rfc9217.original   rfc9217.txt 
Path Aware Networking RG B. Trammell Internet Research Task Force (IRTF) B. Trammell
Internet-Draft Google Switzerland GmbH Request for Comments: 9217 Google Switzerland GmbH
Intended status: Informational 25 January 2022 Category: Informational March 2022
Expires: 29 July 2022 ISSN: 2070-1721
Current Open Questions in Path Aware Networking Current Open Questions in Path-Aware Networking
draft-irtf-panrg-questions-12
Abstract Abstract
In contrast to the present Internet architecture, a path-aware In contrast to the present Internet architecture, a path-aware
internetworking architecture has two important properties: it exposes internetworking architecture has two important properties: it exposes
the properties of available Internet paths to endpoints, and provides the properties of available Internet paths to endpoints, and it
for endpoints and applications to use these properties to select provides for endpoints and applications to use these properties to
paths through the Internet for their traffic. While this property of select paths through the Internet for their traffic. While this
"path awareness" already exists in many Internet-connected networks property of "path awareness" already exists in many Internet-
within single domains and via administrative interfaces to the connected networks within single domains and via administrative
network layer, a fully path-aware internetwork expands these concepts interfaces to the network layer, a fully path-aware internetwork
across layers and across the Internet. expands these concepts across layers and across the Internet.
This document poses questions in path-aware networking open as of This document poses questions in path-aware networking, open as of
2021, that must be answered in the design, development, and 2021, that must be answered in the design, development, and
deployment of path-aware internetworks. It was originally written to deployment of path-aware internetworks. It was originally written to
frame discussions in the Path Aware Networking proposed Research frame discussions in the Path Aware Networking Research Group
Group (PANRG), and has been published to snapshot current thinking in (PANRG), and has been published to snapshot current thinking in this
this space. space.
Discussion Venues
This note is to be removed before publishing as an RFC.
Source for this draft and an issue tracker can be found at
https://github.com/panrg/questions.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This document is not an Internet Standards Track specification; it is
provisions of BCP 78 and BCP 79. published for informational purposes.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months This document is a product of the Internet Research Task Force
and may be updated, replaced, or obsoleted by other documents at any (IRTF). The IRTF publishes the results of Internet-related research
time. It is inappropriate to use Internet-Drafts as reference and development activities. These results might not be suitable for
material or to cite them other than as "work in progress." deployment. This RFC represents the consensus of the Path Aware
Networking Research Group of the Internet Research Task Force (IRTF).
Documents approved for publication by the IRSG are not candidates for
any level of Internet Standard; see Section 2 of RFC 7841.
This Internet-Draft will expire on 29 July 2022. Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
https://www.rfc-editor.org/info/rfc9217.
Copyright Notice Copyright Notice
Copyright (c) 2022 IETF Trust and the persons identified as the Copyright (c) 2022 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents
license-info) in effect on the date of publication of this document. (https://trustee.ietf.org/license-info) in effect on the date of
Please review these documents carefully, as they describe your rights publication of this document. Please review these documents
and restrictions with respect to this document. Code Components carefully, as they describe your rights and restrictions with respect
extracted from this document must include Revised BSD License text as to this document.
described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Revised BSD License.
