may be
distributed in BGP to allow specific traffic flows to be associated distributed in BGP to allow specific traffic flows to be associated
with routes. with routes.
This document specifies a set of extensions to PCEP to support This document specifies a set of extensions to PCEP to support
dissemination of Flow Specifications. This allows a PCE to indicate dissemination of Flow Specifications. This allows a PCE to indicate
what traffic should be placed on each path that it is aware of. what traffic should be placed on each path that it is aware of.
The extensions defined in this document include the creation, update, The extensions defined in this document include the creation, update,
and withdrawal of Flow Specifications via PCEP, and can be applied to and withdrawal of Flow Specifications via PCEP and can be applied to
tunnels initiated by the PCE or to tunnels where control is delegated tunnels initiated by the PCE or to tunnels where control is delegated
to the PCE by the PCC. Furthermore, a PCC requesting a new path can to the PCE by the Path Computation Client (PCC). Furthermore, a PCC
include Flow Specifications in the request to indicate the purpose of requesting a new path can include Flow Specifications in the request
the tunnel allowing the PCE to factor this into the path computation. to indicate the purpose of the tunnel allowing the PCE to factor this
into the path computation.
RFC Editor Note: Please replace XXXX in the Abstract with the RFC
number assigned to draft-ietf-idr-rfc5575bis when it is published.
Please remove this note.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This is an Internet Standards Track document.
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months This document is a product of the Internet Engineering Task Force
and may be updated, replaced, or obsoleted by other documents at any (IETF). It represents the consensus of the IETF community. It has
time. It is inappropriate to use Internet-Drafts as reference received public review and has been approved for publication by the
material or to cite them other than as "work in progress." Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 7841.
This Internet-Draft will expire on May 3, 2021. Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
https://www.rfc-editor.org/info/rfc9168.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2022 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Revised BSD License text as described in Section 4.e of the
the Trust Legal Provisions and are provided without warranty as Trust Legal Provisions and are provided without warranty as described
described in the Simplified BSD License. in the Revised BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 2. Terminology
3. Procedures for PCE Use of Flow Specifications . . . . . . . . 6 3. Procedures for PCE Use of Flow Specifications
3.1. Context for PCE Use of Flow Specifications . . . . . . . 6 3.1. Context for PCE Use of Flow Specifications
3.2. Elements of Procedure . . . . . . . . . . . . . . . . . . 7 3.2. Elements of the Procedure
3.2.1. Capability Advertisement . . . . . . . . . . . . . . 7 3.2.1. Capability Advertisement
3.2.2. Dissemination Procedures . . . . . . . . . . . . . . 8 3.2.1.1. PCEP Open Message
3.2.3. Flow Specification Synchronization . . . . . . . . . 9 3.2.1.2. IGP PCE Capabilities Advertisement
4. PCE FlowSpec Capability TLV . . . . . . . . . . . . . . . . . 10 3.2.2. Dissemination Procedures
5. PCEP FLOWSPEC Object . . . . . . . . . . . . . . . . . . . . 10 3.2.3. Flow Specification Synchronization
6. Flow Filter TLV and L2 Flow Filter TLV . . . . . . . . . . . 13 4. PCE FlowSpec Capability TLV
7. Flow Specification TLVs . . . . . . . . . . . . . . . . . . . 13 5. PCEP FLOWSPEC Object
7.1. L2 Flow Specification TLVs . . . . . . . . . . . . . . . 17 6. Flow Filter TLV
8. Detailed Procedures . . . . . . . . . . . . . . . . . . . . . 18 7. Flow Specification TLVs
8.1. Default Behavior and Backward Compatibility . . . . . . . 18 8. Detailed Procedures
8.2. Composite Flow Specifications . . . . . . . . . . . . . . 19 8.1. Default Behavior and Backward Compatibility
8.3. Modifying Flow Specifications . . . . . . . . . . . . . . 19 8.2. Composite Flow Specifications
8.4. Multiple Flow Specifications . . . . . . . . . . . . . . 19 8.3. Modifying Flow Specifications
8.5. Adding and Removing Flow Specifications . . . . . . . . . 20 8.4. Multiple Flow Specifications
8.6. VPN Identifiers . . . . . . . . . . . . . . . . . . . . . 20 8.5. Adding and Removing Flow Specifications
8.7. Priorities and Overlapping Flow Specifications . . . . . 20 8.6. VPN Identifiers
9. PCEP Messages . . . . . . . . . . . . . . . . . . . . . . . . 21 8.7. Priorities and Overlapping Flow Specifications
10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 24 9. PCEP Messages
10.1. PCEP Objects . . . . . . . . . . . . . . . . . . . . . . 24 10. IANA Considerations
10.1.1. PCEP FLOWSPEC Object Flag Field . . . . . . . . . . 24 10.1. PCEP Objects
10.2. PCEP TLV Type Indicators . . . . . . . . . . . . . . . . 25 10.1.1. PCEP FLOWSPEC Object Flag Field
10.3. Flow Specification TLV Type Indicators . . . . . . . . . 25 10.2. PCEP TLV Type Indicators
10.4. L2 Flow Specification TLV Type Indicators . . . . . . . 26 10.3. Flow Specification TLV Type Indicators
10.5. PCEP Error Codes . . . . . . . . . . . . . . . . . . . . 27 10.4. PCEP Error Codes
10.6. PCE Capability Flag . . . . . . . . . . . . . . . . . . 27 10.5. PCE Capability Flag
11. Implementation Status . . . . . . . . . . . . . . . . . . . . 27 11. Security Considerations
12. Security Considerations . . . . . . . . . . . . . . . . . . . 28 12. Manageability Considerations
13. Manageability Considerations . . . . . . . . . . . . . . . . 29 12.1. Management of Multiple Flow Specifications
13.1. Management of Multiple Flow Specifications . . . . . . . 29 12.2. Control of Function through Configuration and Policy
13.2. Control of Function through Configuration and Policy . . 30 12.3. Information and Data Models
13.3. Information and Data Models . . . . . . . . . . . . . . 30 12.4. Liveness Detection and Monitoring
13.4. Liveness Detection and Monitoring . . . . . . . . . . . 31 12.5. Verifying Correct Operation
13.5. Verifying Correct Operation . . . . . . . . . . . . . . 31 12.6. Requirements for Other Protocols and Functional Components
13.6. Requirements on Other Protocols and Functional 12.7. Impact on Network Operation
Components . . . . . . . . . . . . . . . . . . . . . . . 31 13. References
13.7. Impact on Network Operation . . . . . . . . . . . . . . 31 13.1. Normative References
14. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 31 13.2. Informative References
15. References . . . . . . . . . . . . . . . . . . . . . . . . . 31 Acknowledgements
15.1. Normative References . . . . . . . . . . . . . . . . . . 32 Contributors
15.2. Informative References . . . . . . . . . . . . . . . . . 33 Authors' Addresses
Appendix A. Contributors . . . . . . . . . . . . . . . . . . . . 35
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 36
1. Introduction 1. Introduction
[RFC4655] defines the Path Computation Element (PCE), a functional [RFC4655] defines the Path Computation Element (PCE), a functional
component capable of computing paths for use in traffic engineering component capable of computing paths for use in traffic engineering
networks. PCE was originally conceived for use in Multiprotocol networks. PCE was originally conceived for use in Multiprotocol
Label Switching (MPLS) for Traffic Engineering (TE) networks to Label Switching (MPLS) for traffic engineering (TE) networks to
derive the routes of Label Switched Paths (LSPs). However, the scope derive the routes of Label Switched Paths (LSPs). However, the scope
of PCE was quickly extended to make it applicable to Generalized MPLS of PCE was quickly extended to make it applicable to networks
(GMPLS)-controlled networks, and more recent work has brought other controlled by Generalized MPLS (GMPLS), and more recent work has
traffic engineering technologies and planning applications into scope brought other traffic engineering technologies and planning
(for example, Segment Routing (SR) [RFC8664]). applications into scope (for example, Segment Routing (SR)
[RFC8664]).
[RFC5440] describes the Path Computation Element Communication [RFC5440] describes the PCE Communication Protocol (PCEP). PCEP
Protocol (PCEP). PCEP defines the communication between a Path defines the communication between a Path Computation Client (PCC) and
Computation Client (PCC) and a PCE, or between PCE and PCE, enabling a PCE, or between PCE and PCE, enabling computation of the path for
computation of path for MPLS-TE LSPs. MPLS-TE LSPs.
Stateful PCE [RFC8231] specifies a set of extensions to PCEP to Stateful PCE [RFC8231] specifies a set of extensions to PCEP to
enable control of TE-LSPs by a PCE that retains state about the LSPs enable control of TE-LSPs by a PCE that retains state about the LSPs
provisioned in the network (a stateful PCE). [RFC8281] describes the provisioned in the network (a stateful PCE). [RFC8281] describes the
setup, maintenance, and teardown of LSPs initiated by a stateful PCE setup, maintenance, and teardown of LSPs initiated by a stateful PCE
without the need for local configuration on the PCC, thus allowing without the need for local configuration on the PCC, thus allowing
for a dynamic network that is centrally controlled. [RFC8283] for a dynamic network that is centrally controlled. [RFC8283]
introduces the architecture for PCE as a central controller and introduces the architecture for PCE as a central controller and
describes how PCE can be viewed as a component that performs describes how PCE can be viewed as a component that performs
computation to place 'flows' within the network and decide how these computation to place "flows" within the network and decide how these
flows are routed. flows are routed.
The description of traffic flows by the combination of multiple Flow The description of traffic flows by the combination of multiple Flow
Specification Components and their dissemination as traffic flow Specification components and their dissemination as traffic flow
specifications (Flow Specifications) is described for BGP in specifications (Flow Specifications) is described for BGP in
[I-D.ietf-idr-rfc5575bis]. In BGP, a Flow Specification is comprised [RFC8955]. In BGP, a Flow Specification is comprised of traffic
of traffic filtering rules and is associated with actions to perform filtering rules and is associated with actions to perform on the
on the packets that match the Flow Specification. The BGP routers packets that match the Flow Specification. The BGP routers that
that receive a Flow Specification can classify received packets receive a Flow Specification can classify received packets according
according to the traffic filtering rules and can direct packets based to the traffic filtering rules and can direct packets based on the
on the associated actions. associated actions.
When a PCE is used to initiate tunnels (such as TE-LSPs or SR paths) When a PCE is used to initiate tunnels (such as TE-LSPs or SR paths)
using PCEP, it is important that the head end of the tunnels using PCEP, it is important that the head end of the tunnels
understands what traffic to place on each tunnel. The data flows understands what traffic to place on each tunnel. The data flows
intended for a tunnel can be described using Flow Specification intended for a tunnel can be described using Flow Specification
Components. When PCEP is in use for tunnel initiation it makes sense components. When PCEP is in use for tunnel initiation, it makes
for that same protocol to be used to distribute the Flow sense for that same protocol to be used to distribute the Flow
Specification Components that describe what data is to flow on those Specification components that describe what data is to flow on those
tunnels. tunnels.
This document specifies a set of extensions to PCEP to support This document specifies a set of extensions to PCEP to support
dissemination of Flow Specification Components. We term the dissemination of Flow Specification components. We term the
description of a traffic flow using Flow Specification Components as description of a traffic flow using Flow Specification components as
a "Flow Specification". This term is conceptually the same as the a "Flow Specification". This term is conceptually the same as the
term used in [I-D.ietf-idr-rfc5575bis], however, no mechanism is term used in [RFC8955]; however, no mechanism is provided to
provided to distribute an action associated with the Flow distribute an action associated with the Flow Specification because
Specification because there is only one action that is applicable in there is only one action that is applicable in the PCEP context (that
the PCEP context (that is, directing the matching traffic to the is, directing the matching traffic to the identified LSP).
identified LSP).
The extensions defined in this document include the creation, update, The extensions defined in this document include the creation, update,
and withdrawal of Flow Specifications via PCEP, and can be applied to and withdrawal of Flow Specifications via PCEP and can be applied to
tunnels initiated by the PCE or to tunnels where control is delegated tunnels initiated by the PCE or to tunnels where control is delegated
to the PCE by the PCC. Furthermore, a PCC requesting a new path can to the PCE by the PCC. Furthermore, a PCC requesting a new path can
include Flow Specifications in the request to indicate the purpose of include Flow Specifications in the request to indicate the purpose of
the tunnel allowing the PCE to factor this into the path computation. the tunnel allowing the PCE to factor this into the path computation.
Flow Specifications are carried in TLVs within a new object called Flow Specifications are carried in TLVs within a new object called
the FLOWSPEC object defined in this document. The flow filtering the FLOWSPEC object defined in this document. The flow filtering
rules indicated by the Flow Specifications are mainly defined by BGP rules indicated by the Flow Specifications are mainly defined by BGP
Flow Specifications. Flow Specifications.
