Browse Prior Art Database

RETURN PATH PROCESSING FOR NETWORK SERVICES HEADER (NSH) BASED SERVICE CHAINING

IP.com Disclosure Number: IPCOM000245215D
Publication Date: 2016-Feb-18
Document File: 5 page(s) / 73K

Publishing Venue

The IP.com Prior Art Database

Related People

Jim Ervin: AUTHOR [+4]

Abstract

Techniques are provided to allow an individual service function to reply to a packet by sending a new packet back to its sender without first learning the reverse path-identifier of the flow and the prior service functions in the path. Since the need to wait to learn a reverse path-identifier is removed, these techniques enable service chaining of services, such as security services, which cannot wait for a reply but also require encapsulation. Generally, the techniques presented herein add a "return-to-sender" bit to the base Network Service Header (NSH) by utilizing one of the reserved bits (or a type-length-value (TLV) element within the NSH metadata). The return-to-sender bit will be set by a Service Function (SF) that wishes to send traffic back upstream of a received service path.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 33% of the total text.

Page 01 of 5

RETURN PATH PROCESSING FOR NETWORK SERVICES HEADER (NSH) BASED SERVICE CHAINING

AUTHORS:

 Jim Ervin Tin Yen Jim Guichard

Paul Quinn

CISCO SYSTEMS, INC.

ABSTRACT

    Techniques are provided to allow an individual service function to reply to a packet by sending a new packet back to its sender without first learning the reverse path- identifier of the flow and the prior service functions in the path. Since the need to wait to learn a reverse path-identifier is removed, these techniques enable service chaining of services, such as security services, which cannot wait for a reply but also require encapsulation. Generally, the techniques presented herein add a "return-to-sender" bit to the base Network Service Header (NSH) by utilizing one of the reserved bits (or a type- length-value (TLV) element within the NSH metadata). The return-to-sender bit will be set by a Service Function (SF) that wishes to send traffic back upstream of a received service path.

DETAILED DESCRIPTION

    Service chaining as a general concept allows multiple network services to be connected into a coherent service. Several encapsulation methods exist to facilitate service chaining, including Network Service Header (NSH)-based methods. Inside the NSH there is a unique service path identifier and a service index. Together, the service path identifier and the index determine the next service to invoke as traffic is forwarded through the service chain.

    The encapsulation provided by the combination of the service path identifier and service index is uni-directional in nature. However, for certain applications, it is necessary to return a packet to the original sender. In some instances, this can be done

Copyright 2016 Cisco Systems, Inc.

1


Page 02 of 5

after the application learns the service path identifier of the reverse direction, but, in other instances, such as those of a security nature, a packet must be returned to the sender as soon as the first packet is processed, without learning the return service path.

    When using NSH-based service chaining, the typical packet forwarding between a Service Function (SF) and a Service Function Forwarder (SFF) is a hub-and-spoke model where the SF returns the packet back to the SFF with the service index decremented by one. All forwarding decisions are completed by consulting a service-path identifier and/or service index inside the SFF and the SFF will forward the packet to next SF/SFF in path.

    Presented herein are techniques to allow an SF to send packets to the original sender after receiving the first packet of a flow where the return service path is not known until the entire flow is received.

Solution Overview:

    The techniques presented herein add a "return-to-sender" bit to the base NSH. The return-to-sender bit can come from reserved fields within the NSH header, a separate TLV element of embedded metadata within the NSH, or by blocking off a bit within service path identifier of the NSH header. The return-to-sender bit will...