Advertising Segment Routing Traffic Engineering Policies in BGP
draft-previdi-idr-segment-routing-te-policy-00
Network Working Group S. Previdi, Ed.
Internet-Draft C. Filsfils
Intended status: Standards Track A. Sreekantiah
Expires: September 19, 2016 S. Sivabalan
Cisco Systems, Inc.
P. Mattes
Microsoft
March 18, 2016
Advertising Segment Routing Traffic Engineering Policies in BGP
draft-previdi-idr-segment-routing-te-policy-00
Abstract
This document defines a new BGP SAFI with a new NLRI in order to
advertise a Segment Routing Traffic Engineering Policy (SR TE
Policy). The SR TE Policy is advertised along with the Tunnel
Encapsulation Attribute for which this document also defines new sub-
TLVs. An SR TE policy is advertised with the information that will
be used by the node receiving the advertisement in order to
instantiate the policy in its forwarding table and to steer traffic
according to the policy.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 19, 2016.
Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
Previdi, et al. Expires September 19, 2016 [Page 1]
Internet-Draft Segment Routing TE Policies in BGP March 2016
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Requirements Language . . . . . . . . . . . . . . . . . . 4
2. SR TE Policy Encoding . . . . . . . . . . . . . . . . . . . . 4
2.1. SR TE Policy SAFI and NLRI . . . . . . . . . . . . . . . 4
2.1.1. SR TE Policies and Add-Paths . . . . . . . . . . . . 5
2.2. SR TE Policy and Tunnel Encapsulation Attribute . . . . . 5
2.3. Remote Endpoint and Color . . . . . . . . . . . . . . . . 6
2.4. SR TE Policy Sub-TLVs . . . . . . . . . . . . . . . . . . 7
2.4.1. SR TE Binding SID Sub-TLV . . . . . . . . . . . . . . 7
2.4.2. Weight Sub-TLV . . . . . . . . . . . . . . . . . . . 8
2.4.3. Segment List Sub-TLV . . . . . . . . . . . . . . . . 9
2.4.4. Segment Sub-TLV . . . . . . . . . . . . . . . . . . . 9
3. SR TE Policy Operations . . . . . . . . . . . . . . . . . . . 11
3.1. Multipath Operation . . . . . . . . . . . . . . . . . . . 12
3.2. Binding SID TLV . . . . . . . . . . . . . . . . . . . . . 12
3.3. Reception of an SR TE Policy . . . . . . . . . . . . . . 13
3.4. Announcing BGP SR TE Policies . . . . . . . . . . . . . . 14
3.5. Flowspec and SR TE Policies . . . . . . . . . . . . . . . 14
4. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 15
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15
6. Security Considerations . . . . . . . . . . . . . . . . . . . 15
7. References . . . . . . . . . . . . . . . . . . . . . . . . . 15
7.1. Normative References . . . . . . . . . . . . . . . . . . 15
7.2. Informational References . . . . . . . . . . . . . . . . 17
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 17
1. Introduction
Segment Routing (SR) technology leverages the source routing and
tunneling paradigms. [I-D.ietf-spring-segment-routing] describes the
SR architecture. [I-D.ietf-spring-segment-routing-mpls] describes
its instantiation on the MPLS data plane and
[I-D.ietf-6man-segment-routing-header] describes the Segment Routing
instantiation over the IPv6 data plane.
This document defines the Segment Routing Traffic Engineering Policy
(SR TE Policy) as a set of weighted equal cost multi path (WECMP)
Previdi, et al. Expires September 19, 2016 [Page 2]
Internet-Draft Segment Routing TE Policies in BGP March 2016
segment lists (representing explicit paths) as well as the mechanism
allowing a router to steer traffic into an SR TE Policy.
