idnits 2.17.1 draft-dawra-idr-bgp-ls-sr-service-segments-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (July 8, 2019) is 1744 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-18) exists of draft-ietf-idr-bgp-ls-segment-routing-ext-16 == Outdated reference: A later version (-14) exists of draft-ietf-idr-bgpls-srv6-ext-01 == Outdated reference: A later version (-28) exists of draft-ietf-spring-srv6-network-programming-01 ** Obsolete normative reference: RFC 7752 (Obsoleted by RFC 9552) == Outdated reference: A later version (-26) exists of draft-ietf-idr-segment-routing-te-policy-07 == Outdated reference: A later version (-22) exists of draft-ietf-spring-segment-routing-policy-03 Summary: 1 error (**), 0 flaws (~~), 6 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Inter-Domain Routing G. Dawra, Ed. 3 Internet-Draft LinkedIn 4 Intended status: Standards Track C. Filsfils 5 Expires: January 9, 2020 Cisco Systems 6 D. Bernier 7 Bell Canada 8 J. Uttaro 9 AT&T 10 B. Decraene 11 Orange 12 H. Elmalky 13 Ericsson 14 X. Xu 15 Alibaba 16 F. Clad 17 K. Talaulikar 18 Cisco Systems 19 July 8, 2019 21 BGP-LS Advertisement of Segment Routing Service Segments 22 draft-dawra-idr-bgp-ls-sr-service-segments-02 24 Abstract 26 BGP Link-State (BGP-LS) enables distribution of topology information 27 from the network to a Path Computation Engine (PCE) or any 28 controller/application in general so it can learn the network 29 topology. Service functions are deployed as virtualized elements 30 along with network elements or on servers in data centers. The 31 advertisement of such attached service capabilities along with the 32 network nodes that they are attached to or associated with enable 33 their discovery and for programming of service paths that use these 34 service functions. Segment Routing (SR) bring in the concept of 35 segments which can be topological or service instructions. SR 36 Policies enable setup of paths which are a mix of topological and 37 service segments. 39 This document specifies the extensions to BGP-LS for discovery and 40 advertisement of service segments so as to enable setup of service 41 programming paths using Segment Routing. 43 Requirements Language 45 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 46 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 47 "OPTIONAL" in this document are to be interpreted as described in BCP 48 14 [RFC2119] [RFC8174] when, and only when, they appear in all 49 capitals, as shown here. 51 Status of This Memo 53 This Internet-Draft is submitted in full conformance with the 54 provisions of BCP 78 and BCP 79. 56 Internet-Drafts are working documents of the Internet Engineering 57 Task Force (IETF). Note that other groups may also distribute 58 working documents as Internet-Drafts. The list of current Internet- 59 Drafts is at https://datatracker.ietf.org/drafts/current/. 61 Internet-Drafts are draft documents valid for a maximum of six months 62 and may be updated, replaced, or obsoleted by other documents at any 63 time. It is inappropriate to use Internet-Drafts as reference 64 material or to cite them other than as "work in progress." 66 This Internet-Draft will expire on January 9, 2020. 68 Copyright Notice 70 Copyright (c) 2019 IETF Trust and the persons identified as the 71 document authors. All rights reserved. 73 This document is subject to BCP 78 and the IETF Trust's Legal 74 Provisions Relating to IETF Documents 75 (https://trustee.ietf.org/license-info) in effect on the date of 76 publication of this document. Please review these documents 77 carefully, as they describe your rights and restrictions with respect 78 to this document. Code Components extracted from this document must 79 include Simplified BSD License text as described in Section 4.e of 80 the Trust Legal Provisions and are provided without warranty as 81 described in the Simplified BSD License. 