Network Working Group S. Previdi, Ed.
Internet-Draft C. Filsfils
Intended status: Standards Track D. Jain, Ed.
Expires: September 3, 2018 Cisco Systems, Inc.
P. Mattes
Microsoft
E. Rosen
Juniper Networks
S. Lin
Google
Mar 2, 2018
Advertising Segment Routing Policies in BGP
draft-ietf-idr-segment-routing-te-policy-02
Abstract
This document defines a new BGP SAFI with a new NLRI in order to
advertise a candidate path of a Segment Routing Policy (SR Policy).
An SR Policy is a set of candidate paths consisting of one or more
segment lists. The headend of an SR Policy may learn multiple
candidate paths for an SR Policy. Candidate paths may be learned via
a number of different mechanisms, e.g., CLI, NetConf, PCEP, or BGP.
This document specifies the way in which BGP may be used to
distribute candidate paths. New sub-TLVs for the Tunnel
Encapsulation Attribute are defined.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 3, 2018.
Previdi, et al. Expires September 3, 2018 [Page 1]
Internet-Draft Segment Routing Policies in BGP Mar 2018
Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Requirements Language . . . . . . . . . . . . . . . . . . 5
2. SR TE Policy Encoding . . . . . . . . . . . . . . . . . . . . 5
2.1. SR TE Policy SAFI and NLRI . . . . . . . . . . . . . . . 5
2.2. SR TE Policy and Tunnel Encapsulation Attribute . . . . . 7
2.3. Remote Endpoint and Color . . . . . . . . . . . . . . . . 8
2.4. SR TE Policy Sub-TLVs . . . . . . . . . . . . . . . . . . 8
2.4.1. Preference Sub-TLV . . . . . . . . . . . . . . . . . 8
2.4.2. SR TE Binding SID Sub-TLV . . . . . . . . . . . . . . 9
2.4.3. Segment List Sub-TLV . . . . . . . . . . . . . . . . 10
2.4.4. Explicit NULL Label Policy Sub-TLV . . . . . . . . . 21
3. Extended Color Community . . . . . . . . . . . . . . . . . . 23
4. SR Policy Operations . . . . . . . . . . . . . . . . . . . . 23
4.1. Configuration and Advertisement of SR TE Policies . . . . 23
4.2. Reception of an SR Policy NLRI . . . . . . . . . . . . . 24
4.2.1. Acceptance of an SR Policy NLRI . . . . . . . . . . . 24
4.2.2. Usable SR Policy NLRI . . . . . . . . . . . . . . . . 24
4.2.3. Passing a usable SR Policy NLRI to the SRTE Process . 25
4.2.4. Propagation of an SR Policy . . . . . . . . . . . . . 25
4.3. Flowspec and SR Policies . . . . . . . . . . . . . . . . 25
5. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 26
6. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 26
7. Implementation Status . . . . . . . . . . . . . . . . . . . . 26
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 27
8.1. Existing Registry: Subsequent Address Family Identifiers
(SAFI) Parameters . . . . . . . . . . . . . . . . . . . . 28
8.2. Existing Registry: BGP Tunnel Encapsulation Attribute
Tunnel Types . . . . . . . . . . . . . . . . . . . . . . 28
8.3. Existing Registry: BGP Tunnel Encapsulation Attribute
sub-TLVs . . . . . . . . . . . . . . . . . . . . . . . . 28
8.4. New Registry: SR Policy List Sub-TLVs . . . . . . . . . . 28
Previdi, et al. Expires September 3, 2018 [Page 2]
Internet-Draft Segment Routing Policies in BGP Mar 2018
9. Security Considerations . . . . . . . . . . . . . . . . . . . 29
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 29
10.1. Normative References . . . . . . . . . . . . . . . . . . 29
10.2. Informational References . . . . . . . . . . . . . . . . 30
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 31
1. Introduction
Segment Routing (SR) allows a headend node to steer a packet flow
along any path. Intermediate per-flow states are eliminated thanks
to source routing [I-D.ietf-spring-segment-routing].
The headend node is said to steer a flow into a Segment Routing
Policy (SR Policy).
The header of a packet steered in an SR Policy is augmented with the
ordered list of segments associated with that SR Policy.
[I-D.filsfils-spring-segment-routing-policy] details the concepts of
SR Policy and steering into an SR Policy. These apply equally to the
MPLS and SRv6 instantiations of segment routing.
As highlighted in section 2 of
[I-D.filsfils-spring-segment-routing-policy]:
o an SR policy may have multiple candidate paths learned via various
mechanisms (CLI, NetConf, PCEP or BGP);
o the SRTE process selects the best candidate path for a Policy;
o the SRTE process binds a BSID to the selected path of the Policy;
o the SRTE process installs the selected path and its BSID in the
forwarding plane.
This document specifies the way to use BGP to distribute one or more
of the candidate paths of an SR policy to the headend of that policy.
The SRTE process ([I-D.filsfils-spring-segment-routing-policy]) of
the headend receives candidate paths from BGP, and possibly other
sources as well, and the SRTE process then determines the selected
path of the policy.
This document specifies a way of representing SR policies and their
candidate paths in BGP UPDATE messages. BGP can then be used to
propagate the SR policies and candidate paths. The usual BGP rules
for BGP propagation and "bestpath selection" are used. At the
headend of a specific policy, this will result in one or more
candidate paths being installed into the "BGP table". These paths
Previdi, et al. Expires September 3, 2018 [Page 3]
Internet-Draft Segment Routing Policies in BGP Mar 2018
are then passed to the SRTE process. The SRTE process may compare
them to candidate paths learned via other mechanisms, and will choose
one or more paths to be installed in the data plane. BGP itself does
not install SRTE candidate paths into the data plane.
This document defines a new BGP address family (SAFI). In UPDATE
messages of that address family, the NLRI identifies an SR policy,
and the attributes specify candidate paths of that policy.
While for simplicity we may write that BGP advertises an SR Policy,
it has to be understood that BGP advertises a candidate path of an SR
policy and that this SR Policy might have several other candidate
paths provided via BGP (via an NLRI with a different distinguisher as
defined in this document), PCEP, NETCONF or local policy
configuration.
Typically, a controller defines the set of policies and advertise
them to policy head-end routers (typically ingress routers). The
policy advertisement uses BGP extensions defined in this document.
