Internet-Draft | LSP Ping for SR Path SID | January 2024 |
Min, et al. | Expires 29 July 2024 | [Page] |
Path Segment is a type of Segment Routing (SR) segment, which is used to identify an SR path. This document provides Target Forwarding Equivalence Class (FEC) Stack TLV definitions for Path Segment Identifiers.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 29 July 2024.¶
Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
Path Segment is a type of SR segment, which is used to identify an SR path. Path Segment in MPLS based segment routing network is defined in [I-D.ietf-spring-mpls-path-segment].¶
As specified in [I-D.ietf-spring-mpls-path-segment], when a Path Segment is used, it's inserted by the ingress node of the SR path, and then processed by the egress node of the SR path. The Path Segment Label is placed within the MPLS label stack as the last segment identifier of the segment list. The Path Segment would not be popped up until it reaches the egress node, and the egress node would pop the path segment up.¶
This document provides Target Forwarding Equivalence Class (FEC) Stack TLV definitions for Path-SIDs. Procedures for LSP Ping as defined in [RFC8287] and [RFC8690] are applicable to Path-SIDs as well.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
This document uses the terminology defined in [RFC3031], [RFC8402], and [RFC8029], readers are expected to be familiar with those terms.¶
Analogous to what's defined in Section 5 of [RFC8287] and Section 4 of [I-D.ietf-mpls-sr-epe-oam], three new sub-TLVs are defined for the Target FEC Stack TLV (Type 1), the Reverse-Path Target FEC Stack TLV (Type 16), and the Reply Path TLV (Type 21).¶
Sub-Type Sub-TLV Name -------- ----------------------------- TBD1 SR Policy's Path SID TBD2 SR Candidate Path's Path SID TBD3 SR Segment List's Path SID¶
As specified in Section 2 of [I-D.ietf-spring-mpls-path-segment], a Path Segment can be used to identify a Segment List, some or all Segment lists in a Candidate path or an SR policy, so three different Target FEC Stack sub-TLVs need to be defined for Path Segment ID. When a Path Segment is used to identify an SR Policy, the Target FEC Stack sub-TLV of the type "SR Policy's Path SID" would be used to validate the control plane to forwarding plane synchronization for this Path-SID; When a Path Segment is used to identify an SR Candidate Path, the Target FEC Stack sub-TLV of the type "SR Candidate Path's Path SID" would be used to validate the control plane to forwarding plane synchronization for this Path-SID; When a Path Segment is used to identify a Segment List, the Target FEC Stack sub-TLV of the type "SR Segment List's Path SID" would be used to validate the control plane to forwarding plane synchronization for this Path-SID. Note that the three new Target FEC Stack sub-TLVs are mutual exclusive and they wouldn't be present in one message simultaneously.¶
The format of SR Policy's Path SID sub-TLV is specified as below:¶
Type¶
This field is set to the value (TBD1) which indicates that it's an SR Policy's Path SID sub-TLV.¶
Length¶
This field is set to the length of the sub-TLV's Value field in octets. If Headend and Endpoint fields are in IPv4 address format which is 4 octets long, it MUST be set to 12; If Headend and Endpoint fields are in IPv6 address format which is 16 octets long, it MUST be set to 36.¶
Headend¶
This field identifies the headend of an SR Policy, the same as defined in Section 2.1 of [RFC9256]. The headend is a 4-octet IPv4 address or a 16-octet IPv6 address.¶
Color¶
This field associates the SR Policy with an intent or objective (e.g., low latency), the same as defined in Section 2.1 of [RFC9256]. The color is an unsigned non-zero 4-octet integer value.¶
Endpoint¶
The format of SR Candidate Path's Path SID sub-TLV is specified as below:¶
Type¶
This field is set to the value (TBD2) which indicates that it's an SR Candidate Path's Path SID sub-TLV.¶
Length¶
