Advertising Segment
Routing Policies in BGPIndividualITstefano@previdi.netCisco Systems, Inc.BrusselsBEcfilsfil@cisco.comGoogledhanendra.ietf@gmail.comMicrosoftOne Microsoft WayRedmondWA98052USApamattes@microsoft.comJuniper Networks10 Technology Park DriveWestfordMA01886USerosen@juniper.netGooglestevenlin@google.comThis document defines a new BGP SAFI with a new NLRI in order to
advertise a candidate path of a Segment Routing Policy (SR Policy). An
SR Policy is a set of candidate paths, each consisting of one or more segment
lists. The headend of an SR Policy may learn multiple candidate paths
for an SR Policy. Candidate paths may be learned via a number of
different mechanisms, e.g., CLI, NetConf, PCEP, or BGP. This document
specifies the way in which BGP may be used to distribute candidate
paths. New sub-TLVs for the Tunnel Encapsulation Attribute are
defined.Segment Routing (SR) allows a headend node to steer a packet flow
along any path. Intermediate per-flow states are eliminated thanks to
source routing .The headend node is said to steer a flow into a Segment Routing
Policy (SR Policy).The header of a packet steered in an SR Policy is augmented with the
ordered list of segments associated with that SR Policy. details
the concepts of SR Policy and steering into an SR Policy. These apply
equally to the MPLS and SRv6 instantiations of segment routing.
describes
some of the implementation aspects of the SR Policy Headend Architecture
and introduces the notion of an SR Policy Module (SRPM) that performs the
functionality as highlighted in section 2 of
:
The SRPM may learn multiple candidate paths for an SR Policy
via various mechanisms (CLI, NetConf, PCEP or BGP).The SRPM selects the best candidate path for the SR Policy.The SRPM binds a BSID to the selected candidate path of the
SR Policy.The SRPM installs the selected candidate path and its BSID in the
forwarding plane.This document specifies the way to use BGP to distribute one or more
of the candidate paths of an SR Policy to the headend of that policy.
The document identifies the functionality that resides in the BGP
process and for the functionality which is outside the scope of BGP and
lies within SRPM on the headend node, it refers to such, as appropriate.
This document specifies a way of representing SR Policies and their
candidate paths in BGP UPDATE messages. BGP can then be used to
propagate the SR Policies and candidate paths. The usual BGP rules for
BGP propagation and "bestpath selection" are used. At the headend of a
specific policy, this will result in one or more candidate paths being
installed into the "BGP table". These paths are then passed to the SRPM.
The SRPM may compare them to
candidate paths learned
via other mechanisms, and will choose one or more paths to be installed
in the data plane. BGP itself does not install SR Policy candidate paths
into the data plane.This document defines a new BGP address family (SAFI). In UPDATE
messages of that address family, the NLRI identifies an SR Policy, and
the attributes encode the segment lists and other details of that
SR Policy.While for simplicity we may write that BGP advertises an SR Policy,
it has to be understood that BGP advertises a candidate path of an SR
policy and that this SR Policy might have several other candidate paths
provided via BGP (via an NLRI with a different distinguisher as defined
in this document), PCEP, NETCONF or local policy configuration.Typically, a controller defines the set of policies and advertise
them to policy head-end routers (typically ingress routers). The policy
advertisement uses BGP extensions defined in this document. The policy
advertisement is, in most but not all of the cases, tailored for a
specific policy head-end. In this case the advertisement may sent on a
BGP session to that head-end and not propagated any further.Alternatively, a router (i.e., a BGP egress router) advertises SR
Policies representing paths to itself. In this case, it is possible to
send the policy to each head-end over a BGP session to that head-end,
without requiring any further propagation of the policy.An SR Policy intended only for the receiver will, in most cases, not
traverse any Route Reflector (RR, ).In some situations, it is undesirable for a controller or BGP egress
router to have a BGP session to each policy head-end. In these
situations, BGP Route Reflectors may be used to propagate the
advertisements, or it may be necessary for the advertisement to
propagate through a sequence of one or more ASes. To make this possible,
an attribute needs to be attached to the advertisement that enables a
BGP speaker to determine whether it is intended to be a head-end for the
advertised policy. This is done by attaching one or more Route Target
Extended Communities to the advertisement ().The BGP extensions for the advertisement of SR Policies include
following components: A new Subsequent Address Family Identifier (SAFI) whose NLRI
identifies an SR Policy.A new Tunnel Type identifier for SR Policy, and a set of
sub-TLVs to be inserted into the Tunnel Encapsulation
Attribute (as defined in ) specifying segment lists of
the SR Policy, as well as other information about the SR Policy.One or more IPv4 address format route-target extended community
() attached to the SR Policy advertisement
and that indicates the intended head-end of such SR Policy
advertisement.The Color Extended Community (as defined in ) and used in order to steer
traffic into an SR Policy, as described in section 8.4 in . This document