83 Table of Contents 85 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 86 2. BGP-LS Extensions for Service Chaining . . . . . . . . . . . 4 87 3. Illustration . . . . . . . . . . . . . . . . . . . . . . . . 7 88 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 89 4.1. Service Type Table . . . . . . . . . . . . . . . . . . . 7 90 4.2. Segment routing function Identifier(SFI) . . . . . . . . 8 91 5. Manageability Considerations . . . . . . . . . . . . . . . . 8 92 6. Operational Considerations . . . . . . . . . . . . . . . . . 8 93 6.1. Operations . . . . . . . . . . . . . . . . . . . . . . . 9 94 7. Security Considerations . . . . . . . . . . . . . . . . . . . 9 95 8. Conclusions . . . . . . . . . . . . . . . . . . . . . . . . . 9 96 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 9 97 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 98 10.1. Normative References . . . . . . . . . . . . . . . . . . 9 99 10.2. Informative References . . . . . . . . . . . . . . . . . 10 100 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 11 102 1. Introduction 104 Segments are introduced in the SR architecture 105 [I-D.ietf-spring-segment-routing]. Segment Routing based Service 106 chaining is well described in Section 6 of 107 [I-D.xuclad-spring-sr-service-programming] document with an example 108 network and services. 110 This document extend the example to add a Segment Routing Controller 111 (SR-C) to the network, for the purpose of service discovery and SR 112 policy [I-D.ietf-spring-segment-routing-policy] instantiation. 114 Consider the network represented in Figure 1 below where: 116 o A and B are two end hosts using IPv4. 118 o S1 is an SR-aware firewall Service. 120 o S2 is an SR-unaware DPI Service. 122 SR-C --3-- 123 | / \ 124 | / \ 125 A----1----2----4----5----6----B 126 | | 127 | | 128 S1 S2 130 Figure 1: Network with Services 132 SR Controller (SR-C) is connected to Node 1, but may be attached to 133 any node 1-6 in the network. 135 SR-C is capable of receiving BGP-LS updates to discover topology, and 136 calculating constrained paths between 1 and 6. 138 However, if SR-C is configured to computation a constrained path from 139 1 and 6, including a DPI service (i.e., S2) it is not yet possible 140 due to the lack of service distribution. SR-C does not know where a 141 DPI Service is nor the SID for it. It does not know that S2 is a 142 service it needs. 144 This document proposes an extension to BGP-LS for Service Chaining to 145 distribute the service information to SR-C. There may be other 146 alternate mechanisms to distribute service information to SR-C and 147 are outside of scope of this document. There are no extensions 148 required in SR-TE Policy SAFI. 150 2. BGP-LS Extensions for Service Chaining 152 For an attached service, following data needs to be shared with SR-C: 154 o Service SID value (e.g. MPLS label or IPv6 address). Service SID 155 MAY only be encoded as LOC:FUNCT, where LOC is the L most 156 significant bits and FUNCT is the 128-L least significant 157 bits[I-D.ietf-spring-srv6-network-programming]. ARGs bits, if 158 any, MAY be set to 0 in the advertised service SID. 160 o Function Identifier (Static Proxy, Dynamic Proxy, Shared Memory 161 Proxy, Masquerading Proxy, SR Aware Service etc). 163 o Service Type (DPI, Firewall, Classifier, LB etc). 165 o Traffic Type (IPv4 OR IPv6 OR Ethernet) 167 o Opaque Data (Such as brand and version, other extra information) 169 [I-D.xuclad-spring-sr-service-programming] defines SR-aware and SR- 170 unaware services. This document will reuse these definitions. Per 171 [RFC7752] Node Attributes are ONLY associated with the Node NLRI. 172 All non-VPN information SHALL be encoded using AFI 16388 / SAFI 71. 