idnits 2.17.1 draft-ietf-lsr-isis-srv6-extensions-15.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 2 instances of too long lines in the document, the longest one being 14 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (May 21, 2021) is 1063 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-13) exists of draft-ietf-6man-spring-srv6-oam-10 == Outdated reference: A later version (-26) exists of draft-ietf-lsr-flex-algo-15 -- Possible downref: Non-RFC (?) normative reference: ref. 'ISO10589' Summary: 1 error (**), 0 flaws (~~), 3 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Networking Working Group P. Psenak, Ed. 3 Internet-Draft C. Filsfils 4 Updates: 7370 (if approved) Cisco Systems 5 Intended status: Standards Track A. Bashandy 6 Expires: November 22, 2021 Individual 7 B. Decraene 8 Orange 9 Z. Hu 10 Huawei Technologies 11 May 21, 2021 13 IS-IS Extensions to Support Segment Routing over IPv6 Dataplane 14 draft-ietf-lsr-isis-srv6-extensions-15 16 Abstract 18 The Segment Routing (SR) architecture allows flexible definition of 19 the end-to-end path by encoding it as a sequence of topological 20 elements called "segments". It can be implemented over the MPLS or 21 the IPv6 data plane. This document describes the IS-IS extensions 22 required to support Segment Routing over the IPv6 data plane. 24 This document updates RFC 7370 by modifying an existing registry. 26 Requirements Language 28 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 29 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 30 "OPTIONAL" in this document are to be interpreted as described in BCP 31 14 [RFC2119] [RFC8174] when, and only when, they appear in all 32 capitals, as shown here. 34 Status of This Memo 36 This Internet-Draft is submitted in full conformance with the 37 provisions of BCP 78 and BCP 79. 39 Internet-Drafts are working documents of the Internet Engineering 40 Task Force (IETF). Note that other groups may also distribute 41 working documents as Internet-Drafts. The list of current Internet- 42 Drafts is at https://datatracker.ietf.org/drafts/current/. 44 Internet-Drafts are draft documents valid for a maximum of six months 45 and may be updated, replaced, or obsoleted by other documents at any 46 time. It is inappropriate to use Internet-Drafts as reference 47 material or to cite them other than as "work in progress." 48 This Internet-Draft will expire on November 22, 2021. 50 Copyright Notice 52 Copyright (c) 2021 IETF Trust and the persons identified as the 53 document authors. All rights reserved. 55 This document is subject to BCP 78 and the IETF Trust's Legal 56 Provisions Relating to IETF Documents 57 (https://trustee.ietf.org/license-info) in effect on the date of 58 publication of this document. Please review these documents 59 carefully, as they describe your rights and restrictions with respect 60 to this document. Code Components extracted from this document must 61 include Simplified BSD License text as described in Section 4.e of 62 the Trust Legal Provisions and are provided without warranty as 63 described in the Simplified BSD License. 65 Table of Contents 67 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 68 2. SRv6 Capabilities sub-TLV . . . . . . . . . . . . . . . . . . 4 69 3. Advertising Supported Algorithms . . . . . . . . . . . . . . 4 70 4. Advertising Maximum SRv6 SID Depths . . . . . . . . . . . . . 5 71 4.1. Maximum Segments Left MSD Type . . . . . . . . . . . . . 5 72 4.2. Maximum End Pop MSD Type . . . . . . . . . . . . . . . . 5 73 4.3. Maximum H.Encaps MSD Type . . . . . . . . . . . . . . . . 5 74 4.4. Maximum End D MSD Type . . . . . . . . . . . . . . . . . 6 75 5. SRv6 SIDs and Reachability . . . . . . . . . . . . . . . . . 6 76 6. Advertising Anycast Property . . . . . . . . . . . . . . . . 7 77 7. Advertising Locators and End SIDs . . . . . . . . . . . . . . 8 78 7.1. SRv6 Locator TLV Format . . . . . . . . . . . . . . . . . 9 79 7.2. SRv6 End SID sub-TLV . . . . . . . . . . . . . . . . . . 10 80 8. Advertising SRv6 Adjacency SIDs . . . . . . . . . . . . . . . 12 81 8.1. SRv6 End.X SID sub-TLV . . . . . . . . . . . . . . . . . 12 82 8.2. SRv6 LAN End.X SID sub-TLV . . . . . . . . . . . . . . . 14 83 9. SRv6 SID Structure Sub-Sub-TLV . . . . . . . . . . . . . . . 16 84 10. Advertising Endpoint Behaviors . . . . . . . . . . . . . . . 17 85 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 18 86 11.1. SRv6 Locator TLV . . . . . . . . . . . . . . . . . . . . 18 87 11.1.1. SRv6 End SID sub-TLV . . . . . . . . . . . . . . . . 18 88 11.1.2. Revised sub-TLV table . . . . . . . . . . . . . . . 18 89 11.2. SRv6 Capabilities sub-TLV . . . . . . . . . . . . . . . 19 90 11.3. Sub-Sub-TLVs of the SRv6 Capability sub-TLV . . . . . . 19 91 11.4. SRv6 End.X SID and SRv6 LAN End.X SID sub-TLVs . . . . . 19 92 11.5. MSD Types . . . . . . . . . . . . . . . . . . . . . . . 20 93 11.6. Sub-Sub-TLVs for SID Sub-TLVs . . . . . . . . . . . . . 20 94 11.7. Prefix Attribute Flags Sub-TLV . . . . . . . . . . . . . 21 95 11.8. ISIS SRv6 Capabilities sub-TLV Flags Registry . . . . . 21 96 11.9. ISIS SRv6 Locator TLV Flags Registry . . . . . . . . . . 21 97 11.10. ISIS SRv6 End SID sub-TLV Flags Registry . . . . . . . . 22 98 11.11. ISIS SRv6 End.X SID and LAN End.X SID sub-TLVs Flags 99 Registry . . . . . . . . . . . . . . . . . . . . . . . . 22 100 12. Security Considerations . . . . . . . . . . . . . . . . . . . 23 101 13. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 23 102 14. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 24 103 15. References . . . . . . . . . . . . . . . . . . . . . . . . . 25 104 15.1. Normative References . . . . . . . . . . . . . . . . . . 25 105 15.2. Informative References . . . . . . . . . . . . . . . . . 27 106 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 27 108 1. Introduction 110 With Segment Routing (SR) [RFC8402], a node steers a packet through 111 an ordered list of instructions, called segments. 