Internet-Draft The SRv6 DNS RR September 2023
Eastlake & Song Expires 1 April 2024 [Page]
Workgroup:
DNSOP
Internet-Draft:
draft-eastlake-dnsop-rrtype-srv6-04
Published:
Intended Status:
Standards Track
Expires:
Authors:
D. Eastlake
Futurewei Technologies
H. Song
Futurewei Technologies

The IPv6 Segment Routing (SRv6) Domain Name System (DNS) Resource Record

Abstract

A Domain Name System (DNS) Resource Record (RR) Type is specified for storing IPv6 Segment Routing (SRv6) Information in the DNS.

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on 1 April 2024.

Table of Contents

1. Introduction

The Domain Name System (DNS) is a hierarchical, distributed, highly available database with a variety of security features [RFC4034] [RFC4035] used for bi-directional mapping between domain names and addresses, for email routing, and for other information [RFC1034] [RFC1035]. This data is formatted into resource records (RRs) whose content type and structure are indicated by the RR Type field. General familiarity with the DNS and its terminology [RFC8499] is assumed in this document.

1.1. IPv6 Segment Routing

Internet Protocol versions 4 (IPv4, [RFC0791]) and 6 (IPv6, [RFC8200]) have long provided header options that support including an ordered sequence of addresses in a packet header so the packet travels in order through the nodes specified by that sequence of addresses. This is sometimes referred to as "source routing" because the route or path the packet follows is set, at least in part, when the sequence of addresses is added to the packet, usually at the packet's source, rather than being dynamically determined as the packet proceeds through the network.

IPv6 Segment Routing (SRv6, [RFC8402]) extends "source routing" by generalizing the IPv6 sized "address" quantities in a source "routing" sequence to be "instructions". [RFC8754] specifies a particular Segment Routing Header (SRH) that may be use used as part of the headers of an IPv6 packet to indicate an IPv6 Segment Routing sequence of addresses / instructions. And [RFC8986] further specifies the structuring of an IPv6 address size quantity such that it may be composed of addressing information followed by a function designation which is optionally further followed by arguments to that function. Thus, segment routing might encode a series of operations to be performed on a packet.

Furthermore, because a sequence of SRv6 instructions may all start with the same constant addressing prefix, methods of compression have been specified [Compress] to represent this addressing prefix less often and pack an increased number of quantities into a Segment Routing Header where each quantity may consist optionally of additional address information and/or function designation and/or function arguments.

1.2. The SRV6 RR Type

This document specifies a SRV6 RR Type to return a sequence of IPv6 Segment Routing addresses / instructions and optionally other data.

In many ways, the data returned for an SRV6 DNS RR is like an address. This RR supports a DNS client querying for SRV6 RRs at a name, inserting returned SRv6 information into the header of an IPv6 packet, and transmitting that packet so addressed. It would also be reasonable for an application using SRv6 to do a type SRV DNS query [RFC2782] followed by an SRV6 query at the resulting domain name if it was in a domain where SRv6 was in use. Furthermore, as a fall back, if no SRV6 RR is present in the DNS at a domain name, a client application whose SRV6 query has failed could query for the AAAA IPv6 address RR type.

Segment Routing is intended to be used in a limited domain compared with the global Internet. Furthermore, the DNS is commonly thought of as the source for global Internet addressing. However, most DNS servers can be easily configured in a network so that some names are only visible locally and some RRs are only delivered locally.

1.3. Terminology

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.

The following acronyms are used in this document:

  • DNS - Domain Name System
  • IANA - Internet Assigned Number Authority
  • IPv6 - Internet Protocol Version 6 [RFC8200]
  • RR - DNS Resource Record
  • SID - Segment Identifier [RFC8402]
  • SRH - Segment Routing (IPv6) Header [RFC8754]
  • SRv6 - IPv6 Segment Routing [RFC8402]
  • SRV6 - Mnemonic for the SRv6 RR Type
  • TLV - Type, Length, Value

2. SRV6 RR Type RDATA

The SRV6 RR type enables the storage and retrieval of an ordered sequence of SRv6 quantities each of which is the size of an IPv6 [RFC8200] address. The RDATA for this type of RR is a set of fields followed by a sequence of such quantities followed by optional data (see Figure 1) and will be ( 4 + N*16 + Opt) bytes long, where N is the number of such quantities present and Opt is the length of the optional data.

The RR Type Code for the SRV6 RR is TBD1.

 0 0 0 0 0 0 0 0 0 0 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|    SID Count  |   SRH Flags   |          SRH Tag              |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                                                               |
|             16-byte SRv6 Address/Instruction (SID)            |
|                                                               |
|                                                               |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
.                                                               .
.     Additional 16-byte SRv6 Addresses/Instructions (SIDs)     .
.                                                               .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
.    Optional TLVs                                              .
.................................................................
Figure 1: SRV6 RRTYPE Data

The RDATA consists of a segment count followed by a flags byte, a 2 byte tag, and then one or more 128-bit SRv6 SIDs followed by optional TLV data, all as further detailed as follows:

If the RDATA length is less than (4 + (SID Count)*16) or if the Optional TLVs do not parse as SRH TLVs, then the RR is malformed and MUST be ignored.

Circumstances and/or future definition of flags and TLV types may require, when an IPv6 packet header is contructed based on an SRV6 RR, that some SRH FLags be set or clear regardless of the SRH Flags RR field and/or that some SRH TLVs be included or excluded regardless of the Optional TLV in the SRH RR.

3. Acknowledgements

The suggestions and comments of the following persons are gratefully acknowledged:

tbd

4. IANA Considerations

IANA is requested to assign an SRV6 RR Type (TBD1) as in the template in Appendix A.

