< draft-clad-spring-srv6-srh-compression-illus-00.txt   draft-clad-spring-srv6-srh-compression-illus-01.txt >
SPRING F. Clad, Ed. SPRING F. Clad, Ed.
Internet-Draft D. Dukes, Ed. Internet-Draft D. Dukes, Ed.
Intended status: Informational Cisco Systems, Inc. Intended status: Informational Cisco Systems, Inc.
Expires: 18 April 2022 15 October 2021 Expires: 21 October 2022 19 April 2022
Illustrations for Compressed SRv6 Segment List Encoding in SRH Illustrations for Compressed SRv6 Segment List Encoding in SRH
draft-clad-spring-srv6-srh-compression-illus-00 draft-clad-spring-srv6-srh-compression-illus-01
Abstract Abstract
This document provides illustrations for compressed SRv6 Segment List This document provides illustrations for compressed SRv6 Segment List
Encoding in the Segment Routing Header (SRH). Encoding in the Segment Routing Header (SRH).
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
skipping to change at page 1, line 31 skipping to change at page 1, line 31
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 18 April 2022. This Internet-Draft will expire on 21 October 2022.
Copyright Notice Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the Copyright (c) 2022 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components and restrictions with respect to this document. Code Components
extracted from this document must include Simplified BSD License text extracted from this document must include Revised BSD License text as
as described in Section 4.e of the Trust Legal Provisions and are described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Simplified BSD License. provided without warranty as described in the Revised BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 2
2.1. From RFC 8402 . . . . . . . . . . . . . . . . . . . . . . 2 2.1. From RFC 8402 . . . . . . . . . . . . . . . . . . . . . . 2
2.2. From RFC 8754 . . . . . . . . . . . . . . . . . . . . . . 3 2.2. From RFC 8754 . . . . . . . . . . . . . . . . . . . . . . 3
2.3. From RFC 8986 . . . . . . . . . . . . . . . . . . . . . . 3 2.3. From RFC 8986 . . . . . . . . . . . . . . . . . . . . . . 3
3. Intra-SR-Domain Deployment Model . . . . . . . . . . . . . . 3 3. Intra-SR-Domain Deployment Model . . . . . . . . . . . . . . 3
3.1. Securing the SR Domain . . . . . . . . . . . . . . . . . 3 3.1. Securing the SR Domain . . . . . . . . . . . . . . . . . 3
4. General Addressing . . . . . . . . . . . . . . . . . . . . . 4 4. General Addressing . . . . . . . . . . . . . . . . . . . . . 4
5. NEXT-C-SID Flavor . . . . . . . . . . . . . . . . . . . . . . 4 5. NEXT-C-SID Flavor . . . . . . . . . . . . . . . . . . . . . . 4
5.1. Addressing and SRv6 SID allocation . . . . . . . . . . . 5 5.1. Addressing and SRv6 SID allocation . . . . . . . . . . . 5
5.2. Routing . . . . . . . . . . . . . . . . . . . . . . . . . 5 5.2. Routing . . . . . . . . . . . . . . . . . . . . . . . . . 5
5.3. Case 1: Intra-domain Traffic Engineering . . . . . . . . 5 5.3. Case 1: Intra-domain Traffic Engineering . . . . . . . . 5
5.4. Case 2: ICMPv6 error generation at a transit node . . . . 8 5.4. Case 2: ICMPv6 error generation at a transit node . . . . 9
5.5. Case 3: Ping a SID . . . . . . . . . . . . . . . . . . . 9 5.5. Case 3: Ping a SID . . . . . . . . . . . . . . . . . . . 9
6. REPLACE-C-SID Flavor . . . . . . . . . . . . . . . . . . . . 9 6. REPLACE-C-SID Flavor . . . . . . . . . . . . . . . . . . . . 10
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 9 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 10
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 10
8.1. Normative References . . . . . . . . . . . . . . . . . . 9 8.1. Normative References . . . . . . . . . . . . . . . . . . 10
8.2. Informative References . . . . . . . . . . . . . . . . . 10 8.2. Informative References . . . . . . . . . . . . . . . . . 10
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 10 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 11
1. Introduction 1. Introduction
This document provides illustrations for This document provides illustrations for
[I-D.filsfilscheng-spring-srv6-srh-compression] compressed SRv6 [I-D.filsfilscheng-spring-srv6-srh-compression] compressed SRv6
Segment List Encoding in the Segment Routing Header (SRH). Segment List Encoding in the Segment Routing Header (SRH).
