idnits 2.17.1 draft-ietf-spring-sr-replication-segment-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'MUST not' in this paragraph: There MUST not be any topological SID after a Replication SID in a packet. Otherwise, the behavior at Downstream nodes of a Replication segment is undefined and outside the scope of this document. -- The document date (20 August 2021) is 979 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-22) exists of draft-ietf-spring-segment-routing-policy-13 == Outdated reference: A later version (-26) exists of draft-ietf-lsr-flex-algo-17 == Outdated reference: A later version (-08) exists of draft-ietf-pim-sr-p2mp-policy-02 Summary: 0 errors (**), 0 flaws (~~), 5 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group D. Voyer, Ed. 3 Internet-Draft Bell Canada 4 Intended status: Standards Track C. Filsfils 5 Expires: 21 February 2022 R. Parekh 6 Cisco Systems, Inc. 7 H. Bidgoli 8 Nokia 9 Z. Zhang 10 Juniper Networks 11 20 August 2021 13 SR Replication Segment for Multi-point Service Delivery 14 draft-ietf-spring-sr-replication-segment-05 16 Abstract 18 This document describes the SR Replication segment for Multi-point 19 service delivery. A SR Replication segment allows a packet to be 20 replicated from a Replication Node to downstream nodes. 22 Requirements Language 24 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 25 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 26 document are to be interpreted as described in RFC 2119 [RFC2119]. 28 Status of This Memo 30 This Internet-Draft is submitted in full conformance with the 31 provisions of BCP 78 and BCP 79. 33 Internet-Drafts are working documents of the Internet Engineering 34 Task Force (IETF). Note that other groups may also distribute 35 working documents as Internet-Drafts. The list of current Internet- 36 Drafts is at https://datatracker.ietf.org/drafts/current/. 38 Internet-Drafts are draft documents valid for a maximum of six months 39 and may be updated, replaced, or obsoleted by other documents at any 40 time. It is inappropriate to use Internet-Drafts as reference 41 material or to cite them other than as "work in progress." 43 This Internet-Draft will expire on 21 February 2022. 45 Copyright Notice 47 Copyright (c) 2021 IETF Trust and the persons identified as the 48 document authors. All rights reserved. 50 This document is subject to BCP 78 and the IETF Trust's Legal 51 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 52 license-info) in effect on the date of publication of this document. 53 Please review these documents carefully, as they describe your rights 54 and restrictions with respect to this document. Code Components 55 extracted from this document must include Simplified BSD License text 56 as described in Section 4.e of the Trust Legal Provisions and are 57 provided without warranty as described in the Simplified BSD License. 59 Table of Contents 61 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 62 2. Replication Segment . . . . . . . . . . . . . . . . . . . . . 3 63 2.1. SR-MPLS data plane . . . . . . . . . . . . . . . . . . . 4 64 2.2. SRv6 data plane . . . . . . . . . . . . . . . . . . . . . 5 65 3. Use Cases . . . . . . . . . . . . . . . . . . . . . . . . . . 5 66 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 67 5. Security Considerations . . . . . . . . . . . . . . . . . . . 6 68 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 6 69 7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 6 70 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 71 8.1. Normative References . . . . . . . . . . . . . . . . . . 7 72 8.2. Informative References . . . . . . . . . . . . . . . . . 