Internet-Draft | Path ID and Bi-directional Path in BGP | October 2024 |
Li, et al. | Expires 5 April 2025 | [Page] |
A Segment Routing(SR) policy identifies a set of candidate SR paths Each SR path is passed in BGP as the SR Policy SAFI NLRI accompanied with the Tunnel Encapsulation attribute (Tunnel-encaps). Each SR Path (tunnel) uses a set of TLVs in the Tunnel-encaps attribute to describe the characteristics of the SR Policy tunnel. One of the TLVs that describes the tunnel is the Segment list TLV which provides a list of segments contained in the tunnel.¶
This document specifies a new Path Segment Sub-TLV to associate a Path Segment ID to the SR Segment List. The Path Segment ID can be used for performance measurement, path correlation, and end-2-end path protection. This Path Segment identifier can be also be used to correlate two unidirectional SR paths into a bidirectional SR path. Bidirection SR path may be required in some scenarios such as mobile backhaul transport network.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119].¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 5 April 2025.¶
Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
Segment routing (SR) [RFC8402] is a source routing paradigm that explicitly indicates the forwarding path for packets at the ingress node. The ingress node steers packets into a specific path according to the Segment Routing Policy ( SR Policy) as defined in [RFC9256]. For distributing SR policies to the headend, [RFC9256] specifies a mechanism by using BGP, and new Sub-TLVs are defined for SR Policies in BGP UPDATE message.¶
In many use cases such as performance measurement, the path to which the packets belong is required to be identified. In some scenarios, (e.g., Mobile backhaul transport networks), there are Requirements to support bidirectional path. However, there is no path identification information for each Segment List in the SR Policies defined in [RFC9256]. Also, the SR Policies defined in [RFC9256] only supports unidirectional SR paths.¶
Therefore, this document defines the extension to SR policies that carry Path Segment in the Segment List and support bidirectional path. The Path Segment can be a Path Segment in SR-MPLS [RFC9545] and SRv6 [I-D.ietf-spring-srv6-path-segment], or other IDs that can identify a path. Also, this document defines extensions to BGP to distribute SR policies carrying Path Segment and bidirectional path information.¶
This document makes use of the terms defined in [RFC8402] and [RFC9256]. Some terms are listed below for reference.¶
SR: Segment Routing.¶
SR-MPLS: Segment Routing over MPLS data plane.¶
SRv6: Segment Routing over IPv6 data plane.¶
PSID: Path Segment Identifier.¶
SRPM: SR Policy Module [I-D.ietf-idr-sr-policy-safi].¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
As defined in [I-D.ietf-idr-sr-policy-safi] , the SR Policy encoding structure is as follows:¶
SR Policy SAFI NLRI: <Distinguisher, Policy-Color, Endpoint> Attributes: Tunnel Encaps Attribute (23) Tunnel Type: SR Policy Binding SID Preference Priority Policy Name Explicit NULL Label Policy (ENLP) Segment List Weight Segment Segment ... ...¶
An SR path can be specified by an Segment List Sub-TLV that contains a set of segment Sub-TLVs and other Sub-TLVs as shown above. As defined in [RFC9256], a candidate path includes multiple SR paths specified by SID list. The Path Segment can be used for identifying an SR path (specified by SID list) from the headend and the tailend. Also, it can be used for identifying an SR candidate path in some use cases if needed. This document defines a new Path Segment Sub-TLV within Segment List Sub-TLV, the details will be described at section 3.1. The new SR Policy encoding structure with Path Segment Sub-TLV is expressed as below:¶
SR Policy SAFI NLRI: <Distinguisher, Policy-Color, Endpoint> Attributes: Tunnel Encaps Attribute (23) Tunnel Type: SR Policy Binding SID Preference Priority Policy Name Explicit NULL Label Policy (ENLP) Segment List Weight Path Segment Segment Segment ... Segment List Weight Path Segment Segment Segment ... ...¶