173 VPN information SHALL be encoded using AFI 16388 / SAFI 72 with 174 associated RTs. 176 This document introduces new TLVs for the SRv6 SID NLRI 177 [I-D.ietf-idr-bgpls-srv6-ext] and SR-MPLS SID/Label TLV 178 [I-D.ietf-idr-bgp-ls-segment-routing-ext] to associate the Service 179 SID Value with Service-related Information using Service Chaining(SC) 180 Sub-TLV. 182 SRv6 SID Information TLV [I-D.ietf-idr-bgpls-srv6-ext] encodes 183 behavior along with associated SID Flags. 185 A Service Chaining (SC) TLV in Figure 2 is defined as: 187 +---------------------------------------+ 188 | Type (2 octet) | 189 +---------------------------------------+ 190 | Length (2 octet) | 191 +---------------------------------------+ 192 | Service Type(ST) (2 octet | 193 +---------------------------------------+ 194 | Flags (1 octet) | 195 +---------------------------------------+ 196 | Traffic Type(1 octet) | 197 +---------------------------------------+ 198 | RESERVED (2 octet) | 199 +---------------------------------------+ 201 Figure 2: Service Chaining (SC) TLV 203 Where: 205 Type: 16 bit field. TBD 207 Length: 16 bit field. The total length of the value portion of 208 the TLV. 210 Service Type(ST): 16bit field. Service Type: categorizes the 211 Service: (such as "Firewall", "Classifier" etc). 213 Flags: 8 bit field. Bits SHOULD be 0 on transmission and MUST be 214 ignored on reception. 216 Traffic Type: 8 Bit field. A bit to identify if Service is IPv4 217 OR IPv6 OR L2 Ethernet Capable. Where: 219 Bit 0(LSB): Set to 1 if Service is IPv4 Capable 221 Bit 1: Set to 1 if Service is IPv6 Capable 223 Bit 2: Set to 1 if Service is Ethernet Capable 225 RESERVED: 16bit field. SHOULD be 0 on transmission and MUST be 226 ignored on reception. 228 Service Type(ST) MUST be encoded as part of SC TLV. 230 There may be multiple instances of similar Services that needs to be 231 distinguished. For example, firewalls made by different vendors A 232 and B may need to be identified differently because, while they have 233 similar functionality, their behavior is not identical. 235 In order for SDN Controller to identify the categories of Services 236 and their associated SIDs, this section defines the BGP-LS extensions 237 required to encode these characteristics and other relevant 238 information about these Services. 240 Another Optional Opaque Metadata(OM) TLV of SRv6 SID NLRI may encode 241 vendor specific information. Multiple of OM TLVs may be encoded. 243 +---------------------------------------+ 244 | Type (2 octet) | 245 +---------------------------------------+ 246 | Length (2 octet) | 247 +---------------------------------------+ 248 | Opaque Type (2 octet) | 249 +---------------------------------------+ 250 | Flags (1 octet) | 251 +---------------------------------------+ 252 | Value (variable) | 253 +---------------------------------------+ 255 Figure 3: Opaque Metadata(OM) TLV 257 o Type: 16 bit field. TBD. 259 o Length: 16 bit field. The total length of the value portion of 260 the TLV. 262 o Opaque Type: 8-bit field. Only publishers and consumers of the 263 opaque data are supposed to understand the data. 265 o Flags: 8 bit field. Bits SHOULD be 0 on transmission and MUST be 266 ignored on reception. 268 o Value: Variable Length. Based on the data being encoded and 269 length is recorded in length field. 271 Opaque Metadata(OM) TLV defined in Figure 3 may encode propriety or 272 Service Opaque information such as: 274 o Vendor specific Service Information. 276 o Traffic Limiting Information to particular Service Type. 278 o Opaque Information unique to the Service 280 o Propriety Enterprise Service specific Information. 282 3. Illustration 284 In our SRv6 example above Figure 1 , Node 5 is configured with an 285 SRv6 dynamic proxy segments (End.AD) C5::AD:F2 for S2. 