Interdomain Routing Working Group C. Li Internet-Draft Z. Li Intended status: Standards Track Huawei Technologies Expires: 5 April 2025 Y. Yin China Telecom W. Cheng China Mobile K. Talaulikar Cisco Systems 2 October 2024 SR Policy Extensions for Path Segment and Bidirectional Path draft-ietf-idr-sr-policy-path-segment-13 Abstract A Segment Routing(SR) policy identifies a set of candidate SR paths Each SR path is passed in BGP as the SR Policy SAFI NLRI accompanied with the Tunnel Encapsulation attribute (Tunnel-encaps). Each SR Path (tunnel) uses a set of TLVs in the Tunnel-encaps attribute to describe the characteristics of the SR Policy tunnel. One of the TLVs that describes the tunnel is the Segment list TLV which provides a list of segments contained in the tunnel. This document specifies a new Path Segment Sub-TLV to associate a Path Segment ID to the SR Segment List. The Path Segment ID can be used for performance measurement, path correlation, and end-2-end path protection. This Path Segment identifier can be also be used to correlate two unidirectional SR paths into a bidirectional SR path. Bidirection SR path may be required in some scenarios such as mobile backhaul transport network. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Li, et al. Expires 5 April 2025 [Page 1] Internet-Draft Path ID and Bi-directional Path in BGP October 2024 Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 5 April 2025. Copyright Notice Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.1. Requirements Language . . . . . . . . . . . . . . . . . . 4 3. Path Segment in SR Policy . . . . . . . . . . . . . . . . . . 4 3.1. SR Path Segment Sub-TLV . . . . . . . . . . . . . . . . . 5 4. SR Policy for Bidirectional Path . . . . . . . . . . . . . . 7 4.1. Reverse Path Segment List Sub-TLV . . . . . . . . . . . . 8 5. Operations . . . . . . . . . . . . . . . . . . . . . . . . . 8 6. Error Handling and Fault Management . . . . . . . . . . . . . 9 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 7.1. Existing Registry: BGP Tunnel Encapsulation Attribute sub-TLVs . . . . . . . . . . . . . . . . . . . . . . . . 10 8. Security Considerations . . . . . . . . . . . . . . . . . . . 10 9. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 10 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 11 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 11.1. Normative References . . . . . . . . . . . . . . . . . . 11 11.2. Informative References . . . . . . . . . . . . . . . . . 13 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 13 Li, et al. Expires 5 April 2025 [Page 2] Internet-Draft Path ID and Bi-directional Path in BGP October 2024 1. Introduction Segment routing (SR) [RFC8402] is a source routing paradigm that explicitly indicates the forwarding path for packets at the ingress node. The ingress node steers packets into a specific path according to the Segment Routing Policy ( SR Policy) as defined in [RFC9256]. For distributing SR policies to the headend, [RFC9256] specifies a mechanism by using BGP, and new Sub-TLVs are defined for SR Policies in BGP UPDATE message. In many use cases such as performance measurement, the path to which the packets belong is required to be identified. In some scenarios, (e.g., Mobile backhaul transport networks), there are Requirements to support bidirectional path. However, there is no path identification information for each Segment List in the SR Policies defined in [RFC9256]. Also, the SR Policies defined in [RFC9256] only supports unidirectional SR paths. Therefore, this document defines the extension to SR policies that carry Path Segment in the Segment List and support bidirectional path. The Path Segment can be a Path Segment in SR-MPLS [RFC9545] and SRv6 [I-D.ietf-spring-srv6-path-segment], or other IDs that can identify a path. Also, this document defines extensions to BGP to distribute SR policies carrying Path Segment and bidirectional path information. 2. Terminology This document makes use of the terms defined in [RFC8402] and [RFC9256]. Some terms are listed below for reference. * SR: Segment Routing. * SR-MPLS: Segment Routing over MPLS data plane. * SRv6: Segment Routing over IPv6 data plane. * PSID: Path Segment Identifier. * SRPM: SR Policy Module [I-D.ietf-idr-sr-policy-safi]. Li, et al. Expires 5 April 2025 [Page 3] Internet-Draft Path ID and Bi-directional Path in BGP October 2024 2.1. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. 