The Path Segment is used to identified an SR path, and it can be used in OAM or IOAM use cases. When all the SID Lists within a candidate path share the same Path Segment ID, the Path Segment can be used to collect the aggregated information of the candidate path. Multiple Path Segment MAY be included in a Segment List for different use cases. In SR-MPLS, one, or some or all of them MAY be inserted into the SID List as the requirement of the use case. However, in SRv6, only one Path Segment ID can be encoded in a SRH. Therefore, an implementation MUST decide how to choose a Path Segment ID from the multiple Path Segment IDs. In order to simplify the implementation, this document suggests to encode only one Path Segment Sub-TLV for a segment list, while the rest Path Segment SHOULD be ignored.¶
This section defines an SR Path Segment Sub-TLV.¶
An SR Path Segment Sub-TLV is included in the segment list Sub-TLV to identify an SID list. It has the following format:¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Flags | RESERVED | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Path Segment ID (Variable) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ // SRv6 Endpoint Behavior and SID Structure (optional) // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 1. Path Segment Sub-TLV¶
Where:¶
Type (TBA1): SR Path Segment Sub-TLV (to be assigned by IANA).¶
Length: the total length of the value field not including Type and Length fields.¶
Flags: 8 bits of flags. Following flags are defined:¶
0 1 2 3 4 5 6 7 +--+--+--+--+--+--+--+--+ | Reserved |B |L | +--+--+--+--+--+--+--+--+¶
L-Flag: Local flag. Set when the Path Segment has local significance on an SR node.¶
B-Flag: This flag, when set, indicates the presence of the SRv6 Endpoint Behavior and SID Structure encoding specified in Section 2.4.4.2.4. of [I-D.ietf-idr-sr-policy-safi]. It MUST be ignored when the value of length field is smaller than 18.¶
The rest bits of Flag are reserved and MUST be set to 0 on transmission and MUST be ignored on receipt.¶
Path Segment ID: if the length is 2, then no Path Segment ID is present. If the length is 6 then the Path Segment ID is encoded in 4 octets [RFC9545] using the format below. TC, S, TTL (Total of 12 bits) are RESERVED and SHOULD be set to zero and MUST be ignored.¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Flags | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Path Segment Label | TC |S| TTL | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 2. SR-MPLS Path Segment Sub-TLV¶
If the length is 18 then the Path Segment ID contains a 16-octet SRv6 Path Segment ID [I-D.ietf-spring-srv6-path-segment].¶
If the length is larger than 18 and B-flag is set, then SRv6 Endpoint Behavior and SID Structure TLVs is included as per Section 2.4.4.2.4. of [I-D.ietf-idr-sr-policy-safi].¶
In some scenariose, for example, mobile backhaul transport network, there are requirements to support bidirectional path. In SR, a bidirectional path can be represented as a binding of two unidirectional SR paths. This document also defines a Reverse Segment List Sub-TLV to describe the reverse path associated with the forward path specified by the Segment List. An SR policy carrying SR bidirectional path information is expressed as below:¶
SR Policy SAFI NLRI: <Distinguisher, Policy-Color, Endpoint> Attributes: Tunnel Encaps Attribute (23) Tunnel Type: SR Policy Binding SID Preference Priority Policy Name Explicit NULL Label Policy (ENLP) Segment List Weight Path Segment Segment Segment ... Reverse Segment List Path Segment Segment Segment ...¶
A Reverse Path Segment List Sub-TLV is defined to specify an SR reverse path associated with the path specified by the Segment List, and it has the following format:¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | RESERVED | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sub-TLVs (Variable) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 3. SR Reverse Path Segment List Sub-TLV¶
where:¶
Type (TBA2): Reverse Path Segment List Sub-TLV (to be assigned by IANA).¶
Length: the total length of the Sub-TLVs encoded within the Reverse Path Segment List Sub-TLV not including the Type and Length fields.¶
RESERVED: 1 octet of reserved bits. SHOULD be unset on transmission and MUST be ignored on receipt.¶
Sub-TLVs, reuse the Sub-TLVs in Segment List defined in [I-D.ietf-idr-sr-policy-safi] and [I-D.ietf-idr-bgp-sr-segtypes-ext].¶
One or more mandatory SR Path Segment Sub-TLVs that contains the Path Segments of the reverse SR path.¶
One or more Segment Sub-TLVs to specify the reverse SR path.¶
The Segment sub-TLVs in the Reverse Path Segment List sub-TLV provides the information of the reverse SR path. This Reverse Path Segment list can be used for directing egress BFD peer to use specific path for the reverse direction of the BFD session [RFC9612] or other applications.¶
