Requirements for Provider Edge in IPv6-only Underlay Networks
draft-ma-v6ops-pe-ipv6only-reqs-00
This document is an Internet-Draft (I-D).
Anyone may submit an I-D to the IETF.
This I-D is not endorsed by the IETF and has no formal standing in the
IETF standards process.
| Document | Type | Active Internet-Draft (individual) | |
|---|---|---|---|
| Authors | Chenhao Ma , Chongfeng Xie | ||
| Last updated | 2026-03-05 (Latest revision 2026-03-02) | ||
| Replaces | draft-li-v6ops-ipv6only-pe-requirements | ||
| RFC stream | (None) | ||
| Intended RFC status | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | I-D Exists | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
draft-ma-v6ops-pe-ipv6only-reqs-00
v6ops Working Group C. Ma
Internet-Draft C. Xie
Intended status: Standards Track China Telecom
Expires: 3 September 2026 2 March 2026
Requirements for Provider Edge in IPv6-only Underlay Networks
draft-ma-v6ops-pe-ipv6only-reqs-00
Abstract
This document defines functional, protocol, and operational
requirements for Provider Edge (PE) devices operating in a multi-
domain network environment where the underlay is exclusively based on
IPv6. These requirements ensure consistent service delivery,
interoperability, and efficient operations across autonomous domains
while supporting IPv4-as-a-Service (IPv4aaS).
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on 3 September 2026.
Copyright Notice
Copyright (c) 2026 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components
extracted from this document must include Revised BSD License text as
described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Revised BSD License.
Ma & Xie Expires 3 September 2026 [Page 1]
Internet-Draft IPv6-only PE reqs March 2026
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Architectural Reference Model . . . . . . . . . . . . . . . . 3
4. Core Requirements for PEs . . . . . . . . . . . . . . . . . . 4
4.1. Inter-domain Routing Distribution Requirements . . . . . 4
4.2. Data Plane Forwarding & Encapsulation Requirements . . . 5
4.3. Operations & Management Requirements . . . . . . . . . . 6
5. Relationship with Existing Frameworks . . . . . . . . . . . . 6
6. Security Considerations . . . . . . . . . . . . . . . . . . . 6
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7
8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 7
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 7
9.1. Normative References . . . . . . . . . . . . . . . . . . 7
9.2. Iormative References . . . . . . . . . . . . . . . . . . 9
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 9
1. Introduction
The evolution towards IPv6-only underlay networks presents a
compelling opportunity to simplify network architecture and reduce
operational overhead. In large-scale service provider environments,
this underlay often spans multiple administrative domains (e.g.,
different Autonomous Systems or organizational boundaries). A
framework for such a multi-domain IPv6-only underlay, supporting
services like IPv4-as-a-Service (IPv4aaS), is described in
[I-D.ietf-v6ops-framework-md-ipv6only-underlay].
In this architecture, the Provider Edge (PE) device serves as the
critical nodal point where customer service attachment intersects
with the multi-domain IPv6-only underlay. Its role extends beyond
traditional PE functions to include key responsibilities in inter-
domain service routing, protocol-agnostic data encapsulation, and
cross-domain service assurance.
This document specifies the requirements for PE devices operating in
this specific context. These requirements ensure that PEs from
different vendors and domains can interoperate seamlessly to deliver
end-to-end services across a pure IPv6 underlay.
Ma & Xie Expires 3 September 2026 [Page 2]
Internet-Draft IPv6-only PE reqs March 2026
It should be noted that this document does not cover all the
requirements for PE devices, it only introduces the parts directly
related to IPv6-only. By specifying these requirements, this
document aims to provide a common recommendation for equipment
vendors and network operators, facilitating the development,
deployment, and interoperability of multi-domain IPv6-only PE
Routers. This will ultimately contribute to the successful
establishment and operation of multi-domain IPv6-only network.
1.1. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
14[RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
2. Terminology
The following terms are defined in this draft:
* Multi-domain Network: A network comprising two or more
administratively separate domains (e.g., Autonomous Systems)
interconnected to provide end-to-end services.
