SR Policy Extensions for Path Segment and Bidirectional Path

Segment routing (SR) is a source routing paradigm that explicitly indicates the forwarding path for packets at the ingress node. The ingress node steers packets into a specific path according to the Segment Routing Policy ( SR Policy) as defined in . For distributing SR policies to the headend, specifies a mechanism by using BGP, and new Sub-TLVs are defined for SR Policies in BGP UPDATE message. In many use cases such as performance measurement, the path to which the packets belong is required to be identified. In some scenarios, (e.g., Mobile backhaul transport networks), there are Requirements to support bidirectional path. However, there is no path identification information for each Segment List in the SR Policies defined in . Also, the SR Policies defined in only supports unidirectional SR paths. Therefore, this document defines the extension to SR policies that carry Path Segment in the Segment List and support bidirectional path. The Path Segment can be a Path Segment in SR-MPLS and SRv6 , or other IDs that can identify a path. Also, this document defines extensions to BGP to distribute SR policies carrying Path Segment and bidirectional path information.

This document makes use of the terms defined in and . Some terms are listed below for reference. SR: Segment Routing. SR-MPLS: Segment Routing over MPLS data plane. SRv6: Segment Routing over IPv6 data plane. PSID: Path Segment Identifier. SRPM: SR Policy Module .

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here.

As defined in , the SR Policy encoding structure is as follows:

Attributes: Tunnel Encaps Attribute (23) Tunnel Type: SR Policy Binding SID Preference Priority Policy Name Explicit NULL Label Policy (ENLP) Segment List Weight Segment Segment ... ... ]]> An SR path can be specified by an Segment List Sub-TLV that contains a set of segment Sub-TLVs and other Sub-TLVs as shown above. As defined in , a candidate path includes multiple SR paths specified by SID list. The Path Segment can be used for identifying an SR path (specified by SID list) from the headend and the tailend. Also, it can be used for identifying an SR candidate path in some use cases if needed. This document defines a new Path Segment Sub-TLV within Segment List Sub-TLV, the details will be described at section 3.1. The new SR Policy encoding structure with Path Segment Sub-TLV is expressed as below:

Attributes: Tunnel Encaps Attribute (23) Tunnel Type: SR Policy Binding SID Preference Priority Policy Name Explicit NULL Label Policy (ENLP) Segment List Weight Path Segment Segment Segment ... Segment List Weight Path Segment Segment Segment ... ... ]]> The Path Segment is used to identified an SR path, and it can be used in OAM or IOAM use cases. When all the SID Lists within a candidate path share the same Path Segment ID, the Path Segment can be used to collect the aggregated information of the candidate path. Multiple Path Segment MAY be included in a Segment List for different use cases. In SR-MPLS, one, or some or all of them MAY be inserted into the SID List as the requirement of the use case. However, in SRv6, only one Path Segment ID can be encoded in a SRH. Therefore, an implementation MUST decide how to choose a Path Segment ID from the multiple Path Segment IDs. In order to simplify the implementation, this document suggests to encode only one Path Segment Sub-TLV for a segment list, while the rest Path Segment SHOULD be ignored.

This section defines an SR Path Segment Sub-TLV. An SR Path Segment Sub-TLV is included in the segment list Sub-TLV to identify an SID list. It has the following format:

Where: Type (TBA1): SR Path Segment Sub-TLV (to be assigned by IANA). Length: the total length of the value field not including Type and Length fields. Flags: 8 bits of flags. Following flags are defined:

L-Flag: Local flag. Set when the Path Segment has local significance on an SR node. B-Flag: This flag, when set, indicates the presence of the SRv6 Endpoint Behavior and SID Structure encoding specified in Section 2.4.4.2.4. of . It MUST be ignored when the value of length field is smaller than 18. The rest bits of Flag are reserved and MUST be set to 0 on transmission and MUST be ignored on receipt. Path Segment ID: if the length is 2, then no Path Segment ID is present. If the length is 6 then the Path Segment ID is encoded in 4 octets using the format below. TC, S, TTL (Total of 12 bits) are RESERVED and SHOULD be set to zero and MUST be ignored.

