idnits 2.17.1 draft-ietf-spring-srv6-network-programming-25.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (November 25, 2020) is 1247 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC8317' is defined on line 1871, but no explicit reference was found in the text == Outdated reference: A later version (-04) exists of draft-filsfils-spring-srv6-net-pgm-illustration-03 == Outdated reference: A later version (-13) exists of draft-ietf-rtgwg-segment-routing-ti-lfa-04 Summary: 0 errors (**), 0 flaws (~~), 4 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 SPRING C. Filsfils, Ed. 3 Internet-Draft P. Camarillo, Ed. 4 Intended status: Standards Track Cisco Systems, Inc. 5 Expires: May 29, 2021 J. Leddy 6 Individual Contributor 7 D. Voyer 8 Bell Canada 9 S. Matsushima 10 SoftBank 11 Z. Li 12 Huawei Technologies 13 November 25, 2020 15 SRv6 Network Programming 16 draft-ietf-spring-srv6-network-programming-25 18 Abstract 20 The SRv6 Network Programming framework enables a network operator or 21 an application to specify a packet processing program by encoding a 22 sequence of instructions in the IPv6 packet header. 24 Each instruction is implemented on one or several nodes in the 25 network and identified by an SRv6 Segment Identifier in the packet. 27 This document defines the SRv6 Network Programming concept and 28 specifies the base set of SRv6 behaviors that enables the creation of 29 interoperable overlays with underlay optimization. 31 Status of This Memo 33 This Internet-Draft is submitted in full conformance with the 34 provisions of BCP 78 and BCP 79. 36 Internet-Drafts are working documents of the Internet Engineering 37 Task Force (IETF). Note that other groups may also distribute 38 working documents as Internet-Drafts. The list of current Internet- 39 Drafts is at https://datatracker.ietf.org/drafts/current/. 41 Internet-Drafts are draft documents valid for a maximum of six months 42 and may be updated, replaced, or obsoleted by other documents at any 43 time. It is inappropriate to use Internet-Drafts as reference 44 material or to cite them other than as "work in progress." 46 This Internet-Draft will expire on May 29, 2021. 48 Copyright Notice 50 Copyright (c) 2020 IETF Trust and the persons identified as the 51 document authors. All rights reserved. 53 This document is subject to BCP 78 and the IETF Trust's Legal 54 Provisions Relating to IETF Documents 55 (https://trustee.ietf.org/license-info) in effect on the date of 56 publication of this document. Please review these documents 57 carefully, as they describe your rights and restrictions with respect 58 to this document. Code Components extracted from this document must 59 include Simplified BSD License text as described in Section 4.e of 60 the Trust Legal Provisions and are provided without warranty as 61 described in the Simplified BSD License. 63 Table of Contents 65 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 4 66 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 67 2.1. Requirements Language . . . . . . . . . . . . . . . . . . 5 68 3. SRv6 SID . . . . . . . . . . . . . . . . . . . . . . . . . . 5 69 3.1. SID Format . . . . . . . . . . . . . . . . . . . . . . . 6 70 3.2. SID Allocation within an SR domain . . . . . . . . . . . 7 71 3.3. SID Reachability . . . . . . . . . . . . . . . . . . . . 9 72 4. SR Endpoint Behaviors . . . . . . . . . . . . . . . . . . . . 10 73 4.1. End: Endpoint . . . . . . . . . . . . . . . . . . . . . . 12 74 4.1.1. Upper-Layer Header . . . . . . . . . . . . . . . . . 12 75 4.2. End.X: Layer-3 Cross-Connect . . . . . . . . . . . . . . 13 76 4.3. End.T: Specific IPv6 Table Lookup . . . . . . . . . . . . 14 77 4.4. End.DX6: Decapsulation and IPv6 Cross-Connect . . . . . . 14 78 4.5. End.DX4: Decapsulation and IPv4 Cross-Connect . . . . . . 15 79 4.6. End.DT6: Decapsulation and Specific IPv6 Table Lookup . . 16 80 4.7. End.DT4: Decapsulation and Specific IPv4 Table Lookup . . 17 81 4.8. End.DT46: Decapsulation and Specific IP Table Lookup . . 18 82 4.9. End.DX2: Decapsulation and L2 Cross-Connect . . . . . . . 19 83 4.10. End.DX2V: Decapsulation and VLAN L2 Table Lookup . . . . 20 84 4.11. End.DT2U: Decapsulation and Unicast MAC L2 Table Lookup . 21 85 4.12. End.DT2M: Decapsulation and L2 Table Flooding . . . . . . 22 86 4.13. End.B6.Encaps: Endpoint Bound to an SRv6 Policy w/ Encaps 22 87 4.14. End.B6.Encaps.Red: End.B6.Encaps with Reduced SRH . . . . 24 88 4.15. End.BM: Endpoint Bound to an SR-MPLS Policy . . . . . . . 24 89 4.16. Flavors . . . . . . . . . . . . . . . . . . . . . . . . . 25 90 4.16.1. PSP: Penultimate Segment Pop of the SRH . . . . . . 25 91 4.16.2. USP: Ultimate Segment Pop of the SRH . . . . . . . . 28 92 4.16.3. USD: Ultimate Segment Decapsulation . . . . . . . . 28 93 5. SR Policy Headend Behaviors . . . . . . . . . . . . . . . . . 29 94 5.1. H.Encaps: SR Headend with Encapsulation in an SRv6 Policy 30 95 5.2. H.Encaps.Red: H.Encaps with Reduced Encapsulation . . . . 30 96 5.3. H.Encaps.L2: H.Encaps Applied to Received L2 Frames . . . 31 97 5.4. H.Encaps.L2.Red: H.Encaps.Red Applied to Received L2 98 frames . . . . . . . . . . . . . . . . . . . . . . . . . 31 99 6. Counters . . . . . . . . . . . . . . . . . . . . . . . . . . 31 100 7. Flow-based Hash Computation . . . . . . . . . . . . . . . . . 32 101 8. Control Plane . . . . . . . . . . . . . . . . . . . . . . . . 32 102 8.1. IGP . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 103 8.2. BGP-LS . . . . . . . . . . . . . . . . . . . . . . . . . 33 104 8.3. BGP IP/VPN/EVPN . . . . . . . . . . . . . . . . . . . . . 33 105 8.4. Summary . . . . . . . . . . . . . . . . . . . . . . . . . 33 106 9. Security Considerations . . . . . . . . . . . . . . . . . . . 35 107 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 35 108 10.1. Ethernet Next Header Type . . . . . . . . . . . . . . . 35 109 10.2. SRv6 Endpoint Behaviors Registry . . . . . . . . . . . . 36 110 10.2.1. Initial Registrations . . . . . . . . . . . . . . . 36 111 11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 37 112 12. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 38 113 13. References . . . . . . . . . . . . . . . . . . . . . . . . . 41 114 13.1. Normative References . . . . . . . . . . . . . . . . . . 41 115 13.2. Informative References . . . . . . . . . . . . . . . . . 41 116 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 43 118 1. Introduction 120 Segment Routing [RFC8402] leverages the source routing paradigm. An 121 ingress node steers a packet through an ordered list of instructions, 122 called segments. Each one of these instructions represents a 123 function to be called at a specific location in the network. A 124 function is locally defined on the node where it is executed and may 125 range from simply moving forward in the Segment List to any complex 126 user-defined behavior. Network programming combines segment routing 127 functions, both simple and complex, to achieve a networking objective 128 that goes beyond mere packet routing. 130 This document defines the SRv6 Network Programming concept and 131 specifies the main segment routing behaviors to enable the creation 132 of interoperable overlays with underlay optimization. 134 The companion document 135 [I-D.filsfils-spring-srv6-net-pgm-illustration] illustrates the 136 concepts defined in this document. 138 Familiarity with the Segment Routing Header [RFC8754] is expected. 140 2. Terminology 142 The following terms used within this document are defined in 143 [RFC8402]: Segment Routing, SR Domain, Segment ID (SID), SRv6, SRv6 144 SID, SR Policy, Prefix-SID, and Adj-SID. 146 The following terms used within this document are defined in 147 [RFC8754]: SRH, SR Source Node, Transit Node, SR Segment Endpoint 148 Node, Reduced SRH, Segments Left and Last Entry. 150 SL: The Segments Left field of the SRH 152 FIB: Forwarding Information Base. A FIB lookup is a lookup in the 153 forwarding table. 155 SA: Source Address 157 DA: Destination Address 159 SRv6 SID function: The function part of the SID is an opaque 160 identification of a local behavior bound to the SID. It is formally 161 defined in Section 3.1 of this document. 163 SRv6 Segment Endpoint behavior: A packet processing behavior executed 164 at an SRv6 Segment Endpoint Node. Section 4 of this document defines 165 SRv6 Segment Endpoint behaviors related to traffic-engineering and 166 overlay use-cases. Other behaviors (e.g. service programming) are 167 outside the scope of this document. 169 An SR Policy is resolved to a SID list. A SID list is represented as 170 where S1 is the first SID to visit, S2 is the second SID 171 to visit and S3 is the last SID to visit along the SR path. 173 (SA,DA) (S3, S2, S1; SL) represents an IPv6 packet with: 175 - Source Address is SA, Destination Address is DA, and next-header is 176 SRH. 178 - SRH with SID list with Segments Left = SL. 180 - Note the difference between the <> and () symbols: 181 represents a SID list where S1 is the first SID and S3 is the last 182 SID to traverse. (S3, S2, S1; SL) represents the same SID list but 183 encoded in the SRH format where the rightmost SID in the SRH is the 184 first SID and the leftmost SID in the SRH is the last SID. When 185 referring to an SR policy in a high-level use-case, it is simpler 186 to use the notation. When referring to an 187 illustration of the detailed packet behavior, the (S3, S2, S1; SL) 188 notation is more convenient. 190 - The payload of the packet is omitted. 