2. Terminology 2. Terminology
This document leverages the terminology introduced in [RFC8402], This document leverages the terminology introduced in [RFC8402],
skipping to change at page 3, line 35 skipping to change at page 3, line 35
and A bits of arguments (ARG). L, the locator length, is flexible, and A bits of arguments (ARG). L, the locator length, is flexible,
and an operator is free to use the locator length of their choice. F and an operator is free to use the locator length of their choice. F
and A may be any value as long as L+F+A <= 128. When L+F+A is less and A may be any value as long as L+F+A <= 128. When L+F+A is less
than 128, then the remaining bits of the SID MUST be zero. A locator than 128, then the remaining bits of the SID MUST be zero. A locator
may be represented as B:N where B is the SRv6 SID block (IPv6 prefix may be represented as B:N where B is the SRv6 SID block (IPv6 prefix
allocated for SRv6 SIDs by the operator) and N is the identifier of allocated for SRv6 SIDs by the operator) and N is the identifier of
the parent node instantiating the SID. the parent node instantiating the SID.
3. Intra-SR-Domain Deployment Model 3. Intra-SR-Domain Deployment Model
The content of this section is a partial reproduction of section 5 (The content of this section is a partial reproduction of section 5
for [RFC8754]. The reader can easily understand that the dual for [RFC8754].)
measures provided can prevent SR packets from leaving the SR domain.
The use of the SIDs exclusively within the SR domain and solely for The use of the SIDs exclusively within the SR domain and solely for
packets of the SR domain is an important deployment model. packets of the SR domain is an important deployment model.
This enables the SR domain to act as a single routing system. This enables the SR domain to act as a single routing system.
3.1. Securing the SR Domain 3.1. Securing the SR Domain
(The reader can easily understand that the dual measures provided can
prevent SR packets from leaving the SR domain.)
Nodes outside the SR domain are not trusted: they cannot directly use Nodes outside the SR domain are not trusted: they cannot directly use
the SIDs of the domain. This is enforced by two levels of access the SIDs of the domain. This is enforced by two levels of access
control lists: control lists:
* Any packet entering the SR domain and destined to a SID within the * Any packet entering the SR domain and destined to a SID within the
SR domain is dropped. This may be realized with the following SR domain is dropped. This may be realized with the following
logic. Other methods with equivalent outcome are considered logic. Other methods with equivalent outcome are considered
compliant: compliant:
- Allocate all the SIDs from a block S/s - Allocate all the SIDs from a block S/s
skipping to change at page 6, line 27 skipping to change at page 6, line 27
- Next Header = 41 (IPv6) - Next Header = 41 (IPv6)
For illustration purposes, we use SID allocation that allows for a For illustration purposes, we use SID allocation that allows for a
straightforward human reading of a compressed segment list. Indeed, straightforward human reading of a compressed segment list. Indeed,
< 2001:db8:b:1200:1300:1400:1500:1600, 2001:db8:b:1700:1800:: > < 2001:db8:b:1200:1300:1400:1500:1600, 2001:db8:b:1700:1800:: >
means: within the domain 2001:db8:b::, go first through node N12 then means: within the domain 2001:db8:b::, go first through node N12 then
N13, N14, N15, and N16, then retrieve the next segment list entry N13, N14, N15, and N16, then retrieve the next segment list entry
from the SRH and go through node N17 before decapsulating the packet from the SRH and go through node N17 before decapsulating the packet
at node N18. at node N18.
This is compliant with the RFC 8986 because the SID meets the This is compliant with the [RFC8986] because the SID meets the
Locator:Function:Argument format definition (section 3.1 of RFC Locator:Function:Argument format definition (Section 3.1 of
8986). For example, the packet sent by node N11 has a destination [RFC8986]). For example, the packet sent by node N11 has a
address 2001:db8:b:1200:1300:1400:1500:1600 where 2001:db8:b:1200/64 destination address 2001:db8:b:1200:1300:1400:1500:1600 where
is the Locator and 0x1300140015001600 is the Argument. 2001:db8:b:1200/64 is the Locator and 0x1300140015001600 is the
Argument.
A packet in transit towards a given SID (e.g. A packet in transit towards a given SID (e.g.
