Internet-Draft | Network Slice Service YANG Model | July 2023 |
Wu, et al. | Expires 8 January 2024 | [Page] |
- Workgroup:
- TEAS
- Internet-Draft:
- draft-ietf-teas-ietf-network-slice-nbi-yang-05
- Published:
- Intended Status:
- Standards Track
- Expires:
A YANG Data Model for the IETF Network Slice Service
Abstract
This document defines a YANG data model for the IETF Network Slice Service. The model can be used in the IETF Network Slice Service interface between a customer and a provider that offers IETF Network Slices.¶
Status of This Memo
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 8 January 2024.¶
Copyright Notice
Copyright (c) 2023 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
1. Introduction
This document defines a YANG [RFC7950] data model for the IETF Network Slice Service as defined in [I-D.ietf-teas-ietf-network-slices].¶
This YANG module can be used in the IETF Network Slice Service Interface exposed by a provider to its customers in order to manage (e.g., subscribe, delete, or change) IETF Network Slice Services. The agreed service will then trigger the appropriate IETF Network Slice operation, such as instantiating, modifying, or deleting an IETF Network Slice.¶
As discussed in [I-D.ietf-teas-ietf-network-slices], the mapping between an IETF Network Slice Service and its realization is implementation and deployment specific.¶
The IETF Network Slice Service YANG model focuses on the requirements of an IETF Network Slice Service from the point of view of the customer, not how it is implemented by a provider. The module is classified as customer service model (Section 2 of [RFC8309]).¶
The IETF Network Slice Service YANG model conforms to the Network Management Datastore Architecture [RFC8342].¶
Editorial Note: (To be removed by RFC Editor)¶
This draft contains several placeholder values that need to be replaced with finalized values at the time of publication. Please apply the following replacements:¶
2. Conventions used in this document
The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP14, [RFC2119], [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
The following terms are defined in [RFC6241] and are used in this specification:¶
This document makes use of the terms defined in [RFC7950].¶
This document also makes use of the terms defined in [I-D.ietf-teas-ietf-network-slices]:¶
- Attachment Circuit (AC): See Section 3.1 [I-D.ietf-teas-ietf-network-slices].¶
- Connectivity Construct: See Section 2.1 and Section 3.2 [I-D.ietf-teas-ietf-network-slices].¶
- Customer: See Section 3.2 [I-D.ietf-teas-ietf-network-slices].¶
- Customer Higher-level Operation System: See Section 6.3.1 [I-D.ietf-teas-ietf-network-slices].¶
- Service Demarcation Point (SDP): See Section 2.1 and Section 4.2 [I-D.ietf-teas-ietf-network-slices].¶
In addition, this document defines the following term:¶
-
Connection Group: An arbitrary collection of one or more connectivity constructs for administrative purposes, such as the following:¶
- Combine multiple connectivity constructs to support the well-known connectivity service types, such as bidirectional unicast service, multipoint-to-point (MP2P) service, hub-and-spoke service etc.¶
- Assign the same SLO/SLE policies to multiple connectivity constructs unless SLO/SLE policy is explicitly overridden at the individual connectivity construct level.¶
- Share specific SLO limits within multiple connectivity constructs.¶
2.1. Acronyms
The following acronyms are used in the document:¶
- A2A
- Any-to-any¶
- AC
- Attachment Circuit¶
- CE
- Customer Edge¶
- NSC
- Network Slice Controller¶
- NSSM
- Network Slice Service Model¶
- MTU
- Maximum Transmission Unit¶
- PE
- Provider Edge¶
- P2P
- Point-to-point¶
- P2MP
- Point-to-multipoint¶
- QoS
- Quality of Service¶
- SDP
- Service Demarcation Point¶
- SLE
- Service Level Expectation¶
- SLO
- Service Level Objective¶
3. IETF Network Slice Service Overview
As defined in Section 3.2 of [I-D.ietf-teas-ietf-network-slices], an IETF Network Slice Service is specified in terms of a set of SDPs, a set of one or more connectivity constructs between subsets of these SDPs, and a set of SLOs and SLEs for each SDP sending to each connectivity construct. A communication type (point- to-point (P2P), point-to-multipoint (P2MP), or any-to-any (A2A)) is specified for each connectivity construct.¶
The SDPs serve as the IETF Network Slice ingress/egress points. An SDP is identified by a unique identifier in the context of an IETF Network Slice Service.¶
Examples of IETF Network Slice Services that contain only one connectivity construct are shown in Figure 1.¶
An example of IETF Network Slice Services that contain multiple connectivity constructs are shown in Figure 2.¶
As shown in Figure 2, the IETF Network Slice Service 4 contains two P2P connectivity constructs between the set of SDPs. The IETF network slice service 5 is a bidirectional unicast service between SDP14 and SDP15 that consists of two unidirectional P2P connectivity constructs.¶
4. IETF Network Slice Service Model Usage
The NSSM can be used by a provider to expose its Slice Service, and by a customer to manage its IETF Network Slices Services (e.g., request, delete, or change). The details about how service requests are handled by the provider, including which network operations are triggered, are internal to the provider. The details of the IETF Network Slices realization are hidden from customers.¶
The IETF Network Slices are applicable to use cases, such as (but not limited to) network wholesale services, network infrastructure sharing among operators, NFV (Network Function Virtualization) connectivity, Data Center Interconnect, and 5G E2E network slice.¶
The IETF Network Slice Controller (NSC) is an entity that exposes the IETF Network Slice Service Interface to customers to manage IETF Network Slice Services. Typically, the NSC receives requests from its customer-facing interface (e.g., from a management system). During service creation, this interface can carry data objects the IETF Network Slice Service customer provides, describing the needed IETF network slices service in terms of a set of SDPs, the associated connectivity constructs and the service objectives that the customer wishes to be fulfilled. These service requirements are then translated into technology-specific actions that are implemented in the underlying network using a network-facing interface. The details of how the IETF Network Slices are put into effect are out of scope for this document.¶
As shown in Figure 3, in all the use cases, the model is used by the customer's higher level operation system to communicate with the NSC for life cycle management of IETF Network Slices including both enablement and monitoring. For example, in the 5G E2E (End-to-end) network slicing use-case the E2E network slice orchestrator acts as the higher layer system to request the IETF Network Slices. The interface is used to support dynamic IETF Network Slice creation and its lifecycle management to facilitate end-to-end network slice services.¶
Note: The model can be recursive (hierarchical mode), i.e. an NSSM can map a child NSSM. As described in Section A.5 of [I-D.ietf-teas-ietf-network-slices], the IETF Network Slice can support a recursive composite architecture that allows one layer of IETF network slices to be used by other layers.¶
5. IETF Network Slice Service Modeling Description
The "ietf-network-slice-service" module includes two main data nodes: "slice-service" and "slo-sle-templates" (see Figure 4).¶
The "slice-service" list includes the set of IETF Network Slice Services that are maintained by a provider. "slice-service" is the data structure that abstracts the IETF Network Slice Service. Under the "slice-service", the "sdp" list is used to abstract the SDPs. The "connection-group" is used to abstract connectivity constructs between SDPs.¶
The "slo-sle-templates" container is used by an NSC to maintain a set of common network slice SLO and SLE templates that apply to one or several IETF Network Slice Services.¶
The tree diagrams used in this document follow the notation defined in [RFC8340].¶
The figure below describes the overall structure of the YANG module:¶
5.1. IETF Network Slice Service SLO and SLE Templates
The "slo-sle-templates" container (Figure 4) is used by the service provider of the NSC to define and maintain a set of common IETF Network Slice templates that apply to one or several IETF Network Slice Services. The exact definition of the templates is deployment specific to each network provider.¶
+--rw slo-sle-templates +--rw slo-sle-template* [id] +--rw id string +--rw description? string +--rw template-ref? leafref +--rw slo-policy | +--rw metric-bound* [metric-type] | | +--rw metric-type identityref | | +--rw metric-unit string | | +--rw value-description? string | | +--rw percentile-value? percentile | | +--rw bound? uint64 | +--rw availability? decimal64 | +--rw mtu? uint16 +--rw sle-policy +--rw security* identityref +--rw isolation* identityref +--rw max-occupancy-level? uint8 +--rw steering-constraints +--rw path-constraints +--rw service-function¶
The model includes the identifiers of SLO and SLE templates and the common attributes defined in [I-D.ietf-teas-ietf-network-slices]. Considering that there are many attributes defined and some attributes could vary with service requirements, e.g., bandwidth, or latency, multiple standard templates as well as custom "service-slo-sle-policy" are defined:¶
- 1:
- Standard template with no attribute specified: The exact definition of the templates is deployment specific to the provider.¶
- 2:
- Standard template with attributes specified: Provides the customers with the ability to define templates, or reference a predefined template "template-ref" and override specific attributes, and apply them to NS service configuration.¶
- 3:
- Custom "service-slo-sle-policy": More description is provided in Section 5.2.3.¶
The following shows an example where two network slice templates can be retrieved by the customers:¶
{ "network-slice-services": { "slo-sle-templates": { "slo-sle-template": [ { "id": "PLATINUM-template", "description": "Two-way bandwidth: 1 Gbps,\ 95th percentile latency 50ms", "slo-policy": { "metric-bound": [ { "metric-type": "service-slo-two-way-delay-percentile", "metric-unit": "milliseconds", "percentile-value": "95", "bound": "50" } ] }, "sle-policy": { "isolation": ["service-traffic-isolation"] } }, { "id": "GOLD-template", "description": "Two-way bandwidth: 1 Gbps,\ maximum latency 100ms", "slo-policy": { "metric-bound": [ { "metric-type": "service-slo-two-way-delay-maximum", "metric-unit": "milliseconds", "bound": "100" } ] }, "sle-policy": { "isolation": ["service-traffic-isolation"] } } ] } } } ========== NOTE: '\' line wrapping per RFC 8792 ===========¶
5.2. IETF Network Slice Services
The "slice-service" is the data structure that abstracts an IETF Network Slice Service. Each "slice-service" is uniquely identified by an identifier: "service-id" in the context of an NSC.¶
An IETF Network Slice Service has the following main parameters:¶
- "id": Is an identifier that is used to uniquely identify the IETF Network Slice Service within an NSC.¶
- "description": Gives some description of an IETF Network Slice Service.¶
- "status": Is used to show the operative and administrative status of the IETF Network Slice Service, and can be used as indicator to detect network slice anomalies.¶
- "service-tags": Indicates a management tag (e.g. "customer-name" ) that is used to correlate the operational information of "Customer higher level operation system" and IETF network slices. It might be used by IETF Network Slice Service operator to provide additional information to the NSC during the automation of the IETF network slices. E.g. adding tags with "customer-name" when multiple actual customers use a same network slice service. Another use-case for "service-tag" might be for an operator to provide additional attributes to NSC which might be used during the realization of IETF Network Slice Services such as type of services (e.g., L2 or L3). These additional attributes can also be used by the NSC for various use-cases such as monitoring and assurance of the IETF Network Slice Services where NSC can notify the customer system by issuing the notifications. Note that all these attributes are OPTIONAL but might be useful for some use-cases.¶
- "slo-sle-policy": Defines SLO and SLE policies for the "slice-service". More details are provided in Section 5.2.3.¶
- "sdp": Represents a set of SDPs that are involved in the IETF Network Slice Service with each "sdp" belonging to a single "slice-service". More details are provided in Section 5.2.1.¶
- "connection-groups": Abstracts the connections to the set of SDPs of the IETF Network Slice Service.¶
5.2.1. IETF Network Slice Service Demarcation Points
An SDP belong to a single IETF Network Slice Service. An IETF Network Slice Service involves two or more SDPs. An IETF Network Slice Service can be modified by adding new "sdp" or removing existing "sdp".¶
+--rw sdps +--rw sdp* [id] +--rw id string +--rw description? string +--rw location | ... +--rw node-id? string +--rw sdp-ip-address* inet:ip-address +--rw tp-ref? leafref +--rw service-match-criteria | ... +--rw incoming-qos-policy | ... +--rw outgoing-qos-policy | ... +--rw sdp-peering | ... +--rw ac-svc-name* string +--rw attachment-circuits | ... +--rw status | ... +--ro sdp-monitoring ...¶
Section 5.2 of [I-D.ietf-teas-ietf-network-slices] describes four possible ways in which the SDP may be placed:¶
Although there are four options, they can be categorized into two: CE-based or PE-based. To simplify the model, the NSC and the customer's system can agree on the choice of these two types without marking the type on each SDP.¶
In the four options, the Attachment Circuit (AC) may be part of the IETF Network Slice Service or may be external to it. Based on the definition of AC in Section 3.2 of [I-D.ietf-teas-ietf-network-slices], the customer and provider may agree on a per {IETF Network Slice Service, connectivity construct, and SLOs/SLEs} basis to police or shape traffic on the AC in both the ingress (CE to PE) direction and egress (PE to CE) direction, which ensures that the traffic is within the capacity profile that is agreed in an IETF Network Slice Service. Excess traffic is dropped by default, unless specific out-of-profile policies are agreed between the customer and the provider.¶
To abstract the SDP options and SLOs/SLEs profiles, an SDP has several characteristics:¶
- "id": Uniquely identifies the SDP within the Network Slice Controller (NSC). The identifier is a string that allows any encoding for the local administration of the IETF Network Slice Service.¶
- "location": Indicates SDP location information, which helps the NSC to identify an SDP.¶
- "node-id": A reference to the node that hosts the SDP, which helps the NSC to identify an SDP.¶
- "sdp-ip": The SDP IP information, which helps the NSC to identify an SDP.¶
- "incoming-qos-policy" and "outgoing-qos-policy": Sets the incoming and outgoing QoS policies to apply on a given SDP, including QoS policy and specific ingress and egress traffic limits to ensure access security. When applied in the incoming direction, the rate-limit is applicable to the traffic from the SDP to the IETF scope Network that passes through the AC. When Bandwidth is applied to the outgoing direction, it is applied to the traffic from the IETF Network to the SDP of that particular slice service. If an SDP has multiple ACs, the "rate-limits" of "attachment-circuit" can be set to an AC specific value, but the rate cannot exceed the "rate-limits" of the SDP. If an SDP only contains a single AC, then the "rate-limits" of "attachment-circuit" is the same with the SDP. The definition of AC refers to Section 3.1 [I-D.ietf-teas-ietf-network-slices].¶
- "ac-svc-name": Indicates the names of AC services, for association purposes, to refer to the ACs that have been created.¶
- "attachment-circuit": Specifies the list of ACs by which the service traffic is received. This is an optional SDP attribute. When an SDP has multiple ACs and the AC specific attributes is needed, each "attachment-circuit" can specify attributes such as interface specific IP addresses, service MTU, etc.¶
-
"sdp-peering": Specifies the protocol for an SDP for exchanging control-plane information, e.g. L1 signaling protocol or L3 routing protocols, etc.¶
