Skip to main content

SID Space (5f00::/16) Inter-domain Addressing Recommendations
draft-eknb-srv6ops-interdomain-sidspace-00

Document Type Active Internet-Draft (individual)
Authors Erik Kline , Nick Buraglio
Last updated 2024-11-05
Replaces draft-ek-srv6ops-sidspace-experiment
RFC stream (None)
Intended RFC status (None)
Formats
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state I-D Exists
Telechat date (None)
Responsible AD (None)
Send notices to (None)
draft-eknb-srv6ops-interdomain-sidspace-00
SRv6 Operations                                                 E. Kline
Internet-Draft                                Aalyria Technologies, Inc.
Intended status: Informational                               N. Buraglio
Expires: 9 May 2025                              Energy Sciences Network
                                                         5 November 2024

     SID Space (5f00::/16) Inter-domain Addressing Recommendations
               draft-eknb-srv6ops-interdomain-sidspace-00

Abstract

   This specification recommends a specific structured use of the SRv6
   SIDs prefix in support of Inter-Domain SRv6 networks.  The core of
   the proposal is to structure the address space by Autonomous System
   Number (ASN).

   Use of this proposed structure is entirely voluntary.  Voluntary use
   of this structure aids SRv6 operations while preserving the ability
   to use this prefix across cooperating SRv6 domains, but not across
   the general Internet.

About This Document

   This note is to be removed before publishing as an RFC.

   The latest revision of this draft can be found at
   https://ipvsix.github.io/draft-sidspace-experiment/draft-ek-srv6ops-
   sidspace-experiment.html.  Status information for this document may
   be found at https://datatracker.ietf.org/doc/draft-eknb-srv6ops-
   interdomain-sidspace/.

   Discussion of this document takes place on the SRv6 Operations
   Working Group mailing list (mailto:srv6ops@ietf.org), which is
   archived at https://mailarchive.ietf.org/arch/browse/srv6ops/.
   Subscribe at https://www.ietf.org/mailman/listinfo/srv6ops/.

   Source for this draft and an issue tracker can be found at
   https://github.com/ipvsix/draft-sidspace-experiment.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

Kline & Buraglio           Expires 9 May 2025                   [Page 1]
Internet-Draft     SID Space Inter-domain Addressing.      November 2024

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on 9 May 2025.

Copyright Notice

   Copyright (c) 2024 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents (https://trustee.ietf.org/
   license-info) in effect on the date of publication of this document.
   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.  Code Components
   extracted from this document must include Revised BSD License text as
   described in Section 4.e of the Trust Legal Provisions and are
   provided without warranty as described in the Revised BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
   2.  Inter-domain SRv6 SIDs  . . . . . . . . . . . . . . . . . . .   3
   3.  Proposed Structure  . . . . . . . . . . . . . . . . . . . . .   3
     3.1.  Generation of ASN derived SRv6 prefix SID . . . . . . . .   4
       3.1.1.  SRv6 SID Documentation Prefixes . . . . . . . . . . .   4
       3.1.2.  SRv6 SID Private Use Prefixes . . . . . . . . . . . .   4
   4.  Routing and Filtering . . . . . . . . . . . . . . . . . . . .   5
   5.  Example test case . . . . . . . . . . . . . . . . . . . . . .   5
   6.  Security Considerations . . . . . . . . . . . . . . . . . . .   6
   7.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   6
   8.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   6
     8.1.  Normative References  . . . . . . . . . . . . . . . . . .   6
     8.2.  Informative References  . . . . . . . . . . . . . . . . .   7
   Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . .   7
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .   7

Kline & Buraglio           Expires 9 May 2025                   [Page 2]
Internet-Draft     SID Space Inter-domain Addressing.      November 2024

1.  Introduction

   [RFC9602] requested of IANA a dedicated prefix for Segment Routing
   over IPv6 [RFC8402] Segment Identifiers (SRv6 SIDs), with the aim of
   "improv[ing] security by making it simpler to filter traffic at the
   edge of the SR domains."  The prefix 5f00::/16 was allocated for this
   purpose [IANA-IPv6Special].  No requirements were placed on the use
   of this prefix nor any recommendations made for structured use of
   this prefix.

   This specification recommends a specific structured use of the SRv6
   SIDs prefix in support of Inter-Domain SRv6 networks.  The core of
   the proposal is to structure the address space by Autonomous System
   Number (ASN).

   Use of this proposed structure is entirely voluntary.  Voluntary use
   of this structure aids SRv6 operations while preserving the ability
   to use this prefix across cooperating SRv6 domains, but not across
   the general Internet.

