idnits 2.17.1 draft-li-idr-flowspec-srv6-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There is 1 instance of too long lines in the document, the longest one being 2 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (June 8, 2020) is 1417 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Looks like a reference, but probably isn't: '0' on line 122 -- Looks like a reference, but probably isn't: '1' on line 124 == Outdated reference: A later version (-22) exists of draft-ietf-idr-flow-spec-v6-11 == Outdated reference: A later version (-27) exists of draft-ietf-idr-rfc5575bis-25 == Outdated reference: A later version (-23) exists of draft-ietf-idr-flowspec-l2vpn-15 Summary: 1 error (**), 0 flaws (~~), 4 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group Z. Li 3 Internet-Draft L. Li 4 Intended status: Standards Track Huawei 5 Expires: December 10, 2020 H. Chen 6 Futurewei 7 C. Loibl 8 Next Layer Communications 9 Y. Fan 10 Casa Systems 11 Y. Zhu 12 China Telecom 13 L. Liu 14 Fujitsu 15 X. Liu 16 Volta Networks 17 June 8, 2020 19 BGP Flow Specification for SRv6 20 draft-li-idr-flowspec-srv6-03 22 Abstract 24 This document proposes extensions to BGP Flow Specification for SRv6 25 for filtering SRv6 packets that match a sequence of conditions. 27 Requirements Language 29 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 30 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 31 document are to be interpreted as described in [RFC2119]. 33 Status of This Memo 35 This Internet-Draft is submitted in full conformance with the 36 provisions of BCP 78 and BCP 79. 38 Internet-Drafts are working documents of the Internet Engineering 39 Task Force (IETF). Note that other groups may also distribute 40 working documents as Internet-Drafts. The list of current Internet- 41 Drafts is at https://datatracker.ietf.org/drafts/current/. 43 Internet-Drafts are draft documents valid for a maximum of six months 44 and may be updated, replaced, or obsoleted by other documents at any 45 time. It is inappropriate to use Internet-Drafts as reference 46 material or to cite them other than as "work in progress." 48 This Internet-Draft will expire on December 10, 2020. 50 Copyright Notice 52 Copyright (c) 2020 IETF Trust and the persons identified as the 53 document authors. All rights reserved. 55 This document is subject to BCP 78 and the IETF Trust's Legal 56 Provisions Relating to IETF Documents 57 (https://trustee.ietf.org/license-info) in effect on the date of 58 publication of this document. Please review these documents 59 carefully, as they describe your rights and restrictions with respect 60 to this document. Code Components extracted from this document must 61 include Simplified BSD License text as described in Section 4.e of 62 the Trust Legal Provisions and are provided without warranty as 63 described in the Simplified BSD License. 65 Table of Contents 67 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 68 2. Definitions and Acronyms . . . . . . . . . . . . . . . . . . 3 69 3. The Flow Specification Encoding for SRv6 . . . . . . . . . . 4 70 3.1. Type TBD1 - Whole SID . . . . . . . . . . . . . . . . . . 4 71 3.2. Type TBD2 - Some bits of SID . . . . . . . . . . . . . . 5 72 4. Security Considerations . . . . . . . . . . . . . . . . . . . 6 73 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 74 6. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 7 75 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 76 7.1. Normative References . . . . . . . . . . . . . . . . . . 7 77 7.2. Informative References . . . . . . . . . . . . . . . . . 7 78 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8 80 1. Introduction 82 [I-D.ietf-idr-rfc5575bis] describes in details about a new BGP NLRI 83 to distribute a flow specification, which is an n-tuple comprising a 84 sequence of matching criteria that can be applied to IP traffic. 85 [I-D.ietf-idr-flow-spec-v6] extends [I-D.ietf-idr-rfc5575bis] to make 86 it also usable and applicable to IPv6 data packets. 87 [I-D.ietf-idr-flowspec-l2vpn] extends the flow-spec rules for layer 2 88 Ethernet packets. 90 Segment Routing (SR) for unicast traffic has been proposed to cope 91 with the usecases in traffic engineering, fast re-reroute, service 92 chain, etc. SR architecture can be implemented over an IPv6 data 93 plane using a new type of Segment Routing Header (SRH) 94 [I-D.ietf-6man-segment-routing-header]. SRv6 Network Programming 95 [I-D.filsfils-spring-srv6-network-programming] defines the SRv6 96 network programming concept and its most basic functions. SRv6 SID 97 may have the form of LOC:FUNCT:ARGS::. 