287 The BGP-LS advertisement MUST include SRv6 SID NLRI with SRv6 SID 288 Information TLV in the BGP-LS Attribute: 290 o Service SID: C5::AD:F2 SID 292 o Endpoint Behavior: END.AD 294 The BGP-LS Attribute MUST contain a SC TLV with: 296 o Service Type: Deep Packet Inspection(DPI) 298 o Traffic Type: IPv4 Capable. 300 The BGP-LS Attribute MAY contain a OM TLV with: 302 o Opaque Type: Cisco DPI Version 304 o Value: 3.5 306 In our example in Figure 1, using BGP SR-TE SAFI Update 307 [I-D.ietf-idr-segment-routing-te-policy], SR Controller computes the 308 candidate path and pushes the Policy. 310 SRv6 encapsulation policy < CF1::, C3::, C5::AD:F2, C6::D4:B > is 311 signaled to Node 1 which has mix of service and topological segments. 313 4. IANA Considerations 315 This document requests assigning code-points from the registry "BGP- 316 LS Node Descriptor, Link Descriptor, Prefix Descriptor, and Attribute 317 TLVs". 319 4.1. Service Type Table 321 IANA is request to create a new top-level registry called "Service 322 Type Table (STT)". Valid values are in the range 0 to 65535. Values 323 0 and 65535 are to be marked "Reserved, not to be allocated". 325 +------------+-----------------------+------------+-------------+ 326 | Service | Service | Reference | Date | 327 | Value(TBD) | | | | 328 +------------+-----------------------+------------+-------------+ 329 | 32 | Classifier | ref-to-set | date-to-set | 330 +------------+-----------------------+------------+-------------+ 331 | 33 | Firewall | ref-to-set | date-to-set | 332 +------------+-----------------------+------------+-------------+ 333 | 34 | Load Balancer | ref-to-set | date-to-set | 334 +------------+-----------------------+------------+-------------+ 335 | 35 | DPI | ref-to-set | date-to-set | 336 +------------+-----------------------+------------+-------------+ 338 Figure 4 340 4.2. Segment routing function Identifier(SFI) 342 IANA is request to extend a top-level registry called "Segment 343 Routing Function Identifier(SFI)" with new code points. This 344 document extends the SFI values defined in 345 [I-D.ietf-idr-bgpls-srv6-ext]. Details about the Service functions 346 are defined in[I-D.xuclad-spring-sr-service-programming]. 348 +--------------------------+---------------------------+ 349 | Function | Function Identifier | 350 | | | 351 +--------------------------+---------------------------+ 352 | Static Proxy | 8 | 353 +--------------------------+---------------------------+ 354 | Dynamic Proxy | 9 | 355 +--------------------------+---------------------------+ 356 | Shared Memory Proxy | 10 | 357 +--------------------------+---------------------------+ 358 | Masquerading Proxy | 11 | 359 +--------------------------+---------------------------+ 360 | SRv6 Aware Service | 12 | 361 +--------------------------+---------------------------+ 363 5. Manageability Considerations 365 This section is structured as recommended in[RFC5706] 367 6. Operational Considerations 368 6.1. Operations 370 Existing BGP and BGP-LS operational procedures apply. No additional 371 operation procedures are defined in this document. 373 7. Security Considerations 375 Procedures and protocol extensions defined in this document do not 376 affect the BGP security model. See the 'Security Considerations' 377 section of [RFC4271] for a discussion of BGP security. Also refer 378 to[RFC4272] and[RFC6952] for analysis of security issues for BGP. 380 8. Conclusions 382 This document proposes extensions to the BGP-LS to allow discovery of 383 Services using Segment Routing. 385 9. Acknowledgements 387 The authors would like to thank Krishnaswamy Ananthamurthy for his 388 review of this document. 