- "peer-sap-id": Indicates the references to the remote endpoints of attachment circuits. This information can be used for correlation purposes, such as identifying Service Attachment Points (SAPs) defined in [I-D.ietf-opsawg-sap], which defines a model of an abstract view of the provider network topology that contains the points from which the services can be attached.¶
- "protocols": Serves as an augmentation target. Appendix A The example protocols of an SDP can be BGP, static routing, etc.¶
- "status": Enables the control of the operative and administrative status of the SDP, can be used as indicator to detect SDP anomalies.¶
- "service-match-criteria": Defines matching policies for network slice service traffic to apply on a given SDP.¶
Depending on the requirements of different cases, "service-match-criteria" can be used for the following purposes:¶
- Specify the AC type: physical or logical connection¶
- Distinguish the SDP traffic if the SDP is located in the CE or PE¶
- Distinguish the traffic of different CGs or CCs when multiple CGs/CCs of different SLO/SLE may be set up between the same pair of SDPs, as illustrated in Figure 5. Traffic needs to be explicitly mapped into the IETF Network Slice's specific connectivity construct. The policies, "service-match-criteria", are based on the values in which combination of layer 2 and layer 3 header and payload fields within a packet to identify to which {IETF Network Slice Service, connectivity construct, and SLOs/SLEs} that packet is assigned.¶
- Define specific out-of-profile policies: The customer may choose to use an explicit "service-match-criteria" to map all the SDP's traffic or a subset of the SDP's traffic to a specific connection-group or connectivity-construct. If a subset of traffic is matched (e.g. dscp-match) and mapped to a connectivity-construct, the customer may choose to add a subsequent "match-any" to explicitly map the remaining SDP traffic to a separate connectivity-construct. If the customer chooses to implicitly map remaining traffic and if there is no additional connectivity constructs where the "sdp-id" source is specified, then that traffic will be dropped.¶
If an SDP is placed at the port or AC of a CE or PE, and there is only one single connectivity construct with a source at the SDP, traffic can be implicitly mapped to this connectivity construct since the port or AC can be used to identify the traffic and the SDP is the only source of the connectivity-construct. Appendix B.1 shows an example of both the implicit and explicit approaches.¶
While explicit matching is optional in some use cases, it provides a more clear and readable implementation, but the choice is left to the operator.¶
To illustrate the use of SDP options, the below are two examples. How the NSC realize the mapping is out of scope for this document.¶
-
SDPs at customer-facing ports on the PEs: As shown in Figure 6 , customer of the IETF network slice service would like to connect two SDPs to satisfy specific service, e.g., Network wholesale services. In this case, the IETF network slice SDPs are mapped to customer-facing ports of PE nodes. The NSC uses "node-id" (PE device ID), "attachment-circuit" (ACs) to map SDPs to the customer-facing ports on the PEs.¶
-
SDPs within CEs: As shown in Figure 7 , customer of the IETF network slice service would like to connect two SDPs to provide connectivity between transport portion of 5G RAN to 5G Core network functions. In this scenario, the NSC uses "node-id" (CE device ID), "sdp-ip" (IP of SDP for management), "service-match-criteria" (VLAN tag), "attachment-circuit" (CE ACs) to map SDPs to the CE. The NSC can use these CE parameters (and optionally the "peer-sap-id") to retrieve the corresponding PE device, interface and AC mapping details to complete the end-to-end network slice service provisioning (the implementation details are left to the NSC provider).¶
5.2.2. IETF Network Slice Service Connectivity Constructs
Based on the customer's service traffic requirements, an IETF Network Slice Service connectivity type could be point-to-point (P2P), point-to-multipoint (P2MP), any-to-any (A2A) or a combination of these types.¶
+--rw connection-groups +--rw connection-group* [id] +--rw id string +--rw connectivity-type? identityref +--rw (slo-sle-policy)? | +--:(standard) | | +--rw slo-sle-template? -> /network-slice-services/slo-sle-templates/slo-sle-template/id | +--:(custom) | +--rw service-slo-sle-policy | ... +--rw service-slo-sle-policy-override? identityref +--rw connectivity-construct* [id] | +--rw id uint32 | +--rw (type)? | | +--:(p2p) | | | ... | | +--:(p2mp) | | | ... | | +--:(a2a) | | ... | +--rw (slo-sle-policy)? | | +--:(standard) | | | ... | | +--:(custom) | | ... | +--rw service-slo-sle-policy-override? identityref¶
[I-D.ietf-teas-ietf-network-slices] defines the basic connectivity construct for a network slice, and the connectivity construct may have different SLO and SLE requirements. "connectivity-construct" represents this connectivity construct, and "slo-sle-policy" under it represents the per-connectivity construct SLO and SLE requirements.¶
Apart from the per-connectivity construct SLO and SLE, slice service traffic is usually managed by combining similar types of traffic. For example, some connections for video services require high bandwidth, and some connections for voice over IP request low latency and reliability.¶
"connection-group" is thus defined to treat each type as a class with per-connection-group SLO and SLE such that the connectivity construct can inherit the SLO/SLE from the group if not explicitly defined. Additionally, in the case of hub and spoke connectivity, it may be inefficient when there are a large number of SDP with the multiple CCs. As illustrated in Appendix B.3, "connectivity-type" of "vpn-common:hub-spoke" and "connection-group-sdp-role" of "vpn-common:hub-role" or "vpn-common:spoke-role" can be specified.¶
5.2.3. IETF Network Slice Service SLO and SLE Policy
As defined in section 4 [I-D.ietf-teas-ietf-network-slices], the SLO and SLE policy of an IETF Network Slice Service defines some common attributes.¶
"slo-sle-policy" is used to represent specific SLO and SLE policies. During the creation of an IETF Network Slice Service, the policy can be specified either by a standard SLO and SLO template or a customized SLO and SLE policy.¶
The policy can apply to per-network slice service, per-connection group "connection group", or per-connectivity construct "connectivity-construct". Since there are multiple mechanisms for assigning a policy to a single connectivity construct, an override precedence order among them is as follows:¶
- Connectivity-construct at an individual sending SDP¶
- Connectivity-construct¶
- Connection-group¶
- Slice-level¶
That is, the policy assigned through the sending SDP has highest precedence, and the policy assigned by the slice level has lowest precedence. Therefore, the policy assigned through the sending SDP takes precedence over the policy assigned through the connection-construct entry. Appendix B.5 gives an example of the preceding policy, which shows a slice service having an A2A connectivity as default and several specific SLO connections.¶
The SLO attributes are as follows, including performance metric attributes, availability, and MTU.¶
The list "metric-bound" supports the generic performance metric variations and the combinations and each "metric-bound" could specify a particular "metric-type". "metric-type" is defined with YANG identity and supports the following options:¶
- "service-slo-one-way-bandwidth": Indicates the guaranteed minimum bandwidth between any two SDPs. And the bandwidth is unidirectional.¶
- "service-slo-two-way-bandwidth": Indicates the guaranteed minimum bandwidth between any two SDPs. And the bandwidth is bidirectional.¶
- "service-slo-one-way-delay-maximum": Indicates the maximum one-way latency between two SDPs.¶
- "service-slo-two-way-delay-maximum": Indicates the maximum round-trip latency between two SDPs.¶
- "service-slo-one-way-delay-percentile": Indicates the percentile objective of the one-way latency between two SDPs.¶
- "service-slo-two-way-delay-percentile": Indicates the percentile objective of the round-trip latency between two SDPs.¶
- "service-slo-one-way-delay-variation-maximum": Indicates the jitter constraint of the slice maximum permissible delay variation, and is measured by the difference in the one-way latency between sequential packets in a flow.¶
- "service-slo-two-way-delay-variation-maximum": Indicates the jitter constraint of the slice maximum permissible delay variation, and is measured by the difference in the two-way latency between sequential packets in a flow.¶
- "service-slo-one-way-delay-variation-percentile": Indicates the percentile objective of the delay variation, and is measured by the difference in the one-way latency between sequential packets in a flow.¶
- "service-slo-two-way-delay-variation-percentile": Indicates the percentile objective of the delay variation, and is measured by the difference in the two-way latency between sequential packets in a flow.¶
- "service-slo-one-way-packet-loss": Indicates maximum permissible packet loss rate, which is defined by the ratio of packets dropped to packets transmitted between two SDPs.¶
- "service-slo-two-way-packet-loss": Indicates maximum permissible packet loss rate, which is defined by the ratio of packets dropped to packets transmitted between two SDPs.¶
"availability": Specifies service availability defined as the ratio of uptime to the sum of uptime and downtime, where uptime is the time the IETF Network Slice is available in accordance with the SLOs associated with it.¶
"mtu": Refers to the service MTU. The service provider MUST support customer traffic using any PDU up to this size.¶
The following common SLEs are defined:¶
- "security": The security leaf-list defines the list of security functions the customer requests the operator to apply to traffic between the two SDPs, including authentication, encryption, etc.¶
- "isolation": Specifies the isolation types that a customer expects.¶
- "max-occupancy-level": Specifies the number of flows that the operator admits.¶
- "steering-constraints": Specifies the constraints the customer requests the operator to route traffic for the IETF Network Slice Service.¶
The following shows an example where a network slice policy can be configured:¶
{ "slice-services": { "slice-service": { "id": "exp-slice", "service-slo-sle-policy": { "description": "video-service-policy", "slo-policy": { "metric-bound": [ { "metric-type": "service-slo-one-way-bandwidth", "metric-unit": "Mbps", "bound": "1000" }, { "metric-type": "service-slo-two-way-delay-maximum", "metric-unit": "milliseconds", "bound": "10" } ], "availability": "ietf-network-slice-service:level-4", "mtu": "1500" } } } } }¶
For more complex slicing scenarios, for example a multiple connectivity-construct slice service, an "override" option is provided to completely override all or part of the slo-sle template with new values. For example, if a particular connection-group or a connectivity-construct has a unique bandwidth or latency setting, that are different from those defined in the slice-service, a new set of SLOs/SLEs with full or partial override can be applied. In the case of partial override, only the newly specified parameters are replaced from the original template, while maintaining on pre-existing parameters not specified. While a full override removes all pre-existing parameters, and in essence starts a new set of SLOs/SLEs which are specified. The "service-slo-sle-policy-override" is used to specify the requirements.¶
5.2.4. IETF Network Slice Service Monitoring
An IETF Network Slice Service defines connectivity with specific SLO characteristics, including bandwidth, latency, etc. The connectivity is a combination of logical unidirectional connections, represented by "connectivity-construct".¶
This model also describes operational and performance status of an IETF Network Slice. The statistics are described in the following granularity:¶
- Per SDP: specified in "sdp-monitoring" under the "sdp".¶
- Per connectivity construct: specified in "connectivity-construct-monitoring" under the "connectivity-construct".¶
- Per connection group: specified in "connection-group-monitoring" under the "connection-group".¶
This model does not define monitoring enabling methods. The mechanism defined in [RFC8640] and [RFC8641] can be used for either periodic or on-demand subscription.¶
By specifying subtree filters or xpath filters to "sdp", "connectivity-construct", or "connection-group", so that only interested contents will be sent. These mechanisms can be used for monitoring the IETF Network Slice performance status so that the customer management system could initiate modification based on the IETF Network Slice running status.¶
5.2.5. IETF Network Slice Service on Custom Topology
The IETF Network Slice customer might ask for some level of control of, e.g., to customize the service paths in a network slice.¶
Section 3.13 in [RFC8345] defines abstract topology concept to accommodate both the provider's resource capability and the customer's preferences. The abstract topology is a topology that contains abstract topological elements (nodes, links, termination points). The following nodes are the extensions for this use case¶
- "custom-topology-ref": The container under the list "slice-service" is defined to reference the prebuilt topology as a customized topology constraint for a slice service.¶
- "tp-ref": A reference to Termination Point (TP) in the custom topology, under the list "sdp", is used to associate an SDP with the customized topology to create point-to-point abstract links. These abstract links can be used as the underlying links of the connectivity-construct when a NS service is created.¶
The model can be extended if some implementations require path control with specific constraints.¶
5.2.6. IETF Network Slice Service Compute
An NS is, by default, provisioned so that it can instantiated and deliver the service. The IETF Network Slice customer may check the feasibility before instantiating a Network Slice Service. In such a case, the NS is configured in "compute-only" mode to distinguish it from the default behavior.¶
A "compute-only" NS is configured as usual with the associated per slice SLOs/SLEs. The NSC computes the feasible CC to the configured SLOs/SLEs. This computation does not create a NS or reserve any resources in the system, it simply computes the resulting NS based on information. The Network Slice "administrative-status" and the CG or CC list are used to convey the result. For example, "admin-pre-deployment" can be used to show the status.¶
+--------+ +--------+ |customer| | NSC | +--------+ +--------+ | | | | | configuration compute-only | compute the NS |---------------------------------------->| as per the | | SDPs and | | SLOs/SLEs | | | HTTP 200 (Computed NS and Status ) | |<----------------------------------------| | |¶
6. IETF Network Slice Service Module
The "ietf-network-slice" module uses types defined in [RFC6991], [RFC8345], [RFC9181], [RFC8776], and [RFC7640].¶
