Internet-Draft | SR-PMTU | January 2024 |
Peng, et al. | Expires 10 July 2024 | [Page] |
This document defines the Path MTU (PMTU) for Segment Routing (SR) Policy (called SR-PMTU). It applies to both Segment Routing over IPv6 (SRv6) and SR-MPLS. This document specifies the framework of SR-PMTU for SR Policy including the link MTU collection, the SR-PMTU computation, the SR-PMTU enforcement, and the handling behaviours on the headend.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 10 July 2024.¶
Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
Segment Routing (SR) [RFC8402] allows a node to steer a packet flow along any given path. The headend is a node where the instructions for source routing (i.e., segments) are encoded in the packet and hence becomes the starting node for a specific segment routing path. Intermediate per-path states are eliminated thanks to source routing.¶
A Segment Routing Policy (SR Policy) [RFC9256] is an ordered list of segments (i.e., instructions) that represent a source-routed policy. The headend node is said to steer a flow into a SR Policy. The packets steered into an SR Policy have an ordered list of segments associated with that SR Policy written into them. [RFC8660] describes the representation and processing of this ordered list of segments as an MPLS label stack for SR-MPLS, while [RFC8754] and [RFC8986] describe the same for Segment Routing over IPv6 (SRv6) with the use of the Segment Routing Header (SRH).¶
[RFC8402] introduces the SR Policy construct and provides an overview of how it is leveraged for Segment Routing use-cases. [RFC9256] updates [RFC8402] to specify detailed concepts of SR Policy and steering packets into an SR Policy.¶
This document extends the SR Policy to also include the Path MTU information to SR Policy and applies to both SRv6 and SR-MPLS. The SRv6-specific handling is specified in Section 6.¶
The motivation for handling SR-PMTU for the SR paths includes (but is not limited to):¶
Being able to avoid fragmentation by being aware of the SR-PMTU associated with the SR paths and policies at the headend.¶
Being able to generate ICMP messages at the headend.¶
When fragmentation is unavoidable, the ability to do it correctly at the headend.¶
Ability to use SR-PMTU as path computation constraint and optimization criteria at the headend or controller/PCE.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
Link MTU: As per [RFC4821], the Maximum Transmission Unit, i.e., maximum IP packet size in bytes, that can be conveyed in one piece over a link. This includes the IP header, but excludes link layer headers and other framing that is not part of IP or the IP payload. In case of MPLS, it also includes the label stack and in case of IPv6, it includes IPv6 extension headers (including SRH).¶
Path MTU, or PMTU: The minimum link MTU of all the links in a path between a source node and a destination node. In the scope of this document, this is also called SR-PMTU for the SR paths and policies. Note that the link MTU takes the SR overhead (label stack or SRH) into consideration.¶
Segment Routing policy architecture is specified in [RFC9256]. An SR Policy is associated with one or more candidate paths. A candidate path is selected when it is valid and it is determined to be the best path of the SR Policy. The selected path is referred to as the "active path" of the SR policy. A candidate path is either dynamic, explicit, or composite. The related concepts with the SR-PMTU definition in this document are listed as follows.¶
An explicit/dynamic candidate path is expressed as a Segment-List or a set of Segment-Lists directly or by computation. If a candidate path is associated with a set of Segment-Lists, each Segment-List is associated with weight for weighted load balancing. The default weight is 1.¶
A composite candidate path acts as a container for grouping SR Policies. The composite candidate path construct enables the combination of SR Policies, each with explicit candidate paths and/or dynamic candidate paths with potentially different optimization objectives and constraints, for load-balanced steering of packet flows over its constituent SR Policies [RFC9256].¶
A Segment-List represents a specific source-routed path to send traffic from the headend to the endpoint of the corresponding SR policy [RFC9256]. The SR-PMTU of a segment list is defined as the minimum link MTU of all the links in a path between a source node and a destination node. Refer Section 5.2 for specific handling for Node, Adjacency and Binding SID (as well as their combinations).¶
