Tech-invite3GPPspecsGlossariesIETFRFCsGroupsSIPABNFsWorld Map

RFC 8299

 
 
 

YANG Data Model for L3VPN Service Delivery

Part 4 of 8, p. 47 to 81
Prev Section       Next Section

 


prevText      Top      ToC       Page 47 
6.6.  Deciding Where to Connect the Site

   The management system will have to determine where to connect each
   site-network-access of a particular site to the provider network
   (e.g., PE, aggregation switch).

   The current model defines parameters and constraints that can
   influence the meshing of the site-network-access.

   The management system MUST honor all customer constraints, or if a
   constraint is too strict and cannot be fulfilled, the management
   system MUST NOT provision the site and MUST provide information to
   the user about which constraints could not be fulfilled.  How the
   information is provided is out of scope for this document.  Whether
   or not to relax the constraint would then be left up to the user.

   Parameters such as site location (see Section 6.6.2) and access type
   are just hints (see Section 6.6.3) for the management system for
   service placement.

Top      Up      ToC       Page 48 
   In addition to parameters and constraints, the management system's
   decision MAY be based on any other internal constraints that are left
   up to the SP: least load, distance, etc.

6.6.1.  Constraint: Device

   In the case of provider management or co-management, one or more
   devices have been ordered by the customer to a particular already-
   configured location.  The customer may force a particular site-
   network-access to be connected on a particular device that he
   ordered.

           New York Site

         +------------------+             Site
         | +--------------+ |-----------------------------------
         | | Manhattan    | |
         | |           CE1********* (site-network-access#1) ******
         | +--------------+ |
         | +--------------+ |
         | | Brooklyn  CE2********* (site-network-access#2) ******
         | +--------------+ |
         |                  |-----------------------------------
         +------------------+

   In the figure above, site-network-access#1 is associated with CE1 in
   the service request.  The SP must ensure the provisioning of this
   connection.

6.6.2.  Constraint/Parameter: Site Location

   The location information provided in this model MAY be used by a
   management system to determine the target PE to mesh the site (SP
   side).  A particular location must be associated with each site
   network access when configuring it.  The SP MUST honor the
   termination of the access on the location associated with the site
   network access (customer side).  The "country-code" in the site
   location SHOULD be expressed as an ISO ALPHA-2 code.

   The site-network-access location is determined by the "location-
   flavor".  In the case of a provider-managed or co-managed site, the
   user is expected to configure a "device-reference" (device case) that
   will bind the site-network-access to a particular device that the
   customer ordered.  As each device is already associated with a
   particular location, in such a case the location information is
   retrieved from the device location.  In the case of a customer-

Top      Up      ToC       Page 49 
   managed site, the user is expected to configure a "location-
   reference" (location case); this provides a reference to an existing
   configured location and will help with placement.

                                        POP#1 (New York)
                                     +---------+
                                     |   PE1   |
                Site #1 ---...       |   PE2   |
               (Atlantic City)       |   PE3   |
                                     +---------+

                                        POP#2 (Washington)
                                     +---------+
                                     |   PE4   |
                                     |   PE5   |
                                     |   PE6   |
                                     +---------+

                                        POP#3 (Philadelphia)
                                     +---------+
                                     |   PE7   |
                Site #2 CE#1---...   |   PE8   |
               (Reston)              |   PE9   |
                                     +---------+


   In the example above, Site #1 is a customer-managed site with a
   location L1, while Site #2 is a provider-managed site for which a CE
   (CE#1) was ordered.  Site #2 is configured with L2 as its location.
   When configuring a site-network-access for Site #1, the user will
   need to reference location L1 so that the management system will know
   that the access will need to terminate on this location.  Then, for
   distance reasons, this management system may mesh Site #1 on a PE in
   the Philadelphia POP.  It may also take into account resources
   available on PEs to determine the exact target PE (e.g., least
   loaded).  For Site #2, the user is expected to configure the site-
   network-access with a device-reference to CE#1 so that the management
   system will know that the access must terminate on the location of
   CE#1 and must be connected to CE#1.  For placement of the SP side of
   the access connection, in the case of the nearest PE used, it may
   mesh Site #2 on the Washington POP.

6.6.3.  Constraint/Parameter: Access Type

   The management system needs to elect the access media to connect the
   site to the customer (for example, xDSL, leased line, Ethernet
   backhaul).  The customer may provide some parameters/constraints that
   will provide hints to the management system.

Top      Up      ToC       Page 50 
   The bearer container information SHOULD be the first piece of
   information considered when making this decision:

   o  The "requested-type" parameter provides information about the
      media type that the customer would like to use.  If the "strict"
      leaf is equal to "true", this MUST be considered a strict
      constraint so that the management system cannot connect the site
      with another media type.  If the "strict" leaf is equal to "false"
      (default) and if the requested media type cannot be fulfilled, the
      management system can select another media type.  The supported
      media types SHOULD be communicated by the SP to the customer via a
      mechanism that is out of scope for this document.

   o  The "always-on" leaf defines a strict constraint: if set to true,
      the management system MUST elect a media type that is "always-on"
      (e.g., this means no dial access type).

   o  The "bearer-reference" parameter is used in cases where the
      customer has already ordered a network connection to the SP apart
      from the IP VPN site and wants to reuse this connection.  The
      string used is an internal reference from the SP and describes the
      already-available connection.  This is also a strict requirement
      that cannot be relaxed.  How the reference is given to the
      customer is out of scope for this document, but as a pure example,
      when the customer ordered the bearer (through a process that is
      out of scope for this model), the SP may have provided the bearer
      reference that can be used for provisioning services on top.

   Any other internal parameters from the SP can also be used.  The
   management system MAY use other parameters, such as the requested
   "svc-input-bandwidth" and "svc-output-bandwidth", to help decide
   which access type to use.