<CODE BEGINS> file "ietf-network-slice-service@2023-07-07.yang" module ietf-network-slice-service { yang-version 1.1; namespace "urn:ietf:params:xml:ns:yang:ietf-network-slice-service"; prefix ietf-nss; import ietf-inet-types { prefix inet; reference "RFC 6991: Common YANG Types"; } import ietf-vpn-common { prefix vpn-common; reference "RFC 9181: A Common YANG Data Model for Layer 2 and Layer 3 VPNs"; } import ietf-network { prefix nw; reference "RFC 8345: A YANG Data Model for Network Topologies"; } import ietf-network-topology { prefix nt; reference "RFC 8345: A YANG Data Model for Network Topologies, Section 6.2"; } /* Import TE Types */ import ietf-te-types { prefix te-types; reference "RFC 8776: Common YANG Data Types for Traffic Engineering"; } import ietf-te-packet-types { prefix te-packet-types; reference "RFC 8776: Common YANG Data Types for Traffic Engineering"; } organization "IETF Traffic Engineering Architecture and Signaling (TEAS) Working Group"; contact "WG Web: <https://tools.ietf.org/wg/teas/> WG List: <mailto:teas@ietf.org> Editor: Bo Wu <lana.wubo@huawei.com> Editor: Dhruv Dhody <dhruv.ietf@gmail.com> Editor: Reza Rokui <reza.rokui@nokia.com> Editor: Tarek Saad <tsaad@cisco.com> Author: Liuyan Han <hanliuyan@chinamobile.com> Editor: John Mullooly <jmullool@cisco.com>"; description "This module defines a model for the IETF Network Slice Service. Copyright (c) 2023 IETF Trust and the persons identified as authors of the code. All rights reserved. Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Revised BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info). This version of this YANG module is part of RFC XXXX; see the RFC itself for full legal notices."; revision 2023-07-07 { description "Initial revision."; reference "RFC XXXX: A YANG Data Model for the IETF Network Slice Service"; } /* Features */ /* Identities */ identity service-tag-type { description "Base identity for IETF Network Slice Service tag type."; } identity service-tag-customer { base service-tag-type; description "The IETF Network Slice Service customer ID tag type."; } identity service-tag-service { base service-tag-type; description "The IETF Network Slice Service tag type,e.g. L2 or L3 service."; } identity service-tag-opaque { base service-tag-type; description "The IETF Network Slice Service opaque tag type."; } identity attachment-circuit-tag-type { description "Base identity for the attachment circuit tag type."; } identity attachment-circuit-tag-vlan-id { base attachment-circuit-tag-type; description "The attachment circuit VLAN ID tag type. e.g. dot1Q or QinQ VLAN IDs."; } identity attachment-circuit-tag-ip-mask { base attachment-circuit-tag-type; description "The attachment circuit tag IP mask."; } identity service-isolation-type { description "Base identity for IETF Network Slice Service isolation type."; } identity service-traffic-isolation { base service-isolation-type; description "Specify the requirement for separating the traffic of the customer's IETF Network Slice Service from other services, which may be provided by the service provider using VPN technologies, such as L3VPN, L2VPN, EVPN, etc."; } identity service-security-type { description "Base identity for IETF Network Slice Service security type."; } identity service-security-authenticate { base service-security-type; description "Indicates the slice service requires authentication."; } identity service-security-integrity { base service-security-type; description "Indicates the slice service requires data integrity."; } identity service-security-encryption { base service-security-type; description "Indicates the slice service requires data encryption."; } identity point-to-point { base vpn-common:vpn-topology; description "Identity for point-to-point IETF Network Slice Service connectivity."; } identity point-to-multipoint { base vpn-common:vpn-topology; description "Identity for point-to-multipoint IETF Network Slice Service connectivity."; } identity multipoint-to-multipoint { base vpn-common:vpn-topology; description "Identity for multipoint-to-multipoint IETF Network Slice Service connectivity."; } identity multipoint-to-point { base vpn-common:vpn-topology; description "Identity for multipoint-to-point IETF Network Slice Service connectivity."; } identity sender-role { base vpn-common:role; description "An SDP is acting as a sender."; } identity receiver-role { base vpn-common:role; description "An SDP is acting as a receiver."; } identity service-slo-metric-type { description "Base identity for IETF Network Slice Service SLO metric type."; } identity service-slo-one-way-bandwidth { base service-slo-metric-type; description "SLO bandwidth metric. Minimum guaranteed bandwidth between two SDPs at any time and is measured unidirectionally."; } identity service-slo-two-way-bandwidth { base service-slo-metric-type; description "SLO bandwidth metric. Minimum guaranteed bandwidth between two SDPs at any time."; } identity service-slo-shared-bandwidth { base service-slo-metric-type; description "The shared SLO bandwidth bound. It is the limit on the bandwidth that can be shared amongst a group of connectivity constructs of a slice service."; } identity service-slo-one-way-delay-maximum { base service-slo-metric-type; description "The SLO objective of this metric is the upper bound of network delay when transmitting between two SDPs. The metric is defined in RFC7679."; } identity service-slo-one-way-delay-percentile { base service-slo-metric-type; description "The SLO objective of this metric is percentile objective of network delay when transmitting between two SDPs. The metric is defined in RFC7679."; } identity service-slo-two-way-delay-maximum { base service-slo-metric-type; description "SLO two-way delay is the upper bound of network delay when transmitting between two SDPs. The metric is defined in RFC2681."; } identity service-slo-two-way-delay-percentile { base service-slo-metric-type; description "The SLO objective of this metric is the percentile objective of network delay when the traffic transmitting between two SDPs. The metric is defined in RFC2681."; } identity service-slo-one-way-delay-variation-maximum { base service-slo-metric-type; description "The SLO objective of this metric is maximum bound of the difference in the one-way delay between sequential packets between two SDPs. The metric of one-way delay variation is defined in RFC3393."; } identity service-slo-one-way-delay-variation-percentile { base service-slo-metric-type; description "The SLO objective of this metric is the percentile objective in the one-way delay between sequential packets between two SDPs. One-way delay variation percentile is defined by RFC3393."; } identity service-slo-two-way-delay-variation-maximum { base service-slo-metric-type; description "SLO two-way delay variation defined by RFC5481, is the difference in the round-trip delay between sequential packets between two SDPs."; } identity service-slo-two-way-delay-variation-percentile { base service-slo-metric-type; description "The delay variation percentile is defined by RFC5481. The SLO objective of this metric is the percentile objective in the round-trip delay between sequential packets between two SDPs."; } identity service-slo-one-way-packet-loss { base service-slo-metric-type; description "SLO loss metric. The ratio of packets dropped to packets transmitted between two SDPs in one-way over a period of time as specified in RFC7680."; } identity service-slo-two-way-packet-loss { base service-slo-metric-type; description "SLO loss metric. The ratio of packets dropped to packets transmitted between two SDPs in two-way over a period of time as specified in RFC7680."; } identity service-match-type { description "Base identity for IETF Network Slice Service traffic match type."; } /* * Identity for availability-type */ identity availability-type { description "Base identity from which specific availability types are derived."; } identity level-1 { base availability-type; description "level 1: 99.9999%"; } identity level-2 { base availability-type; description "level 2: 99.999%"; } identity level-3 { base availability-type; description "level 3: 99.99%"; } identity level-4 { base availability-type; description "level 4: 99.9%"; } identity level-5 { base availability-type; description "level 5: 99%"; } identity service-phy-interface-match { base service-match-type; description "Use the physical interface as match criteria for slice service traffic."; } identity service-vlan-match { base service-match-type; description "Use the VLAN ID as match criteria for the slice service traffic."; } identity service-label-match { base service-match-type; description "Use the MPLS label as match criteria for the slice service traffic."; } identity service-source-ip-prefix-match { base service-match-type; description "Use source ip prefix as match criteria for the slice service traffic. Examples of 'value' of this match type is '192.0.2.0/24' and '2001:db8::1/64'."; } identity service-destination-ip-prefix-match { base service-match-type; description "Use destination ip prefix as match criteria for the slice service traffic. Examples of 'value' of this match type is '203.0.113.1/32', '2001:db8::2/128'."; } identity service-dscp-match { base service-match-type; description "Use DSCP in the IP packet header as match criteria for the slice service traffic."; } identity service-acl-match { base service-match-type; description "Use Access Control List (ACL) as match criteria for the slice service traffic."; reference "RFC 8519: YANG Data Model for Network Access Control Lists (ACLs)"; } identity service-any-match { base service-match-type; description "Match all slice service traffic."; } identity slo-sle-policy-override { description "Base identity for SLO/SLE policy override options."; } identity slo-sle-policy-full-override { base slo-sle-policy-override; description "The policy of SLO/SLE(s) that is defined at a child level override a parent SLO/SLE policy, which means that no SLO/SLE(s) are inherited from parent if a child SLO/SLE policy exists."; } identity slo-sle-policy-partial-override { base slo-sle-policy-override; description "The policy of SLO/SLE(s) that is defined at a child level updates the parent SLO/SLE policy. For example, if a specific SLO is defined at the child level, that specific SLO overrides the one inherited from a parent SLO/SLE policy, while all other SLOs in the parent SLO-SLE policy still apply."; } /* typedef */ typedef percentile { type decimal64 { fraction-digits 3; range "0..100"; } description "The percentile is a value between 0 and 100 to 3 decimal places, e.g. 10.000, 99.900 ,99.990, etc. For example, for a given one-way delay measurement, if the percentile is set to 95.000 and the 95th percentile one-way delay is 2 milliseconds, then the 95 percent of the sample value is less than or equal to 2 milliseconds."; } /* grouping */ grouping service-slos { description "Directly Measurable Objectives of a slice service."; container slo-policy { description "Contains the SLO policy."; list metric-bound { key "metric-type"; description "List of slice service metric bounds."; leaf metric-type { type identityref { base service-slo-metric-type; } description "Identifies an entry in the list of metric type bounds for the slice service."; } leaf metric-unit { type string; mandatory true; description "The metric unit of the parameter. For example, s, ms, ns, and so on."; } leaf value-description { type string; description "The description of previous value."; } leaf percentile-value { type percentile; description "The percentile value of the metric type."; } leaf bound { type uint64; default "0"; description "The Bound on the slice service connection metric. A zero indicate an unbounded upper limit for the specific metric-type."; } } leaf availability { type identityref { base availability-type; } description "Service availability level"; } leaf mtu { type uint16; units "bytes"; description "The MTU specifies the maximum length in octets of data packets of the slice service. The value needs to be less than or equal to the minimum MTU value of all 'attachment-circuits' in the SDPs."; } } } grouping service-sles { description "Indirectly Measurable Objectives of a slice service."; container sle-policy { description "Contains the SLE policy."; leaf-list security { type identityref { base service-security-type; } description "The security functions that the customer requests the operator to apply to traffic between the two SDPs."; } leaf-list isolation { type identityref { base service-isolation-type; } description "The slice service isolation requirement."; } leaf max-occupancy-level { type uint8 { range "1..100"; } description "The maximal occupancy level specifies the number of flows to be admitted."; } container steering-constraints { description "Container for the policy of steering constraints applicable to the slice service."; container path-constraints { description "Container for the policy of path constraints applicable to the slice service."; } container service-function { description "Container for the policy of service function applicable to the slice service."; } } } } grouping sdp-peering { description "A grouping for the slice service SDP peering."; container sdp-peering { description "Describes SDP peering attributes."; leaf peer-sap-id { type string; description "Indicates a reference to the remote endpoints of an attachment circuit. This information can be used for correlation purposes, such as identifying a service attachment point (SAP) of a provider equipment when requesting a service with CE based SDP attributes."; } container protocols { description "Serves as an augmentation target. Protocols can be augmented into this container, e.g. BGP, static routing."; } } } grouping sdp-attachment-circuits { description "Grouping for the SDP attachment circuit definition."; container attachment-circuits { description "List of attachment circuit."; list attachment-circuit { key "id"; description "The IETF Network Slice service SDP attachment circuit related parameters."; leaf id { type string; description "Uniquely identifier a attachment circuit."; } leaf ac-svc-name { type string; description "Indicates an attachment circuit service name, for association purposes, to refer to an AC that has been created before the slice creation. This node can override 'ac-svc-name' of the parent SDP."; } leaf description { type string; description "The attachment circuit description."; } leaf ac-node-id { type string; description "The attachment circuit node ID in the case of multi-homing."; } leaf ac-tp-id { type string; description "The termination port ID of the attachment circuit."; } leaf ac-ipv4-address { type inet:ipv4-address; description "The IPv4 address of the AC."; } leaf ac-ipv4-prefix-length { type uint8; description "The IPv4 subnet prefix length expressed in bits."; } leaf ac-ipv6-address { type inet:ipv6-address; description "The IPv6 address of the AC."; } leaf ac-ipv6-prefix-length { type uint8; description "The IPv6 subnet prefix length expressed in bits."; } leaf mtu { type uint16; units "bytes"; description "Maximum size in octets of the slice service data packet that can traverse an SDP."; } container ac-tags { description "Container for the attachment circuit tags."; list ac-tags { key "tag-type"; description "The attachment circuit tags list."; leaf tag-type { type identityref { base attachment-circuit-tag-type; } description "The attachment circuit tag type."; } leaf-list value { type string; description "The attachment circuit tag values. For example, the tag may indicate 'c-vlan' and 's-vlan'."; } } } /* Per ac rate limits */ uses service-qos; uses sdp-peering; uses vpn-common:service-status; } } } grouping sdp-monitoring-metrics { description "Grouping for the SDP monitoring metrics."; container sdp-monitoring { config false; description "Container for SDP monitoring metrics."; leaf incoming-bw-value { type te-types:te-bandwidth; description "Indicates, in octets per second, incoming bandwidth at an SDP."; } leaf incoming-bw-percent { type decimal64 { fraction-digits 5; range "0..100"; } units "percent"; mandatory true; description "Indicates a percentage of the incoming bandwidth at an SDP."; } leaf outgoing-bw-value { type te-types:te-bandwidth; description "Indicates, in octets per second, outgoing bandwidth at an SDP."; } leaf outgoing-bw-percent { type decimal64 { fraction-digits 5; range "0..100"; } units "percent"; mandatory true; description "Indicates a percentage of the outgoing bandwidth at an SDP."; } } } grouping connectivity-construct-monitoring-metrics { description "Grouping for connectivity construct monitoring metrics."; uses te-packet-types:one-way-performance-metrics-packet; uses te-packet-types:two-way-performance-metrics-packet; } grouping geolocation-container { description "A grouping containing a GPS location."; container location { description "A container containing a GPS location."; leaf altitude { type int64; units "millimeter"; description "Distance above the sea level."; } leaf latitude { type decimal64 { fraction-digits 8; range "-90..90"; } description "Relative position north or south on the Earth's surface."; } leaf longitude { type decimal64 { fraction-digits 8; range "-180..180"; } description "Angular distance east or west on the Earth's surface."; } } // gps-location } // geolocation-container grouping bw-rate-limits { description "Bandwidth rate limits grouping."; reference "RFC 7640: Traffic Management Benchmarking"; leaf cir { type uint64; units "bps"; description "Committed Information Rate. The maximum