113 Segments are identified through Segment Identifiers (SIDs). 115 Segment Routing can be directly instantiated on the IPv6 data plane 116 through the use of the Segment Routing Header defined in [RFC8754]. 117 SRv6 refers to this SR instantiation on the IPv6 dataplane. 119 The network programming paradigm [RFC8986] is central to SRv6. It 120 describes how any behavior can be bound to a SID and how any network 121 program can be expressed as a combination of SIDs. 123 This document specifies IS-IS extensions that allow the IS-IS 124 protocol to encode some of these SIDs and their behaviors. 126 Familiarity with the network programming paradigm [RFC8986] is 127 necessary to understand the extensions specified in this document. 129 The new SRv6 Locator top level TLV announces SRv6 locators - a form 130 of summary address for the set of topology/algorithm-specific SIDs 131 instantiated at the node. 133 The SRv6 Capabilities sub-TLV announces the ability to support SRv6. 135 Several new sub-TLVs are defined to advertise various SRv6 Maximum 136 SID Depths. 138 The SRv6 End SID sub-TLV, the SRv6 End.X SID sub-TLV, and the SRv6 139 LAN End.X SID sub-TLV are used to advertise which SIDs are 140 instantiated at a node and what Endpoint behavior is bound to each 141 instantiated SID. 143 This document updates [RFC7370] by modifying an existing registry 144 (Section 11.1.2). 146 2. SRv6 Capabilities sub-TLV 148 A node indicates that it supports the SR Segment Endpoint Node 149 functionality as specified in [RFC8754] by advertising a new SRv6 150 Capabilities sub-TLV of the router capabilities TLV [RFC7981]. 152 The SRv6 Capabilities sub-TLV may contain optional sub-sub-TLVs. No 153 sub-sub-TLVs are currently defined. 155 The SRv6 Capabilities sub-TLV has the following format: 157 0 1 2 3 158 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 159 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 160 | Type | Length | Flags | 161 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 162 | optional sub-sub-TLVs... 164 Type: 25 166 Length: 2 + length of sub-sub-TLVs 168 Flags: 2 octets The following flags are defined: 170 0 1 171 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 172 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 173 | |O| Reserved | 174 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 176 where: 178 O-flag: If set, the router supports use of the O-bit 179 in the Segment Routing Header (SRH) as defined in 180 [I-D.ietf-6man-spring-srv6-oam]. 182 The remaining bits, including bit 0, are reserved for future use. They MUST be 183 set to zero on transmission and MUST be ignored on receipt. 185 3. Advertising Supported Algorithms 187 An SRv6 capable router indicates supported algorithm(s) by 188 advertising the Segment Routing Algorithm sub-TLV as defined in 189 [RFC8667]. 191 4. Advertising Maximum SRv6 SID Depths 193 [RFC8491] defines the means to advertise node/link specific values 194 for Maximum SID Depths (MSD) of various types. Node MSDs are 195 advertised in a sub-TLV of the Router Capabilities TLV [RFC7981]. 196 Link MSDs are advertised in a sub-TLV of TLVs 22, 23, 25, 141, 222, 197 and 223. 199 This document defines the relevant SRv6 MSDs and requests MSD type 200 assignments in the MSD Types registry created by [RFC8491]. 202 4.1. Maximum Segments Left MSD Type 204 The Maximum Segments Left MSD Type signals the maximum value of the 205 "Segments Left" field [RFC8754] in the SRH of a received packet 206 before applying the Endpoint behavior associated with a SID. 208 SRH Max Segments Left Type: 41 210 If no value is advertised, the supported value is 0. 212 4.2. Maximum End Pop MSD Type 214 The Maximum End Pop MSD Type signals the maximum number of SIDs in 215 the SRH to which the router can apply "Penultimate Segment Pop of the 216 SRH" or "Ultimate Segment Pop of the SRH" behavior, as defined in 217 [RFC8986] flavors. 219 SRH Max End Pop Type: 42 221 If the advertised value is zero or no value is advertised, 222 then the router cannot apply PSP or USP flavors. 224 4.3. Maximum H.Encaps MSD Type 226 The Maximum H.Encaps MSD Type signals the maximum number of SIDs that 227 can be added to the Segment List of an SRH as part of the "H.Encaps" 228 behavior as defined in [RFC8986]. 230 SRH Max H.encaps Type: 44 232 If the advertised value is zero or no value is advertised, then the 233 headend can apply an SR Policy that only contains one segment, without 234 inserting any SRH header. 236 A non-zero SRH Max H.encaps MSD indicates that the headend can insert 237 an SRH up to the advertised number of SIDs. 239 4.4. Maximum End D MSD Type 241 The Maximum End D MSD Type specifies the maximum number of SIDs 242 present in an SRH when performing decapsulation. As specified in 243 [RFC8986] the permitted SID types include, but are not limited to 244 End.DX6, End.DT4, End.DT46, End with USD, End.X with USD. 246 SRH Max End D Type: 45 248 If the advertised value is zero or no value is advertised 249 then the router cannot apply any behavior that results in 250 decapsulation and forwarding of the inner packet if the 251 outer IPv6 header contains an SRH. 253 5. SRv6 SIDs and Reachability 255 As discussed in [RFC8986], an SRv6 Segment Identifier (SID) is 128 256 bits and consists of Locator, Function and Argument parts. 258 A node is provisioned with topology/algorithm specific locators for 259 each of the topology/algorithm pairs supported by that node. Each 260 locator is a covering prefix for all SIDs provisioned on that node 261 which have the matching topology/algorithm. 263 Locators MUST be advertised in the SRv6 Locator TLV (see 264 Section 7.1). Forwarding entries for the locators advertised in the 265 SRv6 Locator TLV MUST be installed in the forwarding plane of 266 receiving SRv6 capable routers when the associated topology/algorithm 267 is supported by the receiving node. The processing of the prefix 268 advertised in the SRv6 Locator TLV, the calculation of its 269 reachability and the installation in the forwarding plane follows the 270 process defined for the Prefix Reachability TLV 236 [RFC5308], or TLV 271 237 [RFC5120]. 