Protocol Action: 'Extensions to the Path Computation Element communication Protocol (PCEP) for Inter-Layer MPLS and GMPLS Traffic Engineering' to Proposed Standard (draft-ietf-pce-inter-layer-ext-12.txt)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The IESG has approved the following document:
- 'Extensions to the Path Computation Element communication Protocol
   (PCEP) for Inter-Layer MPLS and GMPLS Traffic Engineering'
  (draft-ietf-pce-inter-layer-ext-12.txt) as Proposed Standard

This document is the product of the Path Computation Element Working
Group.

The IESG contact persons are Alvaro Retana, Alia Atlas and Deborah
Brungard.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-pce-inter-layer-ext/





Technical Summary

The Path Computation Element (PCE) provides path computation
 functions in support of traffic engineering in Multiprotocol Label
 Switching (MPLS) and Generalized MPLS (GMPLS) networks.
 MPLS and GMPLS networks may be constructed from layered service
 networks.  It is advantageous for overall network efficiency to
 provide end-to-end traffic engineering across multiple network layers
 through a process called inter-layer traffic engineering.  This
 document presents PCEP extensions for inter-layer traffic
 engineering.

Working Group Summary

There has been no particular controversy and the consensus behind
the document is good. 

Document Quality

 Some implementations exist.  There were a few detailed reviews during
 working group last call.

Personnel

   Who is the Document Shepherd for this document?  Jonathan Hardwick
   Who is the Responsible Area Director? Deborah Brungard

IESG Notes for the RFC Editor

In Section 2 "Those TE links exist at the layer/region boarder normally" should be "border"

In Section 8 on Security Considerations:
OLD
   Inter-layer traffic engineering with PCE may raise new security
   issues when PCE-PCE communication is done between different layer
   networks for inter-layer path computation.  Security issues may also
   exist when a single PCE is granted full visibility of TE information
   that applies to multiple layers.

   Path-Key-based mechanism defined in [RFC5520] MAY be applied to
   address the topology confidentiality between different layers.
NEW 
   Inter-layer traffic engineering with PCE may raise new security
   issues when PCE-PCE communication is done between different layer
   networks for inter-layer path computation because information about
   the networks at different layers will necessarily be exposed in
   computation results.  Furthermore, a PCE in one layer might use 
   computation requests to "probe" for information about the network
   in the other layer. 
   
   Security issues may also exist when a single PCE is granted full 
   visibility of TE information that applies to multiple layers.

   In both cases cited here, the security concerns are to do with 
   exposure of information about a network to parties outside that
   network.  These concerns relate to the privacy of the commercial
   details of a network, but it should also be understood that 
   distributing information about networks extends the attack surface
   for those networks.

   Path-Key-based mechanism defined in [RFC5520] MAY be applied to
   address the topology confidentiality between different layers.
END






[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux