Definition of IETF Network Slices
draft-nsdt-teas-ietf-network-slice-definition-00
The information below is for an old version of the document.
| Document | Type |
This is an older version of an Internet-Draft whose latest revision state is "Replaced".
|
|
|---|---|---|---|
| Authors | Reza Rokui , Shunsuke Homma , Kiran Makhijani , Luis M. Contreras , Jeff Tantsura | ||
| Last updated | 2020-10-21 | ||
| Replaced by | draft-ietf-teas-ietf-network-slice-definition | ||
| RFC stream | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | I-D Exists | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
draft-nsdt-teas-ietf-network-slice-definition-00
teas R. Rokui
Internet-Draft Nokia
Intended status: Informational S. Homma
Expires: April 24, 2021 NTT
K. Makhijani
Futurewei
LM. Contreras
Telefonica
J. Tantsura
Apstra, Inc.
October 21, 2020
Definition of IETF Network Slices
draft-nsdt-teas-ietf-network-slice-definition-00
Abstract
This document provides a definition of the term "IETF Network Slice"
for use within the IETF and specifically as a reference for other
IETF documents that describe or use aspects of network slices.
The document also describes the characteristics of an IETF network
slice, related terms and their meanings, and explains how IETF
network slices can be used in combination with end-to-end network
slices or independent of them.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on April 24, 2021.
Rokui, et al. Expires April 24, 2021 [Page 1]
Internet-Draft draft-nsdt-ietf-network-slice-definition October 2020
Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Rationale . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terms and Abbreviations . . . . . . . . . . . . . . . . . . . 4
3. Definition and Scope of IETF Network Slice . . . . . . . . . 4
4. IETF Network Slice System Characteristics . . . . . . . . . . 5
4.1. Objectives for IETF Network Slices . . . . . . . . . . . 5
4.1.1. Service Level Objectives . . . . . . . . . . . . . . 5
4.1.2. Minimal Set of SLOs . . . . . . . . . . . . . . . . . 6
4.1.3. Other Objectives . . . . . . . . . . . . . . . . . . 7
4.2. IETF Network Slice Endpoints . . . . . . . . . . . . . . 7
4.2.1. IETF Network Slice Connectivity Types . . . . . . . . 9
4.3. IETF Network Slice Composition . . . . . . . . . . . . . 9
5. IETF Network Slice Structure . . . . . . . . . . . . . . . . 10
6. IETF Network Slice Stakeholders . . . . . . . . . . . . . . . 11
7. IETF Network Slice Controller Interfaces . . . . . . . . . . 11
8. Realizing IETF Network Slice . . . . . . . . . . . . . . . . 12
9. Isolation in IETF Network Slices . . . . . . . . . . . . . . 12
9.1. Isolation as a Service Level Objective . . . . . . . . . 13
9.2. Isolation in IETF Network Slice Realization . . . . . . . 13
10. Relationship with End-to-End Network Slice . . . . . . . . . 14
11. Security Considerations . . . . . . . . . . . . . . . . . . . 14
12. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15
13. Acknowledgment . . . . . . . . . . . . . . . . . . . . . . . 15
14. Informative References . . . . . . . . . . . . . . . . . . . 15
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 17
1. Introduction
A number of use cases benefit from network connections that along
with the connectivity provide assurance of meeting a specific set of
objectives wrt network resources use. In this document, as detailed
Rokui, et al. Expires April 24, 2021 [Page 2]
Internet-Draft draft-nsdt-ietf-network-slice-definition October 2020
in the subsequent sections, we refer to this connectivity and
resource commitment as an IETF network slice. Services that might
benefit from the network slices include but not limited to:
o 5G services (e.g. eMBB, URLLC, mMTC)(See [TS.23.501-3GPP])
o Network wholesale services
o Network infrastructure sharing among operators
o NFV connectivity and Data Center Interconnect
The use cases are further described in [I-D.nsdt-teas-ns-framework].
This document defines the concept of IETF Network Slices that provide
connectivity coupled with a set of specific commitments of network
resources between a number of endpoints over a shared network
infrastructure. Since the term network slice is rather generic, the
qualifying term 'IETF' is used in this document to limit the scope of
network slice to network technologies described and standardized by
the IETF.
