You are here: irt.org | RFCs | RFC8184 [ previous next ]
Internet Engineering Task Force (IETF) W. Cheng Request for Comments: 8184 L. Wang Category: Informational H. Li ISSN: 2070-1721 China Mobile S. Davari Broadcom Corporation J. Dong Huawei Technologies June 2017 Dual-Homing Protection for MPLS and the MPLS Transport Profile (MPLS-TP) Pseudowires Abstract This document describes a framework and several scenarios for a pseudowire (PW) dual-homing local protection mechanism that avoids unnecessary switchovers and does not depend on whether a control plane is used. A Dual-Node Interconnection (DNI) PW is used to carry traffic between the dual-homing Provider Edge (PE) nodes when a failure occurs in one of the Attachment Circuits (AC) or PWs. This PW dual-homing local protection mechanism is complementary to existing PW protection mechanisms. Status of This Memo This document is not an Internet Standards Track specification; it is published for informational purposes. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Not all documents approved by the IESG are a candidate for any level of Internet Standard; see Section 2 of RFC 7841. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc8184. Cheng, et al. Informational [Page 1]
RFC 8184 Dual-Homing PW Protection June 2017 Copyright Notice Copyright (c) 2017 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Reference Models of Dual-Homing Local Protection . . . . . . 4 2.1. PE Architecture . . . . . . . . . . . . . . . . . . . . . 4 2.2. Dual-Homing Local Protection Reference Scenarios . . . . 5 2.2.1. One-Side Dual-Homing Protection . . . . . . . . . . . 5 2.2.2. Two-Side Dual-Homing Protection . . . . . . . . . . . 6 3. Generic Dual-Homing PW Protection Mechanism . . . . . . . . . 8 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 5. Security Considerations . . . . . . . . . . . . . . . . . . . 9 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 6.1. Normative References . . . . . . . . . . . . . . . . . . 9 6.2. Informative References . . . . . . . . . . . . . . . . . 9 Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 11 Cheng, et al. Informational [Page 2]
RFC 8184 Dual-Homing PW Protection June 2017 1. Introduction [RFC6372] and [RFC6378] describe the framework and mechanism of MPLS Transport Profile (MPLS-TP) linear protection, which can provide protection for the MPLS Label Switched Path (LSP) or pseudowire (PW) between the edge nodes. This mechanism does not protect against failure of the Attachment Circuit (AC) or the Provider Edge (PE) node. [RFC6718] and [RFC6870] describe the framework and mechanism for PW redundancy to provide protection against AC or PE node failure. The PW redundancy mechanism is based on the signaling of the Label Distribution Protocol (LDP), which is applicable to PWs with a dynamic control plane. [RFC8104] describes a fast local repair mechanism for PW egress endpoint failures, which is based on PW redundancy, upstream label assignment, and context-specific label switching. The mechanism defined in [RFC8104] is only applicable to PWs with a dynamic control plane. There is a need to support a dual-homing local protection mechanism that avoids unnecessary switches of the AC or PW and can be used regardless of whether a control plane is used. In some scenarios, such as mobile backhauling, the MPLS PWs are provisioned with dual- homing topology in which at least the Customer Edge (CE) node on one side is dual-homed to two PEs. If some fault occurs in the primary AC, operators usually prefer to have the switchover only on the dual- homing PE side and keep the working pseudowires unchanged if possible. This is to avoid massive PW switchover in the mobile backhaul network due to AC failure in the mobile core site; such massive PW switchover may in turn lead to congestion caused by migrating traffic away from the preferred paths of network planners. Similarly, as multiple PWs share the physical AC in the mobile core site, it is preferable to keep using the working AC when one working PW fails in the Packet Switched Network (PSN) to potentially avoid unnecessary switchover for other PWs. To meet the above requirements, a fast dual-homing local PW protection mechanism is needed to protect against the failures of an AC, the PE node, and the PSN. This document describes the framework and several typical scenarios of PW dual-homing local protection. A Dual-Node Interconnection (DNI) PW is used between the dual-homing PE nodes to carry traffic when a failure occurs in the AC or PW side. In order for the dual- homing PE nodes to determine the forwarding state of AC, PW, and DNI-PW, necessary state exchange and coordination between the dual-homing PEs is needed. The necessary mechanisms and protocol extensions are defined in [RFC8185]. Cheng, et al. Informational [Page 3]