() modifies the format of the Color
Extended Community by using the two leftmost bits of the RESERVED
field.The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119.A new SAFI is defined: the SR Policy SAFI, (codepoint 73 assigned
by IANA (see ) from the "Subsequent Address
Family Identifiers (SAFI) Parameters" registry).The SR Policy SAFI uses a new NLRI defined as follows: NLRI Length: 1 octet of length expressed in bits as defined in
.Distinguisher: 4-octet value uniquely identifying the policy in
the context of <color, endpoint> tuple. The distinguisher
has no semantic value and is solely used by the SR Policy
originator to make unique (from an NLRI perspective) multiple
occurrences of the same SR Policy.Policy Color: 4-octet value identifying (with the endpoint) the
policy. The color is used to match the color of the destination
prefixes to steer traffic into the SR Policy .Endpoint: identifies the endpoint of a policy. The Endpoint may
represent a single node or a set of nodes (e.g., an anycast
address). The Endpoint is an IPv4 (4-octet) address or an IPv6
(16-octet) address according to the AFI of the NLRI.The color and endpoint are used to automate the steering of BGP
Payload prefixes on SR Policy as described in .The NLRI containing the SR Policy is carried in a BGP UPDATE
message using BGP multiprotocol extensions
with an AFI of 1 or 2 (IPv4 or IPv6) and with
a SAFI of 73 (assigned by IANA from the "Subsequent Address Family
Identifiers (SAFI) Parameters" registry).An update message that carries the MP_REACH_NLRI or MP_UNREACH_NLRI
attribute with the SR Policy SAFI MUST also carry the BGP mandatory
attributes. In addition, the BGP update message MAY also contain any
of the BGP optional attributes.The next-hop network address field in SR Policy SAFI (73) updates may
be either a 4 octet IPv4 address or a 16 octet IPv6 address, independent of the
SR Policy AFI. The length field of the next-hop address specifies the next-hop
address family. If the next-hop length is 4, then the next-hop is an IPv4 address;
if the next-hop length is 16, then it is a global IPv6 address; and if the next-hop
length is 32, then it has a global IPv6 address followed by a link-local
IPv6 address. The setting of the next-hop field and its attendant processing is
governed by standard BGP procedures as described in section 3 in
. It is important to note that any BGP speaker receiving a BGP
message with an SR Policy NLRI, will process it only if the NLRI is
among the best paths as per the BGP best path selection algorithm. In
other words, this document does not modify the BGP propagation or
bestpath selection rules.It has to be noted that if several candidate paths of the same SR
Policy (endpoint, color) are signaled via BGP to a head-end, it is
recommended that each NLRI use a different distinguisher. If BGP has
installed into the BGP table two advertisements whose respective NLRIs
have the same color and endpoint, but different distinguishers, both
advertisements are passed to the SRPM as different
candidate paths. In addition, the originator information
corresponding to the each candidate path, as described in section 2.4
in , is passed
to the SRPM. The content of the SR Policy is encoded in the Tunnel Encapsulation
Attribute originally defined in using a new Tunnel-Type TLV
(codepoint is 15, assigned by IANA (see ) from
the "BGP Tunnel Encapsulation Attribute Tunnel Types" registry).The SR Policy Encoding structure is as follows: SR Policy SAFI NLRI is defined in .Tunnel Encapsulation Attribute is defined in .Tunnel-Type is set to 15 (assigned by IANA from the "BGP Tunnel
Encapsulation Attribute Tunnel Types" registry).Preference, Binding SID, Priority, Policy Name, ENLP, Segment-List,
Weight and Segment sub-TLVs are defined in this document.Additional sub-TLVs may be defined in the future.A Tunnel Encapsulation Attribute MUST NOT contain more than one TLV
of type "SR Policy". If more than one TLV of type "SR Policy" appears, the update
is considered malformed and the "treat-as-withdraw" strategy of
is applied.Multiple occurrences of "Segment List" MAY be encoded within the
same SR Policy.Multiple occurrences of "Segment" MAY be encoded within the same
Segment List.The Remote Endpoint and Color sub-TLVs, as defined in , MAY also be present in the SR
Policy encodings. The Remote Endpoint and Color Sub-TLVs are not used for SR Policy encodings
and therefore their value is irrelevant in the context of the SR Policy SAFI
NLRI. If present, the Remote Endpoint sub-TLV and the Color sub-TLV MUST be
ignored by the BGP speaker. This section defines the SR Policy sub-TLVs.Preference, Binding SID, Segment-List, Priority, Policy Name and
Explicit NULL Label Policy sub-TLVs are assigned from the "BGP
Tunnel Encapsulation Attribute Sub-TLVs" registry.Weight and Segment sub-TLVs are assigned from a new registry
defined in this document and called: "SR Policy List Sub-TLVs". See
for the details of the registry.The Preference sub-TLV does not have any effect on the BGP bestpath
selection or propagation procedures. The contents of this sub-TLV
are used by the SRPM as described in section 2.7
in .The Preference sub-TLV is optional and it MUST NOT appear more than
once in the SR Policy. If the Preference sub-TLV appears more than once,
the update is considered malformed and the "treat-as-withdraw" strategy
of is applied. The Preference sub-TLV has following format:Type: 12Length: 6.Flags: 1 octet of flags. None are defined at this stage.