Table of Contents Table of Contents
1. Introduction to Path-Aware Networking . . . . . . . . . . . . 2 1. Introduction to Path-Aware Networking
1.1. Definitions . . . . . . . . . . . . . . . . . . . . . . . 4 1.1. Definitions
2. Questions . . . . . . . . . . . . . . . . . . . . . . . . . . 4 2. Questions
2.1. A Vocabulary of Path Properties . . . . . . . . . . . . . 5 2.1. A Vocabulary of Path Properties
2.2. Discovery, Distribution, and Trustworthiness of Path 2.2. Discovery, Distribution, and Trustworthiness of Path
Properties . . . . . . . . . . . . . . . . . . . . . . . 5 Properties
2.3. Supporting Path Selection . . . . . . . . . . . . . . . . 6 2.3. Supporting Path Selection
2.4. Interfaces for Path Awareness . . . . . . . . . . . . . . 6 2.4. Interfaces for Path Awareness
2.5. Implications of Path Awareness for the Transport and 2.5. Implications of Path Awareness for the Transport and
Application Layers . . . . . . . . . . . . . . . . . . . 7 Application Layers
2.6. What is an Endpoint? . . . . . . . . . . . . . . . . . . 7 2.6. What is an Endpoint?
2.7. Operating a Path Aware Network . . . . . . . . . . . . . 8 2.7. Operating a Path-Aware Network
2.8. Deploying a Path Aware Network . . . . . . . . . . . . . 8 2.8. Deploying a Path-Aware Network
3. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 9 3. Informative References
4. Informative References . . . . . . . . . . . . . . . . . . . 10 Acknowledgments
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 10 Author's Address
1. Introduction to Path-Aware Networking 1. Introduction to Path-Aware Networking
In the current Internet architecture, the network layer provides a In the current Internet architecture, the network layer provides a
best-effort service to the endpoints using it, without verifiability best-effort service to the endpoints using it, without verifiability
of the properties of the path between tne endpoints. While there are of the properties of the path between the endpoints. While there are
network layer technologies that attempt better-than-best-effort network-layer technologies that attempt better-than-best-effort
delivery, the interfaces to these are generally administrative as delivery, the interfaces to these are generally administrative as
opposed to endpoint-exposed (e.g. Path Computation Element (PCE) opposed to endpoint exposed (e.g., Path Computation Element (PCE)
[RFC4655] and Software-Defined Wide Area Network (SD-WAN) [RFC4655] and Software-Defined Wide Area Network (SD-WAN)
approaches), and they are often restricted to single administrative approaches), and they are often restricted to single administrative
domains. In this architecture, an application can assume that a domains. In this architecture, an application can assume that a
packet with a given destination address will eventually be forwarded packet with a given destination address will eventually be forwarded
toward that destination, but little else. toward that destination, but little else.
A transport layer protocol such as TCP can provide reliability over A transport-layer protocol such as TCP can provide reliability over
this best-effort service, and a protocol above the network layer, this best-effort service, and a protocol above the network layer,
such as Transport Layer Security (TLS) [RFC8446] can authenticate the such as Transport Layer Security (TLS) [RFC8446], can authenticate
remote endpoint. However, little, if any, explicit information about the remote endpoint. However, little, if any, explicit information
the path is available to the endpoints, and any assumptions made about the path is available to the endpoints, and any assumptions
about that path often do not hold. These sometimes have serious made about that path often do not hold. These sometimes have serious
impacts on the application, as in the case with BGP hijacking impacts on the application, as in the case with BGP hijacking
attacks. attacks.
By contrast, in a path-aware internetworking architecture, endpoints By contrast, in a path-aware internetworking architecture, endpoints
can select or influence the path(s) through the network used by any can select or influence the path(s) through the network used by any
given packet or flow. The network and transport layers explicitly given packet or flow. The network and transport layers explicitly
expose information about the path or paths available to the endpoints expose information about the path or paths available to the endpoints
and to the applications running on them, so that they can make this and to the applications running on them, so that they can make this
selection. The Application Layer Traffic Optimization (ALTO) selection. The Application-Layer Traffic Optimization (ALTO)
protocol [RFC7285] can be seen as an example of a path-awareness protocol [RFC7285] can be seen as an example of a path-awareness
approach implemented in transport-layer terms on the present Internet approach implemented in transport-layer terms on the present Internet
protocol stack. protocol stack.
Path selection provides explicit visibility and control of network Path selection provides explicit visibility and control of network
treatment to applications and users of the network. This selection treatment to applications and users of the network. This selection
is available to the application, transport, and/or network layer is available to the application-, transport-, and/or network-layer
entities at each endpoint. Path control at the flow and subflow entities at each endpoint. Path control at the flow and subflow
level enables the design of new transport protocols that can leverage level enables the design of new transport protocols that can leverage
multipath connectivity across disjoint paths through the Internet, multipath connectivity across disjoint paths through the Internet,
even over a single physical interface. When exposed to applications, even over a single physical interface. When exposed to applications,
or to end-users through a system configuration interface, path or to end users through a system configuration interface, path
control allows the specification of constraints on the paths that control allows the specification of constraints on the paths that
traffic should traverse, for instance to confound passive traffic should traverse, for instance to confound passive
surveillance in the network core [RFC7624]. surveillance in the network core [RFC7624].