7 73 Appendix A. Illustration of a Replication Segment . . . . . . . 8 74 A.1. SR-MPLS . . . . . . . . . . . . . . . . . . . . . . . . . 9 75 A.2. SRv6 . . . . . . . . . . . . . . . . . . . . . . . . . . 10 76 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 12 78 1. Introduction 80 We define a new type of segment for Segment Routing [RFC8402], called 81 Replication segment, which allows a node (henceforth called as 82 Replication Node) to replicate packets to a set of other nodes 83 (called Downstream Nodes) in a Segment Routing Domain. Replication 84 segments provide building blocks for Point-to-Multipoint Service 85 delivery via SR Point-to-Multipoint (SR P2MP) policy. A Replication 86 segment can replicate packet to directly connected nodes or to 87 downstream nodes (without need for state on the transit routers). 88 This document focuses on the Replication segment building block. The 89 use of one or more stitched Replication segments constructed for SR 90 P2MP Policy tree is specified in [I-D.ietf-pim-sr-p2mp-policy]. 92 2. Replication Segment 94 In a Segment Routing Domain, a Replication segment is a logical 95 construct which connects a Replication Node to a set of Downstream 96 Nodes. A Replication segment is a local segment instantiated at a 97 Replication node. It can be either provisioned locally on a node or 98 programmed by a PCE. Replication segments apply equally to both SR- 99 MPLS and SRv6 instantiations of Segment Routing. 101 A Replication segment is identified by the tuple , where: 104 * Replication-ID: An identifier for a Replication segment that is 105 unique in context of the Replication Node. 107 * Node-ID: The address of the Replication Node that the Replication 108 segment is for. Note that the root of a multi-point service is 109 also a Replication Node. 111 In simplest case, Replication-ID can be a 32-bit number, but it can 112 be extended or modified as required based on specific use of a 113 Replication segment. When the PCE signals a Replication segment to 114 its node, the tuple identifies the segment. 115 Examples of such signaling and extension are described in 116 [I-D.ietf-pim-sr-p2mp-policy]. 118 A Replication segment includes the following elements: 120 * Replication SID: The Segment Identifier of a Replication segment. 121 This is a SR-MPLS label or a SRv6 SID [RFC8402]. 123 * Downstream Nodes: Set of nodes in Segment Routing domain to which 124 a packet is replicated by the Replication segment. 126 * Replication State: See below. 128 The Downstream Nodes and Replication State of a Replication segment 129 can change over time, depending on the network state and leaf nodes 130 of a multi-point service that the segment is part of. 132 Replication SID identifies the Replication segment in the forwarding 133 plane. At a Replication node, the Replication SID is the equivalent 134 of Binding SID [I-D.ietf-spring-segment-routing-policy] of a Segment 135 Routing Policy. 137 Replication State is a list of replication branches to the Downstream 138 Nodes. In this document, each branch is abstracted to a tuple. 141 In a branch tuple, represents the reachability from 142 the Replication Node to the Downstream Node. In its simplest form, 143 this MAY be specified as an interface or nexthop if downstream node 144 is adjacent to the Replication Node. The reachability may be 145 specified in terms of Flex-Algo path (including the default algo) 146 [I-D.ietf-lsr-flex-algo], or specified by an SR explicit path 147 represented either by a SID-list (of one or more SIDs) or by a 148 Segment Routing Policy [I-D.ietf-spring-segment-routing-policy]. 