The policy advertisement is, in most but not all of the cases,
tailored for a specific policy head-end. In this case the
advertisement may sent on a BGP session to that head-end and not
propagated any further.
Alternatively, a router (i.e., a BGP egress router) advertises SR
Policies representing paths to itself. In this case, it is possible
to send the policy to each head-end over a BGP session to that head-
end, without requiring any further propagation of the policy.
An SR Policy intended only for the receiver will, in most cases, not
traverse any Route Reflector (RR, [RFC4456]).
In some situations, it is undesirable for a controller or BGP egress
router to have a BGP session to each policy head-end. In these
situations, BGP Route Reflectors may be used to propagate the
advertisements, or it may be necessary for the advertisement to
propagate through a sequence of one or more ASes. To make this
possible, an attribute needs to be attached to the advertisement that
enables a BGP speaker to determine whether it is intended to be a
head-end for the advertised policy. This is done by attaching one or
more Route Target Extended Communities to the advertisement
([RFC4360]).
The BGP extensions for the advertisement of SR Policies include
following components:
o A new Subsequent Address Family Identifier (SAFI) whose NLRI
identifies an SR Policy.
Previdi, et al. Expires September 3, 2018 [Page 4]
Internet-Draft Segment Routing Policies in BGP Mar 2018
o A set of new TLVs to be inserted into the Tunnel Encapsulation
Attribute (as defined in [I-D.ietf-idr-tunnel-encaps]) specifying
candidate paths of the SR policy, as well as other information
about the SR policy.
o One or more IPv4 address format route-target extended community
([RFC4360]) attached to the SR Policy advertisement and that
indicates the intended head-end of such SR Policy advertisement.
o The Color Extended Community (as defined in
[I-D.ietf-idr-tunnel-encaps]) and used in order to steer traffic
into an SR Policy, as described in section 8.4 in
[I-D.filsfils-spring-segment-routing-policy]. This document
(Section 3) modifies the format of the Color Extended Community by
using the two leftmost bits of the RESERVED field.
1.1. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
2. SR TE Policy Encoding
2.1. SR TE Policy SAFI and NLRI
A new SAFI is defined: the SR Policy SAFI, (codepoint 73 assigned by
IANA (see Section 8) from the "Subsequent Address Family Identifiers
(SAFI) Parameters" registry).
The SR Policy SAFI uses a new NLRI defined as follows:
+------------------+
| NLRI Length | 1 octet
+------------------+
| Distinguisher | 4 octets
+------------------+
| Policy Color | 4 octets
+------------------+
| Endpoint | 4 or 16 octets
+------------------+
where:
o NLRI Length: 1 octet of length expressed in bits as defined in
[RFC4760].
Previdi, et al. Expires September 3, 2018 [Page 5]
Internet-Draft Segment Routing Policies in BGP Mar 2018
o Distinguisher: 4-octet value uniquely identifying the policy in
the context of <color, endpoint> tuple. The distinguisher has no
semantic value and is solely used by the SR Policy originator to
make unique (from an NLRI perspective) multiple occurrences of the
same SR Policy.
o Policy Color: 4-octet value identifying (with the endpoint) the
policy. The color is used to match the color of the destination
prefixes to steer traffic into the SR Policy
[I-D.filsfils-spring-segment-routing-policy].
o Endpoint: identifies the endpoint of a policy. The Endpoint may
represent a single node or a set of nodes (e.g., an anycast
address). The Endpoint is an IPv4 (4-octet) address or an IPv6
(16-octet) address according to the AFI of the NLRI.
The color and endpoint are used to automate the steering of BGP
Payload prefixes on SR policy
([I-D.filsfils-spring-segment-routing-policy]).
The NLRI containing the SR Policy is carried in a BGP UPDATE message
[RFC4271] using BGP multiprotocol extensions [RFC4760] with an AFI of
1 or 2 (IPv4 or IPv6) and with a SAFI of 73 (assigned by IANA from
the "Subsequent Address Family Identifiers (SAFI) Parameters"
registry).
An update message that carries the MP_REACH_NLRI or MP_UNREACH_NLRI
attribute with the SR Policy SAFI MUST also carry the BGP mandatory
attributes. In addition, the BGP update message MAY also contain any
of the BGP optional attributes.
The next-hop of the SR Policy SAFI NLRI is set based on the AFI. For
example, if the AFI is set to IPv4 (1), then the next-hop is encoded
as a 4-byte IPv4 address. If the AFI is set to IPv6 (2), then the
next-hop is encoded as a 16-byte IPv6 address of the router. Setting
of and processing of the next-hop field is governed by standard BGP
procedures as described in section 3 in [RFC4760].
It is important to note that any BGP speaker receiving a BGP message
with an SR Policy NLRI, will process it only if the NLRI is among the
best paths as per the BGP best path selection algorithm. In other
words, this document does not modify the BGP propagation or bestpath
selection rules.
It has to be noted that if several candidate paths of the same SR
Policy (endpoint, color) are signaled via BGP to a head-end, it is
recommended that each NLRI use a different distinguisher. If BGP has
installed into the BGP table two advertisements whose respective
Previdi, et al. Expires September 3, 2018 [Page 6]
Internet-Draft Segment Routing Policies in BGP Mar 2018
NLRIs have the same color and endpoint, but different distinguishers,
both advertisements are passed to the SRTE process as different
candidate paths. In addition, the originator information
corresponding to the each candidate path, as described in section 2.4
([I-D.filsfils-spring-segment-routing-policy]) is passed to the SRTE
process.
2.2. SR TE Policy and Tunnel Encapsulation Attribute
The content of the SR Policy is encoded in the Tunnel Encapsulation
Attribute originally defined in [I-D.ietf-idr-tunnel-encaps] using a
new Tunnel-Type TLV (codepoint is 15, assigned by IANA (see
Section 8) from the "BGP Tunnel Encapsulation Attribute Tunnel Types"
registry).
The SR Policy Encoding structure is as follows:
SR Policy SAFI NLRI: <Distinguisher, Policy-Color, Endpoint>
Attributes:
Tunnel Encaps Attribute (23)
Tunnel Type: SR Policy
Binding SID
Preference
Segment List
Weight
Segment
Segment
...
