Routing Area Working Group                                      S. Hares
Internet-Draft                                   Hickory Hill Consulting
Intended status: Informational                                   M. Chen
Expires: August 18, 2014                             Huawei Technologies
                                                       February 14, 2014


 Use Cases for Virtual Connections on Demand (VCoD) and Virtual Network
           on Demand (VNoD) using Interface to Routing System
                   draft-hares-i2rs-use-case-vn-vc-02

Abstract

   Software Defined Networks (SDN) provides a way to virtualize and
   abstract the network and present the virtual or abstract resources to
   third-party applications running in software.  Applications can
   utilize a programmable interface to receive these virtual or abstract
   resources descriptions in a form that allows monitoring or
   manipulation of resources within the network.  The Interface to the
   Routing System (I2RS) provides an interface directly to the routing
   System to monitor best paths to any destination or change routes in
   the routing information base (RIB) or MPLS Label Information Base
   (LIB).  The I2RS interfaces may be combined with other interfaces to
   the forwarding plane (ForCES (RFC3746)), device configuration
   (NETCONF), or mid-level/peer-to-peer (ALTO, draft-ietf-alto-protocol)
   system to create these virtual pathways.

   This document outlines how SDN networks can use the I2RS interface to
   implement an automated set of network services for the Virtual
   Connection on Demand (VCoD) and Virtual Network on Demand (VNoD).
   These systems provide service routing a better way to create paths
   within a hub and spoke environment, and provide service routing the
   ability to create pathways based on service.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."



Hares & Chen             Expires August 18, 2014                [Page 1]


Internet-Draft          I2RS Use Cases VCoD VNoD           February 2014


   This Internet-Draft will expire on August 18, 2014.

Copyright Notice

   Copyright (c) 2014 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Background  . . . . . . . . . . . . . . . . . . . . . . . . .   3
   3.  Virtual Circuit on Demand . . . . . . . . . . . . . . . . . .   5
   4.  Virtual Network on Demand (VNoD)  . . . . . . . . . . . . . .   8
   5.  Automated On Demand Networks  . . . . . . . . . . . . . . . .   9
   6.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .  10
   7.  Security Considerations . . . . . . . . . . . . . . . . . . .  11
   8.  References  . . . . . . . . . . . . . . . . . . . . . . . . .  11
     8.1.  Normative References  . . . . . . . . . . . . . . . . . .  11
     8.2.  Informative References  . . . . . . . . . . . . . . . . .  11
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  12

1.  Introduction

   The Interface to the Routing System (I2RS) architecture
   ([I-D.ietf-i2rs-architecture]) describes a mechanism where the
   distributed control plane can be augmented by an outside control
   plane through an open accessible programmatic interface.  I2RS
   provides a "halfway point" between completely replacing the
   traditional distributed control planes and directly configuring
   devices via off-board processes.

   This draft proposes a set of use cases using I2RS mechanisms to
   implement a Software Defined Network (SDN) to enact virtual
   connections and virtual networks as automated services.  This
   document focuses on how I2RS would support two automated network
   services: Virtual Connection on Demand (VCoD) and Virtual Network on
   Demand (VNoD).  The Virtual Connections on Demand (VCoD) and Virtual
   Network on Demand (VNoD) may be used within hub-spoke networks and



Hares & Chen             Expires August 18, 2014                [Page 2]


Internet-Draft          I2RS Use Cases VCoD VNoD           February 2014


   improved service routing.  In the future, an application enabled SDN
   services may provides the Virtual Circuits (VCoD) and Virtual
   Networks on Demand (VNoD) for any type of network service.

   This document contains a background section, a VCoD use case, a VNoD
   use case, and notes on future on-demand network services (connections
   and network).  Those familiar with I2RS problem statement
   ([I-D.ietf-i2rs-problem-statement]), I2RS architecture
   ([I-D.ietf-i2rs-architecture]), and the concepts of Virtual
   Connections (VCs) or Virtual Networks (VNs) may wish to skip directly
   to the use cases.