2001:db8:b:1200:1300:1400:1500:1600), is forwarded by transit nodes 2001:db8:b:1200:1300:1400:1500:1600), is forwarded by transit nodes
via a longest-match lookup on the destination address of the packet. via a longest-match lookup on the destination address of the packet.
This results in a match of the SID locator (in this case, This results in a match of the SID locator (in this case,
2001:db8:b:1200::/64), the transit node then forwards the packet 2001:db8:b:1200::/64), the transit node then forwards the packet
accordingly. The SID function and argument bits are opaque to accordingly. The SID function and argument bits are opaque to
transit nodes. The function is only identified at the SR segment transit nodes. The function is only identified at the SR segment
endpoint node (represented by the SID locator in the destination endpoint node (represented by the SID locator in the destination
address) which further processes the argument. address) which further processes the argument.
skipping to change at page 7, line 11 skipping to change at page 7, line 11
The remainder of this section details the packet journey. The remainder of this section details the packet journey.
The packet Px transmitted by a node Nn is identified as "@Nn Px". The packet Px transmitted by a node Nn is identified as "@Nn Px".
@N10 P1:(IPv6 2001:db8:a:1000::, 2001:db8:a:1900::) @N10 P1:(IPv6 2001:db8:a:1000::, 2001:db8:a:1900::)
N11 (as programmed by the centralized controller) encapsulates the N11 (as programmed by the centralized controller) encapsulates the
packet P1 and submits the updated packet (P2) to the IPv6 module for packet P1 and submits the updated packet (P2) to the IPv6 module for
transmission. It performs an IP lookup on the destination address, transmission. It performs an IP lookup on the destination address,
matching an entry for the prefix 2001:db8:b:1200::/64 advertised by matching an entry for the prefix 2001:db8:b:1200::/64 advertised by
N21. N11 forwards the packet on its shortest path towards to node N12. N11 forwards the packet on its shortest path towards to node
N12. N12.
@N11 P2:(IPv6 2001:db8:a:1100::, 2001:db8:b:1200:1300:1400:1500:1600) @N11 P2:(IPv6 2001:db8:a:1100::, 2001:db8:b:1200:1300:1400:1500:1600)
(SRH 2001:db8:b:1700:1800::, 2001:db8:b:1200:1300:1400:1500:1600; SL=1) (SRH 2001:db8:b:1700:1800::,
(IPv6 2001:db8:a:1000::, 2001:db8:a:1900::) 2001:db8:b:1200:1300:1400:1500:1600;
SL=1)
(IPv6 2001:db8:a:1000::, 2001:db8:a:1900::)
The transit nodes between N11 and N12 forward P1 as per their route The transit nodes between N11 and N12 forward P1 as per their route
2001:db8:b:1200::/64 to N12. Similarly, the transit nodes between 2001:db8:b:1200::/64 to N12. Similarly, the transit nodes between
each subsequent pair of consecutive SR segment endpoint nodes each subsequent pair of consecutive SR segment endpoint nodes
forwards the packet as per their IPv6 routes for the destination forwards the packet as per their IPv6 routes for the destination
address. Those transit nodes are plain IPv6 routers with the plain address. Those transit nodes are plain IPv6 routers with the plain
IPv6 dataplane, they do not need to have any knowledge of SRv6. IPv6 dataplane, they do not need to have any knowledge of SRv6.
The hop limit of packet P1 is decremented at every transit node and The hop limit of packet P1 is decremented at every transit node and
every SR segment endpoint node. every SR segment endpoint node.
skipping to change at page 7, line 39 skipping to change at page 7, line 41
the first TE waypoint), this performs a longest-prefix-match lookup the first TE waypoint), this performs a longest-prefix-match lookup
on the IPv6 destination address. This lookup returns a FIB entry on the IPv6 destination address. This lookup returns a FIB entry
that represents a locally instantiated SRv6 SID bound to the End that represents a locally instantiated SRv6 SID bound to the End
behavior with the NEXT-C-SID flavor. N12 processes the packet behavior with the NEXT-C-SID flavor. N12 processes the packet
accordingly, resulting in a new destination address. It then submits accordingly, resulting in a new destination address. It then submits
the updated packet to the IPv6 module for transmission. This the updated packet to the IPv6 module for transmission. This
triggers an IP lookup on the destination address, matching an entry triggers an IP lookup on the destination address, matching an entry
for the prefix 2001:db8:b:1300::/64 advertised by N13. The packet is for the prefix 2001:db8:b:1300::/64 advertised by N13. The packet is
forwarded on the shortest path towards N13. forwarded on the shortest path towards N13.
