IDR C. Lin Internet Draft New H3C Technologies Intended status: Standards Track H. Yao Expires: May 10, 2025 China Mobile November 8, 2024 BGP Flowspec for Computing-Aware Traffic Steering draft-lin-idr-cats-flowspec-ts-01 Abstract A BGP Flow Specification is an n-tuple consisting of several matching criteria that can be applied to IP traffic. Computing-Aware Traffic Steering (CATS) is a framework, This document specifies a new BGP Flow Spec Component Type in order to support CATS traffic forwarding. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on May 10, 2025. Copyright Notice Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Lin, et al. Expires May 2025 [Page 1] Internet-Draft BGP Flowspec for CATS November 2024 Table of Contents 1. Introduction...................................................3 2. Requirements Language..........................................3 3. Terminology....................................................4 4. Flow Specifications for CATS ..................................5 5. Component Type for CATS .......................................5 5.1. CS-ID - Type TBD1.........................................5 6. Traffic Filtering..............................................6 6.1. Traffic Filtering Actions.................................6 7. IANA Considerations............................................6 7.1. Flow Spec Component - CS-ID...............................6 7.2. Extended Community Flow Specification Actions.............6 8. Security Considerations........................................7 9. References.....................................................7 9.1. Normative References......................................7 Authors' Addresses................................................8 Lin, et al. Expires May 2025 [Page 2] Internet-Draft BGP Flowspec for CATS November 2024 1. Introduction A Flow Specification (Flow Spec) is an n-tuple consisting of several matching criteria that can be applied to IP traffic [RFC8955]. The Flow Spec conveys match conditions (each may include several components) which are encoded using MP_REACH_NLRI and MP_UNREACH_NLRI attributes [RFC4760], while the associated actions such as redirect and traffic marking are encoded in BGP Extended Communities [RFC4360][RFC5701]. The IPv4 NLRI component types and traffic filtering actions sub-types are described in [RFC8955], while the IPv6 related are described in [RFC8956]. [I-D.ietf-idr-flowspec-l2vpn] extends the flow-spec rules and actions for Ethernet Layer 2 and L2VPN. The corresponding (AFI, SAFI) pairs are defined by IANA, respectively. [I-D.hares-idr- flowspec-v2] specifies BGP Flow Specification Version 2. Computing-Aware Traffic Steering (CATS) is introduced in [draft- ldbc-cats-framework-05]. The CS-ID is a globally unique object in the network, which can be a server's IP address, an SR label, or a simple unsigned numerical value. In CATS network, the C-PS component performs path selection based on the CS-ID and forwards service traffic according to the selected path. This document specifies a new BGP Flow Spec Component Type to support CATS traffic filtering. Traffic is classified and mapped to the corresponding CS-ID using BGP Flow Spec rules, and path selection is then performed based on the CS-ID. BGP Flow Spec implements functions similar to the C-TC component. On the other hand, BGP Flow Spec can also use CS-ID as a filtering criterion. For the matched traffic, it forwards based on the actions specified by BGP Flow Spec, replacing the path selection function of C-PS. It also specifies traffic filtering actions to enable the creation of the CS-ID in the outer tunnel encapsulation when matched to the corresponding Flow Spec rules. 2. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in Lin, et al. Expires May 2025 [Page 3] Internet-Draft BGP Flowspec for CATS November 2024 BCP 14 RFC 2119 [RFC2119] RFC 8174 [RFC8174] when, and only when, they appear in all capitals, as shown here. 3. Terminology This document makes use of the following terms: Client: An endpoint that is connected to a service provider network. Computing-Aware Traffic Steering (CATS): A traffic engineeringapproach [I-D.ietf-teas-rfc3272bis] that takes into account the dynamic nature of computing resources and network state to optimize service-specific traffic forwarding towards a given service contact instance. Various relevant metrics may be used to enforce such computing-aware traffic steering policies. CATS Service ID (CS-ID): An identifier representing a service. CATS-Forwarder: A network entity that makes forwarding decisions based on CATS information to steer traffic specific to a service request towards a corresponding yet selected service contact instance. The selection of a service contact instance relies upon a