   SDN is a new to the Internet space.  Each new adventure in Internet
   network services requires lots of use cases so that the IETF may
   determine the critical protocols to be developed.

2.  Background

   Applications and network layer flows have run independently since the
   Internet started in the late 1980s.  Provisioning of network services
   and big flows has been done by service providers statically or with
   proprietary processes.  Recently, new server and host technologies
   have increase application data traffic flows across the network.
   With the advent of Data Center providers and cloud services,
   applications life cycles have shortened to weeks rather than years.
   The need for fast automated provisioning of virtual network
   connections or quick provisioning of virtual private networks has
   increased.

   Software Defined Networks have three areas of challenge to provide
   such quick network services: a) how to control the network flows, b)
   interfaces to networks, and c) how do calculate where these network
   flows go.

   Network flows can be controlled at the forwarding device level or the
   network control plane level.  Various programmatic interfaces have
   been proposed to provide control over individual forwarding devices.
   ForCES ([RFC3746]) provides mechanisms to replace the dynamic control
   plane processes on individual forwarding devices throughout a network
   with off box processes that interact with the forwarding tables on
   each device.  Another example is NETCONF, which provides a fast and
   flexible mechanism to interact with device configuration and policy.

   The trade-off with the device level approach to control flows has to
   do with benefits and challenges of having control systems off-board.
   The benefit of off-board control systems is that the calculation unit
   can be centralized.  The challenge of the off-board control system
   has both technical challenges and deployment challenges.  The



Hares & Chen             Expires August 18, 2014                [Page 3]


Internet-Draft          I2RS Use Cases VCoD VNoD           February 2014


   technical challenge is that off-board control systems may encounter
   time-delays and communication failure.  The deployment issues
   concerns utilizing new protocols for this communication which may
   also have issues in deployment.  The promised benefits of off-board
   devices are reduction in operational costs, improved scaling,
   control, and visibility.  OpenFlow, for instance, provides a
   mechanism to replace the dynamic control plane processes on
   individual forwarding devices throughout a network with off box
   processes that interact with the forwarding tables on each device.
   Another example is NETCONF, which provides a fast and flexible
   mechanism to interact with device configuration and policy.

   The Interface to Routing System (I2RS) interface provides an
   interface to all aspects of the routing system as a system.  This
   interface allows the SDN approach to utilize the existing control
   plane software without changing it.  The I2RS agent interacts with
   the control plane processes to monitor best paths to any destination
   and to interact with the routing information base (RIB)or MPLS label
   information base (LIB), and forward the information to the I2RS
   client.  Applications associated with the I2RS client can compute
   where network flows should go, and then instruct I2RS agents in the
   appropriate nodes to change RIB or LIB routes to enact the changes to
   traffic flows.

   This document describes a set of use cases which describe how
   automated creation of Virtual Connection on Demand (VCoD) and Virtual
   Networks On Demand (VNoD) based in SDN logic can be accomplished by
   using an interface to the routing system (I2RS).  This document first
   examines the current use case for I2RS of improved hub-spoke routing
   and better service routing using VCoD (section 2), and VNoD (section
   3).  Secondly, this document examines the future I2RS use case of
   VCoD and VNoD for any network enabled by application or SDN
   processing.

   A bit of context on abstract services may be useful as a background.

   These abstract services (VC or VN) are logical services that can be
   mapped to specific services.  For example, a virtual circuit may be
   mapped to a TE-LSP.  These logical services provide a uniform
   abstract service model that allows applications to configure VC or VN
   services independent of the actual network technology implementing
   it.

   There are several types of network services that can be considered as
   network services over which virtual connections or virtual networks
   can be created.  These network services include: optical, Ethernet
   (VLAN and SPB), Internet Protocol (IP), Multi-protocol Label
   Switching (MPLS).  Each of these networks can provide traffic



Hares & Chen             Expires August 18, 2014                [Page 4]


Internet-Draft          I2RS Use Cases VCoD VNoD           February 2014


   engineered paths, policy control (e.g. Access control Lists (ACLs)),
   security services, or some form of virtual LAN services (VLAN, VxLAN,
   L2/L3 VPN).  The examples in this document focus on the transport and
   VPN related services that can be abstracted into Virtual Connection
   (VC) and Virtual Network (VN).