192 Per-VRF VPN label: a single label for the entire VRF that is shared 193 by all routes from that VRF ([RFC4364] Section 4.3.2) 195 Per-CE VPN label: a single label for each attachment circuit that is 196 shared by all routes with the same "outgoing attachment circuit" 197 ([RFC4364] Section 4.3.2) 199 2.1. Requirements Language 201 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 202 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 203 "OPTIONAL" in this document are to be interpreted as described in BCP 204 14 [RFC2119] [RFC8174] when, and only when, they appear in all 205 capitals, as shown here. 207 3. SRv6 SID 209 RFC8402 defines an SRv6 Segment Identifier as an IPv6 address 210 explicitly associated with the segment. 212 When an SRv6 SID is in the Destination Address field of an IPv6 213 header of a packet, it is routed through Transit Nodes in an IPv6 214 network as an IPv6 address. 216 Its processing is defined in [RFC8754] section 4.3 and reproduced 217 here as a reminder. 219 Without constraining the details of an implementation, the SR 220 segment endpoint node creates Forwarding Information Base (FIB) 221 entries for its local SIDs. 223 When an SRv6-capable node receives an IPv6 packet, it performs a 224 longest-prefix-match lookup on the packet's destination address. 225 This lookup can return any of the following: 227 * A FIB entry that represents a locally instantiated SRv6 SID 229 * A FIB entry that represents a local interface, not locally 230 instantiated as an SRv6 SID 232 * A FIB entry that represents a nonlocal route 234 * No Match 236 Section 4 of this document defines a new set of SRv6 SID behaviors in 237 addition to that defined in [RFC8754] Section 4.3.1. 239 3.1. SID Format 241 This document defines an SRv6 SID as consisting of LOC:FUNCT:ARG, 242 where a locator (LOC) is encoded in the L most significant bits of 243 the SID, followed by F bits of function (FUNCT) and A bits of 244 arguments (ARG). L, the locator length, is flexible, and an operator 245 is free to use the locator length of their choice. F and A may be 246 any value as long as L+F+A <= 128. When L+F+A is less than 128 then 247 the remaining bits of the SID MUST be zero. 249 A locator may be represented as B:N where B is the SRv6 SID block 250 (IPv6 prefix allocated for SRv6 SIDs by the operator) and N is the 251 identifier of the parent node instantiating the SID. 253 When the LOC part of the SRv6 SIDs is routable, it leads to the node 254 which instantiates the SID. 256 The FUNCT is an opaque identification of a local behavior bound to 257 the SID. 259 The term "function" refers to the bit-string in the SRv6 SID. The 260 term "behavior" identifies the behavior bound to the SID. The 261 behaviors are defined in Section 4 of this document. 263 An SRv6 Segment Endpoint Behavior may require additional information 264 for its processing (e.g. related to the flow or service). This 265 information may be encoded in the ARG bits of the SID. 267 In such a case, the semantics and format of the ARG bits are defined 268 as part of the SRv6 endpoint behavior specification. 270 The ARG value of a routed SID SHOULD remain constant among packets in 271 a given flow. Varying ARG values among packets in a flow may result 272 in different ECMP hashing and cause re-ordering. 274 3.2. SID Allocation within an SR domain 276 Locators are assigned consistent with IPv6 infrastructure allocation. 277 For example, a network operator may: 279 o Assign block B::/48 to the SR domain 281 o Assign a unique B:N::/64 block to each SRv6-enabled node in the 282 domain 284 As an example, one mobile service provider has commercially deployed 285 SRv6 across more than 1000 commercial routers and 1800 whitebox 286 routers. All these devices are enabled for SRv6 and advertise SRv6 287 SIDs. The provider historically deployed IPv6 and assigned 288 infrastructure addresses from ULA space [RFC4193]. They specifically 289 allocated three /48 prefixes (Country X, Country Y, Country Z) to 290 support their SRv6 infrastructure. From those /48 prefixes each 291 router was assigned a /64 prefix from which all SIDs of that router 292 are allocated. 294 In another example, a large mobile and fixed-line service provider 295 has commercially deployed SRv6 in their country-wide network. This 296 provider is assigned a /20 prefix by an RIR (Regional Internet 297 Registry). They sub-allocated a few /48 prefixes to their 298 infrastructure to deploy SRv6. Each router is assigned a /64 prefix 299 from which all SIDs of that router are allocated. 301 IPv6 address consumption in both these examples is minimal, 302 representing one billionth and one millionth of the available address 303 space, respectively. 305 A service provider receiving the current minimum allocation of a /32 306 from an RIR may assign a /48 prefix to their infrastructure deploying 307 SRv6, and subsequently allocate /64 prefixes for SIDs at each SRv6 308 node. The /48 assignment is one sixty-five thousandth (1/2^16) of 309 the usable IPv6 address space available for assignment by the 310 provider. 312 When an operator instantiates a SID at a node, they specify a SID 313 value B:N:FUNCT and the behavior bound to the SID using one of the 314 SRv6 Endpoint Behavior codepoint of the registry defined in this 315 document (see Table 4). 317 The node advertises the SID, B:N:FUNCT, in the control-plane (see 318 Section 8) together with the SRv6 Endpoint Behavior codepoint 319 identifying the behavior of the SID. 321 An SR Source Node cannot infer the behavior by examination of the 322 FUNCT value of a SID. 324 Therefore, the SRv6 Endpoint Behavior codepoint is advertised along 325 with the SID in the control plane. 327 An SR Source Node uses the SRv6 Endpoint Behavior codepoint to map 328 the received SID (B:N:FUNCT) to a behavior. 330 An SR Source Node selects a desired behavior at an advertising node 331 by selecting the SID (B:N:FUNCT) advertised with the desired 332 behavior. 334 As an example, a network operator may: 336 o Assign an SRv6 SID block 2001:db8:bbbb::/48 from their in-house 337 operation block for their SRv6 infrastructure 339 o Assign an SRv6 Locator 2001:db8:bbbb:3::/64 to one particular 340 router, for example Router 3, in their SR Domain 342 o At Router 3, within the locator 2001:db8:bbbb:3::/64, the network 343 operator or the router performs dynamic assignment for: 345 * Function 0x0100 associated with the behavior End.X (Endpoint 346 with cross-connect) between router 3 and its connected neighbor 347 router, for example Router 4. This function is encoded as 348 16-bit value and has no arguments (F=16, A=0). 349 This SID is advertised in the control plane as 350 2001:db8:bbbb:3:100:: with SRv6 Endpoint Behavior codepoint 351 value of 5. 353 * Function 0x0101 associated with the behavior End.X (Endpoint 354 with cross-connect) between router 3 and its connected neighbor 355 router, for example Router 2. This function is encoded as 356 16-bit value and has no arguments (F=16, A=0). 357 This SID is advertised in the control plane as 358 2001:db8:bbbb:3:101:: with SRv6 Endpoint Behavior codepoint 359 value of 5. 361 These examples do not preclude any other IPv6 addressing allocation 362 scheme. 364 3.3. SID Reachability 366 Most often, the node N would advertise IPv6 prefix(es) matching the 367 LOC parts covering its SIDs or shorter-mask prefix. The distribution 368 of these advertisements and calculation of their reachability are 369 specific to the routing protocol and are outside of the scope of this 370 document. 372 An SRv6 SID is said to be routed if its SID belongs to an IPv6 prefix 373 advertised via a routing protocol. An SRv6 SID that does not fulfill 374 this condition is non-routed. 376 Let's provide a classic illustration: 378 Node N is configured explicitly with two SIDs: 2001:db8:b:1:100:: and 379 2001:db8:b:2:101::. 381 The network learns about a path to 2001:db8:b:1::/64 via the IGP and 382 hence a packet destined to 2001:db8:b:1:100:: would be routed up to 383 N. The network does not learn about a path to 2001:db8:b:2::/64 via 384 the IGP and hence a packet destined to 2001:db8:b:2:101:: would not 385 be routed up to N. 387 A packet could be steered to a non-routed SID 2001:db8:b:2:101:: by 388 using a SID list <...,2001:db8:b:1:100::,2001:db8:b:2:101::,...> 389 where the non-routed SID is preceded by a routed SID to the same 390 node. Routed and non-routed SRv6 SIDs are the SRv6 instantiation of 391 global and local segments, respectively [RFC8402]. 393 4. SR Endpoint Behaviors 395 Following is a set of well-known behaviors that can be associated 396 with a SID. 398 End Endpoint function 399 The SRv6 instantiation of a Prefix SID [RFC8402] 400 End.X Endpoint with Layer-3 cross-connect 401 The SRv6 instantiation of an Adj SID [RFC8402] 402 End.T Endpoint with specific IPv6 table lookup 403 End.DX6 Endpoint with decapsulation and IPv6 cross-connect 404 e.g. IPv6-L3VPN (equivalent to per-CE VPN label) 405 End.DX4 Endpoint with decaps and IPv4 cross-connect 406 e.g. IPv4-L3VPN (equivalent to per-CE VPN label) 407 End.DT6 Endpoint with decapsulation and IPv6 table lookup 408 e.g. IPv6-L3VPN (equivalent to per-VRF VPN label) 409 End.DT4 Endpoint with decapsulation and IPv4 table lookup 410 e.g. IPv4-L3VPN (equivalent to per-VRF VPN label) 411 End.DT46 Endpoint with decapsulation and IP table lookup 412 e.g. IP-L3VPN (equivalent to per-VRF VPN label) 413 End.DX2 Endpoint with decapsulation and L2 cross-connect 414 e.g. L2VPN use-case 415 End.DX2V Endpoint with decaps and VLAN L2 table lookup 416 e.g. EVPN Flexible cross-connect use-case 417 End.DT2U Endpoint with decaps and unicast MAC L2table lookup 418 e.g. EVPN Bridging unicast use-case 419 End.DT2M Endpoint with decapsulation and L2 table flooding 420 e.g. EVPN Bridging BUM use-case with ESI filtering 421 End.B6.Encaps Endpoint bound to an SRv6 policy with encapsulation 422 SRv6 instantiation of a Binding SID 423 End.B6.Encaps.RED End.B6.Encaps with reduced SRH 424 SRv6 instantiation of a Binding SID 425 End.BM Endpoint bound to an SR-MPLS Policy 426 SRv6 instantiation of an SR-MPLS Binding SID 428 The list is not exhaustive. In practice, any function can be 429 attached to a local SID: e.g. a node N can bind a SID to a local VM 430 or container which can apply any complex processing on the packet, 431 provided there is a behavior codepoint allocated for the processing. 