idnits 2.17.1 draft-ietf-spring-srv6-network-programming-24.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (October 7, 2020) is 1290 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC8317' is defined on line 1854, but no explicit reference was found in the text == Outdated reference: A later version (-04) exists of draft-filsfils-spring-srv6-net-pgm-illustration-02 == Outdated reference: A later version (-13) exists of draft-ietf-rtgwg-segment-routing-ti-lfa-04 Summary: 0 errors (**), 0 flaws (~~), 4 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 SPRING C. Filsfils, Ed. 3 Internet-Draft P. Camarillo, Ed. 4 Intended status: Standards Track Cisco Systems, Inc. 5 Expires: April 10, 2021 J. Leddy 6 Individual Contributor 7 D. Voyer 8 Bell Canada 9 S. Matsushima 10 SoftBank 11 Z. Li 12 Huawei Technologies 13 October 7, 2020 15 SRv6 Network Programming 16 draft-ietf-spring-srv6-network-programming-24 18 Abstract 20 The SRv6 Network Programming framework enables a network operator or 21 an application to specify a packet processing program by encoding a 22 sequence of instructions in the IPv6 packet header. 24 Each instruction is implemented on one or several nodes in the 25 network and identified by an SRv6 Segment Identifier in the packet. 27 This document defines the SRv6 Network Programming concept and 28 specifies the base set of SRv6 behaviors that enables the creation of 29 interoperable overlays with underlay optimization. 31 Status of This Memo 33 This Internet-Draft is submitted in full conformance with the 34 provisions of BCP 78 and BCP 79. 36 Internet-Drafts are working documents of the Internet Engineering 37 Task Force (IETF). Note that other groups may also distribute 38 working documents as Internet-Drafts. The list of current Internet- 39 Drafts is at https://datatracker.ietf.org/drafts/current/. 41 Internet-Drafts are draft documents valid for a maximum of six months 42 and may be updated, replaced, or obsoleted by other documents at any 43 time. It is inappropriate to use Internet-Drafts as reference 44 material or to cite them other than as "work in progress." 46 This Internet-Draft will expire on April 10, 2021. 48 Copyright Notice 50 Copyright (c) 2020 IETF Trust and the persons identified as the 51 document authors. All rights reserved. 53 This document is subject to BCP 78 and the IETF Trust's Legal 54 Provisions Relating to IETF Documents 55 (https://trustee.ietf.org/license-info) in effect on the date of 56 publication of this document. Please review these documents 57 carefully, as they describe your rights and restrictions with respect 58 to this document. Code Components extracted from this document must 59 include Simplified BSD License text as described in Section 4.e of 60 the Trust Legal Provisions and are provided without warranty as 61 described in the Simplified BSD License. 63 Table of Contents 65 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 4 66 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 67 2.1. Requirements Language . . . . . . . . . . . . . . . . . . 5 68 3. SRv6 SID . . . . . . . . . . . . . . . . . . . . . . . . . . 5 69 3.1. SID Format . . . . . . . . . . . . . . . . . . . . . . . 6 70 3.2. SID Allocation within an SR domain . . . . . . . . . . . 7 71 3.3. SID Reachability . . . . . . . . . . . . . . . . . . . . 9 72 4. SR Endpoint Behaviors . . . . . . . . . . . . . . . . . . . . 10 73 4.1. End: Endpoint . . . . . . . . . . . . . . . . . . . . . . 11 74 4.1.1. Upper-Layer Header . . . . . . . . . . . . . . . . . 12 75 4.2. End.X: Layer-3 Cross-Connect . . . . . . . . . . . . . . 12 76 4.3. End.T: Specific IPv6 Table Lookup . . . . . . . . . . . . 13 77 4.4. End.DX6: Decapsulation and IPv6 Cross-Connect . . . . . . 14 78 4.5. End.DX4: Decapsulation and IPv4 Cross-Connect . . . . . . 15 79 4.6. End.DT6: Decapsulation and Specific IPv6 Table Lookup . . 16 80 4.7. End.DT4: Decapsulation and Specific IPv4 Table Lookup . . 17 81 4.8. End.DT46: Decapsulation and Specific IP Table Lookup . . 18 82 4.9. End.DX2: Decapsulation and L2 Cross-Connect . . . . . . . 19 83 4.10. End.DX2V: Decapsulation and VLAN L2 Table Lookup . . . . 20 84 4.11. End.DT2U: Decapsulation and Unicast MAC L2 Table Lookup . 20 85 4.12. End.DT2M: Decapsulation and L2 Table Flooding . . . . . . 21 86 4.13. End.B6.Encaps: Endpoint Bound to an SRv6 Policy w/ Encaps 22 87 4.14. End.B6.Encaps.Red: End.B6.Encaps with Reduced SRH . . . . 24 88 4.15. End.BM: Endpoint Bound to an SR-MPLS Policy . . . . . . . 24 89 4.16. Flavors . . . . . . . . . . . . . . . . . . . . . . . . . 25 90 4.16.1. PSP: Penultimate Segment Pop of the SRH . . . . . . 25 91 4.16.2. USP: Ultimate Segment Pop of the SRH . . . . . . . . 28 92 4.16.3. USD: Ultimate Segment Decapsulation . . . . . . . . 28 93 5. SR Policy Headend Behaviors . . . . . . . . . . . . . . . . . 29 94 5.1. H.Encaps: SR Headend with Encapsulation in an SRv6 Policy 30 95 5.2. H.Encaps.Red: H.Encaps with Reduced Encapsulation . . . . 30 96 5.3. H.Encaps.L2: H.Encaps Applied to Received L2 Frames . . . 31 97 5.4. H.Encaps.L2.Red: H.Encaps.Red Applied to Received L2 98 frames . . . . . . . . . . . . . . . . . . . . . . . . . 31 99 6. Counters . . . . . . . . . . . . . . . . . . . . . . . . . . 31 100 7. Flow-based Hash Computation . . . . . . . . . . . . . . . . . 32 101 8. Control Plane . . . . . . . . . . . . . . . . . . . . . . . . 32 102 8.1. IGP . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 103 8.2. BGP-LS . . . . . . . . . . . . . . . . . . . . . . . . . 33 104 8.3. BGP IP/VPN/EVPN . . . . . . . . . . . . . . . . . . . . . 33 105 8.4. Summary . . . . . . . . . . . . . . . . . . . . . . . . . 33 106 9. Security Considerations . . . . . . . . . . . . . . . . . . . 35 107 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 35 108 10.1. Ethernet Next Header Type . . . . . . . . . . . . . . . 35 109 10.2. SRv6 Endpoint Behaviors Registry . . . . . . . . . . . . 35 110 10.2.1. Initial Registrations . . . . . . . . . . . . . . . 36 111 11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 37 112 12. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 38 113 13. References . . . . . . . . . . . . . . . . . . . . . . . . . 41 114 13.1. Normative References . . . . . . . . . . . . . . . . . . 41 115 13.2. Informative References . . . . . . . . . . . . . . . . . 41 116 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 43 118 1. Introduction 120 Segment Routing [RFC8402] leverages the source routing paradigm. An 121 ingress node steers a packet through an ordered list of instructions, 122 called segments. Each one of these instructions represents a 123 function to be called at a specific location in the network. A 124 function is locally defined on the node where it is executed and may 125 range from simply moving forward in the Segment List to any complex 126 user-defined behavior. Network programming combines segment routing 127 functions, both simple and complex, to achieve a networking objective 128 that goes beyond mere packet routing. 130 This document defines the SRv6 Network Programming concept and 131 specifies the main segment routing behaviors to enable the creation 132 of interoperable overlays with underlay optimization. 134 The companion document 135 [I-D.filsfils-spring-srv6-net-pgm-illustration] illustrates the 136 concepts defined in this document. 138 Familiarity with the Segment Routing Header [RFC8754] is expected. 140 2. Terminology 142 The following terms used within this document are defined in 143 [RFC8402]: Segment Routing, SR Domain, Segment ID (SID), SRv6, SRv6 144 SID, SR Policy, Prefix-SID, and Adj-SID. 146 The following terms used within this document are defined in 147 [RFC8754]: SRH, SR Source Node, Transit Node, SR Segment Endpoint 148 Node, Reduced SRH, Segments Left and Last Entry. 150 SL: The Segments Left field of the SRH 152 FIB: Forwarding Information Base. A FIB lookup is a lookup in the 153 forwarding table. 155 SA: Source Address 157 DA: Destination Address 159 SRv6 SID function: The function part of the SID is an opaque 160 identification of a local behavior bound to the SID. It is formally 161 defined in Section 3.1 of this document. 163 SRv6 Segment Endpoint behavior: A packet processing behavior executed 164 at an SRv6 Segment Endpoint Node. Section 4 of this document defines 165 SRv6 Segment Endpoint behaviors related to traffic-engineering and 166 overlay use-cases. Other behaviors (e.g. service programming) are 167 outside the scope of this document. 169 An SR Policy is resolved to a SID list. A SID list is represented as 170 where S1 is the first SID to visit, S2 is the second SID 171 to visit and S3 is the last SID to visit along the SR path. 173 (SA,DA) (S3, S2, S1; SL) represents an IPv6 packet with: 175 - Source Address is SA, Destination Address is DA, and next-header is 176 SRH. 178 - SRH with SID list with Segments Left = SL. 180 - Note the difference between the <> and () symbols: 181 represents a SID list where S1 is the first SID and S3 is the last 182 SID to traverse. (S3, S2, S1; SL) represents the same SID list but 183 encoded in the SRH format where the rightmost SID in the SRH is the 184 first SID and the leftmost SID in the SRH is the last SID. When 185 referring to an SR policy in a high-level use-case, it is simpler 186 to use the notation. When referring to an 187 illustration of the detailed packet behavior, the (S3, S2, S1; SL) 188 notation is more convenient. 