Note that PCEP-installed Flow Specifications are intended to be Note that PCEP-installed Flow Specifications are intended to be
installed only at the head-end of the LSP to which they direct installed only at the head end of the LSP to which they direct
traffic. It is acceptable (and potentially desirable) that other traffic. It is acceptable (and potentially desirable) that other
routers in the network have Flow Specifications installed that match routers in the network have Flow Specifications installed that match
the same traffic, but direct it onto different routes or to different the same traffic but direct it onto different routes or to different
LSPs. Those other Flow Specifications may be installed using the LSPs. Those other Flow Specifications may be installed using the
PCEP extensions defined in this document, may be distributed using PCEP extensions defined in this document, distributed using BGP per
BGP per [I-D.ietf-idr-rfc5575bis], or may be configured using manual [RFC8955], or configured using manual operations. Since this
operations. Since this document is about PCEP-installed Flow document is about PCEP-installed Flow Specifications, those other
Specifications, those other Flow Specifications at other routers are Flow Specifications at other routers are out of scope. In this
out of scope. In this context, however, it is worth noting that context, however, it is worth noting that changes to the wider
changes to the wider routing system (such as the distribution and routing system (such as the distribution and installation of BGP Flow
installation of BGP Flow Specifications, or fluctuations in the IGP Specifications, or fluctuations in the IGP link state database) might
link state database) might mean that traffic matching the PCEP Flow mean that traffic matching the PCEP Flow Specification never reaches
Specification never reaches the head end of the LSP at which the PCEP the head end of the LSP at which the PCEP Flow Specification has been
Flow Specification has been installed. This may or may not be installed. This may or may not be desirable according to the
desirable according to the operator's traffic engineering and routing operator's traffic engineering and routing policies and is
policies, and is particularly applicable at LSPs that do not have particularly applicable at LSPs that do not have their head ends at
their head ends at the ingress-edge of the network, but it is not an the ingress edge of the network, but it is not an effect that this
effect that this document seeks to address. document seeks to address.
2. Terminology 2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
This document uses the following terms defined in [RFC5440]: PCC, This document uses the following terms defined in [RFC5440]: PCC,
PCE, PCEP Peer. PCE, and PCEP Peer.
The following term from [I-D.ietf-idr-rfc5575bis] is used frequently The following term from [RFC8955] is used frequently throughout this
throughout this document: document:
A Flow Specification is an n-tuple consisting of several matching | A Flow Specification is an n-tuple consisting of several matching
criteria that can be applied to IP traffic. A given IP packet is | criteria that can be applied to IP traffic. A given IP packet is
said to match the defined Flow Specification if it matches all the | said to match the defined Flow Specification if it matches all the
specified criteria. | specified criteria.
[I-D.ietf-idr-rfc5575bis] also states that "A given Flow [RFC8955] also states that "[a] given Flow Specification may be
Specification may be associated with a set of attributes," and that, associated with a set of attributes" and that "...attributes can be
"...attributes can be used to encode a set of predetermined actions." used to encode a set of predetermined actions." However, in the
However, in the context of this document, no action is explicitly context of this document, no action is explicitly specified as
specified associated with the Flow Specification since the action associated with the Flow Specification since the action of forwarding
"forward all matching traffic onto the associated path" is implicit. all matching traffic onto the associated path is implicit.
How an implementation decides how to filter traffic that matches a How an implementation decides to filter traffic that matches a Flow
Flow Specification does not form part of this specification, but a Specification does not form part of this specification, but a flag is
flag is provided to indicate whether the sender of a PCEP message provided to indicate whether the sender of a PCEP message that
that includes a Flow Specification intends it to be installed as a includes a Flow Specification intends it to be installed as a Longest
Longest Prefix Match route or as a Flow Specification policy. Prefix Match (LPM) route or as a Flow Specification policy.
This document uses the terms "stateful PCE" and "active PCE" as This document uses the terms "stateful PCE" and "active PCE" as
advocated in [RFC7399]. advocated in [RFC7399].
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
3. Procedures for PCE Use of Flow Specifications 3. Procedures for PCE Use of Flow Specifications
3.1. Context for PCE Use of Flow Specifications 3.1. Context for PCE Use of Flow Specifications
In the PCE architecture there are five steps in the setup and use of In the PCE architecture, there are five steps in the setup and use of
LSPs: LSPs:
1. Decide which LSPs to set up. The decision may be made by a user, 1. Decide which LSPs to set up. The decision may be made by a user,
by a PCC, or by the PCE. There can be a number of triggers for by a PCC, or by the PCE. There can be a number of triggers for
this including user intervention and dynamic response to changes this, including user intervention and dynamic response to changes
in traffic demands. in traffic demands.
2. Decide what properties to assign to an LSP. This can include 2. Decide what properties to assign to an LSP. This can include
bandwidth reservations, priorities, and DSCP (i.e., MPLS Traffic bandwidth reservations, priorities, and the Differentiated
Class field). This function is also determined by user Services Code Point (DSCP) (i.e., MPLS Traffic Class field).
configuration or in response to predicted or observed traffic This function is also determined by user configuration or in
demands. response to predicted or observed traffic demands.
3. Decide what traffic to put on the LSP. This is effectively 3. Decide what traffic to put on the LSP. This is effectively
determining which traffic flows to assign to which LSPs, and determining which traffic flows to assign to which LSPs;
practically, this is closely linked to the first two decisions practically, this is closely linked to the first two decisions
listed above. listed above.
4. Cause the LSP to be set up and modified to have the right 4. Cause the LSP to be set up and modified to have the right
characteristics. This will usually involve the PCE advising or characteristics. This will usually involve the PCE advising or
instructing the PCC at the head end of the LSP, and the PCC will instructing the PCC at the head end of the LSP, and the PCC will
then signal the LSP across the network. then signal the LSP across the network.
5. Tell the head end of the LSP what traffic to put on the LSP. 5. Tell the head end of the LSP what traffic to put on the LSP.
This may happen after or at the same time as the LSP is set up. This may happen after or at the same time as the LSP is set up.
This step is the subject of this document. This step is the subject of this document.
3.2. Elements of Procedure 3.2. Elements of the Procedure
There are three elements of procedure: There are three elements in the procedure:
o A PCE and a PCC must be able to indicate whether or not they 1. A PCE and a PCC must be able to indicate whether or not they
support the use of Flow Specifications. support the use of Flow Specifications.
o A PCE or PCC must be able to include Flow Specifications in PCEP 2. A PCE or PCC must be able to include Flow Specifications in PCEP
messages with clear understanding of the applicability of those messages with a clear understanding of the applicability of those
Flow Specifications in each case. This includes whether the use Flow Specifications in each case. This includes whether the use
of such information is mandatory, constrained, or optional, and of such information is mandatory, constrained, or optional and
how overlapping Flow Specifications will be resolved. how overlapping Flow Specifications will be resolved.
o Flow Specification information/state must be synchronized between 3. Flow Specification information/state must be synchronized between
PCEP peers so that, on recovery, the peers have the same PCEP peers so that, on recovery, the peers have the same
understanding of which Flow Specifications apply just as is understanding of which Flow Specifications apply just as is
required in the case of stateful PCE and LSP delegation (see required in the case of stateful PCE and LSP delegation (see
Section 5.6 of [RFC8231]). Section 5.6 of [RFC8231]).
The following subsections describe these points. The following subsections describe these points.
3.2.1. Capability Advertisement 3.2.1. Capability Advertisement
As with most PCEP capability advertisements, the ability to support As with most PCEP capability advertisements, the ability to support
Flow Specifications can be indicated in the PCEP OPEN message or in Flow Specifications can be indicated in the PCEP Open message or in
IGP PCE capability advertisements. IGP PCE capability advertisements.
3.2.1.1. PCEP OPEN Message 3.2.1.1. PCEP Open Message
During PCEP session establishment, a PCC or PCE that supports the During PCEP session establishment, a PCC or PCE that supports the
procedures described in this document announces this fact by procedures described in this document announces this fact by
including the "PCE FlowSpec Capability" TLV (described in Section 4) including the PCE FlowSpec Capability TLV (described in Section 4) in
in the OPEN Object carried in the PCEP Open message. the OPEN object carried in the PCEP Open message.
The presence of the PCE FlowSpec Capability TLV in the OPEN Object in The presence of the PCE FlowSpec Capability TLV in the OPEN object in
a PCE's OPEN message indicates that the PCE can distribute FlowSpecs a PCE's Open message indicates that the PCE can distribute FlowSpecs
to PCCs and can receive FlowSpecs in messages from PCCs. to PCCs and can receive FlowSpecs in messages from PCCs.
The presence of the PCE FlowSpec Capability TLV in the OPEN Object in The presence of the PCE FlowSpec Capability TLV in the OPEN object in
a PCC's OPEN message indicates that the PCC supports the FlowSpec a PCC's Open message indicates that the PCC supports the FlowSpec
functionality described in this document. functionality described in this document.
If either one of a pair of PCEP peers does not include the PCE If either one of a pair of PCEP peers does not include the PCE
FlowSpec Capability TLV in the OPEN Object in its OPEN message, then FlowSpec Capability TLV in the OPEN object in its Open message, then
the other peer MUST NOT include a FLOWSPEC object in any PCEP message the other peer MUST NOT include a FLOWSPEC object in any PCEP message
sent to the peer. If a FLOWSPEC object is received when support has sent to the peer. If a FLOWSPEC object is received when support has
not been indicated, the receiver will respond with a PCErr message not been indicated, the receiver will respond with a PCErr message
reporting the objects containing the FlowSpec as described in reporting the objects containing the FlowSpec as described in
[RFC5440]: that is, it will use "Unknown Object" if it does not
[RFC5440]: that is, it will use 'Unknown Object' if it does not support this specification and "Not supported object" if it supports
support this specification, and 'Not supported object' if it supports
this specification but has not chosen to support FLOWSPEC objects on this specification but has not chosen to support FLOWSPEC objects on
this PCEP session. this PCEP session.
3.2.1.2. IGP PCE Capabilities Advertisement 3.2.1.2. IGP PCE Capabilities Advertisement
The ability to advertise support for PCEP and PCE features in IGP The ability to advertise support for PCEP and PCE features in IGP
advertisements is provided for OSPF in [RFC5088] and for IS-IS in advertisements is provided for OSPF in [RFC5088] and for IS-IS in
[RFC5089]. The mechanism uses the PCE Discovery TLV which has a PCE- [RFC5089]. The mechanism uses the PCE Discovery TLV, which has a
CAP-FLAGS sub-TLV containing bit-flags each of which indicates PCE-CAP-FLAGS sub-TLV containing bit flags, each of which indicates
support for a different feature. support for a different feature.
This document defines a new PCE-CAP-FLAGS sub-TLV bit, the FlowSpec This document defines a new PCE-CAP-FLAGS sub-TLV bit, the FlowSpec
Capable flag (bit number TBD1). Setting the bit indicates that an Capable flag (bit number 16). Setting the bit indicates that an
advertising PCE supports the procedures defined in this document. advertising PCE supports the procedures defined in this document.
Note that while PCE FlowSpec Capability may be advertised during Note that while PCE FlowSpec capability may be advertised during
discovery, PCEP speakers that wish to use Flow Specification in PCEP discovery, PCEP speakers that wish to use Flow Specification in PCEP
MUST negotiate PCE FlowSpec Capability during PCEP session setup, as MUST negotiate PCE FlowSpec capability during PCEP session setup, as
specified in Section 3.2.1.1. A PCC MAY initiate PCE FlowSpec specified in Section 3.2.1.1. A PCC MAY initiate PCE FlowSpec
Capability negotiation at PCEP session setup even if it did not capability negotiation at PCEP session setup even if it did not
receive any IGP PCE capability advertisement, and a PCEP peer that receive any IGP PCE capability advertisement, and a PCEP peer that
advertised support for FlowSpec in the IGP is not obliged to support advertised support for FlowSpec in the IGP is not obliged to support
these procedures on any given PCEP session. these procedures on any given PCEP session.
3.2.2. Dissemination Procedures 3.2.2. Dissemination Procedures
This section describes the procedures to support Flow Specifications This section describes the procedures to support Flow Specifications
in PCEP messages. in PCEP messages.
The primary purpose of distributing Flow Specification information is The primary purpose of distributing Flow Specification information is
to allow a PCE to indicate to a PCC what traffic it should place on a to allow a PCE to indicate to a PCC what traffic it should place on a
path (such as an LSP or an SR path). This means that the Flow path (such as an LSP or an SR path). This means that the Flow
Specification may be included in: Specification may be included in:
o PCInitiate messages so that an active PCE can indicate the traffic * PCInitiate messages so that an active PCE can indicate the traffic
to place on a path at the time that the PCE instantiates the path. to place on a path at the time that the PCE instantiates the path.
o PCUpd messages so that an active PCE can indicate or change the * PCUpd messages so that an active PCE can indicate or change the
traffic to place on a path that has already been set up. traffic to place on a path that has already been set up.
o PCRpt messages so that a PCC can report the traffic that the PCC * PCRpt messages so that a PCC can report the traffic that the PCC
will place on the path. will place on the path.
o PCReq messages so that a PCC can indicate what traffic it plans to * PCReq messages so that a PCC can indicate what traffic it plans to
place on a path at the time it requests the PCE to perform a place on a path when it requests that the PCE perform a
computation in case that information aids the PCE in its work. computation in case that information aids the PCE in its work.
o PCRep messages so that a PCE that has been asked to compute a path * PCRep messages so that a PCE that has been asked to compute a path
can suggest which traffic could be placed on a path that a PCC may can suggest which traffic could be placed on a path that a PCC may
be about to set up. be about to set up.
o PCErr messages so that issues related to paths and the traffic * PCErr messages so that issues related to paths and the traffic
they carry can be reported to the PCE by the PCC, and so that they carry can be reported to the PCE by the PCC and problems with
problems with other PCEP messages that carry Flow Specifications other PCEP messages that carry Flow Specifications can be
can be reported. reported.
