Internet Draft T. Anderson Expiration: August 2001 Intel File: draft-anderson-req-dyn-part-00.txt A. Doria Nortel Networks February 2001 Requirements for the Dynamic Partitioning of Network Elements Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as ``work in progress.'' To view the current status of any Internet-Draft, please check the ``1id-abstracts.txt'' listing contained in an Internet-Drafts Shadow Directory, see http://www.ietf.org/shadow.html. Conventions used in this document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. Abstract This document identifies a set of requirements for the mechanisms used to dynamically reallocate the resources of a partitionable network element (NE). These requirements are particularly critical in the case of an operator creating a virtual NE (by partitioning a physical NE) and then leasing control of that virtual NE to a third party. 1. Definitions In this document, the following definitions will be used. Anderson et. al. Expires August 2001 [Page 1]
Internet Draft Requirements for Dynamic Partitioning Feb 2001 Partition - A partition is a defined set of a physical network element (NE) resources that can be used to create a virtual NE. Active Partition - An active partition is a partition in which the resources are in use; either under the direct control of a separate controller or under internal policy based control. Controller - The entity responsible for controlling the operations of an active partition. Static Partitioning - In static partitioning, no changes can be made to any active partitionÆs resources without requiring a restart of that partition. Instances of repartitioning in which connections to controllers are disconnected before resources are reallocated therefore fall into this category. Dynamic Partitioning - In dynamic partitioning, an active partitionÆs resources can be reapportioned without requiring a restart of the partition. Frozen Partition - A frozen partition is an active partition which is in the process of shutdown. A frozen partition's unused resources are relinquished, but all current connections are allowed to remain until removed by the controller. As connections close the resources are returned to the NE. Deterministic Partitioning - In deterministic partitioning, each active partition is given an allotted quantity of each resource. The usage of resources in one active partition do not influence the resources available to another active partition. All discussions in these requirements presuppose the use of deterministic partitioning. Statistical Partitioning - In statistical partitioning, some or all resources are pooled among the active partitions, and allocations may be based on percentages or on some other metric. Discussion of statistical partitions is outside the scope of these requirements. Proactive Notification - A proactive notification is a message sent from a NE to its controller at the time an event occurs. Specifically, if a NE asynchronously sends the controller a message when it is dynamically partitioned, we say that the NE has proactively notified its controller of the resource reapportionment. Explicit Reactive Notification - In explicit reactive notification, the NE does not asynchronously send a message when dynamic partitioning occurs. Instead, the NE includes a "resource changed" error code in the response to a subsequent request by the controller. Implicit Reactive Notification - This is similar to an Explicit Reactive Notification except that the protocol does not contain an explicit "resource changed" error. In this case, all that the NE Anderson et. al. Expires August 2001 [Page 2]
Internet Draft Requirements for Dynamic Partitioning Feb 2001 can do is to indicate that some unspecified error has occurred when the controller attempts to use non-allocated resources. 2. Introduction Several logical entities are involved in the partitioning and control of a NE. First, there is the physical NE itself that is capable of having its resources partitioned. (This also implies the ability to enforce this division of resources between competing partitions). The partition manager (PM) is the management entity that specifies the number of virtual NEs, partitions, in which the physical NE should be partitioned. The PM then allocates the resources of the physical NE to those virtual NEs. Subsequently, one or more controllers would direct the use of the resources of that now active partition. In many cases, the physical realm reflects this logical division of functionality. For example, MEGACO [RFC3015] and GSMP [GSMPv3] are examples of protocols that allow control functionality to be physically separated from switching/forwarding functionality. Recently, some regulatory environments have mandated multi-provider access to a single physical infrastructure. To satisfy these regulations, a common use of partitioning will be for the owner of the physical NE to partition the NE into several virtual NEs, partitions, and then to lease these to third parties. In this case, the PM must be physically separate from all of the controllers. Since the physical NE must also be remotely configurable, the PM will also be physically separate from the physical NE. The following illustration depicts this arrangement. The dashed lines indicate potential interactions. ------------------ ------------------- | | 3 | | | Partition |-------------| Controller | | Manager | | | ------------------ ------------------- \ / \ / \ 1 2 / \ / ----------------- | | | Network | | Element | ----------------- The interaction labeled "1" is one in which the PM partitions the NE and allocates resources to the partitions. In order to support dynamic partitioning, this document will place certain requirements on proposed (or new) solutions in this space such as [MSF-SPMIB]. The interaction labeled "2" is one by which the controller configures and manages an active partition of the physical NE. Anderson et. al. Expires August 2001 [Page 3]