190 - The payload of the packet is omitted. 192 Per-VRF VPN label: a single label for the entire VRF that is shared 193 by all routes from that VRF ([RFC4364] Section 4.3.2) 195 Per-CE VPN label: a single label for each attachment circuit that is 196 shared by all routes with the same "outgoing attachment circuit" 197 ([RFC4364] Section 4.3.2) 199 2.1. Requirements Language 201 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 202 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 203 "OPTIONAL" in this document are to be interpreted as described in BCP 204 14 [RFC2119] [RFC8174] when, and only when, they appear in all 205 capitals, as shown here. 207 3. SRv6 SID 209 RFC8402 defines an SRv6 Segment Identifier as an IPv6 address 210 explicitly associated with the segment. 212 When an SRv6 SID is in the Destination Address field of an IPv6 213 header of a packet, it is routed through Transit Nodes in an IPv6 214 network as an IPv6 address. 216 Its processing is defined in [RFC8754] section 4.3 and reproduced 217 here as a reminder. 219 Without constraining the details of an implementation, the SR 220 segment endpoint node creates Forwarding Information Base (FIB) 221 entries for its local SIDs. 223 When an SRv6-capable node receives an IPv6 packet, it performs a 224 longest-prefix-match lookup on the packet's destination address. 225 This lookup can return any of the following: 227 * A FIB entry that represents a locally instantiated SRv6 SID 229 * A FIB entry that represents a local interface, not locally 230 instantiated as an SRv6 SID 232 * A FIB entry that represents a nonlocal route 234 * No Match 236 Section 4 of this document defines a new set of SRv6 SID behaviors in 237 addition to that defined in [RFC8754] Section 4.3.1. 239 3.1. SID Format 241 This document defines an SRv6 SID as consisting of LOC:FUNCT:ARG, 242 where a locator (LOC) is encoded in the L most significant bits of 243 the SID, followed by F bits of function (FUNCT) and A bits of 244 arguments (ARG). L, the locator length, is flexible, and an operator 245 is free to use the locator length of their choice. F and A may be 246 any value as long as L+F+A <= 128. When L+F+A is less than 128 then 247 the remaining bits of the SID MUST be zero. 249 A locator may be represented as B:N where B is the SRv6 SID block 250 (IPv6 prefix allocated for SRv6 SIDs by the operator) and N is the 251 identifier of the parent node instantiating the SID. 253 When the LOC part of the SRv6 SIDs is routable, it leads to the node 254 which instantiates the SID. 256 The FUNCT is an opaque identification of a local behavior bound to 257 the SID. 259 The term "function" refers to the bit-string in the SRv6 SID. The 260 term "behavior" identifies the behavior bound to the SID. The 261 behaviors are defined in Section 4 of this document. 263 An SRv6 Segment Endpoint Behavior may require additional information 264 for its processing (e.g. related to the flow or service). This 265 information may be encoded in the ARG bits of the SID. 267 In such a case, the semantics and format of the ARG bits are defined 268 as part of the SRv6 endpoint behavior specification. 270 The ARG value of a routed SID SHOULD remain constant among packets in 271 a given flow. Varying ARG values among packets in a flow may result 272 in different ECMP hashing and cause re-ordering. 274 3.2. SID Allocation within an SR domain 276 Locators are assigned consistent with IPv6 infrastructure allocation. 277 For example, a network operator may: 279 o Assign block B::/48 to the SR domain 281 o Assign a unique B:N::/64 block to each SRv6-enabled node in the 282 domain 284 As an example, one mobile service provider has commercially deployed 285 SRv6 across more than 1000 commercial routers and 1800 whitebox 286 routers. All these devices are enabled for SRv6 and advertise SRv6 287 SIDs. The provider historically deployed IPv6 and assigned 288 infrastructure addresses from ULA space [RFC4193]. They specifically 289 allocated three /48 prefixes (Country X, Country Y, Country Z) to 290 support their SRv6 infrastructure. From those /48 prefixes each 291 router was assigned a /64 prefix from which all SIDs of that router 292 are allocated. 294 In another example, a large mobile and fixed-line service provider 295 has commercially deployed SRv6 in their country-wide network. This 296 provider is assigned a /20 prefix by an RIR (Regional Internet 297 Registry). They sub-allocated a few /48 prefixes to their 298 infrastructure to deploy SRv6. Each router is assigned a /64 prefix 299 from which all SIDs of that router are allocated. 301 IPv6 address consumption in both these examples is minimal, 302 representing one billionth and one millionth of the available address 303 space, respectively. 305 A service provider receiving the current minimum allocation of a /32 306 from an RIR may assign a /48 prefix to their infrastructure deploying 307 SRv6, and subsequently allocate /64 prefixes for SIDs at each SRv6 308 node. The /48 assignment is one sixty-five thousandth (1/2^16) of 309 the usable IPv6 address space available for assignment by the 310 provider. 312 When an operator instantiates a SID at a node, they specify a SID 313 value B:N:FUNCT and the behavior bound to the SID using one of the 314 SRv6 Endpoint Behavior codepoint of the registry defined in this 315 document (see Table 4). 317 The node advertises the SID, B:N:FUNCT, in the control-plane (see 318 Section 8) together with the SRv6 Endpoint Behavior codepoint 319 identifying the behavior of the SID. 321 An SR Source Node uses the SRv6 Endpoint Behavior codepoint to map 322 the received SID (B:N:FUNCT) to a behavior. 324 An SR Source Node selects a desired behavior at an advertising node 325 by selecting the SID (B:N:FUNCT) advertised with the desired 326 behavior. 328 An SR Source Node cannot infer the behavior by examination of the 329 FUNCT value of a SID. 331 Therefore, the SRv6 Endpoint Behavior codepoint is advertised along 332 with the SID in the control plane. 334 As an example, a network operator may: 336 o Assign an SRv6 SID block 2001:db8:bbbb::/48 from their in-house 337 operation block for their SRv6 infrastructure 339 o Assign an SRv6 Locator 2001:db8:bbbb:3::/64 to one particular 340 router, for example Router 3, in their SR Domain 342 o At Router 3, within the locator 2001:db8:bbbb:3::/64, the network 343 operator or the router performs dynamic assignment for: 345 * Function 0x0100 associated with the behavior End.X (Endpoint 346 with cross-connect) between router 3 and its connected neighbor 347 router, for example Router 4. This function is encoded as 348 16-bit value and has no arguments (F=16, A=0). 349 This SID is advertised in the control plane as 350 2001:db8:bbbb:3:100:: with SRv6 Endpoint Behavior codepoint 351 value of 5. 353 * Function 0x0101 associated with the behavior End.X (Endpoint 354 with cross-connect) between router 3 and its connected neighbor 355 router, for example Router 2. This function is encoded as 356 16-bit value and has no arguments (F=16, A=0). 357 This SID is advertised in the control plane as 358 2001:db8:bbbb:3:101:: with SRv6 Endpoint Behavior codepoint 359 value of 5. 361 These examples do not preclude any other IPv6 addressing allocation 362 scheme. 364 3.3. SID Reachability 366 Most often, the node N would advertise IPv6 prefix(es) matching the 367 LOC parts covering its SIDs or shorter-mask prefix. The distribution 368 of these advertisements and calculation of their reachability are 369 specific to the routing protocol and are outside of the scope of this 370 document. 372 An SRv6 SID is said to be routed if its SID belongs to an IPv6 prefix 373 advertised via a routing protocol. An SRv6 SID that does not fulfill 374 this condition is non-routed. 376 Let's provide a classic illustration: 378 Node N is configured explicitly with two SIDs: 2001:db8:b:1:100:: and 379 2001:db8:b:2:101::. 381 The network learns about a path to 2001:db8:b:1::/64 via the IGP and 382 hence a packet destined to 2001:db8:b:1:100:: would be routed up to 383 N. The network does not learn about a path to 2001:db8:b:2::/64 via 384 the IGP and hence a packet destined to 2001:db8:b:2:101:: would not 385 be routed up to N. 387 A packet could be steered to a non-routed SID 2001:db8:b:2:101:: by 388 using a SID list <...,2001:db8:b:1:100::,2001:db8:b:2:101::,...> 389 where the non-routed SID is preceded by a routed SID to the same 390 node. Routed and non-routed SRv6 SIDs are the SRv6 instantiation of 391 global and local segments, respectively [RFC8402]. 