| draft-ietf-idr-flowspec-srv6-00.txt | draft-ietf-idr-flowspec-srv6-01.txt | |||
|---|---|---|---|---|
| Network Working Group Z. Li | Network Working Group Z. Li | |||
| Internet-Draft L. Li | Internet-Draft L. Li | |||
| Intended status: Standards Track Huawei | Intended status: Standards Track Huawei | |||
| Expires: 11 April 2022 H. Chen | Expires: October 10, 2022 H. Chen | |||
| Futurewei | Futurewei | |||
| C. Loibl | C. Loibl | |||
| Next Layer Communications | Next Layer Communications | |||
| G. Mishra | G. Mishra | |||
| Verizon Inc. | Verizon Inc. | |||
| Y. Fan | Y. Fan | |||
| Casa Systems | Casa Systems | |||
| Y. Zhu | Y. Zhu | |||
| China Telecom | China Telecom | |||
| L. Liu | L. Liu | |||
| Fujitsu | Fujitsu | |||
| X. Liu | X. Liu | |||
| Volta Networks | Volta Networks | |||
| 8 October 2021 | April 8, 2022 | |||
| BGP Flow Specification for SRv6 | BGP Flow Specification for SRv6 | |||
| draft-ietf-idr-flowspec-srv6-00 | draft-ietf-idr-flowspec-srv6-01 | |||
| Abstract | Abstract | |||
| This document proposes extensions to BGP Flow Specification for SRv6 | This document proposes extensions to BGP Flow Specification for SRv6 | |||
| for filtering packets with a SRv6 SID that matches a sequence of | for filtering packets with a SRv6 SID that matches a sequence of | |||
| conditions. | conditions. | |||
| Requirements Language | Requirements Language | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| skipping to change at page 2, line 10 ¶ | skipping to change at page 2, line 10 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on 11 April 2022. | This Internet-Draft will expire on October 10, 2022. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2021 IETF Trust and the persons identified as the | Copyright (c) 2022 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents | |||
| license-info) in effect on the date of publication of this document. | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| Please review these documents carefully, as they describe your rights | publication of this document. Please review these documents | |||
| and restrictions with respect to this document. Code Components | carefully, as they describe your rights and restrictions with respect | |||
| extracted from this document must include Simplified BSD License text | to this document. Code Components extracted from this document must | |||
| as described in Section 4.e of the Trust Legal Provisions and are | include Simplified BSD License text as described in Section 4.e of | |||
| provided without warranty as described in the Simplified BSD License. | the Trust Legal Provisions and are provided without warranty as | |||
| described in the Simplified BSD License. | ||||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | |||
| 2. Definitions and Acronyms . . . . . . . . . . . . . . . . . . 4 | 2. Definitions and Acronyms . . . . . . . . . . . . . . . . . . 4 | |||
| 3. The Flow Specification Encoding for SRv6 . . . . . . . . . . 4 | 3. The Flow Specification Encoding for SRv6 . . . . . . . . . . 4 | |||
| 3.1. Type TBD1 - Some Parts of SID . . . . . . . . . . . . . . 4 | 3.1. Type TBD1 - Some Parts of SID . . . . . . . . . . . . . . 4 | |||
| 3.2. Encoding Examples . . . . . . . . . . . . . . . . . . . . 6 | 3.2. Encoding Examples . . . . . . . . . . . . . . . . . . . . 6 | |||
| 3.2.1. Example 1 . . . . . . . . . . . . . . . . . . . . . . 6 | 3.2.1. Example 1 . . . . . . . . . . . . . . . . . . . . . . 6 | |||
| 4. Security Considerations . . . . . . . . . . . . . . . . . . . 7 | 4. Security Considerations . . . . . . . . . . . . . . . . . . . 7 | |||
| skipping to change at page 3, line 19 ¶ | skipping to change at page 3, line 19 ¶ | |||
| Routing Header (SRH) [I-D.ietf-6man-segment-routing-header]. SRv6 | Routing Header (SRH) [I-D.ietf-6man-segment-routing-header]. SRv6 | |||
| Network Programming [RFC8986] defines the SRv6 network programming | Network Programming [RFC8986] defines the SRv6 network programming | |||
