PCEP Extension for Tunneled Flow Specification

Introduction The description of traffic flows by the combination of multiple Flow Specification components and their dissemination as traffic flow specifications (Flow Specifications) is described for BGP in . In BGP, a Flow Specification is comprised of traffic filtering rules and is associated with actions to perform on the packets that match the Flow Specification. The BGP routers that receive a Flow Specification can classify received packets according to the traffic filtering rules and can direct packets based on the associated actions. specifies version 2 of the BGP flow specification protocol that resolves some of the issues with version 1. When a PCE is used to initiate tunnels (such as TE-LSPs or SR paths) using PCEP, it is important that the head end of the tunnels understands what traffic to place on each tunnel. The data flows intended for a tunnel can be described using Flow Specification components. When PCEP is in use for tunnel initiation, it makes sense for that same protocol to be used to distribute the Flow Specification components that describe what data is to flow on those tunnels. specifies a set of extensions to PCEP to support the dissemination of Flow Specification components. It includes the creation, update, and withdrawal of Flow Specifications via PCEP. It can be applied to tunnels initiated by the PCE or to tunnels where control is delegated to the PCE by the PCC. Furthermore, a PCC requesting a new path can include Flow Specifications in the request to indicate the purpose of the tunnel allowing the PCE to factor this into the path computation. further extends the support for Ethernet Layer 2 (L2) and Layer 2 Virtual Private Network (L2VPN) traffic filtering rules in PCEP Flow Specifications. defines a BGP flowspec extension to disseminate tunneled traffic filtering rules and flow specification components are specified for certain tunneling header fields. This document extends the same support for PCEP by defining a new Tunneled Flow Filter TLV to be carried within the FLOWSPEC object. The context and the procedures for the use of Flow Specifications are as per .

Terminology This document uses the following terms defined in : PCC, PCE, PCEP Peer. The following term from is used frequently throughout this document: A Flow Specification is an n-tuple consisting of several matching criteria that can be applied to IP traffic. A given IP packet is said to match the defined Flow Specification if it matches all the specified criteria. Its usage in PCEP is further clarified in .

Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here.

As per , to carry Flow Specifications in PCEP messages, a PCEP object called the PCEP FLOWSPEC object is defined. To describe a traffic flow, a PCEP TLV called the Flow Filter TLV is also defined. This document extends the support for tunneled flow specifications by creating a new PCEP TLV called Tunneled Flow Filter TLV and updating the processing rules. The PCEP FLOWSPEC object carries a FlowSpec filter rule encoded in a TLV. To describe a traffic flow based on the fields of the tunnel encapsulation, a new Tunneled Flow Filter TLV is introduced by this document. The PCEP FLOWSPEC object could carry no TLV or any combination of its TLVs, i.e., Flow Filter TLV, L2 Flow Filter TLV and Tunneled Flow Filter TLV (this document), and TLV of the same type can only appear at most once in the object. At most one Tunneled Flow Filter TLV MAY be included in the PCEP FLOWSPEC object. The TLV is OPTIONAL when the R (remove) bit is set in the object. At least one Flow Filter TLV or one L2 Flow Filter TLV or one Tunneled Flow Filter TLV MUST be present when the R bit is clear. If all the TLVs are missing when the R bit is clear, the PCEP peer MUST respond with a PCErr message with Error-Type 30 (FlowSpec Error) and Error-value 2 (Malformed FlowSpec). When filtering is based on the tunneling header fields and the L3 or L2 fields of the flow, a Flow Filter TLV or an L2 Flow Filter TLV(or both of them) MAY be present together with the Tunneled Flow Filter TLV. The Tunneled TLV follows the format of all PCEP TLVs as defined in . The Type field values come from the codepoint space for PCEP TLVs and has the value TBA1. The value field of Tunneled Flow Filter TLV contains one or more sub-TLVs (), and they are specified for certain tunneling header fields. The rest of the procedures are same as .

The Tunneled Flow Filter TLV carries one or more Tunneled Flow Specification TLVs. The Tunneled Flow Specification TLV follows the format of all PCEP TLVs as defined in . However, the Type values are selected from a separate IANA registry (see ) rather than from the common PCEP TLV registry. Type values are chosen so that there can be commonality with Tunneled Flow Specifications defined for use with BGP . This is possible because the BGP Flow Spec encoding uses a single octet to encode the type whereas PCEP uses two octets. Thus the space of values for the Type field is partitioned as shown in .

is the reference for the registry "Tunneled Flow Spec Component Types" and defines the allocations it contains. The content of the Value field in each TLV is specific to the type and describes the parameters of the Flow Specification. The definition of the format of many of these Value fields is inherited from BGP specifications. Specifically, the inheritance is from , but may also be inherited from future BGP specifications. When multiple Tunneled Flow Specification TLVs are present in a single Tunneled Flow Filter TLV, they are combined to produce a more detailed specification of a flow. Similarly, when one of or both the Flow Filter TLV and L2 Flow Filter TLV are present together with Tunneled Flow Filter TLV, they are combined to produce a more detailed specification of a flow. An implementation that receives a PCEP message carrying a Tunneled Flow Specification TLV with a type value that it does not recognize or does not support MUST respond with a PCErr message with Error-Type 30 (FlowSpec Error) and Error-value 1 (Unsupported FlowSpec) and MUST NOT install the Flow Specification. All Tunneled Flow Specification TLVs with Types in the range 0 to 255 have their Values interpreted as defined for use in BGP (for example, in ) and are set using the BGP encoding, but without the type octet (the relevant information is in the Type field of the TLV). The Value field is padded with trailing zeros to achieve 4-byte alignment. This document defines no new types.

IANA maintains the "Path Computation Element Protocol (PCEP) Numbers" registry. This document requests IANA actions to allocate code points for the protocol elements defined in this document.

IANA maintains a registry called "PCEP TLV Type Indicators" under the "Path Computation Element Protocol (PCEP) Numbers" registry group. IANA is requested to make an assignment from this registry as follows:

IANA is requested to create a new registry called the "PCEP Tunneled Flow Specification TLV Type Indicators" registry. Allocations from this registry are to be made according to the following assignment policies : This document makes no allocations in the newly created registry.

The security considerations in apply to this document as well. No new security issues are introduced to the PCEP protocol by this specification.

describe the management of multiple flowspecs as well as control via configurations and policies. This is applicable to the Tunneled flowspec defined in this document.

The PCEP YANG module would need to be augmented to cover tunneled flowspec.

Mechanisms defined in this document do not imply any new liveness detection and monitoring requirements in addition to those already listed in .

Mechanisms defined in this document do not imply any new operation verification requirements in addition to those already listed in .

Mechanisms defined in this document do not imply any new requirements on other protocols.

Mechanisms defined in this document do not have any new impact on network operations in addition to those already listed in .