Path-aware Remote Protection Framework
draft-liu-rtgwg-path-aware-remote-protection-01
| Document | Type | Active Internet-Draft (individual) | |
|---|---|---|---|
| Authors | Yisong Liu , Changwang Lin , Mengxiao Chen , Zheng Zhang | ||
| Last updated | 2024-03-03 | ||
| RFC stream | (None) | ||
| Intended RFC status | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | I-D Exists | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
draft-liu-rtgwg-path-aware-remote-protection-01
Network Working Group Y. Liu
Internet Draft China Mobile
Intended status: Informational C. Lin
Expires: August 30, 2024 M. Chen
New H3C Technologies
Z. Zhang
ZTE Corporation
March 3, 2024
Path-aware Remote Protection Framework
draft-liu-rtgwg-path-aware-remote-protection-01
Abstract
This document describes the framework of path-aware remote
protection.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other documents
at any time. It is inappropriate to use Internet-Drafts as
reference material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html
This Internet-Draft will expire on August 30, 2024.
Copyright Notice
Copyright (c) 2024 IETF Trust and the persons identified as the
document authors. All rights reserved.
Liu & Lin, et al. Expire August 30, 2024 [Page 1]
Internet-Draft Path-aware Remote Protection March 2024
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this
document must include Simplified BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Simplified BSD License.
Table of Contents
1. Introduction...................................................2
1.1. Requirements Language.....................................3
2. Use Case.......................................................3
2.1. Spine-leaf Network........................................3
2.2. Dragonfly Network.........................................4
3. Framework......................................................5
3.1. Remote Failure Detection..................................5
3.2. Path-Aware Forwarding Plane...............................6
3.3. Path-Aware Routing Plane..................................7
4. Role Types.....................................................8
5. Protection Scope...............................................8
6. Security Considerations........................................9
7. IANA Considerations............................................9
8. References.....................................................9
8.1. Normative References......................................9
8.2. Informational References..................................9
Authors' Addresses...............................................10
1. Introduction
Current IP network protection mechanisms can be mainly divided into
local protection and end-to-end protection. Local protection
technologies, such as ECMP, LFA [RFC5714], and TI-LFA [I-D.ietf-
rtgwg-segment-routing-ti-lfa], can only perceive local failures and
perform fast reroute. End-to-end protection technologies are usually
targeted at end-to-end TE paths, where the head-end detects TE path
failures and performs rapid switchover.
There is no mechanism to quickly detect remote failures and invoke
repairs for non-TE paths. In addition, local protection such as TI-
LFA technology relies on IGP deployment. For certain networks,
current protection mechanisms may not meet the requirements. A
typical scenario is the Spine-Leaf network, such as the AI-DC
network, which is usually a two-layer architecture. Detecting remote
Liu, et al. Expires August 30, 2024 [Page 2]
Internet-Draft Path-aware Remote Protection March 2024
failures and invoking fast repairs can provide protection against
link or node failure and reduce the disruption time.
This paper proposes a path-aware remote protection mechanism and
describes its framework.
1.1. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
2. Use Case
2.1. Spine-leaf Network
+--+ +--+
Spine |R1| |R2|
+--+ +--+
| \ / |
| \ / |
| \/ |
| /\ X <- Fault
| / \ |
| / \ |
+--+ +--+
Leaf |R3| |R4|
+--+ +--+
^ |
| v
Source Destination
Figure 1
In the network shown in Figure 1, assuming that the R2-R4 link
fails, R3 will continue to send traffic to both R1 and R2, and half
of the traffic will be dropped by R2. It is not until R2 sends BGP
withdrawn routes to R3 and the control plane converges that the
traffic is fully restored. The convergence speed would be slow when
there is a large number of BGP routes.
In some Spine-leaf networks, such as DC networks, only the BGP
protocol is deployed without IGP, and thus TI-LFA cannot be applied.
On the other hand, if TI-LFA is used, the traffic path during the
protection period will be R3->R2->R3->R1->R4, which additionally
Liu, et al. Expires August 30, 2024 [Page 3]
Internet-Draft Path-aware Remote Protection March 2024
increases the traffic in the direction of R2->R3 and may cause
congestion.
The objective of path-aware remote protection is for R3 to detect
R2-R4 link failure and then adjust ECMP quickly.
2.2. Dragonfly Network
Source
|
v
+---------+
| |
| Group 1 |------------+
| | |
+---------+ |
| +---------+
| | |
X<- Fault | Group 3 |
| | |
| +---------+
+---------+ |
| | |
| Group 2 |------------+
| |
+---------+
|
v
Destination
Figure 2
In the network shown in Figure 1, the primary path for the traffic
is from Group 1 to Group 2, while the backup path detours from
Group1 through Group3 and then to Group2.
The objective of path-aware remote protection is for the routers in
Group 1 to detect the link failure between Group 1 and Group 2 and
then switch to the backup path quickly.
Liu, et al. Expires August 30, 2024 [Page 4]
Internet-Draft Path-aware Remote Protection March 2024
3. Framework
+-------------+
|Routing Plane|
+-------------+
|
| Path Info
v
+----------------+
|Forwarding Plane|
+----------------+
^
| Element Failure in Path
|
+------------------------+
|Remote Failure Detection|
+------------------------+
Figure 3
The framework of path-aware remote protection is shown in Figure 3.
On the routing plane, the route calculation is not limited to the
next hop, but requires path awareness. And then the path information
is downloaded to the forwarding plane. When a failure occurs in any
component along the path, it is required to quickly detect the
failure and invoke repairs.
3.1. Remote Failure Detection
When a failure occurs, it is first detected by the router adjacent
to it. The local failure detection may be based on existing
techniques such as BFD. Then, that router notifies its neighbors of
the failure, especially the upstream neighbors. After the remote
repairing router receives the failure notification, the remote
protection is invoked.