393 4. SR Endpoint Behaviors 395 Following is a set of well-known behaviors that can be associated 396 with a SID. 398 End Endpoint function 399 The SRv6 instantiation of a Prefix SID [RFC8402] 400 End.X Endpoint with Layer-3 cross-connect 401 The SRv6 instantiation of an Adj SID [RFC8402] 402 End.T Endpoint with specific IPv6 table lookup 403 End.DX6 Endpoint with decapsulation and IPv6 cross-connect 404 e.g. IPv6-L3VPN (equivalent to per-CE VPN label) 405 End.DX4 Endpoint with decaps and IPv4 cross-connect 406 e.g. IPv4-L3VPN (equivalent to per-CE VPN label) 407 End.DT6 Endpoint with decapsulation and IPv6 table lookup 408 e.g. IPv6-L3VPN (equivalent to per-VRF VPN label) 409 End.DT4 Endpoint with decapsulation and IPv4 table lookup 410 e.g. IPv4-L3VPN (equivalent to per-VRF VPN label) 411 End.DT46 Endpoint with decapsulation and IP table lookup 412 e.g. IP-L3VPN (equivalent to per-VRF VPN label) 413 End.DX2 Endpoint with decapsulation and L2 cross-connect 414 e.g. L2VPN use-case 415 End.DX2V Endpoint with decaps and VLAN L2 table lookup 416 e.g. EVPN Flexible cross-connect use-case 417 End.DT2U Endpoint with decaps and unicast MAC L2table lookup 418 e.g. EVPN Bridging unicast use-case 419 End.DT2M Endpoint with decapsulation and L2 table flooding 420 e.g. EVPN Bridging BUM use-case with ESI filtering 421 End.B6.Encaps Endpoint bound to an SRv6 policy with encapsulation 422 SRv6 instantiation of a Binding SID 423 End.B6.Encaps.RED End.B6.Encaps with reduced SRH 424 SRv6 instantiation of a Binding SID 425 End.BM Endpoint bound to an SR-MPLS Policy 426 SRv6 instantiation of an SR-MPLS Binding SID 428 The list is not exhaustive. In practice, any function can be 429 attached to a local SID: e.g. a node N can bind a SID to a local VM 430 or container which can apply any complex processing on the packet. 432 When an SRv6-capable node (N) receives an IPv6 packet whose 433 destination address matches a FIB entry that represents a locally 434 instantiated SRv6 SID (S), the IPv6 header chain is processed as 435 defined in Section 4 of [RFC8200]. For SRv6 SIDs associated with an 436 Endpoint Behavior defined in this document, the SRH and Upper-layer 437 Header are processed as defined in the following subsections. 439 The pseudocode describing these behaviors details local processing at 440 a node. An implementation of the pseudocode is compliant as long as 441 the externally observable wire protocol is as described by the 442 pseudocode. 444 Section 4.16 defines flavors of some of these behaviors. 446 Section 10.2 of this document defines the IANA Registry used to 447 maintain all these behaviors as well as future ones defined in other 448 documents. 450 4.1. End: Endpoint 452 The Endpoint behavior ("End" for short) is the most basic behavior. 453 It is the instantiation of a Prefix-SID [RFC8402]. 455 When N receives a packet whose IPv6 DA is S and S is a local End SID, 456 N does: 458 S01. When an SRH is processed { 459 S02. If (Segments Left == 0) { 460 S03. Stop processing the SRH, and proceed to process the next 461 header in the packet, whose type is identified by 462 the Next Header field in the routing header. 463 S04. } 464 S05. If (IPv6 Hop Limit <= 1) { 465 S06. Send an ICMP Time Exceeded message to the Source Address, 466 Code 0 (Hop limit exceeded in transit), 467 interrupt packet processing and discard the packet. 468 S07. } 469 S08. max_LE = (Hdr Ext Len / 2) - 1 470 S09. If ((Last Entry > max_LE) or (Segments Left > Last Entry+1)) { 471 S10. Send an ICMP Parameter Problem to the Source Address, 472 Code 0 (Erroneous header field encountered), 473 Pointer set to the Segments Left field, 474 interrupt packet processing and discard the packet. 476 S11. } 477 S12. Decrement IPv6 Hop Limit by 1 478 S13. Decrement Segments Left by 1 479 S14. Update IPv6 DA with Segment List[Segments Left] 480 S15. Submit the packet to the egress IPv6 FIB lookup and 481 transmission to the new destination 482 S16. } 484 Notes: 485 The End behavior operates on the same FIB table (i.e. identified by 486 VRF or L3 relay id) associated to the packet. Hence the FIB lookup 487 on line S15 is done in the same FIB table as the ingress interface. 489 4.1.1. Upper-Layer Header 491 When processing the Upper-layer Header of a packet matching a FIB 492 entry locally instantiated as an SRv6 End SID do the following: 494 S01. If (Upper-Layer Header type is allowed by local configuration) { 495 S02. Proceed to process the Upper-layer Header 496 S03. } Else { 497 S04. Send an ICMP Parameter Problem to the Source Address, 498 Code 4 (SR Upper-layer Header Error), 499 Pointer set to the offset of the Upper-layer Header, 500 Interrupt packet processing and discard the packet. 501 S05 } 503 Allowing processing of specific Upper-Layer Headers types is useful 504 for OAM. As an example, an operator might permit pinging of SIDs. 505 To do this they may enable local configuration to allow Upper-layer 506 Header type 58 (ICMPv6). 508 It is RECOMMENDED that an implementation of local configuration only 509 allows Upper-layer Header processing of types that do not result in 510 the packet being forwarded (e.g. ICMPv6). 512 4.2. End.X: Layer-3 Cross-Connect 514 The "Endpoint with cross-connect to an array of layer-3 adjacencies" 515 behavior (End.X for short) is a variant of the End behavior. 517 It is the SRv6 instantiation of an Adjacency-SID [RFC8402] and its 518 main use is for traffic-engineering policies. 520 Any SID instance of this behavior is associated with a set, J, of one 521 or more Layer-3 adjacencies. 523 When N receives a packet destined to S and S is a local End.X SID, 524 the line S15 from the End processing is replaced by the following: 526 S15. Submit the packet to the IPv6 module for transmission 527 to the new destination via a member of J 529 Notes: 530 S15. If the set J contains several L3 adjacencies, then one element 531 of the set is selected based on a hash of the packet's header (see 532 Section 7). 534 If a node N has 30 outgoing interfaces to 30 neighbors, usually the 535 operator would explicitly instantiate 30 End.X SIDs at N: one per 536 layer-3 adjacency to a neighbor. Potentially, more End.X could be 537 explicitly defined (groups of layer-3 adjacencies to the same 538 neighbor or to different neighbors). 540 Note that if N has an outgoing interface bundle I to a neighbor Q 541 made of 10 member links, N may allocate up to 11 End.X local SIDs: 542 one for the bundle itself and then up to one for each Layer-2 member 543 link. The flows steered using the End.X SID corresponding to the 544 bundle itself get load balanced across the member links via hashing 545 while the flows steered using the End.X SID corresponding to a member 546 link get steered over that specific member link alone. 548 When the End.X behavior is associated with a BGP Next-Hop, it is the 549 SRv6 instantiation of the BGP Peering Segments [RFC8402]. 551 When processing the Upper-layer Header of a packet matching a FIB 552 entry locally instantiated as an SRv6 End.X SID, process the packet 553 as per Section 4.1.1. 555 4.3. End.T: Specific IPv6 Table Lookup 557 The "Endpoint with specific IPv6 table lookup" behavior (End.T for 558 short) is a variant of the End behavior. 560 The End.T behavior is used for multi-table operation in the core. 561 For this reason, an instance of the End.T behavior is associated with 562 an IPv6 FIB table T. 564 When N receives a packet destined to S and S is a local End.T SID, 565 the line S15 from the End processing is replaced by the following: 567 S15.1. Set the packet's associated FIB table to T 568 S15.2. Submit the packet to the egress IPv6 FIB lookup and 569 transmission to the new destination 571 When processing the Upper-layer Header of a packet matching a FIB 572 entry locally instantiated as an SRv6 End.T SID, process the packet 573 as per Section 4.1.1. 575 4.4. End.DX6: Decapsulation and IPv6 Cross-Connect 577 The "Endpoint with decapsulation and cross-connect to an array of 578 IPv6 adjacencies" behavior (End.DX6 for short) is a variant of the 579 End.X behavior. 581 One of the applications of the End.DX6 behavior is the L3VPNv6 use- 582 case where a FIB lookup in a specific tenant table at the egress 583 Provider Edge (PE) is not required. This is equivalent to the per-CE 584 VPN label in MPLS [RFC4364]. 586 The End.DX6 SID MUST be the last segment in a SR Policy, and it is 587 associated with one or more L3 IPv6 adjacencies J. 589 When N receives a packet destined to S and S is a local End.DX6 SID, 590 N does the following processing: 592 S01. When an SRH is processed { 593 S02. If (Segments Left != 0) { 594 S03. Send an ICMP Parameter Problem to the Source Address, 595 Code 0 (Erroneous header field encountered), 596 Pointer set to the Segments Left field, 597 interrupt packet processing and discard the packet. 598 S04. } 599 S05. Proceed to process the next header in the packet 600 S06. } 602 When processing the Upper-layer header of a packet matching a FIB 603 entry locally instantiated as an SRv6 End.DX6 SID, the following is 604 done: 606 S01. If (Upper-Layer Header type == 41(IPv6) ) { 607 S02. Remove the outer IPv6 Header with all its extension headers 608 S03. Forward the exposed IPv6 packet to the L3 adjacency J 609 S04. } Else { 610 S05. Process as per Section 4.1.1 611 S06. } 613 Notes: 614 S01. 41 refers to IPv6 encapsulation as defined by IANA allocation 615 for Internet Protocol Numbers. 616 S03. If the End.DX6 SID is bound to an array of L3 adjacencies, then 617 one entry of the array is selected based on the hash of the packet's 618 header (see Section 7). 620 4.5. End.DX4: Decapsulation and IPv4 Cross-Connect 622 The "Endpoint with decapsulation and cross-connect to an array of 623 IPv4 adjacencies" behavior (End.DX4 for short) is a variant of the 624 End.X behavior. 626 One of the applications of the End.DX4 behavior is the L3VPNv4 use- 627 case where a FIB lookup in a specific tenant table at the egress PE 628 is not required. This is equivalent to the per-CE VPN label in MPLS 629 [RFC4364]. 631 The End.DX4 SID MUST be the last segment in a SR Policy, and it is 632 associated with one or more L3 IPv4 adjacencies J. 634 When N receives a packet destined to S and S is a local End.DX4 SID, 635 N does the following processing: 637 S01. When an SRH is processed { 638 S02. If (Segments Left != 0) { 639 S03. Send an ICMP Parameter Problem to the Source Address, 640 Code 0 (Erroneous header field encountered), 641 Pointer set to the Segments Left field, 642 interrupt packet processing and discard the packet. 