* IPv6-only Underlay: A network infrastructure that exclusively uses
IPv6 for forwarding and control-plane protocols, with no native
IPv4 forwarding path.
* Inter-domain PE: A PE device located at the boundary between two
administrative domains, responsible for exchanging service
information and forwarding traffic across domains.
* Intra-domain PE: A PE device located within a single
administrative domain.
* IPv4-as-a-Service (IPv4aaS): A service model where IPv4
connectivity is provided to customers over an IPv6-only underlay
network, using encapsulation or translation techniques.
* PE: Provider Edge, defined in [RFC4026]
3. Architectural Reference Model
Ma & Xie Expires 3 September 2026 [Page 3]
Internet-Draft IPv6-only PE reqs March 2026
+------------------+ PE +------------------+
| Domain A | (Intra/Inter| Domain B |
| (IPv6-only AS) | -domain) | (IPv6-only AS) |
| +-------------+ |
| [PE]---[P]---[ASBR] [ASBR]---[P]---[PE] |
+------------------+ +------------------+
| |
+---+------+ +----+----+
| IPv4 CE | | IPv4 CE |
+----------+ +---------+
Figure 1: Multi-domain IPv6-only Underlay
with PE Service Attachment Points
In the reference model (Figure 1):
* Each domain operates an internal IPv6-only IGP (e.g., IS-ISv6 or
OSPFv3) .
* Domains are interconnected via Inter-domain PEs (acting as ASBRs)
using IPv6 EBGP sessions.
* Service layer routes (e.g., IPv4 VPN routes) are exchanged via MP-
BGP over the IPv6 underlay.
* Customer IPv4 traffic is encapsulated within IPv6 (e.g., with an
SRv6 header) for traversal across the multi-domain underlay.
4. Core Requirements for PEs
4.1. Inter-domain Routing Distribution Requirements
REQ-1: A PE device, when acting as an Inter-domain PE, MUST be able
to exchange service layer routes (e.g., VPN-IPv4/VPN-IPv6 NLRIs
[RFC4364] with PEs in other domains using MP-BGP sessions where the
next-hop is an IPv6 address. This MUST be supported over IPv6-only
underlay transport.
Ma & Xie Expires 3 September 2026 [Page 4]
Internet-Draft IPv6-only PE reqs March 2026
REQ-2: A PE device MUST support the necessary MP-BGP extensions and
procedures for advertising IPv4-to-IPv6 (and vice versa) service
mappings across domain boundaries. This capability is FUNDAMENTAL
for enabling services like IPv4-as-a-Service (IPv4aaS) in an IPv6-
only underlay. It allows a downstream PE to correctly associate a
received IPv4 service prefix with its corresponding IPv6 underlay
path identifier or tunnel endpoint. The specific encoding (e.g., a
dedicated BGP attribute, extended community, or a new AFI/SAFI) and
procedures for distributing these mappings MUST follow
[I-D.ietf-idr-mpbgp-extension-4map6]. PE devices MUST be able to
install forwarding state based on these received mappings.
REQ-3: A PE device MUST correctly process and enforce policies based
on BGP Extended Community attributes, specifically Route Target, to
identify and isolate service routes and their associated mappings
belonging to different customers or domains.
REQ-4: A PE device MAY support additional mechanisms for inter-
domain traffic steering and policy enforcement beyond basic
connectivity. If supported, such mechanisms (e.g., BGP-based
mechanisms for segment routing or other tunnel technologies) SHOULD
operate transparently across the IPv6-only underlay. Crucially, the
absence of any specific traffic steering mechanism MUST NOT break
basic IPv4aaS service connectivity established through REQ-1 and REQ-
2.
4.2. Data Plane Forwarding & Encapsulation Requirements
REQ-5: A PE device MUST support at least one IETF-standardized
encapsulation method for carrying non-IPv6 customer traffic (e.g.,
IPv4, Ethernet) across the IPv6-only underlay. Possible mechanisms
include, but are not limited to, IPv6-in-IPv6 tunneling [RFC2473],
Generic Routing Encapsulation (GRE) over IPv6, MPLS-in-UDP/IPv6
[RFC7510], or SRv6 [RFC8986]. The choice of encapsulation MUST be
derivable from the control-plane information (e.g., the service
mapping advertised per REQ-2).