...
where:
o SR Policy SAFI NLRI is defined in Section 2.1.
o Tunnel Encapsulation Attribute is defined in
[I-D.ietf-idr-tunnel-encaps].
o Tunnel-Type is set to 15 (assigned by IANA from the "BGP Tunnel
Encapsulation Attribute Tunnel Types" registry).
o Preference, Binding SID, Segment-List, Weight and Segment are
defined in this document.
o Additional sub-TLVs may be defined in the future.
A Tunnel Encapsulation Attribute MUST NOT contain more than one TLV
of type "SR Policy".
Previdi, et al. Expires September 3, 2018 [Page 7]
Internet-Draft Segment Routing Policies in BGP Mar 2018
Multiple occurrences of "Segment List" MAY be encoded within the same
SR Policy.
Multiple occurrences of "Segment" MAY be encoded within the same
Segment List.
2.3. Remote Endpoint and Color
The Remote Endpoint and Color sub-TLVs, as defined in
[I-D.ietf-idr-tunnel-encaps], MAY also be present in the SR Policy
encodings.
The Remote Endpoint and Color Sub-TLVs are not used for SR Policy
encodings and therefore their value is irrelevant in the context of
SR Policy SAFI NLRI. If present, the Remote Endpoint sub-TLV and the
Color sub-TLV MUST be ignored by the BGP speaker.
2.4. SR TE Policy Sub-TLVs
This section defines the SR Policy sub-TLVs.
Preference, Binding SID, Segment-List are assigned from the "BGP
Tunnel Encapsulation Attribute sub-TLVs" registry.
Weight and Segment Sub-TLVs are assigned from a new registry defined
in this document and called: "SR Policy List Sub-TLVs". See
Section 8 for the details of the registry.
2.4.1. Preference Sub-TLV
The Preference sub-TLV does not have any effect on the BGP bestpath
selection or propagation procedures. The contents of this sub-TLV
are used by the SRTE process as described in section 2.9 in
([I-D.filsfils-spring-segment-routing-policy]).
The Preference sub-TLV is optional, MUST NOT appear more than once in
the SR Policy and has following format:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Preference (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
Previdi, et al. Expires September 3, 2018 [Page 8]
Internet-Draft Segment Routing Policies in BGP Mar 2018
o Type: 12
o Length: 6.
o Flags: 1 octet of flags. None are defined at this stage. Flags
SHOULD be set to zero on transmission and MUST be ignored on
receipt.
o RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.
o Preference: a 4-octet value.
2.4.2. SR TE Binding SID Sub-TLV
The Binding SID sub-TLV is not used by BGP. The contents of this
sub-TLV are used by the SRTE process as described in section 6 in
([I-D.filsfils-spring-segment-routing-policy]).
The Binding SID sub-TLV is optional, MUST NOT appear more than once
in the SR Policy and has the following format:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Binding SID (variable, optional) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
o Type: 13
o Length: specifies the length of the value field not including Type
and Length fields. Can be 2 or 6 or 18.
o Flags: 1 octet of flags. None are defined at this stage. Flags
SHOULD be set to zero on transmission and MUST be ignored on
receipt.
o RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.
o Binding SID: if length is 2, then no Binding SID is present.
Previdi, et al. Expires September 3, 2018 [Page 9]
Internet-Draft Segment Routing Policies in BGP Mar 2018
o If length is 6 then the Binding SID contains a 4-octet SID. Below
format is used to encode the SID. TC, S, TTL(Total of 12bits) are
RESERVED and SHOULD be set to Zero and MUST be ignored.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Label | TC |S| TTL |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
If length is 18 then the Binding SID contains a 16-octet IPv6 SID.
2.4.3. Segment List Sub-TLV
The Segment List sub-TLV encodes a single explicit path towards the
endpoint as described in section 5.1 in
([I-D.filsfils-spring-segment-routing-policy]). The Segment List
sub-TLV includes the elements of the paths (i.e., segments) as well
as an optional Weight sub-TLV.
The Segment List sub-TLV may exceed 255 bytes length due to large
number of segments. Therefore a 2-octet length is required.
According to [I-D.ietf-idr-tunnel-encaps], the first bit of the sub-
TLV codepoint defines the size of the length field. Therefore, for
the Segment List sub-TLV a code point of 128 (or higher) is used.
See Section 8 for details of codepoints allocation.
The Segment List sub-TLV is optional and MAY appear multiple times in
the SR Policy.
The Segment List sub-TLV contains zero or more Segment sub-TLVs and
MAY contain a Weight sub-TLV.
The Segment List sub-TLV has the following format:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// sub-TLVs //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
o Type: 128.
Previdi, et al. Expires September 3, 2018 [Page 10]
Internet-Draft Segment Routing Policies in BGP Mar 2018
o Length: the total length (not including the Type and Length
fields) of the sub-TLVs encoded within the Segment List sub-TLV.
o RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.
o sub-TLVs:
* An optional single Weight sub-TLV.
* Zero or more Segment sub-TLVs.
Validation of an explicit path encoded by the Segment List sub-TLV is
completely in the scope of SRTE process as described in section 5 in
([I-D.filsfils-spring-segment-routing-policy]).
2.4.3.1. Weight Sub-TLV
The Weight sub-TLV specifies the weight associated to a given
candidate path (i.e., a given segment list). The contents of this
sub-TLV are used only by the SRTE process as described in section
2.11 in ([I-D.filsfils-spring-segment-routing-policy]).
The Weight sub-TLV is optional, MUST NOT appear more than once inside
the Segment List sub-TLV, and has the following format:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Weight |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
Type: 9 (to be assigned by IANA from the registry "SR Policy List
Sub-TLVs" defined in this document).
Length: 6.
Flags: 1 octet of flags. None are defined at this stage. Flags
SHOULD be set to zero on transmission and MUST be ignored on receipt.
RESERVED: 1 octet of reserved bits. SHOULD be unset on transmission
and MUST be ignored on receipt.
Previdi, et al. Expires September 3, 2018 [Page 11]
Internet-Draft Segment Routing Policies in BGP Mar 2018
2.4.3.2. Segment Sub-TLV
The Segment sub-TLV describes a single segment in a segment list
(i.e., a single element of the explicit path). Multiple Segment sub-
TLVs constitute an explicit path of the SR Policy.