The SR TE Policy is advertised in the Border Gateway Protocol (BGP)
by the BGP speaker being a router or a controller and using
extensions defined in this document. Among the information encoded
in the BGP message and representing the SR TE Policy, the steering
mechanism makes also use of the Extended Color Community currently
defined in [I-D.ietf-idr-tunnel-encaps]
Typically, a controller defines the set of policies and advertise
them to BGP routers (typically ingress routers). The policy
advertisement uses BGP extensions defined in this document. The
policy advertisement is, in most but not all of the cases, tailored
for the receiver. In other words, a policy advertised to a given BGP
speaker has significance only for that particular router and is not
intended to be propagated anywhere else. Then, the receiver of the
policy instantiate the policy in its routing and forwarding tables
and steer traffic into it based on both the policy and destination
prefix color and next-hop.
Alternatively, a router (i.e.: an BGP egress router) advertises SR TE
Policies representing paths to itself. These advertisements are sent
to BGP ingress nodes who instantiate these policies and steer traffic
into them according to the color and endpoint/BGP next-hop of both
the policy and the destination prefix.
An SR TE Policy being intended only for the receiver of the
advertisement, the SR TE Policies are sent directly to each receiver
and, in most of the cases will not traverse any Route Reflector (RR,
[RFC4456]).
However, in the case where the same SR TE Policy is intended for a
group of nodes, nothing prevents the originator to rely on one or
more RRs in order to distribute the SR TE Policy to multiple
receivers. The encoding of the SR TE Policy defined in this document
supports both propagation schemes: direct BGP session and Route
Reflectors.
The BGP extensions for the advertisement of SR TE Policies include
following components:
o A new Subsequent Address Family Identifier (SAFI) identifying the
content of the BGP message (i.e.: the SR TE Policy).
o A new NLRI identifying the SR TE Policy.
Previdi, et al. Expires September 19, 2016 [Page 3]
Internet-Draft Segment Routing TE Policies in BGP March 2016
o A set of new TLVs to be inserted into the Tunnel Encapsulation
Attribute (as defined in [I-D.ietf-idr-tunnel-encaps]) and
describing the SR TE Policy.
o The Extended Color Community (as defined in
[I-D.ietf-idr-tunnel-encaps]) and used in order to steer traffic
into an SR TE Policy.
1.1. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
2. SR TE Policy Encoding
2.1. SR TE Policy SAFI and NLRI
A new SAFI is defined: the SR TE Policy SAFI (codepoint suggested
value 73, to be assigned by IANA).
The SR TE Policy SAFI uses a new NLRI defined as follows:
+-----------------------------------------------+
| Policy Color (4 octets) |
+-----------------------------------------------+
| Endpoint (4 or 16 octets) |
+-----------------------------------------------+
where:
o Policy Color: 4-octet value identifying (with the endpoint) the
policy. The color is used to match the color of the destination
prefixes in order to steer traffic into the SR TE Policy.
o Endpoint: identifies the endpoint of a policy. The Endpoint may
represent a single node or a set of nodes (e.g.: an anycast
address or a summary address). The Endpoint may be an IPv4
(4-octet) address or an IPv6 (16-octet) address according to the
AFI of the NLRI.
The NLRI containing the SR TE Policy is carried in a BGP UPDATE
message [RFC4271] using BGP multiprotocol extensions [RFC4760] with
an AFI of 1 or 2 (IPv4 or IPv6) and with a SAFI of 73 (suggested
value, to be assigned by IANA).
An update message that carries the MP_REACH_NLRI or MP_UNREACH_NLRI
attribute with the SR TE Policy SAFI MUST also carry the BGP
Previdi, et al. Expires September 19, 2016 [Page 4]
Internet-Draft Segment Routing TE Policies in BGP March 2016
mandatory attributes: NEXT_HOP, ORIGIN, AS_PATH, and LOCAL_PREF (for
IBGP neighbors), as defined in [RFC4271]. In addition, the BGP
update message MAY also contain any of the BGP optional attributes.
The NEXT_HOP attribute of the SR TE Policy SAFI NLRI is set based on
the AFI. For example, if the AFI is set to IPv4 (1), then the
nexthop is encoded as a 4-byte IPv4 address. If the AFI is set to
IPv6 (2), then the nexthop is encoded as a 16-byte IPv6 address of
the router. It is important to note that any BGP speaker receiving a
BGP message with an SR TE Policy NLRI, will process it only if the
NLRI is a best path as per the BGP best path selection algorithm.
