Network Working Group S. Previdi
Internet-Draft Individual
Intended status: Standards Track C. Filsfils
Expires: May 6, 2021 K. Talaulikar, Ed.
Cisco Systems
P. Mattes
Microsoft
E. Rosen
Juniper Networks
D. Jain
S. Lin
Google
November 2, 2020
Advertising Segment Routing Policies in BGP
draft-ietf-idr-segment-routing-te-policy-10
Abstract
This document defines a new BGP SAFI with a new NLRI in order to
advertise a candidate path of a Segment Routing (SR) Policy. An SR
Policy is a set of candidate paths, each consisting of one or more
segment lists. The headend of an SR Policy may learn multiple
candidate paths for an SR Policy. Candidate paths may be learned via
a number of different mechanisms, e.g., CLI, NetConf, PCEP, or BGP.
This document specifies the way in which BGP may be used to
distribute SR Policy candidate paths. New sub-TLVs for the Tunnel
Encapsulation Attribute are defined for signaling information about
these candidate paths.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on May 6, 2021.
Previdi, et al. Expires May 6, 2021 [Page 1]
Internet-Draft Segment Routing Policies in BGP November 2020
Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Requirements Language . . . . . . . . . . . . . . . . . . 5
2. SR Policy Encoding . . . . . . . . . . . . . . . . . . . . . 6
2.1. SR Policy SAFI and NLRI . . . . . . . . . . . . . . . . . 6
2.2. SR Policy and Tunnel Encapsulation Attribute . . . . . . 7
2.3. Remote Endpoint and Color . . . . . . . . . . . . . . . . 8
2.4. SR Policy Sub-TLVs . . . . . . . . . . . . . . . . . . . 9
2.4.1. Preference Sub-TLV . . . . . . . . . . . . . . . . . 9
2.4.2. Binding SID Sub-TLV . . . . . . . . . . . . . . . . . 10
2.4.3. SRv6 Binding SID Sub-TLV . . . . . . . . . . . . . . 11
2.4.4. Segment List Sub-TLV . . . . . . . . . . . . . . . . 13
2.4.5. Explicit NULL Label Policy Sub-TLV . . . . . . . . . 27
2.4.6. Policy Priority Sub-TLV . . . . . . . . . . . . . . . 29
2.4.7. Policy Candidate Path Name Sub-TLV . . . . . . . . . 30
2.4.8. Policy Name Sub-TLV . . . . . . . . . . . . . . . . . 31
3. Color Extended Community . . . . . . . . . . . . . . . . . . 31
4. SR Policy Operations . . . . . . . . . . . . . . . . . . . . 32
4.1. Advertisement of SR Policies . . . . . . . . . . . . . . 32
4.2. Reception of an SR Policy NLRI . . . . . . . . . . . . . 32
4.2.1. Acceptance of an SR Policy NLRI . . . . . . . . . . . 33
4.2.2. Usable SR Policy NLRI . . . . . . . . . . . . . . . . 33
4.2.3. Passing a usable SR Policy NLRI to the SRPM . . . . . 34
4.2.4. Propagation of an SR Policy . . . . . . . . . . . . . 34
5. Error Handling . . . . . . . . . . . . . . . . . . . . . . . 34
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 35
6.1. Existing Registry: Subsequent Address Family Identifiers
(SAFI) Parameters . . . . . . . . . . . . . . . . . . . . 36
6.2. Existing Registry: BGP Tunnel Encapsulation Attribute
Tunnel Types . . . . . . . . . . . . . . . . . . . . . . 36
6.3. Existing Registry: BGP Tunnel Encapsulation Attribute
sub-TLVs . . . . . . . . . . . . . . . . . . . . . . . . 36
Previdi, et al. Expires May 6, 2021 [Page 2]
Internet-Draft Segment Routing Policies in BGP November 2020
6.4. Existing Registry: Color Extended Community Flags . . . . 37
6.5. New Registry: SR Policy Segment List Sub-TLVs . . . . . . 37
6.6. New Registry: SR Policy Binding SID Flags . . . . . . . . 38
6.7. New Registry: SR Policy SRv6 Binding SID Flags . . . . . 38
6.8. New Registry: SR Policy Segment Flags . . . . . . . . . . 39
6.9. Guidance for Designated Experts . . . . . . . . . . . . . 39
7. Security Considerations . . . . . . . . . . . . . . . . . . . 39
8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 40
9. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 40
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 41
10.1. Normative References . . . . . . . . . . . . . . . . . . 41
10.2. Informational References . . . . . . . . . . . . . . . . 42
Appendix A. Deprecated Segment Sub-TLVs . . . . . . . . . . . . 43
A.1. Type B-Deprecated: SID only, in the form of IPv6 address 43
A.2. Type I-Deprecated: IPv6 Node Address with optional SRv6
SID . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
A.3. Type J-Deprecated: IPv6 Address + Interface ID for local
and remote pair for SRv6 with optional SID . . . . . . . 44
A.4. Type K-Deprecated: IPv6 Local and Remote addresses for
SRv6 with optional SID . . . . . . . . . . . . . . . . . 46
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 46
1. Introduction
Segment Routing (SR) [RFC8402] allows a headend node to steer a
packet flow along any path. Intermediate per-flow states are
eliminated thanks to source routing.