273 Locators associated with algorithm 0 and 1 (for all supported 274 topologies) SHOULD be advertised in a Prefix Reachability TLV (236 or 275 237) so that legacy routers (i.e., routers which do not support SRv6) 276 will install a forwarding entry for algorithm 0 and 1 SRv6 traffic. 278 In cases where the same prefix, with the same prefix-length, Multi 279 Topology ID (MT ID), and algorithm is received in both a Prefix 280 Reachability TLV and an SRv6 Locator TLV, the Prefix Reachability 281 advertisement MUST be preferred when installing entries in the 282 forwarding plane. This is to prevent inconsistent forwarding entries 283 between SRv6 capable and SRv6 incapable routers. Such preference of 284 Prefix Reachability advertisement does not have any impact on the 285 rest of the data advertised in the SRv6 Locator TLV. 287 Locators associated with Flexible Algorithms (see Section 4 of 288 [I-D.ietf-lsr-flex-algo]) SHOULD NOT be advertised in Prefix 289 Reachability TLVs (236 or 237). Advertising the Flexible Algorithm 290 locator in regular Prefix Reachability TLV (236 or 237) would make 291 the forwarding for it to follow algo 0 path. 293 SRv6 SIDs are advertised as sub-TLVs in the SRv6 Locator TLV except 294 for SRv6 SIDs which are associated with a specific Neighbor/Link and 295 are therefore advertised as sub-TLVs in TLVs 22, 23, 25, 141, 222, 296 and 223. 298 SRv6 SIDs received from other nodes are not directly routable and 299 MUST NOT be installed in the forwarding plane. Reachability to SRv6 300 SIDs depends upon the existence of a covering locator. 302 Adherence to the rules defined in this section will assure that SRv6 303 SIDs associated with a supported topology/algorithm pair will be 304 forwarded correctly, while SRv6 SIDs associated with an unsupported 305 topology/algorithm pair will be dropped. NOTE: The drop behavior 306 depends on the absence of a default/summary route covering a given 307 locator. 309 In order for forwarding to work correctly, the locator associated 310 with SRv6 SID advertisements must be the longest match prefix 311 installed in the forwarding plane for those SIDs. In order to ensure 312 correct forwarding, network operators should take steps to make sure 313 that this requirement is not compromised. For example, the following 314 situations should be avoided: 316 o Another locator associated with a different topology/algorithm is 317 the longest match 319 o Another prefix advertisement (i.e., from TLV 236 or 237) is the 320 longest match 322 6. Advertising Anycast Property 324 Both prefixes and SRv6 Locators may be configured as anycast and as 325 such the same value can be advertised by multiple routers. It is 326 useful for other routers to know that the advertisement is for an 327 anycast identifier. 329 A new flag in Prefix Attribute Flags Sub-TLV [RFC7794] is defined to 330 advertise the anycast property: 332 Bit #: 4 333 Name: Anycast Flag (A-flag) 335 When the prefix/SRv6 locator is configured as anycast, the A-flag 336 SHOULD be set. Otherwise, this flag MUST be clear. 338 The A-flag MUST be preserved when the advertisement is leaked between 339 levels. 341 The A-flag and the N-flag MUST NOT both be set. If both N-flag and 342 A-flag are set in the prefix/SRv6 Locator advertisement, the 343 receiving routers MUST ignore the N-flag. 345 The same prefix/SRv6 Locator can be advertised by multiple routers. 346 If at least one of them sets the A-Flag in its advertisement, the 347 prefix/SRv6 Locator SHOULD be considered as anycast. 349 A prefix/SRv6 Locator that is advertised by a single node and without 350 an A-Flag is considered node specific. 352 All the nodes advertising the same anycast locator MUST instantiate 353 the exact same set of SIDs under that anycast locator. Failure to do 354 so may result in traffic being black-holed or mis-routed. 356 The Prefix Attribute Flags Sub-TLV can be carried in the SRv6 Locator 357 TLV as well as the Prefix Reachability TLVs. When a router 358 originates both the Prefix Reachability TLV and the SRv6 Locator TLV 359 for a given prefix, and the router is originating the Prefix 360 Attribute Flags Sub-TLV in one of the TLVs, the router SHOULD 361 advertise the same flags in the Prefix Attribute Flags Sub-TLV in 362 both TLVs. However, unlike TLVs 236 [RFC5308] and 237 [RFC5120] the 363 X-flag in the Prefix Attributes Flags sub-TLV is valid when sent in 364 the SRv6 Locator TLV. The state of the X-flag in the Prefix 365 Attributes Flags sub-TLV when included in the Locator TLV MUST match 366 the setting of the embedded "X-bit" in any advertisement for the same 367 prefix in TLVs 236 [RFC5308] and 237 [RFC5120]. In case of any 368 inconsistency between the Prefix Attribute Flags advertised in the 369 Locator TLV and in the Prefix Reachability TLV, the ones advertised 370 in Prefix Reachability TLV MUST be preferred. 372 7. Advertising Locators and End SIDs 374 The SRv6 Locator TLV is introduced to advertise SRv6 Locators and End 375 SIDs associated with each locator. 377 This new TLV shares the sub-TLV space defined for TLVs 135, 235, 236 378 and 237. 380 7.1. SRv6 Locator TLV Format 382 The SRv6 Locator TLV has the following format: 384 0 1 2 3 385 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 386 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 387 | Type | Length |R|R|R|R| MT ID | 388 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 389 | Locator Entries . . . | 391 Type: 27 393 Length: variable. 395 R bits: reserved for future use. They MUST be set to zero on 396 transmission and MUST be ignored on receipt. 398 MT ID: Multitopology Identifier as defined in [RFC5120]. Note 399 that the value 0 is legal. 