   The use cases below leverage the SDN architecture and model and the
   I2RS Framework to implement Virtual Circuit on Demand (VCoD) and
   Virtual Network on Demand (VNoD).

   Please note that this draft builds on the premise that SDN solutions
   can augment rather than replace traditional distributed control
   planes.  Each use case is presented in its own section.

3.  Virtual Circuit on Demand

   The Virtual circuit on demand (VCoD) applications associates to I2RS
   client (or clients) which can communicate with the I2RS agent (or
   agents) which control the VCoD circuit's creation, deletion,
   modification, query for information or status changes.  This
   information needs to include for this application network topology,
   interface statistics, available circuits per node, available
   bandwidth on circuits.  Interface statistics might be required on a
   historical and instantaneous time basis.  The circuit statistics
   might also need jitter, delay, and exit-point performance.

   The virtual circuits may be obtained via RIB Informational Model (RIB
   IM) ([I-D.ietf-i2rs-rib-info-model]) from the interface list, or from
   the nexthop lists.  Write access to set-up new interfaces is not
   clearly spelled out in the current version of the RIB IM, nor are the
   statistics (historical or time).  This use case points out additional
   Information Models (IMs) that need to be added to the I2RS
   information models.

   In the example topology below, the VCoD application's I2RS client
   communicates with I2RS agents to set-up virtual circuits from Edge 1
   to Edge 2.  The I2RS client communicates with I2RS Agent-1 on node 1,
   I2RS Agent-2 on node 2, I2RS Agent-3 on node 3, and I2RS Agent 4 on
   node 4 for to set-up the virtual circuit.  The VCoD application
   contains the necessary logic to determine the pathway from Edge 1 to
   Edge 2.

   A second option VCoD is to have an application communicate with two
   I2RS clients who cooperate to set-up the virtual connections between
   Edge 1 and Edge 2.  Information passed between the two clients can be
   done via other IETF protocols (E.g. stateful PCE or ALTO).

   Why I2RS enabled solutions are necessary



Hares & Chen             Expires August 18, 2014                [Page 5]


Internet-Draft          I2RS Use Cases VCoD VNoD           February 2014


   Past solutions in this area have included uses of device
   configuration across multiple nodes (SNMP or NETCONF based) with
   proprietary services combined with topology queries.  The lack of
   coordinated responses to routing topology queries has created
   problems in quickly obtaining and configuring changes for Virtual
   Circuits.  New algorithms can create better services in routing and
   switching.  These algorithms include Fast-Reroute of RSVP or IGPs
   which aid the automatic re-establishment of some circuits, but the
   complexity of some of these algorithms increases cost within the
   network elements.  It's often difficult to justify the added
   complexity in the database and algorithms of routing protocols to
   solve what is considered a point case.

   While the set-up of these virtual circuits is possible with current
   technology, the lack of the I2RS-like framework makes VCoD network
   complex.  With this support, VCoD may be able to reduce complexity on
   the individual nodes.

   What's not in scope for I2RS

   The means by which the VCoD application determines which I2RS client
   to associate with is outside the I2RS protocol and architecture.  A
   list of virtual circuits per node may be queried from the RIB
   Informational Model's (RIB IM) ([I-D.ietf-i2rs-rib-info-model])
   interface and nexthop lists.  However, other means may be used to
   determine the possible interfaces on a node.  For example, ALTO could
   inform the application which nodes have an I2RS Agent supporting the
   VCoD service, and SNMP/NETCONF could be used to determine which
   interfaces were configured.

   Example Topology for Virtual Circuit on Demand (VCoD).




















