This mostly looks good, I think.

My only concern is about if/how this could be exploited to DDoS third parties. It looks like there are a few ways that the responses can be larger than the requests, either by responders adding additional TLVs, or by multiple responders responding to the same request. I'm not sure how much of a risk source address spoofing is in the request's outer header, but it looks like the Reply-To TLV can be used to send responses to another address anyway, regardless of the source address. So if this were on the open internet, I'd expect attackers to abuse it to send lots of data to their targets. But from the mentions of MPLS, I'm guessing that this is not meant to be used on the open internet? So it might not be an issue in the environments this is intended to be deployed in, or there might be some other mitigation.