This field is set to the length of the sub-TLV's Value field in octets. If Headend and Endpoint fields are in IPv4 address format which is 4 octets long, it MUST be set to 40; If Headend and Endpoint fields are in IPv6 address format which is 16 octets long, it MUST be set to 64.¶
Headend¶
This field identifies the headend of an SR Policy, the same as defined in Section 2.1 of [RFC9256]. The headend is a 4-octet IPv4 address or a 16-octet IPv6 address.¶
Color¶
This field associates the SR Policy with an intent or objective (e.g., low latency), the same as defined in Section 2.1 of [RFC9256]. The color is an unsigned non-zero 4-octet integer value.¶
Endpoint¶
This field identifies the endpoint of an SR Policy, the same as defined in Section 2.1 of [RFC9256]. The endpoint is a 4-octet IPv4 address or a 16-octet IPv6 address.¶
Protocol-Origin¶
This field is associated with the mechanism or protocol used for signaling/provisioning the SR Policy, the same as defined in Section 2.3 of [RFC9256]. The protocol-origin of a candidate path is a 1-octet value indicating PCEP, BGP SR Policy, or Via Configuration. The value of protocol-origin is set as specified in Section 2.3 of [RFC9256].¶
Originator¶
This field identifies the node that provisioned or signaled the candidate path on the headend, the same as defined in Section 2.4 of [RFC9256]. The originator is a 20-octet numerical value formed by the concatenation of the fields of the tuple <Autonomous System Number (ASN), node-address>, among which ASN is a 4-octet number and node address is a 16-octet value (an IPv6 address or an IPv4 address encoded in the lowest 4 octets). When procotol-origin is respectively indicating Via Configuration, PCEP, or BGP SR Policy, the value of originator is set as specified in Section 2.4 of [RFC9256].¶
Discriminator¶
This field uniquely identifies a candidate path within the context of an SR policy from a specific protocol-origin, the same as defined in Section 2.5 of [RFC9256]. The discriminator is a 4-octet value. When protocol-origin is respectively indicating Via Configuration, PCEP, or BGP SR Policy, the value of discriminator is set as specified in Section 2.5 of [RFC9256].¶
The format of SR Segment List's Path SID sub-TLV is specified as below:¶
Type¶
This field is set to the value (TBD3) which indicates that it's an SR Segment List's Path SID sub-TLV.¶
Length¶
This field is set to the length of the sub-TLV's Value field in octets. If Headend and Endpoint fields are in IPv4 address format which is 4 octets long, it MUST be set to 44; If Headend and Endpoint fields are in IPv6 address format which is 16 octets long, it MUST be set to 68.¶
Headend¶
This field identifies the headend of an SR Policy, the same as defined in Section 2.1 of [RFC9256]. The headend is a 4-octet IPv4 address or a 16-octet IPv6 address.¶
Color¶
This field associates the SR Policy with an intent or objective (e.g., low latency), the same as defined in Section 2.1 of [RFC9256]. The color is an unsigned non-zero 4-octet integer value.¶
Endpoint¶
This field identifies the endpoint of an SR Policy, the same as defined in Section 2.1 of [RFC9256]. The endpoint is a 4-octet IPv4 address or a 16-octet IPv6 address.¶
Protocol-Origin¶
This field is associated with the mechanism or protocol used for signaling/provisioning the SR Policy, the same as defined in Section 2.3 of [RFC9256]. The protocol-origin of a candidate path is a 1-octet value indicating PCEP, BGP SR Policy, or Via Configuration. The value of protocol-origin is set as specified in Section 2.3 of [RFC9256].¶
Originator¶
This field identifies the node that provisioned or signaled the candidate path on the headend, the same as defined in Section 2.4 of [RFC9256]. The originator is a 20-octet numerical value formed by the concatenation of the fields of the tuple <Autonomous System Number (ASN), node-address>, among which ASN is a 4-octet number and node address is a 16-octet value (an IPv6 address or an IPv4 address encoded in the lowest 4 octets). When procotol-origin is respectively indicating Via Configuration, PCEP, or BGP SR Policy, the value of originator is set as specified in Section 2.4 of [RFC9256].¶
