RFC 8595
An MPLS-Based Forwarding Plane for Service Function Chaining
Pages: 32
Proposed Standard
Proposed Standard
Part 1 of 2 – Pages 1 to 21
Internet Engineering Task Force (IETF) A. Farrel Request for Comments: 8595 Old Dog Consulting Category: Standards Track S. Bryant ISSN: 2070-1721 Futurewei J. Drake Juniper Networks June 2019 An MPLS-Based Forwarding Plane for Service Function ChainingAbstract
This document describes how Service Function Chaining (SFC) can be achieved in an MPLS network by means of a logical representation of the Network Service Header (NSH) in an MPLS label stack. That is, the NSH is not used, but the fields of the NSH are mapped to fields in the MPLS label stack. This approach does not deprecate or replace the NSH, but it acknowledges that there may be a need for an interim deployment of SFC functionality in brownfield networks. Status of This Memo This is an Internet Standards Track document. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 7841. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at https://www.rfc-editor.org/info/rfc8595.
Copyright Notice Copyright (c) 2019 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.Table of Contents
1. Introduction ....................................................3 2. Requirements Language ...........................................4 3. Choice of Data-Plane SPI/SI Representation ......................4 4. Use Case Scenarios ..............................................5 4.1. Label Swapping for Logical NSH .............................5 4.2. Hierarchical Encapsulation .................................5 4.3. Fine Control of Service Function Instances .................6 4.4. Micro Chains and Label Stacking ............................6 4.5. SFC and Segment Routing ....................................6 5. Basic Unit of Representation ....................................6 6. MPLS Label Swapping .............................................7 7. MPLS Label Stacking ............................................10 8. Mixed-Mode Forwarding ..........................................12 9. A Note on Service Function Capabilities and SFC Proxies ........13 10. Control-Plane Considerations ..................................14 11. Use of the Entropy Label ......................................14 12. Metadata ......................................................15 12.1. Indicating Metadata in User Data Packets .................16 12.2. In-Band Programming of Metadata ..........................18 12.2.1. Loss of In-Band Metadata ..........................21 13. Worked Examples ...............................................22 14. Implementation Notes ..........................................26 15. Security Considerations .......................................26 16. IANA Considerations ...........................................28 17. References ....................................................29 17.1. Normative References .....................................29 17.2. Informative References ...................................30 Acknowledgements ..................................................31 Contributors ......................................................31 Authors' Addresses ................................................32
1. Introduction
Service Function Chaining (SFC) is the process of directing packets through a network so that they can be acted on by an ordered set of abstract Service Functions (SFs) before being delivered to the intended destination. An architecture for SFC is defined in [RFC7665]. When applying a particular service function chain to the traffic selected by a service classifier, the traffic needs to be steered through an ordered set of SFs in the network. This ordered set of SFs is termed a Service Function Path (SFP), and the traffic is passed between Service Function Forwarders (SFFs) that are responsible for delivering the packets to the SFs and for forwarding them onward to the next SFF. In order to steer the selected traffic between SFFs and to the correct SFs, the service classifier needs to attach information to each packet. This information indicates the SFP on which the packet is being forwarded and hence the SFs to which it must be delivered. The information also indicates the progress the packet has already made along the SFP. The Network Service Header (NSH) [RFC8300] has been defined to carry the necessary information for SFC in packets. The NSH can be inserted into packets and contains various information, including a Service Path Identifier (SPI), a Service Index (SI), and a Time To Live (TTL) counter. Multiprotocol Label Switching (MPLS) [RFC3031] is a widely deployed forwarding technology that uses labels placed in a packet in a label stack to identify the forwarding actions to be taken at each hop through a network. Actions may include swapping or popping the labels as well as using the labels to determine the next hop for forwarding the packet. Labels may also be used to establish the context under which the packet is forwarded. In many cases, MPLS will be used as a tunneling technology to carry packets through networks between SFFs. This document describes how SFC can be achieved in an MPLS network by means of a logical representation of the NSH in an MPLS label stack. This approach is applicable to all forms of MPLS forwarding (where labels are looked up at each hop and are swapped or popped [RFC3031]). It does not deprecate or replace the NSH, but it acknowledges that there may be a need for an interim deployment of SFC functionality in brownfield networks. The mechanisms described in this document are a compromise between the full function that can be achieved using the NSH and the benefits of reusing the existing
