Applicability of IS-IS Multi-Topology (MT) for Segment Routing based Network Resource Partition (NRP)

Enhanced VPNs aim to deliver VPN services with enhanced characteristics, such as guaranteed resources, latency, jitter, etc., so as to support customers requirements for connectivity services with these enhanced characteristics. Enhanced VPN requires integration between the overlay VPN connectivity and the characteristics provided by the underlay network. discusses the general framework, components, and interfaces for requesting and operating network slices using IETF technologies. Network slice is considered as one target use case of enhanced VPNs. also introduces the concept of the Network Resource Partition (NRP), which is a subset of the buffer/queuing/scheduling resources and associated policies on each of a connected set of links in an underlay network. An NRP can be associated with a logical network topology to select or specify the set of links and nodes involved. specifies the framework of NRP-based enhanced VPNs and describes the candidate component technologies in different network planes and network layers. An NRP could be used as the underlay to meet the requirement of one or a group of enhanced VPN services. To meet the requirement of enhanced VPN services, a number of NRPs can be created, each with a subset of network resources allocated on network nodes and links in a customized topology of the physical network. introduces resource awareness to Segment Routing (SR) . The resource-aware SIDs have additional semantics to identify the set of network resources available for the packet processing action associated with the SIDs. As described in , the resource-aware SIDs can be used to build SR-based NRPs with the required network topology and network resource attributes to support enhanced VPN services. In an SR-based data plane, Segment Identifiers (SIDs) can be used to represent both the topological instructions and a subset of network resources on the network nodes and links which are allocated to an NRP. The SR SIDs and the associated topology and resource attributes of an NRP need to be distributed using a control plane. In some network scenarios, the required number of NRPs could be small, and it can be assumed that each NRP is associated with an independent topology and has a set of dedicated or shared network resources. For such scenarios, this document describes a simplified mechanism to build SR-based NRPs. It proposes to use IS-IS Multi-Topology with segment routing to define the independent network topology of each NRP. The network resources and other TE attributes of an NRP can be advertised using IS-IS MT with the Traffic Engineering (TE) extensions defined in and . The resource-aware segments can be used with this approach to provide resource-guaranteed SR-based NRPs, while the normal SR segments may also be used to provide SR-based NRPs with shared network resources in the forwarding plane. Alternate enhancements will be proposed to provide a flexible combination of the topology and resource attribute to build a relatively large number of NRPs. The detailed mechanism is out of the scope of this document.

As each SR-based NRP is associated with a network topology, the topology attribute and SR SIDs of NRPs need to be advertised, so that the SR shortest path could be calculated using the topology of the corresponding NRP. In this document, IS-IS MT and IS-IS SR are reused for advertising the topology and SR SIDs of NRPs. IS-IS Multi-Topology (MT) has been defined to create independent topologies in one network. In , MT-based TLVs are introduced to advertise topology-specific link-state information. The MT-specific Link or Prefix TLVs are defined by adding additional two bytes, which includes 12-bit MT-ID field in front of the ISN TLV and IP or IPv6 Reachability TLVs. This provides the capability of specifying the customized attributes of each topology. When each NRP is associated with an independent network topology, MT-ID could be used as the identifier of NRP in the control plane. IS-IS MT can be used with segment routing based data plane. Thus the topology attribute of an SR based NRP could be advertised using MT with segment routing. The IS-IS extensions to support the advertisement of topology-specific MPLS SIDs are specified in . Topology-specific Prefix-SIDs can be advertised by carrying the Prefix-SID sub-TLVs in the IS-IS TLV 235 (MT IP Reachability) and TLV 237 (MT IPv6 IP Reachability). Topology-specific Adj-SIDs can be advertised by carrying the Adj-SID sub-TLVs in IS-IS TLV 222 (MT-ISN) and TLV 223 (MT IS Neighbor Attribute) . The topology-specific Prefix-SIDs and Adj-SIDs can be resource-aware segments or normal SR segments. The IS-IS extensions to support the advertisement of topology-specific SRv6 Locators and SIDs are specified in . The topology-specific SRv6 locators are advertised using SRv6 Locator TLV, and SRv6 End SIDs inherit the MT-ID from the parent locator. The topology-specific End.X SID are advertised by carrying SRv6 End.X SID sub-TLVs in the IS-IS TLV 222 (MT-ISN) and TLV 223 (MT IS Neighbor Attribute). The topology-specific SRv6 locators can be resource-aware locator or normal SRv6 locator, and accordingly the topology-specific SRv6 SIDs can be resource-aware SRv6 segments or normal SRv6 segments.

