Internet-Draft | SR Binding Protection | February 2024 |
Chen, et al. | Expires 4 August 2024 | [Page] |
- Workgroup:
- Network Working Group
- Internet-Draft:
- draft-chen-spring-sr-bind-protect-arch-01
- Published:
- Intended Status:
- Standards Track
- Expires:
SR Path Binding Protection Architecture
Abstract
This document describes a architecture of fast re-route protection for binding SIDs on SR paths including SRv6 paths and SR-MPLS paths. The SR paths are in a single domain or cross two domains. The two domains are administrated by one provider or two different providers.¶
Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
Status of This Memo
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 4 August 2024.¶
Copyright Notice
Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
1. Introduction
[I-D.ietf-rtgwg-segment-routing-ti-lfa] describes a segment routing (SR) fast re-route (FRR) mechanism that provides FRR protection for a node SID and adjacency SID of a node on an SR path by the direct neighbor or say point of local repair (PLR) to the failure. [I-D.hu-spring-segment-routing-proxy-forwarding] proposes a mechanism that provides FRR protection for a binding SID of a transit node on a SR path within a single domain.¶
This document describes a architecture of fast re-route protection for binding SIDs on SR paths including SRv6 paths and SR-MPLS paths. The SR paths are in a single domain or cross two domains. The two domains are administrated by one provider or two different providers.¶
2. Example SR Path Binding Protections
This section illustrates the FRR protection for binding SIDs of nodes on SR paths through examples. It shows the procedure on every node on two SR paths without any failure in three cases below:¶
-
Single Domain.¶
-
One Administrative Domain (OAD): One provider Administrates two Domains.¶
-
Two Administrative Domains (TAD): Two differnt providers Administrate two Domains.¶
In addition, when the node with binding SIDs fails, the procedure on each of the related node is illustrated in different cases for two different time periods.¶
2.1. Example Single Domain Network with SR Paths
Figure 1 shows an example single domain network with two SR paths. It is used to explain the mechanism of SR path binding protection in single domain.¶
The cost of each link is 1 by default, except for the cost of the link between P3 and B2 is 2 indicated by number 2 on the link. SR path 1 uses node SIDs. A Binding SID (BSID) of node B1, named BSID-B1, is associated with SID-list 1 {SID-Q1, SID-Q3, SID-C}. The path segment from node A to node B1 is represented by SID-P1 and SID-B1. The path segment from node B1 to node C is represented by BSID-B1 and SID-list 1 with which BSID-B1 is associated.¶
SR path 2 uses adjacency SIDs. Another Binding SID of B1, named BSID2-B1, is associated with SID-list 3 {SID-B1-Q1, SID-Q3, SID-C}. Note: BSID2-B1 is different from BSID-B1. The first SID in SID-list 3 is the adjacency SID of the adjacency from B1 to Q1. The path segment from node A to node B1 is represented by SID-A-P1, SID-P1-P3 and SID-P3-B1. The path segment from node B1 to node C is represented by BSID2-B1 and SID-list 3 with which BSID2-B1 is associated.¶
2.2. Example Two Domain Network with SR Paths
Figure 2 shows an example two domain network with two SR paths. It is used to explain the mechanism of SR path across domains binding protection.¶
The cost of each link is 1 by default, except for the cost of the link between P3 and B2 is 2 indicated by number 2 on the link. SR path 1 crosses two domains (Domain 1 and Domain 2) and uses node SIDs. A Binding SID of border node B3, named BSID-B3, is associated with SID-list 1. The path segment from node A to node B3 is represented by SID-P1, SID-B1 and SID-B3. The path segment from node B3 to node C is represented by BSID-B3 and SID-list 1 with which BSID-B3 is associated.¶
For BSID-B3 associated with SID-list 1 on border node B3 along SR path 1, there is an alternate border node B4 corresponding to B3.¶
SR path 2 crosses two domains (Domain 1 and Domain 2) and uses adjacency SIDs. Another Binding SID of border node B3, named BSID2-B3, is associated with SID-list 3. Note: BSID2-B3 is different from BSID-B3. The first SID in SID-list 3 is the adjacency SID of the adjacency from B3 to Q3. The path segment from node A to node B3 is represented by SID-A-P1, SID-P1-P3, SID-P3-B1 and SID-B1-B3. The path segment from node B3 to node C is represented by BSID2-B3 and SID-list 3 with which BSID2-B3 is associated.¶