6.6.4.  Constraint: Access Diversity

   Each site-network-access may have one or more constraints that would
   drive the placement of the access.  By default, the model assumes
   that there are no constraints, but allocation of a unique bearer per
   site-network-access is expected.

   In order to help with the different placement scenarios, a site-
   network-access may be tagged using one or multiple group identifiers.
   The group identifier is a string, so it can accommodate both explicit
   naming of a group of sites (e.g., "multihomed-set1" or "subVPN") and
   the use of a numbered identifier (e.g., 12345678).  The meaning of
   each group-id is local to each customer administrator, and the
   management system MUST ensure that different customers can use the
   same group-ids.  One or more group-ids can also be defined at the

Top      Up      ToC       Page 51 
   site level; as a consequence, all site-network-accesses under the
   site MUST inherit the group-ids of the site they belong to.  When, in
   addition to the site group-ids some group-ids are defined at the
   site-network-access level, the management system MUST consider the
   union of all groups (site level and site network access level) for
   this particular site-network-access.

   For an already-configured site-network-access, each constraint MUST
   be expressed against a targeted set of site-network-accesses.  This
   site-network-access MUST never be taken into account in the targeted
   set -- for example, "My site-network-access S must not be connected
   on the same POP as the site-network-accesses that are part of Group
   10."  The set of site-network-accesses against which the constraint
   is evaluated can be expressed as a list of groups, "all-other-
   accesses", or "all-other-groups".  The all-other-accesses option
   means that the current site-network-access constraint MUST be
   evaluated against all the other site-network-accesses belonging to
   the current site.  The all-other-groups option means that the
   constraint MUST be evaluated against all groups that the current
   site-network-access does not belong to.

   The current model defines multiple constraint-types:

   o  pe-diverse: The current site-network-access MUST NOT be connected
      to the same PE as the targeted site-network-accesses.

   o  pop-diverse: The current site-network-access MUST NOT be connected
      to the same POP as the targeted site-network-accesses.

   o  linecard-diverse: The current site-network-access MUST NOT be
      connected to the same linecard as the targeted site-network-
      accesses.

   o  bearer-diverse: The current site-network-access MUST NOT use
      common bearer components compared to bearers used by the targeted
      site-network-accesses.  "bearer-diverse" provides some level of
      diversity at the access level.  As an example, two bearer-diverse
      site-network-accesses must not use the same DSLAM, BAS, or Layer 2
      switch.

   o  same-pe: The current site-network-access MUST be connected to the
      same PE as the targeted site-network-accesses.

   o  same-bearer: The current site-network-access MUST be connected
      using the same bearer as the targeted site-network-accesses.

   These constraint-types can be extended through augmentation.

Top      Up      ToC       Page 52 
   Each constraint is expressed as "The site-network-access S must be
   <constraint-type> (e.g., pe-diverse, pop-diverse) from these <target>
   site-network-accesses."

   The group-id used to target some site-network-accesses may be the
   same as the one used by the current site-network-access.  This eases
   the configuration of scenarios where a group of site-network-access
   points has a constraint between the access points in the group.  As
   an example, if we want a set of sites (Site#1 to Site#5) to be
   connected on different PEs, we can tag them with the same group-id
   and express a pe-diverse constraint for this group-id with the
   following XML snippet:

 <?xml version="1.0"?>
 <l3vpn-svc xmlns="urn:ietf:params:xml:ns:yang:ietf-l3vpn-svc">
  <vpn-services>
   <vpn-service>
    <vpn-id>VPNA</vpn-id>
   </vpn-service>
  </vpn-services>
  <sites>
   <site>
    <site-id>SITE1</site-id>
    <locations>
     <location>
      <location-id>L1</location-id>
     </location>
    </locations>
    <management>
     <type>customer-managed</type>
    </management>
    <site-network-accesses>
     <site-network-access>
      <site-network-access-id>1</site-network-access-id>
      <ip-connection>
       <ipv4>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv4>
       <ipv6>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv6>
      </ip-connection>
      <service>
       <svc-mtu>1514</svc-mtu>
       <svc-input-bandwidth>10000000</svc-input-bandwidth>
       <svc-output-bandwidth>10000000</svc-output-bandwidth>
      </service>
      <security>

Top      Up      ToC       Page 53 
       <encryption>
        <layer>layer3</layer>
       </encryption>
      </security>
      <location-reference>L1</location-reference>
      <access-diversity>
       <groups>
        <group>
         <group-id>10</group-id>
        </group>
       </groups>
       <constraints>
        <constraint>
         <constraint-type>pe-diverse</constraint-type>
         <target>
          <group>
           <group-id>10</group-id>
          </group>
         </target>
        </constraint>
       </constraints>
      </access-diversity>
      <vpn-attachment>
       <vpn-id>VPNA</vpn-id>
       <site-role>spoke-role</site-role>
      </vpn-attachment>
     </site-network-access>
    </site-network-accesses>
   </site>
   <site>
    <site-id>SITE2</site-id>
    <locations>
     <location>
      <location-id>L1</location-id>
     </location>
    </locations>
    <management>
     <type>customer-managed</type>
    </management>
    <security>
     <encryption>
      <layer>layer3</layer>
     </encryption>
    </security>
    <site-network-accesses>
     <site-network-access>
      <site-network-access-id>1</site-network-access-id>
      <ip-connection>

