COPS and RAP Overview Raj Yavatkar, Intel (on behalf of the RAP - - PowerPoint PPT Presentation

cops and rap overview
SMART_READER_LITE
LIVE PREVIEW

COPS and RAP Overview Raj Yavatkar, Intel (on behalf of the RAP - - PowerPoint PPT Presentation

Mar 01, 2023 384 likes •579 views

COPS and RAP Overview Raj Yavatkar, Intel (on behalf of the RAP working group) 9/10/98 Policy BOF, Chicago IETF 1 Outline Background on RAP working group COPS Overview Use of COPS with RSVP Use of COPS with Diff-Serv Policy

slide-1
SLIDE 1

9/10/98 Policy BOF, Chicago IETF 1

COPS and RAP Overview

Raj Yavatkar, Intel (on behalf of the RAP working group)

slide-2
SLIDE 2

9/10/98 Policy BOF, Chicago IETF 2

Outline

■ Background on RAP working group ■ COPS Overview ■ Use of COPS with RSVP ■ Use of COPS with Diff-Serv

slide-3
SLIDE 3

9/10/98 Policy BOF, Chicago IETF 3

Background

■ RAP working group

– Specify a framework for providing policy-based control

  • ver QoS admission control decisions

– focus on policy-based control over admission control using RSVP – allow for policy-based admission control in other QoS contexts, whenever possible – support for monitoring and accounting – drafts

  • draft-ietf-rap-framework-01.txt
  • draft-ietf-rap-cops-02.txt, draft-ietf-rap-cops-ds-

00.txt, draft-ietf-rap-user-identity-00.txt

slide-4
SLIDE 4

9/10/98 Policy BOF, Chicago IETF 4

Architectural Elements

PEP PDP PEP -- Policy Enforcement Point; decisions are enforced here PDP -- makes policy decisions/pushes policy configuration

slide-5
SLIDE 5

9/10/98 Policy BOF, Chicago IETF 5

Interaction between PEP, PDP

■ Two types of operations performed by PEPs

– Outsource decisions

  • When PEP requires a policy decision, PEP

contacts PDP for a policy decision

  • Request contains policy elements and

admission control information (e.g., flowspec).

  • PDP returns policy decision and additional info

– Configuration requests

  • PDP configures PEP with device-specific policy

information

slide-6
SLIDE 6

9/10/98 Policy BOF, Chicago IETF 6

LDAP Auth. server SNMP

  • PDP itself may use other services/protocols such as

LDAP for accessing policy database, an authentication server for user authentication, SNMP for configuration/mgmt, etc.

  • PEP always runs on a policy-aware node

PEP PDP COPS

Topology and Policy Database

slide-7
SLIDE 7

9/10/98 Policy BOF, Chicago IETF 7

COPS (Common Open Policy Service)

■ A request-response protocol for PEP-PDP

interaction

– uses TCP for transport – its own Keep-Alives to detect failures – includes a state synchronization mechanism to handle recovery from failures, etc. – PDP can send an asynchronous notification to PEP when policy decision or configured information changes (e.g., preemption) – facilities to report status, stats, monitoring info

slide-8
SLIDE 8

9/10/98 Policy BOF, Chicago IETF 8

PEP PDP

Request (handle) Decision (handle) Time Decision(handle)

COPS

slide-9
SLIDE 9

9/10/98 Policy BOF, Chicago IETF 9

Example of a COPS Session

■ PEP opens a COPS session

– specifies ClientType

■ PEP sends requests and receives

responses/decisions

– a handle associated with each request

■ PDP can send Unsolicited Decisions any time to

change previously installed state(s) at PEP

■ PEP sends back report messages to report resource

usage and accounting info

■ KeepAlive messages sent when no activity

slide-10
SLIDE 10

9/10/98 Policy BOF, Chicago IETF 10

Use of COPS with RSVP/Intserv

Outsourcing request/response (COPS) RSVP RESV Policy server (PDP) RSVP router Next hop

slide-11
SLIDE 11

9/10/98 Policy BOF, Chicago IETF 11

Use of COPS with Diff-Serv

■ Edge routers (ERs) rely on BB/PDP to make

policy decisions

– No explicit e2e signaling to ER to trigger policy decision (ex., IP telephony call setup) – provides a way to configure ERs with a list of packet filters and accompanying actions – provides a way to asynchronously notify ERs about changes to filters/actions – allows ERs to log usage/accounting info

slide-12
SLIDE 12

9/10/98 Policy BOF, Chicago IETF 12

BB/PDP ER ER ER

BB/PDP

BR BR

slide-13
SLIDE 13

9/10/98 Policy BOF, Chicago IETF 13

Use of COPS for Diffserv (contd.)

■ Use the configuration operation in COPS ■ Example of Interaction:

– PEP opens COPS session with ClientType=DiffServ – PEP requests a filter list

  • response: Filter list -- <filter criteria, action>+
  • policy tree defined for data format

– BB/PDP can update the filter list any time using unsolicited response – PEP notifies BB/PDP of status/usage via report messages

slide-14
SLIDE 14

9/10/98 Policy BOF, Chicago IETF 14

ER BB/PDP

Open (ClientType = DiffServ) Time Request (handle) Unsolicited Response(handle, chnages) Response (handle, filter list) Report (handle)

slide-15
SLIDE 15

9/10/98 Policy BOF, Chicago IETF 15

Backup

slide-16
SLIDE 16

9/10/98 Policy BOF, Chicago IETF 16

Points

■ Support for preemption

– e.g., remove previously installed reservations

■ Support for many styles of policies

– relative priority, bi-lateral, multi-lateral – Scalability:

  • not necessary to contact PDP at each node

■ Provision for monitoring and accounting ■ Fault tolerance/recovery (PDP failures,

partitions and merging, etc.)

slide-17
SLIDE 17

9/10/98 Policy BOF, Chicago IETF 17

Possible Configurations

Network Node PEP PDP LDAP Auth. server SNMP