For BSID2-B3 associated with SID-list 3 on B3 for SR path 2, there is an alternate border node B4 corresponding to B3.¶
2.3. Binding Protection Information Distribution
This section describes the binding protection information distribution for three cases: Single Domain, OAD and TAD.¶
2.3.1. Single Domain
One piece of information, which represents a backup path for the failure of node B1 with a BSID, is distributed.¶
For SR path 1, this one piece is BSID-B1, SID-list 5 and ID-B1 (i.e., Identifier (ID) of B1). SID-list 5 contains the SIDs for the backup path, which includes SID-B2 and SIDs for the path segment corresponding to SID-list 1 with which BSID-B1 is associated on B1. SID-list 5 is SID-B2 prepending SID-list 1 since the first SID in SID-list 1 is a node SID. SID-list 5 is {SID-B2, SID-Q1, SID-Q3, SID-C}.¶
This one piece (i.e., BSID-B1, SID-list 5 and ID-B1) is sent to the upstream neighbor (i.e., P3 on SR path 1) of B1. It is also sent to the closest upstream endpoint node (i.e., P1 on SR path 1) of B1 since B1 is a loose hop on SR path 1, which is indicated by node SID of B1 (i.e., SID-B1) on SR path 1.¶
For SR path 2, this one piece is BSID2-B1, SID-list 6 and ID-B1 (i.e., Identifier (ID) of B1). SID-list 6 contains the SIDs for the backup path, which includes SID-B2 and SIDs for the path segment corresponding to SID-list 3 with which BSID2-B1 is associated on B1. The first SID in SID-list 3 is the adjacency SID of the adjacency from B1 to Q1. SID-B2, SID-Q1 (the node SID of the remote node of the adjacency SID-B1-Q1), and the other SIDs in SID-list 3 constitutes SID-list 6, which is {SID-B2, SID-Q1, SID-Q3, SID-C}.¶
This one piece (i.e., BSID2-B1, SID-list 6 and ID-B1) is sent to the upstream neighbor (i.e., P3 on SR path 2) of B1. It is not sent to any other upstream node since B1 is not a loose hop on SR path 2.¶
2.3.2. One Administrative Domain
When domain 1 and domain 2 are administrated by one provider, one piece of information is distributed. This one piece of information represents a backup path for the failure of border node B3.¶
For SR path 1, this one piece is BSID-B3, SID-list 5 and ID-B3 (i.e., Identifier (ID) of B3). SID-list 5 represents a backup path for the failure of B3. It contains the SIDs for the path segment to border node B4 and the path segment corresponding to SID-list 1 with which BSID-B3 is associated on B3. SID-list 5 is SID-B4 prepending SID-list 1 since the first SID in SID-list 1 is a node SID. It is {SID-B4, SID-Q3, SID-C}.¶
This one piece (i.e., BSID-B3, SID-list 5 and ID-B3) is sent to the upstream neighbor (i.e., B1 on SR path 1) of B3. The closest upstream endpoint node of B3 is B1 on SR path 1. The piece is not sent to B1 again.¶
For SR path 2, this one piece is BSID2-B3, SID-list 6 and ID-B3 (i.e., Identifier (ID) of B3). SID-list 6 represents a backup path for the failure of B3. It contains the SIDs for the path segment to border node B4 and the path segment corresponding to SID-list 3 with which BSID2-B3 is associated on B3. The first SID in SID-list 3 is the adjacency SID of the adjacency from B3 to Q3. SID-B4, SID-Q3 (the node SID of the remote node of the adjacency SID-B3-Q3), and the other SIDs in SID-list 3 constitutes SID-list 6, which is {SID-B4, SID-Q3, SID-C}.¶
This one piece (i.e., BSID2-B3, SID-list 6 and ID-B3) is sent to the upstream neighbor (i.e., B1 on SR path 2) of B3.¶
2.3.3. Two Administrative Domains
When domain 1 and domain 2 are administrated by two different providers, the SIDs in domain 2 can not be distributed to any node in domain 1 except for the SIDs of border nodes such as B3 and B4 in domain 2. Thus SID-list 1 associated with BSID-B3 in SR path 1, which contains the SIDs in domain 2, can not be distributed to any node in domain 1. In this case, two pieces of information are distributed. These two pieces of information represent a backup path for the failure of border node B3 on SR path 1.¶
One piece is a binding SID of border node B4 (BSID-B4) associated with SID-list 2 corresponding to SID-list 1 with which BSID-B2 in SR path 1 is associated. SID-list 2 is SID-list 1 since the first SID in SID-list 1 is a node SID. This one piece (i.e., BSID-B4 and SID-list 2) is sent to alternate border node B4 corresponding to B3.¶
The other piece is BSID-B3, SID list 7 and ID-B3 (i.e., Identifier (ID) of B3). This other piece (i.e., BSID-B3, SID list 7 and ID-B3) is sent to the upstream neighbor (e.g., B1 on SR path 1) of B3. In addition, it is sent to the closest upstream endpoint node (e.g., B1 on SR path 1) of B3 if B3 is a loose hop and the endpoint node is not neighbor of B3.¶
