Network Working Group W. Cheng
Internet-Draft L. Wang
Intended status: Informational H. Li
Expires: February 2, 2017 China Mobile
K. Liu
Huawei Technologies
S. Davari
Broadcom Corporation
J. Dong
Huawei Technologies
A. D'Alessandro
Telecom Italia
August 1, 2016
Dual-Homing Protection for MPLS and MPLS-TP Pseudowires
draft-ietf-pals-mpls-tp-dual-homing-protection-04
Abstract
This document describes a framework and several scenarios for
Pseudowire (PW) dual-homing local protection. A Dual-Node
Interconnection (DNI) PW is provisioned between the dual-homing
Provider Edge (PE) nodes for carrying traffic when failure occurs in
the Attachment Circuit (AC) or PW side. In order for the dual-homing
PE nodes to determine the forwarding state of AC, PW and the DNI PW,
necessary state exchange and coordination are needed between the
dual-homing PEs. The PW dual-homing local protection mechanism is
complementary to the existing PW protection mechanisms.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on February 2, 2017.
Cheng, et al. Expires February 2, 2017 [Page 1]
Internet-Draft Dual-Homing PW Protection August 2016
Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Reference Models of Dual-homing Local Protection . . . . . . 3
2.1. PE Architecture . . . . . . . . . . . . . . . . . . . . . 3
2.2. Dual-Homing Local Protection Reference Scenarios . . . . 4
2.2.1. One-Side Dual-Homing Protection . . . . . . . . . . . 4
2.2.2. Two-side Dual-Homing Protection . . . . . . . . . . . 6
3. Generic Dual-homing PW Protection Mechanism . . . . . . . . . 8
4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9
5. Security Considerations . . . . . . . . . . . . . . . . . . . 9
6. References . . . . . . . . . . . . . . . . . . . . . . . . . 9
6.1. Normative References . . . . . . . . . . . . . . . . . . 9
6.2. Informative References . . . . . . . . . . . . . . . . . 10
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 10
1. Introduction
[RFC6372] and [RFC6378] describe the framework and mechanism of MPLS-
TP Linear protection, which can provide protection for the MPLS LSP
or pseudowire (PW) between the edge nodes. Such mechanism does not
protect the failure of the Attachment Circuit (AC) or the Provider
Edge (PE) node. [RFC6718] and [RFC6870] describe the framework and
mechanism for PW redundancy to provide protection for AC or PE node
failure. The PW redundancy mechanism is based on the signaling of
Label Distribution Protocol (LDP), which is applicable to PWs with a
dynamic control plane. [I-D.ietf-pals-endpoint-fast-protection]
describes a fast local repair mechanism for PW egress endpoint
failures, which is based on PW redundancy, upstream label assignment
and context specific label switching. Such mechanism is applicable
to PWs with a dynamic control plane.
Cheng, et al. Expires February 2, 2017 [Page 2]
Internet-Draft Dual-Homing PW Protection August 2016
In some scenarios such as mobile backhauling, the MPLS PWs are
provisioned with dual-homing topology, in which at least the CE node
in one side is dual-homed to two PEs. If some fault occurs in the
primary AC, operators usually prefer to have the switchover only in
the dual-homing PE side and keep the working pseudowires unchanged if
possible. This is to avoid massive PW switchover in the mobile
backhaul network due to the AC failure in the mobile core site, which
may in turn lead to congestion due to the migration of traffic from
the paths preferred by the network planners. Similarly, as multiple
PWs share the physical AC in the mobile core site, it is preferable
to keep using the working AC when one working PW fails in PSN
network, which could avoid unnecessary AC switchover for other PWs.
To meet the above requirements, a fast dual-homing PW protection
mechanism is needed to protect against the failures of an AC, the PE
node and the PSN network.
This document describes the framework and several typical scenarios
of pseudowire (PW) dual-homing local protection. A Dual-Node
Interconnection (DNI) PW is provisioned between the dual-homing PE
nodes for carrying traffic when a failure occurs in the AC or PW
side. In order for the dual-homing PE nodes to determine the
forwarding state of AC, PW and DNI PW, necessary state exchange and
coordination between the dual-homing PEs is needed. The mechanism
defined in this document is complementary to the existing protection
mechanisms [RFC6378][RFC6718]. The necessary protocol extensions is
described in a companion document
[I-D.ietf-pals-mpls-tp-dual-homing-coordination].