Flags SHOULD be set to zero on transmission and MUST be ignored
on receipt.RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.Preference: a 4-octet value. The Binding SID sub-TLV is not used by BGP. The contents of this
sub-TLV are used by the SRPM as described in
section 6 in .The Binding SID sub-TLV is optional and it MUST NOT appear more than
once in the SR Policy. If the Binding SID sub-TLV appears more than once,
the update is considered malformed and the "treat-as-withdraw"
strategy of is applied. The Binding SID sub-TLV has the following format:Type: 13Length: specifies the length of the value field not including
Type and Length fields. Can be 2 or 6 or 18.Flags: 1 octet of flags. Following flags are defined
(to be assigned by IANA from the registry "SR Policy Binding
SID Flags" defined in this document
):
where: S-Flag: This flag encodes the "Specified-BSID-only" behavior.
It is used by SRPM as described in
section 6.2.3 in .
I-Flag: This flag encodes the "Drop Upon Invalid" behavior.
It is used by SRPM as described in
section 8.2 in .
Unused bits in the Flag octet SHOULD be set to zero
upon transmission and MUST be ignored upon receipt.
RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.Binding SID: if length is 2, then no Binding SID is
present.If length is 6 then the Binding SID contains a 4-octet SID.
Below format is used to encode the SID. TC, S, TTL(Total of
12bits) are RESERVED and SHOULD be set to Zero and MUST be
ignored. If length is 18 then the Binding SID contains a
16-octet IPv6 SID.The Segment List sub-TLV encodes a single explicit path towards
the endpoint as described in section 5.1 in .
The Segment List sub-TLV includes the elements of the
paths (i.e., segments) as well as an optional Weight sub-TLV.The Segment List sub-TLV may exceed 255 bytes length due to large
number of segments. Therefore a 2-octet length is required.
According to , the first
bit of the sub-TLV codepoint defines the size of the length field.
Therefore, for the Segment List sub-TLV a code point of 128 (or
higher) is used. See for details of codepoints
allocation.The Segment List sub-TLV is optional and MAY appear multiple
times in the SR Policy. The ordering of Segment List sub-TLVs,
each sub-TLV encoding a Segment List, does not matter.
The Segment List sub-TLV contains zero or more Segment
sub-TLVs and MAY contain a Weight sub-TLV.The Segment List sub-TLV has the following format:Type: 128.Length: the total length (not including the Type and Length
fields) of the sub-TLVs encoded within the Segment List
sub-TLV.RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.sub-TLVs: An optional single Weight sub-TLV.Zero or more Segment sub-TLVs. Validation of an explicit path encoded by the Segment List
sub-TLV is completely within the scope
of SRPM as described in section 5 in . The Weight sub-TLV specifies the weight associated to a given
segment list. The contents of this
sub-TLV are used only by the SRPM as described
in section 2.11 in .The Weight sub-TLV is optional and it MUST NOT appear more than once
inside the Segment List sub-TLV. If the Weight sub-TLV appears more than once,
the update is considered malformed and the "treat-as-withdraw" strategy of
is applied. The Weight sub-TLV has the following format:Type: 9 (to be assigned by IANA from the registry "SR Policy List
Sub-TLVs" defined in this document).Length: 6.Flags: 1 octet of flags. None are defined at this stage. Flags
SHOULD be set to zero on transmission and MUST be ignored on
receipt.RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.The Segment sub-TLV describes a single segment in a segment
list (i.e., a single element of the explicit path). Multiple
Segment sub-TLVs constitute an explicit path of the SR Policy.The Segment sub-TLV is optional and MAY appear multiple times
in the Segment List sub-TLV.The Segment sub-TLV does not have any effect on the BGP bestpath
selection or propagation procedures. The contents of this
sub-TLV are used only by the SRPM as
described in section 4 in .
