Integrating YANG Configuration and Management into an Abstraction and Control of TE Networks (ACTN) System for Optical Networks

Introduction Abstraction and Control of Traffic Engineering Networks (ACTN) is an architecture that simplifies and optimises the management and control of network resources to deliver connectivity services in Traffic Engineering (TE) networks, including optical networks. ACTN abstracts and controls TE resources to enable end-to-end service provisioning and management across multiple network domains. It provides a way to orchestrate and automate the management of network resources, including connectivity and bandwidth, to meet the requirements of specific services or applications. ACTN in an optical network leverages Software Defined Networking (SDN) concepts to achieve its objectives. By applying SDN principles, such as centralised control and programmability, to the transport (i.e., sub-IP) layer, ACTN enables efficient orchestration and service provisioning in a multi-domain environment. ACTN adds a higher-level framework and management capabilities specifically tailored for TE transport networks, including the abstraction of network resources, service provisioning, and resource optimisation. The term FCAPS is used in network management and stands for Fault, Configuration, Accounting, Performance, and Security. FCAPS is a widely accepted framework that categorises different aspects of network management and provides a structured approach to managing and maintaining networks, addressing various operational and maintenance areas. Although FCAPS provides a structured framework for key functions required for managing networks, the level of granularity depends on how it is implemented; therefore, it does not inherently guarantee fine detail (fine-grain) control and observation. While ACTN primarily deals with the abstraction and control of TE networks for service provisioning, FCAPS covers broader aspects of network management. In practice, while ACTN provides a suitable architecture for requesting and monitoring connectivity services in optical networks, operators would also like to leverage the FCAPS framework for specific operational tasks and management activities. ACTN and FCAPS are not mutually exclusive, and this document explains how FCAPS can be integrated into the ACTN architecture as applied to optical networks. It considers which elements of IETF work can be used, and what new work is needed. This enhanced ACTN architecture is known as ACTN Fine-Detail Network Management (ACTN FDNM). It provides an evolution path for FCAPS Operational Support System (OSS) functions from Common Object Request Broker Architecture (CORBA) interfaces and the Multi-Technology Operations System Interface (MTOSI) architecture , to IETF YANG-based models and RESTful APIs. It should be noted that optical networks have a lot of details that are specific to the transmission medium (i.e., the physical and optical components and mechanisms used to send data on optical fibers). Different networks contain different physical transmission components that need to be managed in very specific ways. This can make generalisation of configuration and management hard, and means that the nature of ACTN FDNM is different in an optical network than it might be in a more general (and specifically, packet-based) TE network.

FCAPS Transport Network Management Approaches ITU-T G.805 specifies the architecture and framework for the management of transport networks. G.805 provides guidelines and principles for managing network resources and services in a coordinated and efficient manner. TMForum has developed its own set of standards and frameworks for managing telecommunications networks and services. Specifically, TMForum developed the Telecommunications Management Network (TMN) model and informed ITU-T M.3060 to align with G.805. TMN is a framework that defines a comprehensive set of management functions and interfaces for network operations and service management, that is, FCAPS. More recently, ITU-T M.3041 introduced a framework for smart operation, management, and maintenance (SOMM). M.3041 provides the characteristics, scenarios, and the functional architecture of SOMM to support service operation, network management, and infrastructure maintenance for both traditional physical networks and for software-defined networking. It is applicable to network function virtualisation (non-SDN/NFV) and to SDN/NFV aware networks. This document shows how the ACTN architecture can accommodate the principles of G.805 and M.3041 to include FCAPS capabilities. It outlines existing IETF mechanisms, protocols and data models, and indicates requirements where gaps exist.