BSID2-B3 in SR path 2 is associated with SID-list 3 {SID-B1-Q3, SID-C}. The two pieces of information representing a backup path for the failure of border node B3 on SR path 2 are as follows.¶
One piece is another binding SID of border node B4 (BSID2-B4) associated with SID-list 4 corresponding to SID-list 3. The first SID in SID-list 3 is the adjacency SID of the adjacency from B3 to Q3. The node SID of the remote node of the adjacency (SID-Q3) and the other SIDs in SID-list 3 constitutes SID-list 4, which is {SID-Q3, SID-C}. This one piece (i.e., BSID2-B4 and SID-list 4) is sent to alternate border node B4 corresponding to B3.¶
The other piece is BSID2-B3, SID-list 8 and ID-B3 (i.e., Identifier (ID) of B3). This piece (i.e., BSID2-B3, SID-list 8 and ID-B3) is sent to the upstream neighbor (e.g., B1 on SR path 2) of B3. Since B3 is not a loose hop on SR path 2, this other piece is not sent to any other upstream node of B3 on SR path 2.¶
2.4. Without Any Failure
This section illustrates the procedure and the result of the procedure on every node on each of SR path 1 using node SIDs and SR path 2 using adjacency SIDs. Note: the path itself does not need to make up of all of the same type of SIDs, but rather the difference in behavior is on the point of repair if the top SID before the BSID is node SID or adjacency SID. The SID type preceding the SID before the BSID in the path is not relevant.¶
2.4.1. Single Domain
2.4.1.1. SR Path using Node SIDs
Figure 3 shows the result of the procedure on every node on SR path 1 in single domain using node SIDs without any failure.¶
The procedure on each node is below:¶
-
Node A as ingress of SR path 1 adds SID-P1, SID-B1 and BSID-B1 (binding SID (BSID) of B1) into a packet (Pkt) received from CE1 and sends the packet with the SIDs to node P1. The packet sent to P1 is represented by "1. {SID-P1, SID-B1, BSID-B1}Pkt".¶
-
Node P1 pops its SID-P1 from the packet received, sends the packet with top SID (SID-B1) to P3 along the IGP shortest path to B1 according to its FIB entry for SID-B1. The packet sent to P3 is represented by "2. {SID-B1, BSID-B1}Pkt".¶
-
Node P3 sends the packet with top SID (SID-B1) to B1 along the IGP shortest path to B1. The packet sent to B1 is represented by "3. {SID-B1, BSID-B1}Pkt".¶
-
Node B1 pops its SID-B1 from the packet received, replaces its BSID-B1 with SID-list 1, and sends the packet to Q1 according to the top SID (SID-Q1) in the packet. The packet sent to Q1 is represented by "4. {SID-Q1, SID-Q3, SID-C}Pkt".¶
-
Node Q1 pops its SID-Q1 from the packet received, and sends the packet to node Q3 according to the top SID SID-Q3 in the packet. The packet sent to Q3 is represented by "5. {SID-Q3, SID-C}Pkt".¶
-
Node Q3 pops its SID-Q3 from the packet received, and sends the packet to node C according to the top SID SID-C in the packet. The packet sent to C is represented by "6. {SID-C}Pkt".¶
-
Node C pops its SID-C and gets the packet without any SIDs, which is represented by "7. Pkt".¶
2.4.1.2. SR Path using Adjacency SIDs
Figure 4 shows the result of the procedure on every node on SR path 2 in single domain using adjacency SIDs without any failure.¶
The procedure on each node is below:¶
-
Node A as ingress of SR path 2 adds SID-P1-P3, SID-P3-B1 and BSID2-B1 into a packet (Pkt) received from CE1 and sends the packet with the SIDs to node P1. The packet sent to P1 is represented by "1. {SID-P1-P3, SID-P3-B1, BSID2-B1}Pkt".¶
-
Node P1 pops its SID-P1-P3 from the packet received, sends the packet to P3. The packet sent to P3 is represented by "2. {SID-P3-B1, BSID2-B1}Pkt".¶
-
Node P3 pops its SID-P3-B1 from the packet received, sends the packet to B1. The packet sent to B1 is represented by "3. {BSID2-B1}Pkt".¶
-
Node B1 replaces its BSID2-B1 with SID-list 3, pops its SID-B1-Q1, and sends the packet to Q1. The packet sent to Q1 is represented by "4. {SID-Q3, SID-C}Pkt".¶
-
Node Q1 sends the packet to node Q3 according to the top SID SID-Q3 in the packet. The packet sent to Q3 is represented by "5. {SID-Q3, SID-C}Pkt".¶
-
Node Q3 pops its SID-Q3 from the packet received, and sends the packet to node C according to the top SID SID-C in the packet. The packet sent to C is represented by "6. {SID-C}Pkt".¶
-
Node C pops its SID-C and gets the packet without any SIDs, which is represented by "7. Pkt".¶
2.4.2. Two Domains
2.4.2.1. SR Path using Node SIDs
Figure 5 shows the result of the procedure on every node on SR path 1 across two domains using node SIDs without any failure.¶
The procedure on each node is below:¶
-