The headend node is said to steer a flow into a SR Policy.
The header of a packet steered in an SR Policy is augmented with the
ordered list of segments associated with that SR Policy.
[I-D.ietf-spring-segment-routing-policy] details the concepts of SR
Policy and steering into an SR Policy. These apply equally to the
MPLS and IPv6 (known as SRv6) data plane instantiations of Segment
Routing with their respective representations of segments as SR-MPLS
SID and SRv6 SID as described in [RFC8402].
The SR Policy related functionality described in
[I-D.ietf-spring-segment-routing-policy] can be conceptually viewed
as being incorporated in an SR Policy Module (SRPM). Following is a
reminder of the high-level functionality of SRPM:
o Learning multiple candidate paths for an SR Policy via various
mechanisms (CLI, NetConf, PCEP or BGP).
o Selection of the best candidate path for an SR Policy.
Previdi, et al. Expires May 6, 2021 [Page 3]
Internet-Draft Segment Routing Policies in BGP November 2020
o Binding BSID to the selected candidate path of an SR Policy.
o Installation of the selected candidate path and its BSID in the
forwarding plane.
This document specifies the way to use BGP to distribute one or more
of the candidate paths of an SR Policy to the headend of that policy.
The document describes the functionality that provided by BGP and, as
appropriate, provides references for the functionality which is
outside the scope of BGP (i.e. resides within SRPM on the headend
node).
This document specifies a way of representing SR Policy candidate
paths in BGP UPDATE messages. BGP can then be used to propagate the
SR Policy candidate paths to the headend nodes in the network. The
usual BGP rules for BGP propagation and "bestpath selection" are
used. At the headend of a specific policy, this will result in one
or more candidate paths being installed into the "BGP table". These
paths are then passed to the SRPM. The SRPM may compare them to
candidate paths learned via other mechanisms, and will choose one or
more paths to be installed in the data plane. BGP itself does not
install SR Policy candidate paths into the data plane.
This document defines a new BGP address family (SAFI). In UPDATE
messages of that address family, the NLRI identifies an SR Policy
Candidate Path, and the attributes encode the segment lists and other
details of that SR Policy Candidate Path.
While for simplicity we may write that BGP advertises an SR Policy,
it has to be understood that BGP advertises a candidate path of an SR
policy and that this SR Policy might have several other candidate
paths provided via BGP (via an NLRI with a different distinguisher as
defined in this document), PCEP, NETCONF or local policy
configuration.
Typically, a controller defines the set of policies and advertise
them to policy head-end routers (typically ingress routers). The
policy advertisement uses BGP extensions defined in this document.
The policy advertisement is, in most but not all of the cases,
tailored for a specific policy head-end. In this case the
advertisement may be sent on a BGP session to that head-end and not
propagated any further.
Alternatively, a router (i.e., a BGP egress router) advertises SR
Policies representing paths to itself. In this case, it is possible
to send the policy to each head-end over a BGP session to that head-
end, without requiring any further propagation of the policy.
Previdi, et al. Expires May 6, 2021 [Page 4]
Internet-Draft Segment Routing Policies in BGP November 2020
An SR Policy intended only for the receiver will, in most cases, not
traverse any Route Reflector (RR, [RFC4456]).