We note that this property of "path awareness" already exists in many We note that this property of "path awareness" already exists in many
Internet-connected networks within single domains. Indeed, much of Internet-connected networks within single domains. Indeed, much of
the practice of network engineering using encapsulation at layer 3 the practice of network engineering using encapsulation at layer 3
can be said to be "path aware", in that it explicitly assigns traffic can be said to be "path aware" in that it explicitly assigns traffic
at tunnel endpoints to a given path within the network. Path-aware at tunnel endpoints to a given path within the network. Path-aware
internetworking seeks to extend this awareness across domain internetworking seeks to extend this awareness across domain
boundaries without resorting to overlays, except as a transition boundaries without resorting to overlays, except as a transition
technology. technology.
This document presents a snapshot of open questions in this space This document presents a snapshot of open questions in this space
that will need to be answered in order to realize a path-aware that will need to be answered in order to realize a path-aware
internetworking architecture; it is published to further frame internetworking architecture; it is published to further frame
discussions within and outside the Path Aware Networking Research discussions within and outside the Path Aware Networking Research
Group, and is published with the rough consensus of that group. Group, and is published with the rough consensus of that group.
1.1. Definitions 1.1. Definitions
For purposes of this document, "path aware networking" describes For purposes of this document, "path-aware networking" describes
endpoint discovery of the properties of paths they use for endpoint discovery of the properties of paths they use for
communication across an internetwork, and endpoint reaction to these communication across an internetwork, and endpoint reaction to these
properties that affects routing and/or data transfer. Note that this properties that affects routing and/or data transfer. Note that this
can and already does happen to some extent in the current Internet can and already does happen to some extent in the current Internet
architecture; this definition expands current techniques of path architecture; this definition expands current techniques of path
discovery and manipulation to cross administrative domain boundaries discovery and manipulation to cross administrative domain boundaries
and up to the transport and application layers at the endpoints. and up to the transport and application layers at the endpoints.
Expanding on this definition, a "path aware internetwork" is one in Expanding on this definition, a "path-aware internetwork" is one in
which endpoint discovery of path properties and endpoint selection of which endpoint discovery of path properties and endpoint selection of
paths used by traffic exchanged by the endpoint are explicitly paths used by traffic exchanged by the endpoint are explicitly
supported, regardless of the specific design of the protocol features supported regardless of the specific design of the protocol features
which enable this discovery and selection. that enable this discovery and selection.
A "path", for the purposes of these definitions, is abstractly A "path", for the purposes of these definitions, is abstractly
defined as a sequence of adjacent path elements over which a packet defined as a sequence of adjacent path elements over which a packet
can be transmitted, where the definition of "path element" is can be transmitted, where the definition of "path element" is
technology-dependent. As this document is intended to pose questions technology dependent. As this document is intended to pose questions
rather than answer them, it assumes that this definition will be rather than answer them, it assumes that this definition will be
refined as part of the answer the first two questions it poses, about refined as part of the answer to the first two questions it poses
the vocabulary of path properties and how they are disseminated. about the vocabulary of path properties and how they are
disseminated.
Research into path aware internetworking covers any and all aspects Research into path-aware internetworking covers any and all aspects
of designing, building, and operating path aware internetworks or the of designing, building, and operating path-aware internetworks or the
networks and endpoints attached to them. This document presents a networks and endpoints attached to them. This document presents a
collection of research questions to address in order to make a path collection of research questions to address in order to make a path-
aware Internet a reality. aware Internet a reality.
2. Questions 2. Questions
Realizing path-aware networking requires answers to a set of open Realizing path-aware networking requires answers to a set of open
research questions. This document poses these questions, as a research questions. This document poses these questions as a
starting point for discussions about how to realize path awareness in starting point for discussions about how to realize path awareness in
the Internet, and to direct future research efforts within the Path the Internet and to direct future research efforts within the Path
Aware Networking Research Group. Aware Networking Research Group.
2.1. A Vocabulary of Path Properties 2.1. A Vocabulary of Path Properties
The first question: how are paths and path properties defined and The first question: how are paths and path properties defined and
represented? represented?
In order for information about paths to be exposed to an endpoint, In order for information about paths to be exposed to an endpoint,
and for the endpoint to make use of that information, it is necessary and for the endpoint to make use of that information, it is necessary
to define a common vocabulary for paths through an internetwork, and to define a common vocabulary for paths through an internetwork and
properties of those paths. The elements of this vocabulary could properties of those paths. The elements of this vocabulary could
include terminology for components of a path and properties defined include terminology for components of a path and properties defined
for these components, for the entire path, or for subpaths of a path. for these components, for the entire path or for subpaths of a path.