In order to perform constraint based path computation for each NRP on the network controller or on the ingress nodes, the network resource attributes and other attributes associated with each NRP need to be advertised. In this document, IS-IS MT is reused to advertise topology-specific TE attributes for different NRPs. On each network link, the information of the network resources and other attributes associated with an NRP can be specified by advertising the TE attributes sub-TLVs and in the IS-IS TLV 222 (MT-ISN) and TLV 223 (MT IS Neighbor Attribute) of the corresponding topology. When Maximum Link Bandwidth sub-TLV is advertised in the MT-ISN TLV of a topology, it indicates the amount of link bandwidth allocated to the corresponding NRP. The bandwidth allocated to an NRP can be exclusive for services utilizing the corresponding NRP. The usage of other TE attributes in topology-specific TLVs is out of the scope of this document. Editor's note: It is noted that advertising per-topology TE attributes was considered as a possible feature in future when the encoding of IS-IS multi-topology was defined in .

For SR-MPLS data planes, the Adj-SIDs and Prefix-SIDs associated with the same NRP can be used together to build SR-MPLS paths with the topological and resource constraints of the NRP taken into consideration. A Prefix-SID is associated with the paths calculated in the topology corresponding to the NRP. An outgoing interface is determined for each path. In addition, the resource-aware prefix-SID can steer the traffic to use the subset of network resources allocated to the NRP on the outgoing interface for packet forwarding. A forwarding entry is installed in the forwarding plane using the MPLS label that corresponds to the Prefix-SID associated with the topology corresponding to the NRP. A resource-aware Adj-SID is associated with a subset of network resources allocated to the NRP on the link it identifies, and can be used together with the prefix-SIDs of the same NRP to build SR-MPLS TE paths using the NRP. For SRv6 data planes, the SRv6 SIDs associated with the same NRP can be used together to build SRv6 paths with the topological and resource constraints of the NRP taken into consideration. An SRv6 Locator is a prefix which is associated with the paths calculated in the topology corresponding to the NRP. An outgoing interface is determined for each path. In addition, the resource-aware SRv6 Locator prefix also steers the traffic to use the subset of network resources which are allocated to the NRP on the outgoing interface for packet forwarding. A forwarding entry for the SRv6 Locator prefix is installed in the forwarding plane for the topology corresponding to the NRP. A resource-aware End.X SID is associated with a subset of network resources allocated to the NRP on the link it identifies, and can be used together with other types of SRv6 SIDs of the same NRP to build SRv6 TE paths using the NRP.

The mechanism described in this document assumes that each NRP is associated with a unique multi-topology, so that the MT-IDs can be reused to identify the NRPs in the control plane. While this brings the benefit of simplicity, it also has some limitations. For example, it means that even if multiple NRPs share the same topology, they would still need to be identified using different MT-IDs in the control plane, then independent path computation needs to be executed for each NRP. Thus the number of NRPs supported in a network may be dependent on the number of topologies supported, which is related to both the number of topologies supported in the protocol and the control plane overhead which the network nodes could accomodate. The mechanism described in this document is considered useful for network scenarios in which the required number of NRPs is small, as no control protocol extension is required. For network scenarios where the number of required NRPs is large, more scalable solution would be needed, which may require further protocol extensions and enhancements. A detailed analysis about the NRP scalability and the possible optimizations for supporting a large number of NRPs is described in .

This document introduces no additional security vulnerabilities to IS-IS. The mechanism proposed in this document is subject to the same vulnerabilities as any other protocol that relies on IGPs.

This document does not request any IANA actions.

The authors would like to thank Zhibo Hu, Dean Cheng, Les Ginsberg, Peter Psenak, Daniele Ceccarelli, Jia He, Xuesong Geng and Acee Lindem for the review and discussion of this document.