99 LOC: Each operator is free to use the locator length it chooses. 100 Most often the LOC part of the SID is routable and leads to the node 101 which instantiates that SID. 103 FUNCT: The FUNCT part of the SID is an opaque identification of a 104 local function bound to the SID. (e.g. End: Endpoint, End.X, End.T, 105 End.DX2 etc.). 107 ARGS: A function may require additional arguments that would be 108 placed immediately after the FUNCT. 110 This document specifies two new BGP Flow Specification (FS) component 111 types to support Segment Routing over IPv6 data plane (SRv6) 112 filtering. The match field is destination address of IPv6 header, 113 but it's a SID copy from SRH rather than a traditional IPv6 address 114 (refer to Figure 1). 116 +-----------------------------+ 117 IPv6 Header| SA | DA |<--Match field of this document 118 +--------------------^--------+ 119 | 120 +--------------------|--------+ 121 | +-------------+ | +-------------------+ 122 | | Segment[0] +-------> Loc | Func | Args | 123 | +-------------+ | +-------------------+ 124 | | Segment[1] | | 125 | +-------------+ | 126 | | ... | | 127 SR Header| +-------------+ | 128 | | Segment[n] | | 129 | +-------------+ | 130 | +-------------+ | 131 | ~ Option TLV ~ | 132 | +-------------+ | 133 +-----------------------------+ 135 Figure 1: Match Field 137 2. Definitions and Acronyms 139 o FS: Flow Specification 141 o BGP-FS: Border Gateway Protocol (BGP) Flow Specification (FS) 143 o SR: Segment Routing 145 o SRH: SR Header. 147 o SRv6: IPv6 Segment Routing, SRv6 is a method of forwarding IPv6 148 packets on the network based on the concept of source routing. 150 o SID: Segment Identifier 152 o BSID: Binding SID 154 3. The Flow Specification Encoding for SRv6 156 The Flow Specification NLRI-type consists of several optional 157 components, each of which begins with a type field (1 octet) followed 158 by a variable length parameter. 13 component types are defined in 159 [I-D.ietf-idr-rfc5575bis] and [I-D.ietf-idr-flow-spec-v6] for IPv4 160 and IPv6. This document defines two new component types for SRv6. 162 3.1. Type TBD1 - Whole SID 164 Encoding: 166 Contains a list of {operator, value} pairs that are used to match the 167 SID/binding SID or a range of whole SID. 169 The operator byte is encoded as: 171 0 1 2 3 4 5 6 7 172 +---+---+---+---+---+---+---+---+ 173 | e | a | 0 | 0 | 0 |lt |gt |eq | 174 +---+---+---+---+---+---+---+---+ 176 Where: 178 e - end-of-list bit. Set in the last {op, value} pair in the 179 sequence. 181 a - AND bit. If unset, the previous term is logically ORed with the 182 current one. If set, the operation is a logical AND. It should be 183 unset in the first operator byte of a sequence. The AND operator has 184 higher priority than OR for the purposes of evaluating logical 185 expressions. 187 0 - SHOULD be set to 0 on NLRI encoding, and MUST be ignored during 188 decoding. 190 lt - less than comparison between data and value. 192 gt - greater than comparison between data and value. 194 eq - equality between data and value. 196 The bits lt, gt, and eq can be combined to match the SID or a range 197 of SID (e.g. less than SID1 and greater than SID2). 199 The value field is encoded as: 201 0 1 2 3 202 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 203 +---------------------------------------------------------------+ 204 ~ SID(128bits) ~ 205 +---------------------------------------------------------------+ 207 The format of SID is described in 208 [I-D.ietf-6man-segment-routing-header] and 209 [I-D.filsfils-spring-srv6-network-programming] 211 3.2. Type TBD2 - Some bits of SID 213 For some scenarios route policy with the whole 128 bits SID matching 214 is too long and not necessary. 215 [I-D.filsfils-spring-srv6-network-programming] defines the format of 216 SID is LOC:FUNCT:ARGS::. In some scenarios, traffic packets can just 217 match Locator, Function ID, Argument or some combinations of these 218 different fields rather than whole 128 bits SID. The new component 219 type TBD2 defined below is for matching some bits of SID. 221 Encoding: 223 Contains a list of {operator, value} pairs that are used to match 224 some bits of SID. 226 The operator byte is encoded as: 228 0 1 2 3 4 5 6 7 229 +---+---+---+---+---+---+---+---+ 230 | e | a | type |lt |gt |eq | 231 +---+---+---+---+---+---+---+---+ 233 Where: 235 e, a, lt, gt and eq: as defined in Section "Type TBD1 - Whole SID". 