433 When an SRv6-capable node (N) receives an IPv6 packet whose 434 destination address matches a FIB entry that represents a locally 435 instantiated SRv6 SID (S), the IPv6 header chain is processed as 436 defined in Section 4 of [RFC8200]. For SRv6 SIDs associated with an 437 Endpoint Behavior defined in this document, the SRH and Upper-layer 438 Header are processed as defined in the following subsections. 440 The pseudocode describing these behaviors details local processing at 441 a node. An implementation of the pseudocode is compliant as long as 442 the externally observable wire protocol is as described by the 443 pseudocode. 445 Section 4.16 defines flavors of some of these behaviors. 447 Section 10.2 of this document defines the IANA Registry used to 448 maintain all these behaviors as well as future ones defined in other 449 documents. 451 4.1. End: Endpoint 453 The Endpoint behavior ("End" for short) is the most basic behavior. 454 It is the instantiation of a Prefix-SID [RFC8402]. 456 When N receives a packet whose IPv6 DA is S and S is a local End SID, 457 N does: 459 S01. When an SRH is processed { 460 S02. If (Segments Left == 0) { 461 S03. Stop processing the SRH, and proceed to process the next 462 header in the packet, whose type is identified by 463 the Next Header field in the routing header. 464 S04. } 465 S05. If (IPv6 Hop Limit <= 1) { 466 S06. Send an ICMP Time Exceeded message to the Source Address, 467 Code 0 (Hop limit exceeded in transit), 468 interrupt packet processing and discard the packet. 469 S07. } 470 S08. max_LE = (Hdr Ext Len / 2) - 1 471 S09. If ((Last Entry > max_LE) or (Segments Left > Last Entry+1)) { 472 S10. Send an ICMP Parameter Problem to the Source Address, 473 Code 0 (Erroneous header field encountered), 474 Pointer set to the Segments Left field, 475 interrupt packet processing and discard the packet. 477 S11. } 478 S12. Decrement IPv6 Hop Limit by 1 479 S13. Decrement Segments Left by 1 480 S14. Update IPv6 DA with Segment List[Segments Left] 481 S15. Submit the packet to the egress IPv6 FIB lookup and 482 transmission to the new destination 483 S16. } 485 Notes: 486 The End behavior operates on the same FIB table (i.e. identified by 487 VRF or L3 relay id) associated to the packet. Hence the FIB lookup 488 on line S15 is done in the same FIB table as the ingress interface. 490 4.1.1. Upper-Layer Header 492 When processing the Upper-layer Header of a packet matching a FIB 493 entry locally instantiated as an SRv6 End SID do the following: 495 S01. If (Upper-Layer Header type is allowed by local configuration) { 496 S02. Proceed to process the Upper-layer Header 497 S03. } Else { 498 S04. Send an ICMP Parameter Problem to the Source Address, 499 Code 4 (SR Upper-layer Header Error), 500 Pointer set to the offset of the Upper-layer Header, 501 Interrupt packet processing and discard the packet. 502 S05 } 504 Allowing processing of specific Upper-Layer Headers types is useful 505 for OAM. As an example, an operator might permit pinging of SIDs. 506 To do this they may enable local configuration to allow Upper-layer 507 Header type 58 (ICMPv6). 509 It is RECOMMENDED that an implementation of local configuration only 510 allows Upper-layer Header processing of types that do not result in 511 the packet being forwarded (e.g. ICMPv6). 513 4.2. End.X: Layer-3 Cross-Connect 515 The "Endpoint with cross-connect to an array of layer-3 adjacencies" 516 behavior (End.X for short) is a variant of the End behavior. 518 It is the SRv6 instantiation of an Adjacency-SID [RFC8402] and its 519 main use is for traffic-engineering policies. 521 Any SID instance of this behavior is associated with a set, J, of one 522 or more Layer-3 adjacencies. 524 When N receives a packet destined to S and S is a local End.X SID, 525 the line S15 from the End processing is replaced by the following: 527 S15. Submit the packet to the IPv6 module for transmission 528 to the new destination via a member of J 530 Notes: 531 S15. If the set J contains several L3 adjacencies, then one element 532 of the set is selected based on a hash of the packet's header (see 533 Section 7). 535 If a node N has 30 outgoing interfaces to 30 neighbors, usually the 536 operator would explicitly instantiate 30 End.X SIDs at N: one per 537 layer-3 adjacency to a neighbor. Potentially, more End.X could be 538 explicitly defined (groups of layer-3 adjacencies to the same 539 neighbor or to different neighbors). 541 Note that if N has an outgoing interface bundle I to a neighbor Q 542 made of 10 member links, N may allocate up to 11 End.X local SIDs: 543 one for the bundle itself and then up to one for each Layer-2 member 544 link. The flows steered using the End.X SID corresponding to the 545 bundle itself get load balanced across the member links via hashing 546 while the flows steered using the End.X SID corresponding to a member 547 link get steered over that specific member link alone. 549 When the End.X behavior is associated with a BGP Next-Hop, it is the 550 SRv6 instantiation of the BGP Peering Segments [RFC8402]. 552 When processing the Upper-layer Header of a packet matching a FIB 553 entry locally instantiated as an SRv6 End.X SID, process the packet 554 as per Section 4.1.1. 556 4.3. End.T: Specific IPv6 Table Lookup 558 The "Endpoint with specific IPv6 table lookup" behavior (End.T for 559 short) is a variant of the End behavior. 561 The End.T behavior is used for multi-table operation in the core. 562 For this reason, an instance of the End.T behavior is associated with 563 an IPv6 FIB table T. 565 When N receives a packet destined to S and S is a local End.T SID, 566 the line S15 from the End processing is replaced by the following: 568 S15.1. Set the packet's associated FIB table to T 569 S15.2. Submit the packet to the egress IPv6 FIB lookup and 570 transmission to the new destination 572 When processing the Upper-layer Header of a packet matching a FIB 573 entry locally instantiated as an SRv6 End.T SID, process the packet 574 as per Section 4.1.1. 576 4.4. End.DX6: Decapsulation and IPv6 Cross-Connect 578 The "Endpoint with decapsulation and cross-connect to an array of 579 IPv6 adjacencies" behavior (End.DX6 for short) is a variant of the 580 End.X behavior. 582 One of the applications of the End.DX6 behavior is the L3VPNv6 use- 583 case where a FIB lookup in a specific tenant table at the egress 584 Provider Edge (PE) is not required. This is equivalent to the per-CE 585 VPN label in MPLS [RFC4364]. 587 The End.DX6 SID MUST be the last segment in a SR Policy, and it is 588 associated with one or more L3 IPv6 adjacencies J. 590 When N receives a packet destined to S and S is a local End.DX6 SID, 591 N does the following processing: 593 S01. When an SRH is processed { 594 S02. If (Segments Left != 0) { 595 S03. Send an ICMP Parameter Problem to the Source Address, 596 Code 0 (Erroneous header field encountered), 597 Pointer set to the Segments Left field, 598 interrupt packet processing and discard the packet. 599 S04. } 600 S05. Proceed to process the next header in the packet 601 S06. } 603 When processing the Upper-layer header of a packet matching a FIB 604 entry locally instantiated as an SRv6 End.DX6 SID, the following is 605 done: 607 S01. If (Upper-Layer Header type == 41(IPv6) ) { 608 S02. Remove the outer IPv6 Header with all its extension headers 609 S03. Forward the exposed IPv6 packet to the L3 adjacency J 610 S04. } Else { 611 S05. Process as per Section 4.1.1 612 S06. } 614 Notes: 615 S01. 41 refers to IPv6 encapsulation as defined by IANA allocation 616 for Internet Protocol Numbers. 617 S03. If the End.DX6 SID is bound to an array of L3 adjacencies, then 618 one entry of the array is selected based on the hash of the packet's 619 header (see Section 7). 621 4.5. End.DX4: Decapsulation and IPv4 Cross-Connect 623 The "Endpoint with decapsulation and cross-connect to an array of 624 IPv4 adjacencies" behavior (End.DX4 for short) is a variant of the 625 End.X behavior. 627 One of the applications of the End.DX4 behavior is the L3VPNv4 use- 628 case where a FIB lookup in a specific tenant table at the egress PE 629 is not required. This is equivalent to the per-CE VPN label in MPLS 630 [RFC4364]. 632 The End.DX4 SID MUST be the last segment in a SR Policy, and it is 633 associated with one or more L3 IPv4 adjacencies J. 635 When N receives a packet destined to S and S is a local End.DX4 SID, 636 N does the following processing: 638 S01. When an SRH is processed { 639 S02. If (Segments Left != 0) { 640 S03. Send an ICMP Parameter Problem to the Source Address, 641 Code 0 (Erroneous header field encountered), 642 Pointer set to the Segments Left field, 643 interrupt packet processing and discard the packet. 