5. Security Considerations

For information on DNS features that improve the authentication of retrieved RRs, see [RFC4034] and [RFC4035].

For SRv6 Security Considerations, see [RFC8402] and Section 5 of [RFC8754]. For Security Considerations of SRv6 Network Programming, see [RFC8986]

6. Normative References

[RFC1034]
Mockapetris, P., "Domain names - concepts and facilities", STD 13, RFC 1034, DOI 10.17487/RFC1034, , <https://www.rfc-editor.org/info/rfc1034>.
[RFC1035]
Mockapetris, P., "Domain names - implementation and specification", STD 13, RFC 1035, DOI 10.17487/RFC1035, , <https://www.rfc-editor.org/info/rfc1035>.
[RFC2119]
Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, , <https://www.rfc-editor.org/info/rfc2119>.
[RFC8174]
Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, , <https://www.rfc-editor.org/info/rfc8174>.
[RFC8200]
Deering, S. and R. Hinden, "Internet Protocol, Version 6 (IPv6) Specification", STD 86, RFC 8200, DOI 10.17487/RFC8200, , <https://www.rfc-editor.org/info/rfc8200>.
[RFC8402]
Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L., Decraene, B., Litkowski, S., and R. Shakir, "Segment Routing Architecture", RFC 8402, DOI 10.17487/RFC8402, , <https://www.rfc-editor.org/info/rfc8402>.
[RFC8986]
Filsfils, C., Ed., Camarillo, P., Ed., Leddy, J., Voyer, D., Matsushima, S., and Z. Li, "Segment Routing over IPv6 (SRv6) Network Programming", RFC 8986, DOI 10.17487/RFC8986, , <https://www.rfc-editor.org/info/rfc8986>.

7. Informative References

[Compress]
Cheng, W., Ed., Filsfils, C., Ed., Previdi, S., Li, Z., Decraene, B., and F. Clad, "Compressed SRv6 Segment List Encoding in SRH", , <https://datatracker.ietf.org/doc/draft-ietf-spring-srv6-srh-compression/>.
[RFC0791]
Postel, J., "Internet Protocol", STD 5, RFC 791, DOI 10.17487/RFC0791, , <https://www.rfc-editor.org/info/rfc791>.
[RFC2782]
Gulbrandsen, A., Vixie, P., and L. Esibov, "A DNS RR for specifying the location of services (DNS SRV)", RFC 2782, DOI 10.17487/RFC2782, , <https://www.rfc-editor.org/info/rfc2782>.
[RFC3597]
Gustafsson, A., "Handling of Unknown DNS Resource Record (RR) Types", RFC 3597, DOI 10.17487/RFC3597, , <https://www.rfc-editor.org/info/rfc3597>.
[RFC4034]
Arends, R., Austein, R., Larson, M., Massey, D., and S. Rose, "Resource Records for the DNS Security Extensions", RFC 4034, DOI 10.17487/RFC4034, , <https://www.rfc-editor.org/info/rfc4034>.
[RFC4035]
Arends, R., Austein, R., Larson, M., Massey, D., and S. Rose, "Protocol Modifications for the DNS Security Extensions", RFC 4035, DOI 10.17487/RFC4035, , <https://www.rfc-editor.org/info/rfc4035>.
[RFC8499]
Hoffman, P., Sullivan, A., and K. Fujiwara, "DNS Terminology", BCP 219, RFC 8499, DOI 10.17487/RFC8499, , <https://www.rfc-editor.org/info/rfc8499>.
[RFC8754]
Filsfils, C., Ed., Dukes, D., Ed., Previdi, S., Leddy, J., Matsushima, S., and D. Voyer, "IPv6 Segment Routing Header (SRH)", RFC 8754, DOI 10.17487/RFC8754, , <https://www.rfc-editor.org/info/rfc8754>.

Appendix A. SRV6 RR Type Template

A. Submission Date: tbd

B.1 Submission Type:  [X] New RRTYPE  [ ] Modification to RRTYPE
B.2 Kind of RR:  [X] Data RR  [ ] Meta-RR

C. Contact Information for submitter (will be publicly posted):
   Name: Donald Eastlake
   Email Address: d3e3e3@gmail.com
   International telephone number: +1-508-333-2270
   Other contact handles:

D. Motivation for the new RRTYPE application.

   Enable storeage of IPv6 Segment Routing sequences in the DNS.

E. Description of the proposed RR type.
   See draft-eastlake-dnsop-rrtype-srv6

F. What existing RRTYPE or RRTYPEs come closest to filling that need
   and why are they unsatisfactory?

   Perhaps AAAA but that only returns a single IPv6 address, not an
   ordered sequence of IPv6 sized SRv6 instructions.

G. What mnemonic is requested for the new RRTYPE (optional)?

   SRV6

H. Does the requested RRTYPE make use of any existing IANA registry
   or require the creation of a new IANA subregistry in DNS
   Parameters?  If so, please indicate which registry is to be used
   or created.  If a new subregistry is needed, specify the
   allocation policy for it and its initial contents.

   Does not use any existing registry and does not create a new
   registry.

I. Does the proposal require/expect any changes in DNS
   servers/resolvers that prevent the new type from being processed
   as an unknown RRTYPE (see [RFC3597])?

   No.

J. Comments:  None.

Authors' Addresses

Donald Eastlake
Futurewei Technologies
2386 Panoramic Circle
Apopka, FL 32703
United States of America
Haoyu Song
Futurewei Technologies
2220 Central Expressway
Santa Clara, CA 95050
United States of America