Top      Up      ToC       Page 54 
       <ipv4>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv4>
       <ipv6>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv6>
      </ip-connection>
      <service>
       <svc-mtu>1514</svc-mtu>
       <svc-input-bandwidth>10000000</svc-input-bandwidth>
       <svc-output-bandwidth>10000000</svc-output-bandwidth>
      </service>
      <security>
       <encryption>
        <layer>layer3</layer>
       </encryption>
      </security>
      <location-reference>L1</location-reference>
      <access-diversity>
       <groups>
        <group>
         <group-id>10</group-id>
        </group>
       </groups>
       <constraints>
        <constraint>
         <constraint-type>pe-diverse</constraint-type>
         <target>
          <group>
           <group-id>10</group-id>
          </group>
         </target>
        </constraint>
       </constraints>
      </access-diversity>
      <vpn-attachment>
       <vpn-id>VPNA</vpn-id>
       <site-role>spoke-role</site-role>
      </vpn-attachment>
     </site-network-access>
    </site-network-accesses>
   </site>
       ...
   <site>
    <site-id>SITE5</site-id>
    <locations>
     <location>
      <location-id>L1</location-id>

Top      Up      ToC       Page 55 
     </location>
    </locations>
    <management>
     <type>customer-managed</type>
    </management>
    <security>
     <encryption>
      <layer>layer3</layer>
     </encryption>
    </security>
    <site-network-accesses>
     <site-network-access>
      <site-network-access-id>1</site-network-access-id>
      <ip-connection>
       <ipv4>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv4>
       <ipv6>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv6>
      </ip-connection>
      <service>
       <svc-mtu>1514</svc-mtu>
       <svc-input-bandwidth>10000000</svc-input-bandwidth>
       <svc-output-bandwidth>10000000</svc-output-bandwidth>
      </service>
      <security>
       <encryption>
        <layer>layer3</layer>
       </encryption>
      </security>
      <location-reference>L1</location-reference>
      <access-diversity>
       <groups>
        <group>
         <group-id>10</group-id>
        </group>
       </groups>
       <constraints>
        <constraint>
         <constraint-type>pe-diverse</constraint-type>
         <target>
          <group>
           <group-id>10</group-id>
          </group>
         </target>
        </constraint>
       </constraints>

Top      Up      ToC       Page 56 
      </access-diversity>
      <vpn-attachment>
       <vpn-id>VPNA</vpn-id>
       <site-role>spoke-role</site-role>
      </vpn-attachment>
     </site-network-access>
    </site-network-accesses>
   </site>
  </sites>
 </l3vpn-svc>

   The group-id used to target some site-network-accesses may also be
   different than the one used by the current site-network-access.  This
   can be used to express that a group of sites has some constraints
   against another group of sites, but there is no constraint within the
   group.  For example, we consider a set of six sites and two groups;
   we want to ensure that a site in the first group must be pop-diverse
   from a site in the second group.  The example of a corresponding XML
   snippet is described as follows:

 <?xml version="1.0"?>
 <l3vpn-svc xmlns="urn:ietf:params:xml:ns:yang:ietf-l3vpn-svc">
  <vpn-services>
   <vpn-service>
    <vpn-id>VPNA</vpn-id>
   </vpn-service>
  </vpn-services>
  <sites>
   <site>
    <site-id>SITE1</site-id>
    <site-network-accesses>
     <site-network-access>
      <site-network-access-id>1</site-network-access-id>
      <access-diversity>
       <groups>
        <group>
         <group-id>10</group-id>
        </group>
       </groups>
       <constraints>
        <constraint>
         <constraint-type>pop-diverse</constraint-type>
         <target>
          <group>
           <group-id>20</group-id>
          </group>
         </target>
        </constraint>

Top      Up      ToC       Page 57 
       </constraints>
      </access-diversity>
      <vpn-attachment>
       <vpn-id>VPNA</vpn-id>
       <site-role>spoke-role</site-role>
      </vpn-attachment>
     </site-network-access>
    </site-network-accesses>
   </site>
   <site>
    <site-id>SITE2</site-id>
    <site-network-accesses>
     <site-network-access>
      <site-network-access-id>1</site-network-access-id>
      <access-diversity>
       <groups>
        <group>
         <group-id>10</group-id>
        </group>
       </groups>
       <constraints>
        <constraint>
         <constraint-type>pop-diverse</constraint-type>
         <target>
          <group>
           <group-id>20</group-id>
          </group>
         </target>
        </constraint>
       </constraints>
      </access-diversity>
      <vpn-attachment>
       <vpn-id>VPNA</vpn-id>
       <site-role>spoke-role</site-role>
      </vpn-attachment>
     </site-network-access>
    </site-network-accesses>
   </site>
       ...
   <site>
    <site-id>SITE5</site-id>
    <site-network-accesses>
     <site-network-access>
      <site-network-access-id>1</site-network-access-id>
      <access-diversity>
       <groups>
        <group>
         <group-id>20</group-id>

Top      Up      ToC       Page 58 
        </group>
       </groups>
       <constraints>
        <constraint>
         <constraint-type>pop-diverse</constraint-type>
         <target>
          <group>
           <group-id>10</group-id>
          </group>
         </target>
        </constraint>
       </constraints>
      </access-diversity>
      <vpn-attachment>
       <vpn-id>VPNA</vpn-id>
       <site-role>spoke-role</site-role>
      </vpn-attachment>
     </site-network-access>
    </site-network-accesses>
   </site>
   <site>
    <site-id>SITE6</site-id>
    <locations>
     <location>
      <location-id>L1</location-id>
     </location>
    </locations>
    <management>
     <type>customer-managed</type>
    </management>
    <security>
     <encryption>
      <layer>layer3</layer>
     </encryption>
    </security>
    <site-network-accesses>
     <site-network-access>
      <site-network-access-id>1</site-network-access-id>
      <ip-connection>
       <ipv4>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv4>
       <ipv6>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv6>
      </ip-connection>
      <service>
       <svc-mtu>1514</svc-mtu>