To carry Flow Specifications in PCEP messages, this document defines To carry Flow Specifications in PCEP messages, this document defines
a new PCEP object called the PCEP FLOWSPEC object. The object is a new PCEP object called the "PCEP FLOWSPEC object". The object is
OPTIONAL in the messages described above and MAY appear more than OPTIONAL in the messages described above and MAY appear more than
once in each message. once in each message.
To describe a traffic flow, the PCEP FLOWSPEC object carries one of To describe a traffic flow, the PCEP FLOWSPEC object carries a Flow
the following combinations of TLVs: Filter TLV.
o zero or one Flow Filter TLV
o one L2 Flow Filter TLV
o both a Flow Filter TLV and an L2 Flow Filter TLV
The inclusion of multiple PCEP FLOWSPEC objects allows multiple The inclusion of multiple PCEP FLOWSPEC objects allows multiple
traffic flows to be placed on a single path. traffic flows to be placed on a single path.
Once a PCE and PCC have established that they can both support the Once a PCE and PCC have established that they can both support the
use of Flow Specifications in PCEP messages, such information may be use of Flow Specifications in PCEP messages, such information may be
exchanged at any time for new or existing paths. exchanged at any time for new or existing paths.
The application and prioritization of Flow Specifications is The application and prioritization of Flow Specifications are
described in Section 8.7. described in Section 8.7.
As per [RFC8231], any attributes of the path received from a PCE are As per [RFC8231], any attributes of the path received from a PCE are
subject to PCC's local policy. This holds good for the Flow subject to the PCC's local policy. This holds true for the Flow
Specifications as well. Specifications as well.
3.2.3. Flow Specification Synchronization 3.2.3. Flow Specification Synchronization
The Flow Specifications are carried along with the LSP State The Flow Specifications are carried along with the LSP state
information as per [RFC8231] making the Flow Specifications part of information as per [RFC8231], making the Flow Specifications part of
the LSP database (LSP-DB). Thus, the synchronization of the Flow the LSP database (LSP-DB). Thus, the synchronization of the Flow
Specification information is done as part of LSP-DB synchronization. Specification information is done as part of LSP-DB synchronization.
This may be achieved using normal state synchronization procedures as This may be achieved using normal state synchronization procedures as
described in [RFC8231] or enhanced state synchronization procedures described in [RFC8231] or enhanced state synchronization procedures
as defined in [RFC8232]. as defined in [RFC8232].
The approach selected will be implementation and deployment specific The approach selected will be implementation and deployment specific
and will depend on issues such as how the databases are constructed and will depend on issues such as how the databases are constructed
and what level of synchronization support is needed. and what level of synchronization support is needed.
4. PCE FlowSpec Capability TLV 4. PCE FlowSpec Capability TLV
The PCE-FLOWSPEC-CAPABILITY TLV is an optional TLV that can be The PCE-FLOWSPEC-CAPABILITY TLV is an optional TLV that can be
carried in the OPEN Object [RFC5440] to exchange PCE FlowSpec carried in the OPEN object [RFC5440] to exchange the PCE FlowSpec
capabilities of the PCEP speakers. capabilities of the PCEP speakers.
The format of the PCE-FLOWSPEC-CAPABILITY TLV follows the format of The format of the PCE-FLOWSPEC-CAPABILITY TLV follows the format of
all PCEP TLVs as defined in [RFC5440] and is shown in Figure 1. all PCEP TLVs as defined in [RFC5440] and is shown in Figure 1.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type=TBD2 | Length=2 | | Type=51 | Length=2 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value=0 | Padding | | Value=0 | Padding |
+---------------------------------------------------------------+ +---------------------------------------------------------------+
Figure 1: PCE-FLOWSPEC-CAPABILITY TLV format Figure 1: PCE-FLOWSPEC-CAPABILITY TLV Format
The type of the PCE-FLOWSPEC-CAPABILITY TLV is TBD2 and it has a The type of the PCE-FLOWSPEC-CAPABILITY TLV is 51, and it has a fixed
fixed length of 2 octets. The Value field MUST be set to 0 and MUST length of 2 octets. The Value field MUST be set to 0 and MUST be
be ignored on receipt. The two bytes of padding MUST be set to zero ignored on receipt. The two bytes of padding MUST be set to zero and
and ignored on receipt. ignored on receipt.
The inclusion of this TLV in an OPEN object indicates that the sender The inclusion of this TLV in an OPEN object indicates that the sender
can perform FlowSpec handling as defined in this document. can perform FlowSpec handling as defined in this document.
5. PCEP FLOWSPEC Object 5. PCEP FLOWSPEC Object
The PCEP FLOWSPEC object defined in this document is compliant with The PCEP FLOWSPEC object defined in this document is compliant with
the PCEP object format defined in [RFC5440]. It is OPTIONAL in the the PCEP object format defined in [RFC5440]. It is OPTIONAL in the
PCReq, PCRep, PCErr, PCInitiate, PCRpt, and PCUpd messages and MAY be PCReq, PCRep, PCErr, PCInitiate, PCRpt, and PCUpd messages and MAY be
present zero, one, or more times. Each instance of the object present zero, one, or more times. Each instance of the object
specifies a separate traffic flow. specifies a separate traffic flow.
The PCEP FLOWSPEC object carries a FlowSpec filter rule encoded in a The PCEP FLOWSPEC object MAY carry a FlowSpec filter rule encoded in
TLV (a Flow Filter TLV, a single L2 Flow Filter TLV, or both) as a Flow Filter TLV as defined in Section 6.
defined in Section 6).
The FLOWSPEC Object-Class is TBD3 (to be assigned by IANA). The FLOWSPEC Object-Class is 43 (to be assigned by IANA).
The FLOWSPEC Object-Type is 1. The FLOWSPEC Object-Type is 1.
The format of the body of the PCEP FLOWSPEC object is shown in The format of the body of the PCEP FLOWSPEC object is shown in
Figure 2 Figure 2.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| FS-ID | | FS-ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AFI | Reserved | Flags |L|R| | AFI | Reserved | Flags |L|R|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
// TLVs // // TLVs //
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 2: PCEP FLOWSPEC Object Body Format Figure 2: PCEP FLOWSPEC Object Body Format
FS-ID (32-bits): A PCEP-specific identifier for the FlowSpec FS-ID (32 bits): A PCEP-specific identifier for the FlowSpec
information. A PCE or PCC creates an FS-ID for each FlowSpec that it information. A PCE or PCC creates an FS-ID for each FlowSpec that
originates, and the value is unique within the scope of that PCE or it originates, and the value is unique within the scope of that
PCC and is constant for the lifetime of a PCEP session. All PCE or PCC and is constant for the lifetime of a PCEP session.
subsequent PCEP messages can identify the FlowSpec using the FS-ID. All subsequent PCEP messages can identify the FlowSpec using the
The values 0 and 0xFFFFFFFF are reserved and MUST NOT be used. Note FS-ID. The values 0 and 0xFFFFFFFF are reserved and MUST NOT be
that [I-D.gont-numeric-ids-sec-considerations] gives advice on used. Note that [NUMERIC-IDS-SEC] gives advice on assigning
assigning transient numeric identifiers such as the FS-ID so as to transient numeric identifiers such as the FS-ID so as to minimize
minimise security risks. security risks.
AFI (16-bits): Address Family Identifier as used in BGP [RFC4760] AFI (16 bits): Address Family Identifier as used in BGP [RFC4760]
(AFI=1 for IPv4 or VPNv4, AFI=2 for IPv6 and VPNv6 as per as per (AFI=1 for IPv4 or VPNv4, AFI=2 for IPv6 and VPNv6 as per
[I-D.ietf-idr-flow-spec-v6]). [RFC8956]).
Reserved (8-bits): MUST be set to zero on transmission and ignored on Reserved (8 bits): MUST be set to zero on transmission and ignored
receipt. on receipt.
Flags (8-bits): Two flags are currently assigned - Flags (8 bits): Two flags are currently assigned:
R bit: The Remove bit is set when a PCEP FLOWSPEC object is R bit: The Remove bit is set when a PCEP FLOWSPEC object is
included in a PCEP message to indicate removal of the Flow included in a PCEP message to indicate removal of the Flow
Specification from the associated tunnel. If the bit is clear, Specification from the associated tunnel. If the bit is clear,
the Flow Specification is being added or modified. the Flow Specification is being added or modified.
L bit: The Longest Prefix Match (LPM) bit is set to indicate that L bit: The Longest Prefix Match (LPM) bit is set to indicate that
the Flow Specification is to be installed as a route subject to the Flow Specification is to be installed as a route subject to
longest prefix match forwarding. If the bit is clear, the Flow LPM forwarding. If the bit is clear, the Flow Specification
Specification described by the Flow Filter TLV (see Section 6) is described by the Flow Filter TLV (see Section 6) is to be
to be installed as a Flow Specification. If the bit is set, only installed as a Flow Specification. If the bit is set, only
Flow Specifications that describe IPv4 or IPv6 destinations are Flow Specifications that describe IPv4 or IPv6 destinations are
meaningful in the Flow Filter TLV and others are ignored. If the meaningful in the Flow Filter TLV, and others are ignored. If
L is set and the receiver does not support the use of Flow the L is set and the receiver does not support the use of Flow
Specifications that are present in the Flow Filter TLV for the Specifications that are present in the Flow Filter TLV for the
installation of a route subject to longest prefix match installation of a route subject to LPM forwarding, then the
forwarding, then the PCEP peer MUST respond with a PCErr message PCEP peer MUST respond with a PCErr message with Error-Type 30
with error-type TBD8 (FlowSpec Error) and error-value 5 (FlowSpec Error) and Error-value 5 (Unsupported LPM Route).
(Unsupported LPM Route).
Unassigned bits MUST be set to zero on transmission and ignored on Unassigned bits MUST be set to zero on transmission and ignored on
receipt. receipt.
If the PCEP speaker receives a message with R bit set in the FLOWSPEC If the PCEP speaker receives a message with the R bit set in the
object and the Flow Specification identified with a FS-ID does not FLOWSPEC object and the Flow Specification identified with an FS-ID
exist, it MUST generate a PCErr with Error-type TBD8 (FlowSpec does not exist, it MUST generate a PCErr with Error-Type 30 (FlowSpec
Error), error-value 4 (Unknown FlowSpec). Error) and Error-value 4 (Unknown FlowSpec).
If the PCEP speaker does not understand or support the AFI in the If the PCEP speaker does not understand or support the AFI in the
FLOWSPEC message, the PCEP peer MUST respond with a PCErr message FLOWSPEC message, the PCEP peer MUST respond with a PCErr message
with error-type TBD8 (FlowSpec Error), error-value 2 (Malformed with Error-Type 30 (FlowSpec Error) and Error-value 2 (Malformed
FlowSpec). FlowSpec).
The following TLVs can be used in the FLOWSPEC object: The following TLVs can be used in the FLOWSPEC object:
o Speaker Entity Identifier TLV: As specified in [RFC8232], the Speaker Entity Identifier TLV: As specified in [RFC8232], the
SPEAKER-ENTITY-ID TLV encodes a unique identifier for the node SPEAKER-ENTITY-ID TLV encodes a unique identifier for the node
that does not change during the lifetime of the PCEP speaker. that does not change during the lifetime of the PCEP speaker.
This is used to uniquely identify the FlowSpec originator and thus This is used to uniquely identify the FlowSpec originator and thus
used in conjunction with FS-ID to uniquely identify the FlowSpec is used in conjunction with the FS-ID to uniquely identify the
information. This TLV MUST be included. If the TLV is missing, FlowSpec information. This TLV MUST be included. If the TLV is
the PCEP peer MUST respond with a PCErr message with error-type missing, the PCEP peer MUST respond with a PCErr message with
TBD8 (FlowSpec Error), error-value 2 (Malformed FlowSpec). If Error-Type 30 (FlowSpec Error) and Error-value 2 (Malformed
more than one instance of this TLV is present, the first MUST be FlowSpec). If more than one instance of this TLV is present, the
processed and subsequence instances MUST be ignored. first MUST be processed, and subsequent instances MUST be ignored.
o Flow Filter TLV (variable): One TLV MAY be included. The Flow Flow Filter TLV (variable): One TLV MAY be included. The Flow
Filter TLV is OPTIONAL when the R bit is set. Filter TLV is OPTIONAL when the R bit is set.
o L2 Flow Filter TLV (variable): One TLV MAY be included. The L2 The Flow Filter TLV MUST be present when the R bit is clear. If the
Flow Filter TLV is OPTIONAL when the R bit is set. TLV is missing when the R bit is clear, the PCEP peer MUST respond
with a PCErr message with Error-Type 30 (FlowSpec Error) and Error-
value 2 (Malformed FlowSpec).
At least one Flow Filter TLV or one L2 Flow Filter TLV MUST be Filtering based on the L2 fields is out of scope of this document.
present when the R bit is clear. If both TLVs are missing when the R
bit is clear, the PCEP peer MUST respond with a PCErr message with
error-type TBD8 (FlowSpec Error) and error-value 2 (Malformed
FlowSpec). A Flow Filter TLV and a L2 Flow Filter TLV MAY both be
present when filtering is based on both L3 and L2 fields.
