idnits 2.17.1 draft-bonica-6man-seg-end-opt-06.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (November 20, 2019) is 1618 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC8200' is defined on line 212, but no explicit reference was found in the text Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 6man R. Bonica 3 Internet-Draft Juniper Networks 4 Intended status: Standards Track J. Halpern 5 Expires: May 23, 2020 Ericsson 6 Y. Kamite 7 NTT Communications Corporation 8 T. Niwa 9 KDDI 10 L. Jalil 11 Verizon 12 N. So 13 F. Xu 14 Reliance Jio 15 G. Chen 16 Baidu 17 Y. Zhu 18 China Telecom 19 Y. Zhou 20 ByteDance 21 November 20, 2019 23 The Per-Segment Service Instruction (PSSI) Option 24 draft-bonica-6man-seg-end-opt-06 26 Abstract 28 SRm6 encodes Per-Segment Service Instructions (PSSI) in a new IPv6 29 option, called the PSSI Option. This document describes the PSSI 30 Option. 32 Status of This Memo 34 This Internet-Draft is submitted in full conformance with the 35 provisions of BCP 78 and BCP 79. 37 Internet-Drafts are working documents of the Internet Engineering 38 Task Force (IETF). Note that other groups may also distribute 39 working documents as Internet-Drafts. The list of current Internet- 40 Drafts is at https://datatracker.ietf.org/drafts/current/. 42 Internet-Drafts are draft documents valid for a maximum of six months 43 and may be updated, replaced, or obsoleted by other documents at any 44 time. It is inappropriate to use Internet-Drafts as reference 45 material or to cite them other than as "work in progress." 47 This Internet-Draft will expire on May 23, 2020. 49 Copyright Notice 51 Copyright (c) 2019 IETF Trust and the persons identified as the 52 document authors. All rights reserved. 54 This document is subject to BCP 78 and the IETF Trust's Legal 55 Provisions Relating to IETF Documents 56 (https://trustee.ietf.org/license-info) in effect on the date of 57 publication of this document. Please review these documents 58 carefully, as they describe your rights and restrictions with respect 59 to this document. Code Components extracted from this document must 60 include Simplified BSD License text as described in Section 4.e of 61 the Trust Legal Provisions and are provided without warranty as 62 described in the Simplified BSD License. 64 Table of Contents 66 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 67 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 3 68 3. PSSI Identifiers . . . . . . . . . . . . . . . . . . . . . . 3 69 4. Option Format . . . . . . . . . . . . . . . . . . . . . . . . 3 70 5. Security Considerations . . . . . . . . . . . . . . . . . . . 4 71 6. ICMPv6 Considerations . . . . . . . . . . . . . . . . . . . . 4 72 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4 73 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 4 74 9. Normative References . . . . . . . . . . . . . . . . . . . . 5 75 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 5 77 1. Introduction 79 An SRm6 [I-D.bonica-spring-srv6-plus] path provides unidirectional 80 connectivity from its ingress node to its egress node. While an SRm6 81 path can follow the least cost path from ingress to egress, it can 82 also follow any other path. 84 An SRm6 path contains one or more segments. A segment provides 85 unidirectional connectivity from its ingress node to its egress node. 87 SRm6 paths are programmable. They support several instruction types, 88 including Per-Segment Service Instructions (PSSI). The following are 89 examples of PSSIs: 91 o Expose a packet to a firewall policy. 93 o Expose a packet to a sampling policy. 95 PSSIs are executed at segment egress nodes and can be used to 96 implement limited service chains. However, they do not provide an 97 alternative to the Network Service Header (NSH) [RFC8300]. 99 SRm6 encodes PSSIs in a new IPv6 option, called the PSSI Option. 100 This document describes the PSSI Option. 102 2. Requirements Language 104 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 105 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 106 "OPTIONAL" in this document are to be interpreted as described in BCP 107 14 [RFC2119] [RFC8174] when, and only when, they appear in all 108 capitals, as shown here. 110 3. PSSI Identifiers 112 PSSI Identifiers identify PSSIs. They have domain-wide significance. 113 When a controller creates a limited service chain, also allocates a 114 PSSI Identifier. It then distributes the following information to 115 each node that contributes to the limited service chain: 117 o The PSSI Identifier. 119 o The PSSI that the node should execute when it receives a packet 120 that has the PSSI Identifier encoded within it. 122 4. Option Format 124 The PSSI Option contains the following fields: 126 o Option Type: 8-bit selector. PSSI option. Value TBD by IANA. 127 (Suggested value: 0x10). See Note below. 