401 Followed by one or more locator entries of the form: 403 0 1 2 3 404 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 405 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 406 | Metric | 407 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 408 | Flags | Algorithm | 409 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 410 | Loc Size | Locator (variable)... 411 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 412 | Sub-TLV-len | Sub-TLVs (variable) . . . | 413 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 415 Metric: 4 octets. As described in Section 4 of [RFC5305]. 417 Flags: 1 octet. The following flags are defined: 419 0 420 0 1 2 3 4 5 6 7 421 +-+-+-+-+-+-+-+-+ 422 |D| Reserved | 423 +-+-+-+-+-+-+-+-+ 425 D-flag: Same as described in section 4.1. of [RFC5305]. 427 The remaining bits are reserved for future use. They MUST be 428 set to zero on transmission and MUST be ignored on receipt. 430 Algorithm: 1 octet. As defined in IGP Algorithm Types registry 431 [RFC8665]. 433 Loc-Size: 1 octet. Number of bits in the SRv6 Locator field. 434 MUST be from the range (1 - 128). The TLV MUST be ignored if the 435 Loc-Size is outside this range. 437 Locator: 1-16 octets. This field encodes the advertised SRv6 438 Locator. The Locator is encoded in the minimal number of octets 439 for the given number of bits. Trailing bits MUST be set to zero 440 and ignored when received. 442 Sub-TLV-length: 1 octet. Number of octets used by sub-TLVs. 444 Optional sub-TLVs: Supported sub-TLVs are specified in 445 Section 11.1.2. Any Sub-TLV that is not allowed in the SRv6 446 Locator TLV MUST be ignored. 448 Prefix Attribute Flags Sub-TLV [RFC7794] SHOULD be included in the 449 Locator TLV. 451 Prefix Attribute Flags Sub-TLV MUST be included in the the Locator 452 TLV when it is leaked upwards in the hierarchy or originated as a 453 result of the redistribution from another protocol or another ISIS 454 instance. If the Prefix Attribute Flags Sub-TLV is not included in 455 these cases, receivers will be unable to determine the correct source 456 of the advertisement. The receivers will be unable to detect the 457 violation. 459 7.2. SRv6 End SID sub-TLV 461 The SRv6 End SID sub-TLV is introduced to advertise SRv6 Segment 462 Identifiers (SID) with Endpoint behaviors which do not require a 463 particular neighbor in order to be correctly applied. SRv6 SIDs 464 associated with a neighbor are advertised using the sub-TLVs defined 465 in Section 8. 467 Supported behavior values, together with parent TLVs in which they 468 are advertised, are specified in Section 10 of this document. Please 469 note that not all behaviors defined in [RFC8986] are defined in this 470 document, e.g. END.T is not. 472 This new sub-TLV is advertised in the SRv6 Locator TLV defined in the 473 previous section. SRv6 End SIDs inherit the topology/algorithm from 474 the parent locator. 476 The SRv6 End SID sub-TLV has the following format: 478 0 1 2 3 479 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 480 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 481 | Type | Length | 482 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 483 | Flags | Endpoint Behavior | 484 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 485 | SID (128 bits) . . . | 486 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 487 | SID (cont . . .) | 488 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 489 | SID (cont . . .) | 490 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 491 | SID (cont . . .) | 492 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 493 |Sub-sub-TLV-len| Sub-sub-TLVs (variable) . . . | 494 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 496 Type: 5. 498 Length: variable. 500 Flags: 1 octet. No flags are currently defined. All bits are 501 reserved for future use. They MUST be set to zero on transmission 502 and MUST be ignored on receipt. 504 Endpoint Behavior: 2 octets, as defined in [RFC8986]. Supported 505 behavior values for this sub-TLV are defined in Section 10 of this 506 document. Unsupported or unrecognized behavior values are ignored 507 by the receiver. 509 SID: 16 octets. This field encodes the advertised SRv6 SID. 511 Sub-sub-TLV-length: 1 octet. Number of octets used by sub-sub- 512 TLVs. 514 Optional Sub-sub-TLVs: Supported Sub-sub-TLVs are specified in 515 Section 11.6. Any Sub-sub-TLV that is not allowed in SRv6 End SID 516 sub-TLV MUST be ignored. 518 The SRv6 End SID MUST be allocated from its associated locator. SRv6 519 End SIDs that are not allocated from the associated locator MUST be 520 ignored. 522 Multiple SRv6 End SIDs MAY be associated with the same locator. In 523 cases where the number of SRv6 End SID sub-TLVs exceeds the capacity 524 of a single TLV, multiple Locator TLVs for the same locator MAY be 525 advertised. For a given MTID/Locator the algorithm MUST be the same 526 in all TLVs. If this restriction is not met all TLVs for that MTID/ 527 Locator MUST be ignored. 529 8. Advertising SRv6 Adjacency SIDs 531 Certain SRv6 Endpoint behaviors [RFC8986] are associated with a 532 particular adjacency. 534 This document defines two new sub-TLVs of TLV 22, 23, 25, 141, 222, 535 and 223 - namely "SRv6 End.X SID sub-TLVs" and "SRv6 LAN End.X SID 536 sub-TLVs". 538 IS-IS Neighbor advertisements are topology specific - but not 539 algorithm specific. SIDs advertised in SRv6 End.X SID and SRv6 LAN 540 End.X SID sub-TLVs therefore inherit the topology from the associated 541 neighbor advertisement, but the algorithm is specified in the 542 individual SID. 544 All SIDs advertised in SRv6 End.X SID and SRv6 LAN End.X SID sub-TLVs 545 MUST be a subnet of a Locator with matching topology and algorithm 546 which is advertised by the same node in an SRv6 Locator TLV. SIDs 547 that do not meet this requirement MUST be ignored. This ensures that 548 the node advertising these SIDs is also advertising its corresponding 549 Locator with the algorithm that will be used for computing paths 550 destined to the SID. 552 8.1. SRv6 End.X SID sub-TLV 554 This sub-TLV is used to advertise an SRv6 SID associated with a point 555 to point adjacency. Multiple SRv6 End.X SID sub-TLVs MAY be 556 associated with the same adjacency. 