6. Flow Filter TLV and L2 Flow Filter TLV 6. Flow Filter TLV
Two new PCEP TLVs are defined to convey Flow Specification filtering One new PCEP TLV is defined to convey Flow Specification filtering
rules that specify what traffic is carried on a path. The TLVs rules that specify what traffic is carried on a path. The TLV
follow the format of all PCEP TLVs as defined in [RFC5440]. The Type follows the format of all PCEP TLVs as defined in [RFC5440]. The
field values come from the codepoint space for PCEP TLVs and has the Type field values come from the code point space for PCEP TLVs and
value TBD4 for Flow Filter TLV and TBD9 for L2 Flow Filter TLV. has the value 52 for Flow Filter TLV.
The Value fields of the TLVs contain one or more sub-TLVs (the Flow The Value field of the TLV contains one or more sub-TLVs (the Flow
Specification TLVs or L2 Flow Specification TLVs) as defined in Specification TLVs) as defined in Section 7, and they represent the
Section 7, and they represent the complete definition of a Flow complete definition of a Flow Specification for traffic to be placed
Specification for traffic to be placed on the tunnel. This tunnel is on the tunnel. This tunnel is indicated by the PCEP message in which
indicated by the PCEP message in which the PCEP FLOWSPEC object is the PCEP FLOWSPEC object is carried. The set of Flow Specification
carried. The set of Flow Specification TLVs and L2 Flow Filter TLVs TLVs in a single instance of a Flow Filter TLV is combined to
in a single instance of a Flow Filter TLV are combined to indicate indicate the specific Flow Specification. Note that the PCEP
the specific Flow Specification. Note that the PCEP FLOWSPEC object FLOWSPEC object can include just one Flow Filter TLV.
can include just one Flow Filter TLV, just one L2 Flow Filter TLV, or
one of each TLV.
Further Flow Specifications can be included in a PCEP message by Further Flow Specifications can be included in a PCEP message by
including additional FLOWSPEC objects. including additional FLOWSPEC objects.
In the future, there may be a desire to add support for L2 Flow
Specifications (such as described in [BGP-L2VPN]).
7. Flow Specification TLVs 7. Flow Specification TLVs
The Flow Filter TLV carries one or more Flow Specification TLVs. The The Flow Filter TLV carries one or more Flow Specification TLVs. The
Flow Specification TLV follows the format of all PCEP TLVs as defined Flow Specification TLV follows the format of all PCEP TLVs as defined
in [RFC5440]. However, the Type values are selected from a separate in [RFC5440]. However, the Type values are selected from a separate
IANA registry (see Section 10.3) rather than from the common PCEP TLV IANA registry (see Section 10.3) rather than from the common PCEP TLV
registry. registry.
Type values are chosen so that there can be commonality with Flow Type values are chosen so that there can be commonality with Flow
Specifications defined for use with BGP [I-D.ietf-idr-rfc5575bis] and Specifications defined for use with BGP [RFC8955] [RFC8956]. This is
[I-D.ietf-idr-flow-spec-v6]. This is possible because the BGP Flow possible because the BGP Flow Spec encoding uses a single octet to
Spec encoding uses a single octet to encode the type where as PCEP encode the type, whereas PCEP uses 2 octets. Thus, the space of
uses two octets. Thus the space of values for the Type field is values for the Type field is partitioned as shown in Table 1.
partitioned as shown in Figure 3.
Range | +===========+=======================================+
---------------+--------------------------------------------------- | Range | Description |
0 .. 255 | Per BGP registry defined by +===========+=======================================+
| [I-D.ietf-idr-rfc5575bis] and | 0-255 | Per BGP Flow Spec registry defined by |
| [I-D.ietf-idr-flow-spec-v6]. | | [RFC8955] and [RFC8956]. |
| Not to be allocated in this registry. | | |
| | | Not to be allocated in this registry. |
256 .. 65535 | New PCEP Flow Specifications allocated according +-----------+---------------------------------------+
| to the registry defined in this document. | 256-65535 | New PCEP Flow Specifications |
| | allocated according to the registry |
| | defined in this document. |
+-----------+---------------------------------------+
Figure 3: Flow Specification TLV Type Ranges Table 1: Flow Specification TLV Type Ranges
[I-D.ietf-idr-rfc5575bis] is the reference for the registry "Flow [RFC8955] is the reference for the "Flow Spec Component Types"
Spec Component Types" and defines the allocations it contains. registry and defines the allocations it contains. [RFC8956]
[I-D.ietf-idr-flow-spec-v6] requested for another registry "Flow Spec requested the creation of the "Flow Spec IPv6 Component Types"
IPv6 Component Types" and requested initial allocations in it. If registry, as well as its initial allocations. If the AFI (in the
the AFI (in the FLOWSPEC object) is set to IPv4, the range 0..255 is FLOWSPEC object) is set to IPv4, the range 0..255 is as per "Flow
as per "Flow Spec Component Types" [I-D.ietf-idr-rfc5575bis]; if the Spec Component Types" [RFC8955]; if the AFI is set to IPv6, the range
AFI is set to IPv6, the range 0..255 is as per "Flow Spec IPv6 0..255 is as per "Flow Spec IPv6 Component Types" [RFC8956].
Component Types" [I-D.ietf-idr-flow-spec-v6].
The content of the Value field in each TLV is specific to the type/ The content of the Value field in each TLV is specific to the type/
AFI and describes the parameters of the Flow Specification. The AFI and describes the parameters of the Flow Specification. The
definition of the format of many of these Value fields is inherited definition of the format of many of these Value fields is inherited
from BGP specifications. Specifically, the inheritance is from from BGP specifications. Specifically, the inheritance is from
[I-D.ietf-idr-rfc5575bis] and [I-D.ietf-idr-flow-spec-v6], but may [RFC8955] and [RFC8956], but it may also be inherited from future BGP
also be inherited from future BGP specifications. specifications.
When multiple Flow Specification TLVs are present in a single Flow When multiple Flow Specification TLVs are present in a single Flow
Filter TLV they are combined to produce a more detailed specification Filter TLV, they are combined to produce a more detailed
of a flow. For examples and rules about how this is achieved, see specification of a flow. For examples and rules about how this is
[I-D.ietf-idr-rfc5575bis]. As described in [I-D.ietf-idr-rfc5575bis] achieved, see [RFC8955]. As described in [RFC8955], where it says "A
where it says "A given component type MAY (exactly once) be present given component type MAY (exactly once) be present in the Flow
in the Flow Specification," a Flow Filter TLV MUST NOT contain more Specification", a Flow Filter TLV MUST NOT contain more than one Flow
than one Flow Specification TLV of the same type: an implementation Specification TLV of the same type: an implementation that receives a
that receives a PCEP message with a Flow Flter TLV that contains more PCEP message with a Flow Filter TLV that contains more than one Flow
than one Flow Specification TLV of the same type MUST respond with a Specification TLV of the same type MUST respond with a PCErr message
PCErr message with error-type TBD8 (FlowSpec Error), error-value 2 with Error-Type 30 (FlowSpec Error) and Error-value 2 (Malformed
(Malformed FlowSpec) and MUST NOT install the Flow Specification. FlowSpec) and MUST NOT install the Flow Specification.
An implementation that receives a PCEP message carrying a Flow An implementation that receives a PCEP message carrying a Flow
Specification TLV with a type value that it does not recognize or Specification TLV with a type value that it does not recognize or
does not support MUST respond with a PCErr message with error-type support MUST respond with a PCErr message with Error-Type 30
TBD8 (FlowSpec Error), error-value 1 (Unsupported FlowSpec) and MUST (FlowSpec Error) and Error-value 1 (Unsupported FlowSpec) and MUST
NOT install the Flow Specification. NOT install the Flow Specification.
When used in other protocols (such as BGP), these Flow Specifications When used in other protocols (such as BGP), these Flow Specifications
are also associated with actions to indicate how traffic matching the are also associated with actions to indicate how traffic matching the
Flow Specification should be treated. In PCEP, however, the only Flow Specification should be treated. In PCEP, however, the only
action is to associate the traffic with a tunnel and to forward action is to associate the traffic with a tunnel and to forward
matching traffic onto that path, so no encoding of an action is matching traffic onto that path, so no encoding of an action is
needed. needed.
Section 8.7 describes how overlapping Flow Specifications are Section 8.7 describes how overlapping Flow Specifications are
prioritized and handled. prioritized and handled.
All Flow Specification TLVs with Types in the range 0 to 255 have All Flow Specification TLVs with Types in the range 0 to 255 have
Values defined for use in BGP (for example, in values defined for use in BGP (for example, in [RFC8955] and
[I-D.ietf-idr-rfc5575bis] and [I-D.ietf-idr-flow-spec-v6]) and are [RFC8956]) and are set using the BGP encoding but without the type
set using the BGP encoding, but without the type octet (the relevant octet (the relevant information is in the Type field of the TLV).
information is in the Type field of the TLV). The Value field is The Value field is padded with trailing zeros to achieve 4-byte
padded with trailing zeros to achieve 4-byte alignment. alignment.
This document defines the following new types: This document defines the following new types:
+-------+-------------------------+-----------------------------+ +======+=====================+==================+
| Type | Description | Value defined in | | Type | Description | Value Defined In |
| | | | +======+=====================+==================+
+-------+-------------------------+-----------------------------+ | 256 | Route Distinguisher | RFC 9168 |
| TBD5 | Route Distinguisher | [This.I-D] | +------+---------------------+------------------+
+-------+-------------------------+-----------------------------+ | 257 | IPv4 Multicast Flow | RFC 9168 |
| TBD6 | IPv4 Multicast Flow | [This.I-D] | +------+---------------------+------------------+
+-------+-------------------------+-----------------------------+ | 258 | IPv6 Multicast Flow | RFC 9168 |
| TBD7 | IPv6 Multicast Flow | [This.I-D] | +------+---------------------+------------------+
+-------+-------------------------+-----------------------------+
Figure 4: Table of Flow Specification TLV Types defined in this Table 2: Flow Specification TLV Types Defined
document in this Document
To allow identification of a VPN in PCEP via a Route Distinguisher To allow identification of a VPN in PCEP via a Route Distinguisher
(RD) [RFC4364], a new TLV - ROUTE-DISTINGUISHER TLV is defined in (RD) [RFC4364], a new TLV, ROUTE-DISTINGUISHER TLV, is defined in
this document. A Flow Specification TLV with Type TBD5 (ROUTE- this document. A Flow Specification TLV with Type 256 (ROUTE-
DISTINGUISHER TLV) carries an RD Value, used to identify that other DISTINGUISHER TLV) carries an RD value, which is used to identify
flow filter information (for example, an IPv4 destination prefix) is that other flow filter information (for example, an IPv4 destination
associated with a specific VPN identified by the RD. See Section 8.6 prefix) is associated with a specific VPN identified by the RD. See
for further discussion of VPN identification. Section 8.6 for further discussion of VPN identification.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type=[TBD5] | Length=8 | | Type=256 | Length=8 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Route Distinguisher | | Route Distinguisher |
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 5: The Format of the ROUTE-DISTINGUISHER TLV Figure 3: The Format of the ROUTE-DISTINGUISHER TLV
The format of RD is as per [RFC4364]. The format of the RD is as per [RFC4364].
Although it may be possible to describe a multicast Flow Although it may be possible to describe a multicast Flow
Specification from the combination of other Flow Specification TLVs Specification from the combination of other Flow Specification TLVs
with specific values, it is more convenient to use a dedicated Flow with specific values, it is more convenient to use a dedicated Flow
Specification TLV. Flow Specification TLVs with Type values TBD6 and Specification TLV. Flow Specification TLVs with Type values 257 and
TBD7 are used to identify a multicast flow for IPv4 and IPv6 258 are used to identify a multicast flow for IPv4 and IPv6,
respectively. The Value field is encoded as shown in Figure 6. respectively. The Value field is encoded as shown in Figure 4.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved |S|G| Src Mask Len | Grp Mask Len | | Reserved |S|G| Src Mask Len | Grp Mask Len |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~ Source Address ~ ~ Source Address ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~ Group multicast Address ~ ~ Group multicast Address ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 6: Multicast Flow Specification TLV Encoding Figure 4: Multicast Flow Specification TLV Encoding
The address fields and address mask lengths of the two Multicast Flow The address fields and address mask lengths of the two Multicast Flow
Specification TLVs contain source and group prefixes for matching Specification TLVs contain source and group prefixes for matching
against packet flows noting that the two address fields are 32 bits against packet flows. Note that the two address fields are 32 bits
for an IPv4 Multicast Flow and 128 bits for an IPv6 Multicast Flow. for an IPv4 Multicast Flow and 128 bits for an IPv6 Multicast Flow.
The Reserved field MUST be set to zero and ignored on receipt. The Reserved field MUST be set to zero and ignored on receipt.
Two bit flags (S and G) are defined to describe the multicast Two bit flags (S and G) are defined to describe the multicast
wildcarding in use. If the S bit is set, then source wildcarding is wildcarding in use. If the S bit is set, then source wildcarding is
in use and the values in the Source Mask Length and Source Address in use, and the values in the Source Mask Length and Source Address
fields MUST be ignored. If the G bit is set, then group wildcarding fields MUST be ignored. If the G bit is set, then group wildcarding
is in use and the values in the Group Mask Length and Group multicast is in use, and the values in the Group Mask Length and Group
Address fields MUST be ignored. The G bit MUST NOT be set unless the multicast Address fields MUST be ignored. The G bit MUST NOT be set
S bit is also set: if a Multicast Flow Specification TLV is received unless the S bit is also set: if a Multicast Flow Specification TLV
with S bit = 0 and G bit = 1 the receiver MUST respond with a PCErr is received with S bit = 0 and G bit = 1, the receiver MUST respond
with Error-type TBD8 (FlowSpec Error) and error-value 2 (Malformed with a PCErr with Error-Type 30 (FlowSpec Error) and Error-value 2
FlowSpec). (Malformed FlowSpec).