In some situations, it is undesirable for a controller or BGP egress
router to have a BGP session to each policy head-end. In these
situations, BGP Route Reflectors may be used to propagate the
advertisements, or it may be necessary for the advertisement to
propagate through a sequence of one or more AS. To make this
possible, an attribute needs to be attached to the advertisement that
enables a BGP speaker to determine whether it is intended to be a
head-end for the advertised policy. This is done by attaching one or
more Route Target Extended Communities to the advertisement
([RFC4360]).
The BGP extensions for the advertisement of SR Policies include
following components:
o A new Subsequent Address Family Identifier (SAFI) whose NLRI
identifies an SR Policy candidate path.
o A new Tunnel Type identifier for SR Policy, and a set of sub-TLVs
to be inserted into the Tunnel Encapsulation Attribute (as defined
in [I-D.ietf-idr-tunnel-encaps]) specifying segment lists of the
SR Policy candidate path, as well as other information about the
SR Policy.
o One or more IPv4 address format route-target extended community
([RFC4360]) attached to the SR Policy advertisement and that
indicates the intended head-end of such SR Policy advertisement.
o The Color Extended Community (as defined in
[I-D.ietf-idr-tunnel-encaps]) and used in order to steer traffic
into an SR Policy, as described in section 8.4 in
[I-D.ietf-spring-segment-routing-policy]. This document
(Section 3) modifies the format of the Color Extended Community by
using the two leftmost bits of the RESERVED field.
1.1. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
Previdi, et al. Expires May 6, 2021 [Page 5]
Internet-Draft Segment Routing Policies in BGP November 2020
2. SR Policy Encoding
2.1. SR Policy SAFI and NLRI
A new SAFI is defined: the SR Policy SAFI with codepoint 73. The AFI
used MUST be IPv4(1) or IPv6(2).
The SR Policy SAFI uses a new NLRI defined as follows:
+------------------+
| NLRI Length | 1 octet
+------------------+
| Distinguisher | 4 octets
+------------------+
| Policy Color | 4 octets
+------------------+
| Endpoint | 4 or 16 octets
+------------------+
where:
o NLRI Length: 1 octet of length expressed in bits as defined in
[RFC4760]. When AFI = 1 value MUST be 96 and when AFI = 2 value
MUST be 192.
o Distinguisher: 4-octet value uniquely identifying the policy in
the context of <color, endpoint> tuple. The distinguisher has no
semantic value and is solely used by the SR Policy originator to
make unique (from an NLRI perspective) multiple candidate paths of
the same SR Policy.
o Policy Color: 4-octet value identifying (with the endpoint) the
policy. The color is used to match the color of the destination
prefixes to steer traffic into the SR Policy as specified in
[I-D.ietf-spring-segment-routing-policy].
o Endpoint: identifies the endpoint of a policy. The Endpoint may
represent a single node or a set of nodes (e.g., an anycast
address). The Endpoint is an IPv4 (4-octet) address or an IPv6
(16-octet) address according to the AFI of the NLRI.
The color and endpoint are used to automate the steering of BGP
Payload prefixes on SR Policy as described in
[I-D.ietf-spring-segment-routing-policy].
The NLRI containing the SR Policy candidate path is carried in a BGP
UPDATE message [RFC4271] using BGP multiprotocol extensions [RFC4760]
with an AFI of 1 or 2 (IPv4 or IPv6) and with a SAFI of 73.
Previdi, et al. Expires May 6, 2021 [Page 6]
Internet-Draft Segment Routing Policies in BGP November 2020
An update message that carries the MP_REACH_NLRI or MP_UNREACH_NLRI
attribute with the SR Policy SAFI MUST also carry the BGP mandatory
attributes. In addition, the BGP update message MAY also contain any
of the BGP optional attributes.
The next-hop network address field in SR Policy SAFI (73) updates may
be either a 4 octet IPv4 address or a 16 octet IPv6 address,
independent of the SR Policy AFI. The length field of the next-hop
address specifies the next-hop address family. If the next-hop
length is 4, then the next-hop is an IPv4 address; if the next-hop
length is 16, then it is a global IPv6 address; and if the next-hop
length is 32, then it has a global IPv6 address followed by a link-
local IPv6 address. The setting of the next-hop field and its
attendant processing is governed by standard BGP procedures as
described in section 3 in [RFC4760].