Configuration Management MTOSI is a standard in the telecommunications industry that provides a common framework for operations support systems (OSSes) to interact with various network elements and technologies. It defines a set of standardised interfaces and protocols to enable the integration of different OSS components. It contains several capabilities and key features:

Service Management: MTOSI focuses on service management, allowing operators to efficiently provision, activate, and manage services on the network.
Interoperability: MTOSI promotes interoperability between different vendors' OSS components, reducing the complexity of integrating heterogeneous network elements.
Common Data Model: MTOSI defines a common data model for information exchanged between OSS components, ensuring consistency and accuracy in operations.

To enable automation of operations, which is crucial for managing large, multi-technology, complex, telecommunications networks, these features must be introduced into ACTN as ACTN FDNM. Increasingly, network OSSes will require atomic-level views of network devices and interfaces, instead of only abstracted views and interactions. This will allow ACTN-based systems to leverage inventory management, device-level and interface-level views, and network configuration operations, via RESTful APIs instead of legacy CORBA-based APIs.

Service Assurance Service Assurance refers to the activities and processes that ensure the quality, availability, and performance of services delivered by a network. Those processes monitor and manage the end-to-end service experience, and ensure that Service Level Agreements (SLAs) and customer expectations are met. By applying RESTful FCAPS functions through the ACTN framework, network operators and service providers can address different aspects of network management to support Service Assurance. This helps them detect and resolve faults, manage configurations, track resource usage, optimise performance, and enhance security, all of which contribute to delivering reliable and high-quality services to customers. Not all Service Assurance requirements can be provided via existing ACTN YANG models. Fine-detail management may also be required, supplementing abstract resource models with inventory-based models such as . This would provide an atomic-level view of network devices and components, instead of only abstracted views. Note that not all FCAPS functions require fine-detail views and control: a mix of abstracted and detailed views will sometimes be needed.

Motivation and Scope Operators who manage optical transport networks can leverage ACTN for resource abstraction and service provisioning. At the same time, they can utilise the G.805 architecture and the TMN model to establish effective network management practices, which will facilitate service assurance. Combining the two management approaches aligns with best-practice industry standards and allows adoption of emerging ACTN-based abstraction and control techniques. This document studies the FCAPS requirements in the context of ACTN functional components. It analyses the ACTN interfaces from a management operations perspective. It identifies suitable IETF data models that meet FCAPS requirements that can be utilised in the ACTN architecture to support optical transport networks. Gaps and requirements are identified where necessary so additional models may be developed.

Extending the ACTN Architecture to Include FCAPS shows the ACTN architecture from enhanced to provide FCAPS support. The Customer Network Controller (CNC), Multi-Domain Service Coordinator (MDSC), and Provisioning Network Controller (PNC) are functional components of ACTN, as described in RFC 8453. There are two ACTN interfaces between the components: the CNC-MDSC Interface (CMI) and the MDSC-PNC Interface (MPI). In ACTN, the CMI and MPI are realised using a combination of IETF YANG data models.

The ACTN Architecture Enhanced for FCAPS shows the ACTN functional components as described in , but also introduces some common management system components. The OSS is the overarching management component that the operator uses to coordinate customers, services, and the network, and to apply policies across the network. It contains a Fault Management (FM) component, a Policy Management (PM) component, and a Resource Management (RM) component. The Network Management System (NMS) allows an operator to manage a network or set of network elements as a single unit. At the same time, the Element Management System (EMS) applies configuration and management to individual network elements. As described in , the function of the PNC may be provided by an NMS or an EMS. Thus, shows the PNC overlapping with the NMS/EMS. To avoid confusion between the three possible components (NMS, EMS, PNC) that might all be used to operate the devices in the network, this document groups all of their function together and uses the term Domain Controller (a term used in and ). In a conventional management system, the OSS uses an interface with the Domain Controller to exchange FCAPS information. This interface has previously been based on CORBA, MTOSI, and XML. Furthermore, in an ACTN system, the OSS is likely the point of origin for policy instructions that guide the MDSC in orchestrating customer service requests and configuring the network. Thus, the CNC functions form part of the OSS, overlapping with the FM, PM, and RM functional components. In the MPI is used by the MDSC to instruct the PNCs about how the network must be configured to deliver the customers' services. The MPI also reports to the MDSC on the status of provisioning commands and the availability of network resources. However, up to now, the MDSC has had no visibility into the majority of the FCAPS functions and has, therefore, had limited reactive and proactive abilities. Instead of only using abstracted Tunnel and Topology YANG models, the capability to support network inventory and device models is required, facilitating more detailed modeling and configuration management of network resource information. This document examines how the MPI may be enhanced with extensions that utilise current YANG models, such as inventory, as well as with future YANG-based data models to deliver extensions that provide RESTful FCAPS support.