The three multicast mappings may be achieved as follows: The three multicast mappings may be achieved as follows:
(S, G) - S bit = 0, G bit = 0, the Source Address and Group (S, G) - S bit = 0, G bit = 0, the Source Address and Group
multicast Address prefixes are both used to define the multicast multicast Address prefixes are both used to define the multicast
flow. flow.
(*, G) - S bit = 1, G bit = 0, the Group multicast Address prefix (*, G) - S bit = 1, G bit = 0, the Group multicast Address prefix
is used to define the multicast flow, but the Source Address is used to define the multicast flow, but the Source Address
prefix is ignored. prefix is ignored.
(*, *) = S bit = 1, G bit = 1, the Source Address and Group (*, *) - S bit = 1, G bit = 1, the Source Address and Group
multicast Address prefixes are both ignored. multicast Address prefixes are both ignored.
7.1. L2 Flow Specification TLVs
The L2 Flow Filter TLV carries one or more L2 Flow Specification TLV.
The L2 Flow Specification TLV follows the format of all PCEP TLVs as
defined in [RFC5440]. However, the Type values are selected from a
separate IANA registry (see Section 10.4) rather than from the common
PCEP TLV registry.
Type values are chosen so that there can be commonality with L2 Flow
Specifications defined for use with BGP
[I-D.ietf-idr-flowspec-l2vpn]. This is possible because the BGP Flow
Spec encoding uses a single octet to encode the type where as PCEP
uses two octets. Thus the space of values for the Type field is
partitioned as shown in Figure 7.
Range |
---------------+-------------------------------------------------
0 .. 255 | Per BGP registry defined by
| [I-D.ietf-idr-flowspec-l2vpn].
| Not to be allocated in this registry.
|
256 .. 65535 | New PCEP Flow Specifications allocated according
| to the registry defined in this document.
Figure 7: L2 Flow Specification TLV Type Ranges
[I-D.ietf-idr-flowspec-l2vpn] is the reference for the registry "L2
Flow Spec Component Types" and defines the allocations it contains.
The content of the Value field in each TLV is specific to the type
and describes the parameters of the Flow Specification. The
definition of the format of many of these Value fields is inherited
from BGP specifications. Specifically, the inheritance is from
[I-D.ietf-idr-flowspec-l2vpn], but may also be inherited from future
BGP specifications.
When multiple L2 Flow Specification TLVs are present in a single L2
Flow Filter TLV they are combined to produce a more detailed
specification of a flow. Similarly, when both Flow Filter TLV and L2
Flow Filter TLV are present, they are combined to produce a more
detailed specification of a flow.
An implementation that receives a PCEP message carrying a L2 Flow
Specification TLV with a type value that it does not recognize or
does not support MUST respond with a PCErr message with error-type
TBD8 (FlowSpec Error), error-value 1 (Unsupported FlowSpec) and MUST
NOT install the Flow Specification.
All L2 Flow Specification TLVs with Types in the range 0 to 255 have
their Values interpretted as defined for use in BGP (for example, in
[I-D.ietf-idr-flowspec-l2vpn]) and are set using the BGP encoding,
but without the type octet (the relevant information is in the Type
field of the TLV). The Value field is padded with trailing zeros to
achieve 4-byte alignment.
This document defines no new types.
In the rest of the document when the Flow Specification is mentioned,
it includes the L2 Flow Specifications as well.
8. Detailed Procedures 8. Detailed Procedures
This section outlines some specific detailed procedures for using the This section outlines some specific detailed procedures for using the
protocol extensions defined in this document. protocol extensions defined in this document.
8.1. Default Behavior and Backward Compatibility 8.1. Default Behavior and Backward Compatibility
The default behavior is that no Flow Specification is applied to a The default behavior is that no Flow Specification is applied to a
tunnel. That is, the default is that the FLOWSPEC object is not used tunnel. That is, the default is that the FLOWSPEC object is not
as is the case in all systems before the implementation of this used, as is the case in all systems before the implementation of this
specification. specification.
In this case, it is a local matter (such as through configuration) In this case, it is a local matter (such as through configuration)
how tunnel head ends are instructed what traffic to place on a how tunnel head ends are instructed in terms of what traffic to place
tunnel. on a tunnel.
[RFC5440] describes how receivers respond when they see unknown PCEP [RFC5440] describes how receivers respond when they see unknown PCEP
objects. objects.
8.2. Composite Flow Specifications 8.2. Composite Flow Specifications
Flow Specifications may be represented by a single Flow Specification Flow Specifications may be represented by a single Flow Specification
TLV or may require a more complex description using multiple Flow TLV or may require a more complex description using multiple Flow
Specification TLVs. For example, a flow indicated by a source- Specification TLVs. For example, a flow indicated by a source-
destination pair of IPv6 addresses would be described by the destination pair of IPv6 addresses would be described by the
combination of Destination IPv6 Prefix and Source IPv6 Prefix Flow combination of Destination IPv6 Prefix and Source IPv6 Prefix Flow
Specification TLVs. Specification TLVs.
8.3. Modifying Flow Specifications 8.3. Modifying Flow Specifications
A PCE may want to modify a Flow Specification associated with a A PCE may want to modify a Flow Specification associated with a
tunnel, or a PCC may want to report a change to the Flow tunnel, or a PCC may want to report a change to the Flow
Specification it is using with a tunnel. Specification it is using with a tunnel.
It is important that the specific Flow Specification is identified so It is important to identify the specific Flow Specification so it is
that it is clear that this is a modification of an existing flow and clear that this is a modification of an existing flow and not the
not the addition of a new flow as described in Section 8.4. The FS- addition of a new flow as described in Section 8.4. The FS-ID field
ID field of the PCEP FLOWSPEC object is used to identify a specific of the PCEP FLOWSPEC object is used to identify a specific Flow
Flow Specification in the context of the content of the Speaker Specification in the context of the content of the Speaker Entity
Entity Identifier TLV. Identifier TLV.
When modifying a Flow Specification, all Flow Specification TLVs for When modifying a Flow Specification, all Flow Specification TLVs for
the intended specification of the flow MUST be included in the PCEP the intended specification of the flow MUST be included in the PCEP
FLOWSPEC object. the FS-ID MUST be retained from the previous FLOWSPEC object. The FS-ID MUST be retained from the previous
description of the flow, and the same Speaker Entity Identity TLV description of the flow, and the same Speaker Entity Identifier TLV
MUST be used. MUST be used.
8.4. Multiple Flow Specifications 8.4. Multiple Flow Specifications
It is possible that traffic from multiple flows will be placed on a It is possible that traffic from multiple flows will be placed on a
single tunnel. In some cases it is possible to define these within a single tunnel. In some cases, it is possible to define these within
single PCEP FLOWSPEC object by widening the scope of a Flow a single PCEP FLOWSPEC object by widening the scope of a Flow
Specification TLV: for example, traffic to two destination IPv4 Specification TLV: for example, traffic to two destination IPv4
prefixes might be captured by a single Flow Specification TLV with prefixes might be captured by a single Flow Specification TLV with
type 'Destination' with a suitably adjusted prefix. However, this is type "Destination" with a suitably adjusted prefix. However, this is
unlikely to be possible in most scenarios, and it must be recalled unlikely to be possible in most scenarios, and it must be recalled
that it is not permitted to include two Flow Specification TLVs of that it is not permitted to include two Flow Specification TLVs of
the same type within one Flow Filter TLV. the same type within one Flow Filter TLV.
The normal procedure, therefore, is to carry each Flow Specification The normal procedure, therefore, is to carry each Flow Specification
in its own PCEP FLOWSPEC object. Multiple objects may be present on in its own PCEP FLOWSPEC object. Multiple objects may be present on
a single PCEP message, or multiple PCEP messages may be used. a single PCEP message, or multiple PCEP messages may be used.
8.5. Adding and Removing Flow Specifications 8.5. Adding and Removing Flow Specifications
The Remove bit in the PCEP FLOWSPEC object is left clear when a Flow The Remove bit in the PCEP FLOWSPEC object is left clear when a Flow
Specification is being added or modified. Specification is being added or modified.
To remove a Flow Specification, a PCEP FLOWSPEC object is included To remove a Flow Specification, a PCEP FLOWSPEC object is included
with the FS-ID matching the one being removed, and the R bit set to with the FS-ID matching the one being removed, and the R bit is set
indicate removal. In this case it is not necessary to include any to indicate removal. In this case, it is not necessary to include
Flow Specification TLVs. any Flow Specification TLVs.
If the R bit is set and Flow Specification TLVs are present, an If the R bit is set and Flow Specification TLVs are present, an
implementation MAY ignore them. If the implementation checks the implementation MAY ignore them. If the implementation checks the
Flow Specification TLVs against those recorded for the FS-ID and Flow Specification TLVs against those recorded for the FS-ID and
Speaker Entity Identity of the Flow Specification being removed and Speaker Entity Identifier of the Flow Specification being removed and
finds a mismatch, the Flow Specification matching the FS-ID MUST finds a mismatch, the Flow Specification matching the FS-ID MUST
still be removed and the implementation SHOULD record a local still be removed, and the implementation SHOULD record a local
exception or log. exception or log.
8.6. VPN Identifiers 8.6. VPN Identifiers
VPN instances are identified in BGP using Route Distinguishers (RDs) VPN instances are identified in BGP using RDs [RFC4364]. These
[RFC4364]. These values are not normally considered to have any values are not normally considered to have any meaning outside of the
meaning outside of the network, and they are not encoded in data network, and they are not encoded in data packets belonging to the
packets belonging to the VPNs. However, RDs provide a useful way of VPNs. However, RDs provide a useful way of identifying VPN instances
identifying VPN instances and are often manually or automatically and are often manually or automatically assigned to VPNs as they are
assigned to VPNs as they are provisioned. provisioned.
Thus the RD provides a useful way to indicate that traffic for a Thus, the RD provides a useful way to indicate that traffic for a
particular VPN should be placed on a given tunnel. The tunnel head particular VPN should be placed on a given tunnel. The tunnel head
end will need to interpret this Flow Specification not as a filter on end will need to interpret this Flow Specification not as a filter on
the fields of data packets, but using the other mechanisms that it the fields of data packets but rather using the other mechanisms that
already uses to identify VPN traffic. This could be based on the it already uses to identify VPN traffic. These mechanisms could be
incoming port (for port-based VPNs) or may leverage knowledge of the based on the incoming port (for port-based VPNs) or may leverage
VRF that is in use for the traffic. knowledge of the VPN Routing and Forwarding (VRF) that is in use for
the traffic.
8.7. Priorities and Overlapping Flow Specifications 8.7. Priorities and Overlapping Flow Specifications
Flow specifications can overlap. For example, two different flow Flow Specifications can overlap. For example, two different Flow
specifications may be identical except for the length of the prefix Specifications may be identical except for the length of the prefix
in the destination address. In these cases the PCC must determine in the destination address. In these cases, the PCC must determine
how to prioritize the flow specifications so as to know to which path how to prioritize the Flow Specifications so as to know which path to
to assign packets that match both flow specifications. That is, the assign packets that match both Flow Specifications. That is, the PCC
PCC must assign a precedence to the flow specifications so that it must assign a precedence to the Flow Specifications so that it checks
checks each incoming packet for a match in a predictable order. each incoming packet for a match in a predictable order.
The processing of BGP Flow Specifications is described in The processing of BGP Flow Specifications is described in [RFC8955].
[I-D.ietf-idr-rfc5575bis]. Section 5.1 of that document explains the Section 5.1 of that document explains the order of traffic filtering
order of traffic filtering rules to be executed by an implementation rules to be executed by an implementation of that specification.
of that specification.
PCCs MUST apply the same ordering rules as defined in PCCs MUST apply the same ordering rules as defined in [RFC8955].
[I-D.ietf-idr-rfc5575bis].
Furthermore, it is possible that Flow Specifications will be Furthermore, it is possible that Flow Specifications will be
distributed by BGP as well as by PCEP as described in this document. distributed by BGP as well as by PCEP as described in this document.
In such cases implementations supporting both approaches MUST apply In such cases, implementations supporting both approaches MUST apply
the prioritization and ordering rules as set out in the prioritization and ordering rules as set out in [RFC8955]
[I-D.ietf-idr-rfc5575bis] regardless of which protocol distributed regardless of which protocol distributed the Flow Specifications.
the Flow Specifications. However, implementations MAY provide a However, implementations MAY provide a configuration control to allow
configuration control to allow one protocol to take precedence over one protocol to take precedence over the other; this may be
the other as this may be particularly useful if the Flow particularly useful if the Flow Specifications make identical matches
Specifications make identical matches on traffic, but have different on traffic but have different actions. It is RECOMMENDED that a
actions. It is RECOMMENDED that when two Flow Specifications message be logged for the operator to understand the behavior when
distributed by different protocols overlap, and especially when one two Flow Specifications distributed by different protocols overlap,
acts to replace another, that a message be logged for the operator to especially when one acts to replace another.
understand the behaviour.
Section 13.1 of this document covers manageability considerations Section 12.1 of this document covers manageability considerations
relevant to the prioritized ordering of flow specifications. relevant to the prioritized ordering of Flow Specifications.