RFC 8184 Dual-Homing PW Protection June 2017 2. Reference Models of Dual-Homing Local Protection This section shows the reference architecture of the dual-homing PW local protection and the usage of the architecture in different scenarios. 2.1. PE Architecture Figure 1 shows the PE architecture for dual-homing local protection. This is based on the architecture in Figure 4a of [RFC3985]. In addition to the AC and the service PW between the local and remote PEs, a DNI-PW is used to connect the forwarders of the dual-homing PEs. It can be used to forward traffic between the dual-homing PEs when a failure occurs in the AC or service PW side. As [RFC3985] specifies: "any required switching functionality is the responsibility of a forwarder function". In this case, the forwarder is responsible for switching the payloads between three entities: the AC, the service PW, and the DNI-PW. +----------------------------------------+ | Dual-Homing PE Device | +----------------------------------------+ AC | | | Service PW <------>o Forwarder + Service X<===========> | | PW | +--------+--------+ | | DNI-PW | | +--------X--------+----------------------+ ^ | DNI-PW | V +--------X--------+----------------------+ | DNI-PW | | +--------+--------+ | Service PW AC | | Service X<===========> <------>o Forwarder + PW | | | | +----------------------------------------+ | Dual-Homing PE Device | +----------------------------------------+ Figure 1: PE Architecture for Dual-Homing Protection Cheng, et al. Informational [Page 4]
RFC 8184 Dual-Homing PW Protection June 2017 2.2. Dual-Homing Local Protection Reference Scenarios 2.2.1. One-Side Dual-Homing Protection Figure 2 illustrates the network scenario of dual-homing PW local protection where only one of the CEs is dual-homed to two PE nodes. CE1 is dual-homed to PE1 and PE2, while CE2 is single-homed to PE3. A DNI-PW is established between the dual-homing PEs, which is used to bridge traffic when a failure occurs in the PSN or the AC side. A dual-homing control mechanism enables the PEs and CE to determine which AC should be used to carry traffic between CE1 and the PSN. The necessary control mechanisms and protocol extensions are defined in [RFC8185]. This scenario can protect against node failure of PE1 or PE2 or failure of one of the ACs between CE1 and the dual-homing PEs. In addition, dual-homing PW protection can protect against failure occurring in the PSN that impacts the working PW; thus, it can be an alternative solution of PSN tunnel protection mechanisms. This topology can be used in mobile backhauling application scenarios. For example, CE2 might be an equipment cell site such as a NodeB, while CE1 is the shared Radio Network Controller (RNC). PE3 functions as an access-side MPLS device, while PE1 and PE2 function as core-side MPLS devices. |<--------------- Emulated Service --------------->| | | | |<------- Pseudowire ------>| | | | | | | | |<-- PSN Tunnels-->| | | | V V V V | V AC1 +----+ +----+ V +-----+ | | PE1| | | +-----+ | |----------|........PW1.(working).......| | | | | | | | | | | | | +-+--+ | | AC3 | | | | | | | | | | | CE1 | DNI-PW | |PE3 |----------| CE2 | | | | | | | | | | +-+--+ | | | | | | | | | | | | | |----------|......PW2.(protection)......| | | +-----+ | | PE2| | | +-----+ AC2 +----+ +----+ Figure 2: One-Side Dual-Homing PW Protection Cheng, et al. Informational [Page 5]
RFC 8184 Dual-Homing PW Protection June 2017 Consider the example where in normal state AC1 from CE1 to PE1 is initially active and AC2 from CE1 to PE2 is initially standby. PW1 is configured as the working PW and PW2 is configured as the protection PW. When a failure occurs in AC1, then the state of AC2 changes to active based on the AC dual-homing control mechanism. In order to keep the switchover local and continue using PW1 for traffic forwarding as preferred according to traffic planning, the forwarder on PE2 needs to connect AC2 to the DNI-PW, and the forwarder on PE1 needs to connect the DNI-PW to PW1. In this way, the failure in AC1 will not impact the forwarding of the service PWs across the network. After the switchover, traffic will go through the bidirectional path: CE1-(AC2)-PE2-(DNI-PW)-PE1-(PW1)-PE3-(AC3)-CE2. When a failure in the PSN affects the working PW (PW1), according to PW protection mechanisms [RFC6378], traffic is switched onto the protection PW (PW2) while the