@N12 P2:(IPv6 2001:db8:a:1100::, 2001:db8:b:1300:1400:1500:1600:0000) @N12 P2:(IPv6 2001:db8:a:1100::, 2001:db8:b:1300:1400:1500:1600:0000)
(SRH 2001:db8:b:1700:1800::, 2001:db8:b:1200:1300:1400:1500:1600; SL=1) (SRH 2001:db8:b:1700:1800::,
(IPv6 2001:db8:a:1000::, 2001:db8:a:1900::) 2001:db8:b:1200:1300:1400:1500:1600;
SL=1)
(IPv6 2001:db8:a:1000::, 2001:db8:a:1900::)
The subsequent SR segment endpoint nodes N13 to N17 process the The subsequent SR segment endpoint nodes N13 to N17 process the
packet similarly. packet similarly.
@N13 P2:(IPv6 2001:db8:a:1100::, 2001:db8:b:1400:1500:1600:0000:0000) @N13 P2:(IPv6 2001:db8:a:1100::, 2001:db8:b:1400:1500:1600:0000:0000)
(SRH 2001:db8:b:1700:1800::, 2001:db8:b:1200:1300:1400:1500:1600; SL=1) (SRH 2001:db8:b:1700:1800::,
(IPv6 2001:db8:a:1000::, 2001:db8:a:1900::) 2001:db8:b:1200:1300:1400:1500:1600;
SL=1)
(IPv6 2001:db8:a:1000::, 2001:db8:a:1900::)
@N14 P2:(IPv6 2001:db8:a:1100::, 2001:db8:b:1500:1600:0000:0000:0000) @N14 P2:(IPv6 2001:db8:a:1100::, 2001:db8:b:1500:1600:0000:0000:0000)
(SRH 2001:db8:b:1700:1800::, 2001:db8:b:1200:1300:1400:1500:1600; SL=1) (SRH 2001:db8:b:1700:1800::,
(IPv6 2001:db8:a:1000::, 2001:db8:a:1900::) 2001:db8:b:1200:1300:1400:1500:1600;
SL=1)
(IPv6 2001:db8:a:1000::, 2001:db8:a:1900::)
@N15 P2:(IPv6 2001:db8:a:1100::, 2001:db8:b:1600:0000:0000:0000:0000) @N15 P2:(IPv6 2001:db8:a:1100::, 2001:db8:b:1600:0000:0000:0000:0000)
(SRH 2001:db8:b:1700:1800::, 2001:db8:b:1200:1300:1400:1500:1600; SL=1) (SRH 2001:db8:b:1700:1800::,
(IPv6 2001:db8:a:1000::, 2001:db8:a:1900::) 2001:db8:b:1200:1300:1400:1500:1600;
SL=1)
(IPv6 2001:db8:a:1000::, 2001:db8:a:1900::)
When the packet is processed by the SR segment endpoint node N16, the When the packet is processed by the SR segment endpoint node N16, the
SID argument value is 0. As per the pseudocode of the End behavior SID argument value is 0. As per the pseudocode of the End behavior
with the NEXT-C-SID and USD flavors, N16 retrieves the next SID by with the NEXT-C-SID and USD flavors, N16 retrieves the next SID by
decrementing the value of segments left in the SRH and copying the decrementing the value of segments left in the SRH and copying the
next entry from the SRH segment list into the destination address. next entry from the SRH segment list into the destination address.
@N16 P2:(IPv6 2001:db8:a:1100::, 2001:db8:b:1700:1800::) @N16 P2:(IPv6 2001:db8:a:1100::, 2001:db8:b:1700:1800::)
(SRH 2001:db8:b:1700:1800::, 2001:db8:b:1200:1300:1400:1500:1600; SL=0) (SRH 2001:db8:b:1700:1800::,
(IPv6 2001:db8:a:1000::, 2001:db8:a:1900::) 2001:db8:b:1200:1300:1400:1500:1600;
SL=0)
(IPv6 2001:db8:a:1000::, 2001:db8:a:1900::)
@N17 P2:(IPv6 2001:db8:a:1100::, 2001:db8:b:1800:0000::) @N17 P2:(IPv6 2001:db8:a:1100::, 2001:db8:b:1800:0000::)
(SRH 2001:db8:b:1700:1800::, 2001:db8:b:1200:1300:1400:1500:1600; SL=0) (SRH 2001:db8:b:1700:1800::,
(IPv6 2001:db8:a:1000::, 2001:db8:a:1900::) 2001:db8:b:1200:1300:1400:1500:1600;
SL=0)
(IPv6 2001:db8:a:1000::, 2001:db8:a:1900::)
When the packet reaches the final SR segment endpoint node N18, both When the packet reaches the final SR segment endpoint node N18, both
the SID argument value and the segments left value in the SRH are 0. the SID argument value and the segments left value in the SRH are 0.