It is important to note that any BGP speaker receiving a BGP message
with an SR Policy NLRI, will process it only if the NLRI is among the
best paths as per the BGP best path selection algorithm. In other
words, this document leverages the existing BGP propagation and
bestpath selection rules. Details of the procedures are described in
Section 4.
It has to be noted that if several candidate paths of the same SR
Policy (endpoint, color) are signaled via BGP to a head-end, it is
RECOMMENDED that each NLRI use a different distinguisher. If BGP has
installed into the BGP table two advertisements whose respective
NLRIs have the same color and endpoint, but different distinguishers,
both advertisements are passed to the SRPM as different candidate
paths along with their respective originator information (i.e. ASN
and BGP Router-ID) as described in section 2.4 of
[I-D.ietf-spring-segment-routing-policy]. The ASN would be the ASN
of origin and the BGP Router-ID is determined in the following order:
o From the Route Origin Community [RFC4360] if present and carrying
an IP Address
o As the BGP Originator ID [RFC4456] if present
o As the BGP Router-ID of the peer from which the update was
received as a last resort.
2.2. SR Policy and Tunnel Encapsulation Attribute
The content of the SR Policy Candidate Path is encoded in the Tunnel
Encapsulation Attribute defined in [I-D.ietf-idr-tunnel-encaps] using
a new Tunnel-Type called SR Policy Type with codepoint 15.
Previdi, et al. Expires May 6, 2021 [Page 7]
Internet-Draft Segment Routing Policies in BGP November 2020
The SR Policy Encoding structure is as follows:
SR Policy SAFI NLRI: <Distinguisher, Policy-Color, Endpoint>
Attributes:
Tunnel Encaps Attribute (23)
Tunnel Type: SR Policy
Binding SID
SRv6 Binding SID
Preference
Priority
Policy Name
Policy Candidate Path Name
Explicit NULL Label Policy (ENLP)
Segment List
Weight
Segment
Segment
...
...
where:
o SR Policy SAFI NLRI is defined in Section 2.1.
o Tunnel Encapsulation Attribute is defined in
[I-D.ietf-idr-tunnel-encaps].
o Tunnel-Type is set to 15.
o Preference, Binding SID, SRv6 Binding SID, Priority, Policy Name,
Policy Candidate Path Name, ENLP, Segment-List, Weight and Segment
sub-TLVs are defined in this document.
o Additional sub-TLVs may be defined in the future.
A Tunnel Encapsulation Attribute MUST NOT contain more than one TLV
of type "SR Policy".
2.3. Remote Endpoint and Color
The Remote Endpoint and Color sub-TLVs, as defined in
[I-D.ietf-idr-tunnel-encaps], MAY also be present in the SR Policy
encodings.
The Remote Endpoint and Color Sub-TLVs of the Tunnel Encapsulation
Attribute are not used for SR Policy encodings and therefore their
value is irrelevant in the context of the SR Policy SAFI NLRI. If
present, the Remote Endpoint sub-TLV and the Color sub-TLV MUST be
ignored by the BGP speaker.
Previdi, et al. Expires May 6, 2021 [Page 8]
Internet-Draft Segment Routing Policies in BGP November 2020
2.4. SR Policy Sub-TLVs
This section specifies the sub-TLVs defined for encoding the
information about the SR Policy Candidate Path.
Preference, Binding SID, SRv6 Binding SID, Segment-List, Priority,
Policy Name, Policy Candidate Path Name and Explicit NULL Label
Policy are the new sub-TLVs of the BGP Tunnel Encapsulation Attribute
[I-D.ietf-idr-tunnel-encaps] being defined in this section.
Weight and Segment are sub-TLVs of the new Segment-List sub-TLV
mentioned above.
None of the sub-TLVs defined in the following sub-sections have any
effect on the BGP bestpath selection or propagation procedures.
These sub-TLVs are not used by BGP and are instead passed on to SRPM
as SR Policy Candidate Path information for further processing
described in [I-D.ietf-spring-segment-routing-policy] .
