idnits 2.17.00 (12 Aug 2021) /tmp/idnits40685/draft-ietf-spring-sr-replication-segment-06.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (25 October 2021) is 207 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-22) exists of draft-ietf-spring-segment-routing-policy-13 == Outdated reference: A later version (-20) exists of draft-ietf-lsr-flex-algo-17 == Outdated reference: A later version (-04) exists of draft-ietf-pim-sr-p2mp-policy-03 Summary: 0 errors (**), 0 flaws (~~), 4 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group D. Voyer, Ed. 3 Internet-Draft Bell Canada 4 Intended status: Standards Track C. Filsfils 5 Expires: 28 April 2022 R. Parekh 6 Cisco Systems, Inc. 7 H. Bidgoli 8 Nokia 9 Z. Zhang 10 Juniper Networks 11 25 October 2021 13 SR Replication Segment for Multi-point Service Delivery 14 draft-ietf-spring-sr-replication-segment-06 16 Abstract 18 This document describes the SR Replication segment for Multi-point 19 service delivery. A SR Replication segment allows a packet to be 20 replicated from a Replication Node to downstream nodes. 22 Requirements Language 24 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 25 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 26 document are to be interpreted as described in RFC 2119 [RFC2119]. 28 Status of This Memo 30 This Internet-Draft is submitted in full conformance with the 31 provisions of BCP 78 and BCP 79. 33 Internet-Drafts are working documents of the Internet Engineering 34 Task Force (IETF). Note that other groups may also distribute 35 working documents as Internet-Drafts. The list of current Internet- 36 Drafts is at https://datatracker.ietf.org/drafts/current/. 38 Internet-Drafts are draft documents valid for a maximum of six months 39 and may be updated, replaced, or obsoleted by other documents at any 40 time. It is inappropriate to use Internet-Drafts as reference 41 material or to cite them other than as "work in progress." 43 This Internet-Draft will expire on 28 April 2022. 45 Copyright Notice 47 Copyright (c) 2021 IETF Trust and the persons identified as the 48 document authors. All rights reserved. 50 This document is subject to BCP 78 and the IETF Trust's Legal 51 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 52 license-info) in effect on the date of publication of this document. 53 Please review these documents carefully, as they describe your rights 54 and restrictions with respect to this document. Code Components 55 extracted from this document must include Simplified BSD License text 56 as described in Section 4.e of the Trust Legal Provisions and are 57 provided without warranty as described in the Simplified BSD License. 59 Table of Contents 61 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 62 2. Replication Segment . . . . . . . . . . . . . . . . . . . . . 3 63 2.1. SR-MPLS data plane . . . . . . . . . . . . . . . . . . . 4 64 2.2. SRv6 data plane . . . . . . . . . . . . . . . . . . . . . 5 65 3. Use Cases . . . . . . . . . . . . . . . . . . . . . . . . . . 5 66 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 67 5. Security Considerations . . . . . . . . . . . . . . . . . . . 6 68 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 6 69 7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 6 70 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 71 8.1. Normative References . . . . . . . . . . . . . . . . . . 7 72 8.2. Informative References . . . . . . . . . . . . . . . . . 8 73 Appendix A. Illustration of a Replication Segment . . . . . . . 8 74 A.1. SR-MPLS . . . . . . . . . . . . . . . . . . . . . . . . . 9 75 A.2. SRv6 . . . . . . . . . . . . . . . . . . . . . . . . . . 