Node A as ingress of SR path 1 adds SID-P1, SID-B1, SID-B3 and BSID-B3 (binding SID (BSID) of B3) into a packet (Pkt) received from CE1 and sends the packet with the SIDs to node P1. The packet sent to P1 is represented by "1. {SID-P1, SID-B1, SID-B3, BSID-B3}Pkt".¶
-
Node P1 pops its SID-P1 from the packet received, sends the packet with top SID (SID-B1) to P3 along the IGP shortest path to B1 according to its FIB entry for SID-B1. The packet sent to P3 is represented by "2. {SID-B1, SID-B3, BSID-B3}Pkt".¶
-
Node P3 sends the packet with top SID (SID-B1) to B1 along the IGP shortest path to B1. The packet sent to B1 is represented by "3. {SID-B1, SID-B3, BSID-B3}Pkt".¶
-
Node B1 pops its SID-B1 from the packet received and sends the packet with top SID (SID-B3) to B3 along the routing path to B3. The packet sent to B3 is represented by "4. {SID-B3, BSID-B3}Pkt".¶
-
Node B3 pops its SID-B3 from the packet received, replaces its BSID-B3 with SID-list 1, and sends the packet to Q3 according to the top SID (SID-Q3) in the packet. The packet sent to Q3 is represented by "5. {SID-Q3, SID-C}Pkt".¶
-
Node Q3 pops its SID-Q3 from the packet received, and sends the packet to node C according to the top SID SID-C in the packet. The packet sent to C is represented by "6. {SID-C}Pkt".¶
-
Node C pops its SID-C and gets the packet without any SIDs, which is represented by "7. Pkt".¶
2.4.2.2. SR Path using Adjacency SIDs
Figure 6 shows the result of the procedure on every node on SR path 2 across two domains using adjacency SIDs without any failure.¶
The procedure on each node is below:¶
-
Node A as ingress of SR path 2 adds SID-P1-P3, SID-P3-B1, SID-B1-B3 and BSID2-B3 into a packet (Pkt) received from CE1 and sends the packet with the SIDs to node P1. The packet sent to P1 is represented by "1. {SID-P1-P3, SID-P3-B1, SID-B1-B3, BSID2-B3}Pkt".¶
-
Node P1 pops its SID-P1-P3 from the packet received, sends the packet to P3. The packet sent to P3 is represented by "2. {SID-P3-B1, SID-B1-B3, BSID2-B3}Pkt".¶
-
Node P3 pops its SID-P3-B1 from the packet received, sends the packet to B1. The packet sent to B1 is represented by "3. {SID-B1-B3, BSID2-B3}Pkt".¶
-
Node B1 pops its SID-B1-B3 from the packet received, sends the packet to B3. The packet sent to B3 is represented by "4. {BSID2-B3}Pkt".¶
-
Node B3 replaces its BSID2-B3 with SID-list 3, pops its SID-B1-Q3, and sends the packet to Q3. The packet sent to Q3 is represented by "5. {SID-C}Pkt".¶
-
Node sends the packet to node C according to the top SID SID-C in the packet. The packet sent to C is represented by "6. {SID-C}Pkt".¶
-
Node C pops its SID-C and gets the packet without any SIDs, which is represented by "7. Pkt".¶
2.5. Failure of Node in Single Domain
This section illustrates the procedure and the result of the procedure on each of the related nodes on SR path 1 using node SIDs and SR path 2 using adjacency SIDs after node B1 with BSIDs in single domain failed.¶
2.5.1. SR Path using Node SIDs
This section illustrates the procedure and the result of the procedure on each of the related nodes on SR path 1 using node SIDs after node B1 with BSID-B1 failed.¶
2.5.1.1. Before IGP Converges on Failure
Figure 7 shows the result of executing procedure on each of the related nodes on SR path 1 when node B1 failed and before the IGP converges on the failure.¶
The procedure and the result of the procedure on each of nodes A, P1, Q1, Q3 and C are the same as those described in Section 2.4.1.1. The procedure and the result of the procedure on each of nodes P3 (neighbor of B1) and B2 are as follows.¶
- 3.
- Neighbor P3 pops SID-B1 from the packet received, replaces BSID-B1 in the packet with SID-list 5 according to its FIB entry for BSID-B1 of node B1 with ID-B1, and sends the packet to B2 according to the top SID (i.e., SID-B2) in the packet without going through failed B1 using TI-LFA. The packet sent to B2 is represented by "3. {SID-B2, SID-Q1, SID-Q3, SID-C}Pkt".¶
- 4.
- Node B2 pops its SID (i.e., SID-B2) from the packet received, and sends the packet to Q1 according to the top SID (SID-Q1) in the packet. The packet sent to Q1 is represented by "4. {SID-Q1, SID-Q3, SID-C}Pkt".¶
2.5.1.2. After IGP Converges on Failure
Figure 8 shows the result of executing procedure on each of the related nodes on SR path 1 when node B1 failed and after the IGP converges on the failure.¶
The procedure and the result of the procedure on each of nodes A, B2, Q1, Q3 and C are the same as those described in Section 2.5.1.1. The procedure and the result of the procedure on each of nodes P1 and P4 are as follows.¶
- 2.