2.4.1. Preference Sub-TLV
The Preference sub-TLV is used to carry the preference of the SR
Policy candidate path. The contents of this sub-TLV are used by the
SRPM as described in section 2.7 in
[I-D.ietf-spring-segment-routing-policy].
The Preference sub-TLV is optional and it MUST NOT appear more than
once in the SR Policy encoding.
The Preference sub-TLV has following format:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Preference (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
o Type: 12
o Length: 6.
o Flags: 1 octet of flags. None are defined at this stage. Flags
SHOULD be set to zero on transmission and MUST be ignored on
receipt.
Previdi, et al. Expires May 6, 2021 [Page 9]
Internet-Draft Segment Routing Policies in BGP November 2020
o RESERVED: 1 octet of reserved bits. SHOULD be set to zero on
transmission and MUST be ignored on receipt.
o Preference: a 4-octet value.
2.4.2. Binding SID Sub-TLV
The Binding SID sub-TLV is used to signal the binding SID related
information of the SR Policy candidate path. The contents of this
sub-TLV are used by the SRPM as described in section 6 in
[I-D.ietf-spring-segment-routing-policy].
The Binding SID sub-TLV is optional and it MUST NOT appear more than
once in the SR Policy encoding.
When the Binding SID sub-TLV is used to signal an SRv6 SID, the
choice of its SRv6 Endpoint Behavior
[I-D.ietf-spring-srv6-network-programming] to be instantiated is left
to the headend node. It is RECOMMENDED that the SRv6 Binding SID
sub-TLV defined in Section 2.4.3, that enables the specification of
the SRv6 Endpoint Behavior, be used for signaling of an SRv6 Binding
SID for an SR Policy candidate path.
The Binding SID sub-TLV has the following format:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Binding SID (variable, optional) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
o Type: 13
o Length: specifies the length of the value field not including Type
and Length fields. Can be 2 or 6 or 18.
o Flags: 1 octet of flags. Following flags are defined in the new
registry "SR Policy Binding SID Flags" as described in
Section 6.6:
0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+
|S|I| |
+-+-+-+-+-+-+-+-+
Previdi, et al. Expires May 6, 2021 [Page 10]
Internet-Draft Segment Routing Policies in BGP November 2020
where:
* S-Flag: This flag encodes the "Specified-BSID-only" behavior.
It is used by SRPM as described in section 6.2.3 in
[I-D.ietf-spring-segment-routing-policy].
* I-Flag: This flag encodes the "Drop Upon Invalid" behavior. It
is used by SRPM as described in section 8.2 in
[I-D.ietf-spring-segment-routing-policy].
* Unused bits in the Flag octet SHOULD be set to zero upon
transmission and MUST be ignored upon receipt.
o RESERVED: 1 octet of reserved bits. SHOULD be set to zero on
transmission and MUST be ignored on receipt.
o Binding SID: if length is 2, then no Binding SID is present. If
length is 6 then the Binding SID is encoded in 4 octets using the
format below. TC, S, TTL (Total of 12 bits) are RESERVED and
SHOULD be set to zero and MUST be ignored.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Label | TC |S| TTL |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
If length is 18 then the Binding SID contains a 16-octet SRv6 SID.
2.4.3. SRv6 Binding SID Sub-TLV
The SRv6 Binding SID sub-TLV is used to signal the SRv6 Binding SID
related information of the SR Policy candidate path. It enables the
specification of the SRv6 Endpoint Behavior
[I-D.ietf-spring-srv6-network-programming] to be instantiated on the
headend node. The contents of this sub-TLV are used by the SRPM as
described in section 6 in [I-D.ietf-spring-segment-routing-policy].
The SRv6 Binding SID sub-TLV is optional. More than one SRv6 Binding
SIDs MAY be signalled in the same SR Policy encoding to indicate one
or more SRv6 SIDs, each with potentially different SRv6 Endpoint
Behaviors to be instantiated.
The SRv6 Binding SID sub-TLV has the following format:
Previdi, et al. Expires May 6, 2021 [Page 11]
Internet-Draft Segment Routing Policies in BGP November 2020
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| SRv6 Binding SID (16 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// SRv6 Endpoint Behavior and SID Structure (optional) //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
o Type: TBD
o Length is variable
o Flags: 1 octet of flags. Following flags are defined in the new
registry "SR Policy Binding SID Flags" as described in
Section 6.7:
0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+
|S|I|B| |
+-+-+-+-+-+-+-+-+
where:
* S-Flag: This flag encodes the "Specified-BSID-only" behavior.