10 76 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 13 78 1. Introduction 80 We define a new type of segment for Segment Routing [RFC8402], called 81 Replication segment, which allows a node (henceforth called as 82 Replication Node) to replicate packets to a set of other nodes 83 (called Downstream Nodes) in a Segment Routing Domain. Replication 84 segments provide building blocks for Point-to-Multipoint Service 85 delivery via SR Point-to-Multipoint (SR P2MP) policy. A Replication 86 segment can replicate packet to directly connected nodes or to 87 downstream nodes (without need for state on the transit routers). 88 This document focuses on the Replication segment building block. The 89 use of one or more stitched Replication segments constructed for SR 90 P2MP Policy tree is specified in [I-D.ietf-pim-sr-p2mp-policy]. 92 2. Replication Segment 94 In a Segment Routing Domain, a Replication segment is a logical 95 construct which connects a Replication Node to a set of Downstream 96 Nodes. A Replication segment is a local segment instantiated at a 97 Replication node. It can be either provisioned locally on a node or 98 programmed by a PCE. Replication segments apply equally to both SR- 99 MPLS and SRv6 instantiations of Segment Routing. 101 A Replication segment is identified by the tuple , where: 104 * Replication-ID: An identifier for a Replication segment that is 105 unique in context of the Replication Node. 107 * Node-ID: The address of the Replication Node that the Replication 108 segment is for. Note that the root of a multi-point service is 109 also a Replication Node. 111 In simplest case, Replication-ID can be a 32-bit number, but it can 112 be extended or modified as required based on specific use of a 113 Replication segment. When the PCE signals a Replication segment to 114 its node, the tuple identifies the segment. 115 Examples of such signaling and extension are described in 116 [I-D.ietf-pim-sr-p2mp-policy]. 118 A Replication segment includes the following elements: 120 * Replication SID: The Segment Identifier of a Replication segment. 121 This is a SR-MPLS label or a SRv6 SID [RFC8402]. 123 * Downstream Nodes: Set of nodes in Segment Routing domain to which 124 a packet is replicated by the Replication segment. 126 * Replication State: See below. 128 The Downstream Nodes and Replication State of a Replication segment 129 can change over time, depending on the network state and leaf nodes 130 of a multi-point service that the segment is part of. 132 Replication SID identifies the Replication segment in the forwarding 133 plane. At a Replication node, the Replication SID is the equivalent 134 of Binding SID [I-D.ietf-spring-segment-routing-policy] of a Segment 135 Routing Policy. 137 Replication State is a list of replication branches to the Downstream 138 Nodes. In this document, each branch is abstracted to a tuple. 141 In a branch tuple, represents the reachability from 142 the Replication Node to the Downstream Node. In its simplest form, 143 this MAY be specified as an interface or nexthop if downstream node 144 is adjacent to the Replication Node. The reachability may be 145 specified in terms of Flex-Algo path (including the default algo) 146 [I-D.ietf-lsr-flex-algo], or specified by an SR explicit path 147 represented either by a SID-list (of one or more SIDs) or by a 148 Segment Routing Policy [I-D.ietf-spring-segment-routing-policy]. 150 A packet is steered into a Replication segment at a Replication Node 151 in two ways: 153 * When the Active Segment [RFC8402] is a locally instantiated 154 Replication SID 156 * By the root of a multi-point service based on local configuration 157 outside the scope of this document. 159 In either case, the packet is replicated to each Downstream node in 160 the associated Replication state. 