MPLS forwarding paradigms (the approach defined here does not include the O bit defined in [RFC8300] and has some limitations to the use of metadata as described in Section 12). Section 4 provides a short overview of several use case scenarios that help to explain the relationship between the MPLS label operations (swapping, popping, stacking) and the MPLS encoding of the logical NSH described in this document. It is assumed that the reader is fully familiar with the terms and concepts introduced in [RFC7665] and [RFC8300]. Note that one of the features of the SFC architecture described in [RFC7665] is the "SFC proxy", which exists to include legacy SFs that are not able to process NSH-encapsulated packets. This issue is equally applicable to the use of MPLS-encapsulated packets that encode a logical representation of an NSH. It is discussed further in Section 9.2. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.3. Choice of Data-Plane SPI/SI Representation
While [RFC8300] defines the NSH that can be used in a number of environments, this document provides a mechanism to handle situations in which the NSH is not ubiquitously deployed. In this case, it is possible to use an alternative data-plane representation of the SPI/SI by carrying the identical semantics in MPLS labels. In order to correctly select the mechanism by which SFC information is encoded and carried between SFFs, it may be necessary to configure the capabilities and choices either within the whole Service Function Overlay Network or on a hop-by-hop basis. It is a requirement that both ends of a tunnel over the underlay network (i.e., a pair of SFFs adjacent in the SFP) know that the tunnel is used for SFC and know what form of NSH representation is used. A control-plane signaling approach to achieve these objectives is provided using BGP in [BGP-NSH-SFC].
Note that the encoding of the SFC information is independent of the choice of tunneling technology used between SFFs. Thus, an MPLS representation of the logical NSH (as defined in this document) may be used even if the tunnel between a pair of SFFs is not an MPLS tunnel. Conversely, MPLS tunnels may be used to carry other encodings of the logical NSH (specifically, the NSH itself).4. Use Case Scenarios
There are five scenarios that can be considered for the use of an MPLS encoding in support of SFC. These are set out in the following subsections.4.1. Label Swapping for Logical NSH
The primary use case for SFC is described in [RFC7665] and delivered using the NSH, which, as described in [RFC8300], uses an encapsulation with a position indicator that is modified at each SFC hop along the chain to indicate the next hop. The label-swapping use case scenario effectively replaces the NSH with an MPLS encapsulation as described in Section 6. The MPLS labels encode the same information as the NSH to form a logical NSH. The labels are modified (swapped per [RFC3031]) at each SFC hop along the chain to indicate the next hop. The processing and the forwarding state for a chain (i.e., the actions to take on a received label) are programmed into the network using a control plane or management plane.4.2. Hierarchical Encapsulation
[RFC8459] describes an architecture for hierarchical encapsulation using the NSH. It facilitates partitioning of SFC domains for administrative reasons and allows concatenation of service function chains under the control of a service classifier. The same function can be achieved in an MPLS network using an MPLS encoding of the logical NSH, and label stacking as defined in [RFC3031] and described in Section 7. In this model, swapping is used per Section 4.1 to navigate one chain, and when the end of the chain is reached, the final label is popped, revealing the label for another chain. Thus, the primary mode is swapping, but stacking is used to enable the ingress classifier to control concatenation of service function chains.
4.3. Fine Control of Service Function Instances
It may be that a service function chain (as described in Section 4.1) allows some leeway in the choice of service function instances along the chain. However, it may be that a service classifier wishes to constrain the choice and this can be achieved using chain concatenation so that the first chain ends at the point of choice, the next label in the stack indicates the specific service function instance to be executed, and the next label in the stack starts a new chain. Thus, a mixture of label swapping and stacking is used.4.4. Micro Chains and Label Stacking
The scenario in Section 4.2 may be extended to its logical extreme by making each concatenated chain as short as it can be: one SF. Each label in the stack indicates the next SF to be executed, and the network is programmed through the control plane or management plane to know how to route to the next (i.e., first) hop in each chain just as it would be to support the scenarios in Sections 4.1 and 4.2. This scenario is functionally identical to the use of Segment Routing (SR) in an MPLS network (known as SR-MPLS) for SFC, as described in Section 4.5, and the discussion in that section applies to this section as well.4.5. SFC and Segment Routing
SR-MPLS uses a stack of MPLS labels to encode information about the path and network functions that a packet should traverse. SR-MPLS is achieved by applying control-plane and management-plane techniques to program the MPLS forwarding plane and by imposing labels on packets at the entrance to the SR-MPLS network. An implementation proposal for achieving SFC using SR-MPLS can be found in [SR-Srv-Prog] and is not discussed further in this document.5. Basic Unit of Representation
When an MPLS label stack is used to carry a logical NSH, a basic unit of representation is used. This unit comprises two MPLS labels, as shown below. The unit may be present one or more times in the label stack as explained in subsequent sections. In order to convey the same information as is present in the NSH, two MPLS label stack entries are used. One carries a label to provide context within the SFC scope (the SFC Context Label), and the other carries a label to show which SF is to be actioned (the SF Label). This two-label unit is shown in Figure 1.
