idnits 2.17.1 draft-bonica-6man-seg-end-opt-07.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (March 6, 2020) is 1512 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC8200' is defined on line 209, but no explicit reference was found in the text Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 6man R. Bonica 3 Internet-Draft Juniper Networks 4 Intended status: Standards Track J. Halpern 5 Expires: September 7, 2020 Ericsson 6 Y. Kamite 7 NTT Communications Corporation 8 T. Niwa 9 KDDI 10 L. Jalil 11 Verizon 12 G. Chen 13 Baidu 14 Y. Zhu 15 China Telecom 16 Y. Zhou 17 ByteDance 18 March 6, 2020 20 The Per-Segment Service Instruction (PSSI) Option 21 draft-bonica-6man-seg-end-opt-07 23 Abstract 25 SRm6 encodes Per-Segment Service Instructions (PSSI) in a new IPv6 26 option, called the PSSI Option. This document describes the PSSI 27 Option. 29 Status of This Memo 31 This Internet-Draft is submitted in full conformance with the 32 provisions of BCP 78 and BCP 79. 34 Internet-Drafts are working documents of the Internet Engineering 35 Task Force (IETF). Note that other groups may also distribute 36 working documents as Internet-Drafts. The list of current Internet- 37 Drafts is at https://datatracker.ietf.org/drafts/current/. 39 Internet-Drafts are draft documents valid for a maximum of six months 40 and may be updated, replaced, or obsoleted by other documents at any 41 time. It is inappropriate to use Internet-Drafts as reference 42 material or to cite them other than as "work in progress." 44 This Internet-Draft will expire on September 7, 2020. 46 Copyright Notice 48 Copyright (c) 2020 IETF Trust and the persons identified as the 49 document authors. All rights reserved. 51 This document is subject to BCP 78 and the IETF Trust's Legal 52 Provisions Relating to IETF Documents 53 (https://trustee.ietf.org/license-info) in effect on the date of 54 publication of this document. Please review these documents 55 carefully, as they describe your rights and restrictions with respect 56 to this document. Code Components extracted from this document must 57 include Simplified BSD License text as described in Section 4.e of 58 the Trust Legal Provisions and are provided without warranty as 59 described in the Simplified BSD License. 61 Table of Contents 63 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 64 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 3 65 3. PSSI Identifiers . . . . . . . . . . . . . . . . . . . . . . 3 66 4. Option Format . . . . . . . . . . . . . . . . . . . . . . . . 3 67 5. Security Considerations . . . . . . . . . . . . . . . . . . . 4 68 6. ICMPv6 Considerations . . . . . . . . . . . . . . . . . . . . 4 69 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4 70 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 4 71 9. Normative References . . . . . . . . . . . . . . . . . . . . 5 72 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 5 74 1. Introduction 76 An SRm6 [I-D.bonica-spring-srv6-plus] path provides unidirectional 77 connectivity from its ingress node to its egress node. While an SRm6 78 path can follow the least cost path from ingress to egress, it can 79 also follow any other path. 81 An SRm6 path contains one or more segments. A segment provides 82 unidirectional connectivity from its ingress node to its egress node. 84 SRm6 paths are programmable. They support several instruction types, 85 including Per-Segment Service Instructions (PSSI). The following are 86 examples of PSSIs: 88 o Expose a packet to a firewall policy. 90 o Expose a packet to a sampling policy. 92 PSSIs are executed at segment egress nodes and can be used to 93 implement limited service chains. However, they do not provide an 94 alternative to the Network Service Header (NSH) [RFC8300]. 96 SRm6 encodes PSSIs in a new IPv6 option, called the PSSI Option. 97 This document describes the PSSI Option. 99 2. Requirements Language 101 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 102 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 103 "OPTIONAL" in this document are to be interpreted as described in BCP 104 14 [RFC2119] [RFC8174] when, and only when, they appear in all 105 capitals, as shown here. 107 3. PSSI Identifiers 109 PSSI Identifiers identify PSSIs. They have domain-wide significance. 110 When a controller creates a limited service chain, also allocates a 111 PSSI Identifier. It then distributes the following information to 112 each node that contributes to the limited service chain: 114 o The PSSI Identifier. 116 o The PSSI that the node should execute when it receives a packet 117 that has the PSSI Identifier encoded within it. 119 4. Option Format 121 The PSSI Option contains the following fields: 123 o Option Type: 8-bit selector. PSSI option. Value TBD by IANA. 124 (Suggested value: 0x10). See Note below. 