162 If a Downstream Node is an egress (aka leaf) of the multi-point 163 service, i.e. no further replication is needed, then that leaf node's 164 Replication segment will not have any Replication State and the 165 operation is NEXT. At an egress node, the Replication SID MAY be 166 used to identify that portion of the multi-point service. Notice 167 that the segment on the leaf node is still referred to as a 168 Replication segment for the purpose of generalization. 170 A node can be a bud node, i.e. it is a Replication Node and a leaf 171 node of a multi-point service at the same time 172 [I-D.ietf-pim-sr-p2mp-policy]. 174 2.1. SR-MPLS data plane 176 When the Active Segment is a Replication SID, the processing results 177 in a POP operation and lookup of the associated Replication state. 178 For each replication in the Replication state, the operation is a 179 PUSH of the downstream Replication SID and an optional segment list 180 on to the packet which is forwarded to the Downstream node. For leaf 181 nodes the inner packet is forwarded as per local configuration. 183 When the root of a multi-point service steers a packet to a 184 Replication segment, it results in a replication to each Downstream 185 node in the associated replication state. The operation is a PUSH of 186 the replication SID and an optional segment list on to the packet 187 which is forwarded to the downstream node. 189 2.2. SRv6 data plane 191 In SRv6 [RFC8986], the "Endpoint with replication" behavior 192 (End.Replicate for short) replicates a packet and forwards the packet 193 according to a Replication state. 195 When processing a packet destined to a local Replication-SID, the 196 packet is replicated to Downstream nodes and/or locally delivered off 197 tree (when this is a bud/leaf node) according to the associated 198 replication state. For replication, the outer header is re-used, and 199 the Downstream Replication SID is written into the outer IPv6 header 200 destination address. If required, an optional segment list may be 201 used on some branches using H.Encaps.Red (while some other branches 202 may not need that). Note that this H.Encaps.Red is independent from 203 the replication segment - it is just used to steer the replicated 204 traffic on a traffic engineered path to a Downstream node. 206 The above also applies when the Replication segment is for the Root 207 node, whose upstream node has placed the Replication-SID in the 208 header. A local application (e.g. MVPN/EVPN) may also apply 209 H.Encaps.Red and then steer the resulting traffic into the segment. 210 Again note that the H.Encaps.Red is independent of the Replication 211 segment - it is the action of the application (e.g. MVPN/EVPN 212 service). If the service is on a Root node, the two H.Encaps 213 mentioned, one for the service and other in the previous paragraph 214 for replication to Downstream node SHOULD be combined for 215 optimization (to avoid extra IPv6 encapsulation). 217 For the local delivery on a bud/leaf node, the action associated with 218 Replication-SID is "look at next SID in SRH". The next SID could be 219 a SID with End.DT2/4/6 local behavior (equivalent of MVPN/EVPN PMSI 220 label in case of tunnel sharing across multiple VPNs). There may 221 also not be a next SID (e.g. MVPN/EVPN with one tunnel per VPN), in 222 which case the Replication-SID is then equivalent to End.DT2/4/6. 223 Note that decapsulation is not an inherent action of a Replication 224 segment even on a bud/leaf node. 226 3. Use Cases 228 In the simplest use case, a single Replication segment includes the 229 root node of a multi-point service and the egress/leaf nodes of the 230 service as all the Downstream Nodes. This achieves Ingress 231 Replication [RFC7988] that has been widely used for MVPN [RFC6513] 232 and EVPN [RFC7432] BUM (Broadcast, Unknown and Multicast) traffic. 