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | SFC Context Label | TC |S| TTL | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | SF Label | TC |S| TTL | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 1: The Basic Unit of MPLS Label Stack for SFC The fields of these two label stack entries are encoded as follows: Label: The Label fields contain the values of the SFC Context Label and the SF Label encoded as 20-bit integers. The precise semantics of these Label fields are dependent on whether the label stack entries are used for MPLS label swapping (see Section 6) or MPLS label stacking (see Section 7). TC: The TC bits have no meaning in this case. They SHOULD be set to zero in both label stack entries when a packet is sent and MUST be ignored on receipt. S: The "Bottom of Stack" bit has its usual meaning in MPLS. It MUST be clear in the SFC Context Label stack entry. In the SF Label stack entry, it MUST be clear in all cases except when the label is the bottom of the stack, when it MUST be set. TTL: The TTL field in the SFC Context Label stack entry SHOULD be set to 1. The TTL in the SF Label stack entry (called the SF TTL) is set according to its use for MPLS label swapping (see Section 6) or MPLS label stacking (see Section 7) and is used to mitigate packet loops. The sections that follow show how this basic unit of MPLS label stack may be used for SFC in the MPLS label-swapping case and in the MPLS label-stacking case. For simplicity, these sections do not describe the use of metadata; that topic is covered separately in Section 12.6. MPLS Label Swapping
This section describes how the basic unit of MPLS label stack for SFC (introduced in Section 5) is used when MPLS label swapping is in use. The use case scenario for this approach is introduced in Section 4.1. As can be seen in Figure 2, the top of the label stack comprises the labels necessary to deliver the packet over the MPLS tunnel between SFFs. Any MPLS encapsulation may be used (i.e., MPLS, MPLS in UDP, MPLS in GRE, and MPLS in Virtual Extensible Local Area Networks
(VXLANs) or the Generic Protocol Extension for VXLAN (GPE)); thus, the tunnel technology does not need to be MPLS, but MPLS is shown here for simplicity. An entropy label [RFC6790] may also be present, as described in Section 11. --------------- ~ Tunnel Labels ~ +---------------+ ~ Optional ~ ~ Entropy Label ~ +---------------+ - - - | SPI Label | +---------------+ Basic unit of MPLS label stack for SFC | SI Label | +---------------+ - - - | | ~ Payload ~ | | --------------- Figure 2: The MPLS SFC Label Stack Under these labels (or other encapsulation) comes a single instance of the basic unit of MPLS label stack for SFC. In addition to the interpretation of the fields of these label stack entries (provided in Section 5), the following meanings are applied: SPI Label: The Label field of the SFC Context Label stack entry contains the value of the SPI encoded as a 20-bit integer. The semantics of the SPI are exactly as defined in [RFC8300]. Note that an SPI as defined by [RFC8300] can be encoded in 3 octets (i.e., 24 bits), but that the Label field allows for only 20 bits and reserves the values 0 through 15 as "special-purpose labels" [RFC7274]. Thus, a system using MPLS representation of the logical NSH MUST NOT assign SPI values greater than 2^20 - 1 or less than 16. SI Label: The Label field of the SF Label stack entry contains the value of the SI exactly as defined in [RFC8300]. Since the SI requires only 8 bits, and to avoid overlap with the special-purpose label range of 0 through 15 [RFC7274], the SI is carried in the top (most significant) 8 bits of the Label field with the low-order 12 bits set to zero. TC: The TC fields are as described in Section 5.