150 A packet is steered into a Replication segment at a Replication Node 151 in two ways: 153 * When the Active Segment [RFC8402] is a locally instantiated 154 Replication SID 156 * By the root of a multi-point service based on local configuration 157 outside the scope of this document. 159 In either case, the packet is replicated to each Downstream node in 160 the associated Replication state. 162 If a Downstream Node is an egress (aka leaf) of the multi-point 163 service, i.e. no further replication is needed, then that leaf node's 164 Replication segment will not have any Replication State and the 165 operation is NEXT. At an egress node, the Replication SID MAY be 166 used to identify that portion of the multi-point service. Notice 167 that the segment on the leaf node is still referred to as a 168 Replication segment for the purpose of generalization. 170 A node can be a bud node, i.e. it is a Replication Node and a leaf 171 node of a multi-point service at the same time 172 [I-D.ietf-pim-sr-p2mp-policy]. 174 There MUST not be any topological SID after a Replication SID in a 175 packet. Otherwise, the behavior at Downstream nodes of a Replication 176 segment is undefined and outside the scope of this document. 178 2.1. SR-MPLS data plane 180 When the Active Segment is a Replication SID, the processing results 181 in a POP operation and lookup of the associated Replication state. 182 For each replication in the Replication state, the operation is a 183 PUSH of the downstream Replication SID and an optional segment list 184 on to the packet which is forwarded to the Downstream node. For leaf 185 nodes the inner packet is forwarded as per local configuration. 187 When the root of a multi-point service steers a packet to a 188 Replication segment, it results in a replication to each Downstream 189 node in the associated replication state. The operation is a PUSH of 190 the replication SID and an optional segment list on to the packet 191 which is forwarded to the downstream node. 193 2.2. SRv6 data plane 195 In SRv6 [RFC8986], the "Endpoint with replication" behavior 196 (End.Replicate for short) replicates a packet and forwards the packet 197 according to a Replication state. 199 When processing a packet destined to a local Replication-SID, the 200 packet is replicated to Downstream nodes in the associated 201 Replication state. For replication, the outer header is re-used, and 202 the Downstream Replication SID is written into the outer IPv6 header 203 destination address.If required, an optional segment list is used to 204 encapsulate the replicated packet via H.Encaps. For a leaf node, the 205 packet is decapsulated and the inner packet is forwarded as per local 206 configuration. 208 When the root of a multi-point service steers a packet into a 209 Replication segment, for each replication, H.Encaps is used to 210 encapsulate the packet with the segment list to the Downstream node . 212 An End.Replicate SID MUST only appear as the ultimate SID in a SID- 213 list. An implementation that receives a packet destined to a locally 214 instantiated End.Replicate SID that is not the ultimate segment 215 SHOULD reply with ICMP Parameter Problem error (Erroneous header 216 field encountered) and discard the packet. 218 3. Use Cases 220 In the simplest use case, a single Replication segment includes the 221 root node of a multi-point service and the egress/leaf nodes of the 222 service as all the Downstream Nodes. This achieves Ingress 223 Replication [RFC7988] that has been widely used for MVPN [RFC6513] 224 and EVPN [RFC7432] BUM (Broadcast, Unknown and Multicast) traffic. 226 Replication segments can also be used as building blocks for 227 replication trees when Replication segments on the root, intermediate 228 Replication Nodes and leaf nodes are stitched together to achieve 229 efficient replication. That is specified in 230 [I-D.ietf-pim-sr-p2mp-policy]. 