Functionality at the MPI This section describes the MPI as specified before the addition of FCAPS capabilities.

Data Models at the MPI lists the data models that can be used at the MPI for abstraction and control of underlying optical networks.

ACTN MPI YANG Models

Abstraction and Control at the MPI The abstraction of TE modeling is described in Section 3 of . The major objects that are modeled include TE topology, TE node, TE link, TE Link Termination Point (LTP), TE Tunnel Termination Point (TTP). Also included in the modeling are transitional TE link, TE node connectivity matrix, and TTP Local Link Connectivity List to describe the multiplexing relationship of links. These TE concepts are generic, but they are also applicable within an optical network. The MPI deals in abstracted TE network concepts and so can be realised using the YANG models listed in to expose the TE modeled objects that can be enhanced using YANG model augmentations to make them specific to optical technologies. Generic TE topology models are defined in and . Specific extensions to the abstract TE model for optical networks are provided in a series of documents (, , , and ). This list of documents arises because the different optical network technologies demand different models for the varying characteristics of the equipment. Tunnels are a fundamental component of TE, and a generic TE tunnel YANG model is found in . Specific extensions to the generic TE tunnel model for optical networks are provided in a series of documents ( , , and ). Again, there are multiple documents because of the different optical network technologies.

Introduction to FCAPS Although the building blocks of FCAPS are Fault, Configuration, Accounting, Performance, and Security, the important functions for integration within an ACTN system are Configuration, Alarm Management, and Performance Management. All three of these functions are underpinned by Inventory Management.

Inventory Management describes all objects involved in the network, including hardware resources (such as network elements, chassis, slots, boards, ports, optical modules, and cables, etc.) and logical resource objects used for service provisioning.
The basic Configuration requirement in ACTN is to configure end-to- end paths across the transport network based on the requirements of users.
Alarm Management refers to how the system enables and disables alarm reporting, collects alarm information, and processes that information to relate it to the connections that are managed by ACTN. When a network is running, the Domain Manager collects alarm information from devices or processes connection-related alarms and reports the alarms to the OSS of operator. So that Operations and Management engineers can detect and rectify network faults in time. The main functionalities include alarm retrieval, alarm handling, and alarm control.
Performance Monitoring enables engineers to collect and monitor performance data from certain physical devices or logical objects to identify the status of the network. The interfaces of Performance Management include performance monitoring control, performance information retrieval, and threshold crossing alert control.

Abstract Control and Fine-Detail Network Management for ACTN Abstract Control represents the high-level strategic view and objectives, while Fine-Detail Network Management represents the detailed operational tasks and activities that support the strategic objectives. Both levels are important for effective management and control within the operator network. Abstract Control is often mapped to G.805 objects. An Abstract Control object can also be mapped to multiple Fine-Detail Network Management objects that enable the Abstract Control object. Therefore, we should not see these concepts as mutually exclusive, but instead as necessary approaches to be combined for holistic control and operational management of ACTN-based network infrastructures. In the context of ACTN, the MPI is both a concept and a set of mechanisms within ACTN that enable the interconnection of services across multiple domains or administrative boundaries. The MPI addresses the challenge of interconnecting services across multiple administrative domains. It provides a mechanism to coordinate and manage the service delivery between domains while ensuring end-to-end service continuity and quality. emphasises the importance of finely configuring FCAPS capabilities for the efficient operation and troubleshooting of ACTN-based services. It is anticipated that these capabilities will necessitate detailed and precise network management functions.