number of bits that a port can receive or send during one-second over an interface."; } leaf cbs { type uint64; units "bytes"; description "Committed Burst Size. CBS controls the bursty nature of the traffic. Traffic that does not use the configured CIR accumulates credits until the credits reach the configured CBS."; } leaf eir { type uint64; units "bps"; description "Excess Information Rate, i.e., excess frame delivery allowed not subject to SLA. The traffic rate can be limited by EIR."; } leaf ebs { type uint64; units "bytes"; description "Excess Burst Size. The bandwidth available for burst traffic from the EBS is subject to the amount of bandwidth that is accumulated during periods when traffic allocated by the EIR policy is not used."; } leaf pir { type uint64; units "bps"; description "Peak Information Rate, i.e., maximum frame delivery allowed. It is equal to or less than sum of CIR and EIR."; } leaf pbs { type uint64; units "bytes"; description "Peak Burst Size."; } } grouping service-qos { description "The rate limits grouping."; container incoming-qos-policy { description "Container for the asymmetric traffic control."; leaf qos-policy-name { type string; description "The name of the QoS policy that is applied to the attachment circuit. The name can reference a QoS profile that is pre-provisioned on the device."; } container rate-limits { description "Container for the asymmetric traffic control."; uses bw-rate-limits; } } container outgoing-qos-policy { description "The QoS policy imposed on outgoing traffic."; leaf qos-policy-name { type string; description "The name of the QoS policy that is applied to the attachment circuit. The name can reference a QoS profile that is pre-provisioned on the device."; } container rate-limits { description "The rate-limit imposed on outgoing traffic."; uses bw-rate-limits; } } } grouping sdp { description "Slice service SDP related information"; leaf id { type string; description "Unique identifier for the referred slice service SDP."; } leaf description { type string; description "Give more description of the SDP."; } uses geolocation-container; leaf node-id { type string; description "Uniquely identifies an edge node of the SDP."; } leaf-list sdp-ip-address { type inet:ip-address; description "IPv4 or IPv6 address of the SDP."; } leaf tp-ref { type leafref { path "/nw:networks/nw:network[nw:network-id =current()/../../" + "../custom-topology-ref/network-ref]/" + "nw:node/nt:termination-point/nt:tp-id"; } description "A reference to Termination Point (TP) in the custom topology"; reference "RFC 8345: A YANG Data Model for Network Topologies"; } container service-match-criteria { description "Describes the slice service match criteria."; list match-criterion { key "index"; description "List of the slice service traffic match criteria."; leaf index { type uint32; description "The entry index."; } leaf match-type { type identityref { base service-match-type; } mandatory true; description "Identifies an entry in the list of the slice service match criteria."; } leaf-list value { type string; description "Describes the slice service match criteria, e.g. IP prefix, VLAN, etc."; } leaf target-connection-group-id { type leafref { path "../../../../../ietf-nss:connection-groups" + "/ietf-nss:connection-group" + "/ietf-nss:id"; } mandatory true; description "Reference to the slice service connection group."; } leaf connection-group-sdp-role { type identityref { base vpn-common:role; } default "vpn-common:any-to-any-role"; description "Specifies the role of SDP in the connection group When the service connection type is MP2MP, such as hub and spoke service connection type. In addition, this helps to create connectivity construct automatically , rather than explicitly specifying each one."; } leaf target-connectivity-construct-id { type leafref { path "/ietf-nss:network-slice-services" + "/ietf-nss:slice-service" + "/ietf-nss:connection-groups" + "/ietf-nss:connection-group[id" + "=current()/../target-connection-group-id]" + "/ietf-nss:connectivity-construct/ietf-nss:id"; } description "Reference to a Network Slice connection construct."; } } } uses service-qos; container sdp-peering { description "Describes SDP peering attributes."; leaf-list peer-sap-id { type string; description "Indicates the reference to the remote endpoints of the attachment circuits. This information can be used for correlation purposes, such as identifying service attachment points (SAPs) of provider equipments when requesting a service with CE based SDP attributes."; } container protocols { description "Serves as an augmentation target. Protocols can be augmented into this container, e.g. BGP, static routing."; } } leaf-list ac-svc-name { type string; description "Indicates the attachment circuit service name, for association purposes, to refer to ACs that have been created before the slice creation."; } uses sdp-attachment-circuits; uses vpn-common:service-status; uses sdp-monitoring-metrics; } //service-sdp grouping connectivity-construct { description "Grouping for slice service connectivity construct."; list connectivity-construct { key "id"; description "List of connectivity constructs."; leaf id { type uint32; description "The connectivity construct identifier."; } choice type { default "p2p"; description "Choice for connectivity construct type."; case p2p { description "P2P connectivity construct."; leaf p2p-sender-sdp { type leafref { path "../../../../sdps/sdp/id"; } description "Reference to a sender SDP."; } leaf p2p-receiver-sdp { type leafref { path "../../../../sdps/sdp/id"; } description "Reference to a receiver SDP."; } } case p2mp { description "P2MP connectivity construct."; leaf p2mp-sender-sdp { type leafref { path "../../../../sdps/sdp/id"; } description "Reference to a sender SDP."; } leaf-list p2mp-receiver-sdp { type leafref { path "../../../../sdps/sdp/id"; } description "Reference to a receiver SDP."; } } case a2a { description "A2A connectivity construct."; list a2a-sdp { key "sdp-id"; description "List of included A2A SDPs."; leaf sdp-id { type leafref { path "../../../../../sdps/sdp/id"; } description "Reference to an SDP."; } uses service-slo-sle-policy; } } } uses service-slo-sle-policy; /* Per connectivity construct service-slo-sle-policy * overrides the per slice service-slo-sle-policy. */ uses service-slo-sle-policy-override; uses vpn-common:service-status; container connectivity-construct-monitoring { config false; description "SLO status per connectivity construct."; uses connectivity-construct-monitoring-metrics; } } } //connectivity-construct grouping connection-group { description "Grouping for slice service connection group."; leaf id { type string; description "The connection group identifier."; } leaf connectivity-type { type identityref { base vpn-common:vpn-topology; } default "vpn-common:any-to-any"; description "Connection group connectivity type."; } uses service-slo-sle-policy; uses service-slo-sle-policy-override; uses connectivity-construct; /* Per connection group service-slo-sle-policy overrides * the per slice service-slo-sle-policy. */ container connection-group-monitoring { config false; description "SLO status per connection group."; uses connectivity-construct-monitoring-metrics; } } //connection-group grouping slice-service-template { description "Grouping for slice service templates."; container slo-sle-templates { description "Contains a set of slice service templates."; list slo-sle-template { key "id"; description "List for SLO and SLE template identifiers."; leaf id { type string; description "Identification of the Service Level Objective (SLO) and Service Level Expectation (SLE) template to be used. Local administration meaning."; } leaf description { type string; description "Description of the SLO and SLE policy template."; } leaf template-ref { type leafref { path "/ietf-nss:network-slice-services" + "/ietf-nss:slo-sle-templates" + "/ietf-nss:slo-sle-template" + "/ietf-nss:id"; } description "The reference to a standard template. When set it indicates the base template over which further SLO/SLE policy changes are made."; } uses service-slos; uses service-sles; } } } /* Configuration data nodes */ grouping service-slo-sle-policy { description "Slice service policy grouping."; choice slo-sle-policy { description "Choice for SLO and SLE policy template. Can be standard template or customized template."; case standard { description "Standard SLO template."; leaf slo-sle-template { type leafref { path "/ietf-nss:network-slice-services" + "/ietf-nss:slo-sle-templates" + "/ietf-nss:slo-sle-template" + "/ietf-nss:id"; } description "Standard SLO and SLE template to be used."; } } case custom { description "Customized SLO and SLE template."; container service-slo-sle-policy { description "Contains the SLO and SLE policy."; leaf description { type string; description "Description of the SLO and SLE policy."; } uses service-slos; uses service-sles; } } } } grouping service-slo-sle-policy-override { description "Slice service policy override grouping."; leaf service-slo-sle-policy-override { type identityref { base slo-sle-policy-override; } default "ietf-nss:slo-sle-policy-full-override"; description "SLO/SLE policy override option."; } } container network-slice-services { description "Contains a list of IETF network slice services"; uses slice-service-template; list slice-service { key "id"; description "A slice service is identified by a service id."; leaf id { type string; description "A unique slice service identifier."; } leaf description { type string; description "Textual description of the slice service."; } container service-tags { description "Container for the list of service tags."; list tag-type { key "tag-type"; description "The service tag list."; leaf tag-type { type identityref { base service-tag-type; } description "Slice service tag type."; } leaf-list value { type string; description "The tag values, e.g. customer names when multiple customers sharing same slice service in 5G scenario."; } } } uses service-slo-sle-policy; leaf compute-only { type empty; description "When present, the slice is computed. No resources are committed or reserved in the network."; } uses vpn-common:service-status; container sdps { description "Slice service SDPs."; list sdp { key "id"; min-elements 2; uses sdp; description "List of SDPs in this slice service."; } } container connection-groups { description "Contains connections group."; list connection-group { key "id"; description "List of connection groups."; uses connection-group; } } container custom-topology-ref { description "Container for the custom topology reference."; uses nw:network-ref; } } //ietf-network-slice-service list } } <CODE ENDS>¶
7. Security Considerations
The YANG module defined in this document is designed to be accessed via network management protocols such as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest NETCONF layer is the secure transport layer, and the mandatory-to-implement secure transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer is HTTPS, and the mandatory-to-implement secure transport is TLS [RFC8446].¶
The NETCONF access control model [RFC8341] provides the means to restrict access for particular NETCONF or RESTCONF users to a preconfigured subset of all available NETCONF or RESTCONF protocol operations and content.¶
There are a number of data nodes defined in this YANG module that are writable/creatable/deletable (i.e., config true, which is the default). These data nodes may be considered sensitive or vulnerable in some network environments. Write operations (e.g., edit-config) to these data nodes without proper protection can have a negative effect on network operations.¶
o /ietf-network-slice-service/network-slice-services/slice-service¶
The entries in the list above include the whole network configurations corresponding with the slice service which the higher management system requests, and indirectly create or modify the PE or P device configurations. Unexpected changes to these entries could lead to service disruption and/or network misbehavior.¶
8. IANA Considerations
This document registers a URI in the IETF XML registry [RFC3688]. Following the format in [RFC3688], the following registration is requested to be made:¶
URI: urn:ietf:params:xml:ns:yang:ietf-network-slice-service Registrant Contact: The IESG. XML: N/A, the requested URI is an XML namespace.¶
This document requests to register a YANG module in the YANG Module Names registry [RFC7950].¶
Name: ietf-network-slice-service Namespace: urn:ietf:params:xml:ns:yang:ietf-network-slice-service Prefix: ietf-nss Reference: RFC XXXX¶
9. Acknowledgments
The authors wish to thank Mohamed Boucadair, Kenichi Ogaki, Sergio Belotti, Qin Wu, Yao Zhao, Susan Hares, Eric Grey, Daniele Ceccarelli, Ryan Hoffman, Adrian Farrel, Aihua Guo, Italo Busi, and many others for their helpful comments and suggestions.¶
10. Contributors
The following authors contributed significantly to this document:¶
Luis M. Contreras Telefonica Spain Email: luismiguel.contrerasmurillo@telefonica.com¶
11. References
11.1. Normative References
- [RFC2119]
- Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, , <https://www.rfc-editor.org/info/rfc2119>.
- [RFC3688]
- Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, DOI 10.17487/RFC3688, , <https://www.rfc-editor.org/info/rfc3688>.
- [RFC6241]
- Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., and A. Bierman, Ed., "Network Configuration Protocol (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, , <https://www.rfc-editor.org/info/rfc6241>.
- [RFC6242]
- Wasserman, M., "Using the NETCONF Protocol over Secure Shell (SSH)", RFC 6242, DOI 10.17487/RFC6242, , <https://www.rfc-editor.org/info/rfc6242>.
- [RFC6991]
- Schoenwaelder, J., Ed., "Common YANG Data Types", RFC 6991, DOI 10.17487/RFC6991, , <https://www.rfc-editor.org/info/rfc6991>.
- [RFC7950]
- Bjorklund, M., Ed., "The YANG 1.1 Data Modeling Language", RFC 7950, DOI 10.17487/RFC7950, , <https://www.rfc-editor.org/info/rfc7950>.
- [RFC8040]
- Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF Protocol", RFC 8040, DOI 10.17487/RFC8040, , <https://www.rfc-editor.org/info/rfc8040>.
- [RFC8174]
- Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, , <https://www.rfc-editor.org/info/rfc8174>.
- [RFC8340]
- Bjorklund, M. and L. Berger, Ed., "YANG Tree Diagrams", BCP 215, RFC 8340, DOI 10.17487/RFC8340, , <https://www.rfc-editor.org/info/rfc8340>.
- [RFC8341]
- Bierman, A. and M. Bjorklund, "Network Configuration Access Control Model", STD 91, RFC 8341, DOI 10.17487/RFC8341, , <https://www.rfc-editor.org/info/rfc8341>.
- [RFC8342]
- Bjorklund, M., Schoenwaelder, J., Shafer, P., Watsen, K., and R. Wilton, "Network Management Datastore Architecture (NMDA)", RFC 8342, DOI 10.17487/RFC8342, , <https://www.rfc-editor.org/info/rfc8342>.
- [RFC8345]
- Clemm, A., Medved, J., Varga, R., Bahadur, N., Ananthakrishnan, H., and X. Liu, "A YANG Data Model for Network Topologies", RFC 8345, DOI 10.17487/RFC8345, , <https://www.rfc-editor.org/info/rfc8345>.
- [RFC8446]
- Rescorla, E., "The Transport Layer Security (TLS) Protocol Version 1.3", RFC 8446, DOI 10.17487/RFC8446, , <https://www.rfc-editor.org/info/rfc8446>.
- [RFC8640]
- Voit, E., Clemm, A., Gonzalez Prieto, A., Nilsen-Nygaard, E., and A. Tripathy, "Dynamic Subscription to YANG Events and Datastores over NETCONF", RFC 8640, DOI 10.17487/RFC8640, , <https://www.rfc-editor.org/info/rfc8640>.
- [RFC8641]
- Clemm, A. and E. Voit, "Subscription to YANG Notifications for Datastore Updates", RFC 8641, DOI 10.17487/RFC8641, , <https://www.rfc-editor.org/info/rfc8641>.
- [RFC8776]
- Saad, T., Gandhi, R., Liu, X., Beeram, V., and I. Bryskin, "Common YANG Data Types for Traffic Engineering", RFC 8776, DOI 10.17487/RFC8776, , <https://www.rfc-editor.org/info/rfc8776>.
- [RFC9181]
- Barguil, S., Gonzalez de Dios, O., Ed., Boucadair, M., Ed., and Q. Wu, "A Common YANG Data Model for Layer 2 and Layer 3 VPNs", RFC 9181, DOI 10.17487/RFC9181, , <https://www.rfc-editor.org/info/rfc9181>.
11.2. Informative References
- [I-D.boro-opsawg-teas-attachment-circuit]
- Boucadair, M., Roberts, R., de Dios, O. G., Barguil, S., and B. Wu, "YANG Data Models for 'Attachment Circuits'-as-a-Service (ACaaS)", Work in Progress, Internet-Draft, draft-boro-opsawg-teas-attachment-circuit-06, , <https://datatracker.ietf.org/doc/html/draft-boro-opsawg-teas-attachment-circuit-06>.