234 Replication segments can also be used as building blocks for 235 replication trees when Replication segments on the root, intermediate 236 Replication Nodes and leaf nodes are stitched together to achieve 237 efficient replication. That is specified in 238 [I-D.ietf-pim-sr-p2mp-policy]. 240 4. IANA Considerations 242 This document requires registration of End.Replicate behavior in 243 "SRv6 Endpoint Behaviors" sub-registry of "Segment Routing 244 Parameters" top-level registry. 246 +=======+=====+===================+===========+ 247 | Value | Hex | Endpoint behavior | Reference | 248 +=======+=====+===================+===========+ 249 | TBD | TBD | End.Replicate | [This.ID] | 250 +-------+-----+-------------------+-----------+ 252 Table 1: IETF - SRv6 Endpoint Behaviors 254 5. Security Considerations 256 There are no additional security risks introduced by this design. 258 6. Acknowledgements 260 The authors would like to acknowledge Siva Sivabalan, Mike Koldychev, 261 Vishnu Pavan Beeram, Alexander Vainshtein, Bruno Decraene and Joel 262 Halpern for their valuable inputs. 264 7. Contributors 266 Clayton Hassen Bell Canada Vancouver Canada 268 Email: clayton.hassen@bell.ca 270 Kurtis Gillis Bell Canada Halifax Canada 272 Email: kurtis.gillis@bell.ca 274 Arvind Venkateswaran Cisco Systems, Inc. San Jose US 276 Email: arvvenka@cisco.com 278 Zafar Ali Cisco Systems, Inc. US 280 Email: zali@cisco.com 281 Swadesh Agrawal Cisco Systems, Inc. San Jose US 283 Email: swaagraw@cisco.com 285 Jayant Kotalwar Nokia Mountain View US 287 Email: jayant.kotalwar@nokia.com 289 Tanmoy Kundu Nokia Mountain View US 291 Email: tanmoy.kundu@nokia.com 293 Andrew Stone Nokia Ottawa Canada 295 Email: andrew.stone@nokia.com 297 Tarek Saad Juniper Networks Canada 299 Email:tsaad@juniper.net 301 8. References 303 8.1. Normative References 305 [I-D.ietf-spring-segment-routing-policy] 306 Filsfils, C., Talaulikar, K., Voyer, D., Bogdanov, A., and 307 P. Mattes, "Segment Routing Policy Architecture", Work in 308 Progress, Internet-Draft, draft-ietf-spring-segment- 309 routing-policy-13, 28 May 2021, 310 . 313 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 314 Requirement Levels", BCP 14, RFC 2119, 315 DOI 10.17487/RFC2119, March 1997, 316 . 318 [RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L., 319 Decraene, B., Litkowski, S., and R. Shakir, "Segment 320 Routing Architecture", RFC 8402, DOI 10.17487/RFC8402, 321 July 2018, . 323 [RFC8986] Filsfils, C., Ed., Camarillo, P., Ed., Leddy, J., Voyer, 324 D., Matsushima, S., and Z. Li, "Segment Routing over IPv6 325 (SRv6) Network Programming", RFC 8986, 326 DOI 10.17487/RFC8986, February 2021, 327 . 329 8.2. Informative References 331 [I-D.filsfils-spring-srv6-net-pgm-illustration] 332 Filsfils, C., Garvia, P. C., Li, Z., Matsushima, S., 333 Decraene, B., Steinberg, D., Lebrun, D., Raszuk, R., and 334 J. Leddy, "Illustrations for SRv6 Network Programming", 335 Work in Progress, Internet-Draft, draft-filsfils-spring- 336 srv6-net-pgm-illustration-04, 30 March 2021, 337 . 340 [I-D.ietf-lsr-flex-algo] 341 Psenak, P., Hegde, S., Filsfils, C., Talaulikar, K., and 342 A. Gulko, "IGP Flexible Algorithm", Work in Progress, 343 Internet-Draft, draft-ietf-lsr-flex-algo-17, 6 July 2021, 344 . 347 [I-D.ietf-pim-sr-p2mp-policy] 348 (editor), D. V., Filsfils, C., Parekh, R., Bidgoli, H., 349 and Z. Zhang, "Segment Routing Point-to-Multipoint 350 Policy", Work in Progress, Internet-Draft, draft-ietf-pim- 351 sr-p2mp-policy-03, 23 August 2021, 352 . 355 [RFC6513] Rosen, E., Ed. and R. Aggarwal, Ed., "Multicast in MPLS/ 356 BGP IP VPNs", RFC 6513, DOI 10.17487/RFC6513, February 357 2012, . 