Top      Up      ToC       Page 59 
       <svc-input-bandwidth>10000000</svc-input-bandwidth>
       <svc-output-bandwidth>10000000</svc-output-bandwidth>
      </service>
      <security>
       <encryption>
        <layer>layer3</layer>
       </encryption>
      </security>
      <location-reference>L1</location-reference>
      <access-diversity>
       <groups>
        <group>
         <group-id>20</group-id>
        </group>
       </groups>
       <constraints>
        <constraint>
         <constraint-type>pop-diverse</constraint-type>
         <target>
          <group>
           <group-id>10</group-id>
          </group>
         </target>
        </constraint>
       </constraints>
      </access-diversity>
      <vpn-attachment>
       <vpn-id>VPNA</vpn-id>
       <site-role>spoke-role</site-role>
      </vpn-attachment>
     </site-network-access>
    </site-network-accesses>
   </site>
  </sites>
 </l3vpn-svc>

6.6.5.  Infeasible Access Placement

   Some infeasible access placement scenarios could be created via the
   proposed configuration framework.  Such infeasible access placement
   scenarios could result from constraints that are too restrictive,
   leading to infeasible access placement in the network or conflicting
   constraints that would also lead to infeasible access placement.  An
   example of conflicting rules would be to request that site-network-
   access#1 be pe-diverse from site-network-access#2 and to request at
   the same time that site-network-access#2 be on the same PE as site-

Top      Up      ToC       Page 60 
   network-access#1.  When the management system cannot determine the
   placement of a site-network-access, it MUST return an error message
   indicating that placement was not possible.

6.6.6.  Examples of Access Placement

6.6.6.1.  Multihoming

   The customer wants to create a multihomed site.  The site will be
   composed of two site-network-accesses; for resiliency purposes, the
   customer wants the two site-network-accesses to be meshed on
   different POPs.

                                                     POP#1
             +-------+                            +---------+
             |       |                            |   PE1   |
             |       |---site-network-access#1----|   PE2   |
             |       |                            |   PE3   |
             |       |                            +---------+
             | Site#1|
             |       |                               POP#2
             |       |                            +---------+
             |       |                            |   PE4   |
             |       |---site-network-access#2----|   PE5   |
             |       |                            |   PE6   |
             |       |                            +---------+
             +-------+

   This scenario can be expressed with the following XML snippet:

 <?xml version="1.0"?>
 <l3vpn-svc xmlns="urn:ietf:params:xml:ns:yang:ietf-l3vpn-svc">
  <vpn-services>
   <vpn-service>
    <vpn-id>VPNA</vpn-id>
   </vpn-service>
  </vpn-services>
  <sites>
   <site>
    <site-id>SITE1</site-id>
    <locations>
     <location>
      <location-id>L1</location-id>
     </location>
    </locations>
    <management>
     <type>customer-managed</type>
    </management>

Top      Up      ToC       Page 61 
    <security>
     <encryption>
      <layer>layer3</layer>
     </encryption>
    </security>
    <site-network-accesses>
     <site-network-access>
      <site-network-access-id>1</site-network-access-id>
      <ip-connection>
       <ipv4>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv4>
       <ipv6>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv6>
      </ip-connection>
      <service>
       <svc-mtu>1514</svc-mtu>
       <svc-input-bandwidth>10000000</svc-input-bandwidth>
       <svc-output-bandwidth>10000000</svc-output-bandwidth>
      </service>
      <security>
       <encryption>
        <layer>layer3</layer>
       </encryption>
      </security>
      <location-reference>L1</location-reference>
      <access-diversity>
       <groups>
        <group>
         <group-id>10</group-id>
        </group>
       </groups>
       <constraints>
        <constraint>
         <constraint-type>pop-diverse</constraint-type>
         <target>
          <group>
           <group-id>20</group-id>
          </group>
         </target>
        </constraint>
       </constraints>
      </access-diversity>
      <vpn-attachment>
       <vpn-id>VPNA</vpn-id>
       <site-role>spoke-role</site-role>
      </vpn-attachment>

Top      Up      ToC       Page 62 
     </site-network-access>
     <site-network-access>
      <site-network-access-id>2</site-network-access-id>
      <ip-connection>
       <ipv4>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv4>
       <ipv6>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv6>
      </ip-connection>
      <service>
       <svc-mtu>1514</svc-mtu>
       <svc-input-bandwidth>10000000</svc-input-bandwidth>
       <svc-output-bandwidth>10000000</svc-output-bandwidth>
      </service>
      <security>
       <encryption>
        <layer>layer3</layer>
       </encryption>
      </security>
      <location-reference>L1</location-reference>
      <access-diversity>
       <groups>
        <group>
         <group-id>20</group-id>
        </group>
       </groups>
       <constraints>
        <constraint>
         <constraint-type>pop-diverse</constraint-type>
         <target>
          <group>
           <group-id>10</group-id>
          </group>
         </target>
        </constraint>
       </constraints>
      </access-diversity>
      <vpn-attachment>
       <vpn-id>VPNA</vpn-id>
       <site-role>spoke-role</site-role>
      </vpn-attachment>
     </site-network-access>
    </site-network-accesses>
   </site>
  </sites>
 </l3vpn-svc>

Top      Up      ToC       Page 63 
   But it can also be expressed with the following XML snippet:

