idnits 2.17.1 draft-pzm-bess-spring-interdomain-vpn-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document doesn't use any RFC 2119 keywords, yet seems to have RFC 2119 boilerplate text. -- The document date (August 14, 2020) is 1341 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-15) exists of draft-ietf-bess-srv6-services-04 == Outdated reference: A later version (-28) exists of draft-ietf-spring-srv6-network-programming-17 == Outdated reference: A later version (-14) exists of draft-agrawal-spring-srv6-mpls-interworking-02 Summary: 0 errors (**), 0 flaws (~~), 5 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 BESS WG Z. Zhang 3 Internet-Draft S. Peng 4 Intended status: Standards Track G. Mirsky 5 Expires: February 15, 2021 Y. Wang 6 ZTE Corporation 7 August 14, 2020 9 SRv6 and MPLS interworking for VPN service 10 draft-pzm-bess-spring-interdomain-vpn-02 12 Abstract 14 This document describes a method to achieve an inter-domain 15 connection for a VPN (Virtual Private Network) service. 17 Status of This Memo 19 This Internet-Draft is submitted in full conformance with the 20 provisions of BCP 78 and BCP 79. 22 Internet-Drafts are working documents of the Internet Engineering 23 Task Force (IETF). Note that other groups may also distribute 24 working documents as Internet-Drafts. The list of current Internet- 25 Drafts is at https://datatracker.ietf.org/drafts/current/. 27 Internet-Drafts are draft documents valid for a maximum of six months 28 and may be updated, replaced, or obsoleted by other documents at any 29 time. It is inappropriate to use Internet-Drafts as reference 30 material or to cite them other than as "work in progress." 32 This Internet-Draft will expire on February 15, 2021. 34 Copyright Notice 36 Copyright (c) 2020 IETF Trust and the persons identified as the 37 document authors. All rights reserved. 39 This document is subject to BCP 78 and the IETF Trust's Legal 40 Provisions Relating to IETF Documents 41 (https://trustee.ietf.org/license-info) in effect on the date of 42 publication of this document. Please review these documents 43 carefully, as they describe your rights and restrictions with respect 44 to this document. Code Components extracted from this document must 45 include Simplified BSD License text as described in Section 4.e of 46 the Trust Legal Provisions and are provided without warranty as 47 described in the Simplified BSD License. 49 Table of Contents 51 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 52 2. Conventions used in this document . . . . . . . . . . . . . . 2 53 2.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 2 54 2.2. Requirements Language . . . . . . . . . . . . . . . . . . 3 55 3. Theory of operation . . . . . . . . . . . . . . . . . . . . . 3 56 3.1. SRv6 to SR-MPLS domain signaling . . . . . . . . . . . . 3 57 3.2. SR-MPLS to SRv6 domain signaling . . . . . . . . . . . . 4 58 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 59 5. Security Considerations . . . . . . . . . . . . . . . . . . . 5 60 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 5 61 6.1. Normative References . . . . . . . . . . . . . . . . . . 5 62 6.2. Informative References . . . . . . . . . . . . . . . . . 6 63 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 6 65 1. Introduction 67 [I-D.agrawal-spring-srv6-mpls-interworking] describes SRv6 and MPLS/ 68 SR-MPLS interworking and co-existence procedures. The document 69 leverages the function defined in 70 [I-D.ietf-spring-srv6-network-programming] to give guidance to the 71 forwarding in routers. 73 [RFC4364] describes a method by which a Service Provider may use an 74 IP backbone to provide IP Virtual Private Networks (VPNs) for its 75 customers. When SRv6 and SR-MPLS are co-existed in the backbone, 76 controller or a control plane, for example, using BGP, should be used 77 to instantiate the VPN service as described in 78 [I-D.agrawal-spring-srv6-mpls-interworking]. 