- [I-D.boro-opsawg-teas-common-ac]
- Boucadair, M., Roberts, R., de Dios, O. G., Barguil, S., and B. Wu, "A Common YANG Data Model for Attachment Circuits", Work in Progress, Internet-Draft, draft-boro-opsawg-teas-common-ac-02, , <https://datatracker.ietf.org/doc/html/draft-boro-opsawg-teas-common-ac-02>.
- [I-D.ietf-opsawg-sap]
- Boucadair, M., de Dios, O. G., Barguil, S., Wu, Q., and V. Lopez, "A YANG Network Model for Service Attachment Points (SAPs)", Work in Progress, Internet-Draft, draft-ietf-opsawg-sap-15, , <https://datatracker.ietf.org/doc/html/draft-ietf-opsawg-sap-15>.
- [I-D.ietf-teas-actn-vn-yang]
- Lee, Y., Dhody, D., Ceccarelli, D., Bryskin, I., and B. Y. Yoon, "A YANG Data Model for Virtual Network (VN) Operations", Work in Progress, Internet-Draft, draft-ietf-teas-actn-vn-yang-18, , <https://datatracker.ietf.org/doc/html/draft-ietf-teas-actn-vn-yang-18>.
- [I-D.ietf-teas-ietf-network-slices]
- Farrel, A., Drake, J., Rokui, R., Homma, S., Makhijani, K., Contreras, L. M., and J. Tantsura, "A Framework for IETF Network Slices", Work in Progress, Internet-Draft, draft-ietf-teas-ietf-network-slices-21, , <https://datatracker.ietf.org/doc/html/draft-ietf-teas-ietf-network-slices-21>.
- [I-D.liu-teas-transport-network-slice-yang]
- Liu, X., Tantsura, J., Bryskin, I., Contreras, L. M., Wu, Q., Belotti, S., Rokui, R., Guo, A., and I. Busi, "IETF Network Slice Topology YANG Data Model", Work in Progress, Internet-Draft, draft-liu-teas-transport-network-slice-yang-06, , <https://datatracker.ietf.org/doc/html/draft-liu-teas-transport-network-slice-yang-06>.
- [RFC7640]
- Constantine, B. and R. Krishnan, "Traffic Management Benchmarking", RFC 7640, DOI 10.17487/RFC7640, , <https://www.rfc-editor.org/info/rfc7640>.
- [RFC8309]
- Wu, Q., Liu, W., and A. Farrel, "Service Models Explained", RFC 8309, DOI 10.17487/RFC8309, , <https://www.rfc-editor.org/info/rfc8309>.
Appendix A. Augmentation Considerations
The NSSM defines the minimum attributes of slice services. In some scenarios, further extension, e.g. the definition of AC technology specific attributes and the "isolation" SLE characteristics are required.¶
For AC technology specific attributes, if the customer and provider need to agree, through configuration, on the technology parameter values, such as the protocol types and protocol parameters between the PE and the CE. The following shows an example where BGP and static routing are augmented to the Network Slice Service model. The protocol types and definitions can reference [I-D.boro-opsawg-teas-common-ac].¶
augment /ietf-nss:network-slice-services/ietf-nss:slice-service/ietf-nss:sdps\ /ietf-nss:sdp/ietf-nss:sdp-peering/ietf-nss:protocols: +--rw bgp-attributes | +--rw description? string | +--rw peer-as? inet:as-number | +--rw neighbor* inet:ip-address +--rw static-attributes +--rw cascaded-lan-prefixes +--rw ip-lan-prefixes* [lan next-hop] +--rw lan inet:ip-prefix +--rw next-hop union ...¶
In some scenarios, for example, when multiple slice services share one or more ACs, independent AC services, defined in [I-D.boro-opsawg-teas-attachment-circuit], can be used.¶
For "isolation" SLE characteristics, the following identities can be defined.¶
identity service-interference-isolation-dedicated { base service-isolation-type; description "Specify the requirement that the slice service is not impacted by the existence of other customers or services in the same network, which may be provided by the service provider using dedicatd network resources, similar to a dedicated private network."; }¶
Appendix B. Examples of Network Slice Services
B.1. Example-1: Two A2A Slice Services with different match approaches
The following example describes a simplified service configuration of two IETF Network slice instances where the SDPs are the customer-facing ports on the PE:¶
- IETF Network Slice 1 on SDP1, SDP11a, and SDP4, with an A2A connectivity type. This is a L3 slice service and using the uniform low latency "slo-sle-template" policy between all SDPs. These SDPs will also have AC eBGP peering sessions with unmanaged CE elements (not shown) using an AC augmentation model such as the one shown above.¶
- IETF Network Slice 2 on SDP2, SDP11b, with A2A connectivity type. This is a L3 slice service and using the uniform high bandwidth "slo-sle-template" policy between all SDPs.¶
Slice 1 uses the explicit match approach for mapping SDP traffic to a "connectivity-construct", while slice 2 uses the implicit approach. Both approaches are supported.¶
Note: These two slices both use service-tags of "L3". This "service-tag" is operator defined and has no specific meaning in the YANG model other to give a hint to the NSC on the service expectation being L3 forwarding. In other examples we may choose to eliminate it. The usage of this tag is arbitrary and up to the operator and the NSC on it's need and usage.¶
+--------+ 192.0.2.1/26 |CE1 o------/ VLAN100 +--------+ | SDP1 +------+ +--------+ +------o| PE A+---------------+ |CE2 o-------/-----o| | | +--------+ SDP2 +---+--+ | 198.51.100.1/26| | 192.0.2.129/26 VLAN200 | +---+--+ VLAN100 | | | SDP4 +--------+ | |PE C o-----/-----o CE21 | +--------+ 192.0.2.65/26 | +---+--+ +--------+ | o------/ VLAN101 | | | | | SDP11a+---+---+ | |CE11 | +------o|PE B +--------------+ | o-------/-----o| | +--------+ SDP11b+------ + 198.51.100.65/26 VLAN201¶
{ "data": { "ietf-network-slice-service:network-slice-services": { "slo-sle-templates": { "slo-sle-template": [ { "id": "high-BW-template", "description": "take the highest BW forwarding path" }, { "id": "low-latency-template", "description": "lowest possible latency forwarding behavior" } ] }, "slice-service": [ { "id": "slice1", "description": "example slice1", "service-tags": { "tag-type": [ { "tag-type": "ietf-network-slice-service:service-tag-service", "value": ["L3"] } ] }, "slo-sle-template": "low-latency-template", "status": { }, "sdps": { "sdp": [ { "id": "1", "node-id": "PE-A", "service-match-criteria": { "match-criterion": [ { "index": 1, "match-type": "ietf-network-slice-service:service-any-match", "target-connection-group-id": "matrix1", "target-connectivity-construct-id": 1 } ] }, "attachment-circuits": { "attachment-circuit": [ { "id": "ac1", "description": "AC1 connected to device 1", "ac-node-id": "PE-A", "ac-tp-id": "GigabitEthernet5/0/0/0.100", "ac-ipv4-address": "192.0.2.1", "ac-ipv4-prefix-length": 26, "ac-tags": { "ac-tags": [ { "tag-type": "ietf-nss:attachment-circuit-tag-vlan-id", "value": ["100"] } ] }, "status": { } } ] }, "status": { } }, { "id": "3a", "node-id": "PE-B", "service-match-criteria": { "match-criterion": [ { "index": 1, "match-type": "ietf-network-slice-service:service-any-match", "target-connection-group-id": "matrix1", "target-connectivity-construct-id": 1 } ] }, "attachment-circuits": { "attachment-circuit": [ { "id": "ac3a", "description": "AC3a connected to device 3", "ac-node-id": "PE-B", "ac-tp-id": "GigabitEthernet8/0/0/4.101", "ac-ipv4-address": "192.0.2.65", "ac-ipv4-prefix-length": 26, "ac-tags": { "ac-tags": [ { "tag-type": "ietf-nss:attachment-circuit-tag-vlan-id", "value": ["101"] } ] }, "status": { } } ] }, "status": { } }, { "id": "4", "node-id": "PE-C", "service-match-criteria": { "match-criterion": [ { "index": 1, "match-type": "ietf-network-slice-service:service-any-match", "target-connection-group-id": "matrix1", "target-connectivity-construct-id": 1 } ] }, "attachment-circuits": { "attachment-circuit": [ { "id": "ac4", "description": "AC4 connected to device 4", "ac-node-id": "PE-C", "ac-tp-id": "GigabitEthernet4/0/0/3.100", "ac-ipv4-address": "192.0.2.129", "ac-ipv4-prefix-length": 26, "ac-tags": { "ac-tags": [ { "tag-type": "ietf-network-slice-service:attachment-circuit-tag-vlan-id", "value": ["100"] } ] }, "status": { } } ] }, "status": { } } ] }, "connection-groups": { "connection-group": [ { "id": "matrix1", "connectivity-type": "ietf-vpn-common:any-to-any", "connectivity-construct": [ { "id": 1, "a2a-sdp": [ { "sdp-id": "1" }, { "sdp-id": "3a" }, { "sdp-id": "4" } ], "status": { } } ] } ] } }, { "id": "slice2", "description": "example slice2", "service-tags": { "tag-type": [ { "tag-type": "ietf-nss:service-tag-service", "value": ["L3"] } ] }, "slo-sle-template": "high-BW-template", "status": { }, "sdps": { "sdp": [ { "id": "2", "node-id": "PE-A", "attachment-circuits": { "attachment-circuit": [ { "id": "ac2", "description": "AC2 connected to device 2", "ac-node-id": "PE-A", "ac-tp-id": "GigabitEthernet7/0/0/3.200", "ac-ipv4-address": "198.51.100.1", "ac-ipv4-prefix-length": 26, "ac-tags": { "ac-tags": [ { "tag-type": "ietf-nss:attachment-circuit-tag-vlan-id", "value": ["100"] } ] }, "status": { } } ] }, "status": { } }, { "id": "3b", "node-id": "PE-B", "attachment-circuits": { "attachment-circuit": [ { "id": "ac3b", "description": "AC3b connected to device 3", "ac-node-id": "PE-B", "ac-tp-id": "GigabitEthernet8/0/0/4.201", "ac-ipv4-address": "198.51.100.65", "ac-ipv4-prefix-length": 26, "ac-tags": { "ac-tags": [ { "tag-type": "ietf-network-slice-service:attachment-circuit-tag-vlan-id", "value": ["201"] } ] }, "status": { } } ] }, "status": { } } ] }, "connection-groups": { "connection-group": [ { "id": "matrix2", "connectivity-type": "ietf-vpn-common:any-to-any", "connectivity-construct": [ { "id": 1, "a2a-sdp": [ { "sdp-id": "2" }, { "sdp-id": "3b" } ], "status": { } } ] } ] } } ] } } }¶
B.2. Example-2: Two P2P slice services with different match approaches
The following example describes a simplified service configuration of two IETF Network slice instances where the SDPs are the customer-facing ports on the PE:¶
- IETF Network Slice 3 on SDP5 and SDP7a with P2P connectivity type. This is a L2 slice service and using the uniform low-latency "slo-sle-template" policies between the SDPs. A connectivity-group level slo-policy has been applied with a delay based metric bound of 10ms which will apply to both connectivity-constructs.¶
- IETF Network Slice 4 on SDP6 and SDP7b, with P2P connectivity type. This is a L2 slice service and using the the high bandwidth "slo-sle-template" policies between the SDPs. Traffic from SDP6 and SDP7b is requesting a bandwidth of 1000Mbps, while in the reverse direction from SDP7b to SDP6, 5000Mbps is being requested.¶
Slice 3 uses the explicit match approach for mapping SDP traffic to a "connectivity-group", while slice 2 uses the implicit approach. Both approaches are supported.¶
Note: These two slices both use service-tags of "L2". This "service-tag" is operator defined and has no specific meaning in the YANG model other to give a hint to the NSC on the service expectation being L2 forwarding. Other examples we may choose to eliminate it. The usage of this tag is arbitrary and up to the operator and the NSC on it's need and usage.¶
+--------+ | CE5 o------/ VLAN100 +--------+ | SDP5 +------+ +--------+ +------o| PE A +---------------+ | CE6 o-------/-----o| | | +--------+ SDP6 +---+--+ | VLAN200 | | | +---+--+ | | | | | PE C o +--------+ | +---+--+ | o------/ VLAN101 | | | | | SDP7a +---+--+ | | CE7 | +------o| PE B +---------------+ | o-------/-----o| | +--------+ SDP7b +------+ VLAN201¶
