A Network Resource Partition (NRP) is a collection of resources
identified in the underlay network to support services (like IETF
Network Slices) that need logical network structures with required
Service Level Objective (SLO) and Service Level Expectation (SLE)
characteristics to be created. This document defines a YANG data model
for Network Resource Partitions (NRPs). The model can be used, in
particular, for the realization of the IETF Network Slice Services in
IP/MPLS networks.¶
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task
Force (IETF). Note that other groups may also distribute working
documents as Internet-Drafts. The list of current Internet-Drafts is
at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."¶
Copyright (c) 2024 IETF Trust and the persons identified as the
document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this
document must include Revised BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Revised BSD License.¶
As specified in Section 7.4 [I-D.ietf-teas-ietf-network-slices], an NRP is a collection of
resources identified in the underlay network to support the IETF Network
Slice service (or any other service that needs logical network
structures with required characteristics to be created). [I-D.ietf-teas-ietf-network-slices] defines a framework for
IETF Network Slice Services, which provide connectivity coupled with
network resources commitment between a number of Service Demarcation
Points (SDPs) over a shared network infrastructure. The IETF Network
Slice service is expressed in terms of one or more connectivity
constructs, which can be of a connection type (point-to-point (P2P),
point-to-multipoint (P2MP), or any-to-any (A2A)) and any combination of
these types. One or more connectivity constructs from one or more IETF
Network Slices are mapped to an NRP for ensuring Service Level Objective
(SLO) and Service Level Expectation (SLE) and network scalability.¶
This document defines a YANG module of NRPs. An IETF Network Slice
Controller (NSC) can use it to manage NRP instances in order to
implement Network Slice Services.¶
An NRP Policy [I-D.ietf-teas-ns-ip-mpls] is a policy
construct that enables instantiation of mechanisms in support of service
specific control and data plane behaviors on select topological elements
associated with the NRP.Section 3.1 describes the
detailed definition of NRP policy in NRP instantiation.¶
According to the YANG model classification of [RFC8309], the NRPs model is a network configuration model.¶
There are multiple modes of NRPs operations to be supported as
follows:¶
NRPs instantiation: Depending on the slice service types and also
network status, there can be two types of approaches. One method is
to create an NRP instance before the network controller processes
the IETF Network Slice service request. Another one is that the
network controller may start creating an NRP instance while
configuring the IETF Network Slice service request.¶
NRPs modification: When the capacity of an existing NPR link is
close to capacity, the bandwidth of the link could be increased. And
when an NRP links or nodes resources are insufficient, new NRP links
and nodes could be added.¶
NRPs Deletion: If the NSC determines that no slice service is
using an NRP, the NSC can delete the NRP instance.¶
NRPs Monitoring: The NSC can use the NRPs model to track and
monitor NRPs resource status and usage.¶
An NRP policy specifies the rules for determining the topology
associated with the NRP and dictates how an NRP can be realized in
IP/MPLS networks using one of three partition modes. The NRP policy
dictates if the partitioning of the shared network resources can be
achieved in (a) just the data plane or in (b) just the control plane
or in (c) both the control and data planes.¶
The NRP policy modes (a) and (c) require the forwarding engine on
each NRP capable node to identify the traffic belonging to a specific
NRP and to apply the corresponding Per-Hop Behavior (PHB) or
forwarding mechanism that determines the forwarding treatment of the
packets belonging to the NRP. When catering to IETF Network Slices,
this NRP identification is referred to as the NRP selector and may
comprises of traffic streams from one or more connectivity constructs
(belonging to one or more IETF network slices) mapped to a specific
NRP. The NRP policy modes (b) and (c) require the
distributed/centralized resource reservation management.¶
The high-level model structure of NRP policy defined by this
document is as shown in Figure 1:¶
The 'networks' container from the 'ietf-network' module [RFC8345] provides a placeholder for an inventory of nodes in
the network. This container is augmented to carry a set of NRP
policies.¶