80 In case of option B inter-domain interconnection [RFC4364], only ASBR 81 needs to do the stitching work between two ASes. Thus PEs in SRv6 82 and SR-MPLS domains do not have to support both SRv6 and SR-MPLS 83 functions. This document discusses the use of BGP for achieving VPN 84 service through option B defined in [RFC4364] across a backbone that 85 includes SRv6 and SR-MPLS domains. 87 2. Conventions used in this document 89 2.1. Terminology 91 ASBR - Autonomous System Boundary Router 93 PE - Provider's Equipment 95 AS - Autonomous System 96 SR - Segment Routing 98 SRv6 - Segment Routing over IPv6 data plane 100 SR-MPLS - Segment Routing over MPLS data plane 102 SID - Segment Identifier 104 IMET - Inclusive Multicast Ethernet Tag 106 2.2. Requirements Language 108 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 109 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 110 "OPTIONAL" in this document are to be interpreted as described in BCP 111 14 [RFC2119] [RFC8174] when, and only when, they appear in all 112 capitals, as shown here. 114 3. Theory of operation 116 3.1. SRv6 to SR-MPLS domain signaling 118 [I-D.ietf-bess-srv6-services] defines the new TLVs for the BGP 119 Prefix-SID Attribute that can be used to signaling of SRv6 SID for L3 120 and L2 services. In this document, we use L3 case as the example, 121 for the SRv6 SID without any arguments, the procedures for L2 are the 122 same as in L3 scenario. 124 We use Inclusive Multicast Ethernet Tag (IMET) routes as the example 125 for the SRv6 SIDs with arguments. 127 +-------------+ +-------------+ 128 | AS1 | | AS2 | 129 | | | | 130 CE1+----+PE1 ASBR1+---+ASBR2 PE2+----+CE2 131 | | | | 132 | SRV6 | | SR-MPLS | 133 +-------------+ +-------------+ 134 Figure 1 136 For example, CE1 and CE2 are connected through a backbone that 137 includes AS1 and AS2. AS1 supports SRv6 only, and AS2 supports SR- 138 MPLS only. ASBR1 supports both SRv6 and SR-MPLS capabilities, but 139 ASBR2 supports SR-MPLS capability only. 141 For a prefix advertised by CE1 to PE1, PE1 assigns SID with End.DT4 142 (or End.DT6/DT46) defined in 143 [I-D.ietf-spring-srv6-network-programming] section 4 (e.g., End.DT4 144 is used while the prefix is IPv4 prefix, End.DT6 is used while the 145 prefix is IPv6 prefix), and advertises it to ASBR1. Because ASBR2 146 supports SR-MPLS function only, the SRv6 SID advertised by ASBR1 147 cannot be executed by ASBR2. 149 ASBR1 uses specific execution function that is different from the 150 function used in a single SRv6 domain or a single SR-MPLS domain. In 151 this situation, ASBR1 assigns an MPLS label for the prefix or IMET 152 routes received from PE1 and advertises it to ASBR2. The MPLS label 153 has local significance that indicates this packet is associated with 154 an SRv6 SID list which leads the packet from ASBR1 to PE1. The 155 advertisement is the same as the format in [RFC4364] and [RFC4659] 156 for L3VPN, and [I-D.heitz-bess-evpn-option-b] for EVPN. 158 When a data flow packet which has the destination to CE1 is received 159 by ASBR1, ASBR1 recognizes the MPLS label, removes the recognized 160 label and adds an SRH to the packet, then forwards it to PE1. Note 161 that the SRH is needed when the packet continues to enter an outer 162 SRv6 policy from headend ASBR1 to endpoint PE1, otherwise only an 163 IPv6 header without SRH is encapsulated. 165 When the recognized label is assigned to an IMET route, and the 166 Argument Length of the SRv6 SID Structure Sub-Sub-TLV of the IMET 167 route is not zero, the value of the label immediately after the 168 recognized label is assigned to the argument part of the innermost 169 SRv6 SID of the SRH before ASRB1 forwards it to PE1. 