129 o Opt Data Len - 8-bit unsigned integer. Length of the option, in 130 octets, excluding the Option Type and Option Length fields. This 131 field MUST be set to 4. 133 o PSSI identifier - (32-bit selector). Identifies a PSSI. 135 The PSSI option MAY appear in any Destination Options header, 136 regardless of whether that Destination Options header precedes a 137 Routing header or an upper-layer header. The PSSI option MUST NOT 138 appear in a Hop-by-hop Options header. 140 NOTE : The highest-order two bits of the Option Type (i.e., the "act" 141 bits) are 00. These bits specify the action taken by a destination 142 node that does not recognize the option. The required action is to 143 skip over this option and continue processing the header. 145 The third highest-order bit of the Option Type (i.e., the "chg" bit) 146 is 0. This indicates that Option Data cannot be modified along the 147 path between the packet's source and its destination. 149 5. Security Considerations 151 The PSSI option shares many security concerns with IPv6 routing 152 headers. In particular, any boundary filtering protecting a domain 153 from external routing headers should also protect against external 154 PSSI options being processed inside a domain. This occurs naturally 155 if encapsulation is used to add routing headers to a packet. If 156 external routing headers are allowed, then protections must also 157 include ensuring that any provided PSSI option is properly protected, 158 e.g. with an IPSEC AH header or other suitable means. 160 As with Routing headers, the security assumption within a domain is 161 that the domain is trusted to provide, and to avoid improperly 162 modifying, the PSSI Option. 164 6. ICMPv6 Considerations 166 SRm6 implementations MUST comply with the ICMPv6 processing rules 167 specified in Section 2.4 of [RFC4443]. For example: 169 o An SRm6 implementation MUST NOT originate an ICMPv6 error message 170 in response to another ICMPv6 error message. 172 o An SRm6 implementation MUST rate limit the ICMPv6 messages that it 173 originates. 175 7. IANA Considerations 177 IANA is requested to allocate a cod epoint from the Destination 178 Options and Hop-by-hop Options registry 179 (https://www.iana.org/assignments/ipv6-parameters/ 180 ipv6-parameters.xhtml#ipv6-parameters-2). This option is called 181 "PSSI". The "act" bits are 00 and the "chg" bit is 0. (Suggested 182 value: 0x10). 184 8. Acknowledgements 186 Thanks to Fred Baker, Shizhang Bi and Reji Thomas for their careful 187 review of this document. 189 9. Normative References 191 [I-D.bonica-spring-srv6-plus] 192 Bonica, R., Hegde, S., Kamite, Y., Alston, A., Henriques, 193 D., Jalil, L., Halpern, J., Linkova, J., and G. Chen, 194 "Segment Routing Mapped To IPv6 (SRm6)", draft-bonica- 195 spring-srv6-plus-06 (work in progress), October 2019. 197 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 198 Requirement Levels", BCP 14, RFC 2119, 199 DOI 10.17487/RFC2119, March 1997, 200 . 202 [RFC4443] Conta, A., Deering, S., and M. Gupta, Ed., "Internet 203 Control Message Protocol (ICMPv6) for the Internet 204 Protocol Version 6 (IPv6) Specification", STD 89, 205 RFC 4443, DOI 10.17487/RFC4443, March 2006, 206 . 208 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 209 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 210 May 2017, . 212 [RFC8200] Deering, S. and R. Hinden, "Internet Protocol, Version 6 213 (IPv6) Specification", STD 86, RFC 8200, 214 DOI 10.17487/RFC8200, July 2017, 215 . 217 [RFC8300] Quinn, P., Ed., Elzur, U., Ed., and C. Pignataro, Ed., 218 "Network Service Header (NSH)", RFC 8300, 219 DOI 10.17487/RFC8300, January 2018, 220 . 222 Authors' Addresses 224 Ron Bonica 225 Juniper Networks 226 2251 Corporate Park Drive 227 Herndon, Virginia 20171 228 USA 230 Email: rbonica@juniper.net 231 Joel Halpern 232 Ericsson 233 P. O. Box 6049 234 Leesburg, Virginia 20178 235 USA 237 Email: joel.halpern@ericsson.com 239 Yuji Kamite 240 NTT Communications Corporation 241 3-4-1 Shibaura, Minato-ku 242 Tokyo 108-8118 243 Japan 245 Email: y.kamite@ntt.com 247 Tomonobu Niwa 248 KDDI 249 3-22-7, Yoyogi, Shibuya-ku 250 Tokyo 151-0053 251 JP 253 Email: to-niwa@kddi.com 255 Luay Jalil 256 Verizon 257 Richardson, Texas 258 USA 260 Email: luay.jalil@one.verizon.com 262 Ning So 263 Reliance Jio 264 3010 Gaylord PKWY, Suite 150 265 Frisco, Texas 75034 266 USA 268 Email: Ning.So@ril.com 269 Fengman Xu 270 Reliance Jio 271 3010 Gaylord PKWY, Suite 150 272 Frisco, Texas 75034 273 USA 275 Email: Fengman.Xu@ril.com 277 Gang Chen 278 Baidu 279 No.10 Xibeiwang East Road Haidian District 280 Beijing 100193 281 P.R. China 283 Email: phdgang@gmail.com 285 Yongqing Zhu 286 China Telecom 287 109 West Zhongshan Ave, Tianhe District 288 Guangzhou 289 P.R. China 291 Email: zhuyq.gd@chinatelecom.cn 293 Yifeng Zhou 294 ByteDance 295 Building 1, AVIC Plaza, 43 N 3rd Ring W Rd Haidian 296 District 297 Beijing 100000 298 P.R. China 300 Email: yifeng.zhou@bytedance.com