SPRING Working Group C. Li Internet-Draft Huawei Technologies Intended status: Standards Track W. Cheng Expires: 14 February 2023 China Mobile M. Chen D. Dhody Huawei Technologies Y. Zhu China Telecom 13 August 2022 Path Segment for SRv6 (Segment Routing in IPv6) draft-ietf-spring-srv6-path-segment-04 Abstract Segment Routing (SR) allows for a flexible definition of end-to-end paths by encoding an ordered list of instructions, called "segments". The SR architecture can be implemented over an MPLS data plane as well as an IPv6 data plane. Currently, Path Segment has been defined to identify an SR path in SR-MPLS networks, and is used for various use-cases such as end-to- end SR Path Protection and Performance Measurement (PM) of an SR path. This document defines the Path Segment to identify an SRv6 path in an IPv6 network. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 14 February 2023. Li, et al. Expires 14 February 2023 [Page 1] Internet-Draft SRv6 Path Segment August 2022 Copyright Notice Copyright (c) 2022 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 4 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4 2. Use Cases for SRv6 Path Segment . . . . . . . . . . . . . . . 4 3. SRv6 Path Segment . . . . . . . . . . . . . . . . . . . . . . 5 3.1. Format of an SRv6 Path Segment . . . . . . . . . . . . . 5 3.1.1. SRv6 Path Segment: Locator and Local ID . . . . . . . 6 3.1.2. SRv6 Path Segment: Global ID . . . . . . . . . . . . 6 4. Encoding of an SRv6 Path Segment . . . . . . . . . . . . . . 7 4.1. SRH.P-flag . . . . . . . . . . . . . . . . . . . . . . . 7 5. SRv6 Path Segment Allocation . . . . . . . . . . . . . . . . 9 6. Processing of SRv6 Path Segment . . . . . . . . . . . . . . . 9 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 8. Security Considerations . . . . . . . . . . . . . . . . . . . 11 9. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 11 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 11 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 11.1. Normative References . . . . . . . . . . . . . . . . . . 11 11.2. Informative References . . . . . . . . . . . . . . . . . 12 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 13 1. Introduction Segment routing (SR) [RFC8402] is a source routing paradigm that explicitly indicates the forwarding path for packets at the ingress node by inserting an ordered list of instructions, called segments. Li, et al. Expires 14 February 2023 [Page 2] Internet-Draft SRv6 Path Segment August 2022 When segment routing is deployed on an MPLS data plane, called SR- MPLS [RFC8660], a segment identifier (SID) is present as an MPLS label. When segment routing is deployed on an IPv6 data plane, a SID is presented as a 128-bit value, and it can be an IPv6 address of a local interface but it does not have to be. To support SR in an IPv6 network, a Segment Routing Header (SRH) [RFC8754] is used. In SR, a path needs to be identified for several use cases such as binding bidirectional paths [I-D.ietf-pce-sr-bidir-path] and end-to- end performance measurement [I-D.gandhi-spring-udp-pm]. Additionally, in an SR-MPLS network, when a packet is transmitted along an SR path, the labels in the MPLS label stack will be swapped or popped, so no label or only the last label may be left in the MPLS label stack when the packet reaches the egress node. Thus, the egress node can not determine from which ingress node or SR path the packet came. To identify an SR-MPLS path, a Path Segment is defined in [I-D.ietf-spring-mpls-path-segment]. An SRv6 path could be identified by the content of a segment list. However, the segment list is not be a good key identifier, since the length of a segment list is flexible according to the number of required SIDs. Also, the length of a segment list may be too long to be a key when it contains many SIDs. For instance, if packet A uses an SRH with 3 SIDs while Packet B uses an SRH with 10 SIDs, the key to identify these two paths will be a 384-bits value and a 1280-bits value, respectively. Further, an SRv6 path cannot