S: The S bits are as described in Section 5. TTL: The TTL field in the SPI Label stack entry SHOULD be set to 1 as stated in Section 5. The TTL in the SF Label stack entry is decremented once for each forwarding hop in the SFP, i.e., for each SFF transited, and so mirrors the TTL field in the NSH. The following processing rules apply to the Label fields: o When a classifier inserts a packet onto an SFP, it sets the SPI Label to indicate the identity of the SFP and sets the SI Label to indicate the first SF in the path. o When a component of the SFC system processes a packet, it uses the SPI Label to identify the SFP and the SI Label to determine which SFF or instance of an SF (an SFI) to deliver the packet to. Under normal circumstances (with the exception of branching and reclassification -- see [BGP-NSH-SFC]), the SPI Label value is preserved on all packets. The SI Label value is modified by SFFs and through reclassification to indicate the next hop along the SFP. The following processing rules apply to the TTL field of the SF Label stack entry and are derived from Section 2.2 of [RFC8300]: o When a classifier places a packet onto an SFP, it MUST set the TTL to a value between 1 and 255. It SHOULD set this according to the expected length of the SFP (i.e., the number of SFs on the SFP), but it MAY set it to a larger value according to local configuration. The maximum TTL value supported in an NSH is 63, and so the practical limit here may also be 63. o When an SFF receives a packet from any component of the SFC system (classifier, SFI, or another SFF), it MUST discard any packets with TTL set to zero. It SHOULD log such occurrences but MUST apply rate limiting to any such logs. o An SFF MUST decrement the TTL by one each time it performs a lookup to forward a packet to the next SFF. o If an SFF decrements the TTL to zero, it MUST NOT send the packet and MUST discard the packet. It SHOULD log such occurrences but MUST apply rate limiting to any such logs. o SFIs MUST ignore the TTL but MUST mirror it back to the SFF unmodified along with the SI (which may have been changed by local reclassification).
o If a classifier along the SFP makes any change to the intended
path of the packet, including for looping, jumping, or branching
(see [BGP-NSH-SFC]), it MUST NOT change the SI TTL of the packet.
In particular, each component of the SFC system MUST NOT increase
the SI TTL value; otherwise, loops may go undetected.
7. MPLS Label Stacking
This section describes how the basic unit of MPLS label stack for SFC
(introduced in Section 5) is used when MPLS label stacking is used to
carry information about the SFP and SFs to be executed. The use case
scenarios for this approach are introduced in Section 4.
As can be seen in Figure 3, the top of the label stack comprises the
labels necessary to deliver the packet over the MPLS tunnel between
SFFs. Any MPLS encapsulation may be used.
-------------------
~ Tunnel Labels ~
+-------------------+
~ Optional ~
~ Entropy Label ~
+-------------------+ - - -
| SFC Context Label |
+-------------------+ Basic unit of MPLS label stack for SFC
| SF Label |
+-------------------+ - - -
| SFC Context Label |
+-------------------+ Basic unit of MPLS label stack for SFC
| SF Label |
+-------------------+ - - -
~ ~
+-------------------+ - - -
| SFC Context Label |
+-------------------+ Basic unit of MPLS label stack for SFC
| SF Label |
+-------------------+ - - -
| |
~ Payload ~
| |
-------------------
Figure 3: The MPLS SFC Label Stack for Label Stacking
An entropy label [RFC6790] may also be present, as described in
Section 11.
Under these labels comes one or more instances of the basic unit of MPLS label stack for SFC. In addition to the interpretation of the fields of these label stack entries (provided in Section 5), the following meanings are applied: SFC Context Label: The Label field of the SFC Context Label stack entry contains a label that delivers SFC context. This label contains the SPI, encoded as a 20-bit integer using the semantics exactly as defined in [RFC8300]. Note that in this case a system using MPLS representation of the logical NSH MUST NOT assign SPI values greater than 2^20 - 1 or less than 16. This label may also be used to convey other SFC context-specific semantics, such as indicating how to interpret the SF Label or how to forward the packet to the node that offers the SF if so configured and coordinated with the controller that programs the labels for the SFP. SF Label: The Label field of the SF Label stack entry contains a value that identifies the next SFI to be actioned for the packet. This label may be scoped globally or within the context of the preceding SFC Context Label and comes from the range 16 ... 2^20 - 1. TC: The TC fields are as described in Section 5. S: The S bits are as described in Section 5. TTL: The TTL fields in the SFC Context Label stack entry and in the SF Label stack entry SHOULD be set to 1 as stated in Section 5 but MAY be set to larger values if the label indicated a forwarding operation towards the node that hosts the SF. The following processing rules apply to the Label fields: o When a classifier inserts a packet onto an SFP, it adds a stack comprising one or more instances of the basic unit of MPLS label stack for SFC. Taken together, this stack defines the SFs to be actioned and so defines the SFP that the packet will traverse. o When a component of the SFC system processes a packet, it uses the top basic unit of label stack for SFC to determine to which SFI to next deliver the packet. When an SFF receives a packet, it examines the top basic unit of MPLS label stack for SFC to determine where to send the packet next. If the next recipient is a local SFI, the SFF strips the basic unit of MPLS label stack for SFC before forwarding the packet.
