Using IS-IS Multi-Topology (MT) for Segment Routing based Virtual Transport Network

Enhanced VPN (VPN+) is an enhancement to VPN services to support the needs of existing and emerging applications, particularly the applications that are associated with 5G services. These applications require enhanced isolation and have more stringent performance requirements than that can be provided with traditional overlay VPNs. Thus these properties require integration between the underlay and the overlay networks. specifies the framework of enhanced VPN and describes the candidate component technologies in different network planes and network layers. VPN+ can be used to deliver IETF network slice services , but could also be of use in its own right providing enhanced connectivity services between customer sites. To meet the requirement of VPN+ services, a number of virtual transport networks (VTN) can be created, each with a subset of network resources allocated on network nodes and links in a customized topology of the physical network. A VTN could be used as the underlay to meet the requirement of one or a group of VPN+ services. Another possible approach is to create a set of point-to-point paths, each with a set of network resources reserved along the path, such paths are called Virtual Transport Path (VTP). Although using a set of dedicated VTPs can provide similar characteristics as a VTN, it has some scalability issues due to the per-path state in the network. introduces resource awareness to Segment Routing (SR) . The resource-aware SIDs have additional semantics to identify the set of network resources available for the packet processing action associated with the SIDs. As described in , the resource-aware SIDs can be used to build SR based VTNs with the required network topology and network resource attributes to support VPN+ services. With segment routing based data plane, Segment Identifiers (SIDs) can be used to represent both the topological instructions and the set of network resources allocated by network nodes to a VTN. The SR SIDs and the associated topology and resource attributes of a VTN need to be distributed using control plane. defines the IGP mechanisms with necessary extensions to provide scalable Segment Routing (SR) based VTNs. The VTNs could be used as the underlay of the VPN+ service. The mechanism described in allows flexible combination of the topology and resource attribute to build a relatively large number of VTNs. In some network scenarios, the required number of VTNs could be small, and it is assumed that each VTN is associated with an independent topology and has a set of dedicated or shared network resources. This document describes a simplified mechanism to build SR based VTNs in those scenarios. The resource-aware segments can be used with this approach to provide resource guaranteed SR VTNs, while the normal SR segments may also be used to provide SR VTNs with shared network resources in the forwarding plane. The proposed approach is to use IS-IS Multi-Topology with segment routing to define the independent network topology of each VTN. The network resources and other TE attributes of a VTN can be advertised using IS-IS MT with the Traffic Engineering (TE) extensions defined in and .

IS-IS Multi-Topology Routing (MTR) has been defined to create independent topologies in one network. In , MT-based TLVs are introduced to carry topology-specific link-state information. The MT-specific Link or Prefix TLVs are defined by adding additional two bytes, which includes 12-bit MT-ID field in front of the ISN TLV and IP or IPv6 Reachability TLVs. This provides the capability of specifying the customized attributes of each topology. When each VTN is associated with an independent network topology, MT-ID could be used as the identifier of VTN in control plane. MTR can be used with segment routing based data plane. Thus the topology attribute of an SR based VTN could be advertised using MTR with segment routing. The IS-IS extensions to support the advertisement of topology-specific MPLS SIDs are specified in . Topology-specific Prefix-SIDs can be advertised by carrying the Prefix-SID sub-TLVs in the IS-IS TLV 235 (MT IP Reachability) and TLV 237 (MT IPv6 IP Reachability). Topology-specific Adj-SIDs can be advertised by carrying the Adj-SID sub-TLVs in IS-IS TLV 222 (MT-ISN) and TLV 223 (MT IS Neighbor Attribute). The topology-specific Prefix-SIDs and Adj-SIDs can be resource-aware segments or normal SR segments. The IS-IS extensions to support the advertisement of topology-specific SRv6 Locators and SIDs are specified in . The topology-specific SRv6 locators are advertised using SRv6 Locator TLV, and SRv6 End SIDs inherit the MT-ID from the parent locator. The topology-specific End.X SID are advertised by carrying SRv6 End.X SID sub-TLVs in the IS-IS TLV 222 (MT-ISN) and TLV 223 (MT IS Neighbor Attribute). The topology-specific SRv6 locators can be resource-aware locator or normal SRv6 locator, and accordingly the topology-specific SRv6 SIDs can be resource-aware SRv6 segments or normal SRv6 segments.