The 'nrp-policies' container carries a list of NRP policies. Each
'nrp-policy' entry is identified by a name and holds the set of
attributes needed to instantiate an NRP. Each entry also carries an
'nrp-id' leaf which uniquely identifies the NRP created by the
enforcement of this policy.¶
The description of the 'nrp-policies' data nodes are as follows,
and the other key elements of each nrp-policy entry are discussed in
the following sub-sections.¶
'nrp-id': Is an identifier that is used to uniquely identify an
NRP instance within an NSC network scope.¶
'mode': Refers to control plane resource partition, data plane
resource partition, or a combination of both types.¶
The 'resource-reservation' container specifies the bandwidth
resource allocated to an NRP instance, or can be overridden by the
configuration of the link specific 'resource-reservation' nodes of
'nrp-topology'.¶
NRP selector defines the data plane encapsulation types and
values that are used to identify NRP-specific network resources.¶
[I-D.ietf-teas-nrp-scalability] discusses several
candidate NRP selector encapsulation schemes, including IP, MPLS, or
SRv6, for example, the IPv6 Hop-by-Hop extension header defined in
[I-D.ietf-6man-enhanced-vpn-vtn-id], or the SRv6 SID
defined in [I-D.ietf-spring-sr-for-enhanced-vpn].
Since the MPLS encapsulation schemes are still under discussion, the
model only provides a place holder for future updates. Additionally,
the use of NRP-specific IP addresses to identify NRP resources, or
the use of specific ACLs, are optional NRP selector mechanisms.¶
PHB and NRP selector are combined mechanisms. PHB is used to
specify the forwarding treatment of packets belonging to a specific
NRP selector, such as bandwidth control, congestion control (e.g.,
Section 3.4 [RFC3644]). The exact definition of PHB
is locally defined by the device or controller managing the NRPs.
The 'phb-profile' leaf carries a name of a PHB profile available on
the topological element where the policy is being enforced. Some
examples of "phb-probile" may be standard PHBs, such as "Assured
Forwarding (AF)", "Expedited Forwarding (EF)", or a customized local
policies, such as "High", "Low", "Standard".¶
When an NRP support IGP forwarding, the topology of the NRP must
be congruent with an IGP instance.The topology used for IGP route
computation and forwarding can be derived using Multi-Topology
Routing (MTR) or Flex-algo. Multi-Topology Routing (MTR) is defined
in [RFC4915], [RFC5120], and [I-D.ietf-lsr-isis-sr-vtn-mt] or Flex-algo is defined in
[RFC9350].¶
Figure 5 shows an example of NRP-1 enabling
"igp-congruent", which indicates that this NRP instance uses the
same IGP topology with the specified 'multi-topology-id' or
'algo-id'. As illustrated, NRP-1 has different link resource
attributes from those of the IGP, but shares the same the nodes and
termination point (TPs) of the IGP topology.¶
The 'selection' container consists of a list of select subset of
links of an underlay topology or a pre-built topology.¶
The 'filter' container consists of a list of filters where each
entry references a topology filter [I-D.bestbar-teas-yang-topology-filter]. The topological
elements that satisfy the membership criteria can optionally
override the default resource-reservation and nrp-selector specific
leafs.¶
The device-specific NRPs model is defined in module
'ietf-nrp-device' as shown in Figure 10, which
augments NRPs YANG data model in Figure 9 and adds
interface attributes, including resource reservation, NRP selector,
and PHB profile, that are specific to an NRP device.¶
Figure below shows the tree diagram of the device NRPs YANG model
defined in modules 'ietf-nrp-device.yang'.¶
The device NRPs YANG module ('ietf-nrp-device') models augments the
NRPs YANG module ('ietf-nrp') and adds the attributes of NRP interfaces
that are local to an NRP device.¶
The device NRPs YANG module imports the following module(s):
ietf-interfaces defined in [RFC8343], ietf-network
defined in [RFC8345], and grouping defined in this
document.¶
The YANG model defined in this document is designed to be accessed
via network management protocols such as NETCONF [RFC6241] or RESTCONF [RFC8040]. The lowest
NETCONF layer is the secure transport layer, and the
mandatory-to-implement secure transport is Secure Shell (SSH) [RFC6242]. The lowest RESTCONF layer is HTTPS, and the
mandatory-to-implement secure transport is TLS [RFC8446].¶
The NETCONF access control model [RFC8341] provides
the means to restrict access for particular NETCONF or RESTCONF users to
a preconfigured subset of all available NETCONF or RESTCONF protocol
operations and content.¶
There are a number of data nodes defined in this YANG model that are
writable/creatable/deletable (i.e., config true, which is the default).