The NEXT_HOP attribute of the SR TE Policy SAFI NLRI MUST be set as
one of the local addresses of the BGP speaker originating and
advertising the SR TE Policy (either the controller or the BGP egress
node).
2.1.1. SR TE Policies and Add-Paths
The SR TE Policy SAFI NLRI MAY use the Add Paths extension
([I-D.ietf-idr-add-paths]) when the same policy (identified by the
same Color and Endpoint) is to be advertised by multiple originators
(e.g.: multiple controllers) and all advertisements need to be
advertised to a group of receivers (hence these advertisements need
to be preserved from a RR selection process).
In such case, each controller will use a different path identifier in
the advertisement of the SR TE Policy.
When Add-Paths extensions is to be used, it MUST be signaled in the
BGP capability according to ([I-D.ietf-idr-add-paths]).
2.2. SR TE Policy and Tunnel Encapsulation Attribute
The content of the SR TE Policy is encoded in the Tunnel
Encapsulation Attribute originally defined in
[I-D.ietf-idr-tunnel-encaps] using a new Tunnel-Type TLV (suggested
codepoint is 14, to be assigned by IANA).
The SR TE Policy Encoding structure is as follows:
Previdi, et al. Expires September 19, 2016 [Page 5]
Internet-Draft Segment Routing TE Policies in BGP March 2016
SR TE Policy SAFI NLRI: <Policy-Color, Endpoint>
Attributes:
Tunnel Encaps Attribute (23)
Tunnel Type: SR TE Policy
Binding SID
Segment List
Weight
Segment (sid/nai/flags)
Segment (sid/nai/flags)
...
...
...
where:
o SR TE Policy SAFI NLRI is defined in Section 2.1.
o Tunnel Encapsulation Attribute is defined in
[I-D.ietf-idr-tunnel-encaps].
o Tunnel-Type is set to a suggested value of 14 (to be assigned by
IANA).
o Binding SID, Weight, Segment and Segment-List are new sub-TLVs
defined in this document.
o Additional sub-TLVs may be defined in the future.
A single occurrence of "Tunnel Type: SR TE Policy" MUST be encoded
within the same Tunnel Encapsulation Attribute.
Multiple occurrences of "Segment List" MAY be encoded within the same
SR TE Policy.
Multiple occurrences of "Segment" MAY be encoded within the same
Segment List.
2.3. Remote Endpoint and Color
The Remote Endpoint and Color sub-TLVs, as defined in
[I-D.ietf-idr-tunnel-encaps], MAY also be present in the SR TE Policy
encodings.
If present, the Remote Endpoint sub-TLV MUST match the Endpoint of
the SR TE Policy SAFI NLRI. If they don't match, the SR TE Policy
advertisement MUST be considered as invalid.
Previdi, et al. Expires September 19, 2016 [Page 6]
Internet-Draft Segment Routing TE Policies in BGP March 2016
If present, the Color sub-TLV MUST match the Policy Color of the SR
TE Policy SAFI NLRI. If they don't match, the SR TE Policy
advertisement MUST be considered as invalid.
2.4. SR TE Policy Sub-TLVs
This section defines the SR TE Policy sub-TLVs.
2.4.1. SR TE Binding SID Sub-TLV
The Binding SID sub-TLV requests the allocation of a Binding Segment
identifier associated with the SR TE Policy. The Binding SID sub-TLV
has the following format:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Binding SID (variable, optional) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
o Type: to be assigned by IANA (suggested value is 6).
o Length: specifies the length of the value field not including Type
and Length fields. Can be 0 or 4 or 16.
o Binding SID: if length is 0, then no field is present. If length
is 4 then the Binding SID contains a 4-octet SID. If length is 16
then the Binding SID contains a 16-octet IPv6 SID.
The Binding SID sub-TLV is used to instruct the receiver of the BGP
message to allocate a Binding SID to the SR TE Policy. The
allocation of the Binding SID in the receiver is done according to
following rules:
o If length is 0 (no value field is present), then the receiver MUST
allocate a local Binding SID whose value is chosen by the
receiver.
o If length is 4, then the value field contains the 4-octet Binding
SID value the receiver SHOULD allocate.
o If length is 16, then the value field contains the 16-octet
Binding SID value the receiver SHOULD allocate.