Abstract Control and Fine-Detail Network Management Functions for the MPI The Fine-Detail Network Management Functions can be categorised as follows. Several aspects of their functions already exist in the MDSC in the ACTN architecture, and are accessed via the MPI. Other functions may be added to the MPI in the future by enhancing or augmenting existing optical network YANG models or by creating new models.

Service Provisioning: This involves the detailed provisioning and activation of services. This includes path computation, configuring service parameters, policy management, allocating resources, and ensuring proper service activation and deactivation.
Network Performance Monitoring: This encompasses monitoring and analysing network performance. It involves collecting and analysing performance metrics such as latency, jitter, packet loss, and throughput to identify and resolve performance issues promptly.
Fault Detection and Alarm Management: This includes advanced fault detection mechanisms to identify and troubleshoot network issues quickly. It involves monitoring network elements, analysing alarms and events, and performing fault localisation and isolation to expedite problem resolution.
Security Management: This covers the management of security measures within the TE network. It involves activities such as access control, authentication, encryption, intrusion detection, and vulnerability management to ensure network security and protect against threats.
Service Level Agreement (SLA) Management: This involves tracking service performance against SLA targets, generating SLA reports, and taking corrective actions to meet or exceed customer expectations.
Capacity Planning: This encompasses detailed planning activities to ensure optimal resource utilisation and to meet future demands. It involves analysing traffic patterns, forecasting capacity requirements, and implementing capacity expansion strategies.

Fine-Detail Network Management Interfaces Several legacy Fine-Detail Network Management interfaces, such as CORBA, exist to facilitate the precise control and management of network elements and services. These interfaces enable communication and interaction between different systems, devices, and management platforms:

Command Line Interface (CLI)
Simple Network Management Protocol (SNMP)
Management system approaches such as CORBA, MTOSI, and XML

New interfaces and data models have been developed that support Fine-Detail Network Management functions. These models are written in YANG, and the interfaces use NETCONF and RESTCONF, the latter also providing RESTful API functions.

Fine-Detail Network Management Data Models As noted in , new or enhanced data models may be required for Fine-Detail Network Management in ACTN-based optical networks. shows a functional architecture for YANG control in an ACTN system enhanced with FDNM. The existing ACTN YANG models provide access to network devices through topology models that map to inventory and thus to configuration of network devices. The old MTOSI approach provides access to inventory and device configuration. The FDNM additions to ACTN retrieve information from the inventory including performance information viewed through the lens of topology. It also allows direct manipulation of devices through configuration of inventory items in a mirror of the MTOSI function. Lastly, fault and alarm information that is generated in respect of the inventory may be delivered direct to the FdDM system or may be correlated before being reported as incidents.

Functional Model of ACTN with FDNM proposes a generic FDNM extension model, which augments the TE topology model for FDNM-specific purposes. It is expected that layer-specific FDNM extensions will also be required in the future. Additional work in the IETF exists to provide optical resource monitoring, telemetry data, alarm and incident monitoring, inventory, life cycle management, service assurance, and asset management. This existing IETF work includes:

A YANG Data Model for Network Incident Management
A YANG Data Model for Network Inventory
A Network Inventory Topology Model
Service Assurance for Intent-based Networking Architecture
YANG Modules for Service Assurance
A Data Manifest for Contextualized Telemetry Data
Asset Lifecycle Management and Operations Problem Statement
Data Model for Asset Lifecycle Management and Operations
A YANG Data Model for Optical Resource Performance Monitoring
A YANG model to manage the optical interface parameters for an external transponder in a WDM network
A YANG Data Model for Client Signal Performance Monitoring

Further work on this document will add to this list of IETF YANG data models that could provide Fine-Detail Network Management functionality, in the context of ACTN, specifically for optical networks and with particular attention to the MPI.

