The IESG has approved the following document: - 'Extensions to the Path Computation Element communication Protocol (PCEP) for Inter-Layer MPLS and GMPLS Traffic Engineering' (draft-ietf-pce-inter-layer-ext-12.txt) as Proposed Standard This document is the product of the Path Computation Element Working Group. The IESG contact persons are Alvaro Retana, Alia Atlas and Deborah Brungard. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-pce-inter-layer-ext/ Technical Summary The Path Computation Element (PCE) provides path computation functions in support of traffic engineering in Multiprotocol Label Switching (MPLS) and Generalized MPLS (GMPLS) networks. MPLS and GMPLS networks may be constructed from layered service networks. It is advantageous for overall network efficiency to provide end-to-end traffic engineering across multiple network layers through a process called inter-layer traffic engineering. This document presents PCEP extensions for inter-layer traffic engineering. Working Group Summary There has been no particular controversy and the consensus behind the document is good. Document Quality Some implementations exist. There were a few detailed reviews during working group last call. Personnel Who is the Document Shepherd for this document? Jonathan Hardwick Who is the Responsible Area Director? Deborah Brungard IESG Notes for the RFC Editor In Section 2 "Those TE links exist at the layer/region boarder normally" should be "border" In Section 8 on Security Considerations: OLD Inter-layer traffic engineering with PCE may raise new security issues when PCE-PCE communication is done between different layer networks for inter-layer path computation. Security issues may also exist when a single PCE is granted full visibility of TE information that applies to multiple layers. Path-Key-based mechanism defined in [RFC5520] MAY be applied to address the topology confidentiality between different layers. NEW Inter-layer traffic engineering with PCE may raise new security issues when PCE-PCE communication is done between different layer networks for inter-layer path computation because information about the networks at different layers will necessarily be exposed in computation results. Furthermore, a PCE in one layer might use computation requests to "probe" for information about the network in the other layer. Security issues may also exist when a single PCE is granted full visibility of TE information that applies to multiple layers. In both cases cited here, the security concerns are to do with exposure of information about a network to parties outside that network. These concerns relate to the privacy of the commercial details of a network, but it should also be understood that distributing information about networks extends the attack surface for those networks. Path-Key-based mechanism defined in [RFC5520] MAY be applied to address the topology confidentiality between different layers. END