1.1. Rationale
IETF Network Slices are created and managed within the scope of one
or more network technologies (e.g., IP, MPLS, optical). They are
intended to enable a diverse set of applications that have different
requirements to coexist on the same network infrastructure.
An IETF Network Slice is a well-defined structure of connectivity
requirements and associated network behaviors. IETF Network Slices
are defined such that they are independent of the underlying
infrastructure connectivity and technologies used. This is to allow
an IETF Network Slice consumer to describe their network connectivity
and relevant objectives in a common format, independent of the
underlying technologies used.
IETF Network Slices may be combined hierarchically, so that a network
slice may itself be sliced. They may also be combined sequentially
so that various different networks can each be sliced and the network
slices placed into a sequence to provide an end-to-end service. This
form of sequential combination is utilized in some services such as
in 3GPP's 5G network [TS.23.501-3GPP].
Rokui, et al. Expires April 24, 2021 [Page 3]
Internet-Draft draft-nsdt-ietf-network-slice-definition October 2020
2. Terms and Abbreviations
The terms and abbreviations used in this document are listed below.
o NS: Network Slice
o NSC: Network Slice Controller
o NBI: NorthBound Interface
o SBI: SouthBound Interface
o SLI: Service Level Indicator
o SLO: Service Level Objective
o SLA: Service Level Agreement
The above terminology is defined in greater details in the remainder
of this document.
3. Definition and Scope of IETF Network Slice
The definition of a network slice in IETF context is as follows:
An IETF Network Slice is a logical network topology connecting a
number of endpoints with a set of shared or dedicated network
resources, that are used to satisfy specific Service Level Objectives
(SLOs).
IETF Network Slice specification is technology-agnostic, and the
means for IETF network slice realization can be chosen depending on
several factors such as: service requirements, specifications or
capabilities of underlying infrastructure. The structure and
different characteristics of IETF Network Slices are described in the
following sections.
Term "Slice" refers to a set of characteristics and behaviours that
separate one type of user-traffic from another. IETF Network Slice
assumes that an underlying network is capable of changing the
configurations of the network devices on demand, through in-band
signaling or via controller(s) and fulfilling all or some of SLOs to
all of the traffic in the slice or to specific flows.
Rokui, et al. Expires April 24, 2021 [Page 4]
Internet-Draft draft-nsdt-ietf-network-slice-definition October 2020
4. IETF Network Slice System Characteristics
The following subsections describe the characteristics of IETF
network slices.
4.1. Objectives for IETF Network Slices
An IETF Network Slice is defined in terms of several quantifiable
characteristics or service level objectives (SLOs). SLOs along with
terms Service Level Indicator (SLI) and Service Level Agreement (SLA)
are used to define the performance of a service at different levels.
A Service Level Indicator (SLI) is a quantifiable measure of an
aspect of the performance of a network. For example, it may be a
measure of throughput in bits per second, or it may be a measure of
latency in milliseconds.
A Service Level Objective (SLO) is a target value or range for the
measurements returned by observation of an SLI. For example, an SLO
may be expressed as "SLI <= target", or "lower bound <= SLI <= upper
bound". A network slice is expressed in terms of the set of SLOs
that are to be delivered for the different connections between
endpoints.
A Service Level Agreement (SLA) is an explicit or implicit contract
between the consumer of an IETF Network Slice and the provider of the
slice. The SLA is expressed in terms of a set of SLOs and may
include commercial terms as well as the consequences of missing/
violating the SLOs they contain.
Additional descriptions of IETF network slice attributes is covered
in [I-D.contreras-teas-slice-nbi].
4.1.1. Service Level Objectives
SLOs define a set of network attributes and characteristics that
describe an IETF network slice. SLOs do not describe 'how' the IETF
network slices are implemented or realized in the underlying network
layers. Instead, they are defined in terms of dimensions of
operation (time, capacity, etc.), availability, and other attributes.
An IETF network slice can have one or more SLOs associated with it.
The SLOs are combined in an SLA. The SLOs are defined for sets of
two or more endpoints and apply to specific directions of traffic
flow. That is, they apply to specific source endpoints and specific
connections between endpoints within the set of endpoints and
connections in the network slice.
Rokui, et al. Expires April 24, 2021 [Page 5]
Internet-Draft draft-nsdt-ietf-network-slice-definition October 2020
4.1.2. Minimal Set of SLOs
This document defines a minimal set of SLOs and later systems or
standards could extend this set as per Section 4.1.3.
SLOs can be categorized in to 'Directly Measurable Objectives' or
'Indirectly Measurable Objectives'. Objectives such as guaranteed
minimum bandwidth, guaranteed maximum latency, maximum permissible
delay variation, maximum permissible packet loss rate, and
availability are 'Directly Measurable Objectives'. While 'Indirectly
Measurable Objectives' include security, geographical restrictions,
maximum occupancy level objectives. The later standard might define
other SLOs as needed.
Editor's Note TODO: Minimal set describes most commonly used
objectives to describe network behavior. Other directly or
indirectly measurable objectives may be requested by that customer of
an IETF network slice.
The definition of these objectives are as follows:
Guaranteed Minimum Bandwidth
Minimum guaranteed bandwidth between two endpoints at any time.
The bandwidth is measured in data rate units of bits per second
and is measured unidirectionally.
Guaranteed Maximum Latency
Upper bound of network latency when transmitting between two
endpoints. The latency is measured in terms of network
characteristics (excluding application-level latency).
[RFC2681] and [RFC7679] discuss round trip times and one-way
metrics, respectively.
Maximum Permissible Delay Variation
Packet delay variation (PDV) as defined by [RFC3393], s the
difference in the one-way delay between sequential packets in a
flow. This SLO sets a maximum value PDV for packets between
two endpoints.
Maximum permissible packet loss rate
The ratio of packets dropped to packets transmitted between two
endpoints over a period of time. See [RFC7680]
Availability
Rokui, et al. Expires April 24, 2021 [Page 6]
Internet-Draft draft-nsdt-ietf-network-slice-definition October 2020
The ratio of uptime to the sum of uptime and downtime, where
uptime is the time the IETF network slice is available in
accordance with the SLOs associated with it.
Security
An IETF Network Slice consumer may request that the network
applies encryption or other security techniques to traffic
flowing between endpoints.
Note that the use of security or the violation of this SLO is
not directly observable by the IETF Network Slice consumer and
cannot be measured as a quantifiable metric.
Also note that the objective may include request for encryption
(e.g., [RFC4303]) between the two endpoints explicitly to meet
architecture recommendations as in [TS33.210] or for compliance
with [HIPAA] and/or [PCI].
Editor's Note: Please see more discussion on security in
Section 11.
4.1.3. Other Objectives
Additional SLOs may be defined to provide additional description of
the IETF network slice that a consumer requests.
If the IETF Network Slice consumer service is traffic aware, other
traffic specific characteristics may be valuable including MTU,
traffic-type (e.g., IPv4, IPv6, Ethernet or unstructured), or a
higher-level behavior to process traffic according to user-
application (which may be realized using network functions).
Maximal occupancy for an IETF network slice should be provided.
Since it carries traffic for multiple flows between the two
endpoints, the objectives should also say if they are for the entire
connection, group of flows or on per flow basis. Maximal occupancy
should specify the scale of the flows (i.e. maximum number of flows
to be admitted) and optionally a maximum number of countable resource
units, e.g IP or MAC addresses a slice might consume.
4.2. IETF Network Slice Endpoints
As noted in Section 3, an IETF network slice describes connectivity
between endpoints across the underlying network. This connectivity
may be be point-to-point, point-to-multipoint (P2MP), multipoint-to-
point, or multipoint-to-multipoint.
Rokui, et al. Expires April 24, 2021 [Page 7]
Internet-Draft draft-nsdt-ietf-network-slice-definition October 2020
The characteristics of IETF network slice endpoints (NSEs) are as
follows.
o They are conceptual points of connection of a customer network,
network function, device, or application to the IETF network
slice. This might include routers, switches, firewalls, WAN,
4G/5G RAN nodes, 4G/5G Core nodes, application acceleration, Deep
Packet Inspection (DPI), server load balancers, NAT44 [RFC3022],
NAT64 [RFC6146], HTTP header enrichment functions, and TCP
optimizers.
o They are identified in a request provided by the consumer of an
IETF Network Slice when the IETF Network Slice is requested.
o An NSE is identified a unique identifier and/or a unique name and
other data. A non-exhaustive list of other data includes IPv4 or
IPv6 address, VLAN tag, port number, connectivity type (P2P, P2MP,
MP2MP).