      <?xml version="1.0"?>
      <l3vpn-svc xmlns="urn:ietf:params:xml:ns:yang:ietf-l3vpn-svc">
        <vpn-services>
          <vpn-service>
            <vpn-id>VPNA</vpn-id>
          </vpn-service>
        </vpn-services>
        <sites>
          <site>
            <site-id>SITE1</site-id>
            <site-network-accesses>
              <site-network-access>
                <site-network-access-id>1</site-network-access-id>
                <access-diversity>
                  <constraints>
                    <constraint>
                      <constraint-type>pop-diverse</constraint-type>
                      <target>
                        <all-other-accesses/>
                      </target>
                    </constraint>
                  </constraints>
                </access-diversity>
                <vpn-attachment>
                  <vpn-id>VPNA</vpn-id>
                  <site-role>spoke-role</site-role>
                </vpn-attachment>
              </site-network-access>
              <site-network-access>
                <site-network-access-id>2</site-network-access-id>
                <access-diversity>
                  <constraints>
                    <constraint>
                      <constraint-type>pop-diverse</constraint-type>
                      <target>
                        <all-other-accesses/>
                      </target>
                    </constraint>
                  </constraints>
                </access-diversity>
                <vpn-attachment>
                  <vpn-id>VPNA</vpn-id>
                  <site-role>spoke-role</site-role>
                </vpn-attachment>
              </site-network-access>
            </site-network-accesses>

Top      Up      ToC       Page 64 
          </site>
        </sites>
      </l3vpn-svc>

6.6.6.2.  Site Offload

   The customer has six branch offices in a particular region, and he
   wants to prevent having all branch offices connected on the same PE.

   He wants to express that three branch offices cannot be connected on
   the same linecard.  Also, the other branch offices must be connected
   on a different POP.  Those other branch offices cannot also be
   connected on the same linecard.

                                              POP#1
                                           +---------+
                                           |   PE1   |
                     Office#1 ---...       |   PE2   |
                     Office#2 ---...       |   PE3   |
                     Office#3 ---...       |   PE4   |
                                           +---------+

                                              POP#2
                                           +---------+
                     Office#4 ---...       |   PE5   |
                     Office#5 ---...       |   PE6   |
                     Office#6 ---...       |   PE7   |
                                           +---------+

   This scenario can be expressed as follows:

   o  We need to create two groups of sites: Group#10, which is composed
      of Office#1, Office#2, and Office#3; and Group#20, which is
      composed of Office#4, Office#5, and Office#6.

   o  Sites within Group#10 must be pop-diverse from sites within
      Group#20, and vice versa.

   o  Sites within Group#10 must be linecard-diverse from other sites in
      Group#10 (same for Group#20).

 <?xml version="1.0"?>
 <l3vpn-svc xmlns="urn:ietf:params:xml:ns:yang:ietf-l3vpn-svc">
  <vpn-services>
   <vpn-service>
    <vpn-id>VPNA</vpn-id>
   </vpn-service>
  </vpn-services>

Top      Up      ToC       Page 65 
  <sites>
   <site>
    <site-id>Office1</site-id>
    <locations>
     <location>
      <location-id>L1</location-id>
     </location>
    </locations>
    <management>
     <type>customer-managed</type>
    </management>
    <security>
     <encryption>
      <layer>layer3</layer>
     </encryption>
    </security>
    <site-network-accesses>
     <site-network-access>
      <site-network-access-id>1</site-network-access-id>
      <ip-connection>
       <ipv4>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv4>
       <ipv6>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv6>
      </ip-connection>
      <service>
       <svc-mtu>1514</svc-mtu>
       <svc-input-bandwidth>10000000</svc-input-bandwidth>
       <svc-output-bandwidth>10000000</svc-output-bandwidth>
      </service>
      <security>
       <encryption>
        <layer>layer3</layer>
       </encryption>
      </security>
      <location-reference>L1</location-reference>
      <access-diversity>
       <groups>
        <group>
         <group-id>10</group-id>
        </group>
       </groups>
       <constraints>
        <constraint>
         <constraint-type>pop-diverse</constraint-type>
         <target>

Top      Up      ToC       Page 66 
          <group>
           <group-id>20</group-id>
          </group>
         </target>
        </constraint>
        <constraint>
         <constraint-type>linecard-diverse</constraint-type>
         <target>
          <group>
           <group-id>10</group-id>
          </group>
         </target>
        </constraint>
       </constraints>
      </access-diversity>
      <vpn-attachment>
       <vpn-id>VPNA</vpn-id>
       <site-role>spoke-role</site-role>
      </vpn-attachment>
     </site-network-access>
    </site-network-accesses>
   </site>
   <site>
    <site-id>Office2</site-id>
    <locations>
     <location>
      <location-id>L1</location-id>
     </location>
    </locations>
    <management>
     <type>customer-managed</type>
    </management>
    <security>
     <encryption>
      <layer>layer3</layer>
     </encryption>
    </security>
    <site-network-accesses>
     <site-network-access>
      <site-network-access-id>1</site-network-access-id>
      <ip-connection>
       <ipv4>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv4>
       <ipv6>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv6>
      </ip-connection>

Top      Up      ToC       Page 67 
      <service>
       <svc-mtu>1514</svc-mtu>
       <svc-input-bandwidth>10000000</svc-input-bandwidth>
       <svc-output-bandwidth>10000000</svc-output-bandwidth>
      </service>
      <security>
       <encryption>
        <layer>layer3</layer>
       </encryption>
      </security>
      <location-reference>L1</location-reference>
      <access-diversity>
       <groups>
        <group>
         <group-id>10</group-id>
        </group>
       </groups>
       <constraints>
        <constraint>
         <constraint-type>pop-diverse</constraint-type>
         <target>
          <group>
           <group-id>20</group-id>
          </group>
         </target>
        </constraint>
        <constraint>
         <constraint-type>linecard-diverse</constraint-type>
         <target>
          <group>
           <group-id>10</group-id>
          </group>
         </target>
        </constraint>
       </constraints>
      </access-diversity>
      <vpn-attachment>
       <vpn-id>VPNA</vpn-id>
       <site-role>spoke-role</site-role>
      </vpn-attachment>
     </site-network-access>
    </site-network-accesses>
   </site>
   <site>
    <site-id>Office3</site-id>
    <locations>
     <location>
      <location-id>L1</location-id>