{ "data": { "ietf-network-slice-service:network-slice-services": { "slo-sle-templates": { "slo-sle-template": [ { "id": "high-BW-template", "description": "take the highest BW forwarding path" }, { "id": "low-latency-template", "description": "lowest possible latency forwarding behavior" } ] }, "slice-service": [ { "id": "slice3", "description": "example slice3", "slo-sle-template": "low-latency-template", "status": { }, "sdps": { "sdp": [ { "id": "5", "node-id": "PE-A", "service-match-criteria": { "match-criterion": [ { "index": 1, "match-type": "ietf-network-slice-service:service-any-match", "target-connection-group-id": "matrix3" } ] }, "attachment-circuits": { "attachment-circuit": [ { "id": "ac5", "description": "AC5 connected to device 5", "ac-node-id": "PE-A", "ac-tp-id": "GigabitEthernet5/0/0/1", "ac-tags": { "ac-tags": [ { "tag-type": "ietf-network-slice-service:attachment-circuit-tag-vlan-id", "value": ["100"] } ] }, "status": { } } ] }, "status": { } }, { "id": "7a", "node-id": "PE-B", "service-match-criteria": { "match-criterion": [ { "index": 1, "match-type": "ietf-network-slice-service:service-any-match", "target-connection-group-id": "matrix3" } ] }, "attachment-circuits": { "attachment-circuit": [ { "id": "ac7a", "description": "AC7a connected to device 7", "ac-node-id": "PE-B", "ac-tp-id": "GigabitEthernet8/0/0/5", "ac-tags": { "ac-tags": [ { "tag-type": "ietf-network-slice-service:attachment-circuit-tag-vlan-id", "value": ["200"] } ] }, "status": { } } ] }, "status": { } } ] }, "connection-groups": { "connection-group": [ { "id": "matrix3", "connectivity-type": "ietf-network-slice-service:point-to-point", "service-slo-sle-policy": { "slo-policy": { "metric-bound": [ { "metric-type": "ietf-nss:service-slo-one-way-delay-maximum", "metric-unit": "milliseconds", "bound": "10" } ] } }, "connectivity-construct": [ { "id": 1, "p2p-sender-sdp": "5", "p2p-receiver-sdp": "7a", "status": { } }, { "id": 2, "p2p-sender-sdp": "7a", "p2p-receiver-sdp": "5", "status": { } } ] } ] } }, { "id": "slice4", "description": "example slice4", "slo-sle-template": "high-BW-template", "status": { }, "sdps": { "sdp": [ { "id": "6", "node-id": "PE-A", "attachment-circuits": { "attachment-circuit": [ { "id": "ac6", "description": "AC6 connected to device 6", "ac-node-id": "PE-A", "ac-tp-id": "GigabitEthernet7/0/0/4", "ac-tags": { "ac-tags": [ { "tag-type": "ietf-network-slice-service:attachment-circuit-tag-vlan-id", "value": ["101"] } ] }, "status": { } } ] }, "status": { } }, { "id": "7b", "node-id": "PE-B", "attachment-circuits": { "attachment-circuit": [ { "id": "ac7b", "description": "AC7b connected to device 7", "ac-node-id": "PE-B", "ac-tp-id": "GigabitEthernet8/0/0/5", "ac-tags": { "ac-tags": [ { "tag-type": "ietf-network-slice-service:attachment-circuit-tag-vlan-id", "value": ["201"] } ] }, "status": { } } ] }, "status": { } } ] }, "connection-groups": { "connection-group": [ { "id": "matrix4", "connectivity-type": "ietf-network-slice-service:point-to-point", "connectivity-construct": [ { "id": 1, "p2p-sender-sdp": "6", "p2p-receiver-sdp": "7b", "service-slo-sle-policy": { "slo-policy": { "metric-bound": [ { "metric-type": "ietf-network-slice-service:service-slo-one-way-delay-maximum", "metric-unit": "Mbps", "bound": "1000" } ] } }, "status": { } }, { "id": 2, "p2p-sender-sdp": "7b", "p2p-receiver-sdp": "6", "service-slo-sle-policy": { "slo-policy": { "metric-bound": [ { "metric-type": ietf-network-slice-service:service-slo-one-way-bandwidth", "metric-unit": "Mbps", "bound": "5000" } ] } }, "status": { } } ] } ] } } ] } } }¶
B.3. Example-3: A Hub and Spoke Slice Service with a P2MP Connectivity Construct
The following example describes a simplified service configuration of one IETF Network slice instance where the SDPs are the customer-facing ports on the PE:¶
- IETF Network Slice 5 is a hub-spoke slice with SDP14 as the hub and SDP11, SDP12, SDP13a, SDP13b as spokes. This is a L3 slice service and using the uniform low-latency "slo-sle-template" policies between all spokes and the hub SDPs, but using an explicit set of SLO policies with a latency metric of 10ms for hub to spoke traffic.¶
+--------+ 192.0.2.1/26 |Device11o------/ VLAN100 +--------+ | SDP11+------+ +--------+ +------o| A +---------------+ |Device12o-------/-----o| | | +--------+ SDP12+---+--+ | 198.51.100.1/26 | | 192.0.2.129/26 VLAN200 | +---+--+ VLAN100 | | | SDP14 +--------+ | | C o-----/-----oDevice14| +--------+ 192.0.2.65/26 | +---+--+ +--------+ | o------/ VLAN101 | | | | | SDP13a+---+--+ | |Device13| +------o| B +---------------+ | o-------/-----o| | +--------+ SDP13b+------+ 198.51.100.65/26 VLAN201¶
{ "data": { "ietf-network-slice-service:network-slice-services": { "slo-sle-templates": { "slo-sle-template": [ { "id": "high-BW-template", "description": "take the highest BW forwarding path" }, { "id": "low-latency-template", "description": "lowest possible latency forwarding behavior" } ] }, "slice-service": [ { "id": "slice5", "description": "example slice5", "service-tags": { "tag-type": [ { "tag-type": "ietf-network-slice-service:service-tag-service", "value": ["L3"] } ] }, "slo-sle-template": "low-latency-template", "status": { }, "sdps": { "sdp": [ { "id": "11", "node-id": "PE-A", "service-match-criteria": { "match-criterion": [ { "index": 1, "match-type": "ietf-network-slice-service:service-any-match", "target-connection-group-id": "matrix5", "connection-group-sdp-role": "ietf-vpn-common:spoke-role" } ] }, "attachment-circuits": { "attachment-circuit": [ { "id": "ac11", "description": "AC11 connected to device 11", "ac-node-id": "PE-A", "ac-tp-id": "GigabitEthernet5/0/0/2", "ac-ipv4-address": "192.0.2.1", "ac-ipv4-prefix-length": 26, "ac-tags": { "ac-tags": [ { "tag-type": "ietf-network-slice-service:attachment-circuit-tag-vlan-id", "value": ["100"] } ] }, "status": { } } ] }, "status": { } }, { "id": "12", "node-id": "PE-A", "service-match-criteria": { "match-criterion": [ { "index": 1, "match-type": "ietf-network-slice-service:service-any-match", "target-connection-group-id": "matrix5", "connection-group-sdp-role": "ietf-vpn-common:spoke-role" } ] }, "attachment-circuits": { "attachment-circuit": [ { "id": "ac12", "description": "AC12 connected to device 12", "ac-node-id": "PE-A", "ac-tp-id": "GigabitEthernet7/0/0/5", "ac-ipv4-address": "198.51.100.1", "ac-ipv4-prefix-length": 26, "ac-tags": { "ac-tags": [ { "tag-type": "ietf-network-slice-service:attachment-circuit-tag-vlan-id", "value": ["200"] } ] }, "status": { } } ] }, "status": { } }, { "id": "13a", "node-id": "PE-B", "service-match-criteria": { "match-criterion": [ { "index": 1, "match-type": "ietf-network-slice-service:service-any-match", "target-connection-group-id": "matrix5", "connection-group-sdp-role": "ietf-vpn-common:spoke-role" } ] }, "attachment-circuits": { "attachment-circuit": [ { "id": "ac13a", "description": "AC13a connected to device 13", "ac-node-id": "PE-B", "ac-tp-id": "GigabitEthernet8/0/0/6", "ac-ipv4-address": "192.0.2.65", "ac-ipv4-prefix-length": 26, "ac-tags": { "ac-tags": [ { "tag-type": "ietf-network-slice-service:attachment-circuit-tag-vlan-id", "value": ["101"] } ] }, "status": { } } ] }, "status": { } }, { "id": "13b", "node-id": "PE-B", "service-match-criteria": { "match-criterion": [ { "index": 1, "match-type": "ietf-network-slice-service:service-any-match", "target-connection-group-id": "matrix5", "connection-group-sdp-role": "ietf-vpn-common:spoke-role" } ] }, "attachment-circuits": { "attachment-circuit": [ { "id": "ac13b", "description": "AC3b connected to device 13", "ac-node-id": "PE-B", "ac-tp-id": "GigabitEthernet8/0/0/4", "ac-ipv4-address": "198.51.100.65", "ac-ipv4-prefix-length": 26, "ac-tags": { "ac-tags": [ { "tag-type": "ietf-network-slice-service:attachment-circuit-tag-vlan-id", "value": ["201"] } ] }, "status": { } } ] }, "status": { } }, { "id": "14", "node-id": "PE-C", "service-match-criteria": { "match-criterion": [ { "index": 1, "match-type": "ietf-network-slice-service:service-any-match", "target-connection-group-id": "matrix5", "connection-group-sdp-role": "ietf-vpn-common:hub-role" } ] }, "attachment-circuits": { "attachment-circuit": [ { "id": "ac14", "description": "AC14 connected to device 14", "ac-node-id": "PE-C", "ac-tp-id": "GigabitEthernet4/0/0/3", "ac-ipv4-address": "192.0.2.129", "ac-ipv4-prefix-length": 26, "ac-tags": { "ac-tags": [ { "tag-type": "ietf-network-slice-service:attachment-circuit-tag-vlan-id", "value": ["100"] } ] }, "status": { } } ] }, "status": { } } ] }, "connection-groups": { "connection-group": [ { "id": "matrix5", "connectivity-type": "ietf-vpn-common:hub-spoke", "connectivity-construct": [ { "id": 1, "p2mp-sender-sdp": "14", "p2mp-receiver-sdp": ["11", "12", "13a", "13b"], "service-slo-sle-policy": { "slo-policy": { "metric-bound": [ { "metric-type": "ietf-network-slice-service:service-slo-one-way-delay-maximum", "metric-unit": "milliseconds", "bound": "10" } ] } }, "status": { } } ] } ] } } ] } } }¶
B.4. Example-4: An A2A Slice service with multiple SLOs and DSCP Matching
The following example describes a simplified service configuration of an IETF Network slice instance where the SDPs are the customer-facing ports on the PE:¶
- IETF Network Slice 6 on SDP21, SDP23a, and SDP24, with A2A connectivity type. This is a L3 slice service and using the uniform "standard" slo-sle-template policies between all SDPs. For traffic matching the DSCP of EF, a slo-sle-template policy of "low-latency" will be used. The slice uses the explicit match approach for mapping SDP traffic to a connectivity construct.¶
+--------+ 192.0.2.1/24 | CE21 o------/ VLAN100 +--------+ | SDP21+------+ +------o| PE A +---------------+ | | | +---+--+ | | | 203.0.113.1/24 | +---+--+ VLAN100 | | | SDP24 +--------+ | | PE C o-----/-----o CE24 | +--------+ 198.51.100.1/24 | +---+--+ +--------+ | o------/ VLAN101 | | | | | SDP23a+---+--+ | |CE23 | +------o| PE B +---------------+ | o | | +--------+ +------+¶
{ "data": { "ietf-network-slice-service:network-slice-services": { "slo-sle-templates": { "slo-sle-template": [ { "id": "high-BW-template", "description": "take the highest BW forwarding path" }, { "id": "low-latency-template", "description": "lowest possible latency forwarding behavior" }, { "id": "standard-template", "description": "take the standard forwarding path" } ] }, "slice-service": [ { "id": "slice6", "description": "example slice6", "service-tags": { "tag-type": [ { "tag-type": "ietf-network-slice-service:service-tag-service", "value": ["L3"] } ] }, "slo-sle-template": "standard-template", "status": { }, "sdps": { "sdp": [ { "id": "21", "node-id": "PE-A", "service-match-criteria": { "match-criterion": [ { "index": 1, "match-type": "ietf-network-slice-service:service-dscp-match", "value": ["EF"], "target-connection-group-id": "matrix6", "target-connectivity-construct-id": 2 }, { "index": 2, "match-type": "ietf-network-slice-service:service-any-match", "target-connection-group-id": "matrix6", "target-connectivity-construct-id": 1 } ] }, "attachment-circuits": { "attachment-circuit": [ { "id": "ac21", "description": "AC21 connected to device 21", "ac-node-id": "PE-A", "ac-tp-id": "GigabitEthernet5/0/0/0", "ac-ipv4-address": "192.0.2.1", "ac-ipv4-prefix-length": 24, "ac-tags": { "ac-tags": [ { "tag-type": "ietf-network-slice-service:attachment-circuit-tag-vlan-id", "value": ["100"] } ] }, "status": { } } ] }, "status": { } }, { "id": "23a", "node-id": "PE-B", "service-match-criteria": { "match-criterion": [ { "index": 1, "match-type": "ietf-network-slice-service:service-dscp-match", "value": ["EF"], "target-connection-group-id": "matrix6", "target-connectivity-construct-id": 2 }, { "index": 2, "match-type": "ietf-network-slice-service:service-any-match", "target-connection-group-id": "matrix6", "target-connectivity-construct-id": 1 } ] }, "attachment-circuits": { "attachment-circuit": [ { "id": "ac23a", "description": "AC23a connected to device 23", "ac-node-id": "PE-B", "ac-tp-id": "GigabitEthernet8/0/0/4", "ac-ipv4-address": "198.51.100.1", "ac-ipv4-prefix-length": 24, "ac-tags": { "ac-tags": [ { "tag-type": "ietf-network-slice-service:attachment-circuit-tag-vlan-id", "value": ["101"] } ] }, "status": { } } ] }, "status": { } }, { "id": "24", "node-id": "PE-C", "service-match-criteria": { "match-criterion": [ { "index": 1, "match-type": "ietf-network-slice-service:service-dscp-match", "value": ["EF"], "target-connection-group-id": "matrix6", "target-connectivity-construct-id": 2 }, { "index": 2, "match-type": "ietf-network-slice-service:service-any-match", "target-connection-group-id": "matrix6", "target-connectivity-construct-id": 1 } ] }, "attachment-circuits": { "attachment-circuit": [ { "id": "ac24", "description": "AC24 connected to device 24", "ac-node-id": "PE-C", "ac-tp-id": "GigabitEthernet4/0/0/3", "ac-ipv4-address": "203.0.113.1", "ac-ipv4-prefix-length": 24, "ac-tags": { "ac-tags": [ { "tag-type": "ietf-network-slice-service:attachment-circuit-tag-vlan-id", "value": ["100"] } ] }, "status": { } } ] }, "status": { } } ] }, "connection-groups": { "connection-group": [ { "id": "matrix6", "connectivity-type": "ietf-vpn-common:any-to-any", "connectivity-construct": [ { "id": 1, "a2a-sdp": [ { "sdp-id": "21" }, { "sdp-id": "23a" }, { "sdp-id": "24", "slo-sle-template": "low-latency-template" } ], "status": { } }, { "id": 2, "a2a-sdp": [ { "sdp-id": "21" }, { "sdp-id": "23a" }, { "sdp-id": "24" } ], "status": { } } ] } ] } } ] } } }¶
B.5. Example-5: An A2A Network Slice Service with SLO Precedence Policies
The following examples describes a simplified service configuration of an IETF Network slice instance "slice-7" with four SDPs: SDP1, SDP2, SDP3 and SDP4 with A2A connectivity type. All SDPs are designated as customer-facing ports on the PE.¶
The service is realized using a single A2A connectivity construct, and a low-bandwidth "slo-sle-template" policy applied to SDP4 and SDP3, while a high-bandwidth "slo-sle-template" policy applied to SDP1 and SDP2. Notice that the slo-sle-templates at the connecitivty- construct level take precedence to the one specified at the group level.¶
+--------+ 2001:db8:0:1::1 2001:db8:0:3::1 |CE1 o------/ VLAN100 VLAN100 +--------+ | SDP1 +------+ +------+ SDP3 +------o| PE A +-----------| PE C | +--------+ | | | |-----/-----o CE3 | +---+--+ +------+ +--------+ | | | | | | | | +--------+ 2001:db8:0:2::1 | | |CE2 o------/ VLAN100 | | 2001:db8:0:4::1 +--------+ | SDP2 +---+--+ +---+--+ VLAN100 +------o| PE B +-----------|PE D | SDP4 +--------+ | | | o-----/-----o CE4 | +------+ +---+--+ +--------+¶