The proposed mechanism has been implemented and deployed in several
mobile backhaul networks which use static MPLS-TP PWs for the
backhauling of mobile traffic.
2. Reference Models of Dual-homing Local Protection
This section shows the reference architecture of the dual-homing PW
local protection and the usage of the architecture in different
scenarios.
2.1. PE Architecture
Figure 1 shows the PE architecture for dual-homing local protection.
This is based on the architecture in Figure 4a of [RFC3985]. In
addition to the AC and the service PW between the local and remote
PEs, a DNI PW is provisioned to connect the forwarders of the dual-
homing PEs. It can be used to forward traffic between the dual-
homing PEs when some failure occurs in the AC or service PW side. As
[RFC3985] specifies: "any required switching functionality is the
responsibility of a forwarder function", in this case, the forwarder
Cheng, et al. Expires February 2, 2017 [Page 3]
Internet-Draft Dual-Homing PW Protection August 2016
is responsible for switching the payloads between three entities: the
AC, the service PW and the DNI PW. The specific behavior of the
forwarder is determined according to the forwarding state machine
defined in this document.
+----------------------------------------+
| Dual-homing PE Device |
Single +----------------------------------------+
AC | | | Service PW
<------>o Forwarder + Service X<===========>
| | PW |
+--------+--------+ |
| DNI PW | |
+--------X--------+----------------------+
^
| DNI PW
|
V
+--------X-------------------------------+
| Peer Dual-homing PE Device |
+----------------------------------------+
Figure 1: PE Architecture for Dual-homing Protection
2.2. Dual-Homing Local Protection Reference Scenarios
2.2.1. One-Side Dual-Homing Protection
Figure 2 illustrates the network scenario of dual-homing PW local
protection where only one of the CEs is dual-homed to two PE nodes.
CE1 is dual-homed to PE1 and PE2, while CE2 is single-homed to PE3.
A DNI-PW is established between the dual-homing PEs, which is used to
bridge traffic when a failure occurs in the PSN network or in the AC
side. A control mechanism enables the PEs and CE to determine which
AC should be used to carry traffic between CE1 and the PSN network.
These mechanisms/protocols are beyond the scope of this document.
The working and protection PWs can be determined either by
configuration or by existing signaling mechanisms.
This scenario can protect the node failure of PE1 or PE2, or the
failure of one of the ACs between CE1 and the dual-homing PEs. In
addition, dual-homing PW protection can protect the failure occured
in the PSN network which impacts the working PW, thus it can be an
alternative solution of PSN tunnel protection mechanisms. This
topology can be used in mobile backhauling application scenarios.
For example, CE2 might be a cell site equipment such as a NodeB,
whilst CE1 is the shared Radio Network Controller (RNC).
Cheng, et al. Expires February 2, 2017 [Page 4]
Internet-Draft Dual-Homing PW Protection August 2016
the NodeB serves as CE2 while the Radio Network Controller (RNC)
serves as CE1. PE3 works as an access side MPLS device while PE1 and
PE2 works as core side MPLS devices.
|<--------------- Emulated Service --------------->|
| |
| |<------- Pseudo Wire ------>| |
| | | |
| | |<-- PSN Tunnels-->| | |
| V V V V |
V AC1 +----+ +----+ V
+-----+ | | PE1| | | +-----+
| |----------|........PW1.(working).......| | |
| | | | | | | |
| | +-+--+ | | AC3 | |
| | | | | | | |
| CE1 | DNI-PW | |PE3 |----------| CE2 |
| | | | | | |
| | +-+--+ | | | |
| | | | | | | |
| |----------|......PW2.(protection)......| | |
+-----+ | | PE2| | | +-----+
AC2 +----+ +----+
Figure 2. One-side dual-homing PW protection
Consider in normal state AC1 from CE1 to PE1 is initially active and
AC2 from CE1 to PE2 is initially standby, PW1 is the working PW and
PW2 is the protection PW.