be identified by the information carried by the SRH in reduced mode [RFC8754] as the first SID is not present. Furthermore, different SRv6 policies may use the same segment list for different candidate paths, so the traffic of different SRv6 policies are merged, resulting in the inability to measure the performance of the specific path. To solve the above issues, this document defines a new SRv6 segment called the "SRv6 Path Segment", which in total is an 128-bits value, to identify an SRv6 path. When the SRv6 Path Segment is used in reduced mode SRH [RFC8754], the entire path information is indicated by the Path Segment, and the performance will be better than using the entire segment list as the path identifier, while the overhead is equivalent to the SRH in normal mode. Furthermore, with SRv6 Path Segment, each SRv6 candidate path can be identified and measured, even when they use the same segment list. Li, et al. Expires 14 February 2023 [Page 3] Internet-Draft SRv6 Path Segment August 2022 1.1. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. 1.2. Terminology PM: Performance Measurement. SID: Segment ID. SR: Segment Routing. SR-MPLS: Segment Routing with MPLS data plane. SRH: Segment Routing Header. PSID: Path Segment Identifier. PSP: Penultimate Segment Popping. Further, this document makes use of the terms defined in [RFC8402] and [RFC8986]. 2. Use Cases for SRv6 Path Segment Similar to SR-MPLS Path Segment [I-D.ietf-spring-mpls-path-segment], SRv6 Path Segment may also be used to identify an SRv6 Path in some use cases: * Performance Measurement: For Passive measurement [RFC7799], path identification at the measuring points is the pre-requisite [I-D.ietf-spring-mpls-path-segment]. SRv6 Path segment can be used by the measuring points (e.g., the ingress/egress nodes of an SRv6 path) or a centralized controller to correlate the packets counts/timestamps, then packet loss/delay can be calculated. Li, et al. Expires 14 February 2023 [Page 4] Internet-Draft SRv6 Path Segment August 2022 * Bi-directional SRv6 Path Association: In some scenarios, such as mobile backhaul transport networks, there are requirements to support bidirectional paths. Like SR-MPLS [I-D.ietf-spring-mpls-path-segment], to support bidirectional SRv6 paths, a straightforward way is to bind two unidirectional SRv6 paths to a single bidirectional path. SRv6 Path segments can be used to correlate the two unidirectional SRv6 paths at both ends of the path. [I-D.ietf-pce-sr-bidir-path] defines how to use PCEP and Path Segment to initiate a bidirectional SR path. * End-to-end Path Protection: For end-to-end 1+1 path protection (i.e., Live-Live case), the egress node of an SRv6 path needs to know the set of paths that constitute the primary and the secondary(s), to select the primary packet for onward transmission, and to discard the packets from the secondary(s), so each SRv6 path needs a unique path identifier at the egress node, which can be an SRv6 Path Segment. 3. SRv6 Path Segment As defined in [RFC8986], an SRv6 segment is a 128-bit value. To identify an SRv6 path, this document defines a new segment called SRv6 Path Segment. An SRv6 Path Segment will not be used for routing so it should not be copied to the IPv6 destination address. Depending on the use case, an SRv6 Path Segment identifies: * an SRv6 path within an SRv6 domain * an SRv6 Policy * a Candidate-path or a SID-List in a SRv6 Policy [RFC9256] Note that, based on the use-case, a SRv6 Path Segment can be used for different SID-Lists within an SR Policy. 