{ "data": { "ietf-network-slice-service:network-slice-services": { "slo-sle-templates": { "slo-sle-template": [ { "id": "high-BW-template", "description": "take the highest BW forwarding path" }, { "id": "low-BW-template", "description": "lowest BW forwarding behavior" } ] }, "slice-service": [ { "id": "slice-7", "description": "Foo", "service-tags": { "tag-type": [ { "tag-type": "ietf-network-slice-service:service-tag-customer", "value": ["Customer-FOO"] }, { "tag-type": "ietf-network-slice-service:service-tag-service", "value": ["L3"] } ] }, "status": { }, "sdps": { "sdp": [ { "id": "SDP1", "description": "Central Office 1 at location PE-A", "node-id": "PE-A", "sdp-ip-address": ["2001:db8:0:1::1"], "service-match-criteria": { "match-criterion": [ { "index": 1, "match-type": "ietf-network-slice-service:service-vlan-match", "value": ["100"], "target-connection-group-id": "matrix1" } ] }, "attachment-circuits": { "attachment-circuit": [ { "id": "AC-SDP1", "description": "Device 1 to PE-A", "ac-node-id": "PE-A", "ac-tp-id": "GigabitEthernet1/0/0/0", "ac-ipv6-address": "2001:db8:0:1::1", "ac-ipv6-prefix-length": 64, "ac-tags": { "ac-tags": [ { "tag-type": "ietf-network-slice-service:attachment-circuit-tag-vlan-id", "value": ["100"] } ] }, "incoming-qos-policy": { "qos-policy-name": "Qos-Gold", "rate-limits": { "cir": "1000000", "cbs": "1000", "pir": "5000000", "pbs": "1000" } }, "status": { } } ] }, "status": { } }, { "id": "SDP2", "description": "Central Office 2 at location PE-B", "node-id": "PE-B", "sdp-ip-address": ["2001:db8:0:2::1"], "service-match-criteria": { "match-criterion": [ { "index": 1, "match-type": "ietf-network-slice-service:service-vlan-match", "value": ["100"], "target-connection-group-id": "matrix1" } ] }, "attachment-circuits": { "attachment-circuit": [ { "id": "AC-SDP2", "description": "Device 2 to PE-B", "ac-node-id": "PE-B", "ac-tp-id": "GigabitEthernet2/0/0/0", "ac-ipv6-address": "2001:db8:0:2::1", "ac-ipv6-prefix-length": 64, "ac-tags": { "ac-tags": [ { "tag-type": "ietf-network-slice-service:attachment-circuit-tag-vlan-id", "value": ["100"] } ] }, "incoming-qos-policy": { "qos-policy-name": "Qos-Gold", "rate-limits": { "cir": "1000000", "cbs": "1000", "pir": "5000000", "pbs": "1000" } }, "status": { } } ] }, "status": { } }, { "id": "SDP3", "description": "Remote Office 1 at location PE-C", "node-id": "PE-C", "sdp-ip-address": ["2001:db8:0:3::1"], "service-match-criteria": { "match-criterion": [ { "index": 1, "match-type": "ietf-network-slice-service:service-vlan-match", "value": ["100"], "target-connection-group-id": "matrix1" } ] }, "attachment-circuits": { "attachment-circuit": [ { "id": "AC-SDP3", "description": "Device 3 to PE-C", "ac-node-id": "PE-C", "ac-tp-id": "GigabitEthernet3/0/0/0", "ac-ipv6-address": "2001:db8:0:3::1", "ac-ipv6-prefix-length": 64, "ac-tags": { "ac-tags": [ { "tag-type": "ietf-network-slice-service:attachment-circuit-tag-vlan-id", "value": ["100"] } ] }, "incoming-qos-policy": { "qos-policy-name": "Qos-Gold", "rate-limits": { "cir": "1000000", "cbs": "1000", "pir": "5000000", "pbs": "1000" } }, "status": { } } ] }, "status": { } }, { "id": "SDP4", "description": "Remote Office 2 at location PE-D", "node-id": "PE-D", "sdp-ip-address": ["2001:db8:0:4::1"], "service-match-criteria": { "match-criterion": [ { "index": 1, "match-type": "ietf-network-slice-service:service-vlan-match", "value": ["100"], "target-connection-group-id": "matrix1" } ] }, "attachment-circuits": { "attachment-circuit": [ { "id": "AC-SDP4", "description": "Device 4 to PE-D", "ac-node-id": "PE-A", "ac-tp-id": "GigabitEthernet4/0/0/0", "ac-ipv6-address": "2001:db8:0:4::1", "ac-ipv6-prefix-length": 64, "ac-tags": { "ac-tags": [ { "tag-type": "ietf-network-slice-service:attachment-circuit-tag-vlan-id", "value": ["100"] } ] }, "incoming-qos-policy": { "qos-policy-name": "Qos-Gold", "rate-limits": { "cir": "1000000", "cbs": "1000", "pir": "5000000", "pbs": "1000" } }, "status": { } } ] }, "status": { } } ] }, "connection-groups": { "connection-group": [ { "id": "matrix1", "slo-sle-template": "low-BW-template", "connectivity-construct": [ { "id": 1, "a2a-sdp": [ { "sdp-id": "SDP1", "slo-sle-template": "high-BW-template" }, { "sdp-id": "SDP2", "slo-sle-template": "high-BW-template" }, { "sdp-id": "SDP3" }, { "sdp-id": "SDP4" } ], "status": { } } ] } ] } } ] } } }¶
B.6. Example-6: SDP at CE, L3 A2A Slice Service
The following example describes a simplified service configuration of one IETF Network slice instances where the SDPs are located at the PE-facing ports on the CE:¶
- IETF Network Slice 8 with SDP31 on CE Device1, SDP33 (with two ACs) on Device 3 and SDP34 on Device 4, with an A2A connectivity type. This is a L3 slice service and using the uniform low-latency slo-sle-template policy between all SDPs.¶
- This example also introduces the optional attribute of "sdp-ip". In this example it could be a loopback on the device. How this sdp-ip is used by the NSC is out-of-scope here, but an example could be it is the management interface of the device. The SDP and AC details are from the perspective of the CE in this example. How the CE ACs are mapped to the PE ACs are up to the NSC implementation and out-of-scope in this example.¶
- SDP31 ac-id=ac31, node-id=Device1, interface: GigabitEthernet0 vlan 100¶
- SDP33 ac-id=ac33a, node-id=Device3, interface: GigabitEthernet0 vlan 101¶
- SDP33 ac-id=ac33b, node-id=Device3, interface: GigabitEthernet1 vlan 201¶
- SDP34 ac-id=ac34, node-id=Device4, interface: GigabitEthernet3 vlan 100¶
SDP31 SDP-ip 203.0.113.1 (Loopback) | | 192.0.2.2/26 v VLAN200 +------+ +--------+ ac31 | PE A +---------------+ | CE1 o-------/-----o| | | SDP34 +--------+ +---+--+ | SDP-ip 203.0.113.129 | | | SDP33 | | | SDP-ip 203.0.113.65 | +---+--+ v | 192.0.2.66/26 | | | +--------+ v VLAN101 | | PE C o-----/-----o CE2 | +--------+ ac33a | +---+--+ ac34 +--------+ | o------/ | | VLAN201 | | | +---+---+ | 198.51.100.66/26 | CE3 | +------o| PE B +--------------+ | o-------/-----o| | +--------+ ac33b +-------+ VLAN201 198.51.100.2/26¶
{ "data": { "ietf-network-slice-service:network-slice-services": { "slo-sle-templates": { "slo-sle-template": [ { "id": "high-BW-template", "description": "take the highest BW forwarding path" }, { "id": "low-latency-template", "description": "lowest possible latency forwarding behavior" } ] }, "slice-service": [ { "id": "slice8", "description": "slice-8", "service-tags": { "tag-type": [ { "tag-type": "ietf-network-slice-service:service-tag-service", "value": ["L3"] } ] }, "slo-sle-template": "low-latency-template", "status": { }, "sdps": { "sdp": [ { "id": "31", "node-id": "Device-1", "sdp-ip-address": ["203.0.113.1"], "service-match-criteria": { "match-criterion": [ { "index": 1, "match-type": "ietf-network-slice-service:service-any-match", "target-connection-group-id": "matrix1", "target-connectivity-construct-id": 1 } ] }, "attachment-circuits": { "attachment-circuit": [ { "id": "ac31", "description": "AC1 connected to PE-A", "ac-node-id": "Device-1", "ac-tp-id": "GigabitEthernet0", "ac-ipv4-address": "192.0.2.2", "ac-ipv4-prefix-length": 26, "ac-tags": { "ac-tags": [ { "tag-type": "ietf-network-slice-service:attachment-circuit-tag-vlan-id", "value": ["100"] } ] }, "status": { } } ] }, "status": { } }, { "id": "33", "node-id": "Device-3", "sdp-ip-address": ["203.0.113.65"], "service-match-criteria": { "match-criterion": [ { "index": 1, "match-type": "ietf-network-slice-service:service-any-match", "target-connection-group-id": "matrix1", "target-connectivity-construct-id": 1 } ] }, "attachment-circuits": { "attachment-circuit": [ { "id": "ac33a", "description": "AC33a connected to PE-B", "ac-node-id": "Device-3", "ac-tp-id": "GigabitEthernet0", "ac-ipv4-address": "192.0.2.66", "ac-ipv4-prefix-length": 26, "ac-tags": { "ac-tags": [ { "tag-type": "ietf-network-slice-service:attachment-circuit-tag-vlan-id", "value": ["101"] } ] }, "status": { } }, { "id": "ac33b", "description": "AC33b connected to PE-B", "ac-node-id": "Device-3", "ac-tp-id": "GigabitEthernet1", "ac-ipv4-address": "198.51.100.2", "ac-ipv4-prefix-length": 26, "ac-tags": { "ac-tags": [ { "tag-type": "ietf-network-slice-service:attachment-circuit-tag-vlan-id", "value": ["201"] } ] }, "status": { } } ] }, "status": { } }, { "id": "34", "node-id": "Device-4", "sdp-ip-address": ["203.0.113.129"], "service-match-criteria": { "match-criterion": [ { "index": 1, "match-type": "ietf-network-slice-service:service-any-match", "target-connection-group-id": "matrix1", "target-connectivity-construct-id": 1 } ] }, "attachment-circuits": { "attachment-circuit": [ { "id": "ac34", "description": "AC34 connected to PE-C", "ac-node-id": "Device-4", "ac-tp-id": "GigabitEthernet3", "ac-ipv4-address": "198.51.100.66", "ac-ipv4-prefix-length": 26, "ac-tags": { "ac-tags": [ { "tag-type": "ietf-network-slice-service:attachment-circuit-tag-vlan-id", "value": ["100"] } ] }, "status": { } } ] }, "status": { } } ] }, "connection-groups": { "connection-group": [ { "id": "matrix1", "connectivity-type": "ietf-vpn-common:any-to-any", "connectivity-construct": [ { "id": 1, "a2a-sdp": [ { "sdp-id": "31" }, { "sdp-id": "33" }, { "sdp-id": "34" } ], "status": { } } ] } ] } } ] } } }¶
B.7. Example-7: SDP at CE, L3 A2A Slice Service with Network Abstraction
The following example describes a simplified service configuration of one IETF Network slice instances where the SDPs are located at the PE-facing ports on the CE.¶
In this example it is assumed that the NSC already has circuit binding details between the CE and PE which were previously assigned (method is out-of-scope) or the NSC has mechanisms to determine this mapping. While the NSC capabilities are out-of-scope of this document, the NSC may use the CE device name, "sdp-id", "sdp-ip", "ac-id" or the "peer-sap-id" to complete this AC circuit binding.¶
We are introducing the "peer-sap-id" in this example, which in this case, is an operator provided identifier that the slice requester can use for the NSC to identify the service attachment point (saps) in an abstracted way. How the NSC uses the "peer-sap-id" is out of scope of this document, but a possible implementation would be that the NSC was previously provisioned with a "peer-sap-id" to PE device/interface/VLAN mapping table. Alternatively, the NSC can request this mapping from an external database.¶
- IETF Network Slice 9 with SDP31 on CPE Device1, SDP33 (with two ACs) on Device 3 and SDP34 on Device 4, with an A2A connectivity type. This is a L3 slice service and using the uniform low-latency slo-sle-template policy between all SDPs.¶
- SDP31 ac-id=ac31, node-id=Device1, peer-sap-id= foo.com-circuitID-12345¶
- SDP33 ac-id=ac33a, node-id=Device3, peer-sap-id=foo.com-circuitID-67890¶
- SDP33 ac-id=ac33b, node-id=Device3, peer-sap-id=foo.com-circuitID-54321ABC¶
- SDP34 ac-id=ac34, node-id=Device4, peer-sap-id=foo.com-circuitID-9876¶
SDP31 2001:db8:0:1::1 (Loopback,etc) | | v +-------------------------+ +--------+ ac31 | | |Device1 o-------/-----o|sap | SDP34 +--------+ | | 2001:db8:0:3::1 | Abstracted | | SDP33 | Provider Network | | 2001:db8:0:2::1 | | v | | | +--------+ v | sap|-----/-----o Device4| +--------+ ac33a | | ac41 +--------+ | o------/ | | | | | | | |Device3 | +------o|sap | | o-------/-----o|sap | +--------+ ac33b +-------------------------+¶
{ "data": { "ietf-network-slice-service:network-slice-services": { "slo-sle-templates": { "slo-sle-template": [ { "id": "high-BW-template", "description": "take the highest BW forwarding path" }, { "id": "low-latency-template", "description": "lowest possible latency forwarding behavior" } ] }, "slice-service": [ { "id": "slice-9", "description": "example slice7", "service-tags": { "tag-type": [ { "tag-type": "ietf-network-slice-service:service-tag-service", "value": ["L3"] } ] }, "slo-sle-template": "low-latency-template", "status": { }, "sdps": { "sdp": [ { "id": "31", "node-id": "Device-1", "sdp-ip-address": ["2001:db8:0:1::1"], "service-match-criteria": { "match-criterion": [ { "index": 1, "match-type": "ietf-network-slice-service:service-any-match", "target-connection-group-id": "matrix1" } ] }, "attachment-circuits": { "attachment-circuit": [ { "id": "ac31", "sdp-peering": { "peer-sap-id": "foo.com-circuitID-12345" }, "status": { } } ] }, "status": { } }, { "id": "33", "node-id": "Device-3", "sdp-ip-address": ["2001:db8:0:2::1"], "service-match-criteria": { "match-criterion": [ { "index": 1, "match-type": "ietf-network-slice-service:service-any-match", "target-connection-group-id": "matrix1", "target-connectivity-construct-id": 1 } ] }, "attachment-circuits": { "attachment-circuit": [ { "id": "ac33a", "sdp-peering": { "peer-sap-id": "foo.com-circuitID-67890" }, "status": { } }, { "id": "ac33b", "sdp-peering": { "peer-sap-id": "foo.com-circuitID-54321ABC" }, "status": { } } ] }, "status": { } }, { "id": "34", "node-id": "Device-4", "sdp-ip-address": ["2001:db8:0:3::1"], "service-match-criteria": { "match-criterion": [ { "index": 1, "match-type": "ietf-network-slice-service:service-any-match", "target-connection-group-id": "matrix1" } ] }, "attachment-circuits": { "attachment-circuit": [ { "id": "ac34", "sdp-peering": { "peer-sap-id": "foo.com-circuitID-9876" }, "status": { } } ] }, "status": { } } ] }, "connection-groups": { "connection-group": [ { "id": "matrix1", "connectivity-type": "ietf-vpn-common:any-to-any", "connectivity-construct": [ { "id": 1, "a2a-sdp": [ { "sdp-id": "31" }, { "sdp-id": "33" }, { "sdp-id": "34" } ], "status": { } } ] } ] } } ] } } }¶