Note that the NSE is different from access points (AP) defined in
[RFC8453] as an AP is a logical identifier to identify the shared
link between the customer and the operator where as NSE is an
identifier of an endpoint. Also NSE is different from TE Link
Termination Point (LTP) defined in [I-D.ietf-teas-yang-te-topo] as it
is a conceptual point of connection of a TE node to one of the TE
links on a TE node.
The NSE is similar to the Termination Point (TP) defined in [RFC8345]
and can contain more attributes. NSE could be modeled by augmenting
the TP model.
There is another type of the endpoints called "IETF Network Slice
Realization Endpoints (NSREs)". These endpoints are allocated and
assigned by the network controller during the realization of an IETF
Network Slice and are technology-specific, i.e. they depend on the
network technology used during the IETF Network Slice realization.
The identification of NSREs forms part of the realization of the IETF
Network Slice and is implementation and deployment specific.
Figure 1 shows an example of an IETF Network Slice and its
realization between multiple NSEs and NSREs.
Rokui, et al. Expires April 24, 2021 [Page 8]
Internet-Draft draft-nsdt-ietf-network-slice-definition October 2020
(-------------------)
( IETF scoped Network )
DAN1 ( ) DAN2
-------- NSRE1 -------- -------- NSRE2 --------
| o |-------o| A | | B |o--------| o |
| NSE1| -------- -------- | NSE2 |
-------- | ( ) | --------
| | ( ) | |
| | (-------------------) | |
| | | |
| | <=============================> | |
| IETF Network Slice realization |
| between NSRE1 and NSRE2 |
| |
| <===================================================> |
IETF Network Slice between NSE1 and NSE2 with SLO1
Legend:
DAN: Device, application and/or network function
Figure 1: An IETF Network Slice between NSEs and its realization
between NSREs
4.2.1. IETF Network Slice Connectivity Types
The IETF Network Slice connection types can be point to point (P2P),
point to multipoint (P2MP), multi-point to point (MP2P), or multi-
point to multi-point (MP2MP). They will requested by the higher
level operation system.
4.3. IETF Network Slice Composition
Operationally, an IETF Network Slice maybe decomposed in two or more
IETF Network Slices as specified below. Decomposed network slices
are then independently realized and managed.
o Hierarchical (i.e., recursive) composition: An IETF Network Slice
can be further sliced into other network slices. Recursive
composition allows an IETF Network Slice at one layer to be used
by the other layers. This type of multi-layer vertical IETF
Network Slice associates resources at different layers.
o Sequential composition: Different IETF Network Slices can be
placed into a sequence to provide an end-to-end service. In
sequential composition, each IETF Network Slice would potentially
support different dataplanes that need to be stitched together.
Rokui, et al. Expires April 24, 2021 [Page 9]
Internet-Draft draft-nsdt-ietf-network-slice-definition October 2020
5. IETF Network Slice Structure
Editor's note: This content of this section can be merged with
Relationship with E2E slice discussion.
An IETF Network Slice is a set of connections among various endpoints
to form a logical network that meets the SLOs agreed upon.
____________________________
[EP11]------/ /--[EP21]
/ /
[EP12]----/ IETF Network Slice /----[EP22]
: / (SLOs e.g. /
: / B/W > x bps, Delay < y ms)/
[EP1m]-/___________________________/-------[EP2n]
== == == == == == == == == == == == == == == == == ==
.--. .--.
[EP11] ( )- . ( )- . [EP21]
.' ' SLO .' '
[EP12] ( Network-1 ) ... ( Network-p ) [EP22]
: `-----------' `-----------' :
[EP1m] [EP2n]
Legend
SLOs in terms of attributes, e.g. BW, delay.
EP: Endpoint
B/W: Bandwidth
Figure 2: IETF Network slice
Figure 2 illustrates a case where an IETF Network Slice provides
connectivity between a set of endpoints pairs with specific
characteristics for each SLO (e.g. guaranteed minimum bandwidth of x
bps and guaranteed delay of no more than y ms). The endpoints may be
distributed in the underlay networks, and an IETF Network Slice can
be deployed across multiple network domains. Also, the endpoints on
the same IETF Network Slice may belong to the same or different
address spaces.