644 S04. } 645 S05. Proceed to process the next header in the packet 646 S06. } 648 When processing the Upper-layer header of a packet matching a FIB 649 entry locally instantiated as an SRv6 End.DX4 SID, the following is 650 done: 652 S01. If (Upper-Layer Header type == 4(IPv4) ) { 653 S02. Remove the outer IPv6 Header with all its extension headers 654 S03. Forward the exposed IPv4 packet to the L3 adjacency J 655 S04. } Else { 656 S05. Process as per Section 4.1.1 657 S06. } 659 Notes: 660 S01. 4 refers to IPv4 encapsulation as defined by IANA allocation for 661 Internet Protocol Numbers 662 S03. If the End.DX4 SID is bound to an array of L3 adjacencies, then 663 one entry of the array is selected based on the hash of the packet's 664 header (see Section 7). 666 4.6. End.DT6: Decapsulation and Specific IPv6 Table Lookup 668 The "Endpoint with decapsulation and specific IPv6 table lookup" 669 behavior (End.DT6 for short) is a variant of the End.T behavior. 671 One of the applications of the End.DT6 behavior is the L3VPNv6 use- 672 case where a FIB lookup in a specific tenant table at the egress PE 673 is required. This is equivalent to the per-VRF VPN label in MPLS 674 [RFC4364]. 676 Note that an End.DT6 may be defined for the main IPv6 table in which 677 case an End.DT6 supports the equivalent of an IPv6inIPv6 678 decapsulation (without VPN/tenant implication). 680 The End.DT6 SID MUST be the last segment in a SR Policy, and a SID 681 instance is associated with an IPv6 FIB table T. 683 When N receives a packet destined to S and S is a local End.DT6 SID, 684 N does the following processing: 686 S01. When an SRH is processed { 687 S02. If (Segments Left != 0) { 688 S03. Send an ICMP Parameter Problem to the Source Address, 689 Code 0 (Erroneous header field encountered), 690 Pointer set to the Segments Left field, 691 interrupt packet processing and discard the packet. 692 S04. } 693 S05. Proceed to process the next header in the packet 694 S06. } 696 When processing the Upper-layer header of a packet matching a FIB 697 entry locally instantiated as an SRv6 End.DT6 SID, N does the 698 following: 700 S01. If (Upper-Layer Header type == 41(IPv6) ) { 701 S02. Remove the outer IPv6 Header with all its extension headers 702 S03. Set the packet's associated FIB table to T 703 S04. Submit the packet to the egress IPv6 FIB lookup and 704 transmission to the new destination 705 S05. } Else { 706 S06. Process as per Section 4.1.1 707 S07. } 709 4.7. End.DT4: Decapsulation and Specific IPv4 Table Lookup 711 The "Endpoint with decapsulation and specific IPv4 table lookup" 712 behavior (End.DT4 for short) is a variant of the End.T behavior. 714 One of the applications of the End.DT4 behavior is the L3VPNv4 use- 715 case where a FIB lookup in a specific tenant table at the egress PE 716 is required. This is equivalent to the per-VRF VPN label in MPLS 717 [RFC4364]. 719 Note that an End.DT4 may be defined for the main IPv4 table in which 720 case an End.DT4 supports the equivalent of an IPv4inIPv6 721 decapsulation (without VPN/tenant implication). 723 The End.DT4 SID MUST be the last segment in a SR Policy, and a SID 724 instance is associated with an IPv4 FIB table T. 726 When N receives a packet destined to S and S is a local End.DT4 SID, 727 N does the following processing: 729 S01. When an SRH is processed { 730 S02. If (Segments Left != 0) { 731 S03. Send an ICMP Parameter Problem to the Source Address, 732 Code 0 (Erroneous header field encountered), 733 Pointer set to the Segments Left field, 734 interrupt packet processing and discard the packet. 735 S04. } 736 S05. Proceed to process the next header in the packet 737 S06. } 739 When processing the Upper-layer header of a packet matching a FIB 740 entry locally instantiated as an SRv6 End.DT4 SID, N does the 741 following: 743 S01. If (Upper-Layer Header type == 4(IPv4) ) { 744 S02. Remove the outer IPv6 Header with all its extension headers 745 S03. Set the packet's associated FIB table to T 746 S04. Submit the packet to the egress IPv4 FIB lookup and 747 transmission to the new destination 748 S05. } Else { 749 S06. Process as per Section 4.1.1 750 S07. } 752 4.8. End.DT46: Decapsulation and Specific IP Table Lookup 754 The "Endpoint with decapsulation and specific IP table lookup" 755 behavior (End.DT46 for short) is a variant of the End.DT4 and End.DT6 756 behavior. 758 One of the applications of the End.DT46 behavior is the L3VPN use- 759 case where a FIB lookup in a specific IP tenant table at the egress 760 PE is required. This is equivalent to single per-VRF VPN label (for 761 IPv4 and IPv6) in MPLS[RFC4364]. 763 Note that an End.DT46 may be defined for the main IP table in which 764 case an End.DT46 supports the equivalent of an IPinIPv6 765 decapsulation(without VPN/tenant implication). 767 The End.DT46 SID MUST be the last segment in a SR Policy, and a SID 768 instance is associated with an IPv4 FIB table T4 and an IPv6 FIB 769 table T6. 771 When N receives a packet destined to S and S is a local End.DT46 SID, 772 N does the following processing: 774 S01. When an SRH is processed { 775 S02. If (Segments Left != 0) { 776 S03. Send an ICMP Parameter Problem to the Source Address, 777 Code 0 (Erroneous header field encountered), 778 Pointer set to the Segments Left field, 779 interrupt packet processing and discard the packet. 780 S04. } 781 S05. Proceed to process the next header in the packet 782 S06. } 784 When processing the Upper-layer header of a packet matching a FIB 785 entry locally instantiated as an SRv6 End.DT46 SID, N does the 786 following: 788 S01. If (Upper-layer Header type == 4(IPv4) ) { 789 S02. Remove the outer IPv6 Header with all its extension headers 790 S03. Set the packet's associated FIB table to T4 791 S04. Submit the packet to the egress IPv4 FIB lookup and 792 transmission to the new destination 793 S05. } Else if (Upper-layer Header type == 41(IPv6) ) { 794 S06. Remove the outer IPv6 Header with all its extension headers 795 S07. Set the packet's associated FIB table to T6 796 S08. Submit the packet to the egress IPv6 FIB lookup and 797 transmission to the new destination 798 S09. } Else { 799 S10. Process as per Section 4.1.1 800 S11. } 802 4.9. End.DX2: Decapsulation and L2 Cross-Connect 804 The "Endpoint with decapsulation and Layer-2 cross-connect to an 805 outgoing L2 interface (OIF)" (End.DX2 for short) is a variant of the 806 endpoint behavior. 808 One of the applications of the End.DX2 behavior is the L2VPN 809 [RFC4664] / EVPN VPWS [RFC7432] [RFC8214] use-case. 811 The End.DX2 SID MUST be the last segment in a SR Policy, and it is 812 associated with one outgoing interface I. 814 When N receives a packet destined to S and S is a local End.DX2 SID, 815 N does: 817 S01. When an SRH is processed { 818 S02. If (Segments Left != 0) { 819 S03. Send an ICMP Parameter Problem to the Source Address, 820 Code 0 (Erroneous header field encountered), 821 Pointer set to the Segments Left field, 822 interrupt packet processing and discard the packet. 823 S04. } 824 S05. Proceed to process the next header in the packet 825 S06. } 827 When processing the Upper-layer header of a packet matching a FIB 828 entry locally instantiated as an SRv6 End.DX2 SID, the following is 829 done: 831 S01. If (Upper-Layer Header type == 143(Ethernet) ) { 832 S02. Remove the outer IPv6 Header with all its extension headers 833 S03. Forward the Ethernet frame to the OIF I 834 S04. } Else { 835 S05. Process as per Section 4.1.1 836 S06. } 838 Notes: 839 S01. IANA has allocated the Internet Protocol number 143 to Ethernet 840 [IEEE.802.3_2018] (see Section 10.1). 841 S03. An End.DX2 behavior could be customized to expect a specific 842 IEEE header (e.g. VLAN tag) and rewrite the egress IEEE header 843 before forwarding on the outgoing interface. 845 Note that an End.DX2 SID may also be associated with a bundle of 846 outgoing interfaces. 848 4.10. End.DX2V: Decapsulation and VLAN L2 Table Lookup 850 The "Endpoint with decapsulation and specific VLAN table lookup" 851 behavior (End.DX2V for short) is a variant of the End.DX2 behavior. 853 One of the applications of the End.DX2V behavior is the EVPN Flexible 854 cross-connect use-case. The End.DX2V behavior is used to perform a 855 lookup of the Ethernet frame VLANs in a particular L2 table. Any SID 856 instance of this behavior is associated with an L2 Table T. 858 When N receives a packet whose IPv6 DA is S and S is a local End.DX2 859 SID, the processing is identical to the End.DX2 behavior except for 860 the Upper-layer header processing which is modified as follows: 862 S03. Lookup the exposed VLANs in L2 table T, and forward 863 via the matched table entry. 865 Notes: 866 S03. An End.DX2V behavior could be customized to expect a specific 867 VLAN format and rewrite the egress VLAN header before forwarding on 868 the outgoing interface. 870 4.11. End.DT2U: Decapsulation and Unicast MAC L2 Table Lookup 872 The "Endpoint with decapsulation and specific unicast MAC L2 table 873 lookup" behavior (End.DT2U for short) is a variant of the End 874 behavior. 876 One of the applications of the End.DT2U behavior is the EVPN Bridging 877 unicast [RFC7432]. Any SID instance of the End.DT2U behavior is 878 associated with an L2 Table T. 880 When N receives a packet whose IPv6 DA is S and S is a local End.DT2U 881 SID, the processing is identical to the End.DX2 behavior except for 882 the Upper-layer header processing which is as follows: 884 S01. If (Upper-Layer Header type == 143(Ethernet) ) { 885 S02. Remove the outer IPv6 Header with all its extension headers 886 S03. Learn the exposed MAC Source Address in L2 Table T 887 S04. Lookup the exposed MAC Destination Address in L2 Table T 888 S05. If (matched entry in T) { 889 S06. Forward via the matched table T entry 890 S07. } Else { 891 S08. Forward via all L2 OIFs entries in table T 892 S09. } 893 S10. } Else { 894 S11. Process as per Section 4.1.1 895 S12. } 897 Notes: 898 S01. IANA has allocated the Internet Protocol number 143 to Ethernet 899 (see Section 10.1). 