In the case of an explicit/dynamic candidate path, if it is expressed as a single Segment-List, then the SR-PMTU of the candidate path is the same as that of the SR-PMTU of the segment list as described in Section 4.1.¶
In the case of an explicit/dynamic candidate path, if it is expressed as a set of Segment-Lists (for load-balancing), then the SR-PMTU of the candidate path is defined as the minimum SR-PMTU of all the Segment-Lists in the set.¶
In the case of a composite candidate path, then the SR-PMTU of the composite candidate path is defined as the minimum SR-PMTU of all the constituent SR Policies of this composite candidate path. The SR-PMTU of each SR Policy is defined in Section 4.3.¶
According to [RFC9256], an SR Policy is associated with one or more candidate paths. A candidate path is selected when it is valid and it is determined to be the best path of the SR Policy. The selected path is referred to as the "active path" of the SR policy. Then the SR-PMTU for an SR Policy is defined as the SR-PMTU of the selected/active candidate path of this SR policy.¶
In the case of an explicit/dynamic candidate path, the SR-PMTU definition can be referred to in Section 4.2.¶
In the case of a composite candidate path, the SR-PMTU is defined as the minimum SR-PMTU of all the constituent SR policies. Since the constituent SR Policies of a composite candidate path can only be explicit/dynamic candidate paths, then the SR-PMTU definition of explicit/dynamic candidate path is as per Section 4.2.¶
The framework of SR-PMTU for SR Policy includes link MTU collection, SR-PMTU computation, SR-PMTU enforcement, and handling behaviors on the headend.¶
+------------------+ +--------|Network Controller| SR-PMTU computation | +--------/|\-------+ | | SR-PMTU enforcement Link MTU Collection | | +-\|/-+ +-----------|-----------+ +-----+ Handling |Head |---| Segment Routing |---|End | behaviors |end | | Network Domain | |Point| +-----+ +-----------------------+ +-----+ <---------Link MTU collection---------| Figure 1. The Framework of SR-PMTU for SR Policy¶
SR-PMTU is defined as the minimum link MTU of all the links in a path between a source node and a destination node. The link MTU needs to be first collected. The link MTU can be collected through various protocols such as IGP [I-D.hu-lsr-igp-path-mtu] and BGP-LS [I-D.ietf-idr-bgp-ls-link-mtu], etc.¶
The collected link MTU of all the related links are sent to the network controller where the SR-PMTU is computed. Depending upon the path type, the computation methods are different, which are described in the following subsections.¶
In a loose TE path [RFC7855], only Node SIDs are used along the path. Between two adjacent Node SIDs, generally, there are equal-cost multipaths (ECMP). The SR-PMTU of the loose TE path is computed by finding out the minimum SR-PMTU of all the ECMPs between two adjacent Node SIDs along the loose TE path.¶
Note that an implementation could maintain the SR-PMTU value associated with Node SIDs at the time of best path computation. The details of which are out of the scope of this document.¶
In a strict TE path [RFC7855], only Adj SIDs are used along the path. Since the link MTU of all the links being indicated by the Adj SIDs of the strict TE path are known to the network controller, the SR-PMTU of the strict SR-TE path is computed by finding out the minimum link MTU of all the links in the strict SR-TE path between its source node and destination node.¶
In a mixed path, both Node SIDs and Adj SIDs are used along the path. The PMTU of the mixed TE path is computed by finding out the minimum value of all the ECMPs between two adjacent Node SIDs and the link MTU of all the links indicated by the Adj SIDs.¶
The Binding SID (BSID) [RFC8402] is bound to an SR Policy, instantiation of which may involve a list of SIDs. The SR-PMTU of the binding path is the same as that of an SR Policy as specified in the above section modulo that it also includes the encapsulation overhead associated with it (i.e. in case of SR-MPLS, the additional label stack pushed in case of SR-MPLS and the outer IPv6 header with its own SRH in case of SRv6). This is done to make sure the headend of the SR path that includes a BSID is able to compute the SR-PMTU correctly by taking the correct SR-PMTU of the binding path into consideration along with other SIDs in the SR path.¶