It is used by SRPM as described in section 6.2.3 in
[I-D.ietf-spring-segment-routing-policy].
* I-Flag: This flag encodes the "Drop Upon Invalid" behavior. It
is used by SRPM as described in section 8.2 in
[I-D.ietf-spring-segment-routing-policy].
* B-Flag: This flag, when set, indicates the presence of the SRv6
Endpoint Behavior and SID Structure encoding specified in
Section 2.4.4.2.13.
* Unused bits in the Flag octet SHOULD be set to zero upon
transmission and MUST be ignored upon receipt.
o RESERVED: 1 octet of reserved bits. SHOULD be set to zero on
transmission and MUST be ignored on receipt.
o SRv6 Binding SID: Contains a 16-octet SRv6 SID.
Previdi, et al. Expires May 6, 2021 [Page 12]
Internet-Draft Segment Routing Policies in BGP November 2020
o SRv6 Endpoint Behavior and SID Structure: Optional, as defined in
Section 2.4.4.2.13.
2.4.4. Segment List Sub-TLV
The Segment List sub-TLV encodes a single explicit path towards the
endpoint as described in section 5.1 in
[I-D.ietf-spring-segment-routing-policy]. The Segment List sub-TLV
includes the elements of the paths (i.e., segments) as well as an
optional Weight sub-TLV.
The Segment List sub-TLV may exceed 255 bytes length due to large
number of segments. Therefore a 2-octet length is required.
According to [I-D.ietf-idr-tunnel-encaps], the first bit of the sub-
TLV codepoint defines the size of the length field. Therefore, for
the Segment List sub-TLV a code point of 128 or higher is used.
The Segment List sub-TLV is optional and MAY appear multiple times in
the SR Policy encoding. The ordering of Segment List sub-TLVs, each
sub-TLV encoding a Segment List, does not matter.
The Segment List sub-TLV contains zero or more Segment sub-TLVs and
MAY contain a Weight sub-TLV.
The Segment List sub-TLV has the following format:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// sub-TLVs //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
o Type: 128.
o Length: the total length (not including the Type and Length
fields) of the sub-TLVs encoded within the Segment List sub-TLV.
o RESERVED: 1 octet of reserved bits. SHOULD be set to zero on
transmission and MUST be ignored on receipt.
o sub-TLVs currently defined:
* An optional single Weight sub-TLV.
Previdi, et al. Expires May 6, 2021 [Page 13]
Internet-Draft Segment Routing Policies in BGP November 2020
* Zero or more Segment sub-TLVs.
Validation of an explicit path encoded by the Segment List sub-TLV is
beyond the scope of BGP and performed by the SRPM as described in
section 5 in [I-D.ietf-spring-segment-routing-policy].
2.4.4.1. Weight Sub-TLV
The Weight sub-TLV specifies the weight associated to a given segment
list. The contents of this sub-TLV are used only by the SRPM as
described in section 2.11 in
[I-D.ietf-spring-segment-routing-policy].
The Weight sub-TLV is optional and it MUST NOT appear more than once
inside the Segment List sub-TLV.
The Weight sub-TLV has the following format:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Weight |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
o Type: 9.
o Length: 6
o Flags: 1 octet of flags. None are defined at this stage. Flags
SHOULD be set to zero on transmission and MUST be ignored on
receipt.
o RESERVED: 1 octet of reserved bits. SHOULD be set to zero on
transmission and MUST be ignored on receipt.
2.4.4.2. Segment Sub-TLVs
A Segment sub-TLV describes a single segment in a segment list (i.e.,
a single element of the explicit path). One or more Segment sub-TLVs
constitute an explicit path of the SR Policy candidate path. The
contents of these sub-TLVs are used only by the SRPM as described in
section 4 in [I-D.ietf-spring-segment-routing-policy].
Previdi, et al. Expires May 6, 2021 [Page 14]
Internet-Draft Segment Routing Policies in BGP November 2020
The Segment sub-TLVs are optional and MAY appear multiple times in
the Segment List sub-TLV.