state of AC1 remains active. Then, the forwarder on PE1 needs to connect AC1 to the DNI-PW, and the forwarder on PE2 needs to connect the DNI-PW to PW2. In this way, the failure in the PSN will not impact the state of the ACs. After the switchover, traffic will go through the bidirectional path: CE1-(AC1)-PE1-(DNI-PW)-PE2-(PW2)-PE3-(AC3)-CE2. When a failure occurs in the working PE (PE1), it is equivalent to a failure of the working AC, the working PW, and the DNI-PW. The state of AC2 changes to active based on the AC dual-homing control mechanism. In addition, according to the PW protection mechanism, traffic is switched on to the protection PW "PW2". In this case, the forwarder on PE2 needs to connect AC2 to PW2. After the switchover, traffic will go through the bidirectional path: CE1-(AC2)-PE2-(PW2)-PE3-(AC3)-CE2. 2.2.2. Two-Side Dual-Homing Protection Figure 3 illustrates the network scenario of dual-homing PW protection where the CEs in both sides are dual-homed. CE1 is dual- homed to PE1 and PE2, and CE2 is dual-homed to PE3 and PE4. A dual- homing control mechanism enables the PEs and CEs to determine which AC should be used to carry traffic between the CE and the PSN. DNI-PWs are used between the dual-homing PEs on both sides. One service PW is established between PE1 and PE3, and another service PW is established between PE2 and PE4. The role of working and protection PWs can be determined by either configuration or existing signaling mechanisms. Cheng, et al. Informational [Page 6]
RFC 8184 Dual-Homing PW Protection June 2017 This scenario can protect against node failure on one of the dual- homing PEs or failure on one of the ACs between the CEs and their dual-homing PEs. Also, dual-homing PW protection can protect against the occurrence of failure in the PSN that impacts one of the PWs; thus, it can be used as an alternative solution of PSN tunnel protection mechanisms. Note, this scenario is mainly used for services requiring high availability as it requires redundancy of the PEs and network utilization. In this case, CE1 and CE2 can be regarded as service access points. |<---------------- Emulated Service -------------->| | | | |<-------- Pseudowire ------>| | | | | | | | |<-- PSN Tunnels-->| | | | V V V V | V AC1 +----+ +----+ AC3 V +-----+ | | ...|...PW1.(working)..|... | | +-----+ | |----------| PE1| | PE3|----------| | | | +----+ +----+ | | | | | | | | | CE1 | DNI-PW1 | | DNI-PW2 | CE2 | | | | | | | | | +----+ +----+ | | | | | | | | | | | |----------| PE2| | PE4|--------- | | +-----+ | | ...|.PW2.(protection).|... | | +-----+ AC2 +----+ +----+ AC4 Figure 3: Two-Side Dual-Homing PW Protection Consider the example where in normal state AC1 between CE1 and PE1 is initially active, AC2 between CE1 and PE2 is initially standby, AC3 between CE2 and PE3 is initially active and AC4 from CE2 to PE4 is initially standby. PW1 is configured as the working PW and PW2 is configured as the protection PW. When a failure occurs in AC1, the state of AC2 changes to active based on the AC dual-homing control mechanism. In order to keep the switchover local and continue using PW1 for traffic forwarding, the forwarder on PE2 needs to connect AC2 to the DNI-PW1, and the forwarder on PE1 needs to connect DNI-PW1 with PW1. In this way, failures in the AC side will not impact the forwarding of the service PWs across the network. After the switchover, traffic will go through the bidirectional path: CE1-(AC2)-PE2-(DNI-PW1)-PE1-(PW1)-PE3-(AC3)-CE2. Cheng, et al. Informational [Page 7]
RFC 8184 Dual-Homing PW Protection June 2017 When a failure occurs in the working PW (PW1), according to the PW protection mechanism [RFC6378], traffic needs to be switched onto the protection PW "PW2". In order to keep the state of AC1 and AC3 unchanged, the forwarder on PE1 needs to connect AC1 to DNI-PW1, and the forwarder on PE2 needs to connect DNI-PW1 to PW2. On the other side, the forwarder of PE3 needs to connect AC3 to DNI-PW2, and the forwarder on PE4 needs to connect PW2 to DNI-PW2. In this way, the state of the ACs will not be impacted by the failure in the PSN. After the switchover, traffic will go through the bidirectional path: CE1-(AC1)-PE1-(DNI-PW1)-PE2-(PW2)-PE4-(DNI-PW2)-PE3-(AC3)-CE2. When a failure occurs in the working PE (PE1), it is equivalent to the failures of the working AC, the working PW, and the DNI-PW. The state of AC2 changes to active based on the AC dual-homing control mechanism. In addition, according to the PW protection mechanism, traffic is switched on to the protection PW "PW2". In this case, the forwarder on PE2 needs to connect AC2 to PW2, and the forwarder on PE4 needs to connect PW2 to DNI-PW2. After the switchover, traffic will go through the bidirectional path: CE1-(AC2)-PE2-(PW2)-PE4-(DNI-PW2)-PE3-(AC3)-CE2. 