643 S04. } 644 S05. Proceed to process the next header in the packet 645 S06. } 647 When processing the Upper-layer header of a packet matching a FIB 648 entry locally instantiated as an SRv6 End.DX4 SID, the following is 649 done: 651 S01. If (Upper-Layer Header type == 4(IPv4) ) { 652 S02. Remove the outer IPv6 Header with all its extension headers 653 S03. Forward the exposed IPv4 packet to the L3 adjacency J 654 S04. } Else { 655 S05. Process as per Section 4.1.1 656 S06. } 658 Notes: 659 S01. 4 refers to IPv4 encapsulation as defined by IANA allocation for 660 Internet Protocol Numbers 661 S03. If the End.DX4 SID is bound to an array of L3 adjacencies, then 662 one entry of the array is selected based on the hash of the packet's 663 header (see Section 7). 665 4.6. End.DT6: Decapsulation and Specific IPv6 Table Lookup 667 The "Endpoint with decapsulation and specific IPv6 table lookup" 668 behavior (End.DT6 for short) is a variant of the End.T behavior. 670 One of the applications of the End.DT6 behavior is the L3VPNv6 use- 671 case where a FIB lookup in a specific tenant table at the egress PE 672 is required. This is equivalent to the per-VRF VPN label in MPLS 673 [RFC4364]. 675 Note that an End.DT6 may be defined for the main IPv6 table in which 676 case an End.DT6 supports the equivalent of an IPv6inIPv6 677 decapsulation (without VPN/tenant implication). 679 The End.DT6 SID MUST be the last segment in a SR Policy, and a SID 680 instance is associated with an IPv6 FIB table T. 682 When N receives a packet destined to S and S is a local End.DT6 SID, 683 N does the following processing: 685 S01. When an SRH is processed { 686 S02. If (Segments Left != 0) { 687 S03. Send an ICMP Parameter Problem to the Source Address, 688 Code 0 (Erroneous header field encountered), 689 Pointer set to the Segments Left field, 690 interrupt packet processing and discard the packet. 691 S04. } 692 S05. Proceed to process the next header in the packet 693 S06. } 695 When processing the Upper-layer header of a packet matching a FIB 696 entry locally instantiated as an SRv6 End.DT6 SID, N does the 697 following: 699 S01. If (Upper-Layer Header type == 41(IPv6) ) { 700 S02. Remove the outer IPv6 Header with all its extension headers 701 S03. Set the packet's associated FIB table to T 702 S04. Submit the packet to the egress IPv6 FIB lookup and 703 transmission to the new destination 704 S05. } Else { 705 S06. Process as per Section 4.1.1 706 S07. } 708 4.7. End.DT4: Decapsulation and Specific IPv4 Table Lookup 710 The "Endpoint with decapsulation and specific IPv4 table lookup" 711 behavior (End.DT4 for short) is a variant of the End.T behavior. 713 One of the applications of the End.DT4 behavior is the L3VPNv4 use- 714 case where a FIB lookup in a specific tenant table at the egress PE 715 is required. This is equivalent to the per-VRF VPN label in MPLS 716 [RFC4364]. 718 Note that an End.DT4 may be defined for the main IPv4 table in which 719 case an End.DT4 supports the equivalent of an IPv4inIPv6 720 decapsulation (without VPN/tenant implication). 722 The End.DT4 SID MUST be the last segment in a SR Policy, and a SID 723 instance is associated with an IPv4 FIB table T. 725 When N receives a packet destined to S and S is a local End.DT4 SID, 726 N does the following processing: 728 S01. When an SRH is processed { 729 S02. If (Segments Left != 0) { 730 S03. Send an ICMP Parameter Problem to the Source Address, 731 Code 0 (Erroneous header field encountered), 732 Pointer set to the Segments Left field, 733 interrupt packet processing and discard the packet. 734 S04. } 735 S05. Proceed to process the next header in the packet 736 S06. } 738 When processing the Upper-layer header of a packet matching a FIB 739 entry locally instantiated as an SRv6 End.DT4 SID, N does the 740 following: 742 S01. If (Upper-Layer Header type == 4(IPv4) ) { 743 S02. Remove the outer IPv6 Header with all its extension headers 744 S03. Set the packet's associated FIB table to T 745 S04. Submit the packet to the egress IPv4 FIB lookup and 746 transmission to the new destination 747 S05. } Else { 748 S06. Process as per Section 4.1.1 749 S07. } 751 4.8. End.DT46: Decapsulation and Specific IP Table Lookup 753 The "Endpoint with decapsulation and specific IP table lookup" 754 behavior (End.DT46 for short) is a variant of the End.DT4 and End.DT6 755 behavior. 757 One of the applications of the End.DT46 behavior is the L3VPN use- 758 case where a FIB lookup in a specific IP tenant table at the egress 759 PE is required. This is equivalent to single per-VRF VPN label (for 760 IPv4 and IPv6) in MPLS[RFC4364]. 762 Note that an End.DT46 may be defined for the main IP table in which 763 case an End.DT46 supports the equivalent of an IPinIPv6 764 decapsulation(without VPN/tenant implication). 766 The End.DT46 SID MUST be the last segment in a SR Policy, and a SID 767 instance is associated with an IPv4 FIB table T4 and an IPv6 FIB 768 table T6. 770 When N receives a packet destined to S and S is a local End.DT46 SID, 771 N does the following processing: 773 S01. When an SRH is processed { 774 S02. If (Segments Left != 0) { 775 S03. Send an ICMP Parameter Problem to the Source Address, 776 Code 0 (Erroneous header field encountered), 777 Pointer set to the Segments Left field, 778 interrupt packet processing and discard the packet. 779 S04. } 780 S05. Proceed to process the next header in the packet 781 S06. } 783 When processing the Upper-layer header of a packet matching a FIB 784 entry locally instantiated as an SRv6 End.DT46 SID, N does the 785 following: 787 S01. If (Upper-layer Header type == 4(IPv4) ) { 788 S02. Remove the outer IPv6 Header with all its extension headers 789 S03. Set the packet's associated FIB table to T4 790 S04. Submit the packet to the egress IPv4 FIB lookup and 791 transmission to the new destination 792 S05. } Else if (Upper-layer Header type == 41(IPv6) ) { 793 S06. Remove the outer IPv6 Header with all its extension headers 794 S07. Set the packet's associated FIB table to T6 795 S08. Submit the packet to the egress IPv6 FIB lookup and 796 transmission to the new destination 797 S09. } Else { 798 S10. Process as per Section 4.1.1 799 S11. } 801 4.9. End.DX2: Decapsulation and L2 Cross-Connect 803 The "Endpoint with decapsulation and Layer-2 cross-connect to an 804 outgoing L2 interface (OIF)" (End.DX2 for short) is a variant of the 805 endpoint behavior. 807 One of the applications of the End.DX2 behavior is the L2VPN 808 [RFC4664] / EVPN VPWS [RFC7432] [RFC8214] use-case. 810 The End.DX2 SID MUST be the last segment in a SR Policy, and it is 811 associated with one outgoing interface I. 813 When N receives a packet destined to S and S is a local End.DX2 SID, 814 N does: 816 S01. When an SRH is processed { 817 S02. If (Segments Left != 0) { 818 S03. Send an ICMP Parameter Problem to the Source Address, 819 Code 0 (Erroneous header field encountered), 820 Pointer set to the Segments Left field, 821 interrupt packet processing and discard the packet. 822 S04. } 823 S05. Proceed to process the next header in the packet 824 S06. } 826 When processing the Upper-layer header of a packet matching a FIB 827 entry locally instantiated as an SRv6 End.DX2 SID, the following is 828 done: 830 S01. If (Upper-Layer Header type == 143(Ethernet) ) { 831 S02. Remove the outer IPv6 Header with all its extension headers 832 S03. Forward the Ethernet frame to the OIF I 833 S04. } Else { 834 S05. Process as per Section 4.1.1 835 S06. } 837 Notes: 838 S01. IANA has allocated the Internet Protocol number 143 to Ethernet 839 [IEEE.802.3_2018] (see Section 10.1). 840 S03. An End.DX2 behavior could be customized to expect a specific 841 IEEE header (e.g. VLAN tag) and rewrite the egress IEEE header 842 before forwarding on the outgoing interface. 844 Note that an End.DX2 SID may also be associated with a bundle of 845 outgoing interfaces. 847 4.10. End.DX2V: Decapsulation and VLAN L2 Table Lookup 849 The "Endpoint with decapsulation and specific VLAN table lookup" 850 behavior (End.DX2V for short) is a variant of the End.DX2 behavior. 852 One of the applications of the End.DX2V behavior is the EVPN Flexible 853 cross-connect use-case. The End.DX2V behavior is used to perform a 854 lookup of the Ethernet frame VLANs in a particular L2 table. Any SID 855 instance of this behavior is associated with an L2 Table T. 857 When N receives a packet whose IPv6 DA is S and S is a local End.DX2 858 SID, the processing is identical to the End.DX2 behavior except for 859 the Upper-layer header processing which is modified as follows: 861 S03. Lookup the exposed VLANs in L2 table T, and forward 862 via the matched table entry. 864 Notes: 865 S03. An End.DX2V behavior could be customized to expect a specific 866 VLAN format and rewrite the egress VLAN header before forwarding on 867 the outgoing interface. 869 4.11. End.DT2U: Decapsulation and Unicast MAC L2 Table Lookup 871 The "Endpoint with decapsulation and specific unicast MAC L2 table 872 lookup" behavior (End.DT2U for short) is a variant of the End 873 behavior. 