Top      Up      ToC       Page 68 
     </location>
    </locations>
    <management>
     <type>customer-managed</type>
    </management>
    <security>
     <encryption>
      <layer>layer3</layer>
     </encryption>
    </security>
    <site-network-accesses>
     <site-network-access>
      <site-network-access-id>1</site-network-access-id>
      <ip-connection>
       <ipv4>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv4>
       <ipv6>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv6>
      </ip-connection>
      <service>
       <svc-mtu>1514</svc-mtu>
       <svc-input-bandwidth>10000000</svc-input-bandwidth>
       <svc-output-bandwidth>10000000</svc-output-bandwidth>
      </service>
      <security>
       <encryption>
        <layer>layer3</layer>
       </encryption>
      </security>
      <location-reference>L1</location-reference>
      <access-diversity>
       <groups>
        <group>
         <group-id>10</group-id>
        </group>
       </groups>
       <constraints>
        <constraint>
         <constraint-type>pop-diverse</constraint-type>
         <target>
          <group>
           <group-id>20</group-id>
          </group>
         </target>
        </constraint>
        <constraint>

Top      Up      ToC       Page 69 
         <constraint-type>linecard-diverse</constraint-type>
         <target>
          <group>
           <group-id>10</group-id>
          </group>
         </target>
        </constraint>
       </constraints>
      </access-diversity>
      <vpn-attachment>
       <vpn-id>VPNA</vpn-id>
       <site-role>spoke-role</site-role>
      </vpn-attachment>
     </site-network-access>
    </site-network-accesses>
   </site>
   <site>
    <site-id>Office4</site-id>
    <locations>
     <location>
      <location-id>L1</location-id>
     </location>
    </locations>
    <management>
     <type>customer-managed</type>
    </management>
    <security>
     <encryption>
      <layer>layer3</layer>
     </encryption>
    </security>
    <site-network-accesses>
     <site-network-access>
      <site-network-access-id>1</site-network-access-id>
      <ip-connection>
       <ipv4>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv4>
       <ipv6>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv6>
      </ip-connection>
      <service>
       <svc-mtu>1514</svc-mtu>
       <svc-input-bandwidth>10000000</svc-input-bandwidth>
       <svc-output-bandwidth>10000000</svc-output-bandwidth>
      </service>
      <security>

Top      Up      ToC       Page 70 
       <encryption>
        <layer>layer3</layer>
       </encryption>
      </security>
      <location-reference>L1</location-reference>
      <access-diversity>
       <groups>
        <group>
         <group-id>20</group-id>
        </group>
       </groups>
       <constraints>
        <constraint>
         <constraint-type>pop-diverse</constraint-type>
         <target>
          <group>
           <group-id>10</group-id>
          </group>
         </target>
        </constraint>
        <constraint>
         <constraint-type>linecard-diverse</constraint-type>
         <target>
          <group>
           <group-id>20</group-id>
          </group>
         </target>
        </constraint>
       </constraints>
      </access-diversity>
      <vpn-attachment>
       <vpn-id>VPNA</vpn-id>
       <site-role>spoke-role</site-role>
      </vpn-attachment>
     </site-network-access>
    </site-network-accesses>
   </site>
   <site>
    <site-id>Office5</site-id>
    <locations>
     <location>
      <location-id>L1</location-id>
     </location>
    </locations>
    <management>
     <type>customer-managed</type>
    </management>
    <security>

Top      Up      ToC       Page 71 
     <encryption>
      <layer>layer3</layer>
     </encryption>
    </security>
    <site-network-accesses>
     <site-network-access>
      <site-network-access-id>1</site-network-access-id>
      <ip-connection>
       <ipv4>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv4>
       <ipv6>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv6>
      </ip-connection>
      <service>
       <svc-mtu>1514</svc-mtu>
       <svc-input-bandwidth>10000000</svc-input-bandwidth>
       <svc-output-bandwidth>10000000</svc-output-bandwidth>
      </service>
      <security>
       <encryption>
        <layer>layer3</layer>
       </encryption>
      </security>
      <location-reference>L1</location-reference>
      <access-diversity>
       <groups>
        <group>
         <group-id>20</group-id>
        </group>
       </groups>
       <constraints>
        <constraint>
         <constraint-type>pop-diverse</constraint-type>
         <target>
          <group>
           <group-id>10</group-id>
          </group>
         </target>
        </constraint>
        <constraint>
         <constraint-type>linecard-diverse</constraint-type>
         <target>
          <group>
           <group-id>20</group-id>
          </group>
         </target>

Top      Up      ToC       Page 72 
        </constraint>
       </constraints>
      </access-diversity>
      <vpn-attachment>
       <vpn-id>VPNA</vpn-id>
       <site-role>spoke-role</site-role>
      </vpn-attachment>
     </site-network-access>
    </site-network-accesses>
   </site>
   <site>
    <site-id>Office6</site-id>
    <locations>
     <location>
      <location-id>L1</location-id>
     </location>
    </locations>
    <management>
     <type>customer-managed</type>
    </management>
    <security>
     <encryption>
      <layer>layer3</layer>
     </encryption>
    </security>
    <site-network-accesses>
     <site-network-access>
      <site-network-access-id>1</site-network-access-id>
      <ip-connection>
       <ipv4>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv4>
       <ipv6>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv6>
      </ip-connection>
      <service>
       <svc-mtu>1514</svc-mtu>
       <svc-input-bandwidth>10000000</svc-input-bandwidth>
       <svc-output-bandwidth>10000000</svc-output-bandwidth>
      </service>
      <security>
       <encryption>
        <layer>layer3</layer>
       </encryption>
      </security>
      <location-reference>L1</location-reference>
      <access-diversity>