These data nodes may be considered sensitive or vulnerable in some
network environments. Write operations (e.g., edit-config) to these data
nodes without proper protection can have a negative effect on network
operations.¶
nrp-link: A malicious client could attempt to remove a link from a
topology, add a new link. In each case, the structure of the topology
would be sabotaged, and this scenario could, for example, result in an
NRP topology that is less than optimal.¶
The entries in the nodes above include the whole network
configurations corresponding with the NRP, and indirectly create or
modify the PE or P device configurations. Unexpected changes to these
entries could lead to service disruption and/or network misbehavior.¶
This document registers a URI in the IETF XML registry [RFC3688]. Following the format in [RFC3688],
the following registration is requested to be made:¶
URI: urn:ietf:params:xml:ns:yang:ietf-nrp
Registrant Contact: The IESG.
XML: N/A, the requested URI is an XML namespace.
URI: urn:ietf:params:xml:ns:yang:ietf-nrp-device
Registrant Contact: The IESG.
XML: N/A, the requested URI is an XML namespace.
The authors would like to thank Krzysztof Szarkowicz, Jie Dong, Qin
Wu, Yao Zhao, Zhenbing Li, Ying Cheng, Liyan Gong, and many others for
their helpful comments and suggestions.¶
Xufeng Liu
IBM Corporation
Email: xufeng.liu.ietf@gmail.com
Mohamed Boucadair
Orange
Email: mohamed.boucadair@orange.com
Daniele Ceccarelli
Bin Wen
Comcast
Email: Bin_Wen@cable.comcast.com
Ran Chen
ZTE Corporation
Email: chen.ran@zte.com.cn
Luis M. Contreras
Telefonica
Email: luismiguel.contrerasmurillo@telefonica.com
Ying Cheng
China Unicom
Email: chengying10@chinaunicom.cn
Liyan Gong
China Mobile
Email: gongliyan@chinamobile.com
Raza, S., Agarwal, S., Liu, X., Hu, Z., Hussain, I., Shah, H. C., Voyer, D., Matsushima, S., Horiba, K., Rajamanickam, J., and A. Abdelsalam, "YANG Data Model for SRv6 Base and Static", Work in Progress, Internet-Draft, draft-ietf-spring-srv6-yang-02, , <https://datatracker.ietf.org/doc/html/draft-ietf-spring-srv6-yang-02>.
Psenak, P., Mirtorabi, S., Roy, A., Nguyen, L., and P. Pillay-Esnault, "Multi-Topology (MT) Routing in OSPF", RFC 4915, DOI 10.17487/RFC4915, , <https://www.rfc-editor.org/info/rfc4915>.
[RFC5120]
Przygienda, T., Shen, N., and N. Sheth, "M-ISIS: Multi Topology (MT) Routing in Intermediate System to Intermediate Systems (IS-ISs)", RFC 5120, DOI 10.17487/RFC5120, , <https://www.rfc-editor.org/info/rfc5120>.
[RFC6241]
Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed., and A. Bierman, Ed., "Network Configuration Protocol (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, , <https://www.rfc-editor.org/info/rfc6241>.
Liu, X., Qu, Y., Lindem, A., Hopps, C., and L. Berger, "Common YANG Data Types for the Routing Area", RFC 8294, DOI 10.17487/RFC8294, , <https://www.rfc-editor.org/info/rfc8294>.
