| Internet-Draft | MSPL for FA | July 2022 |
| Kompella, et al. | Expires 9 January 2023 | [Page] |
The MPLS architecture introduced Special Purpose Labels (SPLs) to indicate special forwarding actions and offered a few simple examples, such as Router Alert. In the two decades since the original architecture was crafted, the range, complexity and sheer number of such actions has grown; in addition, there now is need for "associated data" for some of the forwarding actions. Likewise, the capabilities and scale of forwarding engines has also improved vastly over the same time period. There is a pressing need to match the needs with the capabilities to deliver the next generation of MPLS architecture.¶
In this memo, we propose an alternate mechanism whereby a single SPL can encode multiple forwarding actions and carry data (if any) associated with the actions, some in the label stack and some after the label stack. This proposal also solves the problem of scarcity of base SPLs.¶
As proof of its utility and flexibility, this approach can immediately address several use cases:¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 9 January 2023.¶
Copyright (c) 2022 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
Base Special Purpose Labels (bSPLs) [RFC3031], [RFC7274], [RFC9017] are a precious commodity; there are only 16 such values, of which 8 have already been allocated. There are currently five requests for bSPLs that the authors are aware of; this document proposes another use case for a bSPL, in all consuming nearly all the remaining values. This document suggests a method whereby a single bSPL can be used for all the purposes currently requested. This leads to perhaps the more valuable long-term contribution of this document: an approach to the definition and use of bSPLs (and SPLs in general) whereby a single value can be used for multiple purposes, and provide a flexible yet efficient means of carrying associated data.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
This section (to be removed before publication) offers highlights from the draft's revision history.¶
This document proposes the use of a single bSPL to tell routers one or more forwarding actions they should take on a packet, e.g.:¶
This bSPL is called the "Forwarding Actions Indicator" (FAI). There are other suggestions for this name, including "Network Functions Indicator" and "Network Actions Indicator". We'll let WG consensus determine the final choice of name, but for now, we'll continue to use FAI.¶
The FAI uses the label's TC bits and TTL field to inform the forwarding plane of the required actions. Each of these actions may have associated data. This data may be carried in the label stack as "In-Stack Data" (ISD) or after the label stack as "Post-Stack Data" (PSD).¶
The design of the bSPL hinges on two key insights: forwarding engines do not interpret the TC bits or the TTL field for labels that are not at the top of the label stack (ToS); nor do they do so for SPLs. For non-ToS labels, the important bit fields are the label value field (to compute entropy and identify SPLs) and the End of Stack (S) bit (to know when the label stack ends). [If you know of a forwarding engine that looks at other bit fields of labels below the ToS, please contact the authors.] This means that for a bSPL that will never appear at the ToS, the TC bits and the TTL bits can be used to carry additional information. Furthermore, for the ISD, the entire 4-octet label stack entry, the S bit excepted, can be used to carry data. We use this technique to make the FAI bSPL multipurpose, and to make the ISD words compact and efficient.¶
A pertinent question is when one should put data in the ISD versus in the PSD. One alternative is to put all such data in the PSD. However, this would mean that accessing such information would require finding the End of Stack, and parsing the PSD. For certain types of data, this would be a severe burden on the packet forwarding engine. Examples of such data are the Entropy label (needed for efficient load balancing) and the G-FAS (needed for accurate packet forwarding). Having any of this data in the PSD would hurt forwarding performance.¶
This memo suggests that data that is required for accurate and optimal forwarding should be put in the ISD, and data that is optional from a forwarding point of view should be put in the PSD. Furthermore, each flag bit should have no more than one word of associated ISD. The EG flag can thus have up to 2 words of associated data.¶
By the above criteria, this memo suggests that in-situ OAM data and the Flow ID be carried in the PSD.¶
The format of a label stack that includes an FAI has the structure:¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | (previous labels) (one or more LSEs) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Forwarding Actions Indicator (one LSE) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | In-Stack Data Header (zero or one LSE) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Forwarding Actions Data (zero to two LSEs) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Standard In-Stack Data (zero or more LSEs) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | User-defined In-Stack Data (zero or more LSEs) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | (other labels) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Post-stack data (zero or more words) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Payload | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+¶
The flags and data associated with the FAI come in three forms:¶
The format of the PSD is out of scope for this document.¶
The format of the FAI LSE is:¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Forwarding Actions Indicator |I|h|R|S|Flags| Tsize | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The FAI LSE's label value MUST be the IANA allocated value. The remaining fields are defined as follows:¶
If the I flag is set, the label stack contains an In-Stack Data Header (ISDH) following a FAI LSE. The format of the ISDH is:¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Ssize | sISD Flags | Usize |S| uISD Flags | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The fields in the Forwarding Actions Header are:¶
This document defines the following Forwarding Action Flags.¶
If set, do not perform fast re-route on this traffic.¶
These are two flags that have joint semantics:¶
0, 1, or 2 ISD LSEs, depending on the values of the flags:¶
Here's how the Standard ISD is parsed. One must keep track of Ssize to know when the Standard ISD data ends, and the S bit to know when the stack ends. The Standard ISD data appears in the order of the corresponding flags.¶
It is an error if the label stack ends while there are more ISD words to process.¶
Process Forwarding Actions Flags and Data:¶
Note that how the uISD is used is not defined here; this is up to the user. All that is included here is how a forwarding engine can tell the size of uISD.¶
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
TC S TTL
----- ---------------
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Tunnel Label-1 | TC |0| TTL |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Tunnel Label-2 | TC |0| TTL |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Forwarding Actions Indicator |0|1|0|0|1|0|1|0|0|0|0|1|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Entropy | G-FAS ... |0| ... |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| VPN Label | TC |1| TTL |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|b b b b| PSD |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| real payload starts ...
