SR Path Binding Protection Architecture
draft-chen-spring-sr-bind-protect-arch-01
| Document | Type | Active Internet-Draft (individual) | |
|---|---|---|---|
| Authors | Huaimo Chen , Zhibo Hu, Weiqiang Cheng , Aijun Wang , Gyan Mishra | ||
| Last updated | 2024-02-01 | ||
| RFC stream | (None) | ||
| Intended RFC status | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | I-D Exists | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
draft-chen-spring-sr-bind-protect-arch-01
Network Working Group H. Chen
Internet-Draft Futurewei
Intended status: Standards Track Z. Hu
Expires: 4 August 2024 Huawei Technologies
W. Cheng
China Mobile
A. Wang
China Telecom
G. Mishra
Verizon
1 February 2024
SR Path Binding Protection Architecture
draft-chen-spring-sr-bind-protect-arch-01
Abstract
This document describes a architecture of fast re-route protection
for binding SIDs on SR paths including SRv6 paths and SR-MPLS paths.
The SR paths are in a single domain or cross two domains. The two
domains are administrated by one provider or two different providers.
Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119] [RFC8174]
when, and only when, they appear in all capitals, as shown here.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on 4 August 2024.
Chen, et al. Expires 4 August 2024 [Page 1]
Internet-Draft SR Binding Protection February 2024
Copyright Notice
Copyright (c) 2024 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components
extracted from this document must include Revised BSD License text as
described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Revised BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Example SR Path Binding Protections . . . . . . . . . . . . . 3
2.1. Example Single Domain Network with SR Paths . . . . . . . 3
2.2. Example Two Domain Network with SR Paths . . . . . . . . 4
2.3. Binding Protection Information Distribution . . . . . . . 6
2.3.1. Single Domain . . . . . . . . . . . . . . . . . . . . 6
2.3.2. One Administrative Domain . . . . . . . . . . . . . . 6
2.3.3. Two Administrative Domains . . . . . . . . . . . . . 7
2.4. Without Any Failure . . . . . . . . . . . . . . . . . . . 8
2.4.1. Single Domain . . . . . . . . . . . . . . . . . . . . 8
2.4.2. Two Domains . . . . . . . . . . . . . . . . . . . . . 11
2.5. Failure of Node in Single Domain . . . . . . . . . . . . 13
2.5.1. SR Path using Node SIDs . . . . . . . . . . . . . . . 13
2.5.2. SR Path using Adjacency SIDs . . . . . . . . . . . . 15
2.6. Failure of Border in One Administrative Domain . . . . . 17
2.6.1. SR Path using Node SIDs . . . . . . . . . . . . . . . 17
2.6.2. SR Path using Adjacency SIDs . . . . . . . . . . . . 18
2.7. Failure of Border in Two Administrative Domains . . . . . 20
2.7.1. SR Path using Node SIDs . . . . . . . . . . . . . . . 20
2.7.2. SR Path using Adjacency SIDs . . . . . . . . . . . . 21
3. Procedures . . . . . . . . . . . . . . . . . . . . . . . . . 23
3.1. on Neighbor of Node with Binding SID . . . . . . . . . . 23
3.2. on Upstream Node of Node with Binding SID . . . . . . . . 23
3.3. Integrated Procedure . . . . . . . . . . . . . . . . . . 24
4. Protocol Extensions . . . . . . . . . . . . . . . . . . . . . 24
5. Security Considerations . . . . . . . . . . . . . . . . . . . 26
6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 26
7. References . . . . . . . . . . . . . . . . . . . . . . . . . 26
7.1. Normative References . . . . . . . . . . . . . . . . . . 26
7.2. Informative References . . . . . . . . . . . . . . . . . 27
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 28
Chen, et al. Expires 4 August 2024 [Page 2]
Internet-Draft SR Binding Protection February 2024
1. Introduction
[I-D.ietf-rtgwg-segment-routing-ti-lfa] describes a segment routing
(SR) fast re-route (FRR) mechanism that provides FRR protection for a
node SID and adjacency SID of a node on an SR path by the direct
neighbor or say point of local repair (PLR) to the failure.
[I-D.hu-spring-segment-routing-proxy-forwarding] proposes a mechanism
that provides FRR protection for a binding SID of a transit node on a
SR path within a single domain.
This document describes a architecture of fast re-route protection
for binding SIDs on SR paths including SRv6 paths and SR-MPLS paths.
The SR paths are in a single domain or cross two domains. The two
domains are administrated by one provider or two different providers.
2. Example SR Path Binding Protections
This section illustrates the FRR protection for binding SIDs of nodes
on SR paths through examples. It shows the procedure on every node
on two SR paths without any failure in three cases below:
1. Single Domain.
2. One Administrative Domain (OAD): One provider Administrates two
Domains.
3. Two Administrative Domains (TAD): Two differnt providers
Administrate two Domains.
In addition, when the node with binding SIDs fails, the procedure on
each of the related node is illustrated in different cases for two
different time periods.
2.1. Example Single Domain Network with SR Paths
Figure 1 shows an example single domain network with two SR paths.
It is used to explain the mechanism of SR path binding protection in
single domain.
Chen, et al. Expires 4 August 2024 [Page 3]
Internet-Draft SR Binding Protection February 2024
! !
! [P1]-----[P3]----[B1]----[Q1]----[Q3] !
! / | \ / | \ / | \ / | \ / | \ !
! / | \ / | \ / | \ / | \ / | \ !
[CE1]---[A] | X | X | X | X | [C]---[CE2]
! \ | / \ | / \2 | / \ | / \ | / !