defines several types of Segments:The Type-1 Segment Sub-TLV encodes a single SID in the form
of an MPLS label. The format is as follows:Type: 1 (to be assigned by IANA from the registry "SR
Policy List Sub-TLVs" defined in this document).Length is 6.Flags: 1 octet of flags as defined in . RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.Label: 20 bits of label value.TC: 3 bits of traffic class.S: 1 bit of bottom-of-stack.TTL: 1 octet of TTL.The following applies to the Type-1 Segment sub-TLV:The S bit SHOULD be zero upon transmission, and MUST be
ignored upon reception.If the originator wants the receiver to choose the TC
value, it sets the TC field to zero.If the originator wants the receiver to choose the TTL
value, it sets the TTL field to 255.If the originator wants to recommend a value for these
fields, it puts those values in the TC and/or TTL
fields.The receiver MAY override the originator's values for
these fields. This would be determined by local policy at
the receiver. One possible policy would be to override the
fields only if the fields have the default values specified
above.The Type-2 Segment Sub-TLV encodes a single SRv6 SID in the form
of an IPv6 address. The format is as follows: Type: 2 (to be assigned by IANA from the registry "SR
Policy List Sub-TLVs" defined in this document).Length is 18.Flags: 1 octet of flags as defined in .RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.SRv6 SID: 16 octets of IPv6 address.The IPv6 Segment Identifier (SRv6 SID) is defined in .The Type-3 Segment Sub-TLV encodes an IPv4 node address, SR Algorithm and
an optional SID in the form of an MPLS label.
The format is as follows:Type: 3 (to be assigned by IANA from the registry "SR
Policy List Sub-TLVs" defined in this document).Length is 6 or 10.Flags: 1 octet of flags as defined in .SR Algorithm: 1 octet specifying SR Algorithm as
described in section 3.1.1 in
, when
A-Flag as defined in is
present. SR Algorithm is used by SRPM
as described in section 4 in .
When A-Flag is not encoded, this field SHOULD be unset
on transmission and MUST be ignored on receipt. IPv4 Node Address: a 4 octet IPv4 address representing a
node.SID: 4 octet MPLS label.The following applies to the Type-3 Segment sub-TLV:The IPv4 Node Address MUST be present.The SID is optional and specifies a 4 octet MPLS SID
containing label, TC, S and
TTL as defined in .If length is 6, then only the IPv4 Node Address is
present.If length is 10, then the IPv4 Node Address and the MPLS
SID are present.The Type-4 Segment Sub-TLV encodes an IPv6 node address, SR Algorithm and
an optional SID in the form of an MPLS label.
The format is as follows:Type: 4 (to be assigned by IANA from the registry "SR
Policy List Sub-TLVs" defined in this document).Length is 18 or 22.Flags: 1 octet of flags as defined in .SR Algorithm: 1 octet specifying SR Algorithm as
described in section 3.1.1 in
, when
A-Flag as defined in is
present. SR Algorithm is used by SRPM as
described in section 4 in .
When A-Flag is not encoded, this field SHOULD be unset
on transmission and MUST be ignored on receipt. IPv6 Node Address: a 16 octet IPv6 address representing a
node.SID: 4 octet MPLS label.The following applies to the Type-4 Segment sub-TLV:The IPv6 Node Address MUST be present.The SID is optional and specifies a 4 octet MPLS SID
containing label, TC, S and
TTL as defined in .If length is 18, then only the IPv6 Node Address is
present.If length is 22, then the IPv6 Node Address and the MPLS
SID are present.The Type-5 Segment Sub-TLV encodes an IPv4 node address, a
local interface Identifier (Local Interface ID) and an optional
SID in the form of an MPLS label. The
format is as follows:Type: 5 (to be assigned by IANA from the registry "SR
Policy List Sub-TLVs" defined in this document).Length is 10 or 14.Flags: 1 octet of flags as defined in .RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.Local Interface ID: 4 octets of interface index as
defined in .IPv4 Node Address: a 4 octet IPv4 address representing a
node.SID: 4 octet MPLS label.The following applies to the Type-5 Segment sub-TLV:The IPv4 Node Address MUST be present.The Local Interface ID MUST be present.The SID is optional and specifies a 4 octet MPLS SID containing
label, TC, S and
TTL as defined in .If length is 10, then the IPv4 Node Address and Local
Interface ID are present.If length is 14, then the IPv4 Node Address, the Local
Interface ID and the MPLS SID are present.The Type-6 Segment Sub-TLV encodes an adjacency local
address, an adjacency remote address and an optional SID in the
form of an MPLS label. The format is
as follows:Type: 6 (to be assigned by IANA from the registry "SR
Policy List Sub-TLVs" defined in this document).Length is 10 or 14.Flags: 1 octet of flags as defined in .RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.Local IPv4 Address: a 4 octet IPv4 address.Remote IPv4 Address: a 4 octet IPv4 address.SID: 4 octet MPLS label.The following applies to the Type-6 Segment sub-TLV:The Local IPv4 Address MUST be present and represents an
adjacency local address.The Remote IPv4 Address MUST be present and represents
the remote end of the adjacency.The SID is optional and specifies a 4 octet MPLS SID
containing label, TC, S and
TTL as defined in .If length is 10, then only the IPv4 Local and Remote
addresses are present.If length is 14, then the IPv4 Local address, IPv4 Remote
address and the MPLS SID are present.The Type-7 Segment Sub-TLV encodes an IPv6 Link Local adjacency with
IPv6 local node address, a local interface identifier (Local Interface ID),
IPv6 remote node address
, a remote interface identifier (Remote Interface ID) and an optional
SID in the form of an MPLS label. The
format is as follows:Type: 7 (to be assigned by IANA from the registry "SR
Policy List Sub-TLVs" defined in this document).Length is 22, 26, 42 or 46.Flags: 1 octet of flags as defined in .RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.Local Interface ID: 4 octets of interface index as defined
in .