Previdi, et al. Expires September 19, 2016 [Page 7]
Internet-Draft Segment Routing TE Policies in BGP March 2016
The Binding SID sub-TLV is mandatory and MUST NOT appear more than
once on an SR TE Policy Advertisement.
When a controller is used in order to define and advertise SR TE
Policies and when the Binding SID is allocated by the receiver, such
Binding SID SHOULD be reported to the controller. The mechanisms
and/or APIs used for the reporting of the Binding SID are outside the
scope of this document.
Further use of the Binding SID is described in a subsequent section.
2.4.2. Weight Sub-TLV
The Weight sub-TLV specifies the weight associated to a given path
(i.e.: a given segment list). The weight is used in order to apply
weighted-ECMP mechanism when steering traffic into a policy that
includes multiple paths (i.e.: multiple segment lists).
The Weight sub-TLV has the following format:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Weight |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
Type: to be assigned by IANA (suggested value is 7).
Length: 4.
The Weight sub-TLV is optional and MAY appear only once in the
Segment List sub-TLV.
When present, the Weight sub-TLV specifies a weight to be associated
with the corresponding Segment List, for use in unequal-cost multi
path. Weights are applied by summing the total value of all of the
weights for all Segment Lists, and then assigning a fraction of the
forwarded traffic to each Segment List in proportion its weight's
fraction of the total.
Previdi, et al. Expires September 19, 2016 [Page 8]
Internet-Draft Segment Routing TE Policies in BGP March 2016
2.4.3. Segment List Sub-TLV
The Segment List sub-TLV is used in order to encode a single explicit
path towards the endpoint. The Segment List sub-TLV includes the
elements of the paths (i.e.: segments) as well as an optional Weight
TLV.
The Segment List sub-TLV has the following format:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// sub-TLVs //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
o Type: to be assigned by IANA (suggested value is 8).
o Length: the total length (not including the Type and Length
fields) of the sub-TLVs encoded within the Segment List sub-TLV.
o sub-TLVs:
* An optional single Weight sub-TLV.
* One or more Segment sub-TLVs.
The Segment List sub-TLV is mandatory.
Multiple occurrences of the Segment List sub-TLV MAY appear in the SR
TE Policy.
When multiple occurrences of the Segment List sub-TLV appear in the
SR TE Policy, the traffic is load-balanced across them either through
an ECMP scheme (if no Weight sub-TLV is present) or through a W-ECMP
scheme according to Section 2.4.2.
2.4.4. Segment Sub-TLV
The Segment sub-TLV describes a single segment in a segment list
(i.e.: a single element of the explicit path). Multiple Segment sub-
TLVs constitute an explicit path of the SR TE Policy.
The encoding format of the Segment sub-TLV is based on the ERO sub-
object definition described in [I-D.ietf-pce-segment-routing]):
Previdi, et al. Expires September 19, 2016 [Page 9]
Internet-Draft Segment Routing TE Policies in BGP March 2016
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ST | Flags |I|L|F|S|C|M|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// SID (32 bits or 128 bits) //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// NAI (variable) //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
o Type: to be assigned by IANA (suggested value is 9).
o Length: the length of the Segment sub-TLV not including the Type
and Length fields.
SID Type (ST) indicates the type of the information associated with
the SID and NAI contained in the sub-TLV. ST is defined in
[I-D.ietf-pce-segment-routing].
SID is the Segment Identifier as defined in
[I-D.ietf-pce-segment-routing].
NAI (Node and Adjacency Identifier) contains the NAI associated with
the SID. Depending on the value of ST, the NAI can have different
formats as described in [I-D.ietf-pce-segment-routing].
Flags carry any additional information related to the SID.