! \ | / \ | / \ | / \ | / \ | / ! SID-X:
! [P2]-----[P4]----[B2]----[Q2]-----[Q4] ! node SID of X
! ! SID-X-Y:
! <------------ Domain 1 -------------> ! Adj SID of X-Y
! !
SR Path 1: A->P1->B1->BSID-B1(->Q1->Q3->C);BSID-B1 w/ SID-list 1
SR Path 2: A->P1->P3->B1->BSID2-B1(->Q1->Q3->C);BSID2-B1 w/ SID-list 3
SID-list 1: {SID-Q1,SID-Q3,SID-C}; SID-list 2: {SID-Q1,SID-Q3,SID-C}
SID-list 3: {SID-B1-Q1,SID-Q3,SID-C}; SID-list 4: {SID-Q1,SID-Q3,SID-C}
SID-list 5: {SID-B2,SID-Q1,SID-Q3,SID-C} - backup path for B1 on Path 1
SID-list 6: {SID-B2,SID-Q1,SID-Q3,SID-C} - backup path for B1 on Path 2
Figure 1: Single Domain Network with SR Paths with Binding SIDs
The cost of each link is 1 by default, except for the cost of the
link between P3 and B2 is 2 indicated by number 2 on the link. SR
path 1 uses node SIDs. A Binding SID (BSID) of node B1, named BSID-
B1, is associated with SID-list 1 {SID-Q1, SID-Q3, SID-C}. The path
segment from node A to node B1 is represented by SID-P1 and SID-B1.
The path segment from node B1 to node C is represented by BSID-B1 and
SID-list 1 with which BSID-B1 is associated.
SR path 2 uses adjacency SIDs. Another Binding SID of B1, named
BSID2-B1, is associated with SID-list 3 {SID-B1-Q1, SID-Q3, SID-C}.
Note: BSID2-B1 is different from BSID-B1. The first SID in SID-list
3 is the adjacency SID of the adjacency from B1 to Q1. The path
segment from node A to node B1 is represented by SID-A-P1, SID-P1-P3
and SID-P3-B1. The path segment from node B1 to node C is
represented by BSID2-B1 and SID-list 3 with which BSID2-B1 is
associated.
2.2. Example Two Domain Network with SR Paths
Figure 2 shows an example two domain network with two SR paths. It
is used to explain the mechanism of SR path across domains binding
protection.
Chen, et al. Expires 4 August 2024 [Page 4]
Internet-Draft SR Binding Protection February 2024
! ! ! !
! [P1]-----[P3]----[B1]----[B3]----[Q3] !
! / | \ / | \ / | \ / | \ / | \ !
! / | \ / | \ / | \ / | \ / | \ !
[CE1]---[A] | X | X | X | X | [C]---[CE2]
! \ | / \ | / \2 | / \ | / \ | / !
! \ | / \ | / \ | / \ | / \ | / ! SID-X:
! [P2]-----[P4]----[B2]----[B4]-----[Q4] ! node SID of X
! ! ! ! SID-X-Y:
! <--- Domain 1 -----> ! !<- Domain 2 ->! Adj SID of X-Y
! ! ! !
SR Path 1: A->P1->B1->B3->BSID-B3(->Q3->C);BSID-B3 w/ SID-list 1
SR Path 2: A->P1->P3->B1->B3->BSID2-B3(->Q3->C);BSID2-B3 w/ SID-list 3
SID-list 1: {SID-Q3,SID-C}; BSID-B4 w/ SID-list 2: {SID-Q3,SID-C}
SID-list 3: {SID-B3-Q3,SID-C}; BSID2-B4 w/ SID-list 4: {SID-Q3,SID-C}
SID-list 5: {SID-B4,SID-Q3,SID-C} -backup bath for B3 on Path 1 in OAD
SID-list 6: {SID-B4,SID-Q3,SID-C} -backup bath for B3 on Path 2 in OAD
SID-list 7: {SID-B4,BSID-B4} - backup bath for B3 on Path 1 in TAD
SID-list 8: {SID-B4,BSID2-B4} - backup bath for B3 on Path 2 in TAD
Figure 2: Two domain Network with SR Paths with Binding SIDs of
Borders
The cost of each link is 1 by default, except for the cost of the
link between P3 and B2 is 2 indicated by number 2 on the link. SR
path 1 crosses two domains (Domain 1 and Domain 2) and uses node
SIDs. A Binding SID of border node B3, named BSID-B3, is associated
with SID-list 1. The path segment from node A to node B3 is
represented by SID-P1, SID-B1 and SID-B3. The path segment from node
B3 to node C is represented by BSID-B3 and SID-list 1 with which
BSID-B3 is associated.
For BSID-B3 associated with SID-list 1 on border node B3 along SR
path 1, there is an alternate border node B4 corresponding to B3.
SR path 2 crosses two domains (Domain 1 and Domain 2) and uses
adjacency SIDs. Another Binding SID of border node B3, named
BSID2-B3, is associated with SID-list 3. Note: BSID2-B3 is different
from BSID-B3. The first SID in SID-list 3 is the adjacency SID of
the adjacency from B3 to Q3. The path segment from node A to node B3
is represented by SID-A-P1, SID-P1-P3, SID-P3-B1 and SID-B1-B3. The
path segment from node B3 to node C is represented by BSID2-B3 and
SID-list 3 with which BSID2-B3 is associated.
For BSID2-B3 associated with SID-list 3 on B3 for SR path 2, there is
an alternate border node B4 corresponding to B3.
Chen, et al. Expires 4 August 2024 [Page 5]
Internet-Draft SR Binding Protection February 2024
2.3. Binding Protection Information Distribution
This section describes the binding protection information
distribution for three cases: Single Domain, OAD and TAD.
2.3.1. Single Domain
One piece of information, which represents a backup path for the
failure of node B1 with a BSID, is distributed.