These properties may be relatively static, such as the presence of a These properties may be relatively static, such as the presence of a
given node or service function on the path; as well as relatively given node or service function on the path, as well as relatively
dynamic, such as the current values of metrics such as loss and dynamic, such as the current values of metrics such as loss and
latency. latency.
This vocabulary and its representation must be defined carefully, as This vocabulary and its representation must be defined carefully, as
its design will have impacts on the properties (e.g., expressiveness, its design will have impacts on the properties (e.g., expressiveness,
scalability, security) of a given path-aware internetworking scalability, and security) of a given path-aware internetworking
architecture. For example, a system that exposes node-level architecture. For example, a system that exposes node-level
information for the topology through each network would maximize information for the topology through each network would maximize
information about the individual components of the path at the information about the individual components of the path at the
endpoints, at the expense of making internal network topology endpoints, at the expense of making internal network topology
universally public, which may be in conflict with the business goals universally public, which may be in conflict with the business goals
of each network's operator. Furthermore, properties related to of each network's operator. Furthermore, properties related to
individual components of the path may change frequently and may individual components of the path may change frequently and may
quickly become outdated. However, aggregating the properties of quickly become outdated. However, aggregating the properties of
individual components to distill end-to-end properties for the entire individual components to distill end-to-end properties for the entire
path is not trivial. path is not trivial.
2.2. Discovery, Distribution, and Trustworthiness of Path Properties 2.2. Discovery, Distribution, and Trustworthiness of Path Properties
The second question: how do endpoints and applications get access to The second question: how do endpoints and applications get access to
accurate, useful, and trustworthy path properties? accurate, useful, and trustworthy path properties?
Once endpoints and networks have a shared vocabulary for expressing Once endpoints and networks have a shared vocabulary for expressing
path properties, the network must have some method for distributing path properties, the network must have some method for distributing
those path properties to the endpoints. Regardless of how path those path properties to the endpoints. Regardless of how path
property information is distributed, the endpoints require a method property information is distributed, the endpoints require a method
to authenticate the properties -- to determine that they originated to authenticate the properties in order to determine that they
from and pertain to the path that they purport to. originated from and pertain to the path that they purport to.
Choices in distribution and authentication methods will have impacts Choices in distribution and authentication methods will have impacts
on the scalability of a path-aware architecture. Possible dimensions on the scalability of a path-aware architecture. Possible dimensions
in the space of distribution methods include in-band versus out-of- in the space of distribution methods include in band versus out of
band, push versus pull versus publish-subscribe, and so on. There band, push versus pull versus publish subscribe, and so on. There
are temporal issues with path property dissemination as well, are temporal issues with path property dissemination as well,
especially with dynamic properties, since the measurement or especially with dynamic properties, since the measurement or
elicitation of dynamic properties may be outdated by the time that elicitation of dynamic properties may be outdated by the time that
information is available at the endpoints, and interactions between information is available at the endpoints, and interactions between
the measurement and dissemination delay may exhibit pathological the measurement and dissemination delay may exhibit pathological
behavior for unlucky points in the parameter space. behavior for unlucky points in the parameter space.
2.3. Supporting Path Selection 2.3. Supporting Path Selection
The third question: how can endpoints select paths to use for traffic The third question: how can endpoints select paths to use for traffic
in a way that can be trusted by the network, the endpoints, and the in a way that can be trusted by the network, the endpoints, and the
applications using them? applications using them?
Access to trustworthy path properties is only half of the challenge Access to trustworthy path properties is only half of the challenge
in establishing a path-aware architecture. Endpoints must be able to in establishing a path-aware architecture. Endpoints must be able to
use this information in order to select paths for specific traffic use this information in order to select paths for specific traffic
they send. As with the dissemination of path properties, choices they send. As with the dissemination of path properties, choices
made in path selection methods will also have an impact on the made in path-selection methods will also have an impact on the trade-
tradeoff between scalability and expressiveness of a path-aware off between scalability and expressiveness of a path-aware
architecture. One key choice here is between in-band and out-of-band architecture. One key choice here is between in-band and out-of-band
control of path selection. Another is granularity of path selection control of path selection. Another is granularity of path selection
(whether per packet, per flow, or per larger aggregate), which also (whether per packet, per flow, or per larger aggregate), which also
has a large impact on the scalabilty/expressiveness tradeoff. Path has a large impact on the scalability/expressiveness trade-off. Path
selection must, like path property information, be trustworthy, such selection must, like path property information, be trustworthy, such
that the result of a path selection at an endpoint is predictable. that the result of a path selection at an endpoint is predictable.