When a failure occurs in AC1, then the state of AC2 changes to active
based on some AC redundancy mechanism. In order to keep the
switchover local and continue using PW1 for traffic forwarding which
is preferred according to traffic planning, the forwarder on PE2
needs to connect AC2 to the DNI PW, and the forwarder on PE1 needs to
connect the DNI PW to PW1. In this way the failure in AC1 will not
impact the forwarding of the service PWs across the network. After
the switchover, traffic will go through the bidirectional path: CE1-
(AC2)-PE2-(DNI-PW)-PE1-(PW1)-PE3-(AC3)-CE2.
When a failure in the PSN network affects the working PW (PW1),
according to PW protection mechanisms [RFC6378], traffic is switched
onto the protection PW (PW2), while the state of AC1 remains active.
Then the forwarder on PE1 needs to connect AC1 to the DNI PW, and the
forwarder on PE2 needs to connect the DNI PW to PW2. In this way the
failure in the PSN network will not impact the state of the ACs.
After the switchover, traffic will go through the bidirectional path:
CE1-(AC1)-PE1-(DNI-PW)-PE2-(PW2)-PE3-(AC3)-CE2.
Cheng, et al. Expires February 2, 2017 [Page 5]
Internet-Draft Dual-Homing PW Protection August 2016
When a failure occurs in the working PE (PE1), it is equivalent to
the failures of the working AC, the working PW and the DNI PW. The
state of AC2 changes to active based on the AC redundancy mechanism.
And according to the PW protection mechanism, traffic is switched on
to the protection PW "PW2". In this case the forwarder on PE2 needs
to connect AC2 to PW2. After the switchover, traffic will go through
the bidirectional path: CE1-(AC2)-PE2-(PW2)-PE3-(AC3)-CE2.
2.2.2. Two-side Dual-Homing Protection
Figure 3 illustrates the network scenario of dual-homing PW
protection where the CEs in both sides are dual-homed. CE1 is dual-
homed to PE1 and PE2, and CE2 is dual-homed to PE3 and PE4. A dual-
homing control mechanism enables the PEs and CEs to determine which
AC should be used to carry traffic between CE and the PSN network.
DNI-PWs are provisioned between the dual-homing PEs on both sides.
One service PW is established between PE1 and PE3, another service PW
is established between PE2 and PE4. The role of working and
protection PW can be determined either by configuration or via
existing signaling mechanisms.
This scenario can protect the node failure on one of the dual-homing
PEs, or the failure on one of the ACs between the CEs and their dual-
homing PEs. Meanwhile, dual-homing PW protection can protect the
failure occured in the PSN network which impacts one of the PWs, thus
it can be an alternative solution of PSN tunnel protection
mechanisms. This scenario is mainly used for services of important
business customers. In this case, CE1 and CE2 can be regarded as
service access points.
Cheng, et al. Expires February 2, 2017 [Page 6]
Internet-Draft Dual-Homing PW Protection August 2016
|<---------------- Emulated Service -------------->|
| |
| |<-------- Pseudowire ------>| |
| | | |
| | |<-- PSN Tunnels-->| | |
| V V V V |
V AC1 +----+ +----+ AC3 V
+-----+ | | ...|...PW1.(working)..|... | | +-----+
| |----------| PE1| | PE3|----------| |
| | +----+ +----+ | |
| | | | | |
| CE1 | DNI-PW1 | | DNI-PW2 | CE2 |
| | | | | |
| | +----+ +----+ | |
| | | | | | | |
| |----------| PE2| | PE4|--------- | |
+-----+ | | ...|.PW2.(protection).|... | | +-----+
AC2 +----+ +----+ AC4
Figure 3. Two-side dual-homing PW protection
Consider in normal state, AC1 between CE1 and PE1 is initially active
and AC2 between CE1 and PE2 is initially standby, AC3 between CE2 and
PE3 is initially active and AC4 from CE2 to PE4 is initially standby,
PW1 is the working PW and PW2 is the protection PW.
When a failure occurs in AC1, the state of AC2 changes to active
based on the AC redundancy mechanism. In order to keep the
switchover local and continue using PW1 for traffic forwarding, the
forwarder on PE2 needs to connect AC2 to the DNI-PW1, and the
forwarder on PE1 needs to connect DNI-PW1 with PW1. In this way
failures in the AC side will not impact the forwarding of the service
PWs across the network. After the switchover, traffic will go
through the bidirectional path: CE1-(AC2)-PE2-(DNI-PW1)-PE1-(PW1)-
PE3-(AC3)-CE2.