3. Path Segment in SR Policy As defined in [I-D.ietf-idr-sr-policy-safi] , the SR Policy encoding structure is as follows: SR Policy SAFI NLRI: Attributes: Tunnel Encaps Attribute (23) Tunnel Type: SR Policy Binding SID Preference Priority Policy Name Explicit NULL Label Policy (ENLP) Segment List Weight Segment Segment ... ... An SR path can be specified by an Segment List Sub-TLV that contains a set of segment Sub-TLVs and other Sub-TLVs as shown above. As defined in [RFC9256], a candidate path includes multiple SR paths specified by SID list. The Path Segment can be used for identifying an SR path (specified by SID list) from the headend and the tailend. Also, it can be used for identifying an SR candidate path in some use cases if needed. This document defines a new Path Segment Sub-TLV within Segment List Sub-TLV, the details will be described at section 3.1. The new SR Policy encoding structure with Path Segment Sub-TLV is expressed as below: Li, et al. Expires 5 April 2025 [Page 4] Internet-Draft Path ID and Bi-directional Path in BGP October 2024 SR Policy SAFI NLRI: Attributes: Tunnel Encaps Attribute (23) Tunnel Type: SR Policy Binding SID Preference Priority Policy Name Explicit NULL Label Policy (ENLP) Segment List Weight Path Segment Segment Segment ... Segment List Weight Path Segment Segment Segment ... ... The Path Segment is used to identified an SR path, and it can be used in OAM or IOAM use cases. When all the SID Lists within a candidate path share the same Path Segment ID, the Path Segment can be used to collect the aggregated information of the candidate path. Multiple Path Segment MAY be included in a Segment List for different use cases. In SR-MPLS, one, or some or all of them MAY be inserted into the SID List as the requirement of the use case. However, in SRv6, only one Path Segment ID can be encoded in a SRH. Therefore, an implementation MUST decide how to choose a Path Segment ID from the multiple Path Segment IDs. In order to simplify the implementation, this document suggests to encode only one Path Segment Sub-TLV for a segment list, while the rest Path Segment SHOULD be ignored. 3.1. SR Path Segment Sub-TLV This section defines an SR Path Segment Sub-TLV. An SR Path Segment Sub-TLV is included in the segment list Sub-TLV to identify an SID list. It has the following format: Li, et al. Expires 5 April 2025 [Page 5] Internet-Draft Path ID and Bi-directional Path in BGP October 2024 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Flags | RESERVED | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Path Segment ID (Variable) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ // SRv6 Endpoint Behavior and SID Structure (optional) // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 1. Path Segment Sub-TLV Where: * Type (TBA1): SR Path Segment Sub-TLV (to be assigned by IANA). * Length: the total length of the value field not including Type and Length fields. * Flags: 8 bits of flags. Following flags are defined: 0 1 2 3 4 5 6 7 +--+--+--+--+--+--+--+--+ | Reserved |B |L | +--+--+--+--+--+--+--+--+ * - L-Flag: Local flag. Set when the Path Segment has local significance on an SR node. - B-Flag: This flag, when set, indicates the presence of the SRv6 Endpoint Behavior and SID Structure encoding specified in Section 2.4.4.2.4. of [I-D.ietf-idr-sr-policy-safi]. It MUST be ignored when the value of length field is smaller than 18. - The rest bits of Flag are reserved and MUST be set to 0 on transmission and MUST be ignored on receipt. * Path Segment ID: if the length is 2, then no Path Segment ID is present. If the length is 6 then the Path Segment ID is encoded in 4 octets [RFC9545] using the format below. TC, S, TTL (Total of 12 bits) are RESERVED and SHOULD be set to zero and MUST be ignored. Li, et al. Expires 5 April 2025 [Page 6] Internet-Draft Path ID and Bi-directional Path in BGP October 2024 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Flags | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Path Segment Label | TC |S| TTL | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 2. SR-MPLS Path Segment Sub-TLV If the length is 18 then the Path Segment ID contains a 16-octet SRv6 Path Segment ID [I-D.ietf-spring-srv6-path-segment]. If the length is larger than 18 and B-flag is set, then SRv6 Endpoint Behavior and SID Structure TLVs is included as per Section 2.4.4.2.4. of [I-D.ietf-idr-sr-policy-safi]. 