359 [RFC7432] Sajassi, A., Ed., Aggarwal, R., Bitar, N., Isaac, A., 360 Uttaro, J., Drake, J., and W. Henderickx, "BGP MPLS-Based 361 Ethernet VPN", RFC 7432, DOI 10.17487/RFC7432, February 362 2015, . 364 [RFC7988] Rosen, E., Ed., Subramanian, K., and Z. Zhang, "Ingress 365 Replication Tunnels in Multicast VPN", RFC 7988, 366 DOI 10.17487/RFC7988, October 2016, 367 . 369 Appendix A. Illustration of a Replication Segment 371 This section illustrates an example of a single Replication segment. 372 Examples showing Replication segment stitched together to form P2MP 373 tree (based on SR P2MP policy) are in [I-D.ietf-pim-sr-p2mp-policy]. 375 Consider the following topology: 377 R3------R6 378 / \ 379 R1----R2----R5-----R7 380 \ / 381 +--R4---+ 383 Figure 1: Figure 1 385 A.1. SR-MPLS 387 In this example, the Node-SID of a node Rn is N-SIDn and Adjacency- 388 SID from node Rm to node Rn is A-SIDmn. Interface between Rm and Rn 389 is Lmn. 391 Assume a Replication segment identified with R-ID at Replication Node 392 R1 and downstream Nodes R2, R6 and R7. The Replication SID at node n 393 is R-SIDn. A packet replicated from R1 to R7 has to traverse R4. 395 The Replication segment state at nodes R1, R2, R6 and R7 is shown 396 below. Note nodes R3, R4 and R5 do not have state for the 397 Replication segment. 399 Replication segment at R1: 401 Replication segment : 402 Replication SID: R-SID1 403 Replication State: 404 R2: L12> 405 R6: 406 R7: 408 Replication to R2 steers packet directly to R2 on interface L12. 409 Replication to R6, using N-SID6, steers packet via IGP shortest path 410 to that node. Replication to R7 is steered via R4, using N-SID4 and 411 then adjacency SID A-sID47 to R7. 413 Replication segment at R2: 415 Replication segment : 416 Replication SID: R-SID2 417 Replication State: 418 R2: 420 Replication segment at R6: 422 Replication segment : 423 Replication SID: R-SID6 424 Replication State: 425 R6: 427 Replication segment at R7: 429 Replication segment : 430 Replication SID: R-SID7 431 Replication State: 432 R7: 434 When a packet is steered into the Replication segment at R1: 436 * Since R1 is directly connected to R2, R1 performs PUSH operation 437 with just label for the replicated copy and sends it to 438 R2 on interface L12. R2, as Leaf, performs NEXT operation, pops 439 R-SID2 label and delivers the payload. 441 * R1 performs PUSH operation with label stack for 442 the replicated copy to R6 and sends it to R2, the nexthop on IGP 443 shortest path to R6. R2 performs CONTINUE operation on N-SID6 and 444 forwards it to R3. R3 is the penultimate hop for N-SID6; it 445 performs penultimate hop popping, which corresponds to the NEXT 446 operation and the packet is then sent to R6 with in the 447 label stack. R6, as Leaf, performs NEXT operation, pops R-SID6 448 label and delivers the payload. 450 * R1 performs PUSH operation with label 451 stack for the replicated copy to R7 and sends it to R2, the 452 nexthop on IGP shortest path to R4. R2 is the penultimate hop for 453 N-SID4; it performs penultimate hop popping, which corresponds to 454 the NEXT operation and the packet is then sent to R4 with 455 in the label stack. R4 performs NEXT operation, 456 pops A-SID47, and delivers packet to R7 with in the label 457 stack. R7, as Leaf, performs NEXT operation, pops R-SID7 label 458 and delivers the payload. 