3.1. Format of an SRv6 Path Segment This document defines two types of SRv6 Path Segment format. In order to indicate the format, a type field called "SRv6 Path Segment Format Type" is defined in the least significant 8 bits of the SRv6 Path Segment. Note that the SRH.P flag indicates that the last SID is the path segment and by examining the SRv6 Path Segment Format Type, the format of PSID is identified. Li, et al. Expires 14 February 2023 [Page 5] Internet-Draft SRv6 Path Segment August 2022 3.1.1. SRv6 Path Segment: Locator and Local ID As per [RFC8986], an SRv6 SID consists of LOC:FUNCT:ARG, where a locator (LOC) is encoded in the L most significant bits of the SID, followed by F bits of function (FUNCT) and A bits of arguments (ARG). L, the locator length, is flexible, and an operator is free to use the locator length of their choice. F and A may be any value as long as L+F+A <= 128. When L+F+A is less than 128, then the remaining bits of the SID MUST be zero. SRv6 Path Segment can follow the format, where the LOC part identifies the egress node that allocates the Path Segment, and the FUNCT part is a unique local ID to identify an SRv6 Path and its endpoint behavior, which is END.PSID (End Function with Path Segment Identifier). The Argument part is optional according to the use cases. Considering back-ward compability, this format can be indicated by setting the least significant 8 bits as padding, meaning the L+F+A <=120. In this way, the SRv6 Path Segment processing is not modified because the format still follows the SRv6 SID's structure. Format Type +--------------------------------------------------------------+ | Locator | Function ID |Arg(Opt) | 0 | +--------------------------------------------------------------+ |<-8bits->| |<-------------------------128 bits--------------------------->| Figure 1. Type 0 PSID Format following LOC:FUNCT:ARG 3.1.2. SRv6 Path Segment: Global ID An SRv6 Path Segment ID can be a Global ID, and its format depends on the use case. This format is type 1 of SRv6 Path Segment. The SRv6 Path Segment will not be copied to the IPv6 Destination Address, so the SRv6 Path Segment ID can be allocated from an independent 120-bits ID Space. In this case, a new table should be maintained at the node for SRv6 Path Segment. Format Type +--------------------------------------------------------------+ | Global ID/PSID | 1 | +--------------------------------------------------------------+ |<-8bits->| |<-------------------------128 bits--------------------------->| Figure 2. Type 1 PSID Format Li, et al. Expires 14 February 2023 [Page 6] Internet-Draft SRv6 Path Segment August 2022 4. Encoding of an SRv6 Path Segment This section describes the SRv6 Path Segment encoding in SRH. The SRv6 Path Segment MUST appear only once in a segment list, and it MUST appear as the last entry in the segment list. 4.1. SRH.P-flag To indicate the existence of a Path Segment in the SRH, this document defines a P-flag in the SRH flag field, and it is to be allocated (The following P-flag is for illustration only and will be modified to the right bit once the P-flag is allocated). The encapsulation of SRv6 Path Segment is shown below. Li, et al. Expires 14 February 2023 [Page 7] Internet-Draft SRv6 Path Segment August 2022 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Next Header | Hdr Ext Len | Routing Type | Segments Left | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Last Entry | Flags |P| Tag | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | Segment List[0] (128 bits IPv6 address) | | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | | ... | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | Segment List[n-1] (128 bits IPv6 address) | | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | SRv6 Path Segment (Segment List[n],128 bits IPv6 value) | | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ // // // Optional Type Length Value objects (variable) // // // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 3. SRv6 Path Segment in SID List * P-flag: set when SRv6 Path Segment is inserted. A node that does not understand the P-flag will ignore it as described in [RFC8754]. A node that understands the P-flag but does not support SRv6 Path Segment processing MUST ignore the P-flag. If the P-flag is unset or the P-flag is ignored when processing, the SRv6 Path Segment processing is skipped or ignored. SRH.P-flag processing can be enabled or disabled by configuration on devices, it can be done by CLI, NETCONF YANG or other ways, and this is out of the scope of this