multi-metric path computation. Ingress CATS-Forwarder: An entity that steers service- specifictraffic along a CATS-computed path that leads to an Egress CATS-Forwarder that connects to the most suitable service site that host the service contact instance selected to satisfy the initial service request. Egress CATS-Forwarder: An entity that is located at the end of a CATS-computed path and which connects to a CATS-serviced site. CATS Path Selector (C-PS): A functional entity that computes and selects paths towards service locations and instances and which accommodates the requirements of service requests. Such a path computation engine takes into account the service and network status information. CATS Network Metric Agent (C-NMA): A functional entity that is responsible for collecting network capabilities and status, and for reporting them to a C-PS. CATS Traffic Classifier (C-TC): A functional entity that is responsible for determining which packets belong to a traffic flow for a particular service request. It is also responsible for Lin, et al. Expires May 2025 [Page 4] Internet-Draft BGP Flowspec for CATS November 2024 forwarding such packets along a C-PS computed path that leads to the relevant service contact instance. Flow Spec: Flow Specification BGP-FS: Border Gateway Protocol (BGP) Flow Specification (FS) 4. Flow Specifications for CATS The Flow Spec for CATS is shown in Figure 1, that is, the Controller is used to set up BGP connection with the policy enforcement points in CATS network. +------------------+ /------| Controller |-----\ / +------------------+ \ +------+ FS / | \ FS +------+ |Client|-\ / FS FS FS \ /-|Server| +------+ \ +-/------+ +--/------|------\-----+ +--\-----+ / +------+ \-|Ingress | | | |Egress |-/ |CATS-FWD|--| CATS Network |--|CATS-FWD| /-| | | | | |-\ +------+ / +--------+ +----------------------+ +--------+ \ +------+ |Client|-/ \-|Server| +------+ +------+ Figure 1. Flow Spec for CATS 5. Component Type for CATS The IPv4 NLRI component types are defined in [RFC8955], while the IPv6 related are specified in [RFC8956]. This document defines a new component type for CATS. After C-TC performs traffic classification and maps the corresponding CS-ID, and before the original action of path selection via C-PS based on CS-ID, Ingress CATS-Forwarder first searches for Flow-Spec routes based on the CS-ID. If a match is found, the traffic is forwarded directly according to the Flow-Spec route. 5.1. CS-ID - Type TBD1 Encoding: Defines the CS-ID to match. type (1 octet): This indicates the new component type TBD1. Lin, et al. Expires May 2025 [Page 5] Internet-Draft BGP Flowspec for CATS November 2024 length (1 octet): This indicates the length of the CS-ID. CS-ID (variable): This indicates the CS-ID that is used for the match. 6. Traffic Filtering On the Ingress CATS-Forwarder, before performing traffic classification, the traffic is filtered based on the traffic characteristics according to BGP Flow-Spec rules. If a corresponding rule is matched, the traffic is then mapped to the corresponding CS- ID. The actions are defined in this section. 6.1. Traffic Filtering Actions +==================+=====================+========================+ | Community 0xttss | action | encoding | | Sub-Type | | | +==================+=====================+========================+ | TBD2 | traffic-marking-cats|CS-ID | +------------------+---------------------+------------------------+ 7. IANA Considerations 7.1. Flow Spec Component - CS-ID. IANA is requested to assign a value in the Flow Specification Component Types Registry as follows: +=======+====================+===============+ | Value | Name | Reference | +=======+====================+===============+ | TBD1 | CS-ID | This document | +-------+--------------------+---------------+ 7.2. Extended Community Flow Specification Actions The Extended Community Flow Specification Actions are defined in this document and it is requested that corresponding Sub-Types as shown in the following table be assigned. Lin, et al. Expires May 2025 [Page 6] Internet-Draft BGP Flowspec for CATS November 2024 +============+==============================+===============+ | Sub-Type | Name | Reference | | Value | | | +============+==============================+===============+ | TBD2 | traffic-marking-cats | This document | +------------+------------------------------+---------------+ 8. Security Considerations TBD 9. References 9.1. Normative References TBD Lin, et al. Expires May 2025 [Page 7] Internet-Draft BGP Flowspec for CATS November 2024 Authors' Addresses Changwang Lin New H3C Technologies China Email: linchangwang.04414@h3c.com Huijuan Yao China Mobile No.32 XuanWuMen West Street Beijing 100053 China Email: yaohuijuan@chinamobile.com Lin, et al. Expires May 2025 [Page 8]