Top      Up      ToC       Page 73 
       <groups>
        <group>
         <group-id>20</group-id>
        </group>
       </groups>
       <constraints>
        <constraint>
         <constraint-type>pop-diverse</constraint-type>
         <target>
          <group>
           <group-id>10</group-id>
          </group>
         </target>
        </constraint>
        <constraint>
         <constraint-type>linecard-diverse</constraint-type>
         <target>
          <group>
           <group-id>20</group-id>
          </group>
         </target>
        </constraint>
       </constraints>
      </access-diversity>
      <vpn-attachment>
       <vpn-id>VPNA</vpn-id>
       <site-role>spoke-role</site-role>
      </vpn-attachment>
     </site-network-access>
    </site-network-accesses>
   </site>
  </sites>
 </l3vpn-svc>

6.6.6.3.  Parallel Links

   To increase its site bandwidth at lower cost, a customer wants to
   order two parallel site-network-accesses that will be connected to
   the same PE.

                    *******site-network-access#1**********
             Site 1 *******site-network-access#2********** PE1

Top      Up      ToC       Page 74 
   This scenario can be expressed with the following XML snippet:

      <?xml version="1.0"?>
      <l3vpn-svc xmlns="urn:ietf:params:xml:ns:yang:ietf-l3vpn-svc">
        <vpn-services>
          <vpn-service>
            <vpn-id>VPNB</vpn-id>
          </vpn-service>
        </vpn-services>
        <sites>
          <site>
            <site-id>SITE1</site-id>
            <site-network-accesses>
              <site-network-access>
                <site-network-access-id>1</site-network-access-id>
                <access-diversity>
                  <groups>
                    <group>
                      <group-id>PE-linkgrp-1</group-id>
                    </group>
                  </groups>
                  <constraints>
                    <constraint>
                      <constraint-type>same-pe</constraint-type>
                      <target>
                        <group>
                          <group-id>PE-linkgrp-1</group-id>
                        </group>
                      </target>
                    </constraint>
                  </constraints>
                </access-diversity>
                <vpn-attachment>
                  <vpn-id>VPNB</vpn-id>
                  <site-role>spoke-role</site-role>
                </vpn-attachment>
              </site-network-access>
              <site-network-access>
                <site-network-access-id>2</site-network-access-id>
                <access-diversity>
                  <groups>
                    <group>
                      <group-id>PE-linkgrp-1</group-id>
                    </group>
                  </groups>
                  <constraints>
                    <constraint>
                      <constraint-type>same-pe</constraint-type>

Top      Up      ToC       Page 75 
                      <target>
                        <group>
                          <group-id>PE-linkgrp-1</group-id>
                        </group>
                      </target>
                    </constraint>
                  </constraints>
                </access-diversity>
                <vpn-attachment>
                  <vpn-id>VPNB</vpn-id>
                  <site-role>spoke-role</site-role>
                </vpn-attachment>
              </site-network-access>
            </site-network-accesses>
          </site>
        </sites>
      </l3vpn-svc>

6.6.6.4.  SubVPN with Multihoming

   A customer has a site that is dual-homed.  The dual-homing must be
   done on two different PEs.  The customer also wants to implement two
   subVPNs on those multihomed accesses.

   +-----------------+         Site                     +------+
   |                 |---------------------------------/       +-----+
   |                 |****(site-network-access#1)*****| VPN B /       \
   | New York Office |****(site-network-access#2)************| VPN C   |
   |                 |                                  +-----\       /
   |                 |                                         +-----+
   |                 |
   |                 |                                  +------+
   |                 |                                 /       +-----+
   |                 |****(site-network-access#3)*****| VPN B /       \
   |                 |****(site-network-access#4)************| VPN C   |
   |                 |                                  +-----\       /
   |                 |-----------------------------------      +-----+
   +-----------------+

   This scenario can be expressed as follows:

   o  The site will have four site network accesses (two subVPNs coupled
      via dual-homing).

   o  Site-network-access#1 and site-network-access#3 will correspond to
      the multihoming of subVPN B.  A PE-diverse constraint is required
      between them.

Top      Up      ToC       Page 76 
   o  Site-network-access#2 and site-network-access#4 will correspond to
      the multihoming of subVPN C.  A PE-diverse constraint is required
      between them.

   o  To ensure proper usage of the same bearer for the subVPN, site-
      network-access#1 and site-network-access#2 must share the same
      bearer as site-network-access#3 and site-network-access#4.

 <?xml version="1.0"?>
 <l3vpn-svc xmlns="urn:ietf:params:xml:ns:yang:ietf-l3vpn-svc">
  <vpn-services>
   <vpn-service>
    <vpn-id>VPNB</vpn-id>
   </vpn-service>
   <vpn-service>
    <vpn-id>VPNC</vpn-id>
   </vpn-service>
  </vpn-services>
  <sites>
   <site>
    <site-id>SITE1</site-id>
    <locations>
     <location>
      <location-id>L1</location-id>
     </location>
    </locations>
    <management>
     <type>customer-managed</type>
    </management>
    <security>
     <encryption>
      <layer>layer3</layer>
     </encryption>
    </security>
    <site-network-accesses>
     <site-network-access>
      <site-network-access-id>1</site-network-access-id>
      <ip-connection>
       <ipv4>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv4>
       <ipv6>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv6>
      </ip-connection>
      <service>
       <svc-mtu>1514</svc-mtu>
       <svc-input-bandwidth>10000000</svc-input-bandwidth>