900 S03. In EVPN [RFC7432], the learning of the exposed MAC Source 901 Address is done via control plane. In L2VPN VPLS [RFC4761] [RFC4762] 902 reachability is obtained by standard learning bridge functions in the 903 data plane. 905 4.12. End.DT2M: Decapsulation and L2 Table Flooding 907 The "Endpoint with decapsulation and specific L2 table flooding" 908 behavior (End.DT2M for short) is a variant of the End.DT2U behavior. 910 Two of the applications of the End.DT2M behavior are the EVPN 911 Bridging of broadcast, unknown and multicast (BUM) traffic with 912 Ethernet Segment Identifier (ESI) filtering [RFC7432] and the EVPN 913 ETREE [RFC8317]use-cases. 915 Any SID instance of this behavior is associated with a L2 table T. 916 The behavior also takes an argument: "Arg.FE2". This argument 917 provides a local mapping to ESI for split-horizon filtering of the 918 received traffic to exclude specific OIF (or set of OIFs) from L2 919 table T flooding. The allocation of the argument values is local to 920 the SR Endpoint Node instantiating this behavior and the signaling of 921 the argument to other nodes for the EVPN functionality via control 922 plane. 924 When N receives a packet whose IPv6 DA is S and S is a local End.DT2M 925 SID, the processing is identical to the End.DX2 behavior except for 926 the Upper-layer header processing which is as follows: 928 S01. If (Upper-Layer Header type == 143(Ethernet) ) { 929 S02. Remove the outer IPv6 Header with all its extension headers 930 S03. Learn the exposed MAC Source Address in L2 Table T 931 S04. Forward via all L2OIFs excluding those associated by the 932 identifier Arg.FE2 933 S05. } Else { 934 S06. Process as per Section 4.1.1 935 S07. } 937 Notes: 938 S01. IANA has allocated the Internet Protocol number 143 to Ethernet 939 (see Section 10.1). 940 S03. In EVPN [RFC7432], the learning of the exposed MAC Source 941 Address is done via control plane. In L2VPN VPLS [RFC4761] [RFC4762] 942 reachability is obtained by standard learning bridge functions in the 943 data plane. 945 4.13. End.B6.Encaps: Endpoint Bound to an SRv6 Policy w/ Encaps 947 This is a variation of the End behavior. 949 One of its applications is to express scalable traffic-engineering 950 policies across multiple domains. It is one of the SRv6 951 instantiations of a Binding SID [RFC8402]. 953 Any SID instance of this behavior is associated with an SR Policy B 954 and a source address A. 956 When N receives a packet whose IPv6 DA is S and S is a local 957 End.B6.Encaps SID, does: 959 S01. When an SRH is processed { 960 S02. If (Segments Left == 0) { 961 S03. Stop processing the SRH, and proceed to process the next 962 header in the packet, whose type is identified by 963 the Next Header field in the routing header. 964 S04. } 965 S05. If (IPv6 Hop Limit <= 1) { 966 S06. Send an ICMP Time Exceeded message to the Source Address, 967 Code 0 (Hop limit exceeded in transit), 968 interrupt packet processing and discard the packet. 969 S07. } 970 S08. max_LE = (Hdr Ext Len / 2) - 1 971 S09. If ((Last Entry > max_LE) or (Segments Left > (Last Entry+1)) { 972 S10. Send an ICMP Parameter Problem to the Source Address, 973 Code 0 (Erroneous header field encountered), 974 Pointer set to the Segments Left field, 975 interrupt packet processing and discard the packet. 976 S11. } 977 S12. Decrement IPv6 Hop Limit by 1 978 S13. Decrement Segments Left by 1 979 S14. Update IPv6 DA with Segment List[Segments Left] 980 S15. Push a new IPv6 header with its own SRH containing B 981 S16. Set the outer IPv6 SA to A 982 S17. Set the outer IPv6 DA to the first SID of B 983 S18. Set the outer Payload Length, Traffic Class, Flow Label, 984 Hop Limit and Next-Header fields 985 S19. Submit the packet to the egress IPv6 FIB lookup and 986 transmission to the new destination 987 S20. } 989 Notes: 990 S14. The SRH MAY be omitted when the SRv6 Policy B only contains one 991 SID and there is no need to use any flag, tag or TLV. 992 S17. The Payload Length, Traffic Class, Hop Limit and Next-Header 993 fields are set as per [RFC2473]. The Flow Label is computed as per 994 [RFC6437]. 996 When processing the Upper-layer header of a packet matching a FIB 997 entry locally instantiated as an SRv6 End.B6.Encaps SID, process the 998 packet as per Section 4.1.1. 1000 4.14. End.B6.Encaps.Red: End.B6.Encaps with Reduced SRH 1002 This is an optimization of the End.B6.Encaps behavior. 1004 End.B6.Encaps.Red reduces the size of the SRH by one SID by excluding 1005 the first SID in the SRH of the new IPv6 header. Thus, the first 1006 segment is only placed in the IPv6 Destination Address of the new 1007 IPv6 header and the packet is forwarded according to it. 1009 The SRH Last Entry field is set as defined in Section 4.1.1 of 1010 [RFC8754]. 1012 The SRH MAY be omitted when the SRv6 Policy only contains one segment 1013 and there is no need to use any flag, tag or TLV. 1015 4.15. End.BM: Endpoint Bound to an SR-MPLS Policy 1017 The "Endpoint bound to an SR-MPLS Policy" is a variant of the End 1018 behavior. 1020 The End.BM behavior is required to express scalable traffic- 1021 engineering policies across multiple domains where some domains 1022 support the MPLS instantiation of Segment Routing. This is an SRv6 1023 instantiation of an SR-MPLS Binding SID [RFC8402]. 1025 Any SID instance of this behavior is associated with an SR-MPLS 1026 Policy B. 1028 When N receives a packet whose IPv6 DA is S and S is a local End.BM 1029 SID, does: 1031 S01. When an SRH is processed { 1032 S02. If (Segments Left == 0) { 1033 S03. Stop processing the SRH, and proceed to process the next 1034 header in the packet, whose type is identified by 1035 the Next Header field in the routing header. 1036 S04. } 1037 S05. If (IPv6 Hop Limit <= 1) { 1038 S06. Send an ICMP Time Exceeded message to the Source Address, 1039 Code 0 (Hop limit exceeded in transit), 1040 interrupt packet processing and discard the packet. 1042 S07. } 1043 S08. max_LE = (Hdr Ext Len / 2) - 1 1044 S09. If ((Last Entry > max_LE) or (Segments Left > (Last Entry+1)) { 1045 S10. Send an ICMP Parameter Problem to the Source Address, 1046 Code 0 (Erroneous header field encountered), 1047 Pointer set to the Segments Left field, 1048 interrupt packet processing and discard the packet. 1050 S11. } 1051 S12. Decrement IPv6 Hop Limit by 1 1052 S13. Decrement Segments Left by 1 1053 S14. Update IPv6 DA with Segment List[Segments Left] 1054 S15. Push the MPLS label stack for B 1055 S16. Submit the packet to the MPLS engine for transmission to the 1056 topmost label. 1057 S17. } 1059 When processing the Upper-layer header of a packet matching a FIB 1060 entry locally instantiated as an SRv6 End.BM SID, process the packet 1061 as per Section 4.1.1. 1063 4.16. Flavors 1065 The Penultimate Segment Pop of the SRH (PSP), Ultimate Segment Pop of 1066 the SRH (USP) and Ultimate Segment Decapsulation (USD) flavors are 1067 variants of the End, End.X and End.T behaviors. The End, End.X and 1068 End.T behaviors can support these flavors either individually or in 1069 combinations. 1071 4.16.1. PSP: Penultimate Segment Pop of the SRH 1073 4.16.1.1. Guidelines 1075 SR Segment Endpoint Nodes advertise the SIDs instantiated on them via 1076 control plane protocols as described in Section 8. Different 1077 behavior ids are allocated for flavored and unflavored SIDs (see 1078 Table 4). 1080 An SR Segment Endpoint Node that offers both PSP and non-PSP flavored 1081 behavior advertises them as two different SIDs. 1083 The SR Segment Endpoint Node only advertises the PSP flavor if the 1084 operator enables this capability at the node. 1086 The PSP operation is deterministically controlled by the SR Source 1087 Node. 1089 A PSP-flavored SID is used by the Source SR Node when it needs to 1090 instruct the penultimate SR Segment Endpoint Node listed in the SRH 1091 to remove the SRH from the IPv6 header. 1093 4.16.1.2. Definition 1095 SR Segment Endpoint Nodes receive the IPv6 packet with the 1096 Destination Address field of the IPv6 Header equal to its SID 1097 address. 1099 A penultimate SR Segment Endpoint Node is one that, as part of the 1100 SID processing, copies the last SID from the SRH into the IPv6 1101 Destination Address and decrements the Segments Left value from one 1102 to zero. 1104 The PSP operation only takes place at a penultimate SR Segment 1105 Endpoint Node and does not happen at any Transit Node. When a SID of 1106 PSP-flavor is processed at a non-penultimate SR Segment Endpoint 1107 Node, the PSP behavior is not performed as described in the 1108 pseudocode below since Segments Left would not be zero. 1110 The SRH processing of the End, End.X and End.T behaviors are 1111 modified: after the instruction "S14. Update IPv6 DA with Segment 1112 List[Segments Left]" is executed, the following instructions must be 1113 executed as well: 1115 S14.1. If (Segments Left == 0) { 1116 S14.2. Update the Next Header field in the preceding header to the 1117 Next Header value from the SRH 1118 S14.3. Decrease the IPv6 header Payload Length by 8*(Hdr Ext Len+1) 1119 S14.4. Remove the SRH from the IPv6 extension header chain 1120 S14.5. } 1122 The usage of PSP does not increase the MTU of the IPv6 packet and 1123 hence does not have any impact on the PMTU discovery mechanism. 