The Segment sub-TLV is optional and MAY appear multiple times in the
Segment List sub-TLV.
The Segment sub-TLV does not have any effect on the BGP bestpath
selection or propagation procedures. The contents of this sub-TLV
are used only by the SRTE process as described in section 4 in
([I-D.filsfils-spring-segment-routing-policy]).
[I-D.filsfils-spring-segment-routing-policy] defines several types of
Segment Sub-TLVs:
Type 1: SID only, in the form of MPLS Label
Type 2: SID only, in the form of IPv6 address
Type 3: IPv4 Node Address with optional SID
Type 4: IPv6 Node Address with optional SID
Type 5: IPv4 Address + index with optional SID
Type 6: IPv4 Local and Remote addresses with optional SID
Type 7: IPv6 Address + index with optional SID
Type 8: IPv6 Local and Remote addresses with optional SID
2.4.3.2.1. Type 1: SID only, in the form of MPLS Label
The Type-1 Segment Sub-TLV encodes a single SID in the form of an
MPLS label. The format is as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Label | TC |S| TTL |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
o Type: 1 (to be assigned by IANA from the registry "SR Policy List
Sub-TLVs" defined in this document).
o Length is 6.
Previdi, et al. Expires September 3, 2018 [Page 12]
Internet-Draft Segment Routing Policies in BGP Mar 2018
o Flags: 1 octet of flags. None are defined at this stage. Flags
SHOULD be set to zero on transmission and MUST be ignored on
receipt.
o RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.
o Label: 20 bits of label value.
o TC: 3 bits of traffic class.
o S: 1 bit of bottom-of-stack.
o TTL: 1 octet of TTL.
The following applies to the Type-1 Segment sub-TLV:
o The S bit SHOULD be zero upon transmission, and MUST be ignored
upon reception.
o If the originator wants the receiver to choose the TC value, it
sets the TC field to zero.
o If the originator wants the receiver to choose the TTL value, it
sets the TTL field to 255.
o If the originator wants to recommend a value for these fields, it
puts those values in the TC and/or TTL fields.
o The receiver MAY override the originator's values for these
fields. This would be determined by local policy at the receiver.
One possible policy would be to override the fields only if the
fields have the default values specified above.
2.4.3.2.2. Type 2: SID only, in the form of IPv6 address
The Type-2 Segment Sub-TLV encodes a single SID in the form of an
IPv6 SID. The format is as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// IPv6 SID (16 octets) //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
Previdi, et al. Expires September 3, 2018 [Page 13]
Internet-Draft Segment Routing Policies in BGP Mar 2018
o Type: 2 (to be assigned by IANA from the registry "SR Policy List
Sub-TLVs" defined in this document).
o Length is 18.
o Flags: 1 octet of flags. None are defined at this stage. Flags
SHOULD be set to zero on transmission and MUST be ignored on
receipt.
o RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.
o IPv6 SID: 16 octets of IPv6 address.
The IPv6 Segment Identifier (IPv6 SID) is defined in
[I-D.ietf-6man-segment-routing-header].
2.4.3.2.3. Type 3: IPv4 Node Address with optional SID
The Type-3 Segment Sub-TLV encodes an IPv4 node address and an
optional SID in the form of either an MPLS label or an IPv6 address.
The format is as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IPv4 Node Address (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// SID (optional, 4 or 16 octets) //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
o Type: 3 (to be assigned by IANA from the registry "SR Policy List
Sub-TLVs" defined in this document).
o Length is 6 or 10 or 22.
o Flags: 1 octet of flags. None are defined at this stage. Flags
SHOULD be set to zero on transmission and MUST be ignored on
receipt.
o RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.
o IPv4 Node Address: a 4 octet IPv4 address representing a node.
Previdi, et al. Expires September 3, 2018 [Page 14]
Internet-Draft Segment Routing Policies in BGP Mar 2018
o SID: either 4 octet MPLS SID or a 16 octet IPv6 SID.
The following applies to the Type-3 Segment sub-TLV:
o The IPv4 Node Address MUST be present.
o The SID is optional and MAY be of one of the following formats:
* MPLS SID: a 4 octet label containing label, TC, S and TTL as
defined in Section 2.4.3.2.1.
* IPV6 SID: a 16 octet IPv6 address.
o If length is 6, then only the IPv4 Node Address is present.
o If length is 10, then the IPv4 Node Address and the MPLS SID are
present.
o If length is 22, then the IPv4 Node Address and the IPv6 SID are
present.
2.4.3.2.4. Type 4: IPv6 Node Address with optional SID
The Type-4 Segment Sub-TLV encodes an IPv6 node address and an
optional SID in the form of either an MPLS label or an IPv6 address.
The format is as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// IPv6 Node Address (16 octets) //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// SID (optional, 4 or 16 octets) //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
o Type: 4 (to be assigned by IANA from the registry "SR Policy List
Sub-TLVs" defined in this document).
o Length is 18 or 22 or 34.
o Flags: 1 octet of flags. None are defined at this stage. Flags
SHOULD be set to zero on transmission and MUST be ignored on
receipt.
Previdi, et al. Expires September 3, 2018 [Page 15]
Internet-Draft Segment Routing Policies in BGP Mar 2018
o RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.
o IPv6 Node Address: a 16 octet IPv6 address representing a node.
o SID: either 4 octet MPLS SID or a 16 octet IPv6 SID.
The following applies to the Type-4 Segment sub-TLV:
o The IPv6 Node Address MUST be present.
o The SID is optional and MAY be of one of the following formats:
* MPLS SID: a 4 octet label containing label, TC, S and TTL as
defined in Section 2.4.3.2.1.
* IPV6 SID: a 16 octet IPv6 address.
o If length is 18, then only the IPv6 Node Address is present.
o If length is 22, then the IPv6 Node Address and the MPLS SID are
present.
o If length is 34, then the IPv6 Node Address and the IPv6 SID are
present.