An implementation that receives a PCEP message carrying a Flow An implementation that receives a PCEP message carrying a Flow
Specification that it cannot resolve against other Flow Specification that it cannot resolve against other Flow
Specifications already installed (for example, because the new Flow Specifications already installed (for example, because the new Flow
Specification has irresolvable conflicts with other Flow Specification has irresolvable conflicts with other Flow
Specifications that are already installed) MUST respond with a PCErr Specifications that are already installed) MUST respond with a PCErr
message with error-type TBD8 (FlowSpec Error), error-value 3 message with Error-Type 30 (FlowSpec Error) and Error-value 3
(Unresolvable Conflict) and MUST NOT install the Flow Specification. (Unresolvable Conflict) and MUST NOT install the Flow Specification.
9. PCEP Messages 9. PCEP Messages
This section describes the format of messages that contain FLOWSPEC This section describes the format of messages that contain FLOWSPEC
objects. The only difference to previous message formats is the objects. The only difference from previous message formats is the
inclusion of that object. inclusion of that object.
The figures in this section use the notation defined in [RFC5511]. The figures in this section use the notation defined in [RFC5511].
The FLOWSPEC object is OPTIONAL and MAY be carried in the PCEP The FLOWSPEC object is OPTIONAL and MAY be carried in the PCEP
messages. messages.
The PCInitiate message is defined in [RFC8281] and updated as below: The PCInitiate message is defined in [RFC8281] and updated as below:
<PCInitiate Message> ::= <Common Header> <PCInitiate Message> ::= <Common Header>
skipping to change at page 23, line 23 skipping to change at line 949
<path> <path>
[<flowspec-list>] [<flowspec-list>]
Where: Where:
<path>::= <intended-path> <path>::= <intended-path>
[<actual-attribute-list><actual-path>] [<actual-attribute-list><actual-path>]
<intended-attribute-list> <intended-attribute-list>
<flowspec-list> ::= <FLOWSPEC> [<flowspec-list>] <flowspec-list> ::= <FLOWSPEC> [<flowspec-list>]
The PCReq message is defined in [RFC5440] and updated in [RFC8231], The PCReq message is defined in [RFC5440] and updated in [RFC8231];
it is further updated below for flow specification: it is further updated below for a Flow Specification:
<PCReq Message>::= <Common Header> <PCReq Message>::= <Common Header>
[<svec-list>] [<svec-list>]
<request-list> <request-list>
Where: Where:
<svec-list>::= <SVEC>[<svec-list>] <svec-list>::= <SVEC>[<svec-list>]
<request-list>::= <request>[<request-list>] <request-list>::= <request>[<request-list>]
skipping to change at page 24, line 5 skipping to change at line 975
[<BANDWIDTH>] [<BANDWIDTH>]
[<metric-list>] [<metric-list>]
[<RRO>[<BANDWIDTH>]] [<RRO>[<BANDWIDTH>]]
[<IRO>] [<IRO>]
[<LOAD-BALANCING>] [<LOAD-BALANCING>]
[<flowspec-list>] [<flowspec-list>]
Where: Where:
<flowspec-list> ::= <FLOWSPEC> [<flowspec-list>] <flowspec-list> ::= <FLOWSPEC> [<flowspec-list>]
The PCRep message is defined in [RFC5440] and updated in [RFC8231], The PCRep message is defined in [RFC5440] and updated in [RFC8231];
it is further updated below for flow specification: it is further updated below for a Flow Specification:
<PCRep Message> ::= <Common Header> <PCRep Message> ::= <Common Header>
<response-list> <response-list>
Where: Where:
<response-list>::=<response>[<response-list>] <response-list>::=<response>[<response-list>]
<response>::=<RP> <response>::=<RP>
[<LSP>] [<LSP>]
[<NO-PATH>] [<NO-PATH>]
[<attribute-list>] [<attribute-list>]
[<path-list>] [<path-list>]
[<flowspec-list>] [<flowspec-list>]
Where: Where:
<flowspec-list> ::= <FLOWSPEC> [<flowspec-list>] <flowspec-list> ::= <FLOWSPEC> [<flowspec-list>]
10. IANA Considerations 10. IANA Considerations
IANA maintains the "Path Computation Element Protocol (PCEP) Numbers" This document requests that IANA allocate code points for the
registry. This document requests IANA actions to allocate code protocol elements defined in this document.
points for the protocol elements defined in this document.
10.1. PCEP Objects 10.1. PCEP Objects
Each PCEP object has an Object-Class and an Object-Type. IANA IANA maintains a subregistry called "PCEP Objects" within the "Path
maintains a subregistry called "PCEP Objects". IANA is requested to Computation Element Protocol (PCEP) Numbers" registry. Each PCEP
make an assignment from this subregistry as follows: object has an Object-Class and an Object-Type, and IANA has allocated
new code points in this subregistry as follows:
Object-Class | Value Name | Object-Type | Reference +====================+==========+=======================+===========+
-------------+-------------+------------------------+---------------- | Object-Class Value | Name | Object-Type | Reference |
TBD3 | FLOWSPEC | 0: Reserved | [This.I-D] +====================+==========+=======================+===========+
| | 1: Flow Specification | [This.I-D] | 43 | FLOWSPEC | 0: Reserved | RFC 9168 |
| | +-----------------------+-----------+
| | | 1: Flow | RFC 9168 |
| | | Specification | |
+--------------------+----------+-----------------------+-----------+
Table 3: PCEP Objects Subregistry Additions
10.1.1. PCEP FLOWSPEC Object Flag Field 10.1.1. PCEP FLOWSPEC Object Flag Field
This document requests that a new sub-registry, named "FLOWSPEC This document requests that a new subregistry, "FLOWSPEC Object Flag
Object Flag Field", is created within the "Path Computation Element Field", be created within the "Path Computation Element Protocol
Protocol (PCEP) Numbers" registry to manage the Flag field of the (PCEP) Numbers" registry to manage the Flag field of the FLOWSPEC
FLOWSPEC object. New values are to be assigned by Standards Action object. New values are to be assigned by Standards Action [RFC8126].
[RFC8126]. Each bit should be tracked with the following qualities: Each bit should be tracked with the following qualities:
o Bit number (counting from bit 0 as the most significant bit) * Bit number (counting from bit 0 as the most significant bit)
o Capability description * Capability description
o Defining RFC * Defining RFC
The initial population of this registry is as follows: The initial population of this registry is as follows:
Bit | Description | Reference +=====+================+===========+
-----+--------------------+------------- | Bit | Description | Reference |
0-5 | Unnassigned | +=====+================+===========+
6 | LPM (L bit) | [This.I-D] | 0-5 | Unassigned | |
7 | Remove (R bit) | [This.I-D] +-----+----------------+-----------+
| 6 | LPM (L bit) | RFC 9168 |
+-----+----------------+-----------+
| 7 | Remove (R bit) | RFC 9168 |
+-----+----------------+-----------+
Table 4: Initial Contents of the
FLOWSPEC Object Flag Field
Registry
10.2. PCEP TLV Type Indicators 10.2. PCEP TLV Type Indicators
IANA maintains a subregistry called "PCEP TLV Type Indicators". IANA IANA maintains a subregistry called "PCEP TLV Type Indicators" within
is requested to make an assignment from this subregistry as follows: the "Path Computation Element Protocol (PCEP) Numbers" registry.
IANA has made the following allocations in this subregistry:
Value | Meaning | Reference +=======+=============================+===========+
--------+------------------------------+------------- | Value | Description | Reference |
TBD2 | PCE-FLOWSPEC-CAPABILITY TLV | [This.I-D] +=======+=============================+===========+
TBD4 | FLOW FILTER TLV | [This.I-D] | 51 | PCE-FLOWSPEC-CAPABILITY TLV | RFC 9168 |
TBD9 | L2 FLOW FILTER TLV | [This.I-D] +-------+-----------------------------+-----------+
| 52 | FLOW FILTER TLV | RFC 9168 |
+-------+-----------------------------+-----------+
Table 5: PCEP TLV Type Indicators Subregistry
Additions
10.3. Flow Specification TLV Type Indicators 10.3. Flow Specification TLV Type Indicators
IANA is requested to create a new subregistry call the "PCEP Flow IANA has created a new subregistry called "PCEP Flow Specification
Specification TLV Type Indicators" registry. TLV Type Indicators" within the "Path Computation Element Protocol
(PCEP) Numbers" registry.
Allocations from this registry are to be made according to the Allocations from this registry are to be made according to the
following assignment policies [RFC8126]: following assignment policies [RFC8126]:
Range | Assignment policy +=============+===================================+
---------------+--------------------------------------------------- | Range | Registration Procedures |
0 .. 255 | Reserved - must not be allocated. +=============+===================================+
| Usage mirrors the BGP FlowSpec registry | 0-255 | Reserved - must not be allocated. |
| [I-D.ietf-idr-rfc5575bis] and | | |
| [I-D.ietf-idr-flow-spec-v6]. | | Usage mirrors the BGP Flow Spec |
| | | registry [RFC8955] [RFC8956]. |
256 .. 64506 | Specification Required +-------------+-----------------------------------+
| | 256-64506 | Specification Required |
64507 .. 65531 | First Come First Served +-------------+-----------------------------------+
| | 64507-65531 | First Come First Served |
65532 .. 65535 | Experimental +-------------+-----------------------------------+
| 65532-65535 | Experimental Use |
IANA is requested to pre-populate this registry with values defined +-------------+-----------------------------------+
in this document as follows, taking the new values from the range 256
to 64506:
Value | Meaning
-------+------------------------
TBD5 | Route Distinguisher
TBD6 | IPv4 Multicast
TBD7 | IPv6 Multicast
10.4. L2 Flow Specification TLV Type Indicators Table 6: Registration Procedures for the PCEP
Flow Specification TLV Type Indicators
Subregistry
IANA is requested to create a new subregistry called the "PCEP L2 IANA has populated this registry with values defined in this document
Flow Specification TLV Type Indicators" registry. as follows, taking the new values from the range 256 to 64506:
Allocations from this registry are to be made according to the +=======+=====================+
following assignment policies [RFC8126]: | Value | Meaning |
+=======+=====================+
| 256 | Route Distinguisher |
+-------+---------------------+
| 257 | IPv4 Multicast |
+-------+---------------------+
| 258 | IPv6 Multicast |
+-------+---------------------+
Range | Assignment policy Table 7: Initial Contents
---------------+--------------------------------------------------- of the PCEP Flow
0 .. 255 | Reserved - must not be allocated. Specification TLV Type
| Usage mirrors the BGP L2 FlowSpec registry Indicators Subregistry
| [I-D.ietf-idr-flowspec-l2vpn].
|
256 .. 64506 | Specification Required
|
64507 .. 65531 | First Come First Served
|
65532 .. 65535 | Experimental
10.5. PCEP Error Codes 10.4. PCEP Error Codes
IANA maintains a subregistry called "PCEP-ERROR Object Error Types IANA maintains a subregistry called "PCEP-ERROR Object Error Types
and Values". Entries in this subregistry are described by Error-Type and Values" within the "Path Computation Element Protocol (PCEP)
and Error-value. IANA is requested to make the following assignment Numbers" registry. Entries in this subregistry are described by
from this subregistry: Error-Type and Error-value. IANA has added the following assignment
to this subregistry:
Error-| Meaning | Error-value | Reference
Type | | |
-------+--------------------+----------------------------+-----------
TBD8 | FlowSpec error | 0: Unassigned | [This.I-D]
| | 1: Unsupported FlowSpec | [This.I-D]
| | 2: Malformed FlowSpec | [This.I-D]
| | 3: Unresolvable Conflict | [This.I-D]
| | 4: Unknown FlowSpec | [This.I-D]
| | 5: Unsupported LPM Route | [This.I-D]
| | 6-255: Unassigned | [This.I-D]
10.6. PCE Capability Flag
IANA maintains a subregistry called "Open Shortest Path First v2
(OSPFv2) Parameters" with a sub-registry called "Path Computation
Element (PCE) Capability Flags". IANA is requested to assign a new
capability bit from this registry as follows:
Bit | Capability Description | Reference +============+================+=========================+===========+
-------+-------------------------------+------------ | Error-Type | Meaning | Error-value | Reference |
TBD1 | FlowSpec | [This.I-D] +============+================+=========================+===========+
| 30 | FlowSpec error | 0: Unassigned | RFC 9168 |
| | +-------------------------+-----------+
| | | 1: Unsupported | RFC 9168 |
| | | FlowSpec | |
| | +-------------------------+-----------+
| | | 2: Malformed | RFC 9168 |
| | | FlowSpec | |
| | +-------------------------+-----------+
| | | 3: Unresolvable | RFC 9168 |
| | | Conflict | |
| | +-------------------------+-----------+
| | | 4: Unknown | RFC 9168 |
| | | FlowSpec | |
| | +-------------------------+-----------+
| | | 5: Unsupported | RFC 9168 |
| | | LPM Route | |
| | +-------------------------+-----------+
| | | 6-255: | RFC 9168 |
| | | Unassigned | |
+------------+----------------+-------------------------+-----------+
11. Implementation Status Table 8: PCEP-ERROR Object Error Types and Values Subregistry
Additions
[NOTE TO RFC EDITOR : This whole section and the reference to RFC 10.5. PCE Capability Flag
7942 is to be removed before publication as an RFC]
This section records the status of known implementations of the IANA has registered a new capability bit in the OSPF Parameters "Path
protocol defined by this specification at the time of posting of this Computation Element (PCE) Capability Flags" registry as follows:
Internet-Draft, and is based on a proposal described in [RFC7942].