8. Mixed-Mode Forwarding
The previous sections describe homogeneous networks where SFC forwarding is either all label swapping or all label popping (stacking). This simplification helps to clarify the explanation of the mechanisms. However, as described in Section 4.2, some use cases may use label swapping and stacking at the same time. Furthermore, it is also possible that different parts of the network utilize swapping or popping such that an end-to-end service chain has to utilize a combination of both techniques. It is also worth noting that a classifier may be content to use an SFP as installed in the network by a control plane or management plane and so would use label swapping, but that there may be a point in the SFP where a choice of SFIs can be made (perhaps for load balancing) and where, in this instance, the classifier wishes to exert control over that choice by use of a specific entry on the label stack as described in Section 4.3. When an SFF receives a packet containing an MPLS label stack, it checks from the context of the incoming interface, and from the SFP indicated by the top label, whether it is processing an {SPI, SI} label pair for label swapping or a {context label, SFI index} label pair for label stacking. It then selects the appropriate SFI to which to send the packet. When it receives the packet back from the SFI, it has four cases to consider. o If the current hop requires an {SPI, SI} and the next hop requires an {SPI, SI}, it sets the SPI Label according to the SFP to be traversed, selects an instance of the SF to be executed at the next hop, sets the SI Label to the SI value of the next hop, and tunnels the packet to the SFF for that SFI. o If the current hop requires an {SPI, SI} and the next hop requires a {context label, SFI Label}, it pops the {SPI, SI} from the top of the MPLS label stack and tunnels the packet to the SFF indicated by the context label.
o If the current hop requires a {context label, SFI Label}, it pops
the {context label, SFI Label} from the top of the MPLS label
stack.
* If the new top of the MPLS label stack contains an {SPI, SI}
label pair, it selects an SFI to use at the next hop and
tunnels the packet to the SFF for that SFI.
* If the new top of the MPLS label stack contains a {context
label, SFI Label}, it tunnels the packet to the SFF indicated
by the context label.
9. A Note on Service Function Capabilities and SFC Proxies
The concept of an "SFC proxy" is introduced in [RFC7665]. An SFC
proxy is logically located between an SFF and an SFI that is not
"SFC aware". Such SFIs are not capable of handling the SFC
encapsulation (whether that be NSH or MPLS) and need the
encapsulation stripped from the packets they are to process. In many
cases, legacy SFIs that were once deployed as "bumps in the wire" fit
into this category until they have been upgraded to be SFC aware.
The job of an SFC proxy is to remove and then reimpose SFC
encapsulation so that the SFF is able to process as though it was
communication with an SFC-aware SFI, and so that the SFI is unaware
of the SFC encapsulation. In this regard, the job of an SFC proxy is
no different when NSH encapsulation is used and when MPLS
encapsulation is used as described in this document, although (of
course) it is different encapsulation bytes that must be removed and
reimposed.
It should be noted that the SFC proxy is a logical function. It
could be implemented as a separate physical component on the path
from the SFF to the SFI, but it could be co-resident with the SFF or
it could be a component of the SFI. This is purely an implementation
choice.
Note also that the delivery of metadata (see Section 12) requires
specific processing if an SFC proxy is in use. This is also no
different when NSH functionality or the MPLS encoding defined in this
document is in use, and how it is handled will depend on how (or if)
each non-SFC-aware SFI can receive metadata.