Hares & Chen             Expires August 18, 2014                [Page 6]


Internet-Draft          I2RS Use Cases VCoD VNoD           February 2014


        +----------------------------+
        | Application (VCoD)         |
        +---*------------------------+
            |                      |
            |                      |
      +-------*------------+< NETCONF  >+-------------------+< NETCONF
      |I2RS client 1       |< PCE info> |I2RS Commissioner-2 |< PCEP
      |VC controller       |            | VN controller     |
      +--*----------*--*-*-+            +-------------------+
         |          |  | |               |               |
         |          |  | |--------------------------+    |
         |          |  |-----------+     |          |    |
         |          |              |     |          |    |
       +--------+ +--------+      +---------+  +----------+
       | I2RS   | | I2RS   |      | I2RS    |  | I2RS     |
       | Agent-1| |Agent-2 |      | Agent-3 |  | Agent-4  |
       |--------| |--------+      +---------+  +----------+
       | node 1 | | node 2 |      | node 3  |  | node 4   |
       +--------+ +--------+      +---------+  +----------+
          |  |        | |            |  |
      edge1  |--------| |------------|  |
                                        |----edge2



   The following things need to be supported for this application:

   o  I2RS Agents should provide the ability to read the virtual
      connection topology database for the technology supported.  For
      optical, these are the optical connections and what node they
      connect to.  For MPLS, this is virtual circuit available, and what
      nodes they connect to.  For IP technologies, this could include
      the GRE tunnels and what interface it connects to.  For Ethernet
      circuits this should involve circuit type (e.g, point-to-point
      (p2p) or point-to-multipoint (p2mp)) and what nodes it can reach.

   o  I2RS Agent should provide the ability to influence the
      configuration of a virtual circuit in a node.

   o  I2RS Agent should provide monitor and provide statistics on the
      virtual connection to the I2RS client.  The I2RS client can then
      determine if the connection falls below a quality level the
      application has requested.  If the I2RS client does determine the
      circuit is below the required quality, it could create another
      circuit.  The I2RS may choose to create the second virtual
      circuit, transfer flows, and then break the first circuit.

   What is needed in the RIB IM Model



Hares & Chen             Expires August 18, 2014                [Page 7]


Internet-Draft          I2RS Use Cases VCoD VNoD           February 2014


   The RIB IM model ([I-D.ietf-i2rs-rib-info-model]  provides with each
   route an associated nexthop-list 0-N members.  Each nexthop list is
   flagged with a protection preference (1 or 2), and a Load balance
   weight (1 to 99).  If the host routes for all nodes in the topology
   exist within the RIB IM model's instantiation, then the nexthop
   provides the following information:

   o  identifier for interface

   o  egress interface (logical, virtual, or physical)

   o  address of physical interface (IP address or MAC) plus RIB

   o  tunnel encapsulation for interface (IP GRE, MPLS tunnel),

   o  logical tunnel identifier

   o  RIB name (for resolved look-ups)

   o  flags for specialized look-ups (Discard packets, discard with
      error notification, receive)

   The RIB IM model's primitives need to be expanded to include circuit
   type (p2p, mp2mp), optical connection information, and additional
   statistics per virtual circuit.  The RIB IM model's instantiation
   within the protocol must provide an easy way to specify queries for
   this information.

4.  Virtual Network on Demand (VNoD)

   Virtual Networks on Demand (VNoD) are simply extensions to the
   Virtual Connections on Demand concept.  The I2RS client 2 is tasked
   to create a Virtual network instead of a single connection.

   The example sequence would be that the application discovers the
   appropriate I2RS clients (I2RS VNoD client 1 and I2RS VNoD Client 2)
   which support VNoD via a protocol outside the I2RS framework (e.g.
   ALTO).  The I2RS Client-2 works with the I2RS Agents 1-4 to set-up a
   virtual network.  This involves the following:

   o  gathering potential topology information (in order to create the
      network,

   o  set-up the virtual network (via influencing configurations on
      node),

   o  monitoring changes in topology (in order to potential failovers,




Hares & Chen             Expires August 18, 2014                [Page 8]


Internet-Draft          I2RS Use Cases VCoD VNoD           February 2014


   o  influencing changes to virtual network via configurations, and

   o  removing the virtual network after the demand has expired.