Top      Up      ToC       Page 77 
       <svc-output-bandwidth>10000000</svc-output-bandwidth>
      </service>
      <security>
       <encryption>
        <layer>layer3</layer>
       </encryption>
      </security>
      <location-reference>L1</location-reference>
      <access-diversity>
       <groups>
        <group>
         <group-id>dualhomed-1</group-id>
        </group>
       </groups>
       <constraints>
        <constraint>
         <constraint-type>pe-diverse</constraint-type>
         <target>
          <group>
           <group-id>dualhomed-2</group-id>
          </group>
         </target>
        </constraint>
        <constraint>
         <constraint-type>same-bearer</constraint-type>
         <target>
          <group>
           <group-id>dualhomed-1</group-id>
          </group>
         </target>
        </constraint>
       </constraints>
      </access-diversity>
      <vpn-attachment>
       <vpn-id>VPNB</vpn-id>
       <site-role>spoke-role</site-role>
      </vpn-attachment>
     </site-network-access>
     <site-network-access>
      <site-network-access-id>2</site-network-access-id>
      <access-diversity>
       <groups>
        <group>
         <group-id>dualhomed-1</group-id>
        </group>
       </groups>
       <constraints>
        <constraint>

Top      Up      ToC       Page 78 
         <constraint-type>pe-diverse</constraint-type>
         <target>
          <group>
           <group-id>dualhomed-2</group-id>
          </group>
         </target>
        </constraint>
        <constraint>
         <constraint-type>same-bearer</constraint-type>
         <target>
          <group>
           <group-id>dualhomed-1</group-id>
          </group>
         </target>
        </constraint>
       </constraints>
      </access-diversity>
      <vpn-attachment>
       <vpn-id>VPNC</vpn-id>
       <site-role>spoke-role</site-role>
      </vpn-attachment>
     </site-network-access>
     <site-network-access>
      <site-network-access-id>3</site-network-access-id>
      <ip-connection>
       <ipv4>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv4>
       <ipv6>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv6>
      </ip-connection>
      <service>
       <svc-mtu>1514</svc-mtu>
       <svc-input-bandwidth>10000000</svc-input-bandwidth>
       <svc-output-bandwidth>10000000</svc-output-bandwidth>
      </service>
      <security>
       <encryption>
        <layer>layer3</layer>
       </encryption>
      </security>
      <location-reference>L1</location-reference>
      <access-diversity>
       <groups>
        <group>
         <group-id>dualhomed-2</group-id>
        </group>

Top      Up      ToC       Page 79 
       </groups>
       <constraints>
        <constraint>
         <constraint-type>pe-diverse</constraint-type>
         <target>
          <group>
           <group-id>dualhomed-1</group-id>
          </group>
         </target>
        </constraint>
        <constraint>
         <constraint-type>same-bearer</constraint-type>
         <target>
          <group>
           <group-id>dualhomed-2</group-id>
          </group>
         </target>
        </constraint>
       </constraints>
      </access-diversity>
      <vpn-attachment>
       <vpn-id>VPNB</vpn-id>
       <site-role>spoke-role</site-role>
      </vpn-attachment>
     </site-network-access>
     <site-network-access>
      <site-network-access-id>4</site-network-access-id>
      <ip-connection>
       <ipv4>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv4>
       <ipv6>
        <address-allocation-type>provider-dhcp</address-allocation-type>
       </ipv6>
      </ip-connection>
      <service>
       <svc-mtu>1514</svc-mtu>
       <svc-input-bandwidth>10000000</svc-input-bandwidth>
       <svc-output-bandwidth>10000000</svc-output-bandwidth>
      </service>
      <security>
       <encryption>
        <layer>layer3</layer>
       </encryption>
      </security>
      <location-reference>L1</location-reference>
      <access-diversity>
       <groups>

Top      Up      ToC       Page 80 
        <group>
         <group-id>dualhomed-2</group-id>
        </group>
       </groups>
       <constraints>
        <constraint>
         <constraint-type>pe-diverse</constraint-type>
         <target>
          <group>
           <group-id>dualhomed-1</group-id>
          </group>
         </target>
        </constraint>
        <constraint>
         <constraint-type>same-bearer</constraint-type>
         <target>
          <group>
           <group-id>dualhomed-2</group-id>
          </group>
         </target>
        </constraint>
       </constraints>
      </access-diversity>
      <vpn-attachment>
       <vpn-id>VPNC</vpn-id>
       <site-role>spoke-role</site-role>
      </vpn-attachment>
     </site-network-access>
    </site-network-accesses>
   </site>
  </sites>
 </l3vpn-svc>

6.6.7.  Route Distinguisher and VRF Allocation

   The route distinguisher (RD) is a critical parameter of PE-based
   L3VPNs as described in [RFC4364] that provides the ability to
   distinguish common addressing plans in different VPNs.  As for route
   targets (RTs), a management system is expected to allocate a VRF on
   the target PE and an RD for this VRF.

   If a VRF already exists on the target PE and the VRF fulfills the
   connectivity constraints for the site, there is no need to recreate
   another VRF, and the site MAY be meshed within this existing VRF.
   How the management system checks that an existing VRF fulfills the
   connectivity constraints for a site is out of scope for this
   document.

Top      Up      ToC       Page 81 
   If no such VRF exists on the target PE, the management system has to
   initiate the creation of a new VRF on the target PE and has to
   allocate a new RD for this new VRF.

   The management system MAY apply a per-VPN or per-VRF allocation
   policy for the RD, depending on the SP's policy.  In a per-VPN
   allocation policy, all VRFs (dispatched on multiple PEs) within a VPN
   will share the same RD value.  In a per-VRF model, all VRFs should
   always have a unique RD value.  Some other allocation policies are
   also possible, and this document does not restrict the allocation
   policies to be used.

   The allocation of RDs MAY be done in the same way as RTs.  The
   examples provided in Section 6.2.1.1 could be reused in this
   scenario.

   Note that an SP MAY configure a target PE for an automated allocation
   of RDs.  In this case, there will be no need for any backend system
   to allocate an RD value.



(page 81 continued on part 5)

Next Section