document. The pseudo code of SRH.P-flag processing is described as below. Li, et al. Expires 14 February 2023 [Page 8] Internet-Draft SRv6 Path Segment August 2022 S01. if SRH.P-flag processing is enabled: S02. if SRH.P-flag is set: S03. SRv6 Path Segment processing ;;ref1 Ref1: The SRv6 Path Segment processing is accosiated with the specific application, such as SRv6 Path Segment based Performance measurement, so this is out of the scope of this document. In some use cases, only the egress need to process the SRv6 Path Segment, therefore, the P-flag processing can be done at the egress node only while the intermediate nodes do not need to process it. This feature can be enabled by configuration like CLI , NETCONF YANG or other ways. In this case, the pseudo code is described as below. S01. if SRH.P-flag processing is enabled: S02. if intermediate node processing is disabled: S03. if SRH.P-flag is set and SRH.SL == 0: S03. SRv6 Path Segment processing S04 else: S05. if SRH.P-flag is set: S06. SRv6 Path Segment processing 5. SRv6 Path Segment Allocation A Path Segment is a local segment allocated by an egress node. A Path Segment can be allocated through several ways, such as CLI, BGP [I-D.ietf-idr-sr-policy-path-segment], PCEP [I-D.ietf-pce-sr-path-segment] or other ways. The mechanisms through which a Path Segment is allocated are out of scope of this document. When a Path Segment is allocated by the egress, it MUST be distributed to the ingress node of the path that identified by the path segment. In this case, only the egress will process the Path Segment, and other nodes specified by SIDs in the segment list do not know how to process the Path Segment. Depending on the use case, a Path Segment may be distributed to the SRv6 nodes along the SRv6 path. In this case, the SRv6 nodes that learned the Path Segment may process the Path Segment depending on the use case. This is out of the scope of this document, and may be studied in the future if needed. 6. Processing of SRv6 Path Segment When the SRv6 Path Segment is used, the following rules apply: Li, et al. Expires 14 February 2023 [Page 9] Internet-Draft SRv6 Path Segment August 2022 * The SRv6 Path Segment MUST appear only once in a segment list, and it MUST appear as the last entry. Placing an SRv6 Path Segment at any other location in the SID list will result in unpredictable forwarding behavior. Only the one that appears as the last entry in the SID list will be processed. * When an SRv6 Path Segment is inserted, the SL MUST be initiated to be less than the value of Last Entry, and will not point to SRv6 Path Segment. For instance, when the Last entry is 4, the SID List[4] is the SRv6 Path Segment, so the SL MUST be set to 3 or other numbers less than Last entry. * The SRv6 Path Segment MUST NOT be copied to the IPv6 destination address. * Penultimate Segment Popping (PSP, as defined in [RFC8986]) MUST be disabled. * The ingress needs to set the P-flag when an SRv6 Path Segment is inserted in the SID List. Nodes that support SRv6 Path Segment processing will inspect the last entry to process SRv6 Path Segment when the P-flag is set. When the P-flag is unset, the nodes will not inspect the last entry. * The specific SRv6 Path Segment processing depends on use cases, and it is out of scope of this document. 7. IANA Considerations This I-D requests the IANA to allocate, within the "SRv6 Endpoint Behaviors" sub-registry belonging to the top-level "Segment-routing with IPv6 data plane (SRv6) Parameters" registry, the following allocations: Value Description Reference -------------------------------------------------------------- TBA1 End.PSID - SRv6 Path Segment [This.ID] This document also requests IANA to allocate bit position TBA within the "Segment Routing Header Flags" registry defined in [RFC8402]. This document creats a new registry "SRv6 Path Segment Format Type" sub-registry belonging to the top-level "Segment-routing with IPv6 data plane (SRv6) Parameters" registry with the following allocations: Li, et al. Expires 14 February 2023 [Page 10] Internet-Draft SRv6 Path Segment August 2022 Value Description Reference -------------------------------------------------------------- 0 Type 0 format [This.ID] 1 Type 1 format [This.ID] 2-128 FCFS [This.ID] 129-255 Reserved for future. [This.ID] 8. Security Considerations This document does not introduce additional security requirements and mechanisms other than the ones described in [RFC8402]. 