Bierman, A. and M. Bjorklund, "Network Configuration Access Control Model", STD 91, RFC 8341, DOI 10.17487/RFC8341, , <https://www.rfc-editor.org/info/rfc8341>.
Clemm, A., Medved, J., Varga, R., Bahadur, N., Ananthakrishnan, H., and X. Liu, "A YANG Data Model for Network Topologies", RFC 8345, DOI 10.17487/RFC8345, , <https://www.rfc-editor.org/info/rfc8345>.
Jethanandani, M., Agarwal, S., Huang, L., and D. Blair, "YANG Data Model for Network Access Control Lists (ACLs)", RFC 8519, DOI 10.17487/RFC8519, , <https://www.rfc-editor.org/info/rfc8519>.
[RFC8776]
Saad, T., Gandhi, R., Liu, X., Beeram, V., and I. Bryskin, "Common YANG Data Types for Traffic Engineering", RFC 8776, DOI 10.17487/RFC8776, , <https://www.rfc-editor.org/info/rfc8776>.
Beeram, V. P., Saad, T., Wen, B., Ceccarelli, D., Peng, S., Chen, R., Contreras, L. M., and X. Liu, "YANG Data Model for Network Resource Partition Policy", Work in Progress, Internet-Draft, draft-bestbar-teas-yang-nrp-policy-03, , <https://datatracker.ietf.org/doc/html/draft-bestbar-teas-yang-nrp-policy-03>.
[I-D.ietf-lsr-isis-sr-vtn-mt]
Xie, C., Ma, C., Dong, J., and Z. Li, "Applicability of IS-IS Multi-Topology (MT) for Segment Routing based Network Resource Partition (NRP)", Work in Progress, Internet-Draft, draft-ietf-lsr-isis-sr-vtn-mt-06, , <https://datatracker.ietf.org/doc/html/draft-ietf-lsr-isis-sr-vtn-mt-06>.
Farrel, A., Drake, J., Rokui, R., Homma, S., Makhijani, K., Contreras, L. M., and J. Tantsura, "A Framework for Network Slices in Networks Built from IETF Technologies", Work in Progress, Internet-Draft, draft-ietf-teas-ietf-network-slices-25, , <https://datatracker.ietf.org/doc/html/draft-ietf-teas-ietf-network-slices-25>.
Saad, T., Beeram, V. P., Dong, J., Wen, B., Ceccarelli, D., Halpern, J. M., Peng, S., Chen, R., Liu, X., Contreras, L. M., Rokui, R., and L. Jalil, "Realizing Network Slices in IP/MPLS Networks", Work in Progress, Internet-Draft, draft-ietf-teas-ns-ip-mpls-03, , <https://datatracker.ietf.org/doc/html/draft-ietf-teas-ns-ip-mpls-03>.
Snir, Y., Ramberg, Y., Strassner, J., Cohen, R., and B. Moore, "Policy Quality of Service (QoS) Information Model", RFC 3644, DOI 10.17487/RFC3644, , <https://www.rfc-editor.org/info/rfc3644>.
This section contains an example of an instance data tree in JSON
encoding [RFC7951]. The example below instantiates an NRP
for the topology that is depicted in the following diagram. There are
three nodes, D1, D2, and D3. D1 has three termination points, 1-0-1,
1-2-1, and 1-3-1. D2 has three termination points as well, 2-1-1, 2-0-1,
and 2-3-1. D3 has two termination points, 3-1-1 and 3-2-1. In addition
there are six links, two between each pair of nodes with one going in
each direction.¶
An corresponding IGP congruent NRP instance data tree is depicted
below:¶
In addition, an exampe of an NRP that supports the control plane
partition mode is shown in the following figure.¶
This document is an Internet-Draft (I-D).
Anyone may submit an I-D to the IETF.
This I-D is not endorsed by the IETF and has no formal standing in the
IETF standards process.