[I-D.ietf-spring-segment-routing-policy] defines several Segment
Types:
Type A: SID only, in the form of MPLS Label
Type B: SID only, in the form of IPv6 address
Type C: IPv4 Node Address with optional SID
Type D: IPv6 Node Address with optional SID for SR MPLS
Type E: IPv4 Address and index with optional SID
Type F: IPv4 Local and Remote addresses with optional SID
Type G: IPv6 Address and index for local and remote pair with optional
SID for SR MPLS
Type H: IPv6 Local and Remote addresses with optional SID for SR MPLS
Type I: IPv6 Node Address with optional SID for SRv6
Type J: IPv6 Address and index for local and remote pair with optional
SID for SRv6
Type K: IPv6 Local and Remote addresses for SRv6
The follow sub-sections specify the sub-TLV used for encoding each of
these Segment Types.
2.4.4.2.1. Type A: SID only, in the form of MPLS Label
The Type A Segment Sub-TLV encodes a single SR-MPLS SID. The format
is as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Label | TC |S| TTL |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
o Type: 1.
o Length is 6.
o Flags: 1 octet of flags as defined in Section 2.4.4.2.12.
o RESERVED: 1 octet of reserved bits. SHOULD be set to zero on
transmission and MUST be ignored on receipt.
Previdi, et al. Expires May 6, 2021 [Page 15]
Internet-Draft Segment Routing Policies in BGP November 2020
o Label: 20 bits of label value.
o TC: 3 bits of traffic class.
o S: 1 bit of bottom-of-stack.
o TTL: 1 octet of TTL.
The following applies to the Type-1 Segment sub-TLV:
o The S bit SHOULD be zero upon transmission, and MUST be ignored
upon reception.
o If the originator wants the receiver to choose the TC value, it
sets the TC field to zero.
o If the originator wants the receiver to choose the TTL value, it
sets the TTL field to 255.
o If the originator wants to recommend a value for these fields, it
puts those values in the TC and/or TTL fields.
o The receiver MAY override the originator's values for these
fields. This would be determined by local policy at the receiver.
One possible policy would be to override the fields only if the
fields have the default values specified above.
2.4.4.2.2. Type B: SID only, in the form of IPv6 address
The Type B Segment Sub-TLV encodes a single SRv6 SID. The format is
as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// SRv6 SID (16 octets) //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// SRv6 Endpoint Behavior and SID Structure (optional) //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
o Type: 13.
o Length is variable.
Previdi, et al. Expires May 6, 2021 [Page 16]
Internet-Draft Segment Routing Policies in BGP November 2020
o Flags: 1 octet of flags as defined in Section 2.4.4.2.12.
o RESERVED: 1 octet of reserved bits. SHOULD be set to zero on
transmission and MUST be ignored on receipt.
o SRv6 SID: 16 octets of IPv6 address.
o SRv6 Endpoint Behavior and SID Structure: Optional, as defined in
Section 2.4.4.2.13.
The TLV 2 defined for advertisement of Segment Type B in the earlier
versions of this document has been deprecated to avoid backward
compatibility issues (refer Appendix A for details).
2.4.4.2.3. Type C: IPv4 Node Address with optional SID
The Type C Segment Sub-TLV encodes an IPv4 node address, SR Algorithm
and an optional SR-MPLS SID. The format is as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | SR Algorithm |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IPv4 Node Address (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| SR-MPLS SID (optional, 4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
o Type: 3.
o Length is 10 when the SR-MPLS SID is present else is 6.
o Flags: 1 octet of flags as defined in Section 2.4.4.2.12.
o SR Algorithm: 1 octet specifying SR Algorithm as described in
section 3.1.1 in [RFC8402], when A-Flag as defined in
Section 2.4.4.2.12 is present. SR Algorithm is used by SRPM as
described in section 4 in
[I-D.ietf-spring-segment-routing-policy]. When A-Flag is not
encoded, this field SHOULD be set to zero on transmission and MUST
be ignored on receipt.
o IPv4 Node Address: a 4 octet IPv4 address representing a node.
Previdi, et al. Expires May 6, 2021 [Page 17]
Internet-Draft Segment Routing Policies in BGP November 2020
o SR-MPLS SID: optional, 4 octet field containing label, TC, S and
TTL as defined in Section 2.4.4.2.1.