171 3.2. SR-MPLS to SRv6 domain signaling 173 In the same example, PE2 advertises a prefix received from CE2 or an 174 IMET route with assigned VPN label to ASBR2 according to [RFC4364], 175 [RFC4659] and [I-D.heitz-bess-evpn-option-b], ASBR2 continues to 176 assigns new label for the route and advertises it to ASBR1. When 177 ASBR1 receives the UPDATE and continues to advertise the route to 178 PE1, ASBR1 should assign an SRv6 VPN service SID for it. The SID 179 indicates the new execution function (e.g., END.RM, it indicates that 180 MPLS should replace the SRH) for exchanging the packet header from 181 SRH to MPLS list. The new function format is like the defination in 182 [I-D.ietf-spring-srv6-network-programming] section 4. 184 When a data flow packet, which has the destination to CE2, is 185 received by ASBR1, ASBR1 recognizes the SRv6 SID, removes the outer 186 IPv6 header and SRH, then adds a or a list of MPLS label in the 187 packet, and forwards it to PE2. Note that the label stack is needed 188 when the packet continues to enter an outer MPLS tunnel from ingress 189 ASBR2 to egress PE2, otherwise only a single VPN label is 190 encapsulated and the outer tunnel maybe a directly connected link. 192 Note that an END.RM SID may have non-zero argument length. When the 193 SRv6 SID's argument length is not zero, the value of the argument 194 part is translated into an extra-label in the list. for example, the 195 extra-label is an ESI-label in IMET route cases. 197 4. IANA Considerations 199 IANA is requested to allocate a new code points for the new SRv6 200 Endpoint Behaviors defined in this document. 202 +------+-------------+---------------+ 203 | Type | Description | Reference | 204 +------+-------------+---------------+ 205 | TBD1 | END.RM | This Document | 206 +------+-------------+---------------+ 208 Table 1 210 5. Security Considerations 212 This document introduces no new security consideration beyond those 213 already specified in [RFC4364], [I-D.ietf-idr-bgp-prefix-sid], 214 [I-D.ietf-spring-srv6-network-programming], 215 [I-D.ietf-bess-srv6-services] and 216 [I-D.agrawal-spring-srv6-mpls-interworking]. 218 6. References 220 6.1. Normative References 222 [I-D.heitz-bess-evpn-option-b] 223 Heitz, J., Sajassi, A., Drake, J., and J. Rabadan, "Multi- 224 homing and E-Tree in EVPN with Inter-AS Option B", draft- 225 heitz-bess-evpn-option-b-01 (work in progress), November 226 2017. 228 [I-D.ietf-bess-srv6-services] 229 Dawra, G., Filsfils, C., Raszuk, R., Decraene, B., Zhuang, 230 S., and J. Rabadan, "SRv6 BGP based Overlay services", 231 draft-ietf-bess-srv6-services-04 (work in progress), July 232 2020. 234 [I-D.ietf-idr-bgp-prefix-sid] 235 Previdi, S., Filsfils, C., Lindem, A., Sreekantiah, A., 236 and H. Gredler, "Segment Routing Prefix SID extensions for 237 BGP", draft-ietf-idr-bgp-prefix-sid-27 (work in progress), 238 June 2018. 240 [I-D.ietf-spring-srv6-network-programming] 241 Filsfils, C., Camarillo, P., Leddy, J., Voyer, D., 242 Matsushima, S., and Z. Li, "SRv6 Network Programming", 243 draft-ietf-spring-srv6-network-programming-17 (work in 244 progress), August 2020. 246 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 247 Requirement Levels", BCP 14, RFC 2119, 248 DOI 10.17487/RFC2119, March 1997, 249 . 251 [RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private 252 Networks (VPNs)", RFC 4364, DOI 10.17487/RFC4364, February 253 2006, . 255 [RFC4659] De Clercq, J., Ooms, D., Carugi, M., and F. Le Faucheur, 256 "BGP-MPLS IP Virtual Private Network (VPN) Extension for 257 IPv6 VPN", RFC 4659, DOI 10.17487/RFC4659, September 2006, 258 . 260 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 261 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 262 May 2017, . 264 6.2. Informative References 266 [I-D.agrawal-spring-srv6-mpls-interworking] 267 Agrawal, S., Ali, Z., Filsfils, C., Voyer, D., Dawra, G., 268 and Z. Li, "SRv6 and MPLS interworking", draft-agrawal- 269 spring-srv6-mpls-interworking-02 (work in progress), 270 February 2020. 272 Authors' Addresses 274 Zheng Zhang 275 ZTE Corporation 277 Email: zhang.zheng@zte.com.cn 279 Shaofu Peng 280 ZTE Corporation 282 Email: peng.shaofu@zte.com.cn 283 Greg Mirsky 284 ZTE Corporation 286 Email: gregimirsky@gmail.com 288 Yubao Wang 289 ZTE Corporation 291 Email: wang.yubao2@zte.com.cn