237 type: 239 000 : SID's LOC bits 241 001 : SID's FUNCT bits 243 010 : SID's LOC:FUNCT bits 244 011 : SID's FUNCT:ARGS bits 246 The value field is encoded below as the lengths in bits of LOC, FUNCT 247 and ARGS followed by the SID rounding up to bytes: 249 0 1 2 3 250 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 251 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 252 | LOC Length | FUNCT Length | ARGS Length | SID | 253 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 254 ~ SID(continue) ~ 255 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 257 Where: 259 LOC Length : 1-octet field indicating the length in bits of LOC in 260 SID. 262 FUNCT Length : 1-octet field indicating the length in bits of FUNCT 263 in SID. 265 ARGS Length : 1-octet field indicating the length in bits of ARGS in 266 SID. 268 SID : the SID containing LOC, FUNCT and ARGS, and rounding up to 269 bytes. 271 4. Security Considerations 273 No new security issues are introduced to the BGP protocol by this 274 specification over the security considerations in 275 [I-D.ietf-idr-rfc5575bis] and [I-D.ietf-idr-flow-spec-v6]. 277 5. IANA Considerations 279 This section complies with [RFC7153]. 281 Under "Flow Spec IPv6 Component Types" registry, IANA is requested to 282 assign the following values: 284 +-----------+-------------------+----------------+ 285 | Value | Name | Reference | 286 +-----------+-------------------+----------------+ 287 | TBD1 (15) | Whole SID | This Document | 288 +-----------+-------------------+----------------+ 289 | TBD2 (16) | Some bits of SID | This Document | 290 +-----------+-------------------+----------------+ 292 6. Acknowledgments 294 The authors would like to thank Shunwan Zhuang and Rainsword Wang for 295 their valuable suggestions and comments on this draft. 297 7. References 299 7.1. Normative References 301 [I-D.ietf-idr-flow-spec-v6] 302 Loibl, C., Raszuk, R., and S. Hares, "Dissemination of 303 Flow Specification Rules for IPv6", draft-ietf-idr-flow- 304 spec-v6-11 (work in progress), April 2020. 306 [I-D.ietf-idr-rfc5575bis] 307 Loibl, C., Hares, S., Raszuk, R., McPherson, D., and M. 308 Bacher, "Dissemination of Flow Specification Rules", 309 draft-ietf-idr-rfc5575bis-25 (work in progress), May 2020. 311 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 312 Requirement Levels", BCP 14, RFC 2119, 313 DOI 10.17487/RFC2119, March 1997, 314 . 316 [RFC7153] Rosen, E. and Y. Rekhter, "IANA Registries for BGP 317 Extended Communities", RFC 7153, DOI 10.17487/RFC7153, 318 March 2014, . 320 7.2. Informative References 322 [I-D.filsfils-spring-srv6-network-programming] 323 Filsfils, C., Camarillo, P., Leddy, J., 324 daniel.voyer@bell.ca, d., Matsushima, S., and Z. Li, "SRv6 325 Network Programming", draft-filsfils-spring-srv6-network- 326 programming-07 (work in progress), February 2019. 328 [I-D.ietf-6man-segment-routing-header] 329 Filsfils, C., Dukes, D., Previdi, S., Leddy, J., 330 Matsushima, S., and D. Voyer, "IPv6 Segment Routing Header 331 (SRH)", draft-ietf-6man-segment-routing-header-26 (work in 332 progress), October 2019. 334 [I-D.ietf-idr-flowspec-l2vpn] 335 Weiguo, H., Eastlake, D., Litkowski, S., and S. Zhuang, 336 "BGP Dissemination of L2 Flow Specification Rules", draft- 337 ietf-idr-flowspec-l2vpn-15 (work in progress), May 2020. 339 Authors' Addresses 341 Zhenbin Li 342 Huawei 343 156 Beiqing Road 344 Beijing, 100095 345 P.R. China 347 Email: lizhenbin@huawei.com 349 Lei Li 350 Huawei 351 156 Beiqing Road 352 Beijing 100095 353 P.R. China 355 Email: lily.lilei@huawei.com 357 Huaimo Chen 358 Futurewei 359 Boston, MA 360 USA 362 Email: Huaimo.chen@futurewei.com 364 Christoph Loibl 365 Next Layer Communications 366 Mariahilfer Guertel 37/7 367 Vienna 1150 368 AT 370 Email: cl@tix.at 372 Yanhe Fan 373 Casa Systems 374 USA 376 Email: yfan@casa-systems.com 377 Yongqing Zhu 378 China Telecom 379 109, West Zhongshan Road, Tianhe District 380 Guangzhou 510000 381 China 383 Email: zhuyq.gd@chinatelecom.cn 385 Lei Liu 386 Fujitsu 387 USA 389 Email: liulei.kddi@gmail.com 391 Xufeng Liu 392 Volta Networks 393 McLean, VA 394 USA 396 Email: xufeng.liu.ietf@gmail.com