In order to perform constraint based path computation for each VTN on the network controller or on the ingress nodes, the network resource attributes and other attributes associated with each VTN need to be advertised.

On each network link, the information of the network resources and other attributes associated with a VTN can be specified by carrying the TE attributes sub-TLVs and in the IS-IS TLV 222 (MT-ISN) and TLV 223 (MT IS Neighbor Attribute) of the corresponding topology. When Maximum Link Bandwidth sub-TLV is carried in the MT-ISN TLV of a topology, it indicates the amount of link bandwidth allocated to the corresponding VTN. The bandwidth allocated to a VTN can be exclusive for services carried in the corresponding VTN. The usage of other TE attributes in topology-specific TLVs is for further study. Editor's note: It is noted that carrying per-topology TE attributes was considered as a possible feature in future when the encoding of IS-IS multi-topology was defined in .

For SR-MPLS data plane, the Adj-SIDs and Prefix-SIDs associated with the same VTN can be used together to build SR-MPLS paths with the topological and resource constraints of the VTN taken into consideration. A Prefix-SID is associated with the paths calculated in the corresponding topology of the VTN. An outgoing interface is determined for each path. In addition, the resource-aware prefix-SID can steer the traffic to use the subset of network resources allocated to the VTN on the outgoing interface for packet forwarding. A forwarding entry is installed in the forwarding plane using the MPLS label that corresponds to the Prefix-SID associated with the topology corresponding to the VTN. A resource-aware Adj-SID is associated with a subset of network resources allocated to the VTN on the link it identifies, and can be used together with the prefix-SIDs of the same VTN to build SR-MPLS TE paths of the VTN. For SRv6 data plane, the SRv6 SIDs associated with the same VTN can be used together to build SRv6 paths with the topological and resource constraints of the VTN taken into consideration. An SRv6 Locator is a prefix which is associated with the paths calculated in the corresponding topology of the VTN. An outgoing interface is determined for each path. In addition, the resource-aware SRv6 Locator prefix also steers the traffic to use the subset of network resources which are allocated to the VTN on the outgoing interface for packet forwarding. A forwarding entry for the SRv6 Locator prefix is installed in the forwarding plane for the topology corresponding to the VTN. A resource-aware End.X SID is associated with a subset of network resources allocated to the VTN on the link it identifies, and can be used together with other types of SRv6 SIDs of the same VTN to build SRv6 TE paths of the VTN.

The mechanism described in this document assumes that each VTN is associated with a unique multi-topology, so that the MT-IDs can be reused to identify the VTNs in the control plane. While this brings the benefit of simplicity, it also has some limitations. For example, it means that even if multiple VTNs share the same topology, they would still need to be identified using different MT-IDs in the control plane, then independent path computation needs to be executed for each VTN. Thus the number of VTNs supported in a network may be dependent on the number of topologies supported, which is related to both the number of topologies supported in the protocol and the control plane overhead which the network nodes could afford. The mechanism described in this document is applicable to network scenarios where the number of required VTN is relatively small. A detailed analysis about the VTN scalability and the possible optimizations for supporting a large number of VTNs is described in .

This document introduces no additional security vulnerabilities to IS-IS. The mechanism proposed in this document is subject to the same vulnerabilities as any other protocol that relies on IGPs.

This document does not request any IANA actions.

The authors would like to thank Zhibo Hu, Dean Cheng, Les Ginsberg and Peter Psenak for the review and discussion of this document.