- Since upstream (or previous hop) node P1 of B1 along SR path 1 does not have a FIB entry for SID-B1 as top SID of the packet, node P1 pops SID-B1 from the packet, replaces BSID-B1 with SID-list 5 in the packet according to its FIB entry for BSID-B1 of node B1 with ID-B1, and sends the packet to P4 according to the top SID (SID-B2) in the packet along the IGP shortest path to B2. The packet sent to P4 is represented by "2. {SID-B2, SID-Q1, SID-Q3, SID-C}Pkt".¶
- 3.
- Node P4 sends the packet to B2 according to the top SID (SID-B2) in the packet received along the IGP shortest path. The packet sent to B2 is represented by "3. {SID-B2, SID-Q1, SID-Q3, SID-C}Pkt".¶
2.5.2. SR Path using Adjacency SIDs
This section illustrates the procedure and the result of the procedure on each of the related nodes on SR path 2 using adjacency SIDs after node B1 with BSID2-B1 failed.¶
2.5.2.1. Before IGP Converges on Failure
Figure 9 shows the result of executing procedure on each of the related nodes on SR path 2 when node B1 failed and before the IGP converges on the failure.¶
The procedure and the result of the procedure on each of nodes A, P1, Q1, Q3 and C are the same as those described in Section 2.4.1.2. The procedure and the result of the procedure on each of nodes P3 (neighbor of B1) and B2 are as follows.¶
- 3.
- Neighbor P3 pops its SID-P3-B1, replaces BSID2-B1 in the packet with SID-list 6 according to its FIB entry for BSID2-B1 of node B1 with ID-B1, and sends the packet to B2 according to the top SID (i.e., SID-B2) in the packet without going through failed B1 using TI-LFA. The packet sent to B2 is represented by "3. {SID-B2, SID-Q1, SID-Q3, SID-C}Pkt".¶
- 4.
- Node B2 pops its SID-B2 from the packet received, and sends the packet to Q1 according to the top SID (SID-Q1) in the packet. The packet sent to Q1 is represented by "4. {SID-Q1, SID-Q3, SID-C}Pkt".¶
2.5.2.2. After IGP Converges on Failure
The result of the procedure on each of the related nodes on SR path 2 using adjacency SIDs when node B1 failed and after the IGP converges on the failure is the same as the one described in Section 2.5.2.1.¶
The procedure on node P3 is different from the one on P3 in Section 2.5.2.1, which is as follows.¶
- 3.
- Node P3 sends the packet to B2 along the IGP shortest path according to the top SID (SID-B2) in the packet received. The packet sent to B2 is represented by "3. {SID-B2, SID-Q1, SID-Q3, SID-C}Pkt".¶
2.6. Failure of Border in One Administrative Domain
This section illustrates the procedure and the result of the procedure on each of the related nodes on SR path 1 and SR path 2 across two domains after border node B3 failed, where the two domains are owned by one provider.¶
2.6.1. SR Path using Node SIDs
This section illustrates the procedure and the result of the procedure on each of the related nodes on SR path 1 across two domains using node SIDs after border node B3 failed.¶
2.6.1.1. Before Convergence on Failure
Figure 10 shows the result of executing procedure on each of the related nodes on SR path 1 when border node B3 failed and before the routing convergence on the failure.¶
The procedure and the result of the procedure on each of nodes A, P1, P3, Q3 and C are the same as those described in Section 2.4.2.1. The procedure and the result of the procedure on each of nodes B1 (neighbor of B3) and B4 (alternate border node) are as follows.¶
- 4.
- Neighbor B1 pops SID-B3 from the packet received, replaces BSID-B3 in the packet with SID-list 5 according to its FIB entry for BSID-B3 of node B3 with ID-B3, and sends the packet to B4 according to the top SID (i.e., SID-B4) in the packet without going through failed B3 using TI-LFA. The packet sent to B4 is represented by "4. {SID-B4, SID-Q3, SID-C}Pkt".¶
- 5.
- Border node B4 pops its SID (i.e., SID-B4) from the packet received, and sends the packet to Q3 according to the top SID (SID-Q3) in the packet. The packet sent to Q3 is represented by "5. {SID-Q3, SID-C}Pkt".¶
2.6.1.2. After Convergence on Failure
The procedure and the result of the procedure on each node of SR path 1 are the same as those described in Section 2.6.1.1 except for the procedure on node B1 as follows.¶
- 4.