Currently, the following flags are defined:
I-Flag: IPv6 SID flag. When set, it indicates that the SID is
encoded as a 16-octet IPv6 SID (IPv6 SIDs are defined in
[I-D.ietf-6man-segment-routing-header]). When clear, the SID is
encoded as a 4-octet SID.
L-Flag: Loose flag. Indicates whether the encoding represents a
loose-hop in the LSP ([RFC3209]). If L-Flag is clear, a BGP
speaker MUST NOT overwrite the SID value present in the Segment
sub-TLV. Otherwise, a BGP speaker, based on local policy, MAY
expand or replace the SID value in the received Segment sub-TLV.
F-flag: when set, the NAI value in the object body is null.
S-Flag: when set, the SID value in the object body is null. In
this case, the receiving BGP speaker is responsible for choosing
Previdi, et al. Expires September 19, 2016 [Page 10]
Internet-Draft Segment Routing TE Policies in BGP March 2016
the SID value, e.g., by looking up its Tunnel DB using the NAI
which, in this case, MUST be present in the object.
C-Flag: when this flag as well as the M-flag are set, then the SID
value represents an MPLS label stack entry as specified in
[RFC5462], where all the entry's fields (Label, TC, S, and TTL)
are specified by the sending BGP speaker. However, a receiving
BGP speaker MAY choose to override TC, S, and TTL values according
its local policy and MPLS forwarding rules.
M-Flag: when this bit is set, the SID value represents an MPLS
label stack entry as specified in [RFC5462] where only the label
value is specified by the BGP speaker. Other label fields (i.e:
TC, S, and TTL) fields MUST be ignored, and receiving BGP speaker
MUST set these fields according to its local policy and MPLS
forwarding rules.
Other flags may be defined in the future.
The NAI encoding is as per corresponding sub-TLV definition in
[I-D.ietf-pce-segment-routing]
3. SR TE Policy Operations
SR TE Policies are advertised in the Tunnel Encapsulation Attribute
defined in [I-D.ietf-idr-tunnel-encaps]. The SR TE Policy TLVs
specify one (or more for load balancing purposes) list of segment
identifiers (SIDs), that define the set of explicit SR TE paths
towards the endpoint address encoded in the NLRI.
The Color field of the NLRI allows association of destination
prefixes with a given SR TE Policy. The BGP speaker SHOULD then
attach a Color Extended Community (as defined in [RFC5512]) to
destination prefixes (e.g.: IPv4/IPv6 unicast prefixes) in order to
allow the receiver of the SR TE Policy and of the destination prefix
to steer traffic into the SR TE Policy if the destination prefix:
o Has a BGP next-hop attribute matching the SR TE Policy SAFI NLRI
Endpoint and
o Has an attached Extended Color Community with the same value as
the color of the SR TE Policy NLRI Color.
A SR TE Policy MAY also be sent by a controller, in lieu of the
originating speaker. The controller sends the SR TE Policy SAFI NLRI
with a Policy Color and an Endpoint identifying the Policy, where:
Previdi, et al. Expires September 19, 2016 [Page 11]
Internet-Draft Segment Routing TE Policies in BGP March 2016
The Policy Color is to be used in order to steer traffic into the
policy in the node receiving the SR TE Policy.
The Endpoint (with the Color) identifies the policy. Endpoint is
used to match the BGP next-hop attribute of the destination prefix
when steering traffic in the node receiving the SR TE Policy.
On reception of an SR TE Policy, a BGP speaker SHOULD instantiate the
SR TE Policy in its routing and forwarding table with the set of
segment lists (i.e.: explicit paths) included in the policy and
taking into account the Binding SID and Weight sub-TLVs.
On the receiving BGP speaker, all destination prefixes that share the
same Extended Color Community value and the same BGP next-hop
attribute are steered to the corresponding SR TE Policy that has been
instantiated and which matches the Color and Endpoint NLRI values.
Similarly, different destination prefixes can be steered into
distinct SR TE Policies by coloring them differently.
3.1. Multipath Operation
The SR TE Policy MAY contain multiple Segment Lists which, in the
absence of the Weight TLV, signifies equal cost load balancing
amongst them.