1125 As a reminder, [RFC8754] defines in section 5 the SR Deployment Model 1126 within the SR Domain [RFC8402]. Within this framework, the 1127 Authentication Header (AH) is not used to secure the SRH as described 1128 in Section 7.5 of [RFC8754]. 1130 In the context of this specification, the End, End.X and End.T 1131 behaviors with PSP do not contravene Section 4 of [RFC8200] because 1132 the destination address of the incoming packet is the address of the 1133 node executing the behavior. 1135 4.16.1.3. Use-case 1137 One use-case for the PSP functionality is streamlining the operation 1138 of an egress border router. 1140 +----------------------------------------------------+ 1141 | | 1142 +-+-+ +--+ +--+ +--+ +-+-+ 1143 |iPE+-------->+R2+-------->+R3+-------->+R4+-------->+ePE| 1144 | R1| +--+ +--+ +--+ |R5 | 1145 +-+-+ +-----+ +-----+ +-----+ +-----+ +-+-+ 1146 | |IPv6 | |IPv6 | |IPv6 | |IPv6 | | 1147 | |DA=R3| |DA=R3| |DA=R5| |DA=R5| | 1148 | +-----+ +-----+ +-----+ +-----+ | 1149 | | SRH | | SRH | | IP | | IP | | 1150 | |SL=1 | |SL=1 | +-----+ +-----+ | 1151 | | R5 | | R5 | | 1152 | +-----+ +-----+ | 1153 | | IP | | IP | | 1154 | +-----+ +-----+ | 1155 | | 1156 +----------------------------------------------------+ 1158 Figure 1: PSP use-case topology 1160 In the above illustration, for a packet sent from iPE to ePE, node R3 1161 is an intermediate traffic engineering waypoint and is the 1162 penultimate segment endpoint router; the node that copies the last 1163 segment from the SRH into the IPv6 Destination Address and decrements 1164 segments left to 0. The SDN controller knows that no other node 1165 after R3 needs to inspect the SRH, and it instructs R3 to remove the 1166 exhausted SRH from the packet by using a PSP-flavored SID. 1168 The benefits for the egress PE are straightforward: 1170 -as part of the decapsulation process the egress PE is required to 1171 parse and remove fewer bytes from the packet. 1173 -if a lookup on an upper-layer IP header is required (e.g. per-VRF 1174 VPN), the header is more likely to be within the memory accessible 1175 to the lookup engine in the forwarding ASIC (Application-specific 1176 integrated circuit). 1178 4.16.2. USP: Ultimate Segment Pop of the SRH 1180 The SRH processing of the End, End.X and End.T behaviors are 1181 modified: the instructions S02-S04 are substituted by the following 1182 ones: 1184 S02. If (Segments Left == 0) { 1185 S03.1. Update the Next Header field in the preceding header to the 1186 Next Header value of the SRH 1187 S03.2. Decrease the IPv6 header Payload Length by 8*(Hdr Ext Len+1) 1188 S03.3. Remove the SRH from the IPv6 extension header chain 1189 S03.4. Proceed to process the next header in the packet 1190 S04. } 1192 One of the applications of the USP flavor is when a packet with an 1193 SRH is destined to an application on hosts with smartNICs 1194 implementing SRv6. The USP flavor is used to remove the consumed SRH 1195 from the extension header chain before sending the packet to the 1196 host. 1198 4.16.3. USD: Ultimate Segment Decapsulation 1200 The Upper-layer header processing of the End, End.X and End.T 1201 behaviors are modified as follows: 1203 End: 1204 S01. If (Upper-layer Header type == 41(IPv6) ) { 1205 S02. Remove the outer IPv6 Header with all its extension headers 1206 S03. Submit the packet to the egress IPv6 FIB lookup and 1207 transmission to the new destination 1208 S04. } Else if (Upper-layer Header type == 4(IPv4) ) { 1209 S05. Remove the outer IPv6 Header with all its extension headers 1210 S06. Submit the packet to the egress IPv4 FIB lookup and 1211 transmission to the new destination 1212 S07. Else { 1213 S08. Process as per Section 4.1.1 1214 S09. } 1215 End.T: 1216 S01. If (Upper-layer Header type == 41(IPv6) ) { 1217 S02. Remove the outer IPv6 Header with all its extension headers 1218 S03. Set the packet's associated FIB table to T 1219 S04. Submit the packet to the egress IPv6 FIB lookup and 1220 transmission to the new destination 1221 S05. } Else if (Upper-layer Header type == 4(IPv4) ) { 1222 S06. Remove the outer IPv6 Header with all its extension headers 1223 S07. Set the packet's associated FIB table to T 1224 S08. Submit the packet to the egress IPv4 FIB lookup and 1225 transmission to the new destination 1226 S09. Else { 1227 S10. Process as per Section 4.1.1 1228 S11. } 1230 End.X: 1231 S01. If (Upper-layer Header type == 41(IPv6) || 1232 Upper-layer Header type == 4(IPv4) ) { 1233 S02. Remove the outer IPv6 Header with all its extension headers 1234 S03. Forward the exposed IP packet to the L3 adjacency J 1235 S04. } Else { 1236 S05. Process as per Section 4.1.1 1237 S06. } 1239 One of the applications of the USD flavor is the case of TI-LFA in P 1240 routers with encapsulation. The USD flavor allows the last Segment 1241 Endpoint Node in the repair path list to decapsulate the IPv6 header 1242 added at the TI-LFA Point of Local Repair and forward the inner 1243 packet. 1245 5. SR Policy Headend Behaviors 1247 This section describes a set of SR Policy Headend behaviors. 1249 H.Encaps SR Headend Behavior with Encapsulation in an SR Policy 1250 H.Encaps.Red H.Encaps with Reduced Encapsulation 1251 H.Encaps.L2 H.Encaps Applied to Received L2 Frames 1252 H.Encaps.L2.Red H.Encaps.Red Applied to Received L2 Frames 1254 This list is not exhaustive and future documents may define 1255 additional behaviors. 1257 5.1. H.Encaps: SR Headend with Encapsulation in an SRv6 Policy 1259 Node N receives two packets P1=(A, B2) and P2=(A,B2)(B3, B2, B1; 1260 SL=1). B2 is neither a local address nor SID of N. 1262 Node N is configured with an IPv6 Address T (e.g. assigned to its 1263 loopback). 1265 N steers the transit packets P1 and P2 into an SR Policy with a 1266 Source Address T and a Segment list . 1268 The H.Encaps encapsulation behavior is defined as follows: 1270 S01. Push an IPv6 header with its own SRH 1271 S02. Set outer IPv6 SA = T and outer IPv6 DA = S1 1272 S03. Set outer Payload Length, Traffic Class, Hop Limit and 1273 Flow Label fields 1274 S04. Set the outer Next-Header value 1275 S05. Decrement inner IPv6 Hop Limit or IPv4 TTL 1276 S06. Submit the packet to the IPv6 module for transmission to S1 1278 Note: 1279 S03: As described in [RFC6437] (IPv6 Flow Label Specification). 1281 After the H.Encaps behavior, P1' and P2' respectively look like: 1283 - (T, S1) (S3, S2, S1; SL=2) (A, B2) 1285 - (T, S1) (S3, S2, S1; SL=2) (A, B2) (B3, B2, B1; SL=1) 1287 The received packet is encapsulated unmodified (with the exception of 1288 the IPv4 TTL or IPv6 Hop Limit that is decremented as described in 1289 [RFC2473]). 1291 The H.Encaps behavior is valid for any kind of Layer-3 traffic. This 1292 behavior is commonly used for L3VPN with IPv4 and IPv6 deployments. 1293 It may be also used for TI-LFA 1294 [I-D.ietf-rtgwg-segment-routing-ti-lfa] at the point of local repair. 1296 The push of the SRH MAY be omitted when the SRv6 Policy only contains 1297 one segment and there is no need to use any flag, tag or TLV. 1299 5.2. H.Encaps.Red: H.Encaps with Reduced Encapsulation 1301 The H.Encaps.Red behavior is an optimization of the H.Encaps 1302 behavior. 1304 H.Encaps.Red reduces the length of the SRH by excluding the first SID 1305 in the SRH of the pushed IPv6 header. The first SID is only placed 1306 in the Destination Address field of the pushed IPv6 header. 1308 After the H.Encaps.Red behavior, P1' and P2' respectively look like: 1310 - (T, S1) (S3, S2; SL=2) (A, B2) 1312 - (T, S1) (S3, S2; SL=2) (A, B2) (B3, B2, B1; SL=1) 1314 The push of the SRH MAY be omitted when the SRv6 Policy only contains 1315 one segment and there is no need to use any flag, tag or TLV. 1317 5.3. H.Encaps.L2: H.Encaps Applied to Received L2 Frames 1319 The H.Encaps.L2 behavior encapsulates a received Ethernet 1320 [IEEE.802.3_2018] frame and its attached VLAN header, if present, in 1321 an IPv6 packet with an SRH. The Ethernet frame becomes the payload 1322 of the new IPv6 packet. 1324 The Next Header field of the SRH MUST be set to 143. 1326 The push of the SRH MAY be omitted when the SRv6 Policy only contains 1327 one segment and there is no need to use any flag, tag or TLV. 1329 The encapsulating node MUST remove the preamble (if any) and frame 1330 check sequence (FCS) from the Ethernet frame upon encapsulation and 1331 the decapsulating node MUST regenerate, as required, the preamble and 1332 FCS before forwarding Ethernet frame. 1334 5.4. H.Encaps.L2.Red: H.Encaps.Red Applied to Received L2 frames 1336 The H.Encaps.L2.Red behavior is an optimization of the H.Encaps.L2 1337 behavior. 1339 H.Encaps.L2.Red reduces the length of the SRH by excluding the first 1340 SID in the SRH of the pushed IPv6 header. The first SID is only 1341 places in the Destination Address field of the pushed IPv6 header. 1343 The push of the SRH MAY be omitted when the SRv6 Policy only contains 1344 one segment and there is no need to use any flag, tag or TLV. 1346 6. Counters 1348 A node supporting this document SHOULD implement a pair of traffic 1349 counters (one for packets and one for bytes) per local SID entry, for 1350 traffic that matched that SID and was processed successfully (i.e. 1351 packets which generate ICMP Error Messages or are dropped are not 1352 counted). The retrieval of these counters from MIB, NETCONF/YANG or 1353 any other data structure is outside the scope of this document. 