4. SR Policy for Bidirectional Path In some scenariose, for example, mobile backhaul transport network, there are requirements to support bidirectional path. In SR, a bidirectional path can be represented as a binding of two unidirectional SR paths. This document also defines a Reverse Segment List Sub-TLV to describe the reverse path associated with the forward path specified by the Segment List. An SR policy carrying SR bidirectional path information is expressed as below: SR Policy SAFI NLRI: Attributes: Tunnel Encaps Attribute (23) Tunnel Type: SR Policy Binding SID Preference Priority Policy Name Explicit NULL Label Policy (ENLP) Segment List Weight Path Segment Segment Segment ... Reverse Segment List Path Segment Segment Segment ... Li, et al. Expires 5 April 2025 [Page 7] Internet-Draft Path ID and Bi-directional Path in BGP October 2024 4.1. Reverse Path Segment List Sub-TLV A Reverse Path Segment List Sub-TLV is defined to specify an SR reverse path associated with the path specified by the Segment List, and it has the following format: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | RESERVED | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sub-TLVs (Variable) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 3. SR Reverse Path Segment List Sub-TLV where: Type (TBA2): Reverse Path Segment List Sub-TLV (to be assigned by IANA). Length: the total length of the Sub-TLVs encoded within the Reverse Path Segment List Sub-TLV not including the Type and Length fields. RESERVED: 1 octet of reserved bits. SHOULD be unset on transmission and MUST be ignored on receipt. Sub-TLVs, reuse the Sub-TLVs in Segment List defined in [I-D.ietf-idr-sr-policy-safi] and [I-D.ietf-idr-bgp-sr-segtypes-ext]. * One or more mandatory SR Path Segment Sub-TLVs that contains the Path Segments of the reverse SR path. * One or more Segment Sub-TLVs to specify the reverse SR path. The Segment sub-TLVs in the Reverse Path Segment List sub-TLV provides the information of the reverse SR path. This Reverse Path Segment list can be used for directing egress BFD peer to use specific path for the reverse direction of the BFD session [RFC9612] or other applications. 5. Operations The document defines a new Sub-TLV under the extensions for SR policy defined in [I-D.ietf-idr-sr-policy-safi], therefore, the description of operations defined in [I-D.ietf-idr-sr-policy-safi], can apply to this document directly, including advertisement of SR policies and reception of SR policy NLRI. Li, et al. Expires 5 April 2025 [Page 8] Internet-Draft Path ID and Bi-directional Path in BGP October 2024 Typically but not limit to, the unidirectional or bidirectional SR policies carrying path identification infomation are configured by a controller. After configuration, the unidirectional or bidirectional SR policies carrying path identification infomation will be advertised by BGP update messages. The operation of advertisement this SR policy is the same as defined in [I-D.ietf-idr-sr-policy-safi], as well as the reception. The consumer of the unidirectional or bidirectional SR policies is not the BGP process, it can be any applications, such as performance measurement [I-D.ietf-spring-stamp-srpm]. The operation of sending information to consumers is out of scope of this document. 6. Error Handling and Fault Management The document defines a new Sub-TLV under the extensions for SR policy defined in [I-D.ietf-idr-sr-policy-safi], therefore, the error handling defined in [I-D.ietf-idr-sr-policy-safi] can apply to this document. Also, the error handling as defined in [RFC7606] applies to new Sub-TLVs as well as SAFI context, therefore, the error handling in [RFC7606] also applies to this document. Specifically, a BGP Speaker MUST perform Syntax validation of the Tunnel Encapsulation Attribute following the error handling defined in [RFC7606] and [I-D.ietf-idr-sr-policy-safi]. In addition, a BGP Speaker MUST perform Syntax validation of the new Path Segment Sub-TLV to determine if it is malformed. This includes the validation of the length of the Sub-TLV and the range of the value fileds. If any validation check fails, the Update message MUST be handle as 'Treat-as-withdraw' In addition, the validation of the individual fields of the TLVs/Sub- TLVs of the associated segment list are beyond the scope of BGP as they are handled by the SR Policy Module [I-D.ietf-idr-sr-policy-safi] as described in the individual TLV/Sub- TLV sub-sections. Therefore this part is out of the scope of this document. A BGP implementation MUST NOT perform semantic verification of such fields nor consider the SR Policy update to be invalid or not usable based on such validation. An implementation SHOULD log any errors found during the above validation for further analysis [I-D.ietf-idr-sr-policy-safi]. Li, et al. Expires 5 April 2025 [Page 9] Internet-Draft Path ID and Bi-directional Path in BGP October 2024 7. IANA Considerations This document defines new Sub-TLVs in following registries: 7.1. Existing Registry: BGP Tunnel Encapsulation Attribute sub-TLVs This document defines new Sub-TLVs in the registry "SR Policy List Sub-TLVs" [I-D.ietf-idr-sr-policy-safi] to be assigned by IANA: Codepoint Description Reference ------------------------------------------------------------- TBA(17) Path Segment Sub-TLV This document TBA(18) Reverse Segment List Sub-TLV This document 8. Security Considerations Similar to [I-D.ietf-idr-sr-policy-safi], the security mechanisms of the base BGP security model [RFC4271] apply to the extensions described in this document. Also, the new security considerations defined in [I-D.ietf-idr-sr-policy-safi] also apply to this document. The Path Segment extension is included in the SR Policy extension [I-D.ietf-idr-sr-policy-safi], so it does not introduce extra security problems comparing the existing SR policy entension. The Path Segment information is critical to the path, and a wrong Path Segment ID may cause unexpected forwarding actions and results. An implementation needs to make sure that the value of Path Segment ID is correct to avoid unexpected forwarding actions and results, especially in an SR-MPLS network. In addition, the Path Segment information distribution from a controller to an ingress router has to be protected. The security considereations in [I-D.ietf-idr-sr-policy-safi] apply to this distribution procedure. 9. Contributors Li, et al. Expires 5 April 2025 [Page 10] Internet-Draft Path ID and Bi-directional Path in BGP October 2024 Mach(Guoyi) Chen Huawei Technologies Huawei Campus, No. 156 Beiqing Rd. Beijing 100095 China Email: Mach.chen@huawei.com Jie Dong Huawei Technologies Huawei Campus, No. 156 Beiqing Rd. Beijing 100095 China Email: jie.dong@huawei.com James N Guichard Futurewei Technologies 2330 Central Express Way Santa Clara USA Email: james.n.guichard@futurewei.com Huanan Chen China Telecom 109 West Zhongshan Ave Guangzhou China Email: chenhuan6@chinatelecom.cn 10. Acknowledgements Many thanks to Shraddha Hedge, Susan Hares for their detailed reviews and professional comments. 11. References 11.1. Normative References [I-D.ietf-idr-bgp-sr-segtypes-ext] Talaulikar, K., Filsfils, C., Previdi, S., Mattes, P., and D. Jain, "Segment Routing Segment Types Extensions for BGP SR Policy", Work in Progress, Internet-Draft, draft-ietf- Li, et al. Expires 5 April 2025 [Page 11] Internet-Draft Path ID and Bi-directional Path in BGP October 2024 idr-bgp-sr-segtypes-ext-04, 30 July 2024, . [I-D.ietf-idr-sr-policy-safi] Previdi, S., Filsfils, C., Talaulikar, K., Mattes, P., and D. Jain, "Advertising Segment Routing Policies in BGP", Work in Progress, Internet-Draft, draft-ietf-idr-sr- policy-safi-06, 26 July 2024, . [I-D.ietf-spring-srv6-path-segment] Li, C., Cheng, W., Chen, M., Dhody, D., and Y. Zhu, "Path Segment Identifier (PSID) in SRv6 (Segment Routing in IPv6)", Work in Progress, Internet-Draft, draft-ietf- spring-srv6-path-segment-11, 18 September 2024, . [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC4271] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A Border Gateway Protocol 4 (BGP-4)", RFC 4271, DOI 10.17487/RFC4271, January 2006, . [RFC7606] Chen, E., Ed., Scudder, J., Ed., Mohapatra, P., and K. Patel, "Revised Error Handling for BGP UPDATE Messages", RFC 7606, DOI 10.17487/RFC7606, August 2015, . [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, . [RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L., Decraene, B., Litkowski, S., and R. Shakir, "Segment Routing Architecture", RFC 8402, DOI 10.17487/RFC8402, July 2018, . [RFC9012] Patel, K., Van de Velde, G., Sangli, S., and J. Scudder, "The BGP Tunnel Encapsulation Attribute", RFC 9012, DOI 10.17487/RFC9012, April 2021, . Li, et al. Expires 5 April 2025 [Page 12] Internet-Draft Path ID and Bi-directional Path in BGP October 2024 [RFC9256] Filsfils, C., Talaulikar, K., Ed., Voyer, D., Bogdanov, A., and P. Mattes, "Segment Routing Policy Architecture", RFC 9256, DOI 10.17487/RFC9256, July 2022, . [RFC9545] Cheng, W., Ed., Li, H., Li, C., Ed., Gandhi, R., and R. Zigler, "Path Segment Identifier in MPLS-Based Segment Routing Networks", RFC 9545, DOI 10.17487/RFC9545, February 2024, . 11.2. Informative References [I-D.ietf-spring-stamp-srpm] Gandhi, R., Filsfils, C., Voyer, D., Chen, M., and R. F. Foote, "Performance Measurement Using Simple Two-Way Active Measurement Protocol (STAMP) for Segment Routing Networks", Work in Progress, Internet-Draft, draft-ietf- spring-stamp-srpm-15, 24 April 2024, . [RFC9612] Mirsky, G., Tantsura, J., Varlashkin, I., and M. Chen, "Bidirectional Forwarding Detection (BFD) Reverse Path for MPLS Label Switched Paths (LSPs)", RFC 9612, DOI 10.17487/RFC9612, July 2024, . Authors' Addresses Cheng Li Huawei Technologies Huawei Campus, No. 156 Beiqing Rd. Beijing 100095 China Email: c.l@huawei.com Zhenbin Li Huawei Technologies Huawei Campus, No. 156 Beiqing Rd. Beijing 100095 China Email: lizhenbin@huawei.com Li, et al. Expires 5 April 2025 [Page 13] Internet-Draft Path ID and Bi-directional Path in BGP October 2024 Yuanyang Yin China Telecom Guangzhou China Email: yinyuany@chinatelecom.cn Weiqiang Cheng China Mobile Beijing China Email: chengweiqiang@chinamobile.com Ketan Talaulikar Cisco Systems Email: ketant.ietf@gmail.com Li, et al. Expires 5 April 2025 [Page 14]