Network routing deployed in the Internet today is focused primarily on connectivity, and typically supports only one class of service, the best effort class. Multi-protocol label switching, on the other hand, by integrating a label-swapping framework with network layer routing allows flexibility in the delivery of new routing services, since it allows new services to be added without changing the basic forwarding mechanism. This enables more sophisticated features such as quality-of-service (QoS) and traffic engineering to be implemented. An important component of providing QoS, however, is the ability to do so reliably and efficiently. Although the current routing algorithms are very robust and survivable, the amount of time they take to recover from a failure can be significant, on the order of several seconds or minutes, causing serious disruption of service in the interim. This is unacceptable to many organizations that aim to provide a highly reliable service, and thus require recovery times on the order of tens of milliseconds.
Since MPLS binds packets to a route (or path) via the labels, and is likely to be the technology of choice in the future IP-based transport network, it is imperative that MPLS be able to provide protection and restoration of traffic. In fact, a protection priority could be used as a differentiating mechanism for premium services that require high reliability. The remainder of this document discusses the protection requirements for MPLS transport, provides a framework for it, and presents the details of a path-based protection mechanism.
Protection of traffic at the MPLS layer (called MPLS protection) is useful for a number of reasons. The most important is its ability to increase network reliability by enabling a faster response to failures than is possible with Layer 3 (or the IP layer) alone. Furthermore, a protection mechanism at the MPLS layer could enable IP traffic to be put directly over WDM optical channels, without an intervening SONET layer, which would facilitate the construction of IP-over-WDM networks. More importantly, protection at the MPLS layer gives the provider the flexibility to choose the granularity at which traffic is protected, and to also choose the specific types of traffic that are protected.
This document assumes the terminology given in, and, in addition, introduces the following new terms.
Failure Indication Signal
A signal that indicates that a failure has been detected at a peer LSR. It consists of a sequence of failure indication packets transmitted by a downstream LSR to an upstream LSR, at time intervals of T2 units, for a maximum of T3 time units. It is relayed by each intermediate LSR to its upstream neighbor, until it reaches an LSR that is setup to perform a protection switch.
Failure Recovery Signal
A signal that indicates that a failure along the path of an LSP has been repaired. It consists of a sequence of recovery indication packets that are transmitted by a downstream LSR to its upstream LSR, at intervals of T2′ units, for a maximum of T3′ units. Again, like the failure indication signal, it is relayed by each intermediate LSR to its upstream neighbor, until is reaches the LSR that performed the original protection switch.
Liveness Message
A message exchanged periodically between two adjacent LSRs that serves as a link probing mechanism. It provides an integrity check of the forward and the backward directions of the link between the two LSRs as well as a check of neighbor aliveness.
Link Failure
A link failure is defined as the failure of the link probing mechanism, and is indicative of the failure of either the underlying physical link between adjacent LSRs or a neighbor LSR itself. (In case of a bidirectional link implemented as two unidirectional links, it could mean that either one or both unidirectional links are damaged.)
Loss of Signal
A lower layer impairment that occurs when a signal is not detected at an interface. This may be communicated to the MPLS layer by the lower layer.
Loss of Packet
An MPLS layer impairment that is local to the LSR and consists of excessive discarding of packets at an interface, either due to label mismatch or due to TTL errors.
Working or Active LSP
A LSP established to carry traffic from a source LSR to a destination LSR under normal conditions, that is, in the absence of failures. In other words, a working LSP is an LSP that contains streams that require protection.
Working or Active Path
The portion of a working LSP that requires protection. (A working path can be a segment of an LSP (or a segment of a PMTG) or a complete LSP (or PMTG).) The working path is denoted by the sequence of LSRs that it traverses.
Protection Switch LSR
A LSR that is the origin of both the working path and its corresponding protection path. Upon learning of a failure, either via the FIS or via its own detection mechanism, the protection switch LSR switches protected traffic from the working path to the corresponding backup path.
Protection Merge LSR
A LSR that terminates both a working path and its corresponding protection path, and either merges their traffic into a single outgoing LSP, or, if it is itself the destination, passes the traffic on to the higher layer protocols.
Intermediate LSR
A LSR on the working or protection path that is neither a PSL nor a PML.
MPLS Traffic Group
A logical bundling of multiple, working LSPs, each of which is routed identically between a PSL and a PML. Thus, each LSP in a traffic group shares the same redundant routing between the PSL and the PML.
Protected MPLS Traffic Group
An MPLS traffic group that requires protection.
Protected MPLS Traffic Portion
The portion of the traffic on an individual LSP that requires protection. A single LSP may carry different classes of traffic, with different protection requirements. The protected portion of this traffic may be identified by its class, as for example, via the EXP bits in the MPLS shim header or via the priority bit in the ATM header.
Protection or Backup LSP (or Protection or Backup Path)
A LSP established to carry the traffic of a working path (or paths) following a failure on the working path (or on one of the working paths, if more than one) and a subsequent protection switch by the PSL. A protection LSP may protect either a segment of a working LSP (or a segment of a PMTG) or an entire working LSP (or PMTG). A protection path is denoted by the sequence of LSRs that it traverses.
Revertive
A switching option in which streams are automatically switched back from the protection path to the working path upon the restoration of the working path to a fault-free condition.
Non-revertive
A switching option in which streams are not automatically switched back from a protection path to its corresponding working path upon the restoration of the working path to a fault-free condition.
Reverse Notification Tree
A point-to-multipoint tree that is rooted at a PML and follows the exact reverse path of the multipoint-to-point tree formed by merging of working paths (due to label merging). The reverse notification tree allows the FIS to travel along its branches towards the PSLs, which perform the protection switch.
MPLS Protection Domain
The set of LSRs over which a working path and its corresponding protection path are routed. The protection domain is denoted as: (working path, protection path).
FIS: Failure Indication Signal.
FRS: Failure Recovery Signal.
LF: Link Failure.
LOP: Loss of Packets
LOS: Loss of Signal.
MTG: MPLS Traffic Group.
PMTG: Protected MPLS Traffic Group.
PMTP: Protected MPLS Traffic Portion.
RNT: Reverse Notification Tree.
The need for MPLS layer protection and for open standards in protection arises because of the following:                (i) Layer 3 or IP rerouting may be too slow for a core MPLS network that needs to support high reliability/availability.        (ii) Layer 0 (for example, optical layer) or Layer 1 (for example, SONET) mechanisms may be limited to ring topologies and may not include mesh protection.        (iii) Layer 0 or Layer 1 mechanisms may have no visibility into higher layer operations. Thus, while they may provide link protection for example, they cannot easily provide MPLS path protection.        (iv) Establishing interoperability of protection mechanisms between multi-vendor LSRs in core MPLS networks is urgently required to enable the adoption of MPLS as a viable core transport technology.        