IPv6 Local Node Address: a 16 octet IPv6 address.Remote Interface ID: 4 octets of interface index as defined
in .IPv6 Remote Node Address: a 16 octet IPv6 address.SID: 4 octet MPLS label.The following applies to the Type-7 Segment sub-TLV:The Local Interface ID and IPv6 Local Node Address MUST be present.The Remote Interface ID and Remote Node Address pair is optional.
If Remote Interface ID is present, the Remote Node Address MUST be present
as well. Similarly, if Remote Node Address is present, the Remote Interface
ID MUST be present as well. The SID is optional and specifies a 4 octet MPLS SID
containing label, TC, S and
TTL as defined in .If length is 22, then the Local Interface ID and the Local IPv6
Address are present.If length is 26, then the Local Interface ID, Local IPv6
Address and the MPLS SID are present.If length is 42, then the Local Interface ID, Local IPv6
Node Address, Remote Interface ID, and the Remote IPv6 Node
Address are present.If length is 46, then the Local Interface ID, Local IPv6
Node Address, Remote Interface ID, Remote IPv6 Node
Address and the MPLS SID are present.The Type-8 Segment Sub-TLV encodes an adjacency local
address, an adjacency remote address and an optional SID in the
form of an MPLS label. The format is
as follows:Type: 8 (to be assigned by IANA from the registry "SR
Policy List Sub-TLVs" defined in this document).Length is 34 or 38.Flags: 1 octet of flags as defined in .RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.Local IPv6 Address: a 16 octet IPv6 address.Remote IPv6 Address: a 16 octet IPv6 address.SID: 4 octet MPLS label.The following applies to the Type-8 Segment sub-TLV:The Local IPv6 Address MUST be present and represents an
adjacency local address.The Remote IPv6 Address MUST be present and represents
the remote end of the adjacency.The SID is optional and specifies a 4 octet MPLS SID
containing label, TC, S and
TTL as defined in .If length is 34, then only the IPv6 Local and Remote
addresses are present.If length is 38, then IPv6 Local and Remote
addresses and the MPLS SID are present.The Type-9 Segment Sub-TLV encodes an IPv6 node address,
SR Algorithm and an optional SID in the form of an IPv6
address. The format is as follows:Type: 10 (to be assigned by IANA from the registry "SR
Policy List Sub-TLVs" defined in this document).Length is 18 or 34.Flags: 1 octet of flags as defined in .SR Algorithm: 1 octet specifying SR Algorithm as
described in section 3.1.1 in
, when
A-Flag as defined in is
present. SR Algorithm is used by SRPM as
described in section 4 in .
When A-Flag is not encoded, this field SHOULD be unset
on transmission and MUST be ignored on receipt. IPv6 Node Address: a 16 octet IPv6 address.SID: 16 octet IPv6 address.The following applies to the Type-9 Segment sub-TLV:The IPv6 Node Address MUST be present.The SID is optional and specifies an SRv6 SID in the form
of 16 octet IPv6 address.If length is 18, then only the IPv6 Node Address is
present.If length is 34, then the IPv6 Node Address and the SRv6
SID are present.The Type-10 Segment Sub-TLV encodes an IPv6 Link Local adjacency with
local node address, a local interface identifier (Local Interface ID),
remote IPv6 node address , a remote interface identifier (Remote Interface ID)
and an optional SID in the form of an IPv6 address. The format is as
follows:Type: 11 (to be assigned by IANA from the registry "SR
Policy List Sub-TLVs" defined in this document).Length is 22, 38, 42 or 58.Flags: 1 octet of flags as defined in .RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.Local Interface ID: 4 octets of interface index as defined
in .IPv6 Local Node Address: a 16 octet IPv6 address.Remote Interface ID: 4 octets of interface index as defined
in .IPv6 Remote Node Address: a 16 octet IPv6 address.SID: 16 octet IPv6 address.The following applies to the Type-10 Segment sub-TLV:The Local Interface ID and the Local IPv6 Node Addresses
MUST be present.The Remote Interface ID and Remote Node Address pair is optional.