10. Control-Plane Considerations
In order that a packet may be forwarded along an SFP, several functional elements must be executed. o Discovery/advertisement of SFIs. o Computation of the SFP. o Programming of classifiers. o Advertisement of forwarding instructions. Various approaches may be taken. These include a fully centralized model where SFFs report to a central controller the SFIs that they support, the central controller computes the SFP and programs the classifiers, and (if the label-swapping approach is taken) the central controller installs forwarding state in the SFFs that lie on the SFP. Alternatively, a dynamic control plane may be used, such as that described in [BGP-NSH-SFC]. In this case, the SFFs use the control plane to advertise the SFIs that they support, a central controller computes the SFP and programs the classifiers, and (if the label-swapping approach is taken) the central controller uses the control plane to advertise the SFPs so that SFFs that lie on the SFP can install the necessary forwarding state.11. Use of the Entropy Label
Entropy is used in ECMP situations to ensure that packets from the same flow travel down the same path, thus avoiding jitter or reordering issues within a flow. Entropy is often determined by hashing on specific fields in a packet header, such as the "five-tuple" in the IP and transport headers. However, when an MPLS label stack is present, the depth of the stack could be too large for some processors to correctly determine the entropy hash. This problem is addressed by the inclusion of an entropy label as described in [RFC6790].
When entropy is desired for packets as they are carried in MPLS tunnels over the underlay network, it is RECOMMENDED that an entropy label be included in the label stack immediately after the tunnel labels and before the SFC Labels, as shown in Figures 2 and 3. If an entropy label is present in an MPLS payload, it is RECOMMENDED that the initial classifier use that value in an entropy label inserted in the label stack when the packet is forwarded (on the first tunnel) to the first SFF. In this case, it is not necessary to remove the entropy label from the payload.12. Metadata
Metadata is defined in [RFC7665] as providing "the ability to exchange context information between classifiers and SFs, and among SFs." [RFC8300] defines how this context information can be directly encoded in fields that form part of the NSH encapsulation. Sections 12.1 and 12.2 describe how metadata is associated with user data packets, and how metadata may be exchanged between SFC nodes in the network, when using an MPLS encoding of the logical representation of the NSH. It should be noted that the MPLS encoding is less functional than the direct use of the NSH. Both methods support metadata that is "per-SFP" or "per-flow" (see [RFC8393] for definitions of these terms), but "per-packet" metadata (where the metadata must be carried on each packet because it differs from one packet to the next even on the same flow or SFP) is only supported using the NSH and not using the mechanisms defined in this document.
12.1. Indicating Metadata in User Data Packets
Metadata is achieved in the MPLS realization of the logical NSH by the use of an SFC Metadata Label, which uses the extended special-purpose label construct [RFC7274]. Thus, three label stack entries are present, as shown in Figure 4: o The Extension Label (value 15). o An extended special-purpose label called the Metadata Label Indicator (MLI) (value 16). o The Metadata Label (ML). ---------------- | Extension = 15 | +----------------+ | MLI | +----------------+ | Metadata Label | ---------------- Figure 4: The MPLS SFC Metadata Label The Metadata Label value is an index into a table of metadata that is programmed into the network using in-band or out-of-band mechanisms. Out-of-band mechanisms potentially include management-plane and control-plane solutions (such as [BGP-NSH-SFC]) but are out of scope for this document. The in-band mechanism is described in Section 12.2. The SFC Metadata Label (as a set of three labels as indicated in Figure 4) may be present zero, one, or more times in an MPLS SFC packet. For MPLS label swapping, the SFC Metadata Labels are placed immediately after the basic unit of MPLS label stack for SFC, as shown in Figure 5. For MPLS label stacking, the SFC Metadata Labels are placed at the bottom of the label stack, as shown in Figure 6.
---------------- ~ Tunnel Labels ~ +----------------+ ~ Optional ~ ~ Entropy Label ~ +----------------+ | SPI Label | +----------------+ | SI Label | +----------------+ | Extension = 15 | +----------------+ | MLI | +----------------+ | Metadata Label | +----------------+ ~ Other ~ | Metadata | ~ Label Triples ~ +----------------+ | | ~ Payload ~ | | ---------------- Figure 5: The MPLS SFC Label Stack for Label Swapping with Metadata Label
------------------- ~ Tunnel Labels ~ +-------------------+ ~ Optional ~ ~ Entropy Label ~ +-------------------+ | SFC Context Label | +-------------------+ | SF Label | +-------------------+ ~ ~ +-------------------+ | SFC Context Label | +-------------------+ | SF Label | +-------------------+ | Extension = 15 | +-------------------+ | MLI | +-------------------+ | Metadata Label | +-------------------+ ~ Other ~ | Metadata | ~ Label Triples ~ +-------------------+ | | ~ Payload ~ | | ------------------- Figure 6: The MPLS SFC Label Stack for Label Stacking with Metadata Label12.2. In-Band Programming of Metadata
A mechanism for sending metadata associated with an SFP without a payload packet is described in [RFC8393]. The same approach can be used in an MPLS network where the NSH is logically represented by an MPLS label stack.