390 10. References 392 10.1. Normative References 394 [I-D.ietf-idr-bgp-ls-segment-routing-ext] 395 Previdi, S., Talaulikar, K., Filsfils, C., Gredler, H., 396 and M. Chen, "BGP Link-State extensions for Segment 397 Routing", draft-ietf-idr-bgp-ls-segment-routing-ext-16 398 (work in progress), June 2019. 400 [I-D.ietf-idr-bgpls-srv6-ext] 401 Dawra, G., Filsfils, C., Talaulikar, K., Chen, M., 402 daniel.bernier@bell.ca, d., and B. Decraene, "BGP Link 403 State Extensions for SRv6", draft-ietf-idr-bgpls- 404 srv6-ext-01 (work in progress), July 2019. 406 [I-D.ietf-spring-segment-routing] 407 Filsfils, C., Previdi, S., Ginsberg, L., Decraene, B., 408 Litkowski, S., and R. Shakir, "Segment Routing 409 Architecture", draft-ietf-spring-segment-routing-15 (work 410 in progress), January 2018. 412 [I-D.ietf-spring-srv6-network-programming] 413 Filsfils, C., Camarillo, P., Leddy, J., 414 daniel.voyer@bell.ca, d., Matsushima, S., and Z. Li, "SRv6 415 Network Programming", draft-ietf-spring-srv6-network- 416 programming-01 (work in progress), July 2019. 418 [I-D.xuclad-spring-sr-service-programming] 419 Clad, F., Xu, X., Filsfils, C., daniel.bernier@bell.ca, 420 d., Li, C., Decraene, B., Ma, S., Yadlapalli, C., 421 Henderickx, W., and S. Salsano, "Service Programming with 422 Segment Routing", draft-xuclad-spring-sr-service- 423 programming-02 (work in progress), April 2019. 425 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 426 Requirement Levels", BCP 14, RFC 2119, 427 DOI 10.17487/RFC2119, March 1997, 428 . 430 [RFC7752] Gredler, H., Ed., Medved, J., Previdi, S., Farrel, A., and 431 S. Ray, "North-Bound Distribution of Link-State and 432 Traffic Engineering (TE) Information Using BGP", RFC 7752, 433 DOI 10.17487/RFC7752, March 2016, 434 . 436 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 437 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 438 May 2017, . 440 10.2. Informative References 442 [I-D.ietf-idr-segment-routing-te-policy] 443 Previdi, S., Filsfils, C., Mattes, P., Rosen, E., Jain, 444 D., and S. Lin, "Advertising Segment Routing Policies in 445 BGP", draft-ietf-idr-segment-routing-te-policy-07 (work in 446 progress), July 2019. 448 [I-D.ietf-spring-segment-routing-policy] 449 Filsfils, C., Sivabalan, S., daniel.voyer@bell.ca, d., 450 bogdanov@google.com, b., and P. Mattes, "Segment Routing 451 Policy Architecture", draft-ietf-spring-segment-routing- 452 policy-03 (work in progress), May 2019. 454 [RFC4271] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A 455 Border Gateway Protocol 4 (BGP-4)", RFC 4271, 456 DOI 10.17487/RFC4271, January 2006, 457 . 459 [RFC4272] Murphy, S., "BGP Security Vulnerabilities Analysis", 460 RFC 4272, DOI 10.17487/RFC4272, January 2006, 461 . 463 [RFC5706] Harrington, D., "Guidelines for Considering Operations and 464 Management of New Protocols and Protocol Extensions", 465 RFC 5706, DOI 10.17487/RFC5706, November 2009, 466 . 468 [RFC6952] Jethanandani, M., Patel, K., and L. Zheng, "Analysis of 469 BGP, LDP, PCEP, and MSDP Issues According to the Keying 470 and Authentication for Routing Protocols (KARP) Design 471 Guide", RFC 6952, DOI 10.17487/RFC6952, May 2013, 472 . 474 Authors' Addresses 476 Gaurav Dawra (editor) 477 LinkedIn 478 USA 480 Email: gdawra.ietf@gmail.com 482 Clarence Filsfils 483 Cisco Systems 484 Belgium 486 Email: cfilsfil@cisco.com 488 Daniel Bernier 489 Bell Canada 490 Canada 492 Email: daniel.bernier@bell.ca 494 Jim Uttaro 495 AT&T 496 USA 498 Email: ju1738@att.com 499 Bruno Decraene 500 Orange 501 France 503 Email: bruno.decraene@orange.com 505 Hani Elmalky 506 Ericsson 507 USA 509 Email: hani.elmalky@gmail.com 511 Xiaohu Xu 512 Alibaba 514 Email: xiaohu.xxh@alibaba-inc.com 516 Francois Clad 517 Cisco Systems 518 France 520 Email: fclad@cisco.com 522 Ketan Talaulikar 523 Cisco Systems 524 India 526 Email: ketant@cisco.com