Moreover, any path selection mechanism should aim to provide an Moreover, any path-selection mechanism should aim to provide an
outcome that is not worse than using a single path, or selecting outcome that is not worse than using a single path or selecting paths
paths at random. at random.
Path selection may be exposed in terms of the properties of the path Path selection may be exposed in terms of the properties of the path
or the identity of elements of the path. In the latter case, a path or the identity of elements of the path. In the latter case, a path
may be identified at any of multiple layers (e.g. routing domain may be identified at any of multiple layers (e.g., routing domain
identifier, network layer address, higher-layer identifier or name, identifier, network-layer address, higher-layer identifier or name,
and so on). In this case, care must be taken to present semantically and so on). In this case, care must be taken to present semantically
useful information to those making decisions about which path(s) to useful information to those making decisions about which path(s) to
trust. trust.
2.4. Interfaces for Path Awareness 2.4. Interfaces for Path Awareness
The fourth question: how can interfaces among the network, transport, The fourth question: how can interfaces among the network, transport,
and application layers support the use of path awareness? and application layers support the use of path awareness?
In order for applications to make effective use of a path-aware In order for applications to make effective use of a path-aware
networking architecture, the control interfaces presented by the networking architecture, the control interfaces presented by the
network and transport layers must also expose path properties to the network and transport layers must also expose path properties to the
application in a useful way, and provide a useful set of paths among application in a useful way, and provide a useful set of paths among
which the application can select. Path selection must be possible which the application can select. Path selection must be possible
based not only on the preferences and policies of the application based not only on the preferences and policies of the application
developer, but of end-users as well. Also, the path selection developer, but of end users as well. Also, the path-selection
interfaces presented to applications and end users will need to interfaces presented to applications and end users will need to
support multiple levels of granularity. Most applications' support multiple levels of granularity. Most applications'
requirements can be satisfied with the expression of path selection requirements can be satisfied with the expression of path-selection
policies in terms of properties of the paths, while some applications policies in terms of properties of the paths, while some applications
may need finer-grained, per-path control. These interfaces will need may need finer-grained, per-path control. These interfaces will need
to support incremental development and deployment of applications, to support incremental development and deployment of applications,
and provide sensible defaults, to avoid hindering their adoption. and provide sensible defaults, to avoid hindering their adoption.
2.5. Implications of Path Awareness for the Transport and Application 2.5. Implications of Path Awareness for the Transport and Application
Layers Layers
The fifth question: how should transport-layer and higher layer The fifth question: how should transport-layer and higher-layer
protocols be redesigned to work most effectively over a path-aware protocols be redesigned to work most effectively over a path-aware
networking layer? networking layer?
In the current Internet, the basic assumption that at a given time In the current Internet, the basic assumption that at a given time
all traffic for a given flow will receive the same network treatment all traffic for a given flow will receive the same network treatment
and traverse the same path or equivalend paths often holds. In a and traverse the same path or equivalent paths often holds. In a
path aware network, this assumption is more easily violated. The path-aware network, this assumption is more easily violated. The
weakening of this assumption has implications for the design of weakening of this assumption has implications for the design of
protocols above any path-aware network layer. protocols above any path-aware network layer.
For example, one advantage of multipath communication is that a given For example, one advantage of multipath communication is that a given
end-to-end flow can be "sprayed" along multiple paths in order to end-to-end flow can be "sprayed" along multiple paths in order to
confound attempts to collect data or metadata from those flows for confound attempts to collect data or metadata from those flows for
pervasive surveillance purposes [RFC7624]. However, the benefits of pervasive surveillance purposes [RFC7624]. However, the benefits of
this approach are reduced if the upper-layer protocols use linkable this approach are reduced if the upper-layer protocols use linkable
identifiers on packets belonging to the same flow across different identifiers on packets belonging to the same flow across different
paths. Clients may mitigate linkability by opting to not re-use paths. Clients may mitigate linkability by opting to not reuse
cleartext connection identifiers, such as TLS session IDs or tickets, cleartext connection identifiers, such as TLS session IDs or tickets,
on separate paths. The privacy-conscious strategies required for on separate paths. The privacy-conscious strategies required for
effective privacy in a path-aware Internet are only possible if effective privacy in a path-aware Internet are only possible if
higher-layer protocols such as TLS permit clients to obtain higher-layer protocols such as TLS permit clients to obtain
unlinkable identifiers. unlinkable identifiers.