The packet header is formed exactly as previously described in this
document so that the packet will follow the SFP through the SFC
network. However, instead of payload data, metadata is included
after the bottom of the MPLS label stack. An extended
special-purpose label is used to indicate that the metadata is
present. Thus, three label stack entries are present:
o The Extension Label (value 15).
o An extended special-purpose label called the Metadata Present
Indicator (MPI) (value 17).
o The Metadata Label (ML) that is associated with this metadata on
this SFP and can be used to indicate the use of the metadata as
described in Section 12.
The MPI, if present, is placed immediately after the last basic unit
of MPLS label stack for SFC. The resultant label stacks are shown in
Figure 7 for the MPLS label-swapping case and Figure 8 for the MPLS
label-stacking case.
---------------
~ Tunnel Labels ~
+---------------+
~ Optional ~
~ Entropy Label ~
+---------------+
| SPI Label |
+---------------+
| SI Label |
+---------------+
| Extension = 15|
+---------------+
| MPI |
+---------------+
| Metadata Label|
+---------------+
| |
~ Metadata ~
| |
---------------
Figure 7: The MPLS SFC Label Stack for Label Swapping
Carrying Metadata
------------------- ~ Tunnel Labels ~ +-------------------+ ~ Optional ~ ~ Entropy Label ~ +-------------------+ | SFC Context Label | +-------------------+ | SF Label | +-------------------+ | SFC Context Label | +-------------------+ | SF Label | +-------------------+ ~ ~ +-------------------+ | SFC Context Label | +-------------------+ | SF Label | +-------------------+ | Extension = 15 | +-------------------+ | MPI | +-------------------+ | Metadata Label | +-------------------+ | | ~ Metadata ~ | | ------------------- Figure 8: The MPLS SFC Label Stack for Label Stacking Carrying Metadata In both cases, the metadata is formatted as a TLV, as shown in Figure 9. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Length | Metadata Type | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ~ Metadata ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 9: The Metadata TLV
The fields of this TLV are interpreted as follows:
Length: The length of the metadata carried in the Metadata field in
octets, not including any padding.
Metadata Type: The type of the metadata present. Values for this
field are taken from the "NSH MD Types" registry maintained by
IANA and defined in [RFC8300] and encoded with the most
significant bit first.
Metadata: The actual metadata formatted as described in whatever
document defines the metadata. This field is end-padded with zero
to 3 octets of zeroes to take it up to a 4-octet boundary.
12.2.1. Loss of In-Band Metadata
Note that in-band exchange of metadata is vulnerable to packet loss.
This is both a risk arising from network faults and an attack
vulnerability.
If packets that arrive at an SFF use an MLI that does not have an
entry in the metadata table, an alarm can be raised and the packet
can be discarded or processed without the metadata according to local
configuration. This provides some long-term mitigation but is not an
ideal solution.
Further mitigation of loss of metadata packets can be achieved by
retransmitting them at a configurable interval. This is a relatively
cheap, but only partial, solution because there may still be a window
during which the metadata has not been received.
The concern of lost metadata may be particularly important when the
metadata applicable to a specific MPI is being changed. This could
result in out-of-date metadata being applied to a packet. If this is
a concern, it is RECOMMENDED that a new MPI be used to install a new
entry in the metadata table, and the packets in the flow should be
marked with the equivalent new MLI.
Finally, if an application that requires metadata is sensitive to
this potential loss or attack, it SHOULD NOT use in-band metadata
distribution but SHOULD rely on control-plane or management-plane
mechanisms, because these approaches can use a more sophisticated
protocol that includes confirmation of delivery and can perform
verification or inspection of entries in the metadata table.
(next page on part 2)