The description of implementations in this section is intended to
assist the IETF in its decision processes in progressing drafts to
RFCs. Please note that the listing of any individual implementation
here does not imply endorsement by the IETF. Furthermore, no effort
has been spent to verify the information presented here that was
supplied by IETF contributors. This is not intended as, and must not
be construed to be, a catalog of available implementations or their
features. Readers are advised to note that other implementations may
exist.
According to [RFC7942], "this will allow reviewers and working groups +=====+========================+===========+
to assign due consideration to documents that have the benefit of | Bit | Capability Description | Reference |
running code, which may serve as evidence of valuable experimentation +=====+========================+===========+
and feedback that have made the implemented protocols more mature. | 16 | FlowSpec | RFC 9168 |
It is up to the individual working groups to use this information as +-----+------------------------+-----------+
they see fit".
At the time of posting the -12 version of this document, there are no Table 9: Path Computation Element (PCE)
known implementations of this mechanism. It is believed that two Capability Flags Registry Additions
vendors are considering prototype implementations, but these plans
are too vague to make any further assertions.
12. Security Considerations 11. Security Considerations
We may assume that a system that utilizes a remote PCE is subject to We may assume that a system that utilizes a remote PCE is subject to
a number of vulnerabilities that could allow spurious LSPs or SR a number of vulnerabilities that could allow spurious LSPs or SR
paths to be established or that could result in existing paths being paths to be established or that could result in existing paths being
modified or torn down. Such systems, therefore, apply security modified or torn down. Such systems, therefore, apply security
considerations as described in [RFC5440], Section 2.5 of [RFC6952], considerations as described in [RFC5440], Section 2.5 of [RFC6952],
[RFC8253], and [I-D.ietf-idr-rfc5575bis]. [RFC8253], and [RFC8955].
The description of Flow Specifications associated with paths set up The description of Flow Specifications associated with paths set up
or controlled by a PCE add a further detail that could be attacked or controlled by a PCE adds a further detail that could be attacked
without tearing down LSPs or SR paths, but causing traffic to be without tearing down LSPs or SR paths but causes traffic to be
misrouted within the network. Therefore, the use of the security misrouted within the network. Therefore, the use of the security
mechanisms for PCEP referenced above is important. mechanisms for PCEP referenced above is important.
Visibility into the information carried in PCEP does not have direct Visibility into the information carried in PCEP does not have direct
privacy concerns for end-users' data, however, knowledge of how data privacy concerns for end users' data; however, knowledge of how data
is routed in a network may make that data more vulnerable. Of is routed in a network may make that data more vulnerable. Of
course, the ability to interfere with the way data is routed also course, the ability to interfere with the way data is routed also
makes the data more vulnerable. Furthermore, knowledge of the makes the data more vulnerable. Furthermore, knowledge of the
connected end-points (such as multicast receivers or VPN sites) is connected endpoints (such as multicast receivers or VPN sites) is
usually considered private customer information. Therefore, usually considered private customer information. Therefore,
implementations or deployments concerned with protecting privacy MUST implementations or deployments concerned with protecting privacy MUST
apply the mechanisms described in the documents referenced above: in apply the mechanisms described in the documents referenced above, in
particular to secure the PCEP session using IPSec per Sections 10.4 particular, to secure the PCEP session using IPsec per Sections 10.4
to 10.6 of [RFC5440] or TLS per [RFC8253]. Note that TCP-MD5 to 10.6 of [RFC5440] or TLS per [RFC8253]. Note that TCP-MD5
security as originally suggested in [RFC5440] does not provide security as originally suggested in [RFC5440] does not provide
sufficient security or privacy guarantees, and SHOULD NOT be relied sufficient security or privacy guarantees and SHOULD NOT be relied
upon. upon.
Experience with Flow Specifications in BGP systems indicates that Experience with Flow Specifications in BGP systems indicates that
they can become complex and that the overlap of Flow Specifications they can become complex and that the overlap of Flow Specifications
installed in different orders can lead to unexpected results. installed in different orders can lead to unexpected results.
Although this is not directly a security issue per se, the confusion Although this is not directly a security issue per se, the confusion
and unexpected forwarding behavior may be engineered or exploited by and unexpected forwarding behavior may be engineered or exploited by
an attacker. Furthermore, this complexity might give rise to a an attacker. Furthermore, this complexity might give rise to a
situation where the forwarding behaviors might create gaps in the situation where the forwarding behaviors might create gaps in the
monitoring and inspection of particular traffic or provide a path monitoring and inspection of particular traffic or provide a path
that avoids expected mitigations. Therefore, implementers and that avoids expected mitigations. Therefore, implementers and
operators SHOULD pay careful attention to the Manageability operators SHOULD pay careful attention to the manageability
Considerations described in Section 13 and familiarize themselves considerations described in Section 12 and familiarize themselves
with the careful explanations in [I-D.ietf-idr-rfc5575bis]. with the careful explanations in [RFC8955].
13. Manageability Considerations 12. Manageability Considerations
The feature introduced by this document enables operational The feature introduced by this document enables operational
manageability of networks operated in conjunction with a PCE and manageability of networks operated in conjunction with a PCE and
using PCEP. Without this feature, but in the case of a stateful using PCEP. In the case of a stateful active PCE or with PCE-
active PCE or with PCE-initiated services, additional manual initiated services, in the absence of this feature, additional manual
configuration is needed to tell the head-ends what traffic to place configuration is needed to tell the head ends what traffic to place
on the network services (LSPs, SR paths, etc.). on the network services (LSPs, SR paths, etc.).
This section follows the advice and guidance of [RFC6123]. This section follows the advice and guidance of [RFC6123].
13.1. Management of Multiple Flow Specifications 12.1. Management of Multiple Flow Specifications
Experience with flow specification in BGP suggests that there can be Experience with Flow Specification in BGP suggests that there can be
a lot of complexity when two or more flow specifications overlap. a lot of complexity when two or more Flow Specifications overlap.
This can arise, for example, with addresses indicated using prefixes, This can arise, for example, with addresses indicated using prefixes
and could cause confusion about what traffic should be placed on and could cause confusion about what traffic should be placed on
which path. Unlike the behavior in a distributed routing system, it which path. Unlike the behavior in a distributed routing system, it
is not important to the routing stablity and consistency of the is not important to the routing stability and consistency of the
network that each head-end implementation applies the same rules to network that each head-end implementation applies the same rules to
disambiguate overlapping Flow Specifications, but it is important disambiguate overlapping Flow Specifications, but it is important
that: that:
o A network operator can easily find out what traffic is being * a network operator can easily find out what traffic is being
placed on which path and why. This will facilitate analysis of placed on which path and why. This will facilitate analysis of
the network and diagnosis of faults. the network and diagnosis of faults.
o A PCE is able to correctly predict the effect of instructions it * a PCE be able to correctly predict the effect of instructions it
gives to a PCC. This will ensure that traffic is correctly placed gives to a PCC. This will ensure that traffic is correctly placed
on the network without causing congestion or other network on the network without causing congestion or other network
inefficiencies, and that traffic is correctly delivered. inefficiencies and that traffic is correctly delivered.
To that end, a PCC MUST enable an operator to view the the Flow To that end, a PCC MUST enable an operator to view the Flow
Specifications that it has installed, and these MUST be presented in Specifications that it has installed, and these MUST be presented in
order of precedence such that when two Flow Specifications overlap, order of precedence such that when two Flow Specifications overlap,
the one that will be serviced with higher precedence is presented to the one that will be serviced with higher precedence is presented to
the operator first. the operator first.
A discussion of precedence ordering for flow specifications is found A discussion of precedence ordering for Flow Specifications is found
in Section 8.7. in Section 8.7.
13.2. Control of Function through Configuration and Policy 12.2. Control of Function through Configuration and Policy
Support for the function described in this document implies that a Support for the function described in this document implies that a
functional element that is capable of requesting a PCE to compute and functional element that is capable of requesting that a PCE compute
control a path is also able to configure the specification of what and control a path is also able to configure the specification of
traffic should be placed on that path. Where there is a human what traffic should be placed on that path. Where there is a human
involved in this action, configuration of the Flow Specification must involved in this action, configuration of the Flow Specification must
be available through an interface (such as a graphical user interface be available through an interface (such as a graphical user interface
or a command line interface). Where a distinct software component or a Command Line Interface). Where a distinct software component
(i.e., one not co-implemented with the PCE) is used, a protocol (i.e., one not co-implemented with the PCE) is used, a protocol
mechanism will be required that could be PCEP itself or could be a mechanism will be required that could be PCEP itself or a data model,
data model such as extensions to the YANG model for requesting path such as extensions to the YANG model for requesting path computation
computation [I-D.ietf-teas-yang-path-computation]. [TEAS-YANG-PATH].
Implementations MAY be constructed with a configurable switch to say Implementations MAY be constructed with a configurable switch to
whether they support the functions defined in this document. indicate whether they support the functions defined in this document.
Otherwise, such implementations MUST indicate that they support the Otherwise, such implementations MUST indicate that they support the
function as described in Section 4. If an implementation supports function as described in Section 4. If an implementation allows
configurable support of this function, that support MAY be configurable support of this function, that support MAY be
configurable per peer or once for the whole implementation. configurable per peer or once for the whole implementation.
As mentioned in Section 13.1, a PCE implementation SHOULD provide a As mentioned in Section 12.1, a PCE implementation SHOULD provide a
mechanism to configure variations in the precedence ordering of Flow mechanism to configure variations in the precedence ordering of Flow
Specifications per PCC. Specifications per PCC.
13.3. Information and Data Models 12.3. Information and Data Models
The YANG model in [I-D.ietf-pce-pcep-yang] can be used to model and The YANG model in [PCE-PCEP-YANG] can be used to model and monitor
monitor PCEP states and messages. To make that YANG model useful for PCEP states and messages. To make that YANG model useful for the
the extensions described in this document, it would need to be extensions described in this document, it would need to be augmented
augmented to cover the new protocol elements. to cover the new protocol elements.
Similarly, as noted in Section 13.2, the YANG model defined in Similarly, as noted in Section 12.2, the YANG model defined in
[I-D.ietf-teas-yang-path-computation] could be extended to allow [TEAS-YANG-PATH] could be extended to allow the specification of Flow
specification of Flow Specifications. Specifications.
Finally, as mentioned in Section 13.1, a PCC implementation SHOULD Finally, as mentioned in Section 12.1, a PCC implementation SHOULD
provide a mechanism to allow an operator to read the Flow provide a mechanism to allow an operator to read the Flow
Specifications from a PCC and to understand in what order they will Specifications from a PCC and to understand in what order they will
be executed. This could be achieved using a new YANG model. be executed. This could be achieved using a new YANG model.
13.4. Liveness Detection and Monitoring 12.4. Liveness Detection and Monitoring
The extensions defined in this document do not require any additional The extensions defined in this document do not require any additional
liveness detection and monitoring support. See [RFC5440] and liveness detection and monitoring support. See [RFC5440] and
[RFC5886] for more information. [RFC5886] for more information.
13.5. Verifying Correct Operation 12.5. Verifying Correct Operation
The chief element of operation that needs to be verified (in addition The chief element of operation that needs to be verified (in addition
to the operation of the protocol elements as described in [RFC5440]) to the operation of the protocol elements as described in [RFC5440])
is the installation, precedence, and correct operation of the Flow is the installation, precedence, and correct operation of the Flow
Specifications at a PCC. Specifications at a PCC.
In addition to the YANG model for reading Flow Specifications In addition to the YANG model, for reading Flow Specifications
described in Section 13.3, tools may be needed to inject Operations described in Section 12.3, tools may be needed to inject Operations
and Management (OAM) traffic at the PCC that matches specific and Management (OAM) traffic at the PCC that matches specific
criteria so that it can be monitored as traveling along the desired criteria so that it can be monitored while traveling along the
path. Such tools are outside the scope of this document. desired path. Such tools are outside the scope of this document.
13.6. Requirements on Other Protocols and Functional Components 12.6. Requirements for Other Protocols and Functional Components
This document places no requirements on other protocols or This document places no requirements on other protocols or
components. components.
13.7. Impact on Network Operation 12.7. Impact on Network Operation
The use of the features described in this document clearly have an The use of the features described in this document clearly have an
important impact on network traffic since they cause traffic to be important impact on network traffic since they cause traffic to be
routed on specific paths in the network. However, in practice, these routed on specific paths in the network. However, in practice, these
changes make no direct changes to the network operation because changes make no direct changes to the network operation because
traffic is already placed on those paths using some pre-existing traffic is already placed on those paths using some pre-existing
configuration mechanism. Thus, the significant change is the configuration mechanism. Thus, the significant change is the
reduction in mechanisms that have to be applied, rather than a change reduction in mechanisms that have to be applied rather than a change
to how the traffic is passed through the network. to how the traffic is passed through the network.
14. Acknowledgements 13. References
Thanks to Julian Lucek, Sudhir Cheruathur, Olivier Dugeon, Jayant
Agarwal, Jeffrey Zhang, Acee Lindem, Vishnu Pavan Beeram, Julien
Meuric, Deborah Brungard, Eric Vyncke, Erik Kline, Benjamin Kaduk,
Martin Duke, Roman Danyliw, and Alvaro Retana for useful discussions
and comments.