Appendix C. Complete Model Tree Structure
module: ietf-network-slice-service +--rw network-slice-services +--rw slo-sle-templates | +--rw slo-sle-template* [id] | +--rw id string | +--rw description? string | +--rw template-ref? leafref | +--rw slo-policy | | +--rw metric-bound* [metric-type] | | | +--rw metric-type identityref | | | +--rw metric-unit string | | | +--rw value-description? string | | | +--rw percentile-value? percentile | | | +--rw bound? uint64 | | +--rw availability? identityref | | +--rw mtu? uint16 | +--rw sle-policy | +--rw security* identityref | +--rw isolation* identityref | +--rw max-occupancy-level? uint8 | +--rw steering-constraints | +--rw path-constraints | +--rw service-function +--rw slice-service* [id] +--rw id string +--rw description? string +--rw service-tags | +--rw tag-type* [tag-type] | +--rw tag-type identityref | +--rw value* string +--rw (slo-sle-policy)? | +--:(standard) | | +--rw slo-sle-template? leafref | +--:(custom) | +--rw service-slo-sle-policy | +--rw description? string | +--rw slo-policy | | +--rw metric-bound* [metric-type] | | | +--rw metric-type identityref | | | +--rw metric-unit string | | | +--rw value-description? string | | | +--rw percentile-value? percentile | | | +--rw bound? uint64 | | +--rw availability? identityref | | +--rw mtu? uint16 | +--rw sle-policy | +--rw security* identityref | +--rw isolation* identityref | +--rw max-occupancy-level? uint8 | +--rw steering-constraints | +--rw path-constraints | +--rw service-function +--rw compute-only? empty +--rw status | +--rw admin-status | | +--rw status? identityref | | +--rw last-change? yang:date-and-time | +--ro oper-status | +--ro status? identityref | +--ro last-change? yang:date-and-time +--rw sdps | +--rw sdp* [id] | +--rw id string | +--rw description? string | +--rw location | | +--rw altitude? int64 | | +--rw latitude? decimal64 | | +--rw longitude? decimal64 | +--rw node-id? string | +--rw sdp-ip-address* inet:ip-address | +--rw tp-ref? leafref | +--rw service-match-criteria | | +--rw match-criterion* [index] | | +--rw index | | | uint32 | | +--rw match-type | | | identityref | | +--rw value* | | | string | | +--rw target-connection-group-id leafref | | +--rw connection-group-sdp-role? | | | identityref | | +--rw target-connectivity-construct-id? leafref | +--rw incoming-qos-policy | | +--rw qos-policy-name? string | | +--rw rate-limits | | +--rw cir? uint64 | | +--rw cbs? uint64 | | +--rw eir? uint64 | | +--rw ebs? uint64 | | +--rw pir? uint64 | | +--rw pbs? uint64 | +--rw outgoing-qos-policy | | +--rw qos-policy-name? string | | +--rw rate-limits | | +--rw cir? uint64 | | +--rw cbs? uint64 | | +--rw eir? uint64 | | +--rw ebs? uint64 | | +--rw pir? uint64 | | +--rw pbs? uint64 | +--rw sdp-peering | | +--rw peer-sap-id* string | | +--rw protocols | +--rw ac-svc-name* string | +--rw attachment-circuits | | +--rw attachment-circuit* [id] | | +--rw id string | | +--rw ac-svc-name? string | | +--rw description? string | | +--rw ac-node-id? string | | +--rw ac-tp-id? string | | +--rw ac-ipv4-address? | | | inet:ipv4-address | | +--rw ac-ipv4-prefix-length? uint8 | | +--rw ac-ipv6-address? | | | inet:ipv6-address | | +--rw ac-ipv6-prefix-length? uint8 | | +--rw mtu? uint16 | | +--rw ac-tags | | | +--rw ac-tags* [tag-type] | | | +--rw tag-type identityref | | | +--rw value* string | | +--rw incoming-qos-policy | | | +--rw qos-policy-name? string | | | +--rw rate-limits | | | +--rw cir? uint64 | | | +--rw cbs? uint64 | | | +--rw eir? uint64 | | | +--rw ebs? uint64 | | | +--rw pir? uint64 | | | +--rw pbs? uint64 | | +--rw outgoing-qos-policy | | | +--rw qos-policy-name? string | | | +--rw rate-limits | | | +--rw cir? uint64 | | | +--rw cbs? uint64 | | | +--rw eir? uint64 | | | +--rw ebs? uint64 | | | +--rw pir? uint64 | | | +--rw pbs? uint64 | | +--rw sdp-peering | | | +--rw peer-sap-id? string | | | +--rw protocols | | +--rw status | | +--rw admin-status | | | +--rw status? identityref | | | +--rw last-change? yang:date-and-time | | +--ro oper-status | | +--ro status? identityref | | +--ro last-change? yang:date-and-time | +--rw status | | +--rw admin-status | | | +--rw status? identityref | | | +--rw last-change? yang:date-and-time | | +--ro oper-status | | +--ro status? identityref | | +--ro last-change? yang:date-and-time | +--ro sdp-monitoring | +--ro incoming-bw-value? | | te-types:te-bandwidth | +--ro incoming-bw-percent decimal64 | +--ro outgoing-bw-value? | | te-types:te-bandwidth | +--ro outgoing-bw-percent decimal64 +--rw connection-groups | +--rw connection-group* [id] | +--rw id string | +--rw connectivity-type? | | identityref | +--rw (slo-sle-policy)? | | +--:(standard) | | | +--rw slo-sle-template? leafref | | +--:(custom) | | +--rw service-slo-sle-policy | | +--rw description? string | | +--rw slo-policy | | | +--rw metric-bound* [metric-type] | | | | +--rw metric-type | | | | | identityref | | | | +--rw metric-unit string | | | | +--rw value-description? string | | | | +--rw percentile-value? | | | | | percentile | | | | +--rw bound? uint64 | | | +--rw availability? identityref | | | +--rw mtu? uint16 | | +--rw sle-policy | | +--rw security* | | | identityref | | +--rw isolation* | | | identityref | | +--rw max-occupancy-level? uint8 | | +--rw steering-constraints | | +--rw path-constraints | | +--rw service-function | +--rw service-slo-sle-policy-override? | | identityref | +--rw connectivity-construct* [id] | | +--rw id | | | uint32 | | +--rw (type)? | | | +--:(p2p) | | | | +--rw p2p-sender-sdp? | | | | | -> ../../../../sdps/sdp/id | | | | +--rw p2p-receiver-sdp? | | | | -> ../../../../sdps/sdp/id | | | +--:(p2mp) | | | | +--rw p2mp-sender-sdp? | | | | | -> ../../../../sdps/sdp/id | | | | +--rw p2mp-receiver-sdp* | | | | -> ../../../../sdps/sdp/id | | | +--:(a2a) | | | +--rw a2a-sdp* [sdp-id] | | | +--rw sdp-id | | | | -> ../../../../../sdps/sdp/id | | | +--rw (slo-sle-policy)? | | | +--:(standard) | | | | +--rw slo-sle-template? leafref | | | +--:(custom) | | | +--rw service-slo-sle-policy | | | +--rw description? string | | | +--rw slo-policy | | | | +--rw metric-bound* | | | | | [metric-type] | | | | | +--rw metric-type | | | | | | identityref | | | | | +--rw metric-unit | | | | | | string | | | | | +--rw value-description? | | | | | | string | | | | | +--rw percentile-value? | | | | | | percentile | | | | | +--rw bound? | | | | | uint64 | | | | +--rw availability? | | | | | identityref | | | | +--rw mtu? | | | | uint16 | | | +--rw sle-policy | | | +--rw security* | | | | identityref | | | +--rw isolation* | | | | identityref | | | +--rw max-occupancy-level? | | | | uint8 | | | +--rw steering-constraints | | | +--rw path-constraints | | | +--rw service-function | | +--rw (slo-sle-policy)? | | | +--:(standard) | | | | +--rw slo-sle-template? leafref | | | +--:(custom) | | | +--rw service-slo-sle-policy | | | +--rw description? string | | | +--rw slo-policy | | | | +--rw metric-bound* [metric-type] | | | | | +--rw metric-type | | | | | | identityref | | | | | +--rw metric-unit string | | | | | +--rw value-description? string | | | | | +--rw percentile-value? | | | | | | percentile | | | | | +--rw bound? uint64 | | | | +--rw availability? identityref | | | | +--rw mtu? uint16 | | | +--rw sle-policy | | | +--rw security* | | | | identityref | | | +--rw isolation* | | | | identityref | | | +--rw max-occupancy-level? uint8 | | | +--rw steering-constraints | | | +--rw path-constraints | | | +--rw service-function | | +--rw service-slo-sle-policy-override? | | | identityref | | +--rw status | | | +--rw admin-status | | | | +--rw status? identityref | | | | +--rw last-change? yang:date-and-time | | | +--ro oper-status | | | +--ro status? identityref | | | +--ro last-change? yang:date-and-time | | +--ro connectivity-construct-monitoring | | +--ro one-way-min-delay? uint32 | | +--ro one-way-max-delay? uint32 | | +--ro one-way-delay-variation? uint32 | | +--ro one-way-packet-loss? decimal64 | | +--ro two-way-min-delay? uint32 | | +--ro two-way-max-delay? uint32 | | +--ro two-way-delay-variation? uint32 | | +--ro two-way-packet-loss? decimal64 | +--ro connection-group-monitoring | +--ro one-way-min-delay? uint32 | +--ro one-way-max-delay? uint32 | +--ro one-way-delay-variation? uint32 | +--ro one-way-packet-loss? decimal64 | +--ro two-way-min-delay? uint32 | +--ro two-way-max-delay? uint32 | +--ro two-way-delay-variation? uint32 | +--ro two-way-packet-loss? decimal64 +--rw custom-topology-ref +--rw network-ref? -> /nw:networks/network/network-id¶
Appendix D. Comparison with Other Possible Design choices for IETF Network Slice Service Interface
According to the 5.3.1 IETF Network Slice Service Interface [I-D.ietf-teas-ietf-network-slices], the Network Slice service Interface is a technology-agnostic interface, which is used for a customer to express requirements for a particular IETF Network Slice. Customers operate on abstract IETF Network Slices, with details related to their realization hidden. As classified by [RFC8309], the Network Slice service Interface is classified as Customer Service Model.¶
This draft analyzes the following existing IETF models to identify the gap between the IETF Network Slice Service Interface requirements.¶
D.1. ACTN VN Model Augmentation
The difference between the ACTN VN model and the IETF Network Slice Service requirements is that the IETF Network Slice Service interface is a technology-agnostic interface, whereas the VN model is bound to the IETF TE Topologies. The realization of the IETF Network Slice does not necessarily require the slice network to support the TE technology.¶
The ACTN VN (Virtual Network) model introduced in[I-D.ietf-teas-actn-vn-yang] is the abstract customer view of the TE network. Its YANG structure includes four components:¶
- VN: A Virtual Network (VN) is a network provided by a service provider to a customer for use and two types of VN has defined. The Type 1 VN can be seen as a set of edge-to-edge abstract links. Each link is an abstraction of the underlying network which can encompass edge points of the customer's network, access links, intra-domain paths, and inter-domain links.¶
- AP: An AP is a logical identifier used to identify the access link which is shared between the customer and the IETF scoped Network.¶
- VN-AP: A VN-AP is a logical binding between an AP and a given VN.¶
- VN-member: A VN-member is an abstract edge-to-edge link between any two APs or VN-APs. Each link is formed as an E2E tunnel across the underlying networks.¶
The Type 1 VN can be used to describe IETF Network Slice connection requirements. However, the Network Slice SLO and Network Slice SDP are not clearly defined and there's no direct equivalent. For example, the SLO requirement of the VN is defined through the IETF TE Topologies YANG model, but the TE Topologies model is related to a specific implementation technology. Also, VN-AP does not define "service-match-criteria" to specify a specific SDP belonging to an IETF Network Slice Service.¶
D.2. RFC8345 Augmentation Model
The difference between the IETF Network Slice Service requirements and the IETF basic network model is that the IETF Network Slice Service requests abstract customer IETF Network Slices, with details related to the slice Network hidden. But the IETF network model is used to describe the interconnection details of a Network. The customer service model does not need to provide details on the Network.¶
For example, IETF Network Topologies YANG data model extension introduced in Transport Network Slice YANG Data Model [I-D.liu-teas-transport-network-slice-yang] includes three major parts:¶
- Network: a transport network list and an list of nodes contained in the network¶
- Link: "links" list and "termination points" list describe how nodes in a network are connected to each other¶
- Support network: vertical layering relationships between IETF Network Slice networks and underlay networks¶
Based on this structure, the IETF Network Slice-specific SLO attributes nodes are augmented on the Network Topologies model,, e.g. isolation etc. However, this modeling design requires the slice network to expose a lot of details of the network, such as the actual topology including nodes interconnection and different network layers interconnection.¶