875 One of the applications of the End.DT2U behavior is the EVPN Bridging 876 unicast [RFC7432]. Any SID instance of the End.DT2U behavior is 877 associated with an L2 Table T. 879 When N receives a packet whose IPv6 DA is S and S is a local End.DT2U 880 SID, the processing is identical to the End.DX2 behavior except for 881 the Upper-layer header processing which is as follows: 883 S01. If (Upper-Layer Header type == 143(Ethernet) ) { 884 S02. Remove the outer IPv6 Header with all its extension headers 885 S03. Learn the exposed MAC Source Address in L2 Table T 886 S04. Lookup the exposed MAC Destination Address in L2 Table T 887 S05. If (matched entry in T) { 888 S06. Forward via the matched table T entry 889 S07. } Else { 890 S08. Forward via all L2 OIFs entries in table T 891 S09. } 892 S10. } Else { 893 S11. Process as per Section 4.1.1 894 S12. } 896 Notes: 897 S01. IANA has allocated the Internet Protocol number 143 to Ethernet 898 (see Section 10.1). 899 S03. In EVPN [RFC7432], the learning of the exposed MAC Source 900 Address is done via control plane. In L2VPN VPLS [RFC4761] [RFC4762] 901 reachability is obtained by standard learning bridge functions in the 902 data plane. 904 4.12. End.DT2M: Decapsulation and L2 Table Flooding 906 The "Endpoint with decapsulation and specific L2 table flooding" 907 behavior (End.DT2M for short) is a variant of the End.DT2U behavior. 909 Two of the applications of the End.DT2M behavior are the EVPN 910 Bridging of broadcast, unknown and multicast (BUM) traffic with 911 Ethernet Segment Identifier (ESI) filtering [RFC7432] and the EVPN 912 ETREE [RFC8317]use-cases. 914 Any SID instance of this behavior is associated with a L2 table T. 915 The behavior also takes an argument: "Arg.FE2". This argument 916 provides a local mapping to ESI for split-horizon filtering of the 917 received traffic to exclude specific OIF (or set of OIFs) from L2 918 table T flooding. The allocation of the argument values is local to 919 the SR Endpoint Node instantiating this behavior and the signaling of 920 the argument to other nodes for the EVPN functionality via control 921 plane. 923 When N receives a packet whose IPv6 DA is S and S is a local End.DT2M 924 SID, the processing is identical to the End.DX2 behavior except for 925 the Upper-layer header processing which is as follows: 927 S01. If (Upper-Layer Header type == 143(Ethernet) ) { 928 S02. Remove the outer IPv6 Header with all its extension headers 929 S03. Learn the exposed MAC Source Address in L2 Table T 930 S04. Forward via all L2OIFs excluding those associated by the 931 identifier Arg.FE2 932 S05. } Else { 933 S06. Process as per Section 4.1.1 934 S07. } 936 Notes: 937 S01. IANA has allocated the Internet Protocol number 143 to Ethernet 938 (see Section 10.1). 939 S03. In EVPN [RFC7432], the learning of the exposed MAC Source 940 Address is done via control plane. In L2VPN VPLS [RFC4761] [RFC4762] 941 reachability is obtained by standard learning bridge functions in the 942 data plane. 944 4.13. End.B6.Encaps: Endpoint Bound to an SRv6 Policy w/ Encaps 946 This is a variation of the End behavior. 948 One of its applications is to express scalable traffic-engineering 949 policies across multiple domains. It is one of the SRv6 950 instantiations of a Binding SID [RFC8402]. 952 Any SID instance of this behavior is associated with an SR Policy B 953 and a source address A. 955 When N receives a packet whose IPv6 DA is S and S is a local 956 End.B6.Encaps SID, does: 958 S01. When an SRH is processed { 959 S02. If (Segments Left == 0) { 960 S03. Stop processing the SRH, and proceed to process the next 961 header in the packet, whose type is identified by 962 the Next Header field in the routing header. 963 S04. } 964 S05. If (IPv6 Hop Limit <= 1) { 965 S06. Send an ICMP Time Exceeded message to the Source Address, 966 Code 0 (Hop limit exceeded in transit), 967 interrupt packet processing and discard the packet. 968 S07. } 969 S08. max_LE = (Hdr Ext Len / 2) - 1 970 S09. If ((Last Entry > max_LE) or (Segments Left > (Last Entry+1)) { 971 S10. Send an ICMP Parameter Problem to the Source Address, 972 Code 0 (Erroneous header field encountered), 973 Pointer set to the Segments Left field, 974 interrupt packet processing and discard the packet. 975 S11. } 976 S12. Decrement IPv6 Hop Limit by 1 977 S13. Decrement Segments Left by 1 978 S14. Update IPv6 DA with Segment List[Segments Left] 979 S15. Push a new IPv6 header with its own SRH containing B 980 S16. Set the outer IPv6 SA to A 981 S17. Set the outer IPv6 DA to the first SID of B 982 S18. Set the outer Payload Length, Traffic Class, Flow Label, 983 Hop Limit and Next-Header fields 984 S19. Submit the packet to the egress IPv6 FIB lookup and 985 transmission to the new destination 986 S20. } 988 Notes: 989 S14. The SRH MAY be omitted when the SRv6 Policy B only contains one 990 SID and there is no need to use any flag, tag or TLV. 991 S17. The Payload Length, Traffic Class, Hop Limit and Next-Header 992 fields are set as per [RFC2473]. The Flow Label is computed as per 993 [RFC6437]. 995 When processing the Upper-layer header of a packet matching a FIB 996 entry locally instantiated as an SRv6 End.B6.Encaps SID, process the 997 packet as per Section 4.1.1. 999 4.14. End.B6.Encaps.Red: End.B6.Encaps with Reduced SRH 1001 This is an optimization of the End.B6.Encaps behavior. 1003 End.B6.Encaps.Red reduces the size of the SRH by one SID by excluding 1004 the first SID in the SRH of the new IPv6 header. Thus, the first 1005 segment is only placed in the IPv6 Destination Address of the new 1006 IPv6 header and the packet is forwarded according to it. 1008 The SRH Last Entry field is set as defined in Section 4.1.1 of 1009 [RFC8754]. 1011 The SRH MAY be omitted when the SRv6 Policy only contains one segment 1012 and there is no need to use any flag, tag or TLV. 1014 4.15. End.BM: Endpoint Bound to an SR-MPLS Policy 1016 The "Endpoint bound to an SR-MPLS Policy" is a variant of the End 1017 behavior. 1019 The End.BM behavior is required to express scalable traffic- 1020 engineering policies across multiple domains where some domains 1021 support the MPLS instantiation of Segment Routing. This is an SRv6 1022 instantiation of an SR-MPLS Binding SID [RFC8402]. 1024 Any SID instance of this behavior is associated with an SR-MPLS 1025 Policy B. 1027 When N receives a packet whose IPv6 DA is S and S is a local End.BM 1028 SID, does: 1030 S01. When an SRH is processed { 1031 S02. If (Segments Left == 0) { 1032 S03. Stop processing the SRH, and proceed to process the next 1033 header in the packet, whose type is identified by 1034 the Next Header field in the routing header. 1035 S04. } 1036 S05. If (IPv6 Hop Limit <= 1) { 1037 S06. Send an ICMP Time Exceeded message to the Source Address, 1038 Code 0 (Hop limit exceeded in transit), 1039 interrupt packet processing and discard the packet. 1041 S07. } 1042 S08. max_LE = (Hdr Ext Len / 2) - 1 1043 S09. If ((Last Entry > max_LE) or (Segments Left > (Last Entry+1)) { 1044 S10. Send an ICMP Parameter Problem to the Source Address, 1045 Code 0 (Erroneous header field encountered), 1046 Pointer set to the Segments Left field, 1047 interrupt packet processing and discard the packet. 1049 S11. } 1050 S12. Decrement IPv6 Hop Limit by 1 1051 S13. Decrement Segments Left by 1 1052 S14. Update IPv6 DA with Segment List[Segments Left] 1053 S15. Push the MPLS label stack for B 1054 S16. Submit the packet to the MPLS engine for transmission to the 1055 topmost label. 1056 S17. } 1058 When processing the Upper-layer header of a packet matching a FIB 1059 entry locally instantiated as an SRv6 End.BM SID, process the packet 1060 as per Section 4.1.1. 1062 4.16. Flavors 1064 The Penultimate Segment Pop of the SRH (PSP), Ultimate Segment Pop of 1065 the SRH (USP) and Ultimate Segment Decapsulation (USD) flavors are 1066 variants of the End, End.X and End.T behaviors. The End, End.X and 1067 End.T behaviors can support these flavors either individually or in 1068 combinations. 1070 4.16.1. PSP: Penultimate Segment Pop of the SRH 1072 4.16.1.1. Guidelines 1074 SR Segment Endpoint Nodes advertise the SIDs instantiated on them via 1075 control plane protocols as described in Section 8. Different 1076 behavior ids are allocated for flavored and unflavored SIDs (see 1077 Table 4). 1079 An SR Segment Endpoint Node that offers both PSP and non-PSP flavored 1080 behavior advertises them as two different SIDs. 1082 The SR Segment Endpoint Node only advertises the PSP flavor if the 1083 operator enables this capability at the node. 1085 The PSP operation is deterministically controlled by the SR Source 1086 Node. 1088 A PSP-flavored SID is used by the Source SR Node when it needs to 1089 instruct the penultimate SR Segment Endpoint Node listed in the SRH 1090 to remove the SRH from the IPv6 header. 1092 4.16.1.2. Definition 1094 SR Segment Endpoint Nodes receive the IPv6 packet with the 1095 Destination Address field of the IPv6 Header equal to its SID 1096 address. 