For SR path 1, this one piece is BSID-B1, SID-list 5 and ID-B1 (i.e.,
Identifier (ID) of B1). SID-list 5 contains the SIDs for the backup
path, which includes SID-B2 and SIDs for the path segment
corresponding to SID-list 1 with which BSID-B1 is associated on B1.
SID-list 5 is SID-B2 prepending SID-list 1 since the first SID in
SID-list 1 is a node SID. SID-list 5 is {SID-B2, SID-Q1, SID-Q3,
SID-C}.
This one piece (i.e., BSID-B1, SID-list 5 and ID-B1) is sent to the
upstream neighbor (i.e., P3 on SR path 1) of B1. It is also sent to
the closest upstream endpoint node (i.e., P1 on SR path 1) of B1
since B1 is a loose hop on SR path 1, which is indicated by node SID
of B1 (i.e., SID-B1) on SR path 1.
For SR path 2, this one piece is BSID2-B1, SID-list 6 and ID-B1
(i.e., Identifier (ID) of B1). SID-list 6 contains the SIDs for the
backup path, which includes SID-B2 and SIDs for the path segment
corresponding to SID-list 3 with which BSID2-B1 is associated on B1.
The first SID in SID-list 3 is the adjacency SID of the adjacency
from B1 to Q1. SID-B2, SID-Q1 (the node SID of the remote node of
the adjacency SID-B1-Q1), and the other SIDs in SID-list 3
constitutes SID-list 6, which is {SID-B2, SID-Q1, SID-Q3, SID-C}.
This one piece (i.e., BSID2-B1, SID-list 6 and ID-B1) is sent to the
upstream neighbor (i.e., P3 on SR path 2) of B1. It is not sent to
any other upstream node since B1 is not a loose hop on SR path 2.
2.3.2. One Administrative Domain
When domain 1 and domain 2 are administrated by one provider, one
piece of information is distributed. This one piece of information
represents a backup path for the failure of border node B3.
Chen, et al. Expires 4 August 2024 [Page 6]
Internet-Draft SR Binding Protection February 2024
For SR path 1, this one piece is BSID-B3, SID-list 5 and ID-B3 (i.e.,
Identifier (ID) of B3). SID-list 5 represents a backup path for the
failure of B3. It contains the SIDs for the path segment to border
node B4 and the path segment corresponding to SID-list 1 with which
BSID-B3 is associated on B3. SID-list 5 is SID-B4 prepending SID-
list 1 since the first SID in SID-list 1 is a node SID. It is {SID-
B4, SID-Q3, SID-C}.
This one piece (i.e., BSID-B3, SID-list 5 and ID-B3) is sent to the
upstream neighbor (i.e., B1 on SR path 1) of B3. The closest
upstream endpoint node of B3 is B1 on SR path 1. The piece is not
sent to B1 again.
For SR path 2, this one piece is BSID2-B3, SID-list 6 and ID-B3
(i.e., Identifier (ID) of B3). SID-list 6 represents a backup path
for the failure of B3. It contains the SIDs for the path segment to
border node B4 and the path segment corresponding to SID-list 3 with
which BSID2-B3 is associated on B3. The first SID in SID-list 3 is
the adjacency SID of the adjacency from B3 to Q3. SID-B4, SID-Q3
(the node SID of the remote node of the adjacency SID-B3-Q3), and the
other SIDs in SID-list 3 constitutes SID-list 6, which is {SID-B4,
SID-Q3, SID-C}.
This one piece (i.e., BSID2-B3, SID-list 6 and ID-B3) is sent to the
upstream neighbor (i.e., B1 on SR path 2) of B3.
2.3.3. Two Administrative Domains
When domain 1 and domain 2 are administrated by two different
providers, the SIDs in domain 2 can not be distributed to any node in
domain 1 except for the SIDs of border nodes such as B3 and B4 in
domain 2. Thus SID-list 1 associated with BSID-B3 in SR path 1,
which contains the SIDs in domain 2, can not be distributed to any
node in domain 1. In this case, two pieces of information are
distributed. These two pieces of information represent a backup path
for the failure of border node B3 on SR path 1.
One piece is a binding SID of border node B4 (BSID-B4) associated
with SID-list 2 corresponding to SID-list 1 with which BSID-B2 in SR
path 1 is associated. SID-list 2 is SID-list 1 since the first SID
in SID-list 1 is a node SID. This one piece (i.e., BSID-B4 and SID-
list 2) is sent to alternate border node B4 corresponding to B3.
Chen, et al. Expires 4 August 2024 [Page 7]
Internet-Draft SR Binding Protection February 2024
The other piece is BSID-B3, SID list 7 and ID-B3 (i.e., Identifier
(ID) of B3). This other piece (i.e., BSID-B3, SID list 7 and ID-B3)
is sent to the upstream neighbor (e.g., B1 on SR path 1) of B3. In
addition, it is sent to the closest upstream endpoint node (e.g., B1
on SR path 1) of B3 if B3 is a loose hop and the endpoint node is not
neighbor of B3.
BSID2-B3 in SR path 2 is associated with SID-list 3 {SID-B1-Q3, SID-
C}. The two pieces of information representing a backup path for the
failure of border node B3 on SR path 2 are as follows.
One piece is another binding SID of border node B4 (BSID2-B4)
associated with SID-list 4 corresponding to SID-list 3. The first
SID in SID-list 3 is the adjacency SID of the adjacency from B3 to
Q3. The node SID of the remote node of the adjacency (SID-Q3) and
the other SIDs in SID-list 3 constitutes SID-list 4, which is {SID-
Q3, SID-C}. This one piece (i.e., BSID2-B4 and SID-list 4) is sent
to alternate border node B4 corresponding to B3.