15. References
15.1. Normative References
[I-D.ietf-idr-flow-spec-v6]
Loibl, C., Raszuk, R., and S. Hares, "Dissemination of
Flow Specification Rules for IPv6", draft-ietf-idr-flow-
spec-v6-17 (work in progress), October 2020.
[I-D.ietf-idr-flowspec-l2vpn]
Weiguo, H., Eastlake, D., Litkowski, S., and S. Zhuang,
"BGP Dissemination of L2 Flow Specification Rules", draft-
ietf-idr-flowspec-l2vpn-15 (work in progress), May 2020.
[I-D.ietf-idr-rfc5575bis] 13.1. Normative References
Loibl, C., Hares, S., Raszuk, R., McPherson, D., and M.
Bacher, "Dissemination of Flow Specification Rules",
draft-ietf-idr-rfc5575bis-27 (work in progress), October
2020.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private [RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private
Networks (VPNs)", RFC 4364, DOI 10.17487/RFC4364, February Networks (VPNs)", RFC 4364, DOI 10.17487/RFC4364, February
2006, <https://www.rfc-editor.org/info/rfc4364>. 2006, <https://www.rfc-editor.org/info/rfc4364>.
skipping to change at page 33, line 29 skipping to change at line 1375
Path Computation Element Communication Protocol (PCEP)", Path Computation Element Communication Protocol (PCEP)",
RFC 8253, DOI 10.17487/RFC8253, October 2017, RFC 8253, DOI 10.17487/RFC8253, October 2017,
<https://www.rfc-editor.org/info/rfc8253>. <https://www.rfc-editor.org/info/rfc8253>.
[RFC8281] Crabbe, E., Minei, I., Sivabalan, S., and R. Varga, "Path [RFC8281] Crabbe, E., Minei, I., Sivabalan, S., and R. Varga, "Path
Computation Element Communication Protocol (PCEP) Computation Element Communication Protocol (PCEP)
Extensions for PCE-Initiated LSP Setup in a Stateful PCE Extensions for PCE-Initiated LSP Setup in a Stateful PCE
Model", RFC 8281, DOI 10.17487/RFC8281, December 2017, Model", RFC 8281, DOI 10.17487/RFC8281, December 2017,
<https://www.rfc-editor.org/info/rfc8281>. <https://www.rfc-editor.org/info/rfc8281>.
15.2. Informative References [RFC8955] Loibl, C., Hares, S., Raszuk, R., McPherson, D., and M.
Bacher, "Dissemination of Flow Specification Rules",
RFC 8955, DOI 10.17487/RFC8955, December 2020,
<https://www.rfc-editor.org/info/rfc8955>.
[I-D.gont-numeric-ids-sec-considerations] [RFC8956] Loibl, C., Ed., Raszuk, R., Ed., and S. Hares, Ed.,
"Dissemination of Flow Specification Rules for IPv6",
RFC 8956, DOI 10.17487/RFC8956, December 2020,
<https://www.rfc-editor.org/info/rfc8956>.
13.2. Informative References
[BGP-L2VPN]
Hao, W., Eastlake, D. E., Litkowski, S., and S. Zhuang,
"BGP Dissemination of L2 Flow Specification Rules", Work
in Progress, Internet-Draft, draft-ietf-idr-flowspec-
l2vpn-18, 24 October 2021,
<https://datatracker.ietf.org/doc/html/draft-ietf-idr-
flowspec-l2vpn-18>.
[NUMERIC-IDS-SEC]
Gont, F. and I. Arce, "Security Considerations for Gont, F. and I. Arce, "Security Considerations for
Transient Numeric Identifiers Employed in Network Transient Numeric Identifiers Employed in Network
Protocols", draft-gont-numeric-ids-sec-considerations-05 Protocols", Work in Progress, Internet-Draft, draft-gont-
(work in progress), July 2020. numeric-ids-sec-considerations-06, 5 December 2020,
<https://datatracker.ietf.org/doc/html/draft-gont-numeric-
[I-D.ietf-pce-pcep-yang] ids-sec-considerations-06>.
Dhody, D., Hardwick, J., Beeram, V., and J. Tantsura, "A
YANG Data Model for Path Computation Element
Communications Protocol (PCEP)", draft-ietf-pce-pcep-
yang-14 (work in progress), July 2020.
[I-D.ietf-teas-yang-path-computation] [PCE-PCEP-YANG]
Busi, I., Belotti, S., Lopez, V., Sharma, A., and Y. Shi, Dhody, D., Hardwick, J., Beeram, V. P., and J. Tantsura,
"Yang model for requesting Path Computation", draft-ietf- "A YANG Data Model for Path Computation Element
teas-yang-path-computation-10 (work in progress), July Communications Protocol (PCEP)", Work in Progress,
2020. Internet-Draft, draft-ietf-pce-pcep-yang-17, 23 October
2021, <https://datatracker.ietf.org/doc/html/draft-ietf-
pce-pcep-yang-17>.
[RFC4655] Farrel, A., Vasseur, J., and J. Ash, "A Path Computation [RFC4655] Farrel, A., Vasseur, J.-P., and J. Ash, "A Path
Element (PCE)-Based Architecture", RFC 4655, Computation Element (PCE)-Based Architecture", RFC 4655,
DOI 10.17487/RFC4655, August 2006, DOI 10.17487/RFC4655, August 2006,
<https://www.rfc-editor.org/info/rfc4655>. <https://www.rfc-editor.org/info/rfc4655>.
[RFC5088] Le Roux, JL., Ed., Vasseur, JP., Ed., Ikejiri, Y., and R. [RFC5088] Le Roux, JL., Ed., Vasseur, JP., Ed., Ikejiri, Y., and R.
Zhang, "OSPF Protocol Extensions for Path Computation Zhang, "OSPF Protocol Extensions for Path Computation
Element (PCE) Discovery", RFC 5088, DOI 10.17487/RFC5088, Element (PCE) Discovery", RFC 5088, DOI 10.17487/RFC5088,
January 2008, <https://www.rfc-editor.org/info/rfc5088>. January 2008, <https://www.rfc-editor.org/info/rfc5088>.
[RFC5089] Le Roux, JL., Ed., Vasseur, JP., Ed., Ikejiri, Y., and R. [RFC5089] Le Roux, JL., Ed., Vasseur, JP., Ed., Ikejiri, Y., and R.
Zhang, "IS-IS Protocol Extensions for Path Computation Zhang, "IS-IS Protocol Extensions for Path Computation
skipping to change at page 34, line 36 skipping to change at line 1447
BGP, LDP, PCEP, and MSDP Issues According to the Keying BGP, LDP, PCEP, and MSDP Issues According to the Keying
and Authentication for Routing Protocols (KARP) Design and Authentication for Routing Protocols (KARP) Design
Guide", RFC 6952, DOI 10.17487/RFC6952, May 2013, Guide", RFC 6952, DOI 10.17487/RFC6952, May 2013,
<https://www.rfc-editor.org/info/rfc6952>. <https://www.rfc-editor.org/info/rfc6952>.
[RFC7399] Farrel, A. and D. King, "Unanswered Questions in the Path [RFC7399] Farrel, A. and D. King, "Unanswered Questions in the Path
Computation Element Architecture", RFC 7399, Computation Element Architecture", RFC 7399,
DOI 10.17487/RFC7399, October 2014, DOI 10.17487/RFC7399, October 2014,
<https://www.rfc-editor.org/info/rfc7399>. <https://www.rfc-editor.org/info/rfc7399>.
[RFC7942] Sheffer, Y. and A. Farrel, "Improving Awareness of Running
Code: The Implementation Status Section", BCP 205,
RFC 7942, DOI 10.17487/RFC7942, July 2016,
<https://www.rfc-editor.org/info/rfc7942>.
[RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for
Writing an IANA Considerations Section in RFCs", BCP 26, Writing an IANA Considerations Section in RFCs", BCP 26,
RFC 8126, DOI 10.17487/RFC8126, June 2017, RFC 8126, DOI 10.17487/RFC8126, June 2017,
<https://www.rfc-editor.org/info/rfc8126>. <https://www.rfc-editor.org/info/rfc8126>.
[RFC8283] Farrel, A., Ed., Zhao, Q., Ed., Li, Z., and C. Zhou, "An [RFC8283] Farrel, A., Ed., Zhao, Q., Ed., Li, Z., and C. Zhou, "An
Architecture for Use of PCE and the PCE Communication Architecture for Use of PCE and the PCE Communication
Protocol (PCEP) in a Network with Central Control", Protocol (PCEP) in a Network with Central Control",
RFC 8283, DOI 10.17487/RFC8283, December 2017, RFC 8283, DOI 10.17487/RFC8283, December 2017,
<https://www.rfc-editor.org/info/rfc8283>. <https://www.rfc-editor.org/info/rfc8283>.
[RFC8664] Sivabalan, S., Filsfils, C., Tantsura, J., Henderickx, W., [RFC8664] Sivabalan, S., Filsfils, C., Tantsura, J., Henderickx, W.,
and J. Hardwick, "Path Computation Element Communication and J. Hardwick, "Path Computation Element Communication
Protocol (PCEP) Extensions for Segment Routing", RFC 8664, Protocol (PCEP) Extensions for Segment Routing", RFC 8664,
DOI 10.17487/RFC8664, December 2019, DOI 10.17487/RFC8664, December 2019,
<https://www.rfc-editor.org/info/rfc8664>. <https://www.rfc-editor.org/info/rfc8664>.
Appendix A. Contributors [TEAS-YANG-PATH]
Busi, I., Belotti, S., Lopez, V., Sharma, A., and Y. Shi,
"YANG Data Model for requesting Path Computation", Work in
Progress, Internet-Draft, draft-ietf-teas-yang-path-
computation-16, 6 September 2021,
<https://datatracker.ietf.org/doc/html/draft-ietf-teas-
yang-path-computation-16>.
Acknowledgements
Thanks to Julian Lucek, Sudhir Cheruathur, Olivier Dugeon, Jayant
Agarwal, Jeffrey Zhang, Acee Lindem, Vishnu Pavan Beeram, Julien
Meuric, Deborah Brungard, Éric Vyncke, Erik Kline, Benjamin Kaduk,
Martin Duke, Roman Danyliw, and Alvaro Retana for useful discussions
and comments.
Contributors
Shankara Shankara
Huawei Technologies Huawei Technologies
Divyashree Techno Park, Divyashree Techno Park, Whitefield
Whitefield Bangalore, Bangalore 560066
Karnataka Karnataka
560066
India India
Email: shankara@huawei.com Email: shankara@huawei.com
Qiandeng Liang Qiandeng Liang
Huawei Technologies Huawei Technologies
101 Software Avenue,
Yuhuatai District Yuhuatai District
Nanjing 101 Software Avenue,
210012 Nanjing, 210012
China China
Email: liangqiandeng@huawei.com Email: liangqiandeng@huawei.com
Cyril Margaria Cyril Margaria
Juniper Networks Juniper Networks
200 Somerset Corporate Boulevard, Suite 4001 200 Somerset Corporate Boulevard, Suite 4001
Bridgewater, NJ Bridgewater, NJ 08807
08807 United States of America
USA
Email: cmargaria@juniper.net Email: cmargaria@juniper.net
Colby Barth Colby Barth
Juniper Networks Juniper Networks
200 Somerset Corporate Boulevard, Suite 4001 200 Somerset Corporate Boulevard, Suite 4001
Bridgewater, NJ Bridgewater, NJ 08807
08807 United States of America
USA
Email: cbarth@juniper.net Email: cbarth@juniper.net
Xia Chen Xia Chen
Huawei Technologies Huawei Technologies
Huawei Bld., No.156 Beiqing Rd. Huawei Bld., No. 156 Beiqing Rd.
Beijing Beijing, 100095
100095
China China
Email: jescia.chenxia@huawei.com Email: jescia.chenxia@huawei.com
Shunwan Zhuang Shunwan Zhuang
Huawei Technologies Huawei Technologies
Huawei Bld., No.156 Beiqing Rd. Huawei Bld., No. 156 Beiqing Rd.
Beijing Beijing, 100095
100095
China China
Email: zhuangshunwan@huawei.com Email: zhuangshunwan@huawei.com
Cheng Li Cheng Li
Huawei Technologies Huawei Technologies
Huawei Campus, No. 156 Beiqing Rd. Huawei Campus, No. 156 Beiqing Rd.
Beijing 100095 Beijing, 100095
China China
Email: c.l@huawei.com Email: c.l@huawei.com
Authors' Addresses Authors' Addresses
Dhruv Dhody Dhruv Dhody
Huawei Technologies Huawei Technologies
Divyashree Techno Park, Whitefield Divyashree Techno Park, Whitefield
Bangalore, Karnataka 560066 Bangalore 560066
Karnataka
India India
Email: dhruv.ietf@gmail.com Email: dhruv.ietf@gmail.com
Adrian Farrel Adrian Farrel
Old Dog Consulting Old Dog Consulting
Email: adrian@olddog.co.uk Email: adrian@olddog.co.uk
Zhenbin Li Zhenbin Li
Huawei Technologies Huawei Technologies
Huawei Bld., No.156 Beiqing Rd. Huawei Bldg., No. 156 Beiqing Rd.
Beijing 100095 Beijing
100095
China China
Email: lizhenbin@huawei.com Email: lizhenbin@huawei.com
 End of changes. 215 change blocks. 
743 lines changed or deleted 667 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/