1. Field of the Invention
The present invention relates to computer networks and more particularly to enforcing inter-domain policy and quality of service (QoS) for Traffic Engineering (TE) Label Switched Paths (LSPs) in a computer network.
2. Background Information
A computer network is a geographically distributed collection of nodes interconnected by communication links and segments for transporting data between end nodes, such as personal computers and workstations. Many types of networks are available, with the types ranging from local area networks (LANs) to wide area networks (WANs). LANs typically connect the nodes over dedicated private communications links located in the same general physical location, such as a building or campus. WANs, on the other hand, typically connect geographically dispersed nodes over long-distance communications links, such as common carrier telephone lines, optical lightpaths, synchronous optical networks (SONET), or synchronous digital hierarchy (SDH) links. The Internet is an example of a WAN that connects disparate networks throughout the world, providing global communication between nodes on various networks. The nodes typically communicate over the network by exchanging discrete frames or packets of data according to predefined protocols, such as the Transmission Control Protocol/Internet Protocol (TCP/IP). In this context, a protocol consists of a set of rules defining how the nodes interact with each other. Computer networks may be further interconnected by an intermediate network node, such as a router, to extend the effective “size” of each network.
Since management of interconnected computer networks can prove burdensome, smaller groups of computer networks may be maintained as routing domains or autonomous systems. The networks within an autonomous system (AS) are typically coupled together by conventional “intradomain” routers configured to execute intradomain routing protocols, and are generally subject to a common authority. To improve routing scalability, a service provider (e.g., an ISP) may divide an AS into multiple “areas.” It may be desirable, however, to increase the number of nodes capable of exchanging data; in this case, inter-domain routers executing inter-domain routing protocols are used to interconnect nodes of the various ASes. Moreover, it may be desirable to interconnect various ASes that operate under different administrative domains. As used herein, an AS or an area is generally referred to as a “domain,” and a router that interconnects different domains together is generally referred to as a “border router.”
An example of an inter-domain routing protocol is the Border Gateway Protocol version 4 (BGP), which performs routing between domains (ASes) by exchanging routing and reachability information among neighboring inter-domain routers of the systems. An adjacency is a relationship formed between selected neighboring (peer) routers for the purpose of exchanging routing information messages and abstracting the network topology. The routing information exchanged by BGP peer routers typically includes destination address prefixes, i.e., the portions of destination addresses used by the routing protocol to render routing (“next hop”) decisions. Examples of such destination addresses include IP version 4 (IPv4) and version 6 (IPv6) addresses. BGP generally operates over a reliable transport protocol, such as TCP, to establish a TCP connection/session. The BGP protocol is well known and generally described in Request for Comments (RFC) 1771, entitled A Border Gateway Protocol 4 (BGP-4), published March 1995.
Examples of an intradomain routing protocol, or an interior gateway protocol (IGP), are the Open Shortest Path First (OSPF) routing protocol and the Intermediate System-to-Intermediate-System (IS-IS) routing protocol. The OSPF and IS-IS protocols are based on link-state technology and, therefore, are commonly referred to as link-state routing protocols. Link-state protocols define the manner with which routing information and network-topology information are exchanged and processed in a domain. This information is generally directed to an intradomain router's local state (e.g., the router's usable interfaces and reachable neighbors or adjacencies). The OSPF protocol is described in RFC 2328, entitled OSPF Version 2, dated April 1998 and the IS-IS protocol used in the context of IP is described in RFC 1195, entitled Use of OSI IS-IS for routing in TCP/IP and Dual Environments, dated December 1990, both of which are hereby incorporated by reference.
Multi-Protocol Label Switching (MPLS) Traffic Engineering has been developed to meet data networking requirements such as guaranteed available bandwidth or fast restoration. MPLS Traffic Engineering exploits modern label switching techniques to build guaranteed bandwidth end-to-end tunnels through an IP/MPLS network of label switched routers (LSRs). These tunnels are a type of label switched path (LSP) and thus are generally referred to as MPLS Traffic Engineering (TE) LSPs. Examples of MPLS TE can be found in RFC 3209, entitled RSVP-TE: Extensions to RSVP for LSP Tunnels dated December 2001, RFC 3784 entitled Intermediate-System-to-Intermediate-System (IS-IS) Extensions for Traffic Engineering (TE) dated June 2004, and RFC 3630, entitled Traffic Engineering (TE) Extensions to OSPF Version 2 dated September 2003, the contents of all of which are hereby incorporated by reference in their entirety.