If Remote Interface ID is present, the Remote Node Address
MUST be present as well. Similarly, if Remote Node Address
is present, the Remote Interface
ID MUST be present as well. The SID is optional and specifies an SRv6 SID in the
form of 16 octet IPv6 address.If length is 22, then the Local Interface ID, Local IPv6
Node Address, are present. If length is 38, then the Local Interface ID, Local IPv6
Node Address and the SRv6 SID are present. If length is 42, then the Local Interface ID, Local IPv6
Node Address, Remote Interface ID, and the Remote IPv6 Node
Address are present.If length is 58, then the Local Interface ID, Local IPv6 Node Address,
Remote Interface ID, Remote IPv6 Node Address and the SRv6 SID are
present.The Type-11 Segment Sub-TLV encodes an adjacency local
address, an adjacency remote address and an optional SID in the form of
IPv6 address. The format is
as follows:Type: 12 (to be assigned by IANA from the registry "SR
Policy List Sub-TLVs" defined in this document).Length is 34 or 50.Flags: 1 octet of flags as defined in .RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.Local IPv6 Address: a 16 octet IPv6 address.Remote IPv6 Address: a 16 octet IPv6 address.SID: 16 octet IPv6 address.The following applies to the Type-11 Segment sub-TLV:The Local IPv6 Node Address MUST be present.The Remote IPv6 Node Address MUST be present.The SID is optional and specifies an SRv6 SID in
the form of 16 octet IPv6 address.If length is 34, then the Local IPv6 Node Address
and the Remote IPv6 Node Address are present.If length is 50, then the Local IPv6 Node Address,
the Remote IPv6 Node Address and the SRv6 SID
are present.The Segment Types described above MAY contain following flags
in the "Flags" field (codes to be assigned by IANA from the
registry "SR Policy Segment Flags" defined in this document
):
where: V-Flag: This flag is used by SRPM for the purpose of
"SID verification" as described in Section 5.1 in
.
A-Flag: This flag indicates the presence of SR Algorithm id
in the "SR Algorithm" field applicable to various
Segment Types. SR Algorithm is used by SRPM as
described in section 4 in .
Unused bits in the Flag octet SHOULD be set to zero
upon transmission and MUST be ignored upon receipt.
The following applies to the Segment Flags:V-Flag is applicable to all Segment Types. A-Flag is applicable to Segment Types 3, 4 and 9.
If A-Flag appears with any other Segment Type,
it MUST be ignored. In order to steer an unlabeled IP packet into an SR policy, it is
necessary to create a label stack for that packet, and to push one
or more labels onto that stack.The Explicit NULL Label Policy sub-TLV is used to indicate
whether an Explicit NULL Label must be
pushed on an unlabeled IP packet before any other labels.If an Explicit NULL Label Policy Sub-TLV is not present, the
decision of whether to push an Explicit NULL label on a given packet
is a matter of local policy.The contents of this sub-TLV are used by the SRPM as
described in section 4.1 in . Where:Type: TBD1 (to be assigned by IANA from the registry
"BGP Tunnel Encapsulation Attribute sub-TLVs" defined in
this document ).Length: 3.Flags: 1 octet of flags. None are defined at this stage.