When a weight sub-TLV is encoded in each Segment List TLV, then the
weight value SHOULD be used in order to perform an unequal cost load
balance amongst the Segment Lists as specified in Section 2.4.2.
3.2. Binding SID TLV
When the optional Binding SID sub-TLV is present, it indicates an
instruction, to the receiving BGP speaker to allocate a Binding SID
for the list of SIDs the Binding sub-TLV is related to.
Any incoming packet with the Binding SID as active segment (according
to the terminology described in [I-D.ietf-spring-segment-routing])
will then have the Binding SID swapped with the list of SIDs
specified in the Segment List sub-TLVs on the allocating BGP speaker.
The allocated Binding SID MAY be then advertised by the BGP speaker
that created it, through, e.g., BGP-LS in order to, typically, feed a
controller with the updated topology and SR TE Policy information.
Previdi, et al. Expires September 19, 2016 [Page 12]
Internet-Draft Segment Routing TE Policies in BGP March 2016
3.3. Reception of an SR TE Policy
When a BGP speaker receives an SR TE Policy from a neighbor it has to
determine if the SR TE Policy advertisement is acceptable. The
following applies:
o The SR TE Policy NLRI MUST have a color value and MAY have an
Endpoint value.
o The Tunnel Encapsulation Attribute MUST be attached to the BGP
Update and MUST have the Tunnel Type set to SR TE Policy (value to
be assigned by IANA).
o Within the SR TE Policy, at least one Segment List sub-TLV MUST be
present.
o Within the Segment List sub-TLV at least one Segment sub-TLV MUST
be present.
o Within Segment sub-TLV it is not required that both SID and NAI
are encoded however, at least one of the two MUST be present.
Any segment (in the segment list sub-TLV) being advertised with an
NAI MUST be validated by the receiver. The validation consists of
resolving the SID using the NAI information, i.e., the receiver does
a lookup in its local table and finds the SID value corresponding to
the NAI information. The type of information carried in the NAI is
related to the settings of the ST bits in the segment sub-TLV and
described in [I-D.ietf-pce-segment-routing].
When a BGP speaker receives an SR TE Policy from a neighbor and
according to [I-D.ietf-pce-segment-routing], the receiver MUST check
the validity of the first SID of each Segment List sub-TLV of the SR
TE Policy. The first SID MUST be known in the receiver local table
either as a label (in the case the SID encodes a label value) or as
an IPv6 address.
When a BGP speaker receives an SR TE Policy from a neighbor with an
acceptable SR TE Policy SAFI NLRI and with the I-flag clear, it
SHOULD compute the segment list and equivalent MPLS label from the
Segment List sub-TLVs and program them in the MPLS data plane.
When a BGP speaker receives an SR TE Policy from a neighbor with an
acceptable SR TE Policy SAFI NLRI and with the I-flag set, it SHOULD
compute the segment list and equivalent IPv6 segment list from the
Segment List sub-TLVs and program them in the IPv6 data plane
according to [I-D.ietf-6man-segment-routing-header].
Previdi, et al. Expires September 19, 2016 [Page 13]
Internet-Draft Segment Routing TE Policies in BGP March 2016
Also, the receiver SHOULD program its MPLS or IPv6 data planes so
that BGP destination prefixes matching their Extended Color Community
and BGP next-hop with the SR TE Policy SAFI NLRI Color and Endpoint
are steered into the SR TE Policy and forwarded accordingly.
When building the MPLS label stack or the IPv6 Segment list from the
Segment List sub-TLV, the receiving BGP speaker MUST interpret the
set of Segment sub-TLVs as follows:
o The first Segment sub-TLV represents the topmost label or the
first IPv6 segment. In the receiving BGP speaker, it identifies
the first segment the traffic will be directed towards to (along
the SR TE explicit path).
o The last Segment sub-TLV represents the bottommost label or the
last IPv6 segment.
3.4. Announcing BGP SR TE Policies
Typically, the value of the SIDs encoded in the Segment sub-TLVs is
determined by configuration/provisioning either in the controller or
in the node originating the SR TE Policy.
