| Internet-Draft | Mirror Binding | April 2023 |
| Chen, et al. | Expires 18 October 2023 | [Page] |
BGP is used to distribute a binding to a node. The binding includes a binding SID and a path represented by a list of SIDs. This document describes extensions to BGP for distributing the information about the binding to a protecting node. For an SR path via the node with the binding SID, when the node fails, the protecting node such as the upstream neighbor on the path uses the information to protect the binding SID of the failed node.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119].¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 18 October 2023.¶
Copyright (c) 2023 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
[I-D.ietf-idr-segment-routing-te-policy] specifies how BGP may be used to distribute a Segment Routing (SR) Policy to a node in a network. An SR Policy may contain a binding, which includes a binding SID and a path represented by a list of SIDs.¶
After a BGP as a controller distributes the binding to the node, the node forwards the packet with the binding SID according to the first SID in the list. It replaces the binding SID in the packet with the list of SIDs and forwards the packet using the FIB entry for the top SID (i.e., the first SID) in the packet.¶
When the node fails, suppose that the upstream neighbor (as PLR) of the node has the corresponding binding protection information for protecting the binding SID of the node. The information includes the binding SID, the list of SIDs and an identifier of the node. After the upstream neighbor as PLR detects the failure of the node, for a packet with the node SID of the failed node received, it protects the binding SID of the failed node. It pops the node SID, replaces the binding SID in the packet with the list of SIDs, forwards the packet without going through the failed node towards the top SID (i.e., the first SID, assuming it is a node SID for simplicity here). How a upstream node protect the binding SID of the failed node is out of scope of this document and described in [I-D.ietf-spring-segment-protection-sr-te-paths] and [I-D.hu-spring-segment-routing-proxy-forwarding]. (Note: the second reference will be removed after the first one includes enough text for protecting binding SIDs of a node).¶
This document proposes some procedures and extensions to BGP for distributing the information to each of the nodes that may protect the failed node.¶
This section defines a new Binding Protection sub-TLV under a Tunnel Encapsulation Attribute TLV of type 15 (i.e., SR Policy TLV). A Tunnel Encapsulation Attribute contains a Tunnel Encapsulation Attribute TLV. The structure containing a Binding Protection sub-TLV is shown below.¶
Attributes:
Tunnel Encapsulation Attribute (23)
Tunnel Type (15): SR Policy TLV
Preference sub-TLV
Binding SID sub-TLV
SRv6 Binding SID sub-TLV
Explicit NULL Label Policy (ENLP) sub-TLV
Priority sub-TLV
Policy Candidate Path Name sub-TLV
Policy Name sub-TLV
Binding Protection sub-TLV
Segment List sub-TLV
Weight sub-TLV
Segment sub-TLV
Segment sub-TLV
...
...¶
The format of a Binding Protection sub-TLV is illustrated below.¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type (TBD1) | Length | Flags | RESERVED | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | sub-TLVs | ~ ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
This field contains the sub-TLV below to indicate the node to be protected (i.e., the protected node).¶
When an SR Policy (i.e., SR Policy TLV) contains a binding SID and a path with a protected node, the SR policy is for distributing the binding protection information. The binding SID is encoded by a Binding SID sub-TLV or SRv6 Binding SID sub-TLV, the path is encoded by a Segment List Sub-TLV, and the node is encoded by a Binding Protection sub-TLV.¶
When an SR Policy contains a binding SID and a path without a protected node, the SR policy is for replacing the Binding SID with the path (i.e., the list of SIDs) when the node receives a packet with the Binding SID.¶
The format of Protected Node ID sub-TLV is illustrated below.¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type (1) | Length (4) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Protected Node ID (4 octets) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
When a BGP sends a binding to node N in a first Update message, the BGP distributes the corresponding binding protection information to the possible protecting nodes such as neighbors of node N in a second Update message. The first message contains a first SR Policy. The first SR Policy includes a binding SID and a path but does not include node N as a protected node. The second message contains a second SR Policy. The second SR Policy includes the binding SID, the path and node N as a protected node.¶
After sending the binding to node N and distributing the corresponding binding protection information to the protecting nodes, if BGP removes the binding from node N, it removes the corresponding binding protection information from the protecting nodes. If BGP changes the binding in node N, it changes the corresponding binding protection information in the protecting nodes.¶
Protocol extensions defined in this document do not affect the BGP security other than those as discussed in the Security Considerations section of [RFC9012].¶
This document requests assigning a new sub-TLV in the registry "BGP Tunnel Encapsulation Attribute sub-TLVs" as follows:¶
+------------+--------------------+-------------+ | Code Point | Description | Reference | +------------+--------------------+-------------+ | TBD1 | Binding Protection |This document| +------------+--------------------+-------------+¶
The authors would like to thank Andrew Stone, Robert Raszuk and Ketan Talaulikar for their comments to this work.¶