Topology Independent Loop-free Alternate Fast Re-route (TI-LFA) [I-D.ietf-rtgwg-segment-routing-ti-lfa], aimed at providing protection of node and adjacency segments within the SR framework. The repair path is to pre-compute SPT_new(R,X) for each destination, that is, the Shortest Path Tree rooted at node R in the state of the network after the resource X has failed. An implementation is free to use any local optimization to provide smaller SID lists by combining Node SIDs and Adjacency SIDs. In addition, the usage of Node-SIDs allows to maximize ECMPs over the repair path. Note that while the PMTU of repair path might be different from the original path, which could lead to fragmentation while the repair path is in use. When the controller has computed the new path, its new PMTU would be updated to the headend.¶
Note that it is possible for the headend implementation to take an FRR overhead into consideration when determining if fragmentation would be needed for the SR Path with TI-LFA enabled. If this is used, an implementation SHOULD allow the value to be configured by an operator.¶
All other types of path can be considered here in future updates.¶
SR Policy as per [RFC9256] does not include SR-PMTU in the SR Policy encoding structure. As specified in [I-D.ietf-idr-sr-policy-path-mtu], the SR-PMTU is encoded in the SR policy structure as shown in Figure 2. After the SR-PMTU computation, the SR-PMTU is enforced along with the SR Policy to the headend of the corresponding path.¶
SR Policy SAFI NLRI: <Distinguisher, Policy-Color, Endpoint> Attributes: Tunnel Encaps Attribute (23) Tunnel Type: SR Policy Binding SID Preference Priority Policy Name Explicit NULL Label Policy (ENLP) Segment List Weight ----> Path MTU (SR-PMTU) Segment Segment ... ... Figure 2. The SR Policy encoding structure with SR-PMTU¶
When there are multiple paths that can be selected, the one with the highest SR-PMTU will be enforced in order to avoid fragmentation on the headend.¶
The PCEP extension to handle PMTU is specified in [I-D.ietf-pce-pcep-pmtu].¶
After the SR-PMTU is computed and enforced on the headend, the headend is going to perform the handling behaviors such as encapsulation, fragmentation, etc. Note that this behavior is similar to the existing behavior of MPLS and IPv6 dataplane.¶
Generally, considering its services being carried, the operators set an SR-PMTU limit aiming for a proper path selection that fulfills packet size requirements hence avoiding fragmentation. Furthermore, the encapsulation on the headend will introduce the overhead on top of the packet to be encapsulated. Generally, the encapsulation overhead has to be estimated according to the possible path hops and sometimes the repair paths. Therefore, the SR-PMTU constraint is set considering both the carried services and the encapsulation overhead.¶
When SR-PMTU-based path optimization is done, PCE will select the path with the highest SR-PMTU among all the possible paths.¶
Even if the SR-PMTU is not considered by the PCE at the time of path computation, the computed SR-PMTU is useful at the headend for the reasons already stated in Section 1.1.¶
Once the SR-PMTU constraint is set on the headend, it is supposed to be the lowest bound of the SR-PMTUs of all the paths being computed locally or enforced by the controller in order to avoid fragmentation.¶
If the SR-PMTU of all the paths being computed locally or enforced by the controller is smaller than the SR-PMTU constraint set on the headend, the fragmentation will have to be handled. If fragmentation is not possible, the headend could generate the ICMP messages to notify the traffic source.¶
Over this selected path, on the headend, the packets are fragmented in order to guarantee the size of the encapsulated packets is smaller than the PMTU of the selected path.¶
In the case of SRv6, the SRH is included in the calculation of the Link MTU and thus in the SR-PMTU. Note that the PMTU considerations for IPv6 [RFC8201] apply for the SRv6. [RFC8754] also specify the MTU considerations related to encapsulation with an outer IPv6 header with SRH.¶
[RFC9256] specifies in detail the SR Policy construct (introduced [RFC8402]) and its security consideration. The additional SR-MTU attribute information can be sensitive in some deployments and could be used to influence SR path setup and selection with adverse effect. The protocol extensions that include SR-PMTU need to take this into consideration. This document does not define any new protocol extensions and thus does not introduce any further security considerations.¶
This document does not include any IANA requests.¶
Thanks to xx for useful discussions and comments.¶