Fine-Detail Network Management Example Editors note: An example of Fine-Detail Network Management of an optical network using the ACTN architecture will be provided in a future version of this document.

Compatiblity and Migration [Editors Note] This section will discuss the coexistence of ACTN and legacy FCAPS systems. It will also consider how legacy systems might be smoothly migrated to an ACTN FDNM system.

Manageability Considerations A conventional approach to management of optical networks using MTOSI typically employs inventory and device configuration models. However, the current ACTN YANG models offer an innovative pathway to interact with network devices. They achieve this by employing topology models that correlate directly with both inventory and device configurations. To fully leverage the management infrastructure through FDNM interfaces, it is essential to develop additional resource data models. These enhancements to ACTN, specifically for optical FDNM, are anticipated to be crucial for extracting comprehensive information from the inventory, including performance metrics. Such integration would enable a comprehensive perspective on network performance and facilitate direct device manipulations by aligning inventory configurations with the foundational principles of MTOSI. In addressing network fault issues, the system will leverage alarm data produced by the network inventory assets. This information might be directly fed into the FDNM system or undergo correlation before being flagged as incidents. This process ensures efficient troubleshooting by pinpointing the exact nature and location of network anomalies. Moreover, security remains a paramount concern in any network setup. As such, this document dedicates to security considerations, outlining several critical security requirements. These guidelines are designed to safeguard the network environment, ensuring robust protection against potential threats and vulnerabilities.

Security Considerations Security measures and protocol security must be applied to ensure the confidentiality, integrity, and availability of information and resources within the context of an ACTN FDNM-based system. Key aspects of ACTN FDNM security will require:

Authentication: The process of verifying the identity of an ACTN user, system, or device. Includes mechanisms to authenticate users and systems before allowing them to access sensitive resources or perform certain operations.
Authorisation: Once a user or system is authenticated, authorisation determines what actions or resources they are allowed to access. MTOSI security mechanisms define roles, permissions, and access controls to ensure that only authorized entities can perform specific tasks.
Data Encryption: Encryption techniques may be used to protect sensitive data as it is transmitted over the management network. This prevents unauthorised access to or interception of information.
Secure Communication Protocols: The use of secure communication protocols, such as HTTPS (HTTP over SSL/TLS) or other cryptographic protocols, ensures that data exchanged between ACTN components remains confidential and unmodified.
Secure Data Storage: Security measures are put in place to protect data stored within the ACTN environment. This includes encryption of stored inventory, device, and service data, access controls, and regular security audits.
Auditing and Logging: This includes the capability to record and monitor ACTN-based activities within the management system. Audit logs provide a record of who accessed what resources and when, which is crucial for investigating security incidents or compliance with regulations.
Intrusion Detection and Prevention: Software systems and hardware devices may have mechanisms in place to detect and respond to unauthorized access attempts or suspicious activities. Intrusion detection systems (IDS) and intrusion prevention systems (IPS) can play a role in ACTN-based security.
Vulnerability Management: Regular security assessments and vulnerability scans help identify and address potential weaknesses in the ACTN environment.
Security Policies and Procedures: Clear security policies and procedures should be established and communicated to all stakeholders. This ensures that everyone understands their responsibilities in maintaining the security of the ACTN system.
Incident Response: Security should include plans and procedures for responding to security incidents, including steps for containment, investigation, mitigation, and recovery.

Overall, security is crucial for maintaining the integrity and reliability of ACTN FDNM operations and support systems, especially in an environment where sensitive customer data and critical network resources are involved. It is expected that all IETF YANG documents include clear analysis of the security vulnerabilities associated with the YANG models they describe.

IANA Considerations This document makes no requests for IANA action.

Acknowledgements Thank you to Daniele Ceccarelli and Victor Lopez for their observations and suggestions regarding this document.