Flags SHOULD be set to zero on transmission and MUST be ignored
on receipt.RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.ENLP(Explicit NULL Label Policy): Indicates whether Explicit
NULL labels are to be pushed on unlabeled IP packets that are
being steered into a given SR policy. This field has one of the
following 4 values:1: Push an IPv4 Explicit NULL label on an unlabeled IPv4
packet, but do not push an IPv6 Explicit NULL label on an
unlabeled IPv6 packet.2: Push an IPv6 Explicit NULL label on an unlabeled IPv6
packet, but do not push an IPv4 Explicit NULL label on an
unlabeled IPv4 packet.3: Push an IPv4 Explicit NULL label on an unlabeled IPv4
packet, and push an IPv6 Explicit NULL label on an unlabeled
IPv6 packet.4: Do not push an Explicit NULL label.The policy signaled in this Sub-TLV MAY be overridden by
local policy.An operator MAY set the Policy Priority sub-TLV to indicate the
order in which the SR policies are re-computed upon topological
change. The Priority sub-TLV does not have any effect on the BGP bestpath
selection or propagation procedures. The contents of this
sub-TLV are used by the SRPM as described in
section 2.11 in
.The Priority sub-TLV is optional and it MUST NOT appear more than once
in the SR Policy TLV. If the Priority sub-TLV appears more than
once, the update is considered malformed and the "treat-as-withdraw"
strategy of is applied.The Priority sub-TLV has following format: Where:Type: TBD2 (to be assigned by IANA from the registry
"BGP Tunnel Encapsulation Attribute sub-TLVs"
defined in this document ).Length: 2. Priority: a 1-octet value. RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.An operator MAY set the Policy Name sub-TLV to attach a symbolic
name to the SR Policy candidate path.Usage of Policy Name sub-TLV is described in section 2 in
.The Policy Name sub-TLV may exceed 255 bytes length due to long
policy name. Therefore a 2-octet length is required.
According to , the first
bit of the sub-TLV codepoint defines the size of the length field.
Therefore, for the Policy Name sub-TLV a code point of 128 (or
higher) is used. See for details of codepoints
allocation.The Policy Name sub-TLV is optional and it MUST NOT appear more than once
in the SR Policy TLV. If the Policy Name sub-TLV appears more than
once, the update is considered malformed and the "treat-as-withdraw"
strategy of is applied.The Policy Name sub-TLV has following format: Where:Type: TBD3 (to be assigned by IANA from the registry
"BGP Tunnel Encapsulation Attribute sub-TLVs"
defined in this document ).
Length: Variable. RESERVED: 1 octet of reserved bits. SHOULD be unset on
transmission and MUST be ignored on receipt.Policy Name: Symbolic name for the policy. It SHOULD be
a string of printable ASCII characters, without a NULL
terminator. The Color Extended Community as defined in is used to steer traffic into a
policy.When the Color Extended Community is used for the purpose of steering
the traffic into an SR Policy, the RESERVED field (as defined in is changed as follows:where CO bits are defined as the “Color-Only” bits. defines the
influence of these bits on the automated steering of BGP Payload traffic
onto SR Policies.As described in this document, the consumer of an SR Policy NLRI is
not the BGP process. The BGP process is in charge of the origination and
propagation of the SR Policy NLRI but its installation and use is
outside the scope of BGP. The details of SR Policy installation
and use can be referred from .Typically, but not limited to, an SR Policy is configured into a
controller.Multiple SR Policy NLRIs may be present with the same <color,
endpoint> tuple but with different content when these SR policies
are intended to different head-ends.The distinguisher of each SR Policy NLRI prevents undesired BGP
route selection among these SR Policy NLRIs and allow their
propagation across route reflectors .Moreover, one or more route-target SHOULD be attached to the
advertisement, where each route-target identifies one or more intended
head-ends for the advertised SR policy.If no route-target is attached to the SR Policy NLRI, then it is
assumed that the originator sends the SR Policy update directly (e.g.,
through a BGP session) to the intended receiver. In such case, the
NO_ADVERTISE community MUST be attached to the SR Policy update.On reception of an SR Policy NLRI, a BGP speaker MUST determine if
it's first acceptable, then it determines if it is usable.When a BGP speaker receives an SR Policy NLRI from a neighbor it
has to determine if it's acceptable. The following applies: The SR Policy NLRI MUST include a distinguisher, color and
endpoint field which implies that the length of the NLRI MUST be
either 12 or 24 octets (depending on the address family of the
endpoint).The SR Policy update MUST have either the NO_ADVERTISE
community or at least one route-target extended community in
IPv4-address format. If a router supporting this document
receives an SR policy update with no route-target extended
communities and no NO_ADVERTISE community, the update MUST NOT
be sent to the SRPM. Furthermore, it SHOULD be
considered to be malformed, and the "treat-as-withdraw" strategy
of is applied.The Tunnel Encapsulation Attribute MUST be attached to the
BGP Update and MUST have a Tunnel Type TLV set to SR Policy (
codepoint is 15, assigned by IANA (see )
from the "BGP Tunnel Encapsulation Attribute Tunnel Types"
registry).A router that receives an SR Policy update that is not valid
according to these criteria MUST treat the update as malformed. The
route MUST NOT be passed to the SRPM, and the
"treat-as-withdraw" strategy of is applied.A unacceptable SR Policy update that has a valid NLRI portion
with invalid attribute portion MUST be considered as a withdraw of
the SR Policy.If one or more route-targets are present, then at least one
route-target MUST match one of the BGP Identifiers of the receiver
in order for the update to be considered usable. The BGP Identifier
is defined in as a 4 octet IPv4 address.