1098 A penultimate SR Segment Endpoint Node is one that, as part of the 1099 SID processing, copies the last SID from the SRH into the IPv6 1100 Destination Address and decrements the Segments Left value from one 1101 to zero. 1103 The PSP operation only takes place at a penultimate SR Segment 1104 Endpoint Node and does not happen at any Transit Node. When a SID of 1105 PSP-flavor is processed at a non-penultimate SR Segment Endpoint 1106 Node, the PSP behavior is not performed as described in the 1107 pseudocode below since Segments Left would not be zero. 1109 The SRH processing of the End, End.X and End.T behaviors are 1110 modified: after the instruction "S14. Update IPv6 DA with Segment 1111 List[Segments Left]" is executed, the following instructions must be 1112 executed as well: 1114 S14.1. If (Segments Left == 0) { 1115 S14.2. Update the Next Header field in the preceding header to the 1116 Next Header value from the SRH 1117 S14.3. Decrease the IPv6 header Payload Length by 8*(Hdr Ext Len+1) 1118 S14.4. Remove the SRH from the IPv6 extension header chain 1119 S14.5. } 1121 The usage of PSP does not increase the MTU of the IPv6 packet and 1122 hence does not have any impact on the PMTU discovery mechanism. 1124 As a reminder, [RFC8754] defines in section 5 the SR Deployment Model 1125 within the SR Domain [RFC8402]. Within this framework, the 1126 Authentication Header (AH) is not used to secure the SRH as described 1127 in Section 7.5 of [RFC8754]. 1129 In the context of this specification, the End, End.X and End.T 1130 behaviors with PSP do not contravene Section 4 of [RFC8200] because 1131 the destination address of the incoming packet is the address of the 1132 node executing the behavior. 1134 4.16.1.3. Use-case 1136 One use-case for the PSP functionality is streamlining the operation 1137 of an egress border router. 1139 +----------------------------------------------------+ 1140 | | 1141 +-+-+ +--+ +--+ +--+ +-+-+ 1142 |iPE+-------->+R2+-------->+R3+-------->+R4+-------->+ePE| 1143 | R1| +--+ +--+ +--+ |R5 | 1144 +-+-+ +-----+ +-----+ +-----+ +-----+ +-+-+ 1145 | |IPv6 | |IPv6 | |IPv6 | |IPv6 | | 1146 | |DA=R3| |DA=R3| |DA=R5| |DA=R5| | 1147 | +-----+ +-----+ +-----+ +-----+ | 1148 | | SRH | | SRH | | IP | | IP | | 1149 | |SL=1 | |SL=1 | +-----+ +-----+ | 1150 | | R5 | | R5 | | 1151 | +-----+ +-----+ | 1152 | | IP | | IP | | 1153 | +-----+ +-----+ | 1154 | | 1155 +----------------------------------------------------+ 1157 Figure 1: PSP use-case topology 1159 In the above illustration, for a packet sent from iPE to ePE, node R3 1160 is an intermediate traffic engineering waypoint and is the 1161 penultimate segment endpoint router; the node that copies the last 1162 segment from the SRH into the IPv6 Destination Address and decrements 1163 segments left to 0. The SDN controller knows that no other node 1164 after R3 needs to inspect the SRH, and it instructs R3 to remove the 1165 exhausted SRH from the packet by using a PSP-flavored SID. 1167 The benefits for the egress PE are straightforward: 1169 -as part of the decapsulation process the egress PE is required to 1170 parse and remove fewer bytes from the packet. 1172 -if a lookup on an upper-layer IP header is required (e.g. per-VRF 1173 VPN), the header is more likely to be within the memory accessible 1174 to the lookup engine in the forwarding ASIC (Application-specific 1175 integrated circuit). 1177 4.16.2. USP: Ultimate Segment Pop of the SRH 1179 The SRH processing of the End, End.X and End.T behaviors are 1180 modified: the instructions S02-S04 are substituted by the following 1181 ones: 1183 S02. If (Segments Left == 0) { 1184 S03.1. Update the Next Header field in the preceding header to the 1185 Next Header value of the SRH 1186 S03.2. Decrease the IPv6 header Payload Length by 8*(Hdr Ext Len+1) 1187 S03.3. Remove the SRH from the IPv6 extension header chain 1188 S03.4. Proceed to process the next header in the packet 1189 S04. } 1191 One of the applications of the USP flavor is when a packet with an 1192 SRH is destined to an application on hosts with smartNICs 1193 implementing SRv6. The USP flavor is used to remove the consumed SRH 1194 from the extension header chain before sending the packet to the 1195 host. 1197 4.16.3. USD: Ultimate Segment Decapsulation 1199 The Upper-layer header processing of the End, End.X and End.T 1200 behaviors are modified as follows: 1202 End: 1203 S01. If (Upper-layer Header type == 41(IPv6) ) { 1204 S02. Remove the outer IPv6 Header with all its extension headers 1205 S03. Submit the packet to the egress IPv6 FIB lookup and 1206 transmission to the new destination 1207 S04. } Else if (Upper-layer Header type == 4(IPv4) ) { 1208 S05. Remove the outer IPv6 Header with all its extension headers 1209 S06. Submit the packet to the egress IPv4 FIB lookup and 1210 transmission to the new destination 1211 S07. Else { 1212 S08. Process as per Section 4.1.1 1213 S09. } 1214 End.T: 1215 S01. If (Upper-layer Header type == 41(IPv6) ) { 1216 S02. Remove the outer IPv6 Header with all its extension headers 1217 S03. Set the packet's associated FIB table to T 1218 S04. Submit the packet to the egress IPv6 FIB lookup and 1219 transmission to the new destination 1220 S05. } Else if (Upper-layer Header type == 4(IPv4) ) { 1221 S06. Remove the outer IPv6 Header with all its extension headers 1222 S07. Set the packet's associated FIB table to T 1223 S08. Submit the packet to the egress IPv4 FIB lookup and 1224 transmission to the new destination 1225 S09. Else { 1226 S10. Process as per Section 4.1.1 1227 S11. } 1229 End.X: 1230 S01. If (Upper-layer Header type == 41(IPv6) || 1231 Upper-layer Header type == 4(IPv4) ) { 1232 S02. Remove the outer IPv6 Header with all its extension headers 1233 S03. Forward the exposed IP packet to the L3 adjacency J 1234 S04. } Else { 1235 S05. Process as per Section 4.1.1 1236 S06. } 1238 One of the applications of the USD flavor is the case of TI-LFA in P 1239 routers with encapsulation. The USD flavor allows the last Segment 1240 Endpoint Node in the repair path list to decapsulate the IPv6 header 1241 added at the TI-LFA Point of Local Repair and forward the inner 1242 packet. 1244 5. SR Policy Headend Behaviors 1246 This section describes a set of SR Policy Headend behaviors. 1248 H.Encaps SR Headend Behavior with Encapsulation in an SR Policy 1249 H.Encaps.Red H.Encaps with Reduced Encapsulation 1250 H.Encaps.L2 H.Encaps Applied to Received L2 Frames 1251 H.Encaps.L2.Red H.Encaps.Red Applied to Received L2 Frames 1253 This list is not exhaustive and future documents may define 1254 additional behaviors. 1256 5.1. H.Encaps: SR Headend with Encapsulation in an SRv6 Policy 1258 Node N receives two packets P1=(A, B2) and P2=(A,B2)(B3, B2, B1; 1259 SL=1). B2 is neither a local address nor SID of N. 1261 Node N is configured with an IPv6 Address T (e.g. assigned to its 1262 loopback). 1264 N steers the transit packets P1 and P2 into an SR Policy with a 1265 Source Address T and a Segment list . 1267 The H.Encaps encapsulation behavior is defined as follows: 1269 S01. Push an IPv6 header with its own SRH (S3, S2, S1; SL=2) 1270 S02. Set outer IPv6 SA = T and outer IPv6 DA = S1 1271 S03. Set outer Payload Length, Traffic Class, Hop Limit and 1272 Flow Label fields 1273 S04. Set the outer Next-Header value 1274 S05. Decrement inner IPv6 Hop Limit or IPv4 TTL 1275 S06. Submit the packet to the IPv6 module for transmission to S1 1277 Note: 1278 S03: As described in [RFC6437] (IPv6 Flow Label Specification). 1280 After the H.Encaps behavior, P1' and P2' respectively look like: 1282 - (T, S1) (S3, S2, S1; SL=2) (A, B2) 1284 - (T, S1) (S3, S2, S1; SL=2) (A, B2) (B3, B2, B1; SL=1) 1286 The received packet is encapsulated unmodified (with the exception of 1287 the IPv4 TTL or IPv6 Hop Limit that is decremented as described in 1288 [RFC2473]). 1290 The H.Encaps behavior is valid for any kind of Layer-3 traffic. This 1291 behavior is commonly used for L3VPN with IPv4 and IPv6 deployments. 1292 It may be also used for TI-LFA 1293 [I-D.ietf-rtgwg-segment-routing-ti-lfa] at the point of local repair. 1295 The push of the SRH MAY be omitted when the SRv6 Policy only contains 1296 one segment and there is no need to use any flag, tag or TLV. 1298 5.2. H.Encaps.Red: H.Encaps with Reduced Encapsulation 1300 The H.Encaps.Red behavior is an optimization of the H.Encaps 1301 behavior. 1303 H.Encaps.Red reduces the length of the SRH by excluding the first SID 1304 in the SRH of the pushed IPv6 header. The first SID is only placed 1305 in the Destination Address field of the pushed IPv6 header. 1307 After the H.Encaps.Red behavior, P1' and P2' respectively look like: 1309 - (T, S1) (S3, S2; SL=2) (A, B2) 1311 - (T, S1) (S3, S2; SL=2) (A, B2) (B3, B2, B1; SL=1) 1313 The push of the SRH MAY be omitted when the SRv6 Policy only contains 1314 one segment and there is no need to use any flag, tag or TLV. 1316 5.3. H.Encaps.L2: H.Encaps Applied to Received L2 Frames 1318 The H.Encaps.L2 behavior encapsulates a received Ethernet 1319 [IEEE.802.3_2018] frame and its attached VLAN header, if present, in 1320 an IPv6 packet with an SRH. The Ethernet frame becomes the payload 1321 of the new IPv6 packet. 1323 The Next Header field of the SRH MUST be set to 143. 1325 The push of the SRH MAY be omitted when the SRv6 Policy only contains 1326 one segment and there is no need to use any flag, tag or TLV. 1328 The encapsulating node MUST remove the preamble (if any) and frame 1329 check sequence (FCS) from the Ethernet frame upon encapsulation and 1330 the decapsulating node MUST regenerate, as required, the preamble and 1331 FCS before forwarding Ethernet frame. 1333 5.4. H.Encaps.L2.Red: H.Encaps.Red Applied to Received L2 frames 1335 The H.Encaps.L2.Red behavior is an optimization of the H.Encaps.L2 1336 behavior. 1338 H.Encaps.L2.Red reduces the length of the SRH by excluding the first 1339 SID in the SRH of the pushed IPv6 header. The first SID is only 1340 places in the Destination Address field of the pushed IPv6 header. 