3. Generic Dual-Homing PW Protection Mechanism As shown in the above scenarios, with the described dual-homing PW protection, failures in the AC side will not impact the forwarding behavior of the PWs in the PSN, and vice-versa. In order for the dual-homing PEs to coordinate traffic forwarding during failures, synchronization of the status information of the involved entities and coordination of switchover between the dual- homing PEs are needed. For PWs with a dynamic control plane, such synchronization and coordination information can be achieved with a dynamic protocol, such as that described in [RFC7275], possibly with some extensions. For PWs that are manually configured without a control plane, a new mechanism is needed to exchange the status information and coordinate switchover between the dual-homing PEs, e.g., over an embedded PW control channel. This is described in [RFC8185]. 4. IANA Considerations This document does not require any IANA action. Cheng, et al. Informational [Page 8]
RFC 8184 Dual-Homing PW Protection June 2017 5. Security Considerations The scenarios defined in this document do not affect the security model as defined in [RFC3985]. With the proposed protection mechanism, the disruption of a dual- homed AC, a component that is outside the core network, would have a reduced impact on the traffic flows in the core network. This could also avoid unnecessary congestion in the core network. The security consideration of the DNI-PW is the same as for service PWs in the data plane [RFC3985]. Security considerations for the coordination/control mechanism will be addressed in the companion document, RFC 8185, which defines the mechanism. 6. References 6.1. Normative References [RFC3985] Bryant, S., Ed. and P. Pate, Ed., "Pseudo Wire Emulation Edge-to-Edge (PWE3) Architecture", RFC 3985, DOI 10.17487/RFC3985, March 2005, <http://www.rfc-editor.org/info/rfc3985>. [RFC8185] Cheng, W., Wang, L., Li, H., Dong, J., and A. D'Alessandro, "Dual-Homing Coordination for MPLS Transport Profile (MPLS-TP) Pseudowires Protection", RFC 8185, DOI 10.17487/RFC8185, June 2017. 6.2. Informative References [RFC6372] Sprecher, N., Ed. and A. Farrel, Ed., "MPLS Transport Profile (MPLS-TP) Survivability Framework", RFC 6372, DOI 10.17487/RFC6372, September 2011, <http://www.rfc-editor.org/info/rfc6372>. [RFC6378] Weingarten, Y., Ed., Bryant, S., Osborne, E., Sprecher, N., and A. Fulignoli, Ed., "MPLS Transport Profile (MPLS- TP) Linear Protection", RFC 6378, DOI 10.17487/RFC6378, October 2011, <http://www.rfc-editor.org/info/rfc6378>. [RFC6718] Muley, P., Aissaoui, M., and M. Bocci, "Pseudowire Redundancy", RFC 6718, DOI 10.17487/RFC6718, August 2012, <http://www.rfc-editor.org/info/rfc6718>. Cheng, et al. Informational [Page 9]
RFC 8184 Dual-Homing PW Protection June 2017 [RFC6870] Muley, P., Ed. and M. Aissaoui, Ed., "Pseudowire Preferential Forwarding Status Bit", RFC 6870, DOI 10.17487/RFC6870, February 2013, <http://www.rfc-editor.org/info/rfc6870>. [RFC7275] Martini, L., Salam, S., Sajassi, A., Bocci, M., Matsushima, S., and T. Nadeau, "Inter-Chassis Communication Protocol for Layer 2 Virtual Private Network (L2VPN) Provider Edge (PE) Redundancy", RFC 7275, DOI 10.17487/RFC7275, June 2014, <http://www.rfc-editor.org/info/rfc7275>. [RFC8104] Shen, Y., Aggarwal, R., Henderickx, W., and Y. Jiang, "Pseudowire (PW) Endpoint Fast Failure Protection", RFC 8104, DOI 10.17487/RFC8104, March 2017, <http://www.rfc-editor.org/info/rfc8104>. Contributors The following individuals substantially contributed to the content of this document: Kai Liu Huawei Technologies Email: alex.liukai@huawei.com Alessandro D'Alessandro Telecom Italia Email: alessandro.dalessandro@telecomitalia.it Cheng, et al. Informational [Page 10]
RFC 8184 Dual-Homing PW Protection June 2017 Authors' Addresses Weiqiang Cheng China Mobile No.32 Xuanwumen West Street Beijing 100053 China Email: chengweiqiang@chinamobile.com Lei Wang China Mobile No.32 Xuanwumen West Street Beijing 100053 China Email: Wangleiyj@chinamobile.com Han Li China Mobile No.32 Xuanwumen West Street Beijing 100053 China Email: Lihan@chinamobile.com Shahram Davari Broadcom Corporation 3151 Zanker Road San Jose 95134-1933 United States of America Email: davari@broadcom.com Jie Dong Huawei Technologies Huawei Campus, No. 156 Beiqing Rd. Beijing 100095 China Email: jie.dong@huawei.com Cheng, et al. Informational [Page 11]