   The SID space prefix was allocated to improve ease of filtering.
   Where SRv6 traffic using these prefixes may be shared with
   cooperating partner networks, this proposal makes it easier to craft
   filters that permit only SRv6 traffic from identified ASNs.

   As a point of historical interest, this proposal contains echos of
   the structure of the original 6bone test allocation [RFC1897].

2.  Inter-domain SRv6 SIDs

   An inter-domain SRv6 SID, as used in this document, means an SRv6 SID
   from the address space used by one SRv6 domain that is advertised to
   another SRv6 domain force inclusion an SRv6 Policy used by the second
   domain when forwarding policy-specific traffic to the advertising
   SRv6 domain.

3.  Proposed Structure

   The recommendation of this specification is for SRv6 domains to
   allocate SIDs from prefixes that are concatenations of the SRv6 SID
   prefix (5f00::/16) and an applicable ASN.  Assuming 32-bit ASNs, this
   yields a /48 per ASN in use within an SRv6 domain, i.e. 5f00:as-
   hi16:as-lo16::/48.

Kline & Buraglio           Expires 9 May 2025                   [Page 3]
Internet-Draft     SID Space Inter-domain Addressing.      November 2024

3.1.  Generation of ASN derived SRv6 prefix SID

   Each unique ASN generates a prefix from the IANA allocation by
   converting mutually agreed upon ASNs to hexidecimal, and inserting
   this hex into a /48 prefix.

3.1.1.  SRv6 SID Documentation Prefixes

   Using 16-bit and 32-bit ASNs reserved for documentation purposes
   [IANA-ASNs] yields several SRv6 SID prefixes that might be used for
   SRv6 documentation purposes.  These prefixes presently include ASNs
   in the range of 64496-64511 as defined in [RFC5398]:

   5f00:0:fbf0::/48
   ...
   5f00:0:fbff::/48

   or any /48 prefix between these.

   It should be noted that 32-but ASNs do not have a specific range
   dedicated for documentation but do have a private use block as
   defined in [RFC6996].

3.1.2.  SRv6 SID Private Use Prefixes

   Using 16-bit and 32-bit ASNs reserved for private use purposes
   [IANA-ASNs] and defined by yields several SRv6 SID prefixes for
   private use.  These prefixes are defined by RFC 6996 and presently
   include:

                   +==========+=======================+
                   | ASN size | Private Use Range     |
                   +==========+=======================+
                   | 16-bit   | 64512-65534           |
                   +----------+-----------------------+
                   | 32-bit   | 4200000000-4294967294 |
                   +----------+-----------------------+

                                 Table 1

   yielding:

   5f00:0:fc00::/48
   ...
   5f00:0:fffe::/48

   and

Kline & Buraglio           Expires 9 May 2025                   [Page 4]
Internet-Draft     SID Space Inter-domain Addressing.      November 2024

   5f00:fa56:ea00::/48
   ...
   5f00:ffff:fffe::/48

   or any /48 prefix between these, as private use ASN-derived SID
   prefixes.

4.  Routing and Filtering

   As noted in [draft-bdmgct-spring-srv6-security], it is assumed that
   each ASN using this SRv6 SID space structure has deployed their
   respective SRv6 implementations within a limited domain [RFC8799]
   with appropriate filtering at the domain boundaries.  Because this is
   intended for inter-domain use, the requisite filtering exceptions
   must be made between each SRv6 domain to allow for the desired Inter-
   Domain communication to occur.  Care should be taken to allow only
   the desired and necessary communication between each SRv6 domain.
   The mechanisms used should be conformant with the given domain's
   security policy and may include, but are not limited to:

   *  routing filters such as BGP prefix-lists, route-maps, route-
      policies, or other analogous mechanisms, or

   *  access control filters at the domain edge

5.  Example test case

   One possible test case is the exchange of the IPv6 prefix SID between
   two autonomous systems with independent management domains.  In this
   example, AS4294967294 exchanges their SRv6 SID prefix
   (5f00:ffff:fffe::/48) with AS4200000000 who announces their ASN
   derived SRv6 SID prefix (5f00:fa56:ea00::/48).