1342 The push of the SRH MAY be omitted when the SRv6 Policy only contains 1343 one segment and there is no need to use any flag, tag or TLV. 1345 6. Counters 1347 A node supporting this document SHOULD implement a pair of traffic 1348 counters (one for packets and one for bytes) per local SID entry, for 1349 traffic that matched that SID and was processed successfully (i.e. 1350 packets which generate ICMP Error Messages or are dropped are not 1351 counted). The retrieval of these counters from MIB, NETCONF/YANG or 1352 any other data structure is outside the scope of this document. 1354 7. Flow-based Hash Computation 1356 When a flow-based selection within a set needs to be performed, the 1357 IPv6 Source Address, the IPv6 Destination Address and the IPv6 Flow 1358 Label of the outer IPv6 header MUST be included in the flow-based 1359 hash. 1361 This occurs when a FIB lookup is performed and multiple ECMP paths 1362 exist to the updated destination address. 1364 This occurs when End.X, End.DX4, or End.DX6 are bound to an array of 1365 adjacencies. 1367 This occurs when the packet is steered in an SR policy whose selected 1368 path has multiple SID lists. 1370 Additionally, any transit router in an SRv6 domain includes the outer 1371 flow label in its ECMP flow-based hash [RFC6437]. 1373 8. Control Plane 1375 In an SDN environment, one expects the controller to explicitly 1376 provision the SIDs and/or discover them as part of a service 1377 discovery function. Applications residing on top of the controller 1378 could then discover the required SIDs and combine them to form a 1379 distributed network program. 1381 The concept of "SRv6 network programming" refers to the capability 1382 for an application to encode any complex program as a set of 1383 individual functions distributed through the network. Some functions 1384 relate to underlay SLA, others to overlay/tenant, others to complex 1385 applications residing in VM and containers. 1387 While not necessary for an SDN control plane, the remainder of this 1388 section provides a high-level illustrative overview of how control- 1389 plane protocols may be involved with SRv6. Their specification is 1390 outside the scope of this document. 1392 8.1. IGP 1394 The End, End.T and End.X SIDs express topological behaviors and hence 1395 are expected to be signaled in the IGP together with the flavors PSP, 1396 USP and USD. The IGP should also advertise the maximum SRv6 SID 1397 depth (MSD) capability of the node for each type of SRv6 operation - 1398 in particular, the SR source (e.g. H.Encaps), intermediate endpoint 1399 (e.g. End, End.X) and final endpoint (e.g. End.DX4, End.DT6) 1400 behaviors. These capabilities are factored in by an SR Source Node 1401 (or a controller) during the SR Policy computation. 1403 The presence of SIDs in the IGP does not imply any routing semantics 1404 to the addresses represented by these SIDs. The routing reachability 1405 to an IPv6 address is solely governed by the non-SID-related IGP 1406 prefix reachability information that includes locators. Routing is 1407 neither governed nor influenced in any way by a SID advertisement in 1408 the IGP. 1410 These SIDs provide important topological behaviors for the IGP to 1411 build FRR solutions based on TI-LFA 1412 [I-D.ietf-rtgwg-segment-routing-ti-lfa] and for TE processes relying 1413 on IGP topology database to build SR policies. 1415 8.2. BGP-LS 1417 BGP-LS provides the functionality for topology discovery that 1418 includes the SRv6 capabilities of the nodes, their locators and 1419 locally instantiated SIDs. This enables controllers or applications 1420 to build an inter-domain topology that can be used for computation of 1421 SR Policies using the SRv6 SIDs. 1423 8.3. BGP IP/VPN/EVPN 1425 The End.DX4, End.DX6, End.DT4, End.DT6, End.DT46, End.DX2, End.DX2V, 1426 End.DT2U and End.DT2M SIDs can be signaled in BGP. 1428 8.4. Summary 1430 The following table summarizes behaviors for SIDs that can be 1431 signaled in which each respective control plane protocol. 1433 +-----------------------+-----+--------+-----------------+ 1434 | | IGP | BGP-LS | BGP IP/VPN/EVPN | 1435 +-----------------------+-----+--------+-----------------+ 1436 | End (PSP, USP, USD) | X | X | | 1437 | End.X (PSP, USP, USD) | X | X | | 1438 | End.T (PSP, USP, USD) | X | X | | 1439 | End.DX6 | X | X | X | 1440 | End.DX4 | X | X | X | 1441 | End.DT6 | X | X | X | 1442 | End.DT4 | X | X | X | 1443 | End.DT46 | X | X | X | 1444 | End.DX2 | | X | X | 1445 | End.DX2V | | X | X | 1446 | End.DT2U | | X | X | 1447 | End.DT2M | | X | X | 1448 | End.B6.Encaps | | X | | 1449 | End.B6.Encaps.Red | | X | | 1450 | End.B6.BM | | X | | 1451 +-----------------------+-----+--------+-----------------+ 1453 Table 1: SRv6 locally instantiated SIDs signaling 1455 The following table summarizes which SR Policy Headend capabilities 1456 are signaled in which signaling protocol. 1458 +-----------------+-----+--------+-----------------+ 1459 | | IGP | BGP-LS | BGP IP/VPN/EVPN | 1460 +-----------------+-----+--------+-----------------+ 1461 | H.Encaps | X | X | | 1462 | H.Encaps.Red | X | X | | 1463 | H.Encaps.L2 | | X | | 1464 | H.Encaps.L2.Red | | X | | 1465 +-----------------+-----+--------+-----------------+ 1467 Table 2: SRv6 Policy Headend behaviors signaling 1469 The previous table describes generic capabilities. It does not 1470 describe specific instantiated SR policies. 1472 For example, a BGP-LS advertisement of H.Encaps behavior would 1473 describe the capability of node N to perform a H.Encaps behavior. 1474 Specifically, it would describe how many SIDs could be pushed by N 1475 without significant performance degradation. 1477 As a reminder, an SR policy is always assigned a Binding SID 1478 [RFC8402]. BSIDs are also advertised in BGP-LS as shown in Table 1. 1480 Hence, the Table 2 only focuses on the generic capabilities related 1481 to H.Encaps. 1483 9. Security Considerations 1485 The security considerations for Segment Routing are discussed in 1486 [RFC8402]. More specifically for SRv6 the security considerations 1487 and the mechanisms for securing an SR domain are discussed in 1488 [RFC8754]. Together, they describe the required security mechanisms 1489 that allow establishment of an SR domain of trust to operate 1490 SRv6-based services for internal traffic while preventing any 1491 external traffic from accessing or exploiting the SRv6-based 1492 services. Additionally, [RFC8754] defines an HMAC TLV permitting SR 1493 Endpoint Nodes in the SR domain to verify that the SRH applied to a 1494 packet was selected by an authorized party and to ensure that the 1495 segment list is not modified after generation, regardless of the 1496 number of segments in the segment list. When enabled by local 1497 configuration, HMAC processing occurs at the beginning of SRH 1498 processing as defined in [RFC8754] Section 2.1.2.1 . 1500 This document introduces SRv6 Endpoint and SR Policy Headend 1501 behaviors for implementation on SRv6 capable nodes in the network. 1502 The headend policy definition should be consistent with the specific 1503 behavior used and any local configuration (as specified in 1504 Section 4.1.1). As such, this document does not introduce any new 1505 security considerations. 1507 10. IANA Considerations 1509 10.1. Ethernet Next Header Type 1511 This document requests IANA to allocate, in the "Protocol Numbers" 1512 registry (https://www.iana.org/assignments/protocol-numbers/protocol- 1513 numbers.xhtml), a new value for "Ethernet" with the following 1514 definition: The value 143 in the Next Header field of an IPv6 header 1515 or any extension header indicates that the payload is an Ethernet 1516 frame [IEEE.802.3_2018]. 1518 IANA has done a temporary allocation of Protocol Number 143. 1520 10.2. SRv6 Endpoint Behaviors Registry 1522 This document requests IANA to create a new top-level registry called 1523 "Segment Routing Parameters". This registry is being defined to 1524 serve as a top-level registry for keeping all other Segment Routing 1525 sub-registries. 1527 Additionally, a new sub-registry "SRv6 Endpoint Behaviors" is to be 1528 created under top-level "Segment Routing Parameters" registry. This 1529 sub-registry maintains 16-bit identifiers for the SRv6 Endpoint 1530 behaviors. This registry is established to provide consistency for 1531 control plane protocols which need to refer to these behaviors. 