If the length is 18 then the Path Segment ID contains a 16-octet SRv6 Path Segment ID . If the length is larger than 18 and B-flag is set, then SRv6 Endpoint Behavior and SID Structure TLVs is included as per Section 2.4.4.2.4. of .

In some scenariose, for example, mobile backhaul transport network, there are requirements to support bidirectional path. In SR, a bidirectional path can be represented as a binding of two unidirectional SR paths. This document also defines a Reverse Segment List Sub-TLV to describe the reverse path associated with the forward path specified by the Segment List. An SR policy carrying SR bidirectional path information is expressed as below:

A Reverse Path Segment List Sub-TLV is defined to specify an SR reverse path associated with the path specified by the Segment List, and it has the following format:

where: Type (TBA2): Reverse Path Segment List Sub-TLV (to be assigned by IANA). Length: the total length of the Sub-TLVs encoded within the Reverse Path Segment List Sub-TLV not including the Type and Length fields. RESERVED: 1 octet of reserved bits. SHOULD be unset on transmission and MUST be ignored on receipt. Sub-TLVs, reuse the Sub-TLVs in Segment List defined in and . One or more mandatory SR Path Segment Sub-TLVs that contains the Path Segments of the reverse SR path. One or more Segment Sub-TLVs to specify the reverse SR path. The Segment sub-TLVs in the Reverse Path Segment List sub-TLV provides the information of the reverse SR path. This Reverse Path Segment list can be used for directing egress BFD peer to use specific path for the reverse direction of the BFD session or other applications.

The document defines a new Sub-TLV under the extensions for SR policy defined in , therefore, the description of operations defined in , can apply to this document directly, including advertisement of SR policies and reception of SR policy NLRI. Typically but not limit to, the unidirectional or bidirectional SR policies carrying path identification infomation are configured by a controller. After configuration, the unidirectional or bidirectional SR policies carrying path identification infomation will be advertised by BGP update messages. The operation of advertisement this SR policy is the same as defined in , as well as the reception. The consumer of the unidirectional or bidirectional SR policies is not the BGP process, it can be any applications, such as performance measurement . The operation of sending information to consumers is out of scope of this document.

The document defines a new Sub-TLV under the extensions for SR policy defined in , therefore, the error handling defined in can apply to this document. Also, the error handling as defined in applies to new Sub-TLVs as well as SAFI context, therefore, the error handling in also applies to this document. Specifically, a BGP Speaker MUST perform Syntax validation of the Tunnel Encapsulation Attribute following the error handling defined in and . In addition, a BGP Speaker MUST perform Syntax validation of the new Path Segment Sub-TLV to determine if it is malformed. This includes the validation of the length of the Sub-TLV and the range of the value fileds. If any validation check fails, the Update message MUST be handle as 'Treat-as-withdraw' In addition, the validation of the individual fields of the TLVs/Sub-TLVs of the associated segment list are beyond the scope of BGP as they are handled by the SR Policy Module as described in the individual TLV/Sub-TLV sub-sections. Therefore this part is out of the scope of this document. A BGP implementation MUST NOT perform semantic verification of such fields nor consider the SR Policy update to be invalid or not usable based on such validation. An implementation SHOULD log any errors found during the above validation for further analysis .

This document defines new Sub-TLVs in following registries:

This document defines new Sub-TLVs in the registry "SR Policy List Sub-TLVs" to be assigned by IANA:

Similar to , the security mechanisms of the base BGP security model apply to the extensions described in this document. Also, the new security considerations defined in also apply to this document. The Path Segment extension is included in the SR Policy extension , so it does not introduce extra security problems comparing the existing SR policy entension. The Path Segment information is critical to the path, and a wrong Path Segment ID may cause unexpected forwarding actions and results. An implementation needs to make sure that the value of Path Segment ID is correct to avoid unexpected forwarding actions and results, especially in an SR-MPLS network. In addition, the Path Segment information distribution from a controller to an ingress router has to be protected. The security considereations in apply to this distribution procedure.

Many thanks to Shraddha Hedge, Susan Hares for their detailed reviews and professional comments.