Kline & Buraglio           Expires 9 May 2025                   [Page 5]
Internet-Draft     SID Space Inter-domain Addressing.      November 2024

  ┌─────────────────────────────────┐           ┌──────────────────────────────────┐
  │                                 │           │                                  │
  │                                 │           │                                  │
  │                  eBGP speaker   │           │   eBGP speaker                   │
  │           5f00:ffff:fffe::/48   │           │   5f00:fa56:ea00::/48            │
  │   ┌─────┐               ┌────┐  │           │  ┌────┐                ┌─────┐   │
  │   │     ├──────┐        │    ├──┼───────────┼──┤    │        ┌───────┤     │   │
  │   │     │      │        │    │  │           │  │    │        │       │     │   │
  │   └─────┘   ┌──┴──┐     └─┬──┘  │           │  └──┬─┘     ┌──┴──┐    └─────┘   │
  │             │     │       │     │           │     │       │     │              │
  │             │     ├───────┘     │           │     └───────┤     │              │
  │             └─────┘             │           │             └─────┘              │
  │                                 │           │                                  │
  │                                 │           │                                  │
  │                                 │           │                                  │
  │ AS4294967294                    │           │                      AS4200000000│
  └─────────────────────────────────┘           └──────────────────────────────────┘

   Within this structure, appropriate and agreed upon policy may be
   shared between the partner ASNs.  Defining the policy or use cases is
   outside of the scope of this document.

6.  Security Considerations

   This document does not alter the inherent security posture of SRv6
   [RFC8402], [RFC8754].  The SID space prefix was allocated to improve
   ease of filtering.  Where SRv6 traffic using these prefixes may be
   shared with cooperating partner networks, this proposal makes it
   easier to craft filters that permit only SRv6 traffic from identified
   ASNs.

7.  IANA Considerations

   This document has no IANA actions.

8.  References

8.1.  Normative References

   [IANA-ASNs]
              "Autonomous System (AS) Numbers", n.d.,
              <https://www.iana.org/assignments/as-numbers/as-
              numbers.xhtml>.

   [IANA-IPv6Special]
              "IANA IPv6 Special-Purpose Address Registry", n.d.,
              <https://www.iana.org/assignments/iana-ipv6-special-
              registry/iana-ipv6-special-registry.xhtml>.

Kline & Buraglio           Expires 9 May 2025                   [Page 6]
Internet-Draft     SID Space Inter-domain Addressing.      November 2024

   [RFC9602]  Krishnan, S., "Segment Routing over IPv6 (SRv6) Segment
              Identifiers in the IPv6 Addressing Architecture",
              RFC 9602, DOI 10.17487/RFC9602, October 2024,
              <https://www.rfc-editor.org/rfc/rfc9602>.

8.2.  Informative References

   [draft-bdmgct-spring-srv6-security]
              "SRv6 Security Considerations", n.d.,
              <https://datatracker.ietf.org/doc/draft-bdmgct-spring-
              srv6-security/>.

   [RFC1897]  Hinden, R. and J. Postel, "IPv6 Testing Address
              Allocation", RFC 1897, DOI 10.17487/RFC1897, January 1996,
              <https://www.rfc-editor.org/rfc/rfc1897>.

   [RFC5398]  Huston, G., "Autonomous System (AS) Number Reservation for
              Documentation Use", RFC 5398, DOI 10.17487/RFC5398,
              December 2008, <https://www.rfc-editor.org/rfc/rfc5398>.

   [RFC6996]  Mitchell, J., "Autonomous System (AS) Reservation for
              Private Use", BCP 6, RFC 6996, DOI 10.17487/RFC6996, July
              2013, <https://www.rfc-editor.org/rfc/rfc6996>.

   [RFC8402]  Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L.,
              Decraene, B., Litkowski, S., and R. Shakir, "Segment
              Routing Architecture", RFC 8402, DOI 10.17487/RFC8402,
              July 2018, <https://www.rfc-editor.org/rfc/rfc8402>.

   [RFC8754]  Filsfils, C., Ed., Dukes, D., Ed., Previdi, S., Leddy, J.,
              Matsushima, S., and D. Voyer, "IPv6 Segment Routing Header
              (SRH)", RFC 8754, DOI 10.17487/RFC8754, March 2020,
              <https://www.rfc-editor.org/rfc/rfc8754>.

   [RFC8799]  Carpenter, B. and B. Liu, "Limited Domains and Internet
              Protocols", RFC 8799, DOI 10.17487/RFC8799, July 2020,
              <https://www.rfc-editor.org/rfc/rfc8799>.

Acknowledgments

   TODO acknowledge.

Authors' Addresses

   Erik Kline
   Aalyria Technologies, Inc.
   Email: ek.ietf@gmail.com

Kline & Buraglio           Expires 9 May 2025                   [Page 7]
Internet-Draft     SID Space Inter-domain Addressing.      November 2024

   Nick Buraglio
   Energy Sciences Network
   Email: buraglio@forwardingplane.net

Kline & Buraglio           Expires 9 May 2025                   [Page 8]