I = 0: there is no ISDH.
h = 1: There is hop-by-hop PSD.
R = 0: Ignore.
N = 1: NFFRR is set.
EG = 01: ISD 0 contains a 16-bit Entropy label and a 15-bit G-FAS.
Tsize = 1: The FAI block consists of 1 LSE beyond the FAI LSE.
The real payload starts after the PSD.¶
This section captures issues to be resolved, in this memo and others. As the issues are fixed, they should be removed from here; ideally, this section should be empty before publication.¶
As was said earlier, the FAI MUST NOT be at the top of stack, since its TC and TTL bits have been repurposed. There are two ways to prevent this. If an LSR X pops a label and the next label is the FAI, X MUST pop Tsize LSEs to remove the FAI LSE and associated data. This implies that the LSR MUST be able to recognize the FAI LSE and at least parse the Tsize field. This can be used in conjunction with Section 5.2.¶
In case it is desired to preserve the FAI+FAD until the egress, X should push an explicit NULL (label value 0 or 2) onto the stack above the FAI, with the correct TC and TTL values.¶
Other options may be pursued; however, we believe this is an adequate resolution.¶
For LSRs which cannot parse the entire label stack, or would prefer not to unless needed, it is possible to repeat the FAI at "readable stack depth" (rsd). Say the rsd is 10 LSEs, and the FAI block contains 3 LSEs. Then, the FAI block can be repeated every 7 labels, allowing all forwarding engines in the path to process it. When a forwarding label is popped and the FAI block exposed, it is deleted in its entirety, since the same (or potentially different) FAI block is again within the rsd.¶
Other options were considered in [RFC8662], Section 10, and are discussed briefly in Section 8.¶
Currently, CW, ...¶
The format of the PSD, whether or not a Control Word is present, and handling of the first nibble, is outside the scope of this document. The FAI will not contain details about the contents of the PSD, besides the single flag on whether or not the PSD contains information relevant to (most) intermediate hops. It is assumed that another memo will document the format of the PSD, and that that memo will provide a means of parsing the PSD (e.g., a TLV structure) and thus determining its contents.¶
The PSD memo should also comment on the impact of processing the PSD on forwarding performance, especially in the case of hop-by-hop info.¶
Network slicing is an important ongoing effort both for network design, as well as for standardization, in particular at the IETF [I-D.nsdt-teas-ns-framework]. A key issue is identifying which slice a packet belongs to, by means of a "slice selector" carried in the packet header. [I-D.ietf-teas-ns-ip-mpls] describes several such methods for MPLS networks, of which the Global Identifier for Flow-Aggregate Selector (G-FAS) is one of the more practical solutions. This document shows how to realize the G-FAS using a base special purpose label (bSPL).¶
In MPLS networks, a G-FAS is a data plane construct identifying packets belonging to a slice aggregate (the set of packets that belong to the slice). The G-FAS dictates forwarding actions for the slice aggregate: QoS behavior and next hop selection. The purpose of the G-FAS is detailed in [I-D.ietf-teas-ns-ip-mpls]. To embed a G-FAS in a label stack, one must preface it with a bSPL identifying it as such. For reasons that will become apparent, this bSPL is called the Forwarding Actions Indicator (FAI).¶
Many thanks to Colby Barth, Chandra Ramachandran and Srihari Sangli for their contributions to this draft.¶
We'd like to acknowledge the helpful discussions with Swamy SRK and folks from the Broadcom team on the impacts to existing and future forwarding engines.¶
If this draft is deemed useful and adopted as a WG document, the authors request the allocation of a bSPL for the FAI. We suggest the early allocation of label 8 for this.¶
A new registry is needed for the allocation of the Forwarding Action flags. This registry should be called the "Forwarding Action Flags Registry" within the "Multiprotocol Label Switching Architecture (MPLS)" protocol registry. The policy for allocating new flags is Standards Action. Each flag MUST have a name, a brief description and the length of the associated ISD. IANA should allocate an index for each flag, starting with zero.¶
The initial contents of the registry should contain:¶
| Name | Indices | Reference |
|---|---|---|
| No Further Fast Re-Route | 0 | This document |
| Entropy and Slice information | 1, 2 | This document |
A malicious or compromised LSR can insert the FAI and associated data into a label stack, preventing (for example) FRR from occurring. If so, protection will not kick in for failures that could have been protected, and there will be unnecessary packet loss. Similarly, inserting or removing a Fragmentation Header means that a packet's contents cannot be accurately reconstructed. Inserting or changing a G-FAS means that the packet will be misclassified, perhaps leaving or entering a high-value slice and causing damage.¶