The document defines a new Sub-TLV under the extensions for SR policy defined in [I-D.ietf-idr-sr-policy-safi], therefore, the description of operations defined in [I-D.ietf-idr-sr-policy-safi], can apply to this document directly, including advertisement of SR policies and reception of SR policy NLRI.¶
Typically but not limit to, the unidirectional or bidirectional SR policies carrying path identification infomation are configured by a controller.¶
After configuration, the unidirectional or bidirectional SR policies carrying path identification infomation will be advertised by BGP update messages. The operation of advertisement this SR policy is the same as defined in [I-D.ietf-idr-sr-policy-safi], as well as the reception.¶
The consumer of the unidirectional or bidirectional SR policies is not the BGP process, it can be any applications, such as performance measurement [I-D.ietf-spring-stamp-srpm]. The operation of sending information to consumers is out of scope of this document.¶
The document defines a new Sub-TLV under the extensions for SR policy defined in [I-D.ietf-idr-sr-policy-safi], therefore, the error handling defined in [I-D.ietf-idr-sr-policy-safi] can apply to this document. Also, the error handling as defined in [RFC7606] applies to new Sub-TLVs as well as SAFI context, therefore, the error handling in [RFC7606] also applies to this document.¶
Specifically, a BGP Speaker MUST perform Syntax validation of the Tunnel Encapsulation Attribute following the error handling defined in [RFC7606] and [I-D.ietf-idr-sr-policy-safi].¶
In addition, a BGP Speaker MUST perform Syntax validation of the new Path Segment Sub-TLV to determine if it is malformed. This includes the validation of the length of the Sub-TLV and the range of the value fileds. If any validation check fails, the Update message MUST be handle as 'Treat-as-withdraw'¶
In addition, the validation of the individual fields of the TLVs/Sub-TLVs of the associated segment list are beyond the scope of BGP as they are handled by the SR Policy Module [I-D.ietf-idr-sr-policy-safi] as described in the individual TLV/Sub-TLV sub-sections. Therefore this part is out of the scope of this document. A BGP implementation MUST NOT perform semantic verification of such fields nor consider the SR Policy update to be invalid or not usable based on such validation. An implementation SHOULD log any errors found during the above validation for further analysis [I-D.ietf-idr-sr-policy-safi].¶
This document defines new Sub-TLVs in following registries:¶
This document defines new Sub-TLVs in the registry "SR Policy List Sub-TLVs" [I-D.ietf-idr-sr-policy-safi] to be assigned by IANA:¶
Codepoint Description Reference ------------------------------------------------------------- TBA(17) Path Segment Sub-TLV This document TBA(18) Reverse Segment List Sub-TLV This document¶
Similar to [I-D.ietf-idr-sr-policy-safi], the security mechanisms of the base BGP security model [RFC4271] apply to the extensions described in this document. Also, the new security considerations defined in [I-D.ietf-idr-sr-policy-safi] also apply to this document.¶
The Path Segment extension is included in the SR Policy extension [I-D.ietf-idr-sr-policy-safi], so it does not introduce extra security problems comparing the existing SR policy entension. The Path Segment information is critical to the path, and a wrong Path Segment ID may cause unexpected forwarding actions and results.¶
An implementation needs to make sure that the value of Path Segment ID is correct to avoid unexpected forwarding actions and results, especially in an SR-MPLS network. In addition, the Path Segment information distribution from a controller to an ingress router has to be protected. The security considereations in [I-D.ietf-idr-sr-policy-safi] apply to this distribution procedure.¶
Mach(Guoyi) Chen Huawei Technologies Huawei Campus, No. 156 Beiqing Rd. Beijing 100095 China Email: [email protected] Jie Dong Huawei Technologies Huawei Campus, No. 156 Beiqing Rd. Beijing 100095 China Email: [email protected] James N Guichard Futurewei Technologies 2330 Central Express Way Santa Clara USA Email: [email protected] Huanan Chen China Telecom 109 West Zhongshan Ave Guangzhou China Email: [email protected]¶
Many thanks to Shraddha Hedge, Susan Hares for their detailed reviews and professional comments.¶