                 +-------------------------+
                 | Application             |
                 +-------------------------+
                  |                      |
                  |                      |
       +------------------+< Policy   +-------------------+< Policy
       |I2RS VNoD client 1|< PCE info |I2RS client 2      |< PCEP
       |                  |           |                   |
       +------------------+           +-------------------+
                                       | |  |       |
          |----------------------------+ |  |       |
          |            +------------------  |       |
          |            |                    |       |
        +--------+ +--------+      +---------+  +----------+
        | I2RS   | | I2RS   |      | I2RS    |  | I2RS     |
        | Agent-1| |Agent-2 |      | Agent-3 |  | Agent-4  |
        |--------| |--------+      +---------+  +----------+
        | node 1 | | node 2 |      | node 3  |  | node 4   |
        +--------+ +--------+      +---------+  +----------+
           |  |        | |            |  | |      |  |
           |  |--------| |------------|  | +------+  |-end-point-3
           |                             |           |
       end-point-1                       |
                                         |----end-point2


   This topology shares some configuration needs with the central
   membership computation for MPLS VPNs from (draft-white-i2rs-use-
   cases) but the mechanisms are not specific to MPLS VPNS.

5.  Automated On Demand Networks

   Automated On-Demand networks becomes a reasonable technology within a
   network by utilizing the I2RS architecture.  While automated on-
   demand circuit provisioning and de-provisioning is possible now, the
   effort to configure and reconfigure nodes to provide the Automatic
   On-Demand circuits can be difficult.  With I2RS, the I2RS client can
   instruct the I2RS Agents within a network to create On-Demand
   circuits and then remove the circuits returning the network to its
   configured state.  With I2RS enhanced monitoring capability, the
   monitoring needed for these state changes is incorporated within the
   I2RS framework.




Hares & Chen             Expires August 18, 2014                [Page 9]


Internet-Draft          I2RS Use Cases VCoD VNoD           February 2014


   The current scope for these Automated On-Demand Circuits in the
   IETF's I2RS working group's charter is limited to hub-spoke networks
   and service routing.  This section discusses the progress on the I2RS
   against the use cases, and proposes additional additional Automated
   On-Demand Circuits.

   Current Status of the Automated On-Demand Functionality

   Both the hub-spoke network and service network may include a
   centralized control network element such as
   [I-D.ji-i2rs-usecases-ccne-service].  These centralized control
   network elements may use I2RS access to individual node's RIB
   information via the I2RS RIB Information Model (IM)
   ([I-D.ietf-i2rs-rib-info-model]), or obtain full network topology
   information from other protocols (BGP Route Reflector, PCE
   ([RFC4655]), or ALTO [I-D.bernstein-alto-topo]).  With the recent
   inclusion of ISIS link-state information into BGP TLVs via
   [I-D.ietf-idr-ls-distribution], all of these sources can provide
   centralized service can provide topology maps at the AS and IGP
   level.

   I2RS Information Models (IM) are being proposed which can store:

   o  Network Topologies (IM) [I.D-medved-i2rs-topology-im], and

   o  Service Topologies IM) [I-D.wu-i2rs-IM-service-topo].

   Needed Future On-Demand Networks

   Large Carrier networks utilize MPLS in a variety of forms (LDP,
   static MPLS TE, or dynamic TE LSPS created by RSVP-TE or CR-LDP).
   These MPLS technologies can be used to create Hub-spoke topology and
   service routing in networks in Carriers, Enterprise, and Data
   Centers.  The RIB IM supports logical tunnels of type MPLS as well as
   IP, GRE, VxLAN and GRE.

   Carriers using these MPLS technologies also use these MPLS and IP
   networks to support networks for Mobile BackHaul, on-demand MPLS
   overlays, and on-demand video conferencing networkings.

6.  IANA Considerations

   This document includes no request to IANA.








Hares & Chen             Expires August 18, 2014               [Page 10]


Internet-Draft          I2RS Use Cases VCoD VNoD           February 2014


7.  Security Considerations

   This document has no security issues as it just contains use cases.