1355 7. Flow-based Hash Computation 1357 When a flow-based selection within a set needs to be performed, the 1358 IPv6 Source Address, the IPv6 Destination Address and the IPv6 Flow 1359 Label of the outer IPv6 header MUST be included in the flow-based 1360 hash. 1362 This occurs when a FIB lookup is performed and multiple ECMP paths 1363 exist to the updated destination address. 1365 This occurs when End.X, End.DX4, or End.DX6 are bound to an array of 1366 adjacencies. 1368 This occurs when the packet is steered in an SR policy whose selected 1369 path has multiple SID lists. 1371 Additionally, any transit router in an SRv6 domain includes the outer 1372 flow label in its ECMP flow-based hash [RFC6437]. 1374 8. Control Plane 1376 In an SDN environment, one expects the controller to explicitly 1377 provision the SIDs and/or discover them as part of a service 1378 discovery function. Applications residing on top of the controller 1379 could then discover the required SIDs and combine them to form a 1380 distributed network program. 1382 The concept of "SRv6 network programming" refers to the capability 1383 for an application to encode any complex program as a set of 1384 individual functions distributed through the network. Some functions 1385 relate to underlay SLA, others to overlay/tenant, others to complex 1386 applications residing in VM and containers. 1388 While not necessary for an SDN control plane, the remainder of this 1389 section provides a high-level illustrative overview of how control- 1390 plane protocols may be involved with SRv6. Their specification is 1391 outside the scope of this document. 1393 8.1. IGP 1395 The End, End.T and End.X SIDs express topological behaviors and hence 1396 are expected to be signaled in the IGP together with the flavors PSP, 1397 USP and USD. The IGP should also advertise the maximum SRv6 SID 1398 depth (MSD) capability of the node for each type of SRv6 operation - 1399 in particular, the SR source (e.g. H.Encaps), intermediate endpoint 1400 (e.g. End, End.X) and final endpoint (e.g. End.DX4, End.DT6) 1401 behaviors. These capabilities are factored in by an SR Source Node 1402 (or a controller) during the SR Policy computation. 1404 The presence of SIDs in the IGP does not imply any routing semantics 1405 to the addresses represented by these SIDs. The routing reachability 1406 to an IPv6 address is solely governed by the non-SID-related IGP 1407 prefix reachability information that includes locators. Routing is 1408 neither governed nor influenced in any way by a SID advertisement in 1409 the IGP. 1411 These SIDs provide important topological behaviors for the IGP to 1412 build FRR solutions based on TI-LFA 1413 [I-D.ietf-rtgwg-segment-routing-ti-lfa] and for TE processes relying 1414 on IGP topology database to build SR policies. 1416 8.2. BGP-LS 1418 BGP-LS provides the functionality for topology discovery that 1419 includes the SRv6 capabilities of the nodes, their locators and 1420 locally instantiated SIDs. This enables controllers or applications 1421 to build an inter-domain topology that can be used for computation of 1422 SR Policies using the SRv6 SIDs. 1424 8.3. BGP IP/VPN/EVPN 1426 The End.DX4, End.DX6, End.DT4, End.DT6, End.DT46, End.DX2, End.DX2V, 1427 End.DT2U and End.DT2M SIDs can be signaled in BGP. 1429 In some scenarios an egress PE advertising a VPN route might wish to 1430 abstract the specific behavior bound to the SID from the ingress PE 1431 and other routers in the network. In such case, the SID may be 1432 advertised using the Opaque SRv6 Endpoint Behavior codepoint defined 1433 in Table 4. The details of such control plane signaling mechanisms 1434 are out of the scope of this document. 1436 8.4. Summary 1438 The following table summarizes behaviors for SIDs that can be 1439 signaled in which each respective control plane protocol. 1441 +-----------------------+-----+--------+-----------------+ 1442 | | IGP | BGP-LS | BGP IP/VPN/EVPN | 1443 +-----------------------+-----+--------+-----------------+ 1444 | End (PSP, USP, USD) | X | X | | 1445 | End.X (PSP, USP, USD) | X | X | | 1446 | End.T (PSP, USP, USD) | X | X | | 1447 | End.DX6 | X | X | X | 1448 | End.DX4 | X | X | X | 1449 | End.DT6 | X | X | X | 1450 | End.DT4 | X | X | X | 1451 | End.DT46 | X | X | X | 1452 | End.DX2 | | X | X | 1453 | End.DX2V | | X | X | 1454 | End.DT2U | | X | X | 1455 | End.DT2M | | X | X | 1456 | End.B6.Encaps | | X | | 1457 | End.B6.Encaps.Red | | X | | 1458 | End.B6.BM | | X | | 1459 +-----------------------+-----+--------+-----------------+ 1461 Table 1: SRv6 locally instantiated SIDs signaling 1463 The following table summarizes which SR Policy Headend capabilities 1464 are signaled in which signaling protocol. 1466 +-----------------+-----+--------+-----------------+ 1467 | | IGP | BGP-LS | BGP IP/VPN/EVPN | 1468 +-----------------+-----+--------+-----------------+ 1469 | H.Encaps | X | X | | 1470 | H.Encaps.Red | X | X | | 1471 | H.Encaps.L2 | | X | | 1472 | H.Encaps.L2.Red | | X | | 1473 +-----------------+-----+--------+-----------------+ 1475 Table 2: SRv6 Policy Headend behaviors signaling 1477 The previous table describes generic capabilities. It does not 1478 describe specific instantiated SR policies. 1480 For example, a BGP-LS advertisement of H.Encaps behavior would 1481 describe the capability of node N to perform a H.Encaps behavior. 1482 Specifically, it would describe how many SIDs could be pushed by N 1483 without significant performance degradation. 1485 As a reminder, an SR policy is always assigned a Binding SID 1486 [RFC8402]. BSIDs are also advertised in BGP-LS as shown in Table 1. 1488 Hence, the Table 2 only focuses on the generic capabilities related 1489 to H.Encaps. 1491 9. Security Considerations 1493 The security considerations for Segment Routing are discussed in 1494 [RFC8402]. Section 5 of [RFC8754] describes the SR Deployment Model 1495 and the requirements for securing the SR Domain. The security 1496 considerations of [RFC8754] also cover topics such as attack vectors 1497 and their mitigation mechanisms that also apply the behaviors 1498 introduced in this document. Together, they describe the required 1499 security mechanisms that allow establishment of an SR domain of 1500 trust. Having such a well-defined trust boundary is necessary in 1501 order to operate SRv6-based services for internal traffic while 1502 preventing any external traffic from accessing or exploiting the 1503 SRv6-based services. Care and rigor in IPv6 address allocation for 1504 use for SRv6 SID allocations and network infrastructure addresses, as 1505 distinct from IPv6 addresses allocated for end-users/systems (as 1506 illustrated in Section 5.1 of [RFC8754]), can provide the clear 1507 distinction between internal and external address space that is 1508 required to maintain the integrity and security of the SRv6 Domain. 1509 Additionally, [RFC8754] defines an HMAC TLV permitting SR Endpoint 1510 Nodes in the SR domain to verify that the SRH applied to a packet was 1511 selected by an authorized party and to ensure that the segment list 1512 is not modified after generation, regardless of the number of 1513 segments in the segment list. When enabled by local configuration, 1514 HMAC processing occurs at the beginning of SRH processing as defined 1515 in [RFC8754] Section 2.1.2.1 . 1517 This document introduces SRv6 Endpoint and SR Policy Headend 1518 behaviors for implementation on SRv6 capable nodes in the network. 1519 The headend policy definition should be consistent with the specific 1520 behavior used and any local configuration (as specified in 1521 Section 4.1.1). As such, this document does not introduce any new 1522 security considerations. 1524 10. IANA Considerations 1526 10.1. Ethernet Next Header Type 1528 This document requests IANA to allocate, in the "Protocol Numbers" 1529 registry (https://www.iana.org/assignments/protocol-numbers/protocol- 1530 numbers.xhtml), a new value for "Ethernet" with the following 1531 definition: The value 143 in the Next Header field of an IPv6 header 1532 or any extension header indicates that the payload is an Ethernet 1533 frame [IEEE.802.3_2018]. 1535 IANA has done a temporary allocation of Protocol Number 143. 1537 10.2. SRv6 Endpoint Behaviors Registry 1539 This document requests IANA to create a new top-level registry called 1540 "Segment Routing Parameters". This registry is being defined to 1541 serve as a top-level registry for keeping all other Segment Routing 1542 sub-registries. 1544 Additionally, a new sub-registry "SRv6 Endpoint Behaviors" is to be 1545 created under top-level "Segment Routing Parameters" registry. This 1546 sub-registry maintains 16-bit identifiers for the SRv6 Endpoint 1547 behaviors. This registry is established to provide consistency for 1548 control plane protocols which need to refer to these behaviors. 