The failure notification between neighboring routers has the
following requirements:
o Independent of routing protocols.
o Avoiding broadcast flooding.
For one example, in a two-level spine-leaf network, a spine router
can use BFD to monitor the adjacent links. When a link fails, the
spine router can use a BGP-independent protocol to notify
Liu, et al. Expires August 30, 2024 [Page 5]
Internet-Draft Path-aware Remote Protection March 2024
neighboring leaf routers. The failure notification is limited in one
hop.
For another example, a flow-based mechanism can be used to detect
failure. When the traffic packets are dropped, a notification is
triggered and sent to neighbors in the direction of the incoming
traffic. The failure notification is limited in the upstream
direction.
The detailed mechanisms are out of the scope of this document.
3.2. Path-Aware Forwarding Plane
In the forwarding table, each next-hop is associated with a path.
When detecting any failure in the path, the protection for the
corresponding next-hop will be invoked.
Figure 4 shows the forwarding entries for ECMP next-hops.
+------+ +---------------+
|Prefix|---+-->|Next-hop: to R1|
+------+ | +---------------+
| | +----------------+
| +---------->|Path: R3->R1->R4|
| +----------------+
| +---------------+
+-->|Next-hop: to R2|
+---------------+
| +----------------+
+---------->|Path: R3->R2->R4|
+----------------+
Figure 4
Figure 5 shows the forwarding entries for primary and backup next-
hops.
Liu, et al. Expires August 30, 2024 [Page 6]
Internet-Draft Path-aware Remote Protection March 2024
+------+ +-----------------------+
|Prefix|---+-->|Primary Next-hop: to G2|
+------+ | +-----------------------+
| | +------------+
| +---------->|Path: G1->G2|
| +------------+
| +----------------------+
+-->|Backup Next-hop: to G3|
+----------------------+
| +----------------+
+---------->|Path: G1->G3->G2|
+----------------+
Figure 5
When receiving failure notification from a neighbor, the next-hop
entries corresponding to that neighbor will be checked to determine
whether the associated path information contains the failed
component. If detecting any failure in the path, the corresponding
next-hop is regarded as failed. For a failed ECMP next-hop, it will
be removed from the ECMP, and the traffic will be switched to the
other ECMP next-hops. For a failed primary next-hop, the traffic
will be switched to the backup next-hop.
3.3. Path-Aware Routing Plane
When calculating routes, the path needs to be perceived and the path
information will be attached to the next hop.
In a BGP-based network, a BGP route may carry the router-id of the
peer from which that route is received, and the router-id will be
added into the path information when calculating that route. The BGP
protocol may needs some extensions to support such feature.
For an EBGP-based DC network, a router may use the AS-PATH attribute
(with SEQUENCE type) in the BGP route as the path information,
without any protocol extensions.
In an IGP-based network, a router may compute the path information
based on the SPF tree and attach it into the next hop.
The detailed mechanisms are out of the scope of this document.
Liu, et al. Expires August 30, 2024 [Page 7]
Internet-Draft Path-aware Remote Protection March 2024
4. Role Types
******** Notification *******
* * Fault
v * |
+------+ +-------+ +---------+ |
|Remote| | Inter-| | Local | V
|Repair|-----|mediate|-----|Detection|---X---Destination
| Node | | Node | | Node | |
+------+ +-------+ +---------+ |
| |
| Repair Path |
+---------------------------------------------+
Figure 6
In the path-aware remote protection, there are three types of roles
for a router:
o Remote repair node: It has the repair path(s) and provides the
remote protection function.
o Local detection node: It is adjacent to the failure and detects
the failure first. Then, it sends failure notification messages
to the remote repair node.
o Intermediate node: It exists only if there are multiple hops
between the remote repair node and the local detection node. It
helps deliver the failure notification messages from the local
detection node to the remote repair node.
5. Protection Scope
The scope of remote protection covers at least two hops from the
remote repair node to the failure.
As the protection scope increases, the number of intermediate nodes
increases, which may slower the speed and wider the propagation of
fault notification. So, it would bring benefits to limit the scope
of remote protection to a reasonable range.
One recommendation is that, the node closest to the failure and with
a repair path should provide the protection function.
For example, in a spine-leaf network with multiple levels, usually
there are ECMP paths on every two levels. Remote protection only
needs to cover two hops.
Liu, et al. Expires August 30, 2024 [Page 8]
Internet-Draft Path-aware Remote Protection March 2024
6. Security Considerations
TBD.
7. IANA Considerations
TBD.
8. References
8.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, May 2017
8.2. Informational References
[RFC5714] Shand, M. and S. Bryant, "IP Fast Reroute Framework", RFC
5714, DOI 10.17487/RFC5714, January 2010,
<https://www.rfc-editor.org/info/rfc5714>.
[I-D.ietf-rtgwg-segment-routing-ti-lfa] Litkowski, S., Bashandy, A.,
Filsfils, C., Francois, P., Decraene, B., and D. Voyer,
"Topology Independent Fast Reroute using Segment Routing",
draft-ietf-rtgwg-segment-routing-ti-lfa-13 (work in
progress), January 2024.
Liu, et al. Expires August 30, 2024 [Page 9]
Internet-Draft Path-aware Remote Protection March 2024
Authors' Addresses
Yisong Liu
China Mobile
China
Email: liuyisong@chinamobile.com
Changwang Lin
New H3C Technologies
China
Email: linchangwang.04414@h3c.com
Mengxiao Chen
New H3C Technologies
China
Email: chen.mengxiao@h3c.com
Zheng Zhang
ZTE Corporation
China
Email: zhang.zheng@zte.com.cn
Liu, et al. Expires August 30, 2024 [Page 10]