When a failure occurs in the working PW (PW1), according to the PW
protection mechanism [RFC6378], traffic needs to be switched onto the
protection PW "PW2". In order to keep the state of AC1 and AC3
unchanged, the forwarder on PE1 needs to connect AC1 to DNI-PW1, and
the forwarder on PE2 needs to connect DNI-PW1 to PW2. On the other
side, the forwarder of PE3 needs to connect AC3 to DNI-PW2, and the
forwarder on PE4 needs to connect PW2 to DNI-PW2. In this way, the
state of the ACs will not be impacted by the failure in the PSN
network. After the switchover, traffic will go through the
bidirectional path: CE1-(AC1)-PE1-(DNI-PW1)-PE2-(PW2)-PE4-(DNI-PW2)-
PE3-(AC3)-CE2.
Cheng, et al. Expires February 2, 2017 [Page 7]
Internet-Draft Dual-Homing PW Protection August 2016
When a failure occurs in the working PE (PE1), it is equivalent to
the failures of the working AC, the working PW and the DNI PW. The
state of AC2 changes to active based on the AC redundancy mechanism.
And according to the PW protection mechanism, traffic is switched on
to the protection PW "PW2". In this case the forwarder on PE2 needs
to connect AC2 to PW2, and the forwarder on PE4 needs to connect PW2
to DNI-PW2. After the switchover, traffic will go through the
bidirectional path: CE1-(AC2)-PE2-(PW2)-PE4-(DNI-PW2)-PE3-(AC3)-CE2.
3. Generic Dual-homing PW Protection Mechanism
As shown in the above scenarios, with the described dual-homing PW
protection, failures in the AC side will not impact the forwarding
behavior of the PWs in the PSN network, and vice-versa. This is
achieved by properly setting the forwarding state between the
following entities:
o AC
o Service PW
o DNI PW
The forwarding behavior of the dual-homing PE nodes are determined by
the forwarding state machine as shown in table 1:
+-----------+---------+--------+---------------------+
|Service PW | AC | DNI PW | Forwarding Behavior |
+-----------+---------+--------+---------------------+
| Active | Active | Up |Service PW <-> AC |
+-----------+---------+--------+---------------------+
| Active | Standby | Up |Service PW <-> DNI PW|
+-----------+---------+--------+---------------------+
| Standby | Active | Up | DNI PW <-> AC |
+-----------+---------+--------+---------------------+
| Standby | Standby | Up | Drop all packets |
+-----------+---------+--------+---------------------+
| Active | Active | Down |Service PW <-> AC |
+-----------+---------+--------+---------------------+
| Active | Standby | Down | Drop all packets |
+-----------+---------+--------+---------------------+
| Standby | Active | Down | Drop all packets |
+-----------+---------+--------+---------------------+
| Standby | Standby | Down | Drop all packets |
+-----------+---------+--------+---------------------+
Table 1. Dual-homing PE Forwarding State Machine
Cheng, et al. Expires February 2, 2017 [Page 8]
Internet-Draft Dual-Homing PW Protection August 2016
In order for the dual-homing PEs to coordinate the traffic forwarding
during the failures, synchronization of the status information of the
involved entities and coordination of switchover between the dual-
homing PEs are needed. For PWs with a dynamic control plane, such
information synchronization and coordination can be achieved with a
dynamic protocol, such as [RFC7275], possibly with some extensions.
For PWs which are manually configured without a control plane, a new
mechanism is needed to exchange the status information and coordinate
switchover between the dual-homing PEs, e.g. over an embedded PW
control channel. This is described in a companion document
[I-D.ietf-pals-mpls-tp-dual-homing-coordination].
4. IANA Considerations
This document does not require any IANA action.
5. Security Considerations
The mechanism defined in this document do not affect the security
model as defined in [RFC3985].
With the proposed protection mechanism, the disruption of a dual-
homed AC, a component which is outside the core network, would have a
reduced impact on the traffic flows in the core network, which could
also avoid unnecessary congestion in the core network.