1549 These values are not encoded in the function bits within a SID. 1551 The range of the registry is 0-65535 (0x0000 - 0xFFFF) and has the 1552 following registration rules and allocation policies: 1554 +-------------+---------------+----------------------+--------------+ 1555 | Range | Hex | Registration | Notes | 1556 | | | procedure | | 1557 +-------------+---------------+----------------------+--------------+ 1558 | 0 | 0x0000 | Reserved | Not to be | 1559 | | | | allocated | 1560 | 1-32767 | 0x0001-0x7FFF | First Come First | | 1561 | | | Served [RFC8126] | | 1562 | 32768-34815 | 0x8000-0x87FF | Private Use | | 1563 | | | [RFC8126] | | 1564 | 34816-65534 | 0x8800-0xFFFE | Reserved | | 1565 | 65535 | 0xFFFF | Reserved | Opaque | 1566 +-------------+---------------+----------------------+--------------+ 1568 Table 3: SRv6 Endpoint Behaviors Registry 1570 10.2.1. Initial Registrations 1572 The initial registrations for the sub-registry are as follows: 1574 +-------------+--------+-------------------------+------------------+ 1575 | Value | Hex | Endpoint behavior | Reference | 1576 +-------------+--------+-------------------------+------------------+ 1577 | 0 | 0x0000 | Reserved | Not to be | 1578 | | | | allocated | 1579 | 1 | 0x0001 | End | [This.ID] | 1580 | 2 | 0x0002 | End with PSP | [This.ID] | 1581 | 3 | 0x0003 | End with USP | [This.ID] | 1582 | 4 | 0x0004 | End with PSP&USP | [This.ID] | 1583 | 5 | 0x0005 | End.X | [This.ID] | 1584 | 6 | 0x0006 | End.X with PSP | [This.ID] | 1585 | 7 | 0x0007 | End.X with USP | [This.ID] | 1586 | 8 | 0x0008 | End.X with PSP&USP | [This.ID] | 1587 | 9 | 0x0009 | End.T | [This.ID] | 1588 | 10 | 0x000A | End.T with PSP | [This.ID] | 1589 | 11 | 0x000B | End.T with USP | [This.ID] | 1590 | 12 | 0x000C | End.T with PSP&USP | [This.ID] | 1591 | 14 | 0x000E | End.B6.Encaps | [This.ID] | 1592 | 15 | 0x000F | End.BM | [This.ID] | 1593 | 16 | 0x0010 | End.DX6 | [This.ID] | 1594 | 17 | 0x0011 | End.DX4 | [This.ID] | 1595 | 18 | 0x0012 | End.DT6 | [This.ID] | 1596 | 19 | 0x0013 | End.DT4 | [This.ID] | 1597 | 20 | 0x0014 | End.DT46 | [This.ID] | 1598 | 21 | 0x0015 | End.DX2 | [This.ID] | 1599 | 22 | 0x0016 | End.DX2V | [This.ID] | 1600 | 23 | 0x0017 | End.DT2U | [This.ID] | 1601 | 24 | 0x0018 | End.DT2M | [This.ID] | 1602 | 25 | 0x0019 | Reserved | [This.ID] | 1603 | 27 | 0x001B | End.B6.Encaps.Red | [This.ID] | 1604 | 28 | 0x001C | End with USD | [This.ID] | 1605 | 29 | 0x001D | End with PSP&USD | [This.ID] | 1606 | 30 | 0x001E | End with USP&USD | [This.ID] | 1607 | 31 | 0x001F | End with PSP, USP & USD | [This.ID] | 1608 | 32 | 0x0020 | End.X with USD | [This.ID] | 1609 | 33 | 0x0021 | End.X with PSP&USD | [This.ID] | 1610 | 34 | 0x0022 | End.X with USP&USD | [This.ID] | 1611 | 35 | 0x0023 | End.X with PSP, USP & | [This.ID] | 1612 | | | USD | | 1613 | 36 | 0x0024 | End.T with USD | [This.ID] | 1614 | 37 | 0x0025 | End.T with PSP&USD | [This.ID] | 1615 | 38 | 0x0026 | End.T with USP&USD | [This.ID] | 1616 | 39 | 0x0027 | End.T with PSP, USP & | [This.ID] | 1617 | | | USD | | 1618 | 40-32766 | | Unassigned | | 1619 | 32767 | 0x7FFF | The SID defined in | [This.ID] | 1620 | | | RFC8754 | [RFC8754] | 1621 | 32768-65534 | | Reserved | | 1622 | 65535 | 0xFFFF | Opaque | [This.ID] | 1623 +-------------+--------+-------------------------+------------------+ 1625 Table 4: IETF - SRv6 Endpoint Behaviors 1627 11. Acknowledgements 1629 The authors would like to acknowledge Stefano Previdi, Dave Barach, 1630 Mark Townsley, Peter Psenak, Thierry Couture, Kris Michielsen, Paul 1631 Wells, Robert Hanzl, Dan Ye, Gaurav Dawra, Faisal Iqbal, Jaganbabu 1632 Rajamanickam, David Toscano, Asif Islam, Jianda Liu, Yunpeng Zhang, 1633 Jiaoming Li, Narendra A.K, Mike Mc Gourty, Bhupendra Yadav, Sherif 1634 Toulan, Satish Damodaran, John Bettink, Kishore Nandyala Veera Venk, 1635 Jisu Bhattacharya, Saleem Hafeez and Brian Carpenter. 1637 12. Contributors 1639 Daniel Bernier 1640 Bell Canada 1641 Canada 1643 Email: daniel.bernier@bell.ca 1645 Dirk Steinberg 1646 Lapishills Consulting Limited 1647 Cyprus 1649 Email: dirk@lapishills.com 1651 Robert Raszuk 1652 Bloomberg LP 1653 United States of America 1655 Email: robert@raszuk.net 1657 Bruno Decraene 1658 Orange 1659 France 1661 Email: bruno.decraene@orange.com 1663 Bart Peirens 1664 Proximus 1665 Belgium 1667 Email: bart.peirens@proximus.com 1669 Hani Elmalky 1670 Google 1671 United States of America 1673 Email: helmalky@google.com 1675 Prem Jonnalagadda 1676 Barefoot Networks 1677 United States of America 1679 Email: prem@barefootnetworks.com 1680 Milad Sharif 1681 SambaNova Systems 1682 United States of America 1684 Email: milad.sharif@sambanova.ai 1686 David Lebrun 1687 Google 1688 Belgium 1690 Email: dlebrun@google.com 1692 Stefano Salsano 1693 Universita di Roma "Tor Vergata" 1694 Italy 1696 Email: stefano.salsano@uniroma2.it 1698 Ahmed AbdelSalam 1699 Gran Sasso Science Institute 1700 Italy 1702 Email: ahmed.abdelsalam@gssi.it 1704 Gaurav Naik 1705 Drexel University 1706 United States of America 1708 Email: gn@drexel.edu 1710 Arthi Ayyangar 1711 Arrcus, Inc 1712 United States of America 1714 Email: arthi@arrcus.com 1716 Satish Mynam 1717 Arrcus, Inc 1718 United States of America 1720 Email: satishm@arrcus.com 1722 Wim Henderickx 1723 Nokia 1724 Belgium 1726 Email: wim.henderickx@nokia.com 1727 Shaowen Ma 1728 Juniper 1729 Singapore 1731 Email: mashao@juniper.net 1733 Ahmed Bashandy 1734 Individual 1735 United States of America 1737 Email: abashandy.ietf@gmail.com 1739 Francois Clad 1740 Cisco Systems, Inc. 1741 France 1743 Email: fclad@cisco.com 1745 Kamran Raza 1746 Cisco Systems, Inc. 1747 Canada 1749 Email: skraza@cisco.com 1751 Darren Dukes 1752 Cisco Systems, Inc. 1753 Canada 1755 Email: ddukes@cisco.com 1757 Patrice Brissete 1758 Cisco Systems, Inc. 1759 Canada 1761 Email: pbrisset@cisco.com 1763 Zafar Ali 1764 Cisco Systems, Inc. 1765 United States of America 1767 Email: zali@cisco.com 1769 Ketan Talaulikar 1770 Cisco Systems, Inc. 1771 India 1773 Email: ketant@cisco.com 1775 13. References 1777 13.1. Normative References 1779 [IEEE.802.3_2018] 1780 IEEE, "802.3-2018", IEEE 802.3-2018, 1781 DOI 10.1109/IEEESTD.2018.8457469, August 2018, 1782 . 1784 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1785 Requirement Levels", BCP 14, RFC 2119, 1786 DOI 10.17487/RFC2119, March 1997, 1787 . 1789 [RFC2473] Conta, A. and S. Deering, "Generic Packet Tunneling in 1790 IPv6 Specification", RFC 2473, DOI 10.17487/RFC2473, 1791 December 1998, . 1793 [RFC6437] Amante, S., Carpenter, B., Jiang, S., and J. Rajahalme, 1794 "IPv6 Flow Label Specification", RFC 6437, 1795 DOI 10.17487/RFC6437, November 2011, 1796 . 1798 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 1799 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 1800 May 2017, . 1802 [RFC8200] Deering, S. and R. Hinden, "Internet Protocol, Version 6 1803 (IPv6) Specification", STD 86, RFC 8200, 1804 DOI 10.17487/RFC8200, July 2017, 1805 . 1807 [RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L., 1808 Decraene, B., Litkowski, S., and R. Shakir, "Segment 1809 Routing Architecture", RFC 8402, DOI 10.17487/RFC8402, 1810 July 2018, . 1812 [RFC8754] Filsfils, C., Ed., Dukes, D., Ed., Previdi, S., Leddy, J., 1813 Matsushima, S., and D. Voyer, "IPv6 Segment Routing Header 1814 (SRH)", RFC 8754, DOI 10.17487/RFC8754, March 2020, 1815 . 1817 13.2. Informative References 1819 [I-D.filsfils-spring-srv6-net-pgm-illustration] 1820 Filsfils, C., Camarillo, P., Li, Z., Matsushima, S., 1821 Decraene, B., Steinberg, D., Lebrun, D., Raszuk, R., and 1822 J. Leddy, "Illustrations for SRv6 Network Programming", 1823 draft-filsfils-spring-srv6-net-pgm-illustration-03 (work 1824 in progress), September 2020. 1826 [I-D.ietf-rtgwg-segment-routing-ti-lfa] 1827 Litkowski, S., Bashandy, A., Filsfils, C., Decraene, B., 1828 Francois, P., Voyer, D., Clad, F., and P. Camarillo, 1829 "Topology Independent Fast Reroute using Segment Routing", 1830 draft-ietf-rtgwg-segment-routing-ti-lfa-04 (work in 1831 progress), August 2020. 1833 [RFC4193] Hinden, R. and B. Haberman, "Unique Local IPv6 Unicast 1834 Addresses", RFC 4193, DOI 10.17487/RFC4193, October 2005, 1835 . 1837 [RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private 1838 Networks (VPNs)", RFC 4364, DOI 10.17487/RFC4364, February 1839 2006, . 1841 [RFC4664] Andersson, L., Ed. and E. Rosen, Ed., "Framework for Layer 1842 2 Virtual Private Networks (L2VPNs)", RFC 4664, 1843 DOI 10.17487/RFC4664, September 2006, 1844 . 1846 [RFC4761] Kompella, K., Ed. and Y. Rekhter, Ed., "Virtual Private 1847 LAN Service (VPLS) Using BGP for Auto-Discovery and 1848 Signaling", RFC 4761, DOI 10.17487/RFC4761, January 2007, 1849 . 1851 [RFC4762] Lasserre, M., Ed. and V. Kompella, Ed., "Virtual Private 1852 LAN Service (VPLS) Using Label Distribution Protocol (LDP) 1853 Signaling", RFC 4762, DOI 10.17487/RFC4762, January 2007, 1854 . 1856 [RFC7432] Sajassi, A., Ed., Aggarwal, R., Bitar, N., Isaac, A., 1857 Uttaro, J., Drake, J., and W. Henderickx, "BGP MPLS-Based 1858 Ethernet VPN", RFC 7432, DOI 10.17487/RFC7432, February 1859 2015, . 1861 [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for 1862 Writing an IANA Considerations Section in RFCs", BCP 26, 1863 RFC 8126, DOI 10.17487/RFC8126, June 2017, 1864 . 1866 [RFC8214] Boutros, S., Sajassi, A., Salam, S., Drake, J., and J. 1867 Rabadan, "Virtual Private Wire Service Support in Ethernet 1868 VPN", RFC 8214, DOI 10.17487/RFC8214, August 2017, 1869 . 1871 [RFC8317] Sajassi, A., Ed., Salam, S., Drake, J., Uttaro, J., 1872 Boutros, S., and J. Rabadan, "Ethernet-Tree (E-Tree) 1873 Support in Ethernet VPN (EVPN) and Provider Backbone 1874 Bridging EVPN (PBB-EVPN)", RFC 8317, DOI 10.17487/RFC8317, 1875 January 2018, . 1877 Authors' Addresses 1879 Clarence Filsfils (editor) 1880 Cisco Systems, Inc. 1881 Belgium 1883 Email: cf@cisco.com 1885 Pablo Camarillo Garvia (editor) 1886 Cisco Systems, Inc. 1887 Spain 1889 Email: pcamaril@cisco.com 1891 John Leddy 1892 Individual Contributor 1893 United States of America 1895 Email: john@leddy.net 1897 Daniel Voyer 1898 Bell Canada 1899 Canada 1901 Email: daniel.voyer@bell.ca 1903 Satoru Matsushima 1904 SoftBank 1905 1-9-1,Higashi-Shimbashi,Minato-Ku 1906 Tokyo 105-7322 1907 Japan 1909 Email: satoru.matsushima@g.softbank.co.jp 1910 Zhenbin Li 1911 Huawei Technologies 1912 China 1914 Email: lizhenbin@huawei.com