2.6. What is an Endpoint? 2.6. What is an Endpoint?
The sixth question: how is path awareness (in terms of vocabulary and The sixth question: how is path awareness (in terms of vocabulary and
interfaces) different when applied to tunnel and overlay endpoints? interfaces) different when applied to tunnel and overlay endpoints?
skipping to change at page 8, line 8 skipping to change at line 324
and so on). However, incremental deployment may require that a path- and so on). However, incremental deployment may require that a path-
aware network "core" be used to interconnect islands of legacy aware network "core" be used to interconnect islands of legacy
protocol networks. In these cases, it is the gateways, not the protocol networks. In these cases, it is the gateways, not the
application endpoints, that receive path properties and make path application endpoints, that receive path properties and make path
selections for that traffic. The interfaces provided by this gateway selections for that traffic. The interfaces provided by this gateway
are necessarily different than those a path-aware networking layer are necessarily different than those a path-aware networking layer
provides to its transport and application layers, and the path provides to its transport and application layers, and the path
property information the gateway needs and makes available over those property information the gateway needs and makes available over those
interfaces may also be different. interfaces may also be different.
2.7. Operating a Path Aware Network 2.7. Operating a Path-Aware Network
The seventh question: how can a path aware network in a path aware The seventh question: how can a path-aware network in a path-aware
internetwork be effectively operated, given control inputs from internetwork be effectively operated, given control inputs from
network administrators, application designers, and end users? network administrators, application designers, and end users?
The network operations model in the current Internet architecture The network operations model in the current Internet architecture
assumes that traffic flows are controlled by the decisions and assumes that traffic flows are controlled by the decisions and
policies made by network operators, as expressed in interdomain and policies made by network operators as expressed in interdomain and
intradomain routing protocols. In a network providing path selection intradomain routing protocols. In a network providing path selection
to the endpoints, however, this assumption no longer holds, as to the endpoints, however, this assumption no longer holds, as
endpoints may react to path properties by selecting alternate paths. endpoints may react to path properties by selecting alternate paths.
Competing control inputs from path-aware endpoints and the routing Competing control inputs from path-aware endpoints and the routing
control plane may lead to more difficult traffic engineering or control plane may lead to more difficult traffic engineering or non-
nonconvergent forwarding, especially if the endpoints' and operators' convergent forwarding, especially if the endpoints' and operators'
notion of the "best" path for given traffic diverges significantly. notion of the "best" path for given traffic diverges significantly.
The degree of difficulty may depend on the fidelity of information The degree of difficulty may depend on the fidelity of information
made available to path selection algorithms at the endpoints. made available to path-selection algorithms at the endpoints.
Explicit path selection can also specify outbound paths, while BGP Explicit path selection can also specify outbound paths, while BGP
policies are expressed in terms of inbound traffic. policies are expressed in terms of inbound traffic.
A concept for path aware network operations will need to have clear A concept for path-aware network operations will need to have clear
methods for the resolution of apparent (if not actual) conflicts of methods for the resolution of apparent (if not actual) conflicts of
intent between the network's operator and the path selection at an intent between the network's operator and the path selection at an
endpoint. It will also need set of safety principles to ensure that endpoint. It will also need a set of safety principles to ensure
increasing path control does not lead to decreasing connectivity; one that increasing path control does not lead to decreasing
such safety principle could be "the existence of at least one path connectivity; one such safety principle could be "the existence of at
between two endpoints guarantees the selection of at least one path least one path between two endpoints guarantees the selection of at
between those endpoints." least one path between those endpoints."
2.8. Deploying a Path Aware Network 2.8. Deploying a Path-Aware Network
The eighth question: how can the incentives of network operators and The eighth question: how can the incentives of network operators and
end-users be aligned to realize the vision of path aware networking, end users be aligned to realize the vision of path-aware networking,
and how can the transition from current ("path-oblivious") to path- and how can the transition from current ("path-oblivious") to path-
aware networking be managed? aware networking be managed?