- Neighbor B1 pops SID-B3 from the packet received, replaces BSID-B3 in the packet with SID-list 5 according to its FIB entry for BSID-B3 of node B3 with ID-B3, and sends the packet to B4 according to the top SID (i.e., SID-B4) in the packet. The packet sent to B4 is represented by "4. {SID-B4, SID-Q3, SID-C}Pkt".¶
2.6.2. SR Path using Adjacency SIDs
This section illustrates the procedure and the result of the procedure on each of the related nodes on SR path 2 across two domains using adjacency SIDs after border node B3 failed.¶
2.6.2.1. Before Convergence on Failure
Figure 11 shows the result of executing procedure on each of the related nodes on SR path 2 when border node B3 failed and before the convergence on the failure.¶
The procedure and the result of the procedure on each of nodes A, P1, P3, Q3 and C are the same as those described in Section 2.4.2.2. The procedure and the result of the procedure on each of nodes B1 (neighbor of B3) and B4 (alternate border node) are as follows.¶
- 4.
- Neighbor B1 pops its SID-B1-B3, replaces BSID2-B3 in the packet with SID-list 6 according to its FIB entry for BSID2-B3 of node B3 with ID-B3, and sends the packet to B4 according to the top SID (i.e., SID-B4) in the packet without going through failed B3 using TI-LFA. The packet sent to B4 is represented by "4. {SID-B4, SID-Q3, SID-C}Pkt".¶
- 4.
- Border node B4 pops its SID-B4 from the packet received, and sends the packet to Q3 according to the top SID (SID-Q3) in the packet. The packet sent to Q3 is represented by "5. {SID-Q3, SID-C}Pkt".¶
2.6.2.2. After Convergence on Failure
The result of the procedure on each of the related nodes on SR path 2 using adjacency SIDs when border node B3 failed and after the convergence on the failure is the same as the one described in Section 2.6.2.1.¶
The procedure on node B1 is different from the one on B1 in Section 2.6.2.1, which is as follows.¶
- 4.
- Node B1 sends the packet to B4 along the normal routing path to B4 according to the top SID (SID-B4) in the packet received. The packet sent to B4 is represented by "4. {SID-B4, SID-Q3, SID-C}Pkt".¶
2.7. Failure of Border in Two Administrative Domains
This section illustrates the procedure and result of procedure on each of the related nodes on SR path 1 and SR path 2 across two domains after border node B3 failed, where two domains are administrated by two different providers.¶
2.7.1. SR Path using Node SIDs
2.7.1.1. Before Convergence on Failure
Figure 12 shows the result of executing procedure on each of the related nodes on SR path 1 using node SIDs when border node B3 failed and before the convergence on the failure.¶
The procedure and the result of the procedure on each of nodes A, P1, P3, Q3 and C are the same as those described in Section 2.4.2.1. The procedure and the result of the procedure on each of nodes B1 (neighbor of B3) and B4 (alternate border) are described below.¶
- 4.
- Neighbor B1 pops SID-B3 from the packet received, replaces BSID-B3 in the packet with SID-list 7 according to its FIB entry for BSID-B3 of node B3 with ID-B3, and sends the packet to B4 according to the top SID (i.e., SID-B4) in the packet without going through failed B3 using TI-LFA. The packet sent to B4 is represented by "4. {SID-B4, BSID-B4}Pkt".¶
- 5.
- Border node B4 pops its SID-B4 from the packet received, replaces BSID-B4 with SID-list 2 according to its FIB entry for BSID-B4, and sends the packet to Q3 according to the top SID (SID-Q3) in the packet. The packet sent to Q3 is represented by "5. {SID-Q3, SID-C}Pkt".¶
2.7.1.2. After Convergence on Failure
The procedure and the result of the procedure on each node are the same as those described in Section 2.7.1.1 except for the procedure on node B1 described below.¶
- 4.
- Since upstream node B1 of B3 along SR path 1 does not have a FIB entry for SID-B3 as top SID of the packet, node B1 pops SID-B3 from the packet, replaces BSID-B3 with SID-list 7 in the packet according to its FIB entry for BSID-B3 of node B3 with ID-B3, and sends the packet to B4 according to the top SID (SID-B4) in the packet. The packet sent to P4 is represented by "4. {SID-B4, BSID-B4}Pkt".¶
2.7.2. SR Path using Adjacency SIDs
2.7.2.1. Before Convergence on Failure
Figure 13 shows the result of executing procedure on each of the related nodes on SR path 2 using adjacency SIDs when border node B3 failed and before the convergence on the failure.¶
The procedure and the result of the procedure on each of nodes A, P1, P3, Q3 and C are the same as those described in Section 2.4.2.2. The procedure and the result of the procedure on each of nodes B1 (neighbor of B3) and B4 (alternate border) are as follows.¶
- 4.
- Neighbor B1 replaces BSID2-B3 in the packet received with SID-list 8 according to its FIB entry for BSID2-B3 of node B3 with ID-B3, and sends the packet to B4 according to the top SID (i.e., SID-B4) in the packet without going through failed B3 using TI-LFA. The packet sent to B4 is represented by "4. {SID-B4, BSID2-B4}Pkt".¶
- 5.