9. Contributors Zhenbin Li Huawei Technologies Huawei Campus, No. 156 Beiqing Rd. Beijing 100095 China Email: lizhenbin@huawei.com Jie Dong Huawei Technologies Huawei Campus, No. 156 Beiqing Rd. Beijing 100095 China Email: jie.dong@huawei.com 10. Acknowledgements The authors would like to thank Adrian Farrel, Stefano Previdi, and Zafar Ali for their valuable comments and suggestions. 11. References 11.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . Li, et al. Expires 14 February 2023 [Page 11] Internet-Draft SRv6 Path Segment August 2022 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, . [RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L., Decraene, B., Litkowski, S., and R. Shakir, "Segment Routing Architecture", RFC 8402, DOI 10.17487/RFC8402, July 2018, . [RFC8754] Filsfils, C., Ed., Dukes, D., Ed., Previdi, S., Leddy, J., Matsushima, S., and D. Voyer, "IPv6 Segment Routing Header (SRH)", RFC 8754, DOI 10.17487/RFC8754, March 2020, . [RFC8986] Filsfils, C., Ed., Camarillo, P., Ed., Leddy, J., Voyer, D., Matsushima, S., and Z. Li, "Segment Routing over IPv6 (SRv6) Network Programming", RFC 8986, DOI 10.17487/RFC8986, February 2021, . 11.2. Informative References [I-D.gandhi-spring-udp-pm] Gandhi, R., Filsfils, C., Voyer, D., Salsano, S., Ventre, P. L., and M. Chen, "UDP Path for In-band Performance Measurement for Segment Routing Networks", Work in Progress, Internet-Draft, draft-gandhi-spring-udp-pm-02, 14 September 2018, . [I-D.ietf-idr-sr-policy-path-segment] Li, C., Li, Z., Yin, Y., Cheng, W., and K. Talaulikar, "SR Policy Extensions for Path Segment and Bidirectional Path", Work in Progress, Internet-Draft, draft-ietf-idr- sr-policy-path-segment-06, 7 August 2022, . [I-D.ietf-pce-sr-bidir-path] Li, C., Chen, M., Cheng, W., Gandhi, R., and Q. Xiong, "Path Computation Element Communication Protocol (PCEP) Extensions for Associated Bidirectional Segment Routing (SR) Paths", Work in Progress, Internet-Draft, draft-ietf- pce-sr-bidir-path-09, 6 March 2022, . Li, et al. Expires 14 February 2023 [Page 12] Internet-Draft SRv6 Path Segment August 2022 [I-D.ietf-pce-sr-path-segment] Li, C., Chen, M., Cheng, W., Gandhi, R., and Q. Xiong, "Path Computation Element Communication Protocol (PCEP) Extension for Path Segment in Segment Routing (SR)", Work in Progress, Internet-Draft, draft-ietf-pce-sr-path- segment-05, 13 February 2022, . [I-D.ietf-spring-mpls-path-segment] Cheng, W., Li, H., Chen, M., Gandhi, R., and R. Zigler, "Path Segment in MPLS Based Segment Routing Network", Work in Progress, Internet-Draft, draft-ietf-spring-mpls-path- segment-07, 20 December 2021, . [RFC7799] Morton, A., "Active and Passive Metrics and Methods (with Hybrid Types In-Between)", RFC 7799, DOI 10.17487/RFC7799, May 2016, . [RFC8660] Bashandy, A., Ed., Filsfils, C., Ed., Previdi, S., Decraene, B., Litkowski, S., and R. Shakir, "Segment Routing with the MPLS Data Plane", RFC 8660, DOI 10.17487/RFC8660, December 2019, . [RFC9256] Filsfils, C., Talaulikar, K., Ed., Voyer, D., Bogdanov, A., and P. Mattes, "Segment Routing Policy Architecture", RFC 9256, DOI 10.17487/RFC9256, July 2022, . Authors' Addresses Cheng Li Huawei Technologies Email: c.l@huawei.com Weiqiang Cheng China Mobile Email: chengweiqiang@chinamobile.com Mach(Guoyi) Chen Huawei Technologies Email: mach.chen@huawei.com Li, et al. Expires 14 February 2023 [Page 13] Internet-Draft SRv6 Path Segment August 2022 Dhruv Dhody Huawei Technologies Divyashree Techno Park, Whitefield Bangalore 560066 Karnataka India Email: dhruv.ietf@gmail.com Yongqing Zhu China Telecom Guangzhou Email: zhuyq8@chinatelecom.cn Li, et al. Expires 14 February 2023 [Page 14]