Internet Draft Requirements for Dynamic Partitioning Feb 2001 Proposed solutions in this space include GSMP [GSMPv3] and MEGACO [RFC3015]. The interaction labeled "3" is one by which a PM and a controller could communicate to alter the nature of an active partition. Possible interactions include: - A controller could request that the resources of one of its active partitions be altered; either increased or decreased. - The PM could respond to a controller request for altered resource levels. - The PM could request that a controller release resources currently allocated to one of its active partitions. This could involve the following types of request: - A request to relinquish allocated but currently unused resources. That is to put a freeze on additional use of the specified resources. - A request to relinquish used resources. - A request to relinquish an active partition. That is a request that a controller shut down an active partition. - The controllerÆs response to a PM request. As far as the authors know, no proposed standard solutions currently exist for type 3 interactions. 3. Dynamic Partitioning Static repartitioning of a NE can be a costly and inefficient process. First, before static repartitioning can take place, all existing connections with controllers must be severed. When this happens, the NE will typically release all the state configured by the controller. Then, the virtual NE must be placed in the "down" state while the repartitioning takes place. Once the repartitioning is completed, the partitions are placed in the "up" state and the controllers are allowed to reconnect to the partitions. Then, the controllers can reestablish state in the active partition. Thus, static repartitioning results in a period of downtime and a period in which the controllers are reestablishing state. This is the case even if resources that are not currently in use in one partition, either and active or an inactive partition, are intended for a fully loaded active partition. Therefore, dynamic partitioning is to be preferred to static partitioning since it avoids the downtime and loss of state associated with static partitioning. However, a different set of potential problems exist for dynamic partitioning. Some questions to be answered include the following: - Who initiates the repartitioning on the NE? - How is the controller notified of an increase or decrease in resources? - What should happen when the PM would like to decrease the resources allocated to a partition but those Anderson et. al. Expires August 2001 [Page 4]
Internet Draft Requirements for Dynamic Partitioning Feb 2001 resources are in use? 4. Requirements This document does not attempt to answer the preceding questions but instead defines a set of requirements that any solution to these problems MUST satisfy. 1. If a PM instructs a NE to release resources allocated to an active partition and if any of those resources are currently in use, the NE MUST deny the PMÆs request. 2. During dynamic repartitioning, a NE MUST maintain all existing connection state. 3. If a NE denies a repartitioning request due to resources being in use, the PM MAY contact the controller to ask it to reduce its resource utilization. 4. If a PM has requested that a controller reduce resource utilization so that a partition can be downsized and that controller is not cooperating, the PM MUST be able to "down" the virtual NE, thereby disconnecting the controller, and then reduce the partitionÆs resources. In other words, the PM must be able to resort to static partitioning when a controller is uncooperative. 5. Control protocols SHOULD NOT include any mechanism by which a NE can ask its controller to reduce its resource usage. 6. Because controllers cannot be trusted to use only those resources allocated to their active partitions, the NE MUST reject all such attempts. Preferably, the control protocol would allow the NE to do so with an explicit reactive notification although implicit reactive notifications are also permitted. 7. Control protocols MAY contain proactive resource notification messages by which a NE could instantaneously inform the controller of an increase or decrease in resources. When present, dynamic partitioning solutions MAY make use of proactive notifications. However, we do not specifically require control protocols to contain proactive notifications because all control protocols must already have explicit or implicit reactive notifications as mentioned in requirement #6. 8. A PM MAY directly inform a controller of a change in virtual NE resources rather than rely on the implicit resource exhaustion mechanism of the control protocol. 9. NEs MAY inform the PM of resource exhaustion on a particular partition. 10. A controller MAY ask the PM for further resources or a reduction in existing resources. 11. To support the automation of interaction between the PM and attached controllers, the PM MUST be able to determine from the NE the addresses of the controllers that are currently attached to a virtual NE. 5. Security Considerations Only authorized PMs MUST be allowed to dynamically repartition a NE. Similarly, only the PM (or an authorized agent of the PM) that is Anderson et. al. Expires August 2001 [Page 5]
Internet Draft Requirements for Dynamic Partitioning Feb 2001 authorized to partition a NE MUST be allowed to contact controllers to request that they decrease their resources or inform them that their resources have been increased. Likewise, the PM MUST verify and authenticate that any requests for additional/fewer resources for a virtual NE have come from a controller authorized to control the specified virtual NE. 6. Intellectual Property Considerations The IETF is being notified of intellectual property rights claimed in regard to some or all of the specification contained in this document. For more information, consult the online list of claimed rights. 7. References [GSMPv3] A. Doria, et. al, "Draft-ietf-gsmp-08.txt", work in progress. [SPMIB] T. Anderson, et. al, "draft-anderson-partitioning-mib- 00.txt", work in progress, February 2001. [RFC2119] S. Bradner, "Key words for use in RFCs to Indicate Requirement Levels", RFC 2119, BCP 14, March 1997. [RFC2297] P. Newman, et. al., "IpsilonÆs General Switch Management Protocol Version 2.0," RFC2297, March 1998. [RFC3015] F. Cuervo, et. al., "Megaco Protocol 1.0," RFC3015, November 2000. 8. Author Information Todd A. Anderson Intel 2111 NE 25th Avenue Hillsboro, OR 97124 USA +1 503 712 1760 todd.a.anderson@intel.com Avri Doria Nortel Networks 600 Technology Park Drive Billerica, MA 01821 Phone: +1 401 663 5024 Email: avri@nortelnetworks.com Anderson et. al. Expires August 2001 [Page 6]
