IPVPN Information Model Requirements - - PowerPoint PPT Presentation

▶

Jan 14, 2023 18 likes •148 views

IPVPN Information Model Requirements <draft-iyer-ipvpn-infomodel-req-00.txt> Information Model <draft-iyer-ipvpn-infomodel-00.txt> Mahadevan Iyer, Arnold Jansen - Alcatel Outline Context Requirement

SLIDE 1

IPVPN Information Model

Requirements

<draft-iyer-ipvpn-infomodel-req-00.txt>

Information Model

<draft-iyer-ipvpn-infomodel-00.txt>

Mahadevan Iyer, Arnold Jansen - Alcatel

SLIDE 2

Outline

Context
Requirement
Overview
Details
Implementation

SLIDE 3

Context

| Service Level | --> SLS capture customer requirement/service

goals(Tequila)

<>---------> Service goal to network policy

translation

| Network Level | --> IP VPN policies capture network
---------------- requirements

<>---------> Network policy to devices level specifications

| Device Level | --> Device specific configuration(SNMP MIBS)

SLIDE 4

Requirement

A mutual understanding between the service

level and the network on how the service is to be provisioned in the network

– A standardized means of communicating requirements from the service level to the provider network – A standardized means of accepting requirements on the network and aligning the network elements

SLIDE 5

Network Requirement

Service Provider Network L3 Access + Distribution + L3 Edge CE CE L3 Access + Distribution + L3 Edge CE L3 Access + Distribution + L3 Edge

Policing VPN Forwarding Instance Traffic Trunk

SLIDE 6

Usage

Service Clients CE Policy Server

Dedicated

VPN gateway Central Office

VPN gateway
BRAS

Edge/Core IP routers PE Policy Server

CPE Based User VPNs CO Based User VPNs MPLS/BGP Network VPNs

Common policy information model

SLIDE 7

Details

+--------------+

|1..n(placement) [Implements the Service] | |
+--------------------------------------------------------+ |
| ipvpnServicePolicyRule

|x-+

+--------------------------------------------------------+
o
|

| | |

|1 [Membership] | |1..n [Reachability] |
+--------------------------+ | +------------------------+ |
|gpsPolicyCompoundCondition| | |ipvpnPolicyRoutingAction| |
+--------------------------+ | +------------------------+ |
|

[Security, QoS, NAT] |1 [Admin, Dist] |1
+-----------------+ +-----------------+
| gpsPolicyGroup | |ipvpnPolicyDomain|
+-----------------+ +-----------------+

SLIDE 8

PolicyValue Extensions

+----gpsPolicyValue[QPIM]
|
+-------gpsPolicyIPv4AddrValue[QPIM]
|
+-------gpsPolicyIPv6AddrValue[QPIM]
|
+-------ipvpnApplicationSignatureValue(this document)
|
+-------ipvpnEnforcerProfileValue(this document)

SLIDE 9

Policy Action Extensions

+----PolicyAction[PCIM]
|
+-------ipvpnPolicyRoutingAction(this document)
|
+-------ipvpnPolicyNATAction(this document)
|
+-------ipvpnPolicyTrafficTrunkAction(this document)
|
+-------ipvpnPolicyFirewallAction(this document)
|
+-------ipvpnPolicyEncryptionAction(this document)
|
+-------qoSPolicyPRAction[QPIM]
|
+-------qoSPolicyRSVPAction[QPIM]
|
+-------qoSPolicyRSVPSignalCtrlAction[QPIM]
|
+-------qoSPolicyRSVPInstallAction[QPIM]

SLIDE 10

IP Service Description

Simple example of an IP service

– Connect specific sites S1, S2, S3 (hub-spoke) – Provide QoS assurances for certain IP flows between the sites – Provide internet access and protect the sites – Encrypt all the traffic between S1 and S2

SLIDE 11

IP VPN Definition

Connectivity Requirement

– Membership

PolicyEnforcerCondition = PE1, PE2, …

– Reachability

RoutingAction = S1 – PE1 – PE2 – S2
PolicyGroup

– QoS Requirement

Specific flow has min/max bandwidth, DSCP marking
Traffic trunk requirements over PE1 – PE2

– Security requirement

Firewall traffic from the internet to the sites
Encrypt traffic between S1 and S2

SLIDE 12

Implementation

| Service Level | --> SLS capture customer requirement/service