232 4. IANA Considerations 234 This document requires registration of End.Replicate behavior in 235 "SRv6 Endpoint Behaviors" sub-registry of "Segment Routing 236 Parameters" top-level registry. 238 +=======+=====+===================+===========+ 239 | Value | Hex | Endpoint behavior | Reference | 240 +=======+=====+===================+===========+ 241 | TBD | TBD | End.Replicate | [This.ID] | 242 +-------+-----+-------------------+-----------+ 244 Table 1: IETF - SRv6 Endpoint Behaviors 246 5. Security Considerations 248 There are no additional security risks introduced by this design. 250 6. Acknowledgements 252 The authors would like to acknowledge Siva Sivabalan, Mike Koldychev, 253 Vishnu Pavan Beeram, Alexander Vainshtein, Bruno Decraene and Joel 254 Halpern for their valuable inputs. 256 7. Contributors 258 Clayton Hassen Bell Canada Vancouver Canada 260 Email: clayton.hassen@bell.ca 262 Kurtis Gillis Bell Canada Halifax Canada 264 Email: kurtis.gillis@bell.ca 266 Arvind Venkateswaran Cisco Systems, Inc. San Jose US 268 Email: arvvenka@cisco.com 270 Zafar Ali Cisco Systems, Inc. US 272 Email: zali@cisco.com 274 Swadesh Agrawal Cisco Systems, Inc. San Jose US 276 Email: swaagraw@cisco.com 278 Jayant Kotalwar Nokia Mountain View US 279 Email: jayant.kotalwar@nokia.com 281 Tanmoy Kundu Nokia Mountain View US 283 Email: tanmoy.kundu@nokia.com 285 Andrew Stone Nokia Ottawa Canada 287 Email: andrew.stone@nokia.com 289 Tarek Saad Juniper Networks Canada 291 Email:tsaad@juniper.net 293 8. References 295 8.1. Normative References 297 [I-D.ietf-spring-segment-routing-policy] 298 Filsfils, C., Talaulikar, K., Voyer, D., Bogdanov, A., and 299 P. Mattes, "Segment Routing Policy Architecture", Work in 300 Progress, Internet-Draft, draft-ietf-spring-segment- 301 routing-policy-13, 28 May 2021, 302 . 305 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 306 Requirement Levels", BCP 14, RFC 2119, 307 DOI 10.17487/RFC2119, March 1997, 308 . 310 [RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L., 311 Decraene, B., Litkowski, S., and R. Shakir, "Segment 312 Routing Architecture", RFC 8402, DOI 10.17487/RFC8402, 313 July 2018, . 315 [RFC8986] Filsfils, C., Ed., Camarillo, P., Ed., Leddy, J., Voyer, 316 D., Matsushima, S., and Z. Li, "Segment Routing over IPv6 317 (SRv6) Network Programming", RFC 8986, 318 DOI 10.17487/RFC8986, February 2021, 319 . 321 8.2. Informative References 323 [I-D.filsfils-spring-srv6-net-pgm-illustration] 324 Filsfils, C., Garvia, P. C., Li, Z., Matsushima, S., 325 Decraene, B., Steinberg, D., Lebrun, D., Raszuk, R., and 326 J. Leddy, "Illustrations for SRv6 Network Programming", 327 Work in Progress, Internet-Draft, draft-filsfils-spring- 328 srv6-net-pgm-illustration-04, 30 March 2021, 329 . 332 [I-D.ietf-lsr-flex-algo] 333 Psenak, P., Hegde, S., Filsfils, C., Talaulikar, K., and 334 A. Gulko, "IGP Flexible Algorithm", Work in Progress, 335 Internet-Draft, draft-ietf-lsr-flex-algo-17, 6 July 2021, 336 . 339 [I-D.ietf-pim-sr-p2mp-policy] 340 Voyer, D., Filsfils, C., Parekh, R., Bidgoli, H., and Z. 341 Zhang, "Segment Routing Point-to-Multipoint Policy", Work 342 in Progress, Internet-Draft, draft-ietf-pim-sr-p2mp- 343 policy-02, 19 February 2021, 344 . 347 [RFC6513] Rosen, E., Ed. and R. Aggarwal, Ed., "Multicast in MPLS/ 348 BGP IP VPNs", RFC 6513, DOI 10.17487/RFC6513, February 349 2012, . 351 [RFC7432] Sajassi, A., Ed., Aggarwal, R., Bitar, N., Isaac, A., 352 Uttaro, J., Drake, J., and W. Henderickx, "BGP MPLS-Based 353 Ethernet VPN", RFC 7432, DOI 10.17487/RFC7432, February 354 2015, . 