Rokui, et al. Expires April 24, 2021 [Page 10]
Internet-Draft draft-nsdt-ietf-network-slice-definition October 2020
6. IETF Network Slice Stakeholders
An IETF Network Slice and its realization involves the following
stakeholders and it is relevant to define them for consistent
terminology.
Consumer: A consumer is the requester of an IETF Network Slice.
Consumers may request monitoring of SLOs. A consumer may manage
the IETF Network Slice service directly by interfacing with the
IETF Network Slice controller or indirectly through an
orchestrator.
Orchestrator: An orchestrator is an entity that composes different
services, resource and network requirements. It interfaces with
the IETF Network Slice controllers.
IETF Network Slice Controller (NSC): It realizes an IETF Network
Slice in the underlying network, maintains and monitors the run-
time state of resources and topologies associated with it. A
well-defined interface is needed between different types of IETF
Network Slice controllers and different types of orchestrators.
An IETF Network Slice operator (or slice operator for short)
manages one or more IETF Network Slices using the IETF Network
Slice Controller(s).
Network Controller: is a form of network infrastructure controller
that offers network resources to NSC to realize a particular
network slice. These may be existing network controllers
associated with one or more specific technologies that may be
adapted to the function of realizing IETF Network Slices in a
network.
7. IETF Network Slice Controller Interfaces
The interworking and interoperability among the different
stakeholders to provide common means of provisioning, operating and
monitoring the IETF Network slices is enabled by the following
communication interfaces (see Figure 3).
NSC Northbound Interface (NBI): The NSC Northbound Interface is an
interface between a consumer's higher level operation system
(e.g., a network slice orchestrator) and the NSC. It is a
technology agnostic interface. The consumer can use this
interface to communicate the requested characteristics and other
requirements (i.e., the SLOs) for the IETF Network Slice, and the
NSC can use the interface to report the operational state of an
IETF Network Slice to the consumer.
Rokui, et al. Expires April 24, 2021 [Page 11]
Internet-Draft draft-nsdt-ietf-network-slice-definition October 2020
NSC Southbound Interface (SBI): The NSC Southbound Interface is an
interface between the NSC and network controllers. It is
technology-specific and may be built around the many network
models defined within the IETF.
+------------------------------------------+
| Consumer higher level operation system |
| (e.g E2E network slice orchestrator) |
+------------------------------------------+
A
| NSC NBI
V
+------------------------------------------+
| IETF Network Slice Controller (NSC) |
+------------------------------------------+
A
| NSC SBI
V
+------------------------------------------+
| Network Controllers |
+------------------------------------------+
Figure 3: Interface of IETF Network Slice Controller
8. Realizing IETF Network Slice
Realization of IETF Network Slices is out of scope of this document.
It is a mapping of the definition of the IETF Network Slice to the
underlying infrastructure and is necessarily technology-specific and
achieved by the NSC over the SBI.
The realization can be achieved in a form of either physical or
logical connectivity through VPNs (see, for example,
[I-D.ietf-teas-enhanced-vpn], a variety of tunneling technologies
such as Segment Routing, MPLS, etc. Accordingly, endpoints may be
realized as physical or logical service or network functions.
9. Isolation in IETF Network Slices
Editor's note: This content is a work in progress.
An IETF Network Slice consumer may request, that the IETF Network
Slice delivered to them is isolated from any other network slices of
services delivered to any other customers. It is expected that the
Rokui, et al. Expires April 24, 2021 [Page 12]
Internet-Draft draft-nsdt-ietf-network-slice-definition October 2020
changes to the other network slices of services do not have any
negative impact on the delivery of the IETF Network Slice.
This requirement may be met by simple conformance with other SLOs.
For example, traffic congestion (interference from other services)
might impact on the latency experienced by an IETF network slice.
Thus, conformance to a latency SLO would be the primary requirement
for delivery of the IETF network slice service, and isolation from
other services might be only a means to that end.
Nevertheless, "isolation" remains a useful shorthand to describe the
desire that an IETF network slice should not be impacted by any other
network slice or service supported by the underlying network. The
concept may also be useful for achieving independence against failure
between a pair of IETF network slices (used, for example, for backup
connectivity).