REQ-6: As an ingress PE, the device MUST be capable of encapsulating
received customer packets (e.g., IPv4) with an appropriate IPv6
header, based on the forwarding state installed via the control plane
(driven by REQ-2). As an egress PE, the device MUST be capable of
decapsulating the outer IPv6 header to recover the original customer
packet and forward it to the correct service instance.
Ma & Xie Expires 3 September 2026 [Page 5]
Internet-Draft IPv6-only PE reqs March 2026
REQ-7: Due to the increased packet size from encapsulation, a PE
device MUST implement Path MTU Discovery for IPv6 [RFC8201]. It MUST
either handle fragmentation appropriately or signal MTU issues back
to the source (e.g., using ICMPv6 Packet Too Big messages) in a way
that functions correctly across domain boundaries, considering the
encapsulated path.
4.3. Operations & Management Requirements
REQ-8: A PE device MUST support standardized OAM mechanisms that
operate end-to-end across multiple domains over the IPv6-only
underlay. This includes, but is not limited to, IPv6-based
Bidirectional Forwarding Detection (BFD)[RFC5880]and ICMPv6-based
traceroute. The OAM packets MUST follow the same encapsulation path
as data traffic.As a forwarding node in IPv6-only networks, PE router
shall accept centralized policy scheduling from the network
controller and implementing automated configuration through the
NETCONF protocol/YANG model. Meanwhile, the PE supports syslog and
SNMP Trap alarm mechanisms, enabling rapid fault location and
security incident tracing through standardized logs.
REQ-9: A PE device MUST be able to map the Quality of Service (QoS)
markings from the customer packet (e.g., IPv4 DSCP) to the
encapsulating IPv6 header's Traffic Class field (or equivalent), and
ensure this policy is consistently applied and honored as the packet
traverses different domains.
REQ-10: A PE device MUST provide robust isolation between traffic
from different customers or services across the shared IPv6 underlay.
This MUST be enforceable at inter-domain boundaries, typically
implemented through the use of distinct VPN routing/forwarding
instances or logically separated encapsulation identifiers derived
from the control plane.
5. Relationship with Existing Frameworks
This document provides the concrete device-level requirements that
implement the architecture described in the framework document
[I-D.ietf-v6ops-framework-md-ipv6only-underlay]. It relies upon and
extends the principles established in existing VPN specifications
(e.g., [RFC4364], [RFC7432]) and places critical new requirements on
MP-BGP for service mapping (REQ-2) to enable operation in a multi-
domain, IPv6-only context.
6. Security Considerations
Security in a multi-domain IPv6-only environment introduces specific
considerations for PE devices:
Ma & Xie Expires 3 September 2026 [Page 6]
Internet-Draft IPv6-only PE reqs March 2026
o BGP Session Security: All inter-domain BGP sessions MUST be secured
using mechanisms such as IPsec [RFC4301]. Route Origin Authorization
(ROA) validation via RPKI [RFC6810] SHOULD be implemented where
feasible.
o Mapping Advertisement Integrity: The service mapping advertisements
(REQ-2) are critical for correct forwarding. Mechanisms MUST be in
place to ensure their integrity and authenticity, potentially
leveraging existing BGP security measures.
o OAM Protection: OAM protocols MUST be rate-limited and protected
from misuse that could lead to denial-of-service attacks across
domains.
o Encapsulation Overhead and Inspection: The addition of
encapsulation headers should be considered in network capacity
planning and security monitoring. Techniques for deep packet
inspection may need to be adapted to operate on encapsulated traffic
within the underlay.
7. IANA Considerations
This document has no IANA actions.
8. Acknowledgements
The authors would like to thank the contributors and reviewers of
this document for their valuable input and feedback.