A BGP speaker SHOULD follow normal iBGP/eBGP rules to propagate the
SR TE Policy. The Add-Paths capability in the SR TE Policy SAFI NLRI
allows the propagation of each individual policy through one or more
Route Reflectors (RR) without incurring the case where one or more
policies are dropped due to RR selection process.
Since the SR TE Policies are unique within an SR domain and intended
only for the receiver of the SR TE Policy advertisement, a BGP
speaker receiving an SR TE Policy, by default, MUST NOT propagate
such policy unless explicitly configured to do so.
In order to prevent propagation of SR TE Policy advertisement, BGP
filters MAY be deployed in addition to the use of the NO_ADVERTISE
community ([RFC1997]) that MAY be attached to the advertisement.
3.5. Flowspec and SR TE Policies
The SR TE Policy can be carried in context of a Flowspec NLRI
([RFC5575]). In this case, when the redirect to IP nexthop is
specified as in [I-D.ietf-idr-flowspec-redirect-ip], the tunnel to
the nexthop is specified by the segment list in the Segment List sub-
TLVs. The Segment List (e.g..: label stack or IPv6 segment list) is
imposed to flows matching the criteria in the Flowspec route in order
to steer them towards the nexthop as specified in the SR TE Policy
SAFI NLRI.
Previdi, et al. Expires September 19, 2016 [Page 14]
Internet-Draft Segment Routing TE Policies in BGP March 2016
4. Acknowledgments
The authors of this document would like to thank Eric Rosen for his
review of this document.
5. IANA Considerations
This document defines:
o a new SAFI in the registry "Subsequent Address Family Identifiers
(SAFI) Parameters":
Suggested Description Reference
Value
-----------------------------------------------------
73 SR TE Policy SAFI This document
o a new Tunnel-Type in the registry "BGP Tunnel Encapsulation
Attribute Tunnel Types":
Suggested Description Reference
Value
-----------------------------------------------------
14 SR TE Policy Type This document
o new sub-TLVs in the registry "BGP Tunnel Encapsulation Attribute
sub-TLVs":
Suggested Description Reference
Value
-----------------------------------------------------
6 Binding SID sub-TLV This document
7 Weight sub-TLV This document
8 Segment List sub-TLV This document
9 Segment sub-TLV This document
6. Security Considerations
TBD.
7. References
7.1. Normative References
[I-D.ietf-idr-tunnel-encaps]
Rosen, E., Patel, K., and G. Velde, "The BGP Tunnel
Encapsulation Attribute", draft-ietf-idr-tunnel-encaps-01
(work in progress), December 2015.
Previdi, et al. Expires September 19, 2016 [Page 15]
Internet-Draft Segment Routing TE Policies in BGP March 2016
[I-D.ietf-pce-segment-routing]
Sivabalan, S., Medved, J., Filsfils, C., Crabbe, E.,
Lopez, V., Tantsura, J., Henderickx, W., and J. Hardwick,
"PCEP Extensions for Segment Routing", draft-ietf-pce-
segment-routing-06 (work in progress), August 2015.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<http://www.rfc-editor.org/info/rfc2119>.
[RFC3209] Awduche, D., Berger, L., Gan, D., Li, T., Srinivasan, V.,
and G. Swallow, "RSVP-TE: Extensions to RSVP for LSP
Tunnels", RFC 3209, DOI 10.17487/RFC3209, December 2001,
<http://www.rfc-editor.org/info/rfc3209>.
[RFC4271] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A
Border Gateway Protocol 4 (BGP-4)", RFC 4271,
DOI 10.17487/RFC4271, January 2006,
<http://www.rfc-editor.org/info/rfc4271>.
[RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private
Networks (VPNs)", RFC 4364, DOI 10.17487/RFC4364, February
2006, <http://www.rfc-editor.org/info/rfc4364>.
[RFC4760] Bates, T., Chandra, R., Katz, D., and Y. Rekhter,
"Multiprotocol Extensions for BGP-4", RFC 4760,
DOI 10.17487/RFC4760, January 2007,
<http://www.rfc-editor.org/info/rfc4760>.