As per the pseudocode of the End behavior with the NEXT-C-SID and USD As per the pseudocode of the End behavior with the NEXT-C-SID and USD
flavors, N18 decapsulates the packet and sends the inner packet P1 flavors, N18 decapsulates the packet and sends the inner packet P1
towards its destination 2001:db8:a:1900::. towards its destination 2001:db8:a:1900::.
@N18 P1:(IPv6 2001:db8:a:1000::, 2001:db8:a:1900::) @N18 P1:(IPv6 2001:db8:a:1000::, 2001:db8:a:1900::)
5.4. Case 2: ICMPv6 error generation at a transit node 5.4. Case 2: ICMPv6 error generation at a transit node
Let us assume in the previous example that the hop limit expires on a Let us assume in the previous example that the hop limit expires on a
transit node N141, located on the path between the SR segment transit node N141, located on the path between the SR segment
endpoint nodes N14 and N15. endpoint nodes N14 and N15.
The packet sent by node N14 is as follows (reproduced from the The packet sent by node N14 is as follows (reproduced from the
previous section). previous section).
@N14 P2:(IPv6 2001:db8:a:1100::, 2001:db8:b:1500:1600:0000:0000:0000) @N14 P2:(IPv6 2001:db8:a:1100::, 2001:db8:b:1500:1600:0000:0000:0000)
(SRH 2001:db8:b:1700:1800::, 2001:db8:b:1200:1300:1400:1500:1600; SL=1) (SRH 2001:db8:b:1700:1800::,
(IPv6 2001:db8:a:1000::, 2001:db8:a:1900::) 2001:db8:b:1200:1300:1400:1500:1600;
SL=1)
(IPv6 2001:db8:a:1000::, 2001:db8:a:1900::)
Node N141 generates an ICMPv6 time exceeded error message as follows. Node N141 generates an ICMPv6 time exceeded error message as follows.
@N141 P3: (IPv6 <any address of node N141>, 2001:db8:a:1100::) @N141 P3: (IPv6 <any address of node N141>, 2001:db8:a:1100::)
(ICMPv6 time exceeded error (ICMPv6 time exceeded error
(IPv6 2001:db8:a:1100::, 2001:db8:b:1500:1600:0000:0000:0000) (IPv6 2001:db8:a:1100::,
(SRH 2001:db8:b:1700:1800::, 2001:db8:b:1200:1300:1400:1500:1600; SL=1) 2001:db8:b:1500:1600:0000:0000:0000)
(IPv6 2001:db8:a:1000::, 2001:db8:a:1900::)) (SRH 2001:db8:b:1700:1800::,
2001:db8:b:1200:1300:1400:1500:1600;
SL=1)
(IPv6 2001:db8:a:1000::, 2001:db8:a:1900::))
Node N11 receives the ICMP error packet transmitted by N141. Node N11 receives the ICMP error packet transmitted by N141.
Section 5.4 of RFC8754 indicates that a destination address of the Section 5.4 of [RFC8754] indicates that a destination address of the
invoking packet is determined by looking at segment list[0]. invoking packet is determined by looking at Segment List[0].
5.5. Case 3: Ping a SID 5.5. Case 3: Ping a SID
The operator wants to ping the End with NEXT-C-SID flavor SID The operator wants to ping the End with NEXT-C-SID flavor SID
2001:db8:b:1200:: of N12 from the SR source node N10. 2001:db8:b:1200:: of N12 from the SR source node N10.
The ICMP echo request is sent by N10 as follows. The ICMP echo request is sent by N10 as follows.
@N10 P1:(IPv6 2001:db8:a:1000::, 2001:db8:b:1200::) @N10 P1:(IPv6 2001:db8:a:1000::, 2001:db8:b:1200::)
(ICMPv6 echo request) (ICMPv6 echo request)
 End of changes. 22 change blocks. 
53 lines changed or deleted 75 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/