1532 These values are not encoded in the function bits within a SID. 1534 The range of the registry is 0-65535 (0x0000 - 0xFFFF) and has the 1535 following registration rules and allocation policies: 1537 +-------------+---------------+----------------------+--------------+ 1538 | Range | Hex | Registration | Notes | 1539 | | | procedure | | 1540 +-------------+---------------+----------------------+--------------+ 1541 | 0 | 0x0000 | Reserved | Not to be | 1542 | | | | allocated | 1543 | 1-32767 | 0x0001-0x7FFF | First Come First | | 1544 | | | Served [RFC8126] | | 1545 | 32768-34815 | 0x8000-0x87FF | Private Use | | 1546 | | | [RFC8126] | | 1547 | 34816-65534 | 0x8800-0xFFFE | Reserved | | 1548 | 65535 | 0xFFFF | Reserved | Opaque | 1549 +-------------+---------------+----------------------+--------------+ 1551 Table 3: SRv6 Endpoint Behaviors Registry 1553 10.2.1. Initial Registrations 1555 The initial registrations for the sub-registry are as follows: 1557 +-------------+--------+-------------------------+------------------+ 1558 | Value | Hex | Endpoint behavior | Reference | 1559 +-------------+--------+-------------------------+------------------+ 1560 | 0 | 0x0000 | Reserved | Not to be | 1561 | | | | allocated | 1562 | 1 | 0x0001 | End | [This.ID] | 1563 | 2 | 0x0002 | End with PSP | [This.ID] | 1564 | 3 | 0x0003 | End with USP | [This.ID] | 1565 | 4 | 0x0004 | End with PSP&USP | [This.ID] | 1566 | 5 | 0x0005 | End.X | [This.ID] | 1567 | 6 | 0x0006 | End.X with PSP | [This.ID] | 1568 | 7 | 0x0007 | End.X with USP | [This.ID] | 1569 | 8 | 0x0008 | End.X with PSP&USP | [This.ID] | 1570 | 9 | 0x0009 | End.T | [This.ID] | 1571 | 10 | 0x000A | End.T with PSP | [This.ID] | 1572 | 11 | 0x000B | End.T with USP | [This.ID] | 1573 | 12 | 0x000C | End.T with PSP&USP | [This.ID] | 1574 | 14 | 0x000E | End.B6.Encaps | [This.ID] | 1575 | 15 | 0x000F | End.BM | [This.ID] | 1576 | 16 | 0x0010 | End.DX6 | [This.ID] | 1577 | 17 | 0x0011 | End.DX4 | [This.ID] | 1578 | 18 | 0x0012 | End.DT6 | [This.ID] | 1579 | 19 | 0x0013 | End.DT4 | [This.ID] | 1580 | 20 | 0x0014 | End.DT46 | [This.ID] | 1581 | 21 | 0x0015 | End.DX2 | [This.ID] | 1582 | 22 | 0x0016 | End.DX2V | [This.ID] | 1583 | 23 | 0x0017 | End.DT2U | [This.ID] | 1584 | 24 | 0x0018 | End.DT2M | [This.ID] | 1585 | 25 | 0x0019 | Reserved | [This.ID] | 1586 | 27 | 0x001B | End.B6.Encaps.Red | [This.ID] | 1587 | 28 | 0x001C | End with USD | [This.ID] | 1588 | 29 | 0x001D | End with PSP&USD | [This.ID] | 1589 | 30 | 0x001E | End with USP&USD | [This.ID] | 1590 | 31 | 0x001F | End with PSP, USP & USD | [This.ID] | 1591 | 32 | 0x0020 | End.X with USD | [This.ID] | 1592 | 33 | 0x0021 | End.X with PSP&USD | [This.ID] | 1593 | 34 | 0x0022 | End.X with USP&USD | [This.ID] | 1594 | 35 | 0x0023 | End.X with PSP, USP & | [This.ID] | 1595 | | | USD | | 1596 | 36 | 0x0024 | End.T with USD | [This.ID] | 1597 | 37 | 0x0025 | End.T with PSP&USD | [This.ID] | 1598 | 38 | 0x0026 | End.T with USP&USD | [This.ID] | 1599 | 39 | 0x0027 | End.T with PSP, USP & | [This.ID] | 1600 | | | USD | | 1601 | 40-32766 | | Unassigned | | 1602 | 32767 | 0x7FFF | The SID defined in | [This.ID] | 1603 | | | RFC8754 | [RFC8754] | 1604 | 32768-65534 | | Reserved | | 1605 | 65535 | 0xFFFF | Opaque | [This.ID] | 1606 +-------------+--------+-------------------------+------------------+ 1608 Table 4: IETF - SRv6 Endpoint Behaviors 1610 11. Acknowledgements 1612 The authors would like to acknowledge Stefano Previdi, Dave Barach, 1613 Mark Townsley, Peter Psenak, Thierry Couture, Kris Michielsen, Paul 1614 Wells, Robert Hanzl, Dan Ye, Gaurav Dawra, Faisal Iqbal, Jaganbabu 1615 Rajamanickam, David Toscano, Asif Islam, Jianda Liu, Yunpeng Zhang, 1616 Jiaoming Li, Narendra A.K, Mike Mc Gourty, Bhupendra Yadav, Sherif 1617 Toulan, Satish Damodaran, John Bettink, Kishore Nandyala Veera Venk, 1618 Jisu Bhattacharya, Saleem Hafeez and Brian Carpenter. 1620 12. Contributors 1622 Daniel Bernier 1623 Bell Canada 1624 Canada 1626 Email: daniel.bernier@bell.ca 1628 Dirk Steinberg 1629 Lapishills Consulting Limited 1630 Cyprus 1632 Email: dirk@lapishills.com 1634 Robert Raszuk 1635 Bloomberg LP 1636 United States of America 1638 Email: robert@raszuk.net 1640 Bruno Decraene 1641 Orange 1642 France 1644 Email: bruno.decraene@orange.com 1646 Bart Peirens 1647 Proximus 1648 Belgium 1650 Email: bart.peirens@proximus.com 1652 Hani Elmalky 1653 Google 1654 United States of America 1656 Email: helmalky@google.com 1658 Prem Jonnalagadda 1659 Barefoot Networks 1660 United States of America 1662 Email: prem@barefootnetworks.com 1664 Milad Sharif 1665 SambaNova Systems 1666 United States of America 1667 Email: milad.sharif@sambanova.ai 1669 David Lebrun 1670 Google 1671 Belgium 1673 Email: dlebrun@google.com 1675 Stefano Salsano 1676 Universita di Roma "Tor Vergata" 1677 Italy 1679 Email: stefano.salsano@uniroma2.it 1681 Ahmed AbdelSalam 1682 Gran Sasso Science Institute 1683 Italy 1685 Email: ahmed.abdelsalam@gssi.it 1687 Gaurav Naik 1688 Drexel University 1689 United States of America 1691 Email: gn@drexel.edu 1693 Arthi Ayyangar 1694 Arrcus, Inc 1695 United States of America 1697 Email: arthi@arrcus.com 1699 Satish Mynam 1700 Arrcus, Inc 1701 United States of America 1703 Email: satishm@arrcus.com 1705 Wim Henderickx 1706 Nokia 1707 Belgium 1709 Email: wim.henderickx@nokia.com 1711 Shaowen Ma 1712 Juniper 1713 Singapore 1714 Email: mashao@juniper.net 1716 Ahmed Bashandy 1717 Individual 1718 United States of America 1720 Email: abashandy.ietf@gmail.com 1722 Francois Clad 1723 Cisco Systems, Inc. 1724 France 1726 Email: fclad@cisco.com 1728 Kamran Raza 1729 Cisco Systems, Inc. 1730 Canada 1732 Email: skraza@cisco.com 1734 Darren Dukes 1735 Cisco Systems, Inc. 1736 Canada 1738 Email: ddukes@cisco.com 1740 Patrice Brissete 1741 Cisco Systems, Inc. 1742 Canada 1744 Email: pbrisset@cisco.com 1746 Zafar Ali 1747 Cisco Systems, Inc. 1748 United States of America 1750 Email: zali@cisco.com 1752 Ketan Talaulikar 1753 Cisco Systems, Inc. 1754 India 1756 Email: ketant@cisco.com 1758 13. References 1760 13.1. Normative References 1762 [IEEE.802.3_2018] 1763 IEEE, "802.3-2018", IEEE 802.3-2018, 1764 DOI 10.1109/IEEESTD.2018.8457469, August 2018, 1765 . 1767 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1768 Requirement Levels", BCP 14, RFC 2119, 1769 DOI 10.17487/RFC2119, March 1997, 1770 . 1772 [RFC2473] Conta, A. and S. Deering, "Generic Packet Tunneling in 1773 IPv6 Specification", RFC 2473, DOI 10.17487/RFC2473, 1774 December 1998, . 1776 [RFC6437] Amante, S., Carpenter, B., Jiang, S., and J. Rajahalme, 1777 "IPv6 Flow Label Specification", RFC 6437, 1778 DOI 10.17487/RFC6437, November 2011, 1779 . 1781 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 1782 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 1783 May 2017, . 1785 [RFC8200] Deering, S. and R. Hinden, "Internet Protocol, Version 6 1786 (IPv6) Specification", STD 86, RFC 8200, 1787 DOI 10.17487/RFC8200, July 2017, 1788 . 1790 [RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L., 1791 Decraene, B., Litkowski, S., and R. Shakir, "Segment 1792 Routing Architecture", RFC 8402, DOI 10.17487/RFC8402, 1793 July 2018, . 1795 [RFC8754] Filsfils, C., Ed., Dukes, D., Ed., Previdi, S., Leddy, J., 1796 Matsushima, S., and D. Voyer, "IPv6 Segment Routing Header 1797 (SRH)", RFC 8754, DOI 10.17487/RFC8754, March 2020, 1798 . 1800 13.2. Informative References 1802 [I-D.filsfils-spring-srv6-net-pgm-illustration] 1803 Filsfils, C., Camarillo, P., Li, Z., Matsushima, S., 1804 Decraene, B., Steinberg, D., Lebrun, D., Raszuk, R., and 1805 J. Leddy, "Illustrations for SRv6 Network Programming", 1806 draft-filsfils-spring-srv6-net-pgm-illustration-02 (work 1807 in progress), June 2020. 1809 [I-D.ietf-rtgwg-segment-routing-ti-lfa] 1810 Litkowski, S., Bashandy, A., Filsfils, C., Decraene, B., 1811 Francois, P., Voyer, D., Clad, F., and P. Camarillo, 1812 "Topology Independent Fast Reroute using Segment Routing", 1813 draft-ietf-rtgwg-segment-routing-ti-lfa-04 (work in 1814 progress), August 2020. 1816 [RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast 1817 Addresses", RFC 4193, DOI 10.17487/RFC4193, October 2005, 1818 . 1820 [RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private 1821 Networks (VPNs)", RFC 4364, DOI 10.17487/RFC4364, February 1822 2006, . 1824 [RFC4664] Andersson, L., Ed. and E. Rosen, Ed., "Framework for Layer 1825 2 Virtual Private Networks (L2VPNs)", RFC 4664, 1826 DOI 10.17487/RFC4664, September 2006, 1827 . 1829 [RFC4761] Kompella, K., Ed. and Y. Rekhter, Ed., "Virtual Private 1830 LAN Service (VPLS) Using BGP for Auto-Discovery and 1831 Signaling", RFC 4761, DOI 10.17487/RFC4761, January 2007, 1832 . 1834 [RFC4762] Lasserre, M., Ed. and V. Kompella, Ed., "Virtual Private 1835 LAN Service (VPLS) Using Label Distribution Protocol (LDP) 1836 Signaling", RFC 4762, DOI 10.17487/RFC4762, January 2007, 1837 . 1839 [RFC7432] Sajassi, A., Ed., Aggarwal, R., Bitar, N., Isaac, A., 1840 Uttaro, J., Drake, J., and W. Henderickx, "BGP MPLS-Based 1841 Ethernet VPN", RFC 7432, DOI 10.17487/RFC7432, February 1842 2015, . 1844 [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for 1845 Writing an IANA Considerations Section in RFCs", BCP 26, 1846 RFC 8126, DOI 10.17487/RFC8126, June 2017, 1847 . 1849 [RFC8214] Boutros, S., Sajassi, A., Salam, S., Drake, J., and J. 1850 Rabadan, "Virtual Private Wire Service Support in Ethernet 1851 VPN", RFC 8214, DOI 10.17487/RFC8214, August 2017, 1852 . 1854 [RFC8317] Sajassi, A., Ed., Salam, S., Drake, J., Uttaro, J., 1855 Boutros, S., and J. Rabadan, "Ethernet-Tree (E-Tree) 1856 Support in Ethernet VPN (EVPN) and Provider Backbone 1857 Bridging EVPN (PBB-EVPN)", RFC 8317, DOI 10.17487/RFC8317, 1858 January 2018, . 1860 Authors' Addresses 1862 Clarence Filsfils (editor) 1863 Cisco Systems, Inc. 1864 Belgium 1866 Email: cf@cisco.com 1868 Pablo Camarillo Garvia (editor) 1869 Cisco Systems, Inc. 1870 Spain 1872 Email: pcamaril@cisco.com 1874 John Leddy 1875 Individual Contributor 1876 United States of America 1878 Email: john@leddy.net 1880 Daniel Voyer 1881 Bell Canada 1882 Canada 1884 Email: daniel.voyer@bell.ca 1886 Satoru Matsushima 1887 SoftBank 1888 1-9-1,Higashi-Shimbashi,Minato-Ku 1889 Tokyo 105-7322 1890 Japan 1892 Email: satoru.matsushima@g.softbank.co.jp 1893 Zhenbin Li 1894 Huawei Technologies 1895 China 1897 Email: lizhenbin@huawei.com