Discriminator¶
This field uniquely identifies a candidate path within the context of an SR policy from a specific protocol-origin, the same as defined in Section 2.5 of [RFC9256]. The discriminator is a 4-octet value. When protocol-origin is respectively indicating Via Configuration, PCEP, or BGP SR Policy, the value of discriminator is set as specified in Section 2.5 of [RFC9256].¶
Segment-List-ID¶
This field identifies an SR path within the context of a candidate path of an SR Policy, the same as "Path ID" defined in Section 4.2 of [I-D.ietf-pce-multipath], or "Segment List ID" defined in Section 2.1 of [I-D.ietf-idr-sr-policy-seglist-id]. The segment-list-id is a 4-octet identifier of a segment list.¶
The MPLS LSP Ping procedures may be initiated by the headend of the Segment Routing path or a centralized topology-aware data plane monitoring system as described in [RFC8403]. For the Path-SID, the responder nodes that receive echo request and send echo reply MUST be the endpoint of the Segment Routing path.¶
When an endpoint receives the LSP echo request packet with top FEC being the Path-SID, it SHOULD perform validity checks on the content of the Path-SID FEC Stack sub-TLV. The basic length check should be performed on the received FEC.¶
SR Policy's Path SID ------------------ Length = 12 or 36 octets SR Candidate Path's Path SID ------------------ Length = 40 or 64 octets SR Segment List's Path SID ------------------ Length = 44 or 68 octets¶
If a malformed FEC Stack sub-TLV is received, then a return code of 1, "Malformed echo request received" as defined in [RFC8029] SHOULD be sent. The below section augments Section 7.4 of [RFC8287].¶
4a. Segment Routing Path-SID Validation:¶
If the Label-stack-depth is 0 and the Target FEC Stack sub-TLV at FEC-stack-depth is TBD1 (SR Policy's Path SID sub-TLV), {¶
Set the Best-return-code to 10, "Mapping for this FEC is not the given label at stack-depth <RSC>" if any below conditions fail (the notation <RSC> refers to the Return Subcode):¶
Validate that the Path Segment ID is signaled or provisioned for the SR Policy {¶
Validate that the signaled or provisioned headend, color and end-point for the Path SID, matches with the corresponding fields in the received SR Policy's Path SID sub-TLV.¶
}¶
}¶
If all the above validations have passed, set the return code to 3 "Replying router is an egress for the FEC at stack-depth <RSC>".¶
Set FEC-Status to 1 and return.¶
}¶
Else, if the Label-stack-depth is 0 and the Target FEC Stack sub-TLV at FEC-stack-depth is TBD2 (SR Candidate Path's Path SID sub-TLV), {¶
Set the Best-return-code to 10, "Mapping for this FEC is not the given label at stack-depth <RSC>" if any below conditions fail:¶
Validate that the Path Segment ID is signaled or provisioned for the SR Candidate Path {¶
When the Protocol-Origin field in the received SR Candidate Path's Path SID sub-TLV is a value indicating PCEP, "PCEP" is the used signaling protocol. And then validate that the Path Segment ID matches with the tuple identifying the SR Candidate Path within PCEP {¶
Validate that the signaled headend, color, end-point, originator ASN, originator address and discriminator defined in [I-D.ietf-pce-segment-routing-policy-cp] and [I-D.ietf-pce-sr-path-segment], for the Path SID, matches with the corresponding fields in the received SR Candidate Path's Path SID sub-TLV.¶
}¶
When the Protocol-Origin field in the received SR Candidate Path's Path SID sub-TLV is a value indicating BGP SR Policy, "BGP SR Policy" is the used signaling protocol. And then validate that the Path Segment ID matches with the tuple identifying the SR Candidate Path within BGP SR Policy {¶
Validate that the signaled headend, policy color, endpoint, ASN, BGP Router-ID and distinguisher defined in [I-D.ietf-idr-segment-routing-te-policy] and [I-D.ietf-idr-sr-policy-path-segment], for the Path SID, matches with the corresponding fields in the received SR Candidate Path's Path SID sub-TLV.¶