The other piece is BSID2-B3, SID-list 8 and ID-B3 (i.e., Identifier
(ID) of B3). This piece (i.e., BSID2-B3, SID-list 8 and ID-B3) is
sent to the upstream neighbor (e.g., B1 on SR path 2) of B3. Since
B3 is not a loose hop on SR path 2, this other piece is not sent to
any other upstream node of B3 on SR path 2.
2.4. Without Any Failure
This section illustrates the procedure and the result of the
procedure on every node on each of SR path 1 using node SIDs and SR
path 2 using adjacency SIDs. Note: the path itself does not need to
make up of all of the same type of SIDs, but rather the difference in
behavior is on the point of repair if the top SID before the BSID is
node SID or adjacency SID. The SID type preceding the SID before the
BSID in the path is not relevant.
2.4.1. Single Domain
2.4.1.1. SR Path using Node SIDs
Figure 3 shows the result of the procedure on every node on SR path 1
in single domain using node SIDs without any failure.
Chen, et al. Expires 4 August 2024 [Page 8]
Internet-Draft SR Binding Protection February 2024
2.{SID-B1,BSID-B1}Pkt
| 3.{SID-B1,BSID-B1}Pkt
| | 4.{SID-Q1,SID-Q3,SID-C}Pkt
| | | 5.{SID-Q3,SID-C}Pkt
| | | |
! v v v v !
! [P1]-----[P3]----[B1]----[Q1]----[Q3] !
! / \ 6.{SID-C}Pkt
Pkt /1.{SID-P1,SID-B1,BSID-B1}Pkt \ !
[CE1]---[A] [C]---[CE2]
! \ / 7.Pkt
: :
! <------------ Domain 1 -------------> !
SR Path 1: A->P1->B1->BSID-B1(->Q1->Q3->C);BSID-B1 w/ SID-list 1
SID-list 1: {SID-Q1,SID-Q3,SID-C}; SID-list 2: {SID-Q1,SID-Q3,SID-C}
Figure 3: SR Path 1 in Single Domain in Normal Operations
The procedure on each node is below:
1. Node A as ingress of SR path 1 adds SID-P1, SID-B1 and BSID-B1
(binding SID (BSID) of B1) into a packet (Pkt) received from CE1
and sends the packet with the SIDs to node P1. The packet sent
to P1 is represented by "1. {SID-P1, SID-B1, BSID-B1}Pkt".
2. Node P1 pops its SID-P1 from the packet received, sends the
packet with top SID (SID-B1) to P3 along the IGP shortest path to
B1 according to its FIB entry for SID-B1. The packet sent to P3
is represented by "2. {SID-B1, BSID-B1}Pkt".
3. Node P3 sends the packet with top SID (SID-B1) to B1 along the
IGP shortest path to B1. The packet sent to B1 is represented by
"3. {SID-B1, BSID-B1}Pkt".
4. Node B1 pops its SID-B1 from the packet received, replaces its
BSID-B1 with SID-list 1, and sends the packet to Q1 according to
the top SID (SID-Q1) in the packet. The packet sent to Q1 is
represented by "4. {SID-Q1, SID-Q3, SID-C}Pkt".
5. Node Q1 pops its SID-Q1 from the packet received, and sends the
packet to node Q3 according to the top SID SID-Q3 in the packet.
The packet sent to Q3 is represented by "5. {SID-Q3, SID-C}Pkt".
6. Node Q3 pops its SID-Q3 from the packet received, and sends the
packet to node C according to the top SID SID-C in the packet.
The packet sent to C is represented by "6. {SID-C}Pkt".
Chen, et al. Expires 4 August 2024 [Page 9]
Internet-Draft SR Binding Protection February 2024
7. Node C pops its SID-C and gets the packet without any SIDs, which
is represented by "7. Pkt".
2.4.1.2. SR Path using Adjacency SIDs
Figure 4 shows the result of the procedure on every node on SR path 2
in single domain using adjacency SIDs without any failure.
2.{SID-P3-B1,BSID2-B1}Pkt
| 3.{BSID2-B1}Pkt
| | 4.{SID-Q3,SID-C}Pkt
| | | 5.{SID-Q3,SID-C}Pkt
| | ! | |
! v v ! v v !
! [P1]-----[P3]----[B1]----[Q1]----[Q3] !
! / \ 6.{SID-C}Pkt
Pkt /1.{SID-P1-P3,SID-P3-B1,BSID2-B1}Pkt \ !
[CE1]---[A] [C]---[CE2]
! \ / 7.Pkt
: :
! <------------ Domain 1 -------------> !
SR Path 2: A->P1->P3->B1->BSID2-B1(->Q1->Q3->C);BSID2-B1 w/ SID-list 3
SID-list 3: {SID-B1-Q1,SID-Q3,SID-C}; SID-list 4: {SID-Q1,SID-Q3,SID-C}
Figure 4: SR Path 2 in Single Domain in Normal Operations
The procedure on each node is below:
1. Node A as ingress of SR path 2 adds SID-P1-P3, SID-P3-B1 and
BSID2-B1 into a packet (Pkt) received from CE1 and sends the
packet with the SIDs to node P1. The packet sent to P1 is
represented by "1. {SID-P1-P3, SID-P3-B1, BSID2-B1}Pkt".
2. Node P1 pops its SID-P1-P3 from the packet received, sends the
packet to P3. The packet sent to P3 is represented by "2. {SID-
P3-B1, BSID2-B1}Pkt".
3. Node P3 pops its SID-P3-B1 from the packet received, sends the
packet to B1. The packet sent to B1 is represented by "3.