The vision presented in the introduction discusses path aware The vision presented in the introduction discusses path-aware
networking from the point of view of the benefits accruing at the networking from the point of view of the benefits accruing at the
endpoints, to designers of transport protocols and applications as endpoints, to designers of transport protocols and applications as
well as to the end users of those applications. However, this vision well as to the end users of those applications. However, this vision
requires action not only at the endpoints but also within the requires action not only at the endpoints but also within the
interconnected networks offering path aware connectivity. While the interconnected networks offering path-aware connectivity. While the
specific actions required are a matter of the design and specific actions required are a matter of the design and
implementation of a specific realization of a path aware protocol implementation of a specific realization of a path-aware protocol
stack, it is clear than any path aware architecture will require stack, it is clear that any path-aware architecture will require
network operators to give up some control of their networks over to network operators to give up some control of their networks over to
endpoint-driven control inputs. endpoint-driven control inputs.
Here the question of apparent versus actual conflicts of intent Here, the question of apparent versus actual conflicts of intent
arises again: certain network operations requirements may appear arises again: certain network operation requirements may appear
essential, but are merely accidents of the interfaces provided by essential but are merely accidents of the interfaces provided by
current routing and management protocols. For example, related (but current routing and management protocols. For example, related (but
adjacent) to path aware networking, the widespread use of the TCP adjacent) to path-aware networking, the widespread use of the TCP
wire image [RFC8546] in network monitoring for DDoS prevention wire image [RFC8546] in network monitoring for DDoS prevention
appears in conflict with the deployment of encrypted transports, only appears in conflict with the deployment of encrypted transports, only
because path signaling [RFC8558] has been implicit in the deployment because path signaling [RFC8558] has been implicit in the deployment
of past transport protocols. of past transport protocols.
Similarly, incentives for deployment must show how existing network Similarly, incentives for deployment must show how existing network
operations requirements are met through new path selection and operation requirements are met through new path selection and
property dissemination mechanisms. property dissemination mechanisms.
The incentives for network operators and equipment vendors need to be The incentives for network operators and equipment vendors need to be
made clear, in terms of a plan to transition [RFC8170] an made clear, in terms of a plan to transition [RFC8170] an
internetwork to path-aware operation, one network and facility at a internetwork to path-aware operation, one network and facility at a
time. This plan to transition must also take into account that the time. This plan to transition must also take into account that the
dynamics of path aware networking early in this transition (when few dynamics of path-aware networking early in this transition (when few
endpoints and flows in the Internet use path selection) may be endpoints and flows in the Internet use path selection) may be
different than those later in the transition. different than those later in the transition.
Aspects of data security and information management in a network that Aspects of data security and information management in a network that
explicitly radiates more information about the network's deployment explicitly radiates more information about the network's deployment
and configuration, and implicitly radiates information about endpoint and configuration, and implicitly radiates information about endpoint
configuration and preference through path selection, must also be configuration and preference through path selection, must also be
addressed. addressed.
3. Acknowledgments 3. Informative References
Many thanks to Adrian Perrig, Jean-Pierre Smith, Mirja Kuehlewind,
Olivier Bonaventure, Martin Thomson, Shwetha Bhandari, Chris Wood,
Lee Howard, Mohamed Boucadair, Thorben Krueger, Gorry Fairhurst,
Spencer Dawkins, Reese Enghardt, Laurent Ciavaglia, Stephen Farrell,
and Richard Yang, for discussions leading to questions in this
document, and for feedback on the document itself.
This work is partially supported by the European Commission under
Horizon 2020 grant agreement no. 688421 Measurement and Architecture
for a Middleboxed Internet (MAMI), and by the Swiss State Secretariat
for Education, Research, and Innovation under contract no. 15.0268.
This support does not imply endorsement.
4. Informative References
[RFC4655] Farrel, A., Vasseur, J.-P., and J. Ash, "A Path [RFC4655] Farrel, A., Vasseur, J.-P., and J. Ash, "A Path
Computation Element (PCE)-Based Architecture", RFC 4655, Computation Element (PCE)-Based Architecture", RFC 4655,
DOI 10.17487/RFC4655, August 2006, DOI 10.17487/RFC4655, August 2006,
<https://www.rfc-editor.org/rfc/rfc4655>. <https://www.rfc-editor.org/info/rfc4655>.