558 The SRv6 End.X SID sub-TLV has the following format: 560 0 1 2 3 561 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 562 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 563 | Type | Length | 564 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 565 | Flags | Algorithm | Weight | 566 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 567 | Endpoint Behavior | 568 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 569 | SID (128 bits) . . . | 570 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 571 | SID (cont . . .) | 572 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 573 | SID (cont . . .) | 574 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 575 | SID (cont . . .) | 576 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 577 |Sub-sub-tlv-len| Sub-sub-TLVs (variable) . . . | 578 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 580 Type: 43 582 Length: variable. 584 Flags: 1 octet. 586 0 1 2 3 4 5 6 7 587 +-+-+-+-+-+-+-+-+ 588 |B|S|P|Reserved | 589 +-+-+-+-+-+-+-+-+ 591 where: 593 B-Flag: Backup flag. If set, the SID is eligible for 594 protection, e.g., using IP Fast Re-route (IPFRR) [RFC5286], as 595 described in [RFC8355]. 597 S-Flag. Set flag. When set, the S-Flag indicates that the SID 598 refers to a set of adjacencies (and therefore MAY be assigned 599 to other adjacencies as well). 601 P-Flag. Persistent flag. When set, the P-Flag indicates that 602 the SID is persistently allocated, i.e., the SID value remains 603 consistent across router restart and/or interface flap. 605 Reserved bits: MUST be zero when originated and MUST be ignored 606 when received. 608 Algorithm: 1 octet. As defined in IGP Algorithm Types registry 609 [RFC8665]. 611 Weight: 1 octet. The value represents the weight of the SID for 612 the purpose of load balancing. The use of the weight is defined 613 in [RFC8402]. 615 Endpoint Behavior: 2 octets. As defined in [RFC8986]. Supported 616 behavior values for this sub-TLV are defined in Section 10 of this 617 document. Unsupported or unrecognized behavior values are ignored 618 by the receiver. 620 SID: 16 octets. This field encodes the advertised SRv6 SID. 622 Sub-sub-TLV-length: 1 octet. Number of octets used by sub-sub- 623 TLVs. 625 Optional Sub-sub-TLVs: Supported Sub-sub-TLVs are specified in 626 Section 11.6. Any Sub-sub-TLV that is not allowed in SRv6 End.X 627 SID sub-TLV MUST be ignored. 629 Note that multiple TLVs for the same neighbor may be required in 630 order to advertise all the SRv6 SIDs associated with that neighbor. 632 8.2. SRv6 LAN End.X SID sub-TLV 634 This sub-TLV is used to advertise an SRv6 SID associated with a LAN 635 adjacency. Since the parent TLV is advertising an adjacency to the 636 Designated Intermediate System (DIS) for the LAN, it is necessary to 637 include the System ID of the physical neighbor on the LAN with which 638 the SRv6 SID is associated. Given that many neighbors may exist on a 639 given LAN, multiple SRv6 LAN END.X SID sub-TLVs may be associated 640 with the same LAN. Note that multiple TLVs for the same DIS neighbor 641 may be required in order to advertise all the SRv6 SIDs associated 642 with that neighbor. 644 The SRv6 LAN End.X SID sub-TLV has the following format: 646 0 1 2 3 647 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 648 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 649 | Type | Length | | 650 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 651 | Neighbor System-ID (ID length octets) | 652 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 653 | Flags | Algorithm | Weight | 654 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 655 | Endpoint Behavior | 656 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 657 | SID (128 bits) . . . | 658 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 659 | SID (cont . . .) | 660 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 661 | SID (cont . . .) | 662 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 663 | SID (cont . . .) | 664 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 665 |Sub-sub-TLV-len| sub-sub-TLVs (variable) . . . | 666 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 668 Type: 44 670 Length: variable. 672 Neighbor System-ID: IS-IS System-ID of length "ID Length" as 673 defined in [ISO10589]. 675 Flags: 1 octet. 677 0 1 2 3 4 5 6 7 678 +-+-+-+-+-+-+-+-+ 679 |B|S|P|Reserved | 680 +-+-+-+-+-+-+-+-+ 682 where B,S, and P flags are as described in Section 8.1. 683 Reserved bits MUST be zero when originated and MUST be ignored 684 when received. 686 Algorithm: 1 octet. As defined in IGP Algorithm Types registry 687 [RFC8665]. 689 Weight: 1 octet. The value represents the weight of the SID for 690 the purpose of load balancing. The use of the weight is defined 691 in [RFC8402]. 693 Endpoint Behavior: 2 octets. As defined in [RFC8986]. Supported 694 behavior values for this sub-TLV are defined in Section 10 of this 695 document. Unsupported or unrecognized behavior values are ignored 696 by the receiver. 698 SID: 16 octets. This field encodes the advertised SRv6 SID. 700 Sub-sub-TLV-length: 1 octet. Number of octets used by sub-sub- 701 TLVs. 703 Optional Sub-sub-TLVs: Supported Sub-sub-TLVs are specified in 704 Section 11.6. Any Sub-sub-TLV that is not allowed in SRv6 LAN 705 End.X SID sub-TLV MUST be ignored. 707 Note that multiple TLVs for the same neighbor, on the same LAN, may 708 be required in order to advertise all the SRv6 SIDs associated with 709 that neighbor. 