{BSID2-B1}Pkt".
4. Node B1 replaces its BSID2-B1 with SID-list 3, pops its SID-
B1-Q1, and sends the packet to Q1. The packet sent to Q1 is
represented by "4. {SID-Q3, SID-C}Pkt".
5. Node Q1 sends the packet to node Q3 according to the top SID
SID-Q3 in the packet. The packet sent to Q3 is represented by
"5. {SID-Q3, SID-C}Pkt".
Chen, et al. Expires 4 August 2024 [Page 10]
Internet-Draft SR Binding Protection February 2024
6. Node Q3 pops its SID-Q3 from the packet received, and sends the
packet to node C according to the top SID SID-C in the packet.
The packet sent to C is represented by "6. {SID-C}Pkt".
7. Node C pops its SID-C and gets the packet without any SIDs, which
is represented by "7. Pkt".
2.4.2. Two Domains
2.4.2.1. SR Path using Node SIDs
Figure 5 shows the result of the procedure on every node on SR path 1
across two domains using node SIDs without any failure.
2.{SID-B1,SID-B3,BSID-B3}Pkt
| 3.{SID-B1,SID-B3,BSID-B3}Pkt
| | 4.{SID-B3,BSID-B3}Pkt
| | | 5.{SID-Q3,SID-C}Pkt
| | ! | ! |
! v v ! v ! v !
! [P1]-----[P3]----[B1]----[B3]----[Q3] !
! / \ 6.{SID-C}Pkt
Pkt /1.{SID-P1,SID-B1,SID-B3,BSID-B3}Pkt \ !
[CE1]---[A] [C]---[CE2]
! \ / 7.Pkt
: :
! <--- Domain 1 -----> ! !<- Domain 2 ->!
SR Path 1: A->P1->B1->B3->BSID-B3(->Q3->C);BSID-B3 w/ SID-list 1
SID-list 1: {SID-Q3,SID-C}; SID-list 2: {SID-Q3,SID-C}
Figure 5: SR Path 1 across Two Domains in Normal Operations
The procedure on each node is below:
1. Node A as ingress of SR path 1 adds SID-P1, SID-B1, SID-B3 and
BSID-B3 (binding SID (BSID) of B3) into a packet (Pkt) received
from CE1 and sends the packet with the SIDs to node P1. The
packet sent to P1 is represented by "1. {SID-P1, SID-B1, SID-B3,
BSID-B3}Pkt".
2. Node P1 pops its SID-P1 from the packet received, sends the
packet with top SID (SID-B1) to P3 along the IGP shortest path to
B1 according to its FIB entry for SID-B1. The packet sent to P3
is represented by "2. {SID-B1, SID-B3, BSID-B3}Pkt".
3. Node P3 sends the packet with top SID (SID-B1) to B1 along the
IGP shortest path to B1. The packet sent to B1 is represented by
"3. {SID-B1, SID-B3, BSID-B3}Pkt".
Chen, et al. Expires 4 August 2024 [Page 11]
Internet-Draft SR Binding Protection February 2024
4. Node B1 pops its SID-B1 from the packet received and sends the
packet with top SID (SID-B3) to B3 along the routing path to B3.
The packet sent to B3 is represented by "4. {SID-B3, BSID-
B3}Pkt".
5. Node B3 pops its SID-B3 from the packet received, replaces its
BSID-B3 with SID-list 1, and sends the packet to Q3 according to
the top SID (SID-Q3) in the packet. The packet sent to Q3 is
represented by "5. {SID-Q3, SID-C}Pkt".
6. Node Q3 pops its SID-Q3 from the packet received, and sends the
packet to node C according to the top SID SID-C in the packet.
The packet sent to C is represented by "6. {SID-C}Pkt".
7. Node C pops its SID-C and gets the packet without any SIDs, which
is represented by "7. Pkt".
2.4.2.2. SR Path using Adjacency SIDs
Figure 6 shows the result of the procedure on every node on SR path 2
across two domains using adjacency SIDs without any failure.
2.{SID-P3-B1,SID-B1-B3,BSID2-B3}Pkt
| 3.{SID-B1-B3,BSID2-B3}Pkt
| | 4.{BSID2-B3}Pkt
| | | 5.{SID-C}Pkt
| | ! | ! |
! v v ! v ! v !
! [P1]-----[P3]----[B1]----[B3]----[Q3] !
! / \ 6.{SID-C}Pkt
Pkt /1.{SID-P1-P3,SID-P3-B1, \ !
[CE1]---[A] SID-B1-B3,BSID2-B3}Pkt [C]---[CE2]
! \ / 7.Pkt
: :
! <--- Domain 1 -----> ! !<- Domain 2 ->!
SR Path 2: A->P1->P3->B1->B3->BSID2-B3(->Q3->C);BSID2-B3 w/ SID-list 3
SID-list 3: {SID-B3-Q3,SID-C}; SID-list 4: {SID-Q3,SID-C}
Figure 6: SR Path 2 across Two Domains in Normal Operations
The procedure on each node is below:
1. Node A as ingress of SR path 2 adds SID-P1-P3, SID-P3-B1, SID-
B1-B3 and BSID2-B3 into a packet (Pkt) received from CE1 and
sends the packet with the SIDs to node P1. The packet sent to P1
is represented by "1. {SID-P1-P3, SID-P3-B1, SID-B1-B3,
BSID2-B3}Pkt".
Chen, et al. Expires 4 August 2024 [Page 12]
Internet-Draft SR Binding Protection February 2024
2. Node P1 pops its SID-P1-P3 from the packet received, sends the
packet to P3. The packet sent to P3 is represented by "2. {SID-
P3-B1, SID-B1-B3, BSID2-B3}Pkt".