Therefore the route-target extended community MUST be of the same
format.If one or more route-targets are present and no one matches any
of the local BGP Identifiers, then, while the SR Policy NLRI is
acceptable, it is not usable on the receiver node. It has to be noted
that if the
receiver has been explicitly configured to do so, it MAY propagate
the SR Policy NLRI to its neighbors as defined in .The SR Policy candidate paths encoded by the usable SR Policy NLRIs
are sent to the SRPM.Once BGP has determined that the SR Policy NLRI is usable, BGP
passes the SR Policy candidate path to the SRPM. Note that,
along with the candidate path details, BGP also passes the
originator information for breaking ties in the path-selection process
as described in section 2.4 in . The SRPM applies the rules defined in
section 2 in to determine
whether the SR Policy candidate path is valid and to select the best
candidate path among the valid SR Policy
candidate paths. By default, a BGP node receiving an SR Policy NLRI MUST NOT
propagate it to any EBGP neighbor.However, a node MAY be explicitly configured to advertise a
received SR Policy NLRI to neighbors according to normal BGP rules
(i.e., EBGP propagation by an ASBR or iBGP propagation by a
Route-Reflector).SR Policy NLRIs that have been determined acceptable and valid
can be propagated, even the ones that are not usable.Only SR Policy NLRIs that do not have the NO_ADVERTISE community
attached to them can be propagated.The SR Policy can be carried in context of a Flowspec NLRI (). In this case, when the redirect to IP next-hop is
specified as in ,
the tunnel to the next-hop is specified by the segment list in the
Segment List sub-TLVs. The Segment List (e.g., label stack or IPv6
segment list) is imposed to flows matching the criteria in the
Flowspec route to steer them towards the next-hop as specified in the
SR Policy SAFI NLRI.The authors of this document would like to thank Shyam Sethuram,
John Scudder, Przemyslaw Krol, Alex Bogdanov, Nandan Saha and
Ketan Talaulikar for their
comments and review of this document.Note to RFC Editor: Please remove this section prior to publication,
as well as the reference to RFC 7942.This section records the status of known implementations of the
protocol defined by this specification at the time of posting of this
Internet-Draft, and is based on a proposal described in . The description of implementations in this section
is intended to assist the IETF in its decision processes in progressing
drafts to RFCs. Please note that the listing of any individual
implementation here does not imply endorsement by the IETF. Furthermore,
no effort has been spent to verify the information presented here that
was supplied by IETF contributors. This is not intended as, and must not
be construed to be, a catalog of available implementations or their
features. Readers are advised to note that other implementations may
exist.According to , "this will allow reviewers and
working groups to assign due consideration to documents that have the
benefit of running code, which may serve as evidence of valuable
experimentation and feedback that have made the implemented protocols
more mature. It is up to the individual working groups to use this
information as they see fit".Several early implementations exist and will be reported in detail in
a forthcoming version of this document. For purposes of early
interoperability testing, when no FCFS code point was available,
implementations have made use of the following values: Preference sub-TLV: 12Binding SID sub-TLV: 13Segment List sub-TLV: 128When IANA-assigned values are available, implementations will be
updated to use them.This document defines new Sub-TLVs in following existing
registries:Subsequent Address Family Identifiers (SAFI) ParametersBGP Tunnel Encapsulation Attribute Tunnel TypesBGP Tunnel Encapsulation Attribute sub-TLVsThis document also defines following new registries:
SR Policy List Sub-TLVsSR Policy Binding SID FlagsSR Policy Segment FlagsThis document defines a new SAFI in the registry "Subsequent
Address Family Identifiers (SAFI) Parameters" that has been assigned
by IANA:This document defines a new Tunnel-Type in the registry "BGP Tunnel
Encapsulation Attribute Tunnel Types" that has been assigned by
IANA:This document defines new sub-TLVs in the registry "BGP Tunnel
Encapsulation Attribute sub-TLVs" to be assigned by IANA:This document defines a new registry called "SR Policy List
Sub-TLVs". The allocation policy of this registry is "First Come First
Served (FCFS)" according to .Following Sub-TLV codepoints are defined:This document defines a new registry called "SR Policy Binding SID
Flags". The allocation policy of this registry is "First Come First
Served (FCFS)" according to .Following Flags are defined:This document defines a new registry called "SR Policy Segment
Flags". The allocation policy of this registry is "First Come First
Served (FCFS)" according to .Following Flags are defined:TBD.