711 9. SRv6 SID Structure Sub-Sub-TLV 713 SRv6 SID Structure Sub-Sub-TLV is an optional Sub-Sub-TLV of: 715 SRv6 End SID Sub-TLV (Section 7.2) 717 SRv6 End.X SID Sub-TLV (Section 8.1) 719 SRv6 LAN End.X SID Sub-TLV (Section 8.2) 721 SRv6 SID Structure Sub-Sub-TLV is used to advertise the structure of 722 the SRv6 SID as defined in [RFC8986]. It has the following format: 724 0 1 2 3 725 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 726 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 727 | Type | Length | 728 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 729 | LB Length | LN Length | Fun. Length | Arg. Length | 730 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 732 where: 734 Type: 1 736 Length: 4 octets. 738 LB Length: 1 octet. SRv6 SID Locator Block length in bits. 740 LN Length: 1 octet. SRv6 SID Locator Node length in bits. 742 Fun. Length: 1 octet. SRv6 SID Function length in bits. 744 Arg. Length: 1 octet. SRv6 SID Arguments length in bits. 746 ISIS SRv6 SID Structure Sub-Sub-TLV MUST NOT appear more than once in 747 its parent Sub-TLV. If it appears more than once in its parent Sub- 748 TLV, the parent Sub-TLV MUST be ignored by the receiver. 750 The sum of all four sizes advertised in ISIS SRv6 SID Structure Sub- 751 Sub-TLV MUST be less than or equal to 128 bits. If the sum of all 752 four sizes advertised in the ISIS SRv6 SID Structure Sub-Sub-TLV is 753 larger than 128 bits, the parent Sub-TLV MUST be ignored by the 754 receiver. 756 The SRv6 SID Structure Sub-Sub-TLV indicates the structure of the SID 757 associated with it. Its usage is outside the scope of this document. 759 10. Advertising Endpoint Behaviors 761 Endpoint behaviors are defined in [RFC8986]. The codepoints for the 762 Endpoint behaviors are defined in the "SRv6 Endpoint Behaviors" 763 registry defined in [RFC8986]. If a behavior is advertised it MUST 764 only be advertised in the TLV[s] as indicated by "Y" in the table 765 below, and MUST NOT be advertised in the TLV[s] as indicated by "N" 766 in the table below. 768 Endpoint |Endpoint | End | End.X | Lan End.X | 769 Behavior |Behavior Codepoint| SID | SID | SID | 770 ----------------------|------------------|-----|-------|-----------| 771 End (PSP, USP, USD)| 1-4, 28-31 | Y | N | N | 772 ----------------------|------------------|-----|-------|-----------| 773 End.X (PSP, USP, USD)| 5-8, 32-35 | N | Y | Y | 774 ----------------------|------------------|-----|-------|-----------| 775 End.DX6 | 16 | N | Y | Y | 776 ----------------------|------------------|-----|-------|-----------| 777 End.DX4 | 17 | N | Y | Y | 778 ----------------------|------------------|-----|-------|-----------| 779 End.DT6 | 18 | Y | N | N | 780 ----------------------|------------------|-----|-------|-----------| 781 End.DT4 | 19 | Y | N | N | 782 ----------------------|------------------|-----|-------|-----------| 783 End.DT46 | 20 | Y | N | N | 785 11. IANA Considerations 787 This document requests allocation for the following TLVs, sub-TLVs, 788 and sub-sub-TLVs as well as updating the ISIS TLV registry and 789 defining new registries. 791 11.1. SRv6 Locator TLV 793 This document makes the following registrations in the IS-IS TLV 794 Codepoints registry. 796 Type Description IIH LSP SNP Purge 797 ---- --------------------- --- --- --- ----- 798 27 SRv6 Locator TLV n y n n 800 11.1.1. SRv6 End SID sub-TLV 802 The SRv6 Locator TLV shares sub-TLV space with TLVs 135, 235, 236 and 803 237. This document updates the "Sub-TLVs for TLVs 135, 235, 236, and 804 237 (Extended IP reachability, MT IP. Reach, IPv6 IP. Reach, and MT 805 IPv6 IP. Reach TLVs)" registry defined in [RFC7370]. IANA is 806 requested to update the name of the "Sub-TLVs for TLVs 135, 235, 236, 807 and 237 (Extended IP reachability, MT IP. Reach, IPv6 IP. Reach, 808 and MT IPv6 IP. Reach TLVs)" registry to "Sub-TLVs for TLVs 27, 135, 809 235, 236, and 237 (SRv6 Locator, Extended IP reachability, MT IP. 810 Reach, IPv6 IP. Reach, and MT IPv6 IP. Reach TLVs)". 812 IANA is asked to add this document as a reference to (renamed) "Sub- 813 TLVs for TLVs 27, 135, 235, 236, and 237 (SRv6 Locator, Extended IP 814 reachability, MT IP. Reach, IPv6 IP. Reach, and MT IPv6 IP. Reach 815 TLVs)" registry. 817 This document makes the following registrations in the (renamed) 818 "Sub-TLVs for TLVs 27, 135, 235, 236, and 237 (SRv6 Locator, Extended 819 IP reachability, MT IP. Reach, IPv6 IP. Reach, and MT IPv6 IP. 820 Reach TLVs)" registry: 822 Type: 5 824 Description: SRv6 End SID sub-TLV. 826 Reference: This document (Section 7.2). 828 11.1.2. Revised sub-TLV table 830 The revised table of sub-TLVs for the (renamed) "Sub-TLVs for TLVs 831 27, 135, 235, 236, and 237 (SRv6 Locator, Extended IP reachability, 832 MT IP. Reach, IPv6 IP. Reach, and MT IPv6 IP. Reach TLVs)" 833 registry is shown below: 835 Type 27 135 235 236 237 837 1 y y y y y 838 2 y y y y y 839 3 n y y y y 840 4 y y y y y 841 5 y n n n n 842 6 n y y y y 843 11 y y y y y 844 12 y y y y y 845 32 n y y y y 847 11.2. SRv6 Capabilities sub-TLV 849 This document makes the following registrations in the "Sub-TLVs for 850 TLV 242 (IS-IS Router CAPABILITY TLV)": 852 Type: 25 854 Description: SRv6 Capabilities sub-TLV. 856 Reference: This document (Section 2). 858 11.3. Sub-Sub-TLVs of the SRv6 Capability sub-TLV 860 This document requests a new IANA registry be created under the IS-IS 861 TLV Codepoints Registry to control the assignment of sub-TLV types 862 for the SRv6 Capability sub-TLV specified in this document - 863 Section 2. The suggested name of the new registry is "sub-sub-TLVs 864 of the SRv6 Capability sub-TLV". The registration procedure is 865 "Expert Review" as defined in [RFC8126]. Guidance for the Designated 866 Experts is provided in the [RFC7370]. No sub-sub-TLVs are defined by 867 this document except for the reserved value. 