Other meanings of "isolation" such as "do not deliver traffic from
this IETF network slice to an endpoint that is not part of this IETF
network slice" should be taken for granted by the definition and
realization of any IETF network slice.
9.1. Isolation as a Service Level Objective
As described above, the concept of "isolation" may be presented as an
SLO. It may be unqualified as "keep this IETF network slice free
from effects caused by any other network slice or service," qualified
as "keep a specific SLI free from effects caused by any other network
slice or service," or tightly specified to the effects or
vulnerabilities of another specific IETF network slice.
It should be noted that some aspects of isolation may be measurable
by a customer who can control the traffic on a number of IETF network
slices or other services.
9.2. Isolation in IETF Network Slice Realization
How delivery of isolation is achieved in the realization of a network
slice is implementation and technology dependent. It may further
depend on how a network operator decides to operate their network and
deliver services.
Isolation may be achieved in the underlying network by various forms
of resource partitioning ranging from dedicated allocation of
resources for a specific IETF network slice, to sharing or resources
with safeguards.
Rokui, et al. Expires April 24, 2021 [Page 13]
Internet-Draft draft-nsdt-ietf-network-slice-definition October 2020
10. Relationship with End-to-End Network Slice
Editor's note: The details deleted from here should be in the
framework.
An end-to-end network slice is defined by the 3GPP as a complete
logical network that provides a service in its entirety with a
specific assurance to the customer [TS.23.501-3GPP]. A network
operator may be responsible for delivering services over a number of
technologies (such as radio networks) and for providing specific and
fine-grained services (such as CCTV feed or High definition realtime
traffic data). That operator may need to combine slices of various
networks to produce an end-to-end network service. Each of these
networks may include multiple physical or virtual nodes and may also
provide network functions beyond simply carrying of technology-
specific protocol data units.
An end-to-end network slice may be composed from other network slices
that include IETF Network Slices. This composition may include the
hierarchical (or recursive) use of underlying network slices and the
sequential (or stitched) combination of slices of different networks.
11. Security Considerations
Editor's Note: Need further improvement; work in progress.
This document specifies terminology and has no direct effect on the
security of implementations or deployments.
As noted in Section 4.1.2, some aspects of security may be expressed
in SLOs and so form part of the service delivered as an IETF network
slice. As further mentioned in Section 8, there is an underlying
asumption that traffic presented to an IETF network slice will not be
misdelivered to an endpoint that is not part of that IETF network
slice.
Furthermore, the nature of conformance to SLOs means that it should
not be possible to attack an IETF network slice service by varying
the traffic on other services or slices carried by the same underlay
network. This concern can be strengthened by the stipulation of
"isolation" as an SLO.
Note, however, that a customer wanting to secure their data and keep
it private will be responsible for applying appropriate security
measures to their traffic and not depending on the network operator
that provides the IETF network slice.
Rokui, et al. Expires April 24, 2021 [Page 14]
Internet-Draft draft-nsdt-ietf-network-slice-definition October 2020
12. IANA Considerations
This memo includes no request to IANA.
13. Acknowledgment
The entire TEAS NS design team and everyone participating in those
discussion has contributed to this draft. Particularly, Eric Gray,
Xufeng Liu, Jie Dong, Adrian Farrel, and Jari Arkko for a thorough
review among other contributions.
14. Informative References
[HIPAA] HHS, "Health Insurance Portability and Accountability Act
- The Security Rule", February 2003,
<https://www.hhs.gov/hipaa/for-professionals/security/
index.html>.
[I-D.contreras-teas-slice-nbi]
Contreras, L., Homma, S., and J. Ordonez-Lucena,
"Considerations for defining a Transport Slice NBI",
draft-contreras-teas-slice-nbi-01 (work in progress),
March 2020.
[I-D.ietf-teas-enhanced-vpn]
Dong, J., Bryant, S., Li, Z., Miyasaka, T., and Y. Lee, "A
Framework for Enhanced Virtual Private Networks (VPN+)
Services", draft-ietf-teas-enhanced-vpn-05 (work in
progress), February 2020.
[I-D.ietf-teas-yang-te-topo]
Liu, X., Bryskin, I., Beeram, V., Saad, T., Shah, H., and
O. Dios, "YANG Data Model for Traffic Engineering (TE)
Topologies", draft-ietf-teas-yang-te-topo-22 (work in
progress), June 2019.