}¶
When the Protocol-Origin field in the received SR Candidate Path's Path SID sub-TLV is a value indicating Via Configuration, "Via Configuration" is the used provisioning mechanism. And then validate that the Path Segment ID matches with the tuple identifying the SR Candidate Path within Configuration {¶
Validate that the provisioned headend, color, endpoint, originator and discriminator, for the Path SID, matches with the corresponding fields in the received SR Candidate Path's Path SID sub-TLV.¶
}¶
}¶
If all the above validations have passed, set the return code to 3 "Replying router is an egress for the FEC at stack-depth <RSC>".¶
Set FEC-Status to 1 and return.¶
}¶
Else, if the Label-stack-depth is 0 and the Target FEC Stack sub-TLV at FEC-stack-depth is TBD3 (SR Segment List's Path SID sub-TLV), {¶
Set the Best-return-code to 10, "Mapping for this FEC is not the given label at stack-depth <RSC>" if any below conditions fail:¶
Validate that the Path Segment ID is signaled or provisioned for the SR Segment List {¶
When the Protocol-Origin field in the received SR Segment List's Path SID sub-TLV is a value indicating PCEP, "PCEP" is the used signaling protocol. And then validate that the Path Segment ID matches with the tuple identifying the SR Segment List within PCEP {¶
Validate that the signaled headend, color, end-point, originator ASN, originator address and discriminator defined in [I-D.ietf-pce-segment-routing-policy-cp] and [I-D.ietf-pce-sr-path-segment], and the signaled Path ID defined in [I-D.ietf-pce-multipath], for the Path SID, matches with the corresponding fields in the received SR Segment List's Path SID sub-TLV.¶
}¶
When the Protocol-Origin field in the received SR Segment List's Path SID sub-TLV is a value indicating BGP SR Policy, "BGP SR Policy" is the used signaling protocol. And then validate that the Path Segment ID matches with the tuple identifying the SR Segment List within BGP SR Policy {¶
Validate that the signaled headend, policy color, endpoint, ASN, BGP Router-ID and distinguisher defined in [I-D.ietf-idr-segment-routing-te-policy] and [I-D.ietf-idr-sr-policy-path-segment], and the signaled Segment List ID defined in [I-D.ietf-idr-sr-policy-seglist-id], for the Path SID, matches with the corresponding fields in the received SR Segment List's Path SID sub-TLV.¶
}¶
When the Protocol-Origin field in the received SR Segment List's Path SID sub-TLV is a value indicating Via Configuration, "Via Configuration" is the used provisioning mechanism. And then validate that the Path Segment ID matches with the tuple identifying the SR Segment List within Configuration {¶
Validate that the provisioned headend, color, endpoint, originator, discriminator and Segment-List-ID, for the Path SID, matches with the corresponding fields in the received SR Segment List's Path SID sub-TLV.¶
}¶
}¶
If all the above validations have passed, set the return code to 3 "Replying router is an egress for the FEC at stack-depth <RSC>".¶
Set FEC-Status to 1 and return.¶
}¶
This document defines additional MPLS LSP Ping sub-TLVs and follows the mechanisms defined in [RFC8029]. All the security considerations defined in [RFC8029] will be applicable for this document and, in addition, the MPLS LSP Ping sub-TLVs defined in this document do not impose any additional security challenges to be considered.¶
IANA is requested to assign three new sub-TLVs from the "sub-TLVs for TLV Types 1, 16, and 21" subregistry of the "Multi-Protocol Label Switching (MPLS) Label Switched Paths (LSPs) Ping Parameters" registry.¶
Sub-Type Sub-TLV Name Reference -------- ----------------------------- ------------ TBD1 SR Policy's Path SID Section 3.1 TBD2 SR Candidate Path's Path SID Section 3.2 TBD3 SR Segment List's Path SID Section 3.3¶
The authors would like to acknowledge Loa Andersson and Detao Zhao for their thorough review and very helpful comments.¶
The authors would like to acknowledge Yao Liu for the very helpful f2f discussion.¶