869 0: Reserved 871 1-255: Unassigned 873 11.4. SRv6 End.X SID and SRv6 LAN End.X SID sub-TLVs 875 This document makes the following registrations in the "Sub-TLVs for 876 TLVs 22, 23, 25, 141, 222, and 223 (Extended IS reachability, IS 877 Neighbor Attribute, L2 Bundle Member Attributes, inter-AS 878 reachability information, MT-ISN, and MT IS Neighbor Attribute TLVs)" 879 registry: 881 Type: 43 883 Description: SRv6 End.X SID sub-TLV. 885 Reference: This document (Section 8.1). 887 Type: 44 889 Description: SRv6 LAN End.X SID sub-TLV. 891 Reference: This document (Section 8.2). 893 Type 22 23 25 141 222 223 895 43 y y y y y y 896 44 y y y y y y 898 11.5. MSD Types 900 This document makes the following registrations in the IGP MSD-Types 901 registry: 903 Value Name Reference 904 ------------------ 905 41 SRH Max SL [This Document] 906 42 SRH Max End Pop [This Document] 907 44 SRH Max H.encaps [This Document] 908 45 SRH Max End D [This Document] 910 11.6. Sub-Sub-TLVs for SID Sub-TLVs 912 This document requests a new IANA registry be created under the IS-IS 913 TLV Codepoints Registry to control the assignment of sub-TLV types 914 for the SID Sub-TLVs specified in this document - Section 7.2, 915 Section 8.1, Section 8.2. The suggested name of the new registry is 916 "sub-sub-TLVs for SRv6 End SID (5) (sub-TLV of TLVs 27, 135, 235, 236 917 and 237) and SRv6 End.X SID (43)/SRv6 LAN End.X SID (44) (Sub-TLVs 918 for TLVs 22, 23, 25, 141, 222, and 223)". The registration procedure 919 is "Expert Review" as defined in [RFC8126]. Guidance for the 920 Designated Experts is provided in [RFC7370]. The following 921 assignments are made by this document: 923 Type Description Encoding 924 Reference 925 --------------------------------------------------------- 926 0 Reserved 927 1 SRv6 SID Structure Sub-Sub-TLV [This Document] 928 2-255 Unassigned 930 Type 5 43 44 932 1 y y y 934 11.7. Prefix Attribute Flags Sub-TLV 936 This document adds a new bit in the "Bit Values for Prefix Attribute 937 Flags Sub-TLV" registry: 939 Bit #: 4 941 Description: Anycast Flag (A-flag) 943 Reference: This document (Section 6). 945 11.8. ISIS SRv6 Capabilities sub-TLV Flags Registry 947 This document requests a new IANA registry be created under the IS-IS 948 TLV Codepoints Registry to control the assignment of bits 0 to 15 in 949 the Flags field of the ISIS SRv6 Capabilities sub-TLV specified in 950 this document (Section 2). The suggested name of the new registry is 951 "ISIS SRv6 Capabilities sub-TLV Flags". The registration procedure 952 is "Expert Review" as defined in [RFC8126]. Guidance for the 953 Designated Experts is provided in [RFC7370]. The following 954 assignments are made by this document: 956 Bit #: 1 958 Description: O-flag 960 Reference: This document (Section 2). 962 11.9. ISIS SRv6 Locator TLV Flags Registry 964 This document requests a new IANA registry be created under the IS-IS 965 TLV Codepoints Registry to control the assignment of bits 0 to 7 in 966 the Flags field of the ISIS SRv6 Locator TLV specified in this 967 document (Section 7.1). The suggested name of the new registry is 968 "ISIS SRv6 Locator TLV Flags". The registration procedure is "Expert 969 Review" as defined in [RFC8126]. Guidance for the Designated Experts 970 is provided in [RFC7370]. The following assignments are made by this 971 document: 973 Bit #: 0 975 Description: D-flag 977 Reference: This document (Section 7.1). 979 11.10. ISIS SRv6 End SID sub-TLV Flags Registry 981 This document requests a new IANA registry be created under the IS-IS 982 TLV Codepoints Registry to control the assignment of bits 0 to 7 in 983 the Flags field of the ISIS SRv6 End SID sub-TLV specified in this 984 document (Section 7.2). The suggested name of the new registry is 985 "ISIS SRv6 End SID sub-TLV Flags". The registration procedure is 986 "Expert Review" as defined in [RFC8126]. Guidance for the Designated 987 Experts is provided in [RFC7370]. No assignments are made by this 988 document. 990 11.11. ISIS SRv6 End.X SID and LAN End.X SID sub-TLVs Flags Registry 992 This document requests a new IANA registry be created under the IS-IS 993 TLV Codepoints Registry to control the assignment of bits 0 to 7 in 994 the Flags field of the ISIS SRv6 End.X SID and LAN End.X SID sub-TLVs 995 (Section 8.1 and Section 8.2). The suggested name of the new 996 registry is "ISIS SRv6 End.X SID and LAN End.X SID sub-TLVs Flags". 997 The registration procedure is "Expert Review" as defined in 998 [RFC8126]. Guidance for the Designated Experts is provided in 999 [RFC7370]. The following assignments are made by this document: 1001 Bit #: 0 1003 Description: B-flag 1005 Reference: This document (Section 8.1). 1007 Bit #: 1 1009 Description: S-flag 1011 Reference: This document (Section 8.1). 1013 Bit #: 2 1015 Description: P-flag 1016 Reference: This document (Section 8.1). 1018 12. Security Considerations 1020 Security concerns for IS-IS are addressed in [ISO10589], [RFC5304], 1021 and [RFC5310]. While IS-IS is deployed under a single administrative 1022 domain, there can be deployments where potential attackers have 1023 access to one or more networks in the IS-IS routing domain. In these 1024 deployments, the stronger authentication mechanisms defined in the 1025 aforementioned documents SHOULD be used. 1027 This document describes the IS-IS extensions required to support 1028 Segment Routing over an IPv6 data plane. The security considerations 1029 for Segment Routing are discussed in [RFC8402]. [RFC8986] defines 1030 the SRv6 Network Programming concept and specifies the main Segment 1031 Routing behaviors to enable the creation of interoperable overlays; 1032 the security considerations from that document apply too. 1034 The advertisement for an incorrect MSD value may have negative 1035 consequences, see [RFC8491] for additional considerations. 1037 Security concerns associated with the setting of the O-flag are 1038 described in [I-D.ietf-6man-spring-srv6-oam]. 1040 Security concerns associated with the usage of Flex-Algorithms are 1041 described in [I-D.ietf-lsr-flex-algo]). 