| concept and its most basic functions. An SRv6 SID may have the form | concept and its most basic functions. An SRv6 SID may have the form | |||
| of LOC:FUNCT:ARG::. | of LOC:FUNCT:ARG::. | |||
| LOC: Each operator is free to use the locator length it chooses. | LOC: Each operator is free to use the locator length it chooses. | |||
| Most often the LOC part of the SID is routable and leads to the node | Most often the LOC part of the SID is routable and leads to the node | |||
| which instantiates that SID. | which instantiates that SID. | |||
| FUNCT: The FUNCT part of the SID is an opaque identification of a | FUNCT: The FUNCT part of the SID is an opaque identification of a | |||
| local function bound to the SID. (e.g. End: Endpoint, End.X, End.T, | local function bound to the SID. E.g., End.X, End.T, End.DX2, etc. | |||
| End.DX2 etc.). | ||||
| ARG: A function may require additional arguments that would be placed | ARG: A function may require additional arguments that would be placed | |||
| immediately after the FUNCT. | immediately after the FUNCT. | |||
| This document specifies one new BGP Flow Specification (FS) component | This document specifies one new BGP Flow Specification (FS) component | |||
| type to support Segment Routing over IPv6 data plane (SRv6) filtering | type to support Segment Routing over IPv6 data plane (SRv6) filtering | |||
| for BGP Flow Specification Version 2. The match field is destination | for BGP Flow Specification Version 2. The match field is destination | |||
| address of IPv6 header, but it's a SRv6 SID from SRH rather than a | address of IPv6 header, but it's a SRv6 SID from SRH rather than a | |||
| traditional IPv6 address (refer to Figure 1). To support these | traditional IPv6 address (refer to Figure 1). To support these | |||
| features, a Flowspec version that is IPv6 capable (i.e., AFI = 2) | features, a Flowspec version that is IPv6 capable (i.e., AFI = 2) | |||
| skipping to change at page 4, line 4 ¶ | skipping to change at page 3, line 51 ¶ | |||
| | | Segment[1] | | | | | Segment[1] | | | |||
| | +-------------+ | | | +-------------+ | | |||
| | | ... | | | | | ... | | | |||
| SR Header| +-------------+ | | SR Header| +-------------+ | | |||
| | | Segment[n] | | | | | Segment[n] | | | |||
| | +-------------+ | | | +-------------+ | | |||
| | +-------------+ | | | +-------------+ | | |||
| | ~ Option TLV ~ | | | ~ Option TLV ~ | | |||
| | +-------------+ | | | +-------------+ | | |||
| +-----------------------------+ | +-----------------------------+ | |||
| Figure 1: Match Field | ||||
| Figure 1: Match Field | ||||
| 2. Definitions and Acronyms | 2. Definitions and Acronyms | |||
| * FS: Flow Specification | o FS: Flow Specification | |||
| * BGP-FS: Border Gateway Protocol (BGP) Flow Specification (FS) | o BGP-FS: Border Gateway Protocol (BGP) Flow Specification (FS) | |||
| * SR: Segment Routing | o SR: Segment Routing | |||
| * SRH: SR Header. | o SRH: SR Header. | |||
| * SRv6: IPv6 Segment Routing, SRv6 is a method of forwarding IPv6 | o SRv6: IPv6 Segment Routing, SRv6 is a method of forwarding IPv6 | |||
| packets on the network based on the concept of source routing. | packets on the network based on the concept of source routing. | |||
| * SID: Segment Identifier | o SID: Segment Identifier | |||
| * BSID: Binding SID | o BSID: Binding SID | |||
| 3. The Flow Specification Encoding for SRv6 | 3. The Flow Specification Encoding for SRv6 | |||
| The Flow Specification NLRI-type consists of several optional | The Flow Specification NLRI-type consists of several optional | |||
| components, each of which begins with a type field (1 octet) followed | components, each of which begins with a type field (1 octet) followed | |||
| by a variable length parameter. 13 component types are defined in | by a variable length parameter. 13 component types are defined in | |||
| [RFC8955] and [RFC8956] for IPv4 and IPv6. This document defines one | [RFC8955] and [RFC8956] for IPv4 and IPv6. This document defines one | |||