[RFC7285] Alimi, R., Ed., Penno, R., Ed., Yang, Y., Ed., Kiesel, S., [RFC7285] Alimi, R., Ed., Penno, R., Ed., Yang, Y., Ed., Kiesel, S.,
Previdi, S., Roome, W., Shalunov, S., and R. Woundy, Previdi, S., Roome, W., Shalunov, S., and R. Woundy,
"Application-Layer Traffic Optimization (ALTO) Protocol", "Application-Layer Traffic Optimization (ALTO) Protocol",
RFC 7285, DOI 10.17487/RFC7285, September 2014, RFC 7285, DOI 10.17487/RFC7285, September 2014,
<https://www.rfc-editor.org/rfc/rfc7285>. <https://www.rfc-editor.org/info/rfc7285>.
[RFC7624] Barnes, R., Schneier, B., Jennings, C., Hardie, T., [RFC7624] Barnes, R., Schneier, B., Jennings, C., Hardie, T.,
Trammell, B., Huitema, C., and D. Borkmann, Trammell, B., Huitema, C., and D. Borkmann,
"Confidentiality in the Face of Pervasive Surveillance: A "Confidentiality in the Face of Pervasive Surveillance: A
Threat Model and Problem Statement", RFC 7624, Threat Model and Problem Statement", RFC 7624,
DOI 10.17487/RFC7624, August 2015, DOI 10.17487/RFC7624, August 2015,
<https://www.rfc-editor.org/rfc/rfc7624>. <https://www.rfc-editor.org/info/rfc7624>.
[RFC8170] Thaler, D., Ed., "Planning for Protocol Adoption and [RFC8170] Thaler, D., Ed., "Planning for Protocol Adoption and
Subsequent Transitions", RFC 8170, DOI 10.17487/RFC8170, Subsequent Transitions", RFC 8170, DOI 10.17487/RFC8170,
May 2017, <https://www.rfc-editor.org/rfc/rfc8170>. May 2017, <https://www.rfc-editor.org/info/rfc8170>.
[RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol
Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
<https://www.rfc-editor.org/rfc/rfc8446>. <https://www.rfc-editor.org/info/rfc8446>.
[RFC8546] Trammell, B. and M. Kuehlewind, "The Wire Image of a [RFC8546] Trammell, B. and M. Kuehlewind, "The Wire Image of a
Network Protocol", RFC 8546, DOI 10.17487/RFC8546, April Network Protocol", RFC 8546, DOI 10.17487/RFC8546, April
2019, <https://www.rfc-editor.org/rfc/rfc8546>. 2019, <https://www.rfc-editor.org/info/rfc8546>.
[RFC8558] Hardie, T., Ed., "Transport Protocol Path Signals", [RFC8558] Hardie, T., Ed., "Transport Protocol Path Signals",
RFC 8558, DOI 10.17487/RFC8558, April 2019, RFC 8558, DOI 10.17487/RFC8558, April 2019,
<https://www.rfc-editor.org/rfc/rfc8558>. <https://www.rfc-editor.org/info/rfc8558>.
Acknowledgments
Many thanks to Adrian Perrig, Jean-Pierre Smith, Mirja Kühlewind,
Olivier Bonaventure, Martin Thomson, Shwetha Bhandari, Chris Wood,
Lee Howard, Mohamed Boucadair, Thorben Krüger, Gorry Fairhurst,
Spencer Dawkins, Reese Enghardt, Laurent Ciavaglia, Stephen Farrell,
and Richard Yang for discussions leading to questions in this
document and for feedback on the document itself.
This work is partially supported by the European Commission under
Horizon 2020 grant agreement no. 688421 Measurement and Architecture
for a Middleboxed Internet (MAMI) and by the Swiss State Secretariat
for Education, Research, and Innovation under contract no. 15.0268.
This support does not imply endorsement.
Author's Address Author's Address
Brian Trammell Brian Trammell
Google Switzerland GmbH Google Switzerland GmbH
Gustav-Gull-Platz 1 Gustav-Gull-Platz 1
CH- 8004 Zurich CH-8004 Zurich
Switzerland Switzerland
Email: ietf@trammell.ch Email: ietf@trammell.ch
 End of changes. 70 change blocks. 
153 lines changed or deleted 142 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/