126 o Opt Data Len - 8-bit unsigned integer. Length of the option, in 127 octets, excluding the Option Type and Option Length fields. This 128 field MUST be set to 4. 130 o PSSI identifier - (32-bit selector). Identifies a PSSI. 132 The PSSI option MAY appear in any Destination Options header, 133 regardless of whether that Destination Options header precedes a 134 Routing header or an upper-layer header. The PSSI option MUST NOT 135 appear in a Hop-by-hop Options header. 137 NOTE : The highest-order two bits of the Option Type (i.e., the "act" 138 bits) are 00. These bits specify the action taken by a destination 139 node that does not recognize the option. The required action is to 140 skip over this option and continue processing the header. 142 The third highest-order bit of the Option Type (i.e., the "chg" bit) 143 is 0. This indicates that Option Data cannot be modified along the 144 path between the packet's source and its destination. 146 5. Security Considerations 148 The PSSI option shares many security concerns with IPv6 routing 149 headers. In particular, any boundary filtering protecting a domain 150 from external routing headers should also protect against external 151 PSSI options being processed inside a domain. This occurs naturally 152 if encapsulation is used to add routing headers to a packet. If 153 external routing headers are allowed, then protections must also 154 include ensuring that any provided PSSI option is properly protected, 155 e.g. with an IPSEC AH header or other suitable means. 157 As with Routing headers, the security assumption within a domain is 158 that the domain is trusted to provide, and to avoid improperly 159 modifying, the PSSI Option. 161 6. ICMPv6 Considerations 163 SRm6 implementations MUST comply with the ICMPv6 processing rules 164 specified in Section 2.4 of [RFC4443]. For example: 166 o An SRm6 implementation MUST NOT originate an ICMPv6 error message 167 in response to another ICMPv6 error message. 169 o An SRm6 implementation MUST rate limit the ICMPv6 messages that it 170 originates. 172 7. IANA Considerations 174 IANA is requested to allocate a cod epoint from the Destination 175 Options and Hop-by-hop Options registry 176 (https://www.iana.org/assignments/ipv6-parameters/ 177 ipv6-parameters.xhtml#ipv6-parameters-2). This option is called 178 "PSSI". The "act" bits are 00 and the "chg" bit is 0. (Suggested 179 value: 0x10). 181 8. Acknowledgements 183 Thanks to Fred Baker, Shizhang Bi and Reji Thomas for their careful 184 review of this document. 186 9. Normative References 188 [I-D.bonica-spring-srv6-plus] 189 Bonica, R., Hegde, S., Kamite, Y., Alston, A., Henriques, 190 D., Jalil, L., Halpern, J., Linkova, J., and G. Chen, 191 "Segment Routing Mapped To IPv6 (SRm6)", draft-bonica- 192 spring-srv6-plus-06 (work in progress), October 2019. 194 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 195 Requirement Levels", BCP 14, RFC 2119, 196 DOI 10.17487/RFC2119, March 1997, 197 . 199 [RFC4443] Conta, A., Deering, S., and M. Gupta, Ed., "Internet 200 Control Message Protocol (ICMPv6) for the Internet 201 Protocol Version 6 (IPv6) Specification", STD 89, 202 RFC 4443, DOI 10.17487/RFC4443, March 2006, 203 . 205 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 206 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 207 May 2017, . 209 [RFC8200] Deering, S. and R. Hinden, "Internet Protocol, Version 6 210 (IPv6) Specification", STD 86, RFC 8200, 211 DOI 10.17487/RFC8200, July 2017, 212 . 214 [RFC8300] Quinn, P., Ed., Elzur, U., Ed., and C. Pignataro, Ed., 215 "Network Service Header (NSH)", RFC 8300, 216 DOI 10.17487/RFC8300, January 2018, 217 . 219 Authors' Addresses 221 Ron Bonica 222 Juniper Networks 223 2251 Corporate Park Drive 224 Herndon, Virginia 20171 225 USA 227 Email: rbonica@juniper.net 228 Joel Halpern 229 Ericsson 230 P. O. Box 6049 231 Leesburg, Virginia 20178 232 USA 234 Email: joel.halpern@ericsson.com 236 Yuji Kamite 237 NTT Communications Corporation 238 3-4-1 Shibaura, Minato-ku 239 Tokyo 108-8118 240 Japan 242 Email: y.kamite@ntt.com 244 Tomonobu Niwa 245 KDDI 246 3-22-7, Yoyogi, Shibuya-ku 247 Tokyo 151-0053 248 JP 250 Email: to-niwa@kddi.com 252 Luay Jalil 253 Verizon 254 Richardson, Texas 255 USA 257 Email: luay.jalil@one.verizon.com 259 Gang Chen 260 Baidu 261 No.10 Xibeiwang East Road Haidian District 262 Beijing 100193 263 P.R. China 265 Email: phdgang@gmail.com 266 Yongqing Zhu 267 China Telecom 268 109 West Zhongshan Ave, Tianhe District 269 Guangzhou 270 P.R. China 272 Email: zhuyq.gd@chinatelecom.cn 274 Yifeng Zhou 275 ByteDance 276 Building 1, AVIC Plaza, 43 N 3rd Ring W Rd Haidian 277 District 278 Beijing 100000 279 P.R. China 281 Email: yifeng.zhou@bytedance.com