| component type for SRv6. | component type for SRv6. | |||
| 3.1. Type TBD1 - Some Parts of SID | 3.1. Type TBD1 - Some Parts of SID | |||
| skipping to change at page 5, line 37 ¶ | skipping to change at page 5, line 37 ¶ | |||
| sequence. | sequence. | |||
| a - AND bit. If unset, the previous term is logically ORed with the | a - AND bit. If unset, the previous term is logically ORed with the | |||
| current one. If set, the operation is a logical AND. It should be | current one. If set, the operation is a logical AND. It should be | |||
| unset in the first operator byte of a sequence. The AND operator has | unset in the first operator byte of a sequence. The AND operator has | |||
| higher priority than OR for the purposes of evaluating logical | higher priority than OR for the purposes of evaluating logical | |||
| expressions. | expressions. | |||
| field type: | field type: | |||
| 000: SID's LOC | 000: SID's LOC | |||
| 001: SID's FUNCT | 001: SID's FUNCT | |||
| 010: SID's ARG | 010: SID's ARG | |||
| 011: SID's LOC:FUNCT | 011: SID's LOC:FUNCT | |||
| 100: SID's FUNCT:ARG | 100: SID's FUNCT:ARG | |||
| 101: SID's LOC:FUNCT:ARG | 101: SID's LOC:FUNCT:ARG | |||
| For an unknown type, Error Handling is applied according to [RFC7606] | For an unknown type, Error Handling is applied according to [RFC7606] | |||
| and [RFC4760]. | and [RFC4760]. | |||
| lt - less than comparison between data' and value'. | lt - less than comparison between data' and value'. | |||
| gt - greater than comparison between data' and value'. | gt - greater than comparison between data' and value'. | |||
| eq - equality between data' and value'. | eq - equality between data' and value'. | |||
| skipping to change at page 7, line 49 ¶ | skipping to change at page 7, line 49 ¶ | |||
| The authors would like to thank Joel Halpern, Jeffrey Haas, Ketan | The authors would like to thank Joel Halpern, Jeffrey Haas, Ketan | |||
| Talaulikar, Aijun Wang, Dhruv Dhody, Shunwan Zhuang and Rainsword | Talaulikar, Aijun Wang, Dhruv Dhody, Shunwan Zhuang and Rainsword | |||
| Wang for their valuable suggestions and comments on this draft. | Wang for their valuable suggestions and comments on this draft. | |||
| 7. References | 7. References | |||
| 7.1. Normative References | 7.1. Normative References | |||
| [I-D.hares-idr-flowspec-v2] | [I-D.hares-idr-flowspec-v2] | |||
| Hares, S. and D. Eastlake, "BGP Flow Specification Version | Hares, S., Eastlake, D., Yadlapalli, C., and S. Maduschke, | |||
| 2", Work in Progress, Internet-Draft, draft-hares-idr- | "BGP Flow Specification Version 2", draft-hares-idr- | |||
| flowspec-v2-02, 26 July 2021, <https://www.ietf.org/ | flowspec-v2-05 (work in progress), February 2022. | |||
| internet-drafts/draft-hares-idr-flowspec-v2-02.txt>. | ||||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <https://www.rfc-editor.org/info/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
| [RFC4760] Bates, T., Chandra, R., Katz, D., and Y. Rekhter, | [RFC4760] Bates, T., Chandra, R., Katz, D., and Y. Rekhter, | |||
| "Multiprotocol Extensions for BGP-4", RFC 4760, | "Multiprotocol Extensions for BGP-4", RFC 4760, | |||
| DOI 10.17487/RFC4760, January 2007, | DOI 10.17487/RFC4760, January 2007, | |||
| <https://www.rfc-editor.org/info/rfc4760>. | <https://www.rfc-editor.org/info/rfc4760>. | |||
| skipping to change at page 8, line 43 ¶ | skipping to change at page 8, line 43 ¶ | |||
| [RFC8956] Loibl, C., Ed., Raszuk, R., Ed., and S. Hares, Ed., | [RFC8956] Loibl, C., Ed., Raszuk, R., Ed., and S. Hares, Ed., | |||
| "Dissemination of Flow Specification Rules for IPv6", | "Dissemination of Flow Specification Rules for IPv6", | |||
| RFC 8956, DOI 10.17487/RFC8956, December 2020, | RFC 8956, DOI 10.17487/RFC8956, December 2020, | |||
| <https://www.rfc-editor.org/info/rfc8956>. | <https://www.rfc-editor.org/info/rfc8956>. | |||
| 7.2. Informative References | 7.2. Informative References | |||
| [I-D.ietf-6man-segment-routing-header] | [I-D.ietf-6man-segment-routing-header] | |||