- Border node B4 pops its SID-B4 from the packet received, replaces BSID2-B4 with SID-list 4 according to its FIB entry for BSID2-B4, and sends the packet to Q3 according to the top SID (SID-Q3) in the packet. The packet sent to Q3 is represented by "5. {SID-Q3, SID-C}Pkt".¶
2.7.2.2. After Convergence on Failure
The procedure and result of executing procedure on each of the related nodes on SR path 2 when border node B3 failed and after the convergence on the failure are the same as those described in Section 2.7.2.1.¶
The procedure on node B1 is different from the one on B1 in Section 2.7.2.1, which is as follows.¶
- 4.
- Since upstream (neighbor) node B1 of B3 along SR path 2 does not have a FIB entry for SID-B1-B3 as top SID of the packet, node B1 replaces BSID2-B3 with SID-list 8 in the packet according to its FIB entry for BSID2-B3 of node B3 with ID-B3, and sends the packet to B4 according to the top SID (SID-B4) in the packet. The packet sent to B4 is represented by "4. {SID-B4, BSID2-B4}Pkt".¶
3. Procedures
3.1. on Neighbor of Node with Binding SID
When there is no failure, neighbor N of node B with binding SID on an SR path sends the packet to B. When neighbor N detects the failure of B, N pops top SID (SID-B or SID-N-B) from the packet, and does the following steps:¶
- 1.
- If the current top SID in the packet is a Binding SID of B (BSID-B), replaces BSID-B in the packet with a SID list and sends the packet toward the top SID of the packet without going through B. The SID list represents a backup path segment for the failure of B.¶
- 2.
- Otherwise (i.e., the current top SID in the packet is an adjacency SID of the node or a node SID of next hop), executes the corresponding action for the SID from [I-D.ietf-rtgwg-segment-routing-ti-lfa].¶
3.2. on Upstream Node of Node with Binding SID
A upstream node of node B with binding SID on an SR path pops the top SID from the packet received if the top SID is a SID of the upstream node.¶
When there is no failure or B on an SR path failed and before the convergence on the failure of B, the upstream node sends the packet according to its FIB entry for the top SID in the packet.¶
After B failed and the convergence on the failure of B, the upstream node pops the node SID of B (SID-B) from the packet and does the following steps:¶
- 1.
- If the current top SID in the packet is a Binding SID of B (BSID-B), then executes the action indicated by the FIB entry for BSID-B of node B. The action is to replace BSID-B in the packet with a SID list and send the packet according to the current top SID in the packet. The SID list represents a backup path segment for the failure of B.¶
- 2.
- Otherwise (i.e., the current top SID in the packet is an adjacency SID of the node or a node SID of next hop), executes the corresponding action for the SID from [I-D.ietf-rtgwg-segment-routing-ti-lfa].¶
3.3. Integrated Procedure
A procedure running on a node that forwards the packet to be transported by an SR path in different cases is called an integrated procedure. The node is a border node or an internal node. The cases include normal case without any failure, a border or internal node failure.¶
Suppose that Packet = the packet received by node X. an integrated procedure running on node X is described in Pseudo code as shown in Figure 14.¶
4. Protocol Extensions
This section describes the semantic of protocol extensions for distributing binding protection information for a node with a BSID in three cases: Single Domain, OAD and TAD.¶
For a Binding SID (BSID-B) of a node (e.g., transit node B1 in Figure 1 or border node B3 in Figure 2) on a SR path, suppose that the following information is sent to (or received from) the node:¶
- 1.
- BSID-B, and¶
- 2.
- A list of SIDs (named SID-list a) associated with BSID-B, where the SIDs are in the downstream domain.¶
For Single Domain, one piece of information is distributed. This one piece is BSID-B, a new SID list (named SID-list c) and ID-B (Identifier of the node). SID-list c represents a backup path for the failure of the node on the SR path. It contains the SIDs for the path segment corresponding to SID-list a.¶
This one piece (i.e., BSID-B, SID-list c and ID-B) is sent to the upstream neighbor of the node on the SR path. It is also sent to the closest upstream endpoint node (e.g., P1 on SR path 1 in Figure 1) of the node if the node is a loose hop on the SR path, which is indicated by node SID of the node (e.g., SID-B1) on the SR path. The node SID is used to reach the node (e.g., B1).¶
For OAD, one piece of information is distributed. This one piece is BSID-B, a new SID list (named SID-list c) and ID-B. SID-list c represents a backup path for the failure of the border node on the SR path. It contains the SIDs for the path segment to the alternate border node and the path segment corresponding to SID-list a. This piece is distributed in the same way as the one for Single Domain.¶
For TAD, two pieces of information are distributed.¶
- Piece 1.
- BSID-aB, which is a Binding SID of an alternate border node (e.g., B4 in Figure 2), and a list of SIDs (named SID-list b) corresponding to SID-list a. SID-list b is SID-list a when the first SID in SID-list a is a node SID. when the first SID in SID-list a is an adjacency SID of an adjacency, the node SID of the remote node of the adjacency and the other SIDs in SID-list a constitutes SID-list b.¶
- Piece 2.
- BSID-B, SID-list d {SID-aB, BSID-aB} and ID-B; where SID-aB is a node SID of the alternate border node, and ID-B is an Identifier (ID) of the border node.¶
These two pieces of information represent a backup path for the failure of the border node on the SR path.¶
Piece 1 (i.e., BSID-aB and SID-list b) is sent to the alternate border node. Piece 2 (i.e., BSID-B, SID-list d and ID-B) is distributed in the same way as the one for OAD.¶
In one option, the TE router ID of a node is used as the ID of the node.¶
When a protocol (such as PCE or BGP running on a controller) supports sending a binding (i.e., a BSID and a SID list) on a node, we may extend this protocol to distribute the binding protection information (refer to [I-D.chen-pce-mbinding] and [I-D.chen-idr-mbinding]). Alternatively, we may extend YANG and IGP to distribute the binding protection information.¶
Note: how to distribute binding protection information via which protocol is out of the scope of this document.¶
6. Acknowledgements
The authors would like to thank Andrew Stone for his comments to this work.¶
7. References
7.1. Normative References
- [RFC2119]
- Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, , <https://www.rfc-editor.org/info/rfc2119>.
- [RFC7356]
- Ginsberg, L., Previdi, S., and Y. Yang, "IS-IS Flooding Scope Link State PDUs (LSPs)", RFC 7356, DOI 10.17487/RFC7356, , <https://www.rfc-editor.org/info/rfc7356>.
- [RFC8174]
- Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, , <https://www.rfc-editor.org/info/rfc8174>.
- [RFC8402]
- Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L., Decraene, B., Litkowski, S., and R. Shakir, "Segment Routing Architecture", RFC 8402, DOI 10.17487/RFC8402, , <https://www.rfc-editor.org/info/rfc8402>.
- [RFC8667]
- Previdi, S., Ed., Ginsberg, L., Ed., Filsfils, C., Bashandy, A., Gredler, H., and B. Decraene, "IS-IS Extensions for Segment Routing", RFC 8667, DOI 10.17487/RFC8667, , <https://www.rfc-editor.org/info/rfc8667>.
7.2. Informative References
- [I-D.chen-idr-mbinding]
- Chen, H., Decraene, B., Mishra, G. S., Fan, Y., Wang, A., and X. Liu, "BGP for Mirror Binding", Work in Progress, Internet-Draft, draft-chen-idr-mbinding-03, , <https://datatracker.ietf.org/doc/html/draft-chen-idr-mbinding-03>.
- [I-D.chen-pce-mbinding]
- Chen, H., Decraene, B., Mishra, G. S., Wang, A., Liu, X., and L. Liu, "PCE for Mirror Binding", Work in Progress, Internet-Draft, draft-chen-pce-mbinding-02, , <https://datatracker.ietf.org/doc/html/draft-chen-pce-mbinding-02>.
- [I-D.hu-spring-segment-routing-proxy-forwarding]
- Hu, Z., Chen, H., Yao, J., Bowers, C., Zhu, Y., and Y. Liu, "SR-TE Path Midpoint Restoration", Work in Progress, Internet-Draft, draft-hu-spring-segment-routing-proxy-forwarding-24, , <https://datatracker.ietf.org/doc/html/draft-hu-spring-segment-routing-proxy-forwarding-24>.
- [I-D.ietf-rtgwg-segment-routing-ti-lfa]
- Bashandy, A., Litkowski, S., Filsfils, C., Francois, P., Decraene, B., and D. Voyer, "Topology Independent Fast Reroute using Segment Routing", Work in Progress, Internet-Draft, draft-ietf-rtgwg-segment-routing-ti-lfa-13, , <https://datatracker.ietf.org/doc/html/draft-ietf-rtgwg-segment-routing-ti-lfa-13>.
- [I-D.ietf-spring-segment-protection-sr-te-paths]
- Hegde, S., Bowers, C., Litkowski, S., Xu, X., and F. Xu, "Segment Protection for SR-TE Paths", Work in Progress, Internet-Draft, draft-ietf-spring-segment-protection-sr-te-paths-05, , <https://datatracker.ietf.org/doc/html/draft-ietf-spring-segment-protection-sr-te-paths-05>.
- [I-D.ietf-spring-segment-routing-policy]
- Filsfils, C., Talaulikar, K., Voyer, D., Bogdanov, A., and P. Mattes, "Segment Routing Policy Architecture", Work in Progress, Internet-Draft, draft-ietf-spring-segment-routing-policy-22, , <https://datatracker.ietf.org/doc/html/draft-ietf-spring-segment-routing-policy-22>.