2.4.4.2.4. Type D: IPv6 Node Address with optional SID for SR MPLS
The Type D Segment Sub-TLV encodes an IPv6 node address, SR Algorithm
and an optional SR-MPLS SID. The format is as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | SR Algorithm |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// IPv6 Node Address (16 octets) //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| SR-MPLS SID (optional, 4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
o Type: 4
o Length is 22 when the SR-MPLS SID is present else is 18.
o Flags: 1 octet of flags as defined in Section 2.4.4.2.12.
o SR Algorithm: 1 octet specifying SR Algorithm as described in
section 3.1.1 in [RFC8402], when A-Flag as defined in
Section 2.4.4.2.12 is present. SR Algorithm is used by SRPM as
described in section 4 in
[I-D.ietf-spring-segment-routing-policy]. When A-Flag is not
encoded, this field SHOULD be set to zero on transmission and MUST
be ignored on receipt.
o IPv6 Node Address: a 16 octet IPv6 address representing a node.
o SR-MPLS SID: optional, 4 octet field containing label, TC, S and
TTL as defined in Section 2.4.4.2.1.
2.4.4.2.5. Type E: IPv4 Address + Local Interface ID with optional SID
The Type E Segment Sub-TLV encodes an IPv4 node address, a local
interface Identifier (Local Interface ID) and an optional SR-MPLS
SID. The format is as follows:
Previdi, et al. Expires May 6, 2021 [Page 18]
Internet-Draft Segment Routing Policies in BGP November 2020
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Local Interface ID (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IPv4 Node Address (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| SR-MPLS SID (optional, 4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
o Type: 5.
o Length is 14 when the SR-MPLS SID is present else is 10.
o Flags: 1 octet of flags as defined in Section 2.4.4.2.12.
o RESERVED: 1 octet of reserved bits. SHOULD be set to zero on
transmission and MUST be ignored on receipt.
o Local Interface ID: 4 octets of interface index as defined in
[RFC8664].
o IPv4 Node Address: a 4 octet IPv4 address representing a node.
o SR-MPLS SID: optional, 4 octet field containing label, TC, S and
TTL as defined in Section 2.4.4.2.1.
2.4.4.2.6. Type F: IPv4 Local and Remote addresses with optional SID
The Type F Segment Sub-TLV encodes an adjacency local address, an
adjacency remote address and an optional SR-MPLS SID. The format is
as follows:
Previdi, et al. Expires May 6, 2021 [Page 19]
Internet-Draft Segment Routing Policies in BGP November 2020
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Local IPv4 Address (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Remote IPv4 Address (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| SR-MPLS SID (optional, 4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
o Type: 6.
o Length is 14 when the SR-MPLS SID is present else is 10.
o Flags: 1 octet of flags as defined in Section 2.4.4.2.12.
o RESERVED: 1 octet of reserved bits. SHOULD be set to zero on
transmission and MUST be ignored on receipt.
o Local IPv4 Address: a 4 octet IPv4 address.
o Remote IPv4 Address: a 4 octet IPv4 address.
o SR-MPLS SID: optional, 4 octet field containing label, TC, S and
TTL as defined in Section 2.4.4.2.1.
2.4.4.2.7. Type G: IPv6 Address + Interface ID for local and remote
pair with optional SID for SR MPLS
The Type G Segment Sub-TLV encodes an IPv6 Link Local adjacency with
IPv6 local node address, a local interface identifier (Local
Interface ID), IPv6 remote node address , a remote interface
identifier (Remote Interface ID) and an optional SR-MPLS SID. The
format is as follows:
Previdi, et al. Expires May 6, 2021 [Page 20]
Internet-Draft Segment Routing Policies in BGP November 2020
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Local Interface ID (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// IPv6 Local Node Address (16 octets) //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Remote Interface ID (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// IPv6 Remote Node Address (16 octets) //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| SR-MPLS SID (optional, 4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
o Type: 7
o Length is 46 when the SR-MPLS SID is present else is 42.
o Flags: 1 octet of flags as defined in Section 2.4.4.2.12.
o RESERVED: 1 octet of reserved bits. SHOULD be set to zero on
transmission and MUST be ignored on receipt.
o Local Interface ID: 4 octets of interface index as defined in
[