[RFC5462] Andersson, L. and R. Asati, "Multiprotocol Label Switching
(MPLS) Label Stack Entry: "EXP" Field Renamed to "Traffic
Class" Field", RFC 5462, DOI 10.17487/RFC5462, February
2009, <http://www.rfc-editor.org/info/rfc5462>.
[RFC5512] Mohapatra, P. and E. Rosen, "The BGP Encapsulation
Subsequent Address Family Identifier (SAFI) and the BGP
Tunnel Encapsulation Attribute", RFC 5512,
DOI 10.17487/RFC5512, April 2009,
<http://www.rfc-editor.org/info/rfc5512>.
[RFC5575] Marques, P., Sheth, N., Raszuk, R., Greene, B., Mauch, J.,
and D. McPherson, "Dissemination of Flow Specification
Rules", RFC 5575, DOI 10.17487/RFC5575, August 2009,
<http://www.rfc-editor.org/info/rfc5575>.
Previdi, et al. Expires September 19, 2016 [Page 16]
Internet-Draft Segment Routing TE Policies in BGP March 2016
7.2. Informational References
[I-D.ietf-6man-segment-routing-header]
Previdi, S., Filsfils, C., Field, B., Leung, I., Linkova,
J., Kosugi, T., Vyncke, E., and D. Lebrun, "IPv6 Segment
Routing Header (SRH)", draft-ietf-6man-segment-routing-
header-00 (work in progress), December 2015.
[I-D.ietf-idr-add-paths]
Walton, D., Retana, A., Chen, E., and J. Scudder,
"Advertisement of Multiple Paths in BGP", draft-ietf-idr-
add-paths-13 (work in progress), December 2015.
[I-D.ietf-idr-flowspec-redirect-ip]
Uttaro, J., Haas, J., Texier, M., Andy, A., Ray, S.,
Simpson, A., and W. Henderickx, "BGP Flow-Spec Redirect to
IP Action", draft-ietf-idr-flowspec-redirect-ip-02 (work
in progress), February 2015.
[I-D.ietf-spring-segment-routing]
Filsfils, C., Previdi, S., Decraene, B., Litkowski, S.,
and R. Shakir, "Segment Routing Architecture", draft-ietf-
spring-segment-routing-07 (work in progress), December
2015.
[I-D.ietf-spring-segment-routing-mpls]
Filsfils, C., Previdi, S., Bashandy, A., Decraene, B.,
Litkowski, S., Horneffer, M., Shakir, R., Tantsura, J.,
and E. Crabbe, "Segment Routing with MPLS data plane",
draft-ietf-spring-segment-routing-mpls-03 (work in
progress), February 2016.
[RFC1997] Chandra, R., Traina, P., and T. Li, "BGP Communities
Attribute", RFC 1997, DOI 10.17487/RFC1997, August 1996,
<http://www.rfc-editor.org/info/rfc1997>.
[RFC4456] Bates, T., Chen, E., and R. Chandra, "BGP Route
Reflection: An Alternative to Full Mesh Internal BGP
(IBGP)", RFC 4456, DOI 10.17487/RFC4456, April 2006,
<http://www.rfc-editor.org/info/rfc4456>.
Authors' Addresses
Previdi, et al. Expires September 19, 2016 [Page 17]
Internet-Draft Segment Routing TE Policies in BGP March 2016
Stefano Previdi (editor)
Cisco Systems, Inc.
Via Del Serafico, 200
Rome 00142
Italy
Email: sprevidi@cisco.com
Clarence Filsfils
Cisco Systems, Inc.
Brussels
BE
Email: cfilsfil@cisco.com
Arjun Sreekantiah
Cisco Systems, Inc.
170 W. Tasman Drive
San Jose, CA 95134
USA
Email: asreekan@cisco.com
Siva Sivabalan
Cisco Systems, Inc.
170 W. Tasman Drive
San Jose, CA 95134
USA
Email: msiva@cisco.com
Paul Mattes
Microsoft
One Microsoft Way
Redmond, WA 98052
USA
Email: pamattes@microsoft.com
Previdi, et al. Expires September 19, 2016 [Page 18]