Establishment of an MPLS TE-LSP from a head-end LSR to a tail-end LSR involves computation of a path through a network of LSRs. Optimally, the computed path is the “shortest” path, as measured in some metric, that satisfies all relevant LSP Traffic Engineering constraints such as e.g., required bandwidth, “affinities” (administrative constraints to avoid or include certain links), etc. Path computation can either be performed by the head-end LSR or by some other entity operating as a path computation element (PCE) not co-located on the head-end LSR. The head-end LSR (or a PCE) exploits its knowledge of network topology and resources available on each link to perform the path computation according to the LSP Traffic Engineering constraints. Various path computation methodologies are available including CSPF (constrained shortest path first). MPLS TE-LSPs can be configured within a single domain, e.g., area, level, or AS, or may also span multiple domains, e.g., areas, levels, or ASes.
The PCE is an entity having the capability to compute paths between any nodes of which the PCE is aware in an AS or area. PCEs are especially useful in that they are more cognizant of network traffic and path selection within their AS or area, and thus may be used for more optimal path computation. A head-end LSR may further operate as a path computation client (PCC) configured to send a path computation request to the PCE, and receive a response with the computed path, which potentially takes into consideration other path computation requests from other PCCs. It is important to note that when one PCE sends a request to another PCE, it acts as a PCC. PCEs conventionally have limited or no visibility outside of its surrounding area(s), level(s), or AS. A PCC can be informed of a PCE either by pre-configuration by an administrator, or by a PCE Discovery (PCED) message (“advertisement”), which is sent from the PCE within its area or level or across the entire AS to advertise its services.
One difficulty that arises in crossing domain boundaries is that path computation at the head-end LSR requires knowledge of network topology and resources across the entire network between the head-end and the tail-end LSRs. Yet service providers typically do not share this information with each other across domain borders. In particular, network topology and resource information do not generally flow across area boundaries even though a single service provider may operate all the areas. Neither the head-end LSR nor any single PCE will have sufficient knowledge to compute a path where the LSR or PCE may not have the required knowledge should the destination not reside in a directly attached domain. Because of this, MPLS Traffic Engineering path computation techniques are required to compute inter-domain TE-LSPs.
In order to extend MPLS TE-LSPs across domain boundaries, the use of PCEs may be configured as a distributed system, where multiple PCEs collaborate to compute an end-to-end path (also referred to as “Multi-PCE path computation”). Examples of such a distributed PCE architecture are described in commonly-owned copending U.S. patent application Ser. No. 10/767,574, entitled COMPUTING INTERAUTONOMOUS SYSTEM MPLS TRAFFIC ENGINEERING LSP PATHS, filed by Vasseur et al., on Sep. 18, 2003, and U.S. patent application Ser. No. 11/049,587, entitled INTER-DOMAIN PATH COMPUTATION TECHNIQUE, filed by Vasseur et al., on Feb. 2, 2005, the contents of both which are hereby incorporated by reference in their entirety. In a distributed PCE architecture, the visibility needed to compute paths is extended between adjacent domains so that PCEs may cooperate to compute paths across multiple domains by exchanging virtual shortest path trees (VSPTs) while preserving confidentiality across domains (e.g., when applicable to ASes).
Some applications may incorporate unidirectional data flows configured to transfer time-sensitive traffic from a source (sender) in a computer network to a destination (receiver) in the network in accordance with a certain “quality of service” (QoS). Here, network resources may be reserved for the unidirectional flow to ensure that the QoS associated with the data flow is maintained. The Resource ReSerVation Protocol (RSVP) is a network-control protocol that enables applications to reserve resources in order to obtain special QoS for their data flows. RSVP works in conjunction with routing protocols to, e.g., reserve resources for a data flow in a computer network in order to establish a level of QoS required by the data flow. RSVP is defined in R. Braden, et al., Resource ReSerVation Protocol (RSVP), RFC 2205. In the case of traffic engineering applications, RSVP signaling is used to establish a TE-LSP and to convey various TE-LSP attributes to routers, such as border routers, along the TE-LSP obeying the set of required constraints whose path may have been computed by various means.