460 A.2. SRv6 462 For SRv6 , we use SID allocation scheme, reproduced below, from 463 Illustrations for SRv6 Network Programming 464 [I-D.filsfils-spring-srv6-net-pgm-illustration] 466 * 2001:db8::/32 is an IPv6 block allocated by a RIR to the operator 468 * 2001:db8:0::/48 is dedicated to the internal address space 469 * 2001:db8:cccc::/48 is dedicated to the internal SRv6 SID space 471 * We assume a location expressed in 64 bits and a function expressed 472 in 16 bits 474 * Node k has a classic IPv6 loopback address 2001:db8::k/128 which 475 is advertised in the IGP 477 * Node k has 2001:db8:cccc:k::/64 for its local SID space. Its SIDs 478 will be explicitly assigned from that block 480 * Node k advertises 2001:db8:cccc:k::/64 in its IGP 482 * Function :1:: (function 1, for short) represents the End function 483 with PSP support 485 * Function :Cn:: (function Cn, for short) represents the End.X 486 function from to Node n 488 Each node k has: 490 * An explicit SID instantiation 2001:db8:cccc:k:1::/128 bound to an 491 End function with additional support for PSP 493 * An explicit SID instantiation 2001:db8:cccc:k:Cj::/128 bound to an 494 End.X function to neighbor J with additional support for PSP 496 * An explicit SID instantiation 2001:db8:cccc:k:Fk::/128 bound to an 497 End.Replcate function 499 Assume a Replication segment identified with R-ID at Replication Node 500 R1 and downstream Nodes R2, R6 and R7. The Replication SID at node 501 k, bound to an End.Replcate function, is 2001:db8:cccc:k:Fk::/128. A 502 packet replicated from R1 to R7 has to traverse R4. 504 The Replication segment state at nodes R1, R2, R6 and R7 is shown 505 below. Note nodes R3, R4 and R5 do not have state for the 506 Replication segment. 508 Replication segment at R1: 510 Replication segment : 511 Replication SID: 2001:db8:cccc:1:F1::0 512 Replication State: 513 R2: <2001:db8:cccc:2:F2::0->L12> 514 R6: <2001:db8:cccc:6:F6::0> 515 R7: <2001:db8:cccc:4:C7::0, 2001:db8:cccc:7:F7::0> 517 Replication to R2 steers packet directly to R2 on interface L12. 518 Replication to R6, using 2001:db8:cccc:6:F6::0, steers packet via IGP 519 shortest path to that node. Replication to R7 is steered via R4, 520 using End.X SID 2001:db8:cccc:4:C7::0 at R4 to R7. 522 Replication segment at R2: 524 Replication segment : 525 Replication SID: 2001:db8:cccc:2:F2::0 526 Replication State: 527 R2: 529 Replication segment at R6: 531 Replication segment : 532 Replication SID: 2001:db8:cccc:6:F6::0 533 Replication State: 534 R6: 536 Replication segment at R7: 538 Replication segment : 539 Replication SID: 2001:db8:cccc:7:F7::0 540 Replication State: 541 R7: 543 When a packet, (A,B2), is steered into the Replication segment at R1: 545 * Since R1 is directly connected to R2, R1 creates encapsulated 546 replicated copy (2001:db8::1, 2001:db8:cccc:2:F2::0) (A, B2), and 547 sends it to R2 on interface L12. R2, as Leaf, removes outer IPv6 548 header and delivers the payload. 550 * R1 creates encapsulated replicated copy (2001:db8::1, 551 2001:db8:cccc:6:F6::0) (A, B2) then forwards the resulting packet 552 on the shortest path to 2001:db8:cccc:6::/64. R2 and R3 forward 553 the packet using 2001:db8:cccc:6::/64. R6, as Leaf, removes outer 554 IPv6 header and delivers the payload. 556 * R1 creates encapsulated replicated copy (2001:db8::1, 557 2001:db8:cccc:4:C7::0) (2001:db8:cccc:7:F7::0; SL=1) (A, B2) and 558 sends it to R2, the nexthop on IGP shortest path to 559 2001:db8:cccc:4::/64. R2 forwards packet to R4 using 560 2001:db8:cccc:4::/64. R4 executes End.X function on 561 2001:db8:cccc:4:C7::0, performs PSP action, removes SRH and sends 562 resulting packet (2001:db8::1, 2001:db8:cccc:7:F7::0) (A, B2) to 563 R7. R7, as Leaf, removes outer IPv6 header and delivers the 564 payload. 566 Authors' Addresses 568 Daniel Voyer (editor) 569 Bell Canada 570 Montreal 571 Canada 573 Email: daniel.voyer@bell.ca 575 Clarence Filsfils 576 Cisco Systems, Inc. 577 Brussels 578 Belgium 580 Email: cfilsfil@cisco.com 582 Rishabh Parekh 583 Cisco Systems, Inc. 584 San Jose, 585 United States of America 587 Email: riparekh@cisco.com 589 Hooman Bidgoli 590 Nokia 591 Ottawa 592 Canada 594 Email: hooman.bidgoli@nokia.com 596 Zhaohui Zhang 597 Juniper Networks 599 Email: zzhang@juniper.net