3. Node P3 pops its SID-P3-B1 from the packet received, sends the
packet to B1. The packet sent to B1 is represented by "3. {SID-
B1-B3, BSID2-B3}Pkt".
4. Node B1 pops its SID-B1-B3 from the packet received, sends the
packet to B3. The packet sent to B3 is represented by "4.
{BSID2-B3}Pkt".
5. Node B3 replaces its BSID2-B3 with SID-list 3, pops its SID-
B1-Q3, and sends the packet to Q3. The packet sent to Q3 is
represented by "5. {SID-C}Pkt".
6. Node sends the packet to node C according to the top SID SID-C in
the packet. The packet sent to C is represented by "6. {SID-
C}Pkt".
7. Node C pops its SID-C and gets the packet without any SIDs, which
is represented by "7. Pkt".
2.5. Failure of Node in Single Domain
This section illustrates the procedure and the result of the
procedure on each of the related nodes on SR path 1 using node SIDs
and SR path 2 using adjacency SIDs after node B1 with BSIDs in single
domain failed.
2.5.1. SR Path using Node SIDs
This section illustrates the procedure and the result of the
procedure on each of the related nodes on SR path 1 using node SIDs
after node B1 with BSID-B1 failed.
2.5.1.1. Before IGP Converges on Failure
Figure 7 shows the result of executing procedure on each of the
related nodes on SR path 1 when node B1 failed and before the IGP
converges on the failure.
Chen, et al. Expires 4 August 2024 [Page 13]
Internet-Draft SR Binding Protection February 2024
2.{SID-B1,BSID-B1}Pkt 5.{SID-Q3,SID-C}Pkt
| ! |
! v ! v !
! [P1]-----[P3]----[B1]----[Q1]----[Q3] !
! / | \ / | \3.{SID-B2,SID-Q1, | \ 6.{SID-C}Pkt
Pkt /1.{..}Pkt | \ SID-Q3,SID-C}Pkt | \ !
[CE1]---[A] | X | X | X | X | [C]---[CE2]
! \ | / \ | / \2 | / \ | / \ | / 7.Pkt
! \ | / \ | / \ | /4.{SID-Q1,SID-Q3,SID-C}Pkt
! [P2]-----[P4]----[B2]----[Q2]-----[Q4] !
: :
! <------------ Domain 1 -------------> !
SR Path 1: A->P1->B1->BSID-B1(->Q1->Q3->C); BSID-B1 w/ SID-list 1
SID-list 1:{SID-Q1,SID-Q3,SID-C}
SID-list 5:{SID-B2,SID-Q1,SID-Q3,SID-C} - backup path for B1's failure
Figure 7: B1 on SR Path 1 failed and before IGP converges
The procedure and the result of the procedure on each of nodes A, P1,
Q1, Q3 and C are the same as those described in Section 2.4.1.1. The
procedure and the result of the procedure on each of nodes P3
(neighbor of B1) and B2 are as follows.
3. Neighbor P3 pops SID-B1 from the packet received, replaces
BSID-B1 in the packet with SID-list 5 according to its FIB entry
for BSID-B1 of node B1 with ID-B1, and sends the packet to B2
according to the top SID (i.e., SID-B2) in the packet without
going through failed B1 using TI-LFA. The packet sent to B2 is
represented by "3. {SID-B2, SID-Q1, SID-Q3, SID-C}Pkt".
4. Node B2 pops its SID (i.e., SID-B2) from the packet received, and
sends the packet to Q1 according to the top SID (SID-Q1) in the
packet. The packet sent to Q1 is represented by "4. {SID-Q1,
SID-Q3, SID-C}Pkt".
2.5.1.2. After IGP Converges on Failure
Figure 8 shows the result of executing procedure on each of the
related nodes on SR path 1 when node B1 failed and after the IGP
converges on the failure.
Chen, et al. Expires 4 August 2024 [Page 14]
Internet-Draft SR Binding Protection February 2024
2.{SID-B2,SID-Q1,SID-Q3,SID-C}Pkt 5.{SID-Q3,SID-C}Pkt
| |
! | v !
! [P1]-|---[P3]- -[B1]- -[Q1]----[Q3] !
! / | \V / | \ / | \ / | \ 6.{SID-C}Pkt
Pkt /1.{..}Pkt | \ / | \ / ! \
[CE1]---[A] | X | X | X | X | [C]---[CE2]
! \ | / \ | / \2 | / \ | / \ | / 7.Pkt
! \ | / \ | / \ | /4.{SID-Q1,SID-Q3,SID-C}Pkt
! [P2]-----[P4]----[B2]----[Q2]-----[Q4] !
: ^ :
| | |
| 3.{SID-B2,SID-Q1,SID-Q3,SID-C}Pkt |
! <------------ Domain 1 -------------> !
SR Path 1:A->P1->B1->BSID-B1(->Q1->Q3->C);BSID-B1 w/ SID-list 1
SID-list 1: {SID-Q1,SID-Q3,SID-C}
SID-list 5: {SID-B2,SID-Q1,SID-Q3,SID-C} - backup path for B1's failure
Figure 8: B1 on SR Path 1 failed and after IGP converges on failure
The procedure and the result of the procedure on each of nodes A, B2,
Q1, Q3 and C are the same as those described in Section 2.5.1.1. The
procedure and the result of the procedure on each of nodes P1 and P4
are as follows.
2. Since upstream (or previous hop) node P1 of B1 along SR path 1
does not have a FIB entry for SID-B1 as top SID of the packet,
node P1 pops SID-B1 from the packet, replaces BSID-B1 with SID-
list 5 in the packet according to its FIB entry for BSID-B1 of
node B1 with ID-B1, and sends the packet to P4 according to the
top SID (SID-B2) in the packet along the IGP shortest path to B2.