9. References
9.1. Normative References
[I-D.ietf-idr-mpbgp-extension-4map6]
Xie, C., Dong, G., Li, X., Han, G., and Z. Guo, "MP-BGP
Extension and the Procedures for IPv4/IPv6 Mapping
Advertisement", Work in Progress, Internet-Draft, draft-
ietf-idr-mpbgp-extension-4map6-05, 3 December 2025,
<https://datatracker.ietf.org/doc/html/draft-ietf-idr-
mpbgp-extension-4map6-05>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
Ma & Xie Expires 3 September 2026 [Page 7]
Internet-Draft IPv6-only PE reqs March 2026
[RFC2473] Conta, A. and S. Deering, "Generic Packet Tunneling in
IPv6 Specification", RFC 2473, DOI 10.17487/RFC2473,
December 1998, <https://www.rfc-editor.org/info/rfc2473>.
[RFC4026] Andersson, L. and T. Madsen, "Provider Provisioned Virtual
Private Network (VPN) Terminology", RFC 4026,
DOI 10.17487/RFC4026, March 2005,
<https://www.rfc-editor.org/info/rfc4026>.
[RFC4301] Kent, S. and K. Seo, "Security Architecture for the
Internet Protocol", RFC 4301, DOI 10.17487/RFC4301,
December 2005, <https://www.rfc-editor.org/info/rfc4301>.
[RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private
Networks (VPNs)", RFC 4364, DOI 10.17487/RFC4364, February
2006, <https://www.rfc-editor.org/info/rfc4364>.
[RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection
(BFD)", RFC 5880, DOI 10.17487/RFC5880, June 2010,
<https://www.rfc-editor.org/info/rfc5880>.
[RFC6810] Bush, R. and R. Austein, "The Resource Public Key
Infrastructure (RPKI) to Router Protocol", RFC 6810,
DOI 10.17487/RFC6810, January 2013,
<https://www.rfc-editor.org/info/rfc6810>.
[RFC7432] Sajassi, A., Ed., Aggarwal, R., Bitar, N., Isaac, A.,
Uttaro, J., Drake, J., and W. Henderickx, "BGP MPLS-Based
Ethernet VPN", RFC 7432, DOI 10.17487/RFC7432, February
2015, <https://www.rfc-editor.org/info/rfc7432>.
[RFC7510] Xu, X., Sheth, N., Yong, L., Callon, R., and D. Black,
"Encapsulating MPLS in UDP", RFC 7510,
DOI 10.17487/RFC7510, April 2015,
<https://www.rfc-editor.org/info/rfc7510>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8201] McCann, J., Deering, S., Mogul, J., and R. Hinden, Ed.,
"Path MTU Discovery for IP version 6", STD 87, RFC 8201,
DOI 10.17487/RFC8201, July 2017,
<https://www.rfc-editor.org/info/rfc8201>.
Ma & Xie Expires 3 September 2026 [Page 8]
Internet-Draft IPv6-only PE reqs March 2026
[RFC8986] Filsfils, C., Ed., Camarillo, P., Ed., Leddy, J., Voyer,
D., Matsushima, S., and Z. Li, "Segment Routing over IPv6
(SRv6) Network Programming", RFC 8986,
DOI 10.17487/RFC8986, February 2021,
<https://www.rfc-editor.org/info/rfc8986>.
9.2. Iormative References
[I-D.ietf-v6ops-framework-md-ipv6only-underlay]
Xie, C., Ma, C., Li, X., Mishra, G. S., and T. Graf,
"Framework for Multi-domain IPv6-only Underlay Network and
IPv4-as-a-Service", Work in Progress, Internet-Draft,
draft-ietf-v6ops-framework-md-ipv6only-underlay-19, 5
February 2026, <https://datatracker.ietf.org/doc/html/
draft-ietf-v6ops-framework-md-ipv6only-underlay-19>.
Authors' Addresses
Chenhao
China Telecom
Beiqijia Town, Changping District
Beijing
Beijing, 102209
China
Email: machh@chinatelecom.cn
Chongfeng Xie
China Telecom
Beiqijia Town, Changping District
Beijing
Beijing, 102209
China
Email: xiechf@chinatelecom.cn
Ma & Xie Expires 3 September 2026 [Page 9]