356 [RFC7988] Rosen, E., Ed., Subramanian, K., and Z. Zhang, "Ingress 357 Replication Tunnels in Multicast VPN", RFC 7988, 358 DOI 10.17487/RFC7988, October 2016, 359 . 361 Appendix A. Illustration of a Replication Segment 363 This section illustrates an example of a single Replication segment. 364 Examples showing Replication segment stitched together to form P2MP 365 tree (based on SR P2MP policy) are in [I-D.ietf-pim-sr-p2mp-policy]. 367 Consider the following topology: 369 R3------R6 370 / \ 371 R1----R2----R5-----R7 372 \ / 373 +--R4---+ 375 Figure 1: Figure 1 377 A.1. SR-MPLS 379 In this example, the Node-SID of a node Rn is N-SIDn and Adjacency- 380 SID from node Rm to node Rn is A-SIDmn. Interface between Rm and Rn 381 is Lmn. 383 Assume a Replication segment identified with R-ID at Replication Node 384 R1 and downstream Nodes R2, R6 and R7. The Replication SID at node n 385 is R-SIDn. A packet replicated from R1 to R7 has to traverse R4. 387 The Replication segment state at nodes R1, R2, R6 and R7 is shown 388 below. Note nodes R3, R4 and R5 do not have state for the 389 Replication segment. 391 Replication segment at R1: 393 Replication segment : 394 Replication SID: R-SID1 395 Replication State: 396 R2: L12> 397 R6: 398 R7: 400 Replication to R2 steers packet directly to R2 on interface L12. 401 Replication to R6, using N-SID6, steers packet via IGP shortest path 402 to that node. Replication to R7 is steered via R4, using N-SID4 and 403 then adjacency SID A-sID47 to R7. 405 Replication segment at R2: 407 Replication segment : 408 Replication SID: R-SID2 409 Replication State: 410 R2: 412 Replication segment at R6: 414 Replication segment : 415 Replication SID: R-SID6 416 Replication State: 417 R6: 419 Replication segment at R7: 421 Replication segment : 422 Replication SID: R-SID7 423 Replication State: 424 R7: 426 When a packet is steered into the Replication segment at R1: 428 * Since R1 is directly connected to R2, R1 performs PUSH operation 429 with just label for the replicated copy and sends it to 430 R2 on interface L12. R2, as Leaf, performs NEXT operation, pops 431 R-SID2 label and delivers the payload. 433 * R1 performs PUSH operation with label stack for 434 the replicated copy to R6 and sends it to R2, the nexthop on IGP 435 shortest path to R6. R2 performs CONTINUE operation on N-SID6 and 436 forwards it to R3. R3 is the penultimate hop for N-SID6; it 437 performs penultimate hop popping, which corresponds to the NEXT 438 operation and the packet is then sent to R6 with in the 439 label stack. R6, as Leaf, performs NEXT operation, pops R-SID6 440 label and delivers the payload. 442 * R1 performs PUSH operation with label 443 stack for the replicated copy to R7 and sends it to R2, the 444 nexthop on IGP shortest path to R4. R2 is the penultimate hop for 445 N-SID4; it performs penultimate hop popping, which corresponds to 446 the NEXT operation and the packet is then sent to R4 with 447 in the label stack. R4 performs NEXT operation, 448 pops A-SID47, and delivers packet to R7 with in the label 449 stack. R7, as Leaf, performs NEXT operation, pops R-SID7 label 450 and delivers the payload. 452 A.2. SRv6 454 For SRv6 , we use SID allocation scheme, reproduced below, from 455 Illustrations for SRv6 Network Programming 456 [I-D.filsfils-spring-srv6-net-pgm-illustration] 458 * 2001:db8::/32 is an IPv6 block allocated by a RIR to the operator 460 * 2001:db8:0::/48 is dedicated to the internal address space 462 * 2001:db8:cccc::/48 is dedicated to the internal SRv6 SID space 464 * We assume a location expressed in 64 bits and a function expressed 465 in 16 bits 467 * Node k has a classic IPv6 loopback address 2001:db8::k/128 which 468 is advertised in the IGP 