The packet sent to P4 is represented by "2. {SID-B2, SID-Q1, SID-
Q3, SID-C}Pkt".
3. Node P4 sends the packet to B2 according to the top SID (SID-B2)
in the packet received along the IGP shortest path. The packet
sent to B2 is represented by "3. {SID-B2, SID-Q1, SID-Q3, SID-
C}Pkt".
2.5.2. SR Path using Adjacency SIDs
This section illustrates the procedure and the result of the
procedure on each of the related nodes on SR path 2 using adjacency
SIDs after node B1 with BSID2-B1 failed.
Chen, et al. Expires 4 August 2024 [Page 15]
Internet-Draft SR Binding Protection February 2024
2.5.2.1. Before IGP Converges on Failure
Figure 9 shows the result of executing procedure on each of the
related nodes on SR path 2 when node B1 failed and before the IGP
converges on the failure.
2.{SID-P3-B1,BSID2-B1}Pkt 5.{SID-Q3,SID-C}Pkt
| ! |
! v ! v !
! [P1]-----[P3]----[B1]----[Q1]----[Q3] !
! / | \ / | \3.{SID-B2,SID-Q1, | \ 6.{SID-C}Pkt
Pkt /1.{..}Pkt | \ SID-Q3,SID-C}Pkt | \ !
[CE1]---[A] | X | X | X | X | [C]---[CE2]
! \ | / \ | / \2 | / \ | / \ | / 7.Pkt
! \ | / \ | / \ | /4.{SID-Q1,SID-Q3,SID-C}Pkt
! [P2]-----[P4]----[B2]----[Q2]-----[Q4] !
: :
! <------------ Domain 1 -------------> !
SR Path 2: A->P1->P3->B1->BSID2-B1(->Q1->Q3->C);BSID2-B1 w/ SID-list 3
SID-list 3:{SID-B1-Q1,SID-Q3,SID-C}
SID-list 6:{SID-B2,SID-Q1,SID-Q3,SID-C} - backup path for B1's failure
Figure 9: B1 on SR path 2 failed and before IGP converges
The procedure and the result of the procedure on each of nodes A, P1,
Q1, Q3 and C are the same as those described in Section 2.4.1.2. The
procedure and the result of the procedure on each of nodes P3
(neighbor of B1) and B2 are as follows.
3. Neighbor P3 pops its SID-P3-B1, replaces BSID2-B1 in the packet
with SID-list 6 according to its FIB entry for BSID2-B1 of node
B1 with ID-B1, and sends the packet to B2 according to the top
SID (i.e., SID-B2) in the packet without going through failed B1
using TI-LFA. The packet sent to B2 is represented by "3. {SID-
B2, SID-Q1, SID-Q3, SID-C}Pkt".
4. Node B2 pops its SID-B2 from the packet received, and sends the
packet to Q1 according to the top SID (SID-Q1) in the packet.
The packet sent to Q1 is represented by "4. {SID-Q1, SID-Q3, SID-
C}Pkt".
2.5.2.2. After IGP Converges on Failure
The result of the procedure on each of the related nodes on SR path 2
using adjacency SIDs when node B1 failed and after the IGP converges
on the failure is the same as the one described in Section 2.5.2.1.
Chen, et al. Expires 4 August 2024 [Page 16]
Internet-Draft SR Binding Protection February 2024
The procedure on node P3 is different from the one on P3 in
Section 2.5.2.1, which is as follows.
3. Node P3 sends the packet to B2 along the IGP shortest path
according to the top SID (SID-B2) in the packet received. The
packet sent to B2 is represented by "3. {SID-B2, SID-Q1, SID-Q3,
SID-C}Pkt".
2.6. Failure of Border in One Administrative Domain
This section illustrates the procedure and the result of the
procedure on each of the related nodes on SR path 1 and SR path 2
across two domains after border node B3 failed, where the two domains
are owned by one provider.
2.6.1. SR Path using Node SIDs
This section illustrates the procedure and the result of the
procedure on each of the related nodes on SR path 1 across two
domains using node SIDs after border node B3 failed.
2.6.1.1. Before Convergence on Failure
Figure 10 shows the result of executing procedure on each of the
related nodes on SR path 1 when border node B3 failed and before the
routing convergence on the failure.
2.{..}Pkt 3.{..}Pkt
| | 4.{SID-B4,SID-Q3,SID-C}Pkt
| | ! | !
! v V ! | ! !
! [P1]-----[P3]----[B1] | [B3]----[Q3] !
! / | \ / | \ / | \ V / | \ 6.{SID-C}Pkt
Pkt /1.{..}Pkt | \ / | \ / | \ !
[CE1]---[A] | X | X | X | X | [C]---[CE2]
! \ | / \ | / \ | / \ | / | / 7.Pkt
! \ | / \ | / \ | / \ | /5.{SID-Q3,SID-C}Pkt
! [P2]-----[P4]----[B2]----[B4]-----[Q4] !
: :
! <--- Domain 1 -----> ! !<- Domain 2 ->!
SR Path 1: A->P1->B1->B3->BSID-B3(->Q3->C);BSID-B3 w/ SID-list 1
SID-list 1:{SID-Q3,SID-C}
SID-list 5:{SID-B4,SID-Q3,SID-C} - backup path for B3's failure
Figure 10: B3 on SR Path 1 in OAD failed and before convergence
Chen, et al. Expires 4 August 2024 [Page 17]
Internet-Draft SR Binding Protection February 2024
The procedure and the result of the procedure on each of nodes A, P1,
P3, Q3 and C are the same as those described in Section 2.4.2.1. The
procedure and the result of the procedure on each of nodes B1
(neighbor of B3) and B4 (alternate border node) are as follows.