8.  References

8.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

8.2.  Informative References

   [I-D.bernstein-alto-topo]
              Bernstein, G., Yang, Y., and Y. Lee, "ALTO Topology
              Service: Uses Cases, Requirements, and Framework", draft-
              bernstein-alto-topo-00 (work in progress), October 2013.

   [I-D.ietf-alto-protocol]
              Alimi, R., Penno, R., and Y. Yang, "ALTO Protocol", draft-
              ietf-alto-protocol-25 (work in progress), January 2014.

   [I-D.ietf-i2rs-architecture]
              Atlas, A., Halpern, J., Hares, S., Ward, D., and T.
              Nadeau, "An Architecture for the Interface to the Routing
              System", draft-ietf-i2rs-architecture-01 (work in
              progress), February 2014.

   [I-D.ietf-i2rs-problem-statement]
              Atlas, A., Nadeau, T., and D. Ward, "Interface to the
              Routing System Problem Statement", draft-ietf-i2rs-
              problem-statement-00 (work in progress), August 2013.

   [I-D.ietf-i2rs-rib-info-model]
              Bahadur, N., Folkes, R., Kini, S., and J. Medved, "Routing
              Information Base Info Model", draft-ietf-i2rs-rib-info-
              model-01 (work in progress), October 2013.

   [I-D.ietf-idr-ls-distribution]
              Gredler, H., Medved, J., Previdi, S., Farrel, A., and S.
              Ray, "North-Bound Distribution of Link-State and TE
              Information using BGP", draft-ietf-idr-ls-distribution-04
              (work in progress), November 2013.








Hares & Chen             Expires August 18, 2014               [Page 11]


Internet-Draft          I2RS Use Cases VCoD VNoD           February 2014


   [I-D.ji-i2rs-usecases-ccne-service]
              Ji, X., Zhuang, S., and T. Huang, "I2RS Use Cases for
              Control of Forwarding Path by Central Control Network
              Element (CCNE)", draft-ji-i2rs-usecases-ccne-service-00
              (work in progress), October 2013.

   [I-D.keyupate-i2rs-bgp-usecases]
              Patel, K., Fernando, R., Gredler, H., and S. Amante, "Use
              Cases for an Interface to BGP Protocol", draft-keyupate-
              i2rs-bgp-usecases-00 (work in progress), March 2013.

   [I-D.white-i2rs-use-case]
              White, R., Hares, S., and A. Retana, "Protocol Independent
              Use Cases for an Interface to the Routing System", draft-
              white-i2rs-use-case-01 (work in progress), August 2013.

   [I-D.wu-i2rs-IM-service-topo]
              Wu, Q., Hares, S., and X. Guan, "An Information Model for
              Network Topologies", ID draft-medved-i2rs-topology-im-01,
              October 2003.

   [I.D-medved-i2rs-topology-im]
              Medved, J., Bahadur, N., Clemm, A., and H.
              Ananthakrishnan, "An Information Model for Network
              Topologies", ID draft-medved-i2rs-topology-im-01, October
              2003.

   [RFC3746]  Yang, L., Dantu, R., Anderson, T., and R. Gopal,
              "Forwarding and Control Element Separation (ForCES)
              Framework", RFC 3746, April 2004.

   [RFC4655]  Farrel, A., Vasseur, J., and J. Ash, "A Path Computation
              Element (PCE)-Based Architecture", RFC 4655, August 2006.

Authors' Addresses

   Susan Hares
   Hickory Hill Consulting
   7453 Hickory Hill
   Saline, MI  48176
   USA

   Email: shares@ndzh.com








Hares & Chen             Expires August 18, 2014               [Page 12]


Internet-Draft          I2RS Use Cases VCoD VNoD           February 2014


   Mach Chen
   Huawei Technologies
   Huawei Bld., No.156 Beiqing Rd.
   Beijing  100095
   China

   Email: mach.chen@huawei.com












































Hares & Chen             Expires August 18, 2014               [Page 13]