470 * Node k has 2001:db8:cccc:k::/64 for its local SID space. Its SIDs 471 will be explicitly assigned from that block 473 * Node k advertises 2001:db8:cccc:k::/64 in its IGP 475 * Function :1:: (function 1, for short) represents the End function 476 with PSP support 478 * Function :Cn:: (function Cn, for short) represents the End.X 479 function from to Node n 481 Each node k has: 483 * An explicit SID instantiation 2001:db8:cccc:k:1::/128 bound to an 484 End function with additional support for PSP 486 * An explicit SID instantiation 2001:db8:cccc:k:Cj::/128 bound to an 487 End.X function to neighbor J with additional support for PSP 489 * An explicit SID instantiation 2001:db8:cccc:k:Fk::/128 bound to an 490 End.Replcate function 492 Assume a Replication segment identified with R-ID at Replication Node 493 R1 and downstream Nodes R2, R6 and R7. The Replication SID at node 494 k, bound to an End.Replcate function, is 2001:db8:cccc:k:Fk::/128. A 495 packet replicated from R1 to R7 has to traverse R4. 497 The Replication segment state at nodes R1, R2, R6 and R7 is shown 498 below. Note nodes R3, R4 and R5 do not have state for the 499 Replication segment. 501 Replication segment at R1: 503 Replication segment : 504 Replication SID: 2001:db8:cccc:1:F1::0 505 Replication State: 506 R2: <2001:db8:cccc:2:F2::0->L12> 507 R6: <2001:db8:cccc:6:F6::0> 508 R7: <2001:db8:cccc:4:C7::0, 2001:db8:cccc:7:F7::0> 510 Replication to R2 steers packet directly to R2 on interface L12. 511 Replication to R6, using 2001:db8:cccc:6:F6::0, steers packet via IGP 512 shortest path to that node. Replication to R7 is steered via R4, 513 using End.X SID 2001:db8:cccc:4:C7::0 at R4 to R7. 515 Replication segment at R2: 517 Replication segment : 518 Replication SID: 2001:db8:cccc:2:F2::0 519 Replication State: 520 R2: 522 Replication segment at R6: 524 Replication segment : 525 Replication SID: 2001:db8:cccc:6:F6::0 526 Replication State: 527 R6: 529 Replication segment at R7: 531 Replication segment : 532 Replication SID: 2001:db8:cccc:7:F7::0 533 Replication State: 534 R7: 536 When a packet, (A,B2), is steered into the Replication segment at R1: 538 * Since R1 is directly connected to R2, R1 creates encapsulated 539 replicated copy (2001:db8::1, 2001:db8:cccc:2:F2::0) (A, B2), and 540 sends it to R2 on interface L12. R2, as Leaf, removes outer IPv6 541 header and delivers the payload. 543 * R1 creates encapsulated replicated copy (2001:db8::1, 544 2001:db8:cccc:6:F6::0) (A, B2) then forwards the resulting packet 545 on the shortest path to 2001:db8:cccc:6::/64. R2 and R3 forward 546 the packet using 2001:db8:cccc:6::/64. R6, as Leaf, removes outer 547 IPv6 header and delivers the payload. 549 * R1 creates encapsulated replicated copy (2001:db8::1, 550 2001:db8:cccc:4:C7::0) (2001:db8:cccc:7:F7::0; SL=1) (A, B2) and 551 sends it to R2, the nexthop on IGP shortest path to 552 2001:db8:cccc:4::/64. R2 forwards packet to R4 using 553 2001:db8:cccc:4::/64. R4 executes End.X function on 554 2001:db8:cccc:4:C7::0, performs PSP action, removes SRH and sends 555 resulting packet (2001:db8::1, 2001:db8:cccc:7:F7::0) (A, B2) to 556 R7. R7, as Leaf, removes outer IPv6 header and delivers the 557 payload. 559 Authors' Addresses 560 Daniel Voyer (editor) 561 Bell Canada 562 Montreal 563 Canada 565 Email: daniel.voyer@bell.ca 567 Clarence Filsfils 568 Cisco Systems, Inc. 569 Brussels 570 Belgium 572 Email: cfilsfil@cisco.com 574 Rishabh Parekh 575 Cisco Systems, Inc. 576 San Jose, 577 United States of America 579 Email: riparekh@cisco.com 581 Hooman Bidgoli 582 Nokia 583 Ottawa 584 Canada 586 Email: hooman.bidgoli@nokia.com 588 Zhaohui Zhang 589 Juniper Networks 591 Email: zzhang@juniper.net