2.4.3.2.5. Type 5: IPv4 Address + Local Interface ID with optional SID
The Type-5 Segment Sub-TLV encodes an IPv4 node address, a local
interface Identifier (Local Interface ID) and an optional SID in the
form of either an MPLS label or an IPv6 address. The format is as
follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Local Interface ID (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IPv4 Node Address (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// SID (optional, 4 or 16 octets) //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
Previdi, et al. Expires September 3, 2018 [Page 16]
Internet-Draft Segment Routing Policies in BGP Mar 2018
o Type: 5 (to be assigned by IANA from the registry "SR Policy List
Sub-TLVs" defined in this document).
o Length is 10 or 14 or 26.
o Flags: 1 octet of flags. None are defined at this stage. Flags
SHOULD be set to zero on transmission and MUST be ignored on
receipt.
o RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.
o Local Interface ID: 4 octets as defined in
[I-D.ietf-pce-segment-routing].
o IPv4 Node Address: a 4 octet IPv4 address representing a node.
o SID: either 4 octet MPLS SID or a 16 octet IPv6 SID.
The following applies to the Type-5 Segment sub-TLV:
o The IPv4 Node Address MUST be present.
o The Local Interface ID MUST be present.
o The SID is optional and MAY be of one of the following formats:
* MPLS SID: a 4 octet label containing label, TC, S and TTL as
defined in Section 2.4.3.2.1.
* IPV6 SID: a 16 octet IPv6 SID.
o If length is 10, then the IPv4 Node Address and Local Interface ID
are present.
o If length is 14, then the IPv4 Node Address, the Local Interface
ID and the MPLS SID are present.
o If length is 26, then the IPv4 Node Address, the Local Interface
ID and the IPv6 SID are present.
2.4.3.2.6. Type 6: IPv4 Local and Remote addresses with optional SID
The Type-6 Segment Sub-TLV encodes an adjacency local address, an
adjacency remote address and an optional SID in the form of either an
MPLS label or an IPv6 address. The format is as follows:
Previdi, et al. Expires September 3, 2018 [Page 17]
Internet-Draft Segment Routing Policies in BGP Mar 2018
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Local IPv4 Address (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Remote IPv4 Address (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// SID (4 or 16 octets) //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
o Type: 6 (to be assigned by IANA from the registry "SR Policy List
Sub-TLVs" defined in this document).
o Length is 10 or 14 or 26.
o Flags: 1 octet of flags. None are defined at this stage. Flags
SHOULD be set to zero on transmission and MUST be ignored on
receipt.
o RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.
o Local IPv4 Address: a 4 octet IPv4 address.
o Remote IPv4 Address: a 4 octet IPv4 address.
o SID: either 4 octet MPLS SID or a 16 octet IPv6 SID.
The following applies to the Type-6 Segment sub-TLV:
o The Local IPv4 Address MUST be present and represents an adjacency
local address.
o The Remote IPv4 Address MUST be present and represents the remote
end of the adjacency.
o The SID is optional and MAY be of one of the following formats:
* MPLS SID: a 4 octet label containing label, TC, S and TTL as
defined in Section 2.4.3.2.1.
* IPV6 SID: a 16 octet IPv6 address.
Previdi, et al. Expires September 3, 2018 [Page 18]
Internet-Draft Segment Routing Policies in BGP Mar 2018
o If length is 10, then only the IPv4 Local and Remote addresses are
present.
o If length is 14, then the IPv4 Local address, IPv4 Remote address
and the MPLS SID are present.
o If length is 26, then the IPv4 Local address, IPv4 Remote address
and the IPv6 SID are present.
2.4.3.2.7. Type 7: IPv6 Address + Local Interface ID with optional SID
The Type-7 Segment Sub-TLV encodes an IPv6 node address, a local
interface identifier (Local Interface ID) and an optional SID in the
form of either an MPLS label or an IPv6 address. The format is as
follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Local Interface ID (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// IPv6 Node Address (16 octets) //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// SID (optional, 4 or 16 octets) //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
o Type: 7 (to be assigned by IANA from the registry "SR Policy List
Sub-TLVs" defined in this document).
o Length is 22 or 26 or 38.
o Flags: 1 octet of flags. None are defined at this stage. Flags
SHOULD be set to zero on transmission and MUST be ignored on
receipt.
o RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.
o Local Interface ID: 4 octets of interface index.
o IPv6 Node Address: a 16 octet IPv6 address representing a node.
o SID: either 4 octet MPLS SID or a 16 octet IPv6 SID.
Previdi, et al. Expires September 3, 2018 [Page 19]
Internet-Draft Segment Routing Policies in BGP Mar 2018
The following applies to the Type-7 Segment sub-TLV:
o The IPv6 Node Address MUST be present.
o The Local Interface ID MUST be present.
o The SID is optional and MAY be of one of the following formats:
* MPLS SID: a 4 octet label containing label, TC, S and TTL as
defined in Section 2.4.3.2.1.
* IPV6 SID: a 16 octet IPv6 address.
o If length is 22, then the IPv6 Node Address and Local Interface ID
are present.
o If length is 26, then the IPv6 Node Address, the Local Interface
ID and the MPLS SID are present.
o If length is 38, then the IPv6 Node Address, the Local Interface
ID and the IPv6 SID are present.
2.4.3.2.8. Type 8: IPv6 Local and Remote addresses with optional SID
The Type-8 Segment Sub-TLV encodes an adjacency local address, an
adjacency remote address and an optional SID in the form of either an
MPLS label or an IPv6 address. The format is as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// Local IPv6 Address (16 octets) //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// Remote IPv6 Address (16 octets) //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// SID (4 or 16 octets) //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
o Type: 8 (to be assigned by IANA from the registry "SR Policy List
Sub-TLVs" defined in this document).
o Length is 34 or 38 or 50.
Previdi, et al. Expires September 3, 2018 [Page 20]
Internet-Draft Segment Routing Policies in BGP Mar 2018
o Flags: 1 octet of flags. None are defined at this stage. Flags
SHOULD be set to zero on transmission and MUST be ignored on
receipt.
o RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.
o Local IPv6 Address: a 16 octet IPv6 address.
o Remote IPv6 Address: a 16 octet IPv6 address.
o SID: either 4 octet MPLS SID or a 16 octet IPv6 SID.
The following applies to the Type-8 Segment sub-TLV:
o The Local IPv6 Address MUST be present and represents an adjacency
local address.
o The Remote IPv6 Address MUST be present and represents the remote
end of the adjacency.
o The SID is optional and MAY be of one of the following formats:
* MPLS SID: a 4 octet label containing label, TC, S and TTL as
defined in Section 2.4.3.2.1.