[I-D.nsdt-teas-ns-framework]
Gray, E. and J. Drake, "Framework for Transport Network
Slices", draft-nsdt-teas-ns-framework-02 (work in
progress), March 2020.
[PCI] PCI Security Standards Council, "PCI DSS", May 2018,
<https://www.pcisecuritystandards.org>.
[RFC2681] Almes, G., Kalidindi, S., and M. Zekauskas, "A Round-trip
Delay Metric for IPPM", RFC 2681, DOI 10.17487/RFC2681,
September 1999, <https://www.rfc-editor.org/info/rfc2681>.
Rokui, et al. Expires April 24, 2021 [Page 15]
Internet-Draft draft-nsdt-ietf-network-slice-definition October 2020
[RFC3022] Srisuresh, P. and K. Egevang, "Traditional IP Network
Address Translator (Traditional NAT)", RFC 3022,
DOI 10.17487/RFC3022, January 2001,
<https://www.rfc-editor.org/info/rfc3022>.
[RFC3393] Demichelis, C. and P. Chimento, "IP Packet Delay Variation
Metric for IP Performance Metrics (IPPM)", RFC 3393,
DOI 10.17487/RFC3393, November 2002,
<https://www.rfc-editor.org/info/rfc3393>.
[RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)",
RFC 4303, DOI 10.17487/RFC4303, December 2005,
<https://www.rfc-editor.org/info/rfc4303>.
[RFC6146] Bagnulo, M., Matthews, P., and I. van Beijnum, "Stateful
NAT64: Network Address and Protocol Translation from IPv6
Clients to IPv4 Servers", RFC 6146, DOI 10.17487/RFC6146,
April 2011, <https://www.rfc-editor.org/info/rfc6146>.
[RFC7679] Almes, G., Kalidindi, S., Zekauskas, M., and A. Morton,
Ed., "A One-Way Delay Metric for IP Performance Metrics
(IPPM)", STD 81, RFC 7679, DOI 10.17487/RFC7679, January
2016, <https://www.rfc-editor.org/info/rfc7679>.
[RFC7680] Almes, G., Kalidindi, S., Zekauskas, M., and A. Morton,
Ed., "A One-Way Loss Metric for IP Performance Metrics
(IPPM)", STD 82, RFC 7680, DOI 10.17487/RFC7680, January
2016, <https://www.rfc-editor.org/info/rfc7680>.
[RFC8345] Clemm, A., Medved, J., Varga, R., Bahadur, N.,
Ananthakrishnan, H., and X. Liu, "A YANG Data Model for
Network Topologies", RFC 8345, DOI 10.17487/RFC8345, March
2018, <https://www.rfc-editor.org/info/rfc8345>.
[RFC8453] Ceccarelli, D., Ed. and Y. Lee, Ed., "Framework for
Abstraction and Control of TE Networks (ACTN)", RFC 8453,
DOI 10.17487/RFC8453, August 2018,
<https://www.rfc-editor.org/info/rfc8453>.
[TS.23.501-3GPP]
3rd Generation Partnership Project (3GPP), "3GPP TS 23.501
(V16.2.0): System Architecture for the 5G System (5GS);
Stage 2 (Release 16)", September 2019,
<http://www.3gpp.org/ftp//Specs/
archive/23_series/23.501/23501-g20.zip>.
Rokui, et al. Expires April 24, 2021 [Page 16]
Internet-Draft draft-nsdt-ietf-network-slice-definition October 2020
[TS33.210]
3GPP, "3G security; Network Domain Security (NDS); IP
network layer security (Release 14).", December 2016,
<https://portal.3gpp.org/desktopmodules/Specifications/
SpecificationDetails.aspx?specificationId=2279>.
Authors' Addresses
Reza Rokui
Nokia
Canada
Email: reza.rokui@nokia.com
Shunsuke Homma
NTT
Japan
Email: shunsuke.homma.ietf@gmail.com
Kiran Makhijani
Futurewei
USA
Email: kiranm@futurewei.com
Luis M. Contreras
Telefonica
Spain
Email: luismiguel.contrerasmurillo@telefonica.com
Jeff Tantsura
Apstra, Inc.
Email: jefftant.ietf@gmail.com
Rokui, et al. Expires April 24, 2021 [Page 17]