The security consideration of the DNI PW is exactly the same as for
Service PWs in the data plane. The co-ordination/control mechanism
will have its security analysis in the document that defines the
mechanism.
6. References
6.1. Normative References
[I-D.ietf-pals-mpls-tp-dual-homing-coordination]
Cheng, W., Wang, L., Li, H., Liu, K., Davari, S., Dong,
J., and A. D'Alessandro, "Dual-Homing Coordination for
MPLS Transport Profile (MPLS-TP) Pseudowires Protection",
draft-ietf-pals-mpls-tp-dual-homing-coordination-03 (work
in progress), June 2016.
[RFC3985] Bryant, S., Ed. and P. Pate, Ed., "Pseudo Wire Emulation
Edge-to-Edge (PWE3) Architecture", RFC 3985,
DOI 10.17487/RFC3985, March 2005,
<http://www.rfc-editor.org/info/rfc3985>.
Cheng, et al. Expires February 2, 2017 [Page 9]
Internet-Draft Dual-Homing PW Protection August 2016
6.2. Informative References
[I-D.ietf-pals-endpoint-fast-protection]
Shen, Y., Aggarwal, R., Henderickx, W., and Y. Jiang, "PW
Endpoint Fast Failure Protection", draft-ietf-pals-
endpoint-fast-protection-03 (work in progress), June 2016.
[RFC6372] Sprecher, N., Ed. and A. Farrel, Ed., "MPLS Transport
Profile (MPLS-TP) Survivability Framework", RFC 6372,
DOI 10.17487/RFC6372, September 2011,
<http://www.rfc-editor.org/info/rfc6372>.
[RFC6378] Weingarten, Y., Ed., Bryant, S., Osborne, E., Sprecher,
N., and A. Fulignoli, Ed., "MPLS Transport Profile (MPLS-
TP) Linear Protection", RFC 6378, DOI 10.17487/RFC6378,
October 2011, <http://www.rfc-editor.org/info/rfc6378>.
[RFC6718] Muley, P., Aissaoui, M., and M. Bocci, "Pseudowire
Redundancy", RFC 6718, DOI 10.17487/RFC6718, August 2012,
<http://www.rfc-editor.org/info/rfc6718>.
[RFC6870] Muley, P., Ed. and M. Aissaoui, Ed., "Pseudowire
Preferential Forwarding Status Bit", RFC 6870,
DOI 10.17487/RFC6870, February 2013,
<http://www.rfc-editor.org/info/rfc6870>.
[RFC7275] Martini, L., Salam, S., Sajassi, A., Bocci, M.,
Matsushima, S., and T. Nadeau, "Inter-Chassis
Communication Protocol for Layer 2 Virtual Private Network
(L2VPN) Provider Edge (PE) Redundancy", RFC 7275,
DOI 10.17487/RFC7275, June 2014,
<http://www.rfc-editor.org/info/rfc7275>.
Authors' Addresses
Weiqiang Cheng
China Mobile
No.32 Xuanwumen West Street
Beijing 100053
China
Email: chengweiqiang@chinamobile.com
Cheng, et al. Expires February 2, 2017 [Page 10]
Internet-Draft Dual-Homing PW Protection August 2016
Lei Wang
China Mobile
No.32 Xuanwumen West Street
Beijing 100053
China
Email: Wangleiyj@chinamobile.com
Han Li
China Mobile
No.32 Xuanwumen West Street
Beijing 100053
China
Email: Lihan@chinamobile.com
Kai Liu
Huawei Technologies
Huawei Base, Bantian, Longgang District
Shenzhen 518129
China
Email: alex.liukai@huawei.com
Shahram Davari
Broadcom Corporation
3151 Zanker Road
San Jose 95134-1933
United States
Email: davari@broadcom.com
Jie Dong
Huawei Technologies
Huawei Campus, No. 156 Beiqing Rd.
Beijing 100095
China
Email: jie.dong@huawei.com
Cheng, et al. Expires February 2, 2017 [Page 11]
Internet-Draft Dual-Homing PW Protection August 2016
Alessandro D'Alessandro
Telecom Italia
via Reiss Romoli, 274
Torino 10148
Italy
Email: alessandro.dalessandro@telecomitalia.it
Cheng, et al. Expires February 2, 2017 [Page 12]