| Filsfils, C., Dukes, D., Previdi, S., Leddy, J., | Filsfils, C., Dukes, D., Previdi, S., Leddy, J., | |||
| Matsushima, S., and D. Voyer, "IPv6 Segment Routing Header | Matsushima, S., and D. Voyer, "IPv6 Segment Routing Header | |||
| (SRH)", Work in Progress, Internet-Draft, draft-ietf-6man- | (SRH)", draft-ietf-6man-segment-routing-header-26 (work in | |||
| segment-routing-header-26, 22 October 2019, | progress), October 2019. | |||
| <https://www.ietf.org/archive/id/draft-ietf-6man-segment- | ||||
| routing-header-26.txt>. | ||||
| [I-D.ietf-idr-flowspec-l2vpn] | [I-D.ietf-idr-flowspec-l2vpn] | |||
| Hao, W., Eastlake, D. E., Litkowski, S., and S. Zhuang, | Hao, W., Eastlake, D. E., Litkowski, S., and S. Zhuang, | |||
| "BGP Dissemination of L2 Flow Specification Rules", Work | "BGP Dissemination of L2 Flow Specification Rules", draft- | |||
| in Progress, Internet-Draft, draft-ietf-idr-flowspec- | ietf-idr-flowspec-l2vpn-18 (work in progress), October | |||
| l2vpn-17, 12 May 2021, <https://www.ietf.org/archive/id/ | 2021. | |||
| draft-ietf-idr-flowspec-l2vpn-17.txt>. | ||||
| [RFC8986] Filsfils, C., Ed., Camarillo, P., Ed., Leddy, J., Voyer, | [RFC8986] Filsfils, C., Ed., Camarillo, P., Ed., Leddy, J., Voyer, | |||
| D., Matsushima, S., and Z. Li, "Segment Routing over IPv6 | D., Matsushima, S., and Z. Li, "Segment Routing over IPv6 | |||
| (SRv6) Network Programming", RFC 8986, | (SRv6) Network Programming", RFC 8986, | |||
| DOI 10.17487/RFC8986, February 2021, | DOI 10.17487/RFC8986, February 2021, | |||
| <https://www.rfc-editor.org/info/rfc8986>. | <https://www.rfc-editor.org/info/rfc8986>. | |||
| Authors' Addresses | Authors' Addresses | |||
| Zhenbin Li | Zhenbin Li | |||
| Huawei | Huawei | |||
| 156 Beiqing Road | 156 Beiqing Road | |||
| Beijing, 100095 | Beijing, 100095 | |||
| P.R. China | P.R. China | |||
| Email: lizhenbin@huawei.com | Email: lizhenbin@huawei.com | |||
| Lei Li | Lei Li | |||
| Huawei | Huawei | |||
| 156 Beiqing Road | 156 Beiqing Road | |||
| Beijing | Beijing 100095 | |||
| 100095 | ||||
| P.R. China | P.R. China | |||
| Email: lily.lilei@huawei.com | Email: lily.lilei@huawei.com | |||
| Huaimo Chen | Huaimo Chen | |||
| Futurewei | Futurewei | |||
| Boston, MA, | Boston, MA | |||
| United States of America | USA | |||
| Email: Huaimo.chen@futurewei.com | Email: Huaimo.chen@futurewei.com | |||
| Christoph Loibl | Christoph Loibl | |||
| Next Layer Communications | Next Layer Communications | |||
| Mariahilfer Guertel 37/7 | Mariahilfer Guertel 37/7 | |||
| 1150 Vienna | Vienna 1150 | |||
| Austria | AT | |||
| Email: cl@tix.at | ||||
| Email: cl@tix.at | ||||
| Gyan S. Mishra | Gyan S. Mishra | |||
| Verizon Inc. | Verizon Inc. | |||
| 13101 Columbia Pike | 13101 Columbia Pike | |||
| Silver Spring, MD 20904 | Silver Spring MD 20904 | |||
| United States of America | USA | |||
| Phone: 301 502-1347 | Phone: 301 502-1347 | |||
| Email: gyan.s.mishra@verizon.com | Email: gyan.s.mishra@verizon.com | |||
| Yanhe Fan | Yanhe Fan | |||
| Casa Systems | Casa Systems | |||
| United States of America | USA | |||
| Email: yfan@casa-systems.com | Email: yfan@casa-systems.com | |||
| Yongqing Zhu | Yongqing Zhu | |||
| China Telecom | China Telecom | |||
| 109, West Zhongshan Road, Tianhe District | 109, West Zhongshan Road, Tianhe District | |||
| Guangzhou | Guangzhou 510000 | |||
| 510000 | ||||
| China | China | |||
| Email: zhuyq8@chinatelecom.cn | Email: zhuyq8@chinatelecom.cn | |||
| Lei Liu | Lei Liu | |||
| Fujitsu | Fujitsu | |||
| United States of America | USA | |||
| Email: liulei.kddi@gmail.com | Email: liulei.kddi@gmail.com | |||
| Xufeng Liu | Xufeng Liu | |||
| Volta Networks | Volta Networks | |||
| McLean, VA | McLean, VA | |||
| United States of America | USA | |||
| Email: xufeng.liu.ietf@gmail.com | Email: xufeng.liu.ietf@gmail.com | |||
| End of changes. 33 change blocks. | ||||
| 54 lines changed or deleted | 49 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||