4. Neighbor B1 pops SID-B3 from the packet received, replaces
BSID-B3 in the packet with SID-list 5 according to its FIB entry
for BSID-B3 of node B3 with ID-B3, and sends the packet to B4
according to the top SID (i.e., SID-B4) in the packet without
going through failed B3 using TI-LFA. The packet sent to B4 is
represented by "4. {SID-B4, SID-Q3, SID-C}Pkt".
5. Border node B4 pops its SID (i.e., SID-B4) from the packet
received, and sends the packet to Q3 according to the top SID
(SID-Q3) in the packet. The packet sent to Q3 is represented by
"5. {SID-Q3, SID-C}Pkt".
2.6.1.2. After Convergence on Failure
The procedure and the result of the procedure on each node of SR path
1 are the same as those described in Section 2.6.1.1 except for the
procedure on node B1 as follows.
4. Neighbor B1 pops SID-B3 from the packet received, replaces
BSID-B3 in the packet with SID-list 5 according to its FIB entry
for BSID-B3 of node B3 with ID-B3, and sends the packet to B4
according to the top SID (i.e., SID-B4) in the packet. The
packet sent to B4 is represented by "4. {SID-B4, SID-Q3, SID-
C}Pkt".
2.6.2. SR Path using Adjacency SIDs
This section illustrates the procedure and the result of the
procedure on each of the related nodes on SR path 2 across two
domains using adjacency SIDs after border node B3 failed.
2.6.2.1. Before Convergence on Failure
Figure 11 shows the result of executing procedure on each of the
related nodes on SR path 2 when border node B3 failed and before the
convergence on the failure.
Chen, et al. Expires 4 August 2024 [Page 18]
Internet-Draft SR Binding Protection February 2024
2.{..}Pkt 3.{..}Pkt
| | 4.{SID-B4,SID-Q3,SID-C}Pkt
| | ! | !
! v V ! | ! !
! [P1]-----[P3]----[B1] | [B3]----[Q3] !
! / | \ / | \ / | \ V / | \ 6.{SID-C}Pkt
Pkt /1.{..}Pkt | \ / | \ / | \ !
[CE1]---[A] | X | X | X | X | [C]---[CE2]
! \ | / \ | / \2 | / \ | / | / 7.Pkt
! \ | / \ | / \ | / \ | /5.{SID-Q3,SID-C}Pkt
! [P2]-----[P4]----[B2]----[B4]-----[Q4] !
: :
! <--- Domain 1 -----> ! !<- Domain 2 ->!
SR Path 2: A->P1->P3->B1->B3->BSID2-B3(->Q3->C);BSID2-B3 w/ SID-list 3
SID-list 3:{SID-B3-Q3,SID-C}
SID-list 6:{SID-B4,SID-Q3,SID-C} - backup path for B3's failure
Figure 11: B3 on SR path 2 in OAD failed and before convergence
The procedure and the result of the procedure on each of nodes A, P1,
P3, Q3 and C are the same as those described in Section 2.4.2.2. The
procedure and the result of the procedure on each of nodes B1
(neighbor of B3) and B4 (alternate border node) are as follows.
4. Neighbor B1 pops its SID-B1-B3, replaces BSID2-B3 in the packet
with SID-list 6 according to its FIB entry for BSID2-B3 of node
B3 with ID-B3, and sends the packet to B4 according to the top
SID (i.e., SID-B4) in the packet without going through failed B3
using TI-LFA. The packet sent to B4 is represented by "4. {SID-
B4, SID-Q3, SID-C}Pkt".
4. Border node B4 pops its SID-B4 from the packet received, and
sends the packet to Q3 according to the top SID (SID-Q3) in the
packet. The packet sent to Q3 is represented by "5. {SID-Q3,
SID-C}Pkt".
2.6.2.2. After Convergence on Failure
The result of the procedure on each of the related nodes on SR path 2
using adjacency SIDs when border node B3 failed and after the
convergence on the failure is the same as the one described in
Section 2.6.2.1.
The procedure on node B1 is different from the one on B1 in
Section 2.6.2.1, which is as follows.
4. Node B1 sends the packet to B4 along the normal routing path to
Chen, et al. Expires 4 August 2024 [Page 19]
Internet-Draft SR Binding Protection February 2024
B4 according to the top SID (SID-B4) in the packet received. The
packet sent to B4 is represented by "4. {SID-B4, SID-Q3, SID-
C}Pkt".
2.7. Failure of Border in Two Administrative Domains
This section illustrates the procedure and result of procedure on
each of the related nodes on SR path 1 and SR path 2 across two
domains after border node B3 failed, where two domains are
administrated by two different providers.
2.7.1. SR Path using Node SIDs
2.7.1.1. Before Convergence on Failure
Figure 12 shows the result of executing procedure on each of the
related nodes on SR path 1 using node SIDs when border node B3 failed
and before the convergence on the failure.
2.{..}Pkt 3.{..}Pkt
| | 4.{SID-B4,BSID-B4}Pkt
| | ! | !
! v V ! | ! !
! [P1]-----[P3]----[B1] | [B3]----[Q3] !
! / | \ / | \ / | \ V / | \ 6.{SID-C}Pkt
Pkt /1.{..}Pkt | \ / | \ / | \ !
[CE1]---[A] | X | X | X | X | [C]---[CE2]
! \ | / \ | / \2 | / \ | / | / 7.Pkt
! \ | / \ | / \ | / \ | /5.{SID-Q3,SID-C}Pkt
! [P2]-----[P4]----[B2]----[B4]-----[Q4] !
: :