1043 13. Contributors 1045 The following people gave a substantial contribution to the content 1046 of this document and should be considered as co-authors: 1048 Stefano Previdi 1049 Huawei Technologies 1050 Email: stefano@previdi.net 1052 Paul Wells 1053 Cisco Systems 1054 Saint Paul, 1055 Minnesota 1056 United States 1057 Email: pauwells@cisco.com 1059 Daniel Voyer 1060 Email: daniel.voyer@bell.ca 1062 Satoru Matsushima 1063 Email: satoru.matsushima@g.softbank.co.jp 1065 Bart Peirens 1066 Email: bart.peirens@proximus.com 1068 Hani Elmalky 1069 Email: hani.elmalky@ericsson.com 1071 Prem Jonnalagadda 1072 Email: prem@barefootnetworks.com 1074 Milad Sharif 1075 Email: msharif@barefootnetworks.com> 1077 Robert Hanzl 1078 Cisco Systems 1079 Millenium Plaza Building, V Celnici 10, Prague 1, 1080 Prague, Czech Republic 1081 Email rhanzl@cisco.com 1083 Ketan Talaulikar 1084 Cisco Systems, Inc. 1085 Email: ketant@cisco.com 1087 14. Acknowledgments 1089 Thanks to Christian Hopps for his review comments and shepherd work. 1091 Thanks to Alvaro Retana and John Scudder for AD review and comments. 1093 15. References 1095 15.1. Normative References 1097 [I-D.ietf-6man-spring-srv6-oam] 1098 Ali, Z., Filsfils, C., Matsushima, S., Voyer, D., and M. 1099 Chen, "Operations, Administration, and Maintenance (OAM) 1100 in Segment Routing Networks with IPv6 Data plane (SRv6)", 1101 draft-ietf-6man-spring-srv6-oam-10 (work in progress), 1102 April 2021. 1104 [I-D.ietf-lsr-flex-algo] 1105 Psenak, P., Hegde, S., Filsfils, C., Talaulikar, K., and 1106 A. Gulko, "IGP Flexible Algorithm", draft-ietf-lsr-flex- 1107 algo-15 (work in progress), April 2021. 1109 [ISO10589] 1110 International Organization for Standardization, 1111 "Intermediate system to Intermediate system intra-domain 1112 routeing information exchange protocol for use in 1113 conjunction with the protocol for providing the 1114 connectionless-mode Network Service (ISO 8473)", Nov 2002. 1116 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1117 Requirement Levels", BCP 14, RFC 2119, 1118 DOI 10.17487/RFC2119, March 1997, 1119 . 1121 [RFC5120] Przygienda, T., Shen, N., and N. Sheth, "M-ISIS: Multi 1122 Topology (MT) Routing in Intermediate System to 1123 Intermediate Systems (IS-ISs)", RFC 5120, 1124 DOI 10.17487/RFC5120, February 2008, 1125 . 1127 [RFC5305] Li, T. and H. Smit, "IS-IS Extensions for Traffic 1128 Engineering", RFC 5305, DOI 10.17487/RFC5305, October 1129 2008, . 1131 [RFC5308] Hopps, C., "Routing IPv6 with IS-IS", RFC 5308, 1132 DOI 10.17487/RFC5308, October 2008, 1133 . 1135 [RFC7370] Ginsberg, L., "Updates to the IS-IS TLV Codepoints 1136 Registry", RFC 7370, DOI 10.17487/RFC7370, September 2014, 1137 . 1139 [RFC7794] Ginsberg, L., Ed., Decraene, B., Previdi, S., Xu, X., and 1140 U. Chunduri, "IS-IS Prefix Attributes for Extended IPv4 1141 and IPv6 Reachability", RFC 7794, DOI 10.17487/RFC7794, 1142 March 2016, . 1144 [RFC7981] Ginsberg, L., Previdi, S., and M. Chen, "IS-IS Extensions 1145 for Advertising Router Information", RFC 7981, 1146 DOI 10.17487/RFC7981, October 2016, 1147 . 1149 [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for 1150 Writing an IANA Considerations Section in RFCs", BCP 26, 1151 RFC 8126, DOI 10.17487/RFC8126, June 2017, 1152 . 1154 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 1155 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 1156 May 2017, . 1158 [RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L., 1159 Decraene, B., Litkowski, S., and R. Shakir, "Segment 1160 Routing Architecture", RFC 8402, DOI 10.17487/RFC8402, 1161 July 2018, . 1163 [RFC8491] Tantsura, J., Chunduri, U., Aldrin, S., and L. Ginsberg, 1164 "Signaling Maximum SID Depth (MSD) Using IS-IS", RFC 8491, 1165 DOI 10.17487/RFC8491, November 2018, 1166 . 1168 [RFC8665] Psenak, P., Ed., Previdi, S., Ed., Filsfils, C., Gredler, 1169 H., Shakir, R., Henderickx, W., and J. Tantsura, "OSPF 1170 Extensions for Segment Routing", RFC 8665, 1171 DOI 10.17487/RFC8665, December 2019, 1172 . 1174 [RFC8667] Previdi, S., Ed., Ginsberg, L., Ed., Filsfils, C., 1175 Bashandy, A., Gredler, H., and B. Decraene, "IS-IS 1176 Extensions for Segment Routing", RFC 8667, 1177 DOI 10.17487/RFC8667, December 2019, 1178 . 1180 [RFC8754] Filsfils, C., Ed., Dukes, D., Ed., Previdi, S., Leddy, J., 1181 Matsushima, S., and D. Voyer, "IPv6 Segment Routing Header 1182 (SRH)", RFC 8754, DOI 10.17487/RFC8754, March 2020, 1183 . 1185 [RFC8986] Filsfils, C., Ed., Camarillo, P., Ed., Leddy, J., Voyer, 1186 D., Matsushima, S., and Z. Li, "Segment Routing over IPv6 1187 (SRv6) Network Programming", RFC 8986, 1188 DOI 10.17487/RFC8986, February 2021, 1189 . 1191 15.2. Informative References 1193 [RFC5286] Atlas, A., Ed. and A. Zinin, Ed., "Basic Specification for 1194 IP Fast Reroute: Loop-Free Alternates", RFC 5286, 1195 DOI 10.17487/RFC5286, September 2008, 1196 . 1198 [RFC5304] Li, T. and R. Atkinson, "IS-IS Cryptographic 1199 Authentication", RFC 5304, DOI 10.17487/RFC5304, October 1200 2008, . 1202 [RFC5310] Bhatia, M., Manral, V., Li, T., Atkinson, R., White, R., 1203 and M. Fanto, "IS-IS Generic Cryptographic 1204 Authentication", RFC 5310, DOI 10.17487/RFC5310, February 1205 2009, . 1207 [RFC8355] Filsfils, C., Ed., Previdi, S., Ed., Decraene, B., and R. 1208 Shakir, "Resiliency Use Cases in Source Packet Routing in 1209 Networking (SPRING) Networks", RFC 8355, 1210 DOI 10.17487/RFC8355, March 2018, 1211 . 1213 Authors' Addresses 1215 Peter Psenak (editor) 1216 Cisco Systems 1217 Pribinova Street 10 1218 Bratislava 81109 1219 Slovakia 1221 Email: ppsenak@cisco.com 1223 Clarence Filsfils 1224 Cisco Systems 1225 Brussels 1226 Belgium 1228 Email: cfilsfil@cisco.com 1229 Ahmed Bashandy 1230 Individual 1232 Email: abashandy.ietf@gmail.com 1234 Bruno Decraene 1235 Orange 1236 Issy-les-Moulineaux 1237 France 1239 Email: bruno.decraene@orange.com 1241 Zhibo Hu 1242 Huawei Technologies 1244 Email: huzhibo@huawei.com