In order to ensure that the traffic of the data flow remains within the reserved resources, QoS enforcement generally consists of policing (dropping), shaping (buffering), or marking packets that are carried over a given TE-LSP so that traffic is conditioned in accordance with the QoS parameters signaled by RSVP messages during establishment of the TE-LSP. For example, if a TE-LSP has reserved 5 Megabits per second (Mb/s) of bandwidth through a given node, that node may enforce the reservation by dropping packets transmitted at a higher bandwidth. The QoS enforcement may also conform to a number of configurable parameters, such as, e.g., a tolerable margin (a percent greater than the reserved constraints), burst allowance (the tolerable margin above the reserved constraints for a certain length of time), etc.
Service providers may use a set of rules or a “policy” about the traffic within their domain (e.g., within an AS). These policies may include traffic limitations for individual nodes within the domain, general limitations on the total amount of traffic within the domain, etc. Typically, when a node attempts to establish a traffic flow (e.g., a TE-LSP) through a Policy Enforcement Point (PEP), the PEP may request permission from a policy server within the domain. The policy server (e.g., a Policy Decision Point, PDP) determines whether to permit or deny the request, based on the policy and the current state of traffic within the domain (e.g., active data flows), and responds accordingly. An example of a policy-based communication protocol is detailed in RFC 2748, entitled The COPS (Common Open Policy Service) Protocol dated January 2000, and for RSVP in RFC 2749, entitled COPS Usage for RSVP dated January 2000, which are hereby incorporated by reference as though fully set forth herein.
Often, two or more service providers will have a policy regarding the traffic that is allowed to flow between the providers (e.g., between two ASes). For example, a first service provider may limit a second service provider to transmitting 100 Mb/s into the first service provider's domain, or may limit the second service provider to ten TE-LSPs into the domain, etc. These inter-domain policies are helpful to avoid excessive traffic flows into a local domain from a remote domain, and may also help enforce contractual agreements between the two or more service providers. Notably, proposed requirements for such inter-domain or inter-operator MPLS-TE traffic is further discussed in Zhang, Vasseur, et al. MPLS Inter-AS Traffic Engineering Requirements <draft-ietf-tewg-interas-mpls-te-req-09.txt>, Internet Draft, September 2004, which is hereby incorporated by reference as though fully set forth herein.
One problem, however, lies in the inability to efficiently enforce inter-domain policy and QoS. Because most inter-domain configurations involve multiple exit/entry links, the receiving domain (local domain) is generally unable to properly predict which entrance the sending domain (remote domain) will use to send traffic into the local domain. For instance, assume that there are two possible entrances to the local domain from the remote domain, and that the local domain policy limits the remote domain to send 10 Mb/s of total traffic into the local domain. Without first knowing where to enforce the policy, the options are to either apply a 100 Mb/s enforcement to one link and deny use of the other, or to arbitrarily split the bandwidth over the links, e.g., 50% to each link. In the first instance, all the traffic traverses a single link, which is undesirable, while in the second instance, any data flows requiring over 50% of the resources will be unable to select either link. Currently, in many networks this problem manifests as a lack of any means of enforcement other than a manual monitoring of network traffic trends and subsequent human negotiation of inter-domain policy terms and compliance.
In addition, there is currently no interaction between inter-domain path computation and inter-domain policy enforcement. As mentioned above, there are various options available (e.g., using PCEs) to compute inter-domain paths, but the computation of those paths is currently independent of inter-domain policy, such that a computed path may actually be out of policy. There remains a need, therefore, for a system and method to efficiently enforce inter-domain policy and QoS, and to correlate the enforcement with the initial computation of inter-domain paths.