* IPV6 SID: a 16 octet IPv6 address.
o If length is 34, then only the IPv6 Local and Remote addresses are
present.
o If length is 38, then the IPv6 Local address, IPv4 Remote address
and the MPLS SID are present.
o If length is 50, then the IPv6 Local address, IPv4 Remote address
and the IPv6 SID are present.
2.4.4. Explicit NULL Label Policy Sub-TLV
In order to steer an unlabeled IP packet into an SR policy, it is
necessary to create a label stack for that packet, and to push one or
more labels onto that stack.
The Explicit NULL Label Policy sub-TLV is used to indicate whether an
Explicit NULL Label [RFC3032] must be pushed on an unlabeled IP
packet before any other labels.
Previdi, et al. Expires September 3, 2018 [Page 21]
Internet-Draft Segment Routing Policies in BGP Mar 2018
If an Explicit NULL Label Policy Sub-TLV is not present, the decision
of whether to push an Explicit NULL label on a given packet is a
matter of local policy.
The contents of this sub-TLV are used by the SRTE process as
described in section 4.1 in
[I-D.filsfils-spring-segment-routing-policy].
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ENLP |
+-+-+-+-+-+-+-+-+
Where:
Type: TBD (to be assigned by IANA from the registry "SR Policy
List Sub-TLVs" defined in this document).
Length: 3.
Flags: 1 octet of flags. None are defined at this stage. Flags
SHOULD be set to zero on transmission and MUST be ignored on
receipt.
RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.
ELNP(Explicit NULL Label Policy): Indicates whether Explicit NULL
labels are to be pushed on unlabled IP packets that are being
steered into a given SR policy. This field has one of the
following 4 values:
1: Push an IPv4 Explicit NULL label on an unlabeled IPv4
packet, but do not push an IPv6 Explicit NULL label on an
unlabeled IPv6 packet.
2: Push an IPv6 Explicit NULL label on an unlabeled IPv6
packet, but do not push an IPv4 Explicit NULL label on an
unlabeled IPv4 packet.
3: Push an IPv4 Explicit NULL label on an unlabeled IPv4
packet, and push an IPv6 Explicit NULL label on an unlabeled
IPv6 packet.
4: Do not push an Explicit NULL label.
Previdi, et al. Expires September 3, 2018 [Page 22]
Internet-Draft Segment Routing Policies in BGP Mar 2018
The policy signaled in this Sub-TLV MAY be overridden by local
policy.
3. Extended Color Community
The Color Extended Community as defined in
[I-D.ietf-idr-tunnel-encaps] is used to steer traffic into a policy.
When the Color Extended Community is used for the purpose of steering
the traffic into an SRTE policy, the RESERVED field (as defined in
[I-D.ietf-idr-tunnel-encaps] is changed as follows:
1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|C O| RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where CO bits are defined as the "Color-Only" bits.
[I-D.filsfils-spring-segment-routing-policy]defines the influence of
these bits on the automated steering of BGP Payload traffic onto SRTE
policies.
4. SR Policy Operations
As described in this document, the consumer of a SR Policy NLRI is
not the BGP process. The BGP process is in charge of the origination
and propagation of the SR Policy NLRI but its installation and use is
outside the scope of BGP
([I-D.filsfils-spring-segment-routing-policy]).
4.1. Configuration and Advertisement of SR TE Policies
Typically, but not limited to, an SR Policy is configured into a
controller.
Multiple SR Policy NLRIs may be present with the same <color,
endpoint> tuple but with different content when these SR policies are
intended to different head-ends.
The distinguisher of each SR Policy NLRI prevents undesired BGP route
selection among these SR Policy NLRIs and allow their propagation
across route reflectors [RFC4456].
Moreover, one or more route-target SHOULD be attached to the
advertisement, where each route-target identifies one or more
intended head-ends for the advertised SR policy.
Previdi, et al. Expires September 3, 2018 [Page 23]
Internet-Draft Segment Routing Policies in BGP Mar 2018
If no route-target is attached to the SR Policy NLRI, then it is
assumed that the originator sends the SR Policy update directly
(e.g., through a BGP session) to the intended receiver. In such
case, the NO_ADVERTISE community MUST be attached to the SR Policy
update.
4.2. Reception of an SR Policy NLRI
On reception of an SR Policy NLRI, a BGP speaker MUST determine if
it's first acceptable, then it determines if it is usable.
4.2.1. Acceptance of an SR Policy NLRI
When a BGP speaker receives an SR Policy NLRI from a neighbor it has
to determine if it's acceptable. The following applies:
o The SR Policy NLRI MUST include a distinguisher, color and
endpoint field which implies that the length of the NLRI MUST be
either 12 or 24 octets (depending on the address family of the
endpoint).
o The SR Policy update MUST have either the NO_ADVERTISE community
or at least one route-target extended community in IPv4-address
format. If a router supporting this document receives an SR
policy update with no route-target extended communities and no
NO_ADVERTISE community, the update MUST NOT be sent to the SRTE
process. Furthermore, it SHOULD be considered to be malformed,
and the "treat-as-withdraw" strategy of [RFC7606] is applied.
o The Tunnel Encapsulation Attribute MUST be attached to the BGP
Update and MUST have a Tunnel Type TLV set to SR Policy (
codepoint is 15, assigned by IANA (see Section 8) from the "BGP
Tunnel Encapsulation Attribute Tunnel Types" registry).
A router that receives an SR Policy update that is not valid
according to these criteria MUST treat the update as malformed. The
route MUST NOT be passed to the SRTE process, and the "treat-as-
withdraw" strategy of [RFC7606] is applied.
A unacceptable SR Policy update that has a valid NLRI portion with
invalid attribute portion MUST be considered as a withdraw of the SR
Policy.
4.2.2. Usable SR Policy NLRI
If one or more route-targets are present, then at least one route-
target MUST match one of the BGP Identifiers of the receiver in order
for the update to be considered usable. The BGP Identifier is
Previdi, et al. Expires September 3, 2018 [Page 24]
Internet-Draft Segment Routing Policies in BGP Mar 2018
defined in [RFC4271] as a 4 octet IPv4 address. Therefore the route-
target extended community MUST be of the same format.
If one or more route-targets are present and no one matches any of
the local BGP Identifiers, then, while the SR Policy NLRI is
acceptable, it is not usable. It has to be noted that if the
receiver has been explicitly configured to do so, it MAY propagate
the SR Policy NLRI to its neighbors as defined in Section 4.2.4.
Usable SR Policy NLRIs are sent to the Segment Routing Traffic
Engineering (SRTE) process. The description of the SRTE process is
outside the scope of this document and it's described in
[I-D.filsfils-spring-segment-routing-policy].
4.2.3. Passing a usable SR Policy NLRI to the SRTE Process
Once BGP has determined that the SR Policy NLRI is usable, BGP passes
the path to the SRTE process described in
([I-D.filsfils-spring-segment-routing-policy]). Note that, along
with the path details, BGP also passes the originator information for
breaking ties in path-selection process as described in section 2.4
in [I-D.filsfils-spring-segment-routing-policy].
The SRTE process applies the rules defined in section 2
[I-D.filsfils-spring-segment-routing-policy] to determine whether a
path is valid and to select the best path among the valid paths.
4.2.4. Propagation of an SR Policy
By default, a BGP node receiving an SR Policy NLRI MUST NOT propagate
it to any EBGP neighbor.
However, a node MAY be explicitly configured to advertise a received
SR Policy NLRI to neighbors according to normal BGP rules (i.e., EBGP
propagation by an ASBR or iBGP propagation by a Route-Reflector).
SR Policy NLRIs that have been determined acceptable and valid can be
propagated, even the ones that are not usable.
Only SR Policy NLRIs that do not have the NO_ADVERTISE community
attached to them can be propagated.
4.3. Flowspec and SR Policies
The SR Policy can be carried in context of a Flowspec NLRI
([RFC5575]). In this case, when the redirect to IP next-hop is
specified as in [I-D.ietf-idr-flowspec-redirect-ip], the tunnel to
the next-hop is specified by the segment list in the Segment List
Previdi, et al. Expires September 3, 2018 [Page 25]
Internet-Draft Segment Routing Policies in BGP Mar 2018
sub-TLVs. The Segment List (e.g., label stack or IPv6 segment list)
is imposed to flows matching the criteria in the Flowspec route to
steer them towards the next-hop as specified in the SR Policy SAFI
NLRI.
5. Contributors
Arjun Sreekantiah
Cisco Systems
US
Email: asreekan@cisco.com
Acee Lindem
Cisco Systems
US
Email: acee@cisco.com
Siva Sivabalan
Cisco Systems
US
Email: msiva@cisco.com
Imtiyaz Mohammad
Arista Networks
India
Email: imtiyaz@arista.com
Gaurav Dawra
Cisco Systems
US
Email: gdawra.ietf@gmail.com
6. Acknowledgments
The authors of this document would like to thank Shyam Sethuram, John
Scudder, Przemyslaw Krol, Alex Bogdanov, Nandan Saha and Ketan
Talaulikar for their comments and review of this document.
7. Implementation Status
Note to RFC Editor: Please remove this section prior to publication,
as well as the reference to RFC 7942.
Previdi, et al. Expires September 3, 2018 [Page 26]
Internet-Draft Segment Routing Policies in BGP Mar 2018
This section records the status of known implementations of the
protocol defined by this specification at the time of posting of this
Internet-Draft, and is based on a proposal described in [RFC7942].
The description of implementations in this section is intended to
assist the IETF in its decision processes in progressing drafts to
RFCs. Please note that the listing of any individual implementation
here does not imply endorsement by the IETF. Furthermore, no effort
has been spent to verify the information presented here that was
supplied by IETF contributors. This is not intended as, and must not
be construed to be, a catalog of available implementations or their
features. Readers are advised to note that other implementations may
exist.
According to [RFC7942], "this will allow reviewers and working groups
to assign due consideration to documents that have the benefit of
running code, which may serve as evidence of valuable experimentation
and feedback that have made the implemented protocols more mature.
It is up to the individual working groups to use this information as
they see fit".
Several early implementations exist and will be reported in detail in
a forthcoming version of this document. For purposes of early
interoperability testing, when no FCFS code point was available,
implementations have made use of the following values:
o Preference sub-TLV: 12
o Binding SID sub-TLV: 13
o Segment List sub-TLV: 128
When IANA-assigned values are available, implementations will be
updated to use them.
8. IANA Considerations
This document defines new Sub-TLVs in following existing registries:
o Subsequent Address Family Identifiers (SAFI) Parameters
o BGP Tunnel Encapsulation Attribute Tunnel Types
o BGP Tunnel Encapsulation Attribute sub-TLVs
This document also defines a new registry: "SR Policy List Sub-TLVs".
Previdi, et al. Expires September 3, 2018 [Page 27]
Internet-Draft Segment Routing Policies in BGP Mar 2018
8.1. Existing Registry: Subsequent Address Family Identifiers (SAFI)
Parameters
This document defines a new SAFI in the registry "Subsequent Address
Family Identifiers (SAFI) Parameters" that has been assigned by IANA:
Codepoint Description Reference
-----------------------------------------------
73 SR Policy SAFI This document
8.2. Existing Registry: BGP Tunnel Encapsulation Attribute Tunnel Types
This document defines a new Tunnel-Type in the registry "BGP Tunnel
Encapsulation Attribute Tunnel Types" that has been assigned by IANA:
Codepoint Description Reference
--------------------------------------------------
15 SR Policy Type This document
8.3. Existing Registry: BGP Tunnel Encapsulation Attribute sub-TLVs
This document defines new sub-TLVs in the registry "BGP Tunnel
Encapsulation Attribute sub-TLVs" to be assigned by IANA:
Codepoint Description Reference
------------------------------------------------------
12 Preference sub-TLV This document
13 Binding SID sub-TLV This document
128 Segment List sub-TLV This document
8.4. New Registry: SR Policy List Sub-TLVs
This document defines a new registry called "SR Policy List Sub-
TLVs". The allocation policy of this registry is "First Come First
Served (FCFS)" according to [RFC8126].
Following Sub-TLV codepoints are defined:
Previdi, et al. Expires September 3, 2018 [Page 28]
Internet-Draft Segment Routing Policies in BGP Mar 2018
Value Description Reference
------------------------------------------------------------------
1 MPLS SID sub-TLV This document
2 IPv6 SID sub-TLV This document
3 IPv4 Node and SID sub-TLV This document
4 IPv6 Node and SID sub-TLV This document
5 IPv4 Node, index and SID sub-TLV This document
6 IPv4 Local/Remote addresses and SID sub-TLV This document
7 IPv6 Node, index and SID sub-TLV This document
8 IPv6 Local/Remote addresses and SID sub-TLV This document
9 Weight sub-TLV This document
9. Security Considerations
TBD.
10. References
10.1. Normative References
[I-D.ietf-idr-tunnel-encaps]
Rosen, E., Patel, K., and G. Velde, "The BGP Tunnel
Encapsulation Attribute", draft-ietf-idr-tunnel-encaps-09
(work in progress), February 2018.
[I-D.ietf-pce-segment-routing]
Sivabalan, S., Filsfils, C., Tantsura, J., Henderickx, W.,
and J. Hardwick, "PCEP Extensions for Segment Routing",
draft-ietf-pce-segment-routing-11 (work in progress),
November 2017.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
[RFC3032] Rosen, E., Tappan, D., Fedorkow, G., Rekhter, Y.,
Farinacci, D., Li, T., and A. Conta, "MPLS Label Stack
Encoding", RFC 3032, DOI 10.17487/RFC3032, January 2001,
<https://www.rfc-editor.org/info/rfc3032>.
[RFC4271] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A
Border Gateway Protocol 4 (BGP-4)", RFC 4271,
DOI 10.17487/RFC4271, January 2006,
<https://www.rfc-editor.org/info/rfc4271>.
Previdi, et al. Expires September 3, 2018 [Page 29]
Internet-Draft Segment Routing Policies in BGP Mar 2018
[RFC4360] Sangli, S., Tappan, D., and Y. Rekhter, "BGP Extended
Communities Attribute", RFC 4360, DOI 10.17487/RFC4360,
February 2006, <https://www.rfc-editor.org/info/rfc4360>.
[RFC4760] Bates, T., Chandra, R., Katz, D., and Y. Rekhter,
"Multiprotocol Extensions for BGP-4", RFC 4760,
DOI 10.17487/RFC4760, January 2007,
<https://www.rfc-editor.org/info/rfc4760>.
[RFC5575] Marques, P., Sheth, N., Raszuk, R., Greene, B., Mauch, J.,
and D. McPherson, "Dissemination of Flow Specification
Rules", RFC 5575, DOI 10.17487/RFC5575, August 2009,
<https://www.rfc-editor.org/info/rfc5575>.
[RFC7606] Chen, E., Ed., Scudder, J., Ed., Mohapatra, P., and K.
Patel, "Revised Error Handling for BGP UPDATE Messages",
RFC 7606, DOI 10.17487/RFC7606, August 2015,
<https://www.rfc-editor.org/info/rfc7606>.
[RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for
Writing an IANA Considerations Section in RFCs", BCP 26,
RFC 8126, DOI 10.17487/RFC8126, June 2017,
<https://www.rfc-editor.org/info/rfc8126>.
10.2. Informational References
[I-D.filsfils-spring-segment-routing-policy]
Filsfils, C., Sivabalan, S., Raza, K., Liste, J., Clad,
F., Talaulikar, K., Ali, Z., Hegde, S.,
daniel.voyer@bell.ca, d., Lin, S., bogdanov@google.com,
b., Krol, P., Horneffer, M., Steinberg, D., Decraene, B.,
Litkowski, S., and P. Mattes, "Segment Routing Policy for
Traffic Engineering", draft-filsfils-spring-segment-
routing-policy-05 (work in progress), February 2018.
[]
Previdi, S., Filsfils, C., Raza, K., Dukes, D., Leddy, J.,
Field, B., daniel.voyer@bell.ca, d.,
daniel.bernier@bell.ca, d., Matsushima, S., Leung, I.,
Linkova, J., Aries, E., Kosugi, T., Vyncke, E., Lebrun,
D., Steinberg, D., and R. Raszuk, "IPv6 Segment Routing
Header (SRH)", draft-ietf-6man-segment-routing-header-08
(work in progress), January 2018.
Previdi, et al. Expires September 3, 2018 [Page 30]
Internet-Draft Segment Routing Policies in BGP Mar 2018
[I-D.ietf-idr-flowspec-redirect-ip]
Uttaro, J., Haas, J., Texier, M., Andy, A., Ray, S.,
Simpson, A., and W. Henderickx, "BGP Flow-Spec Redirect to
IP Action", draft-ietf-idr-flowspec-redirect-ip-02 (work
in progress), February 2015.
[I-D.ietf-spring-segment-routing]
Filsfils, C., Previdi, S., Ginsberg, L., Decraene, B.,
Litkowski, S., and R. Shakir, "Segment Routing
Architecture", draft-ietf-spring-segment-routing-15 (work
in progress), January 2018.
[RFC4456] Bates, T., Chen, E., and R. Chandra, "BGP Route
Reflection: An Alternative to Full Mesh Internal BGP
(IBGP)", RFC 4456, DOI 10.17487/RFC4456, April 2006,
<https://www.rfc-editor.org/info/rfc4456>.
[RFC7942] Sheffer, Y. and A. Farrel, "Improving Awareness of Running
Code: The Implementation Status Section", BCP 205,
RFC 7942, DOI 10.17487/RFC7942, July 2016,
<https://www.rfc-editor.org/info/rfc7942>.
Authors' Addresses
Stefano Previdi (editor)
Cisco Systems, Inc.
IT
Email: stefano@previdi.net
Clarence Filsfils
Cisco Systems, Inc.
Brussels
BE
Email: cfilsfil@cisco.com
Dhanendra Jain (editor)
Cisco Systems, Inc.
San Jose
USA
Email: dhjain@cisco.com
Previdi, et al. Expires September 3, 2018 [Page 31]
Internet-Draft Segment Routing Policies in BGP Mar 2018
Paul Mattes
Microsoft
One Microsoft Way
Redmond, WA 98052
USA
Email: pamattes@microsoft.com
Eric Rosen
Juniper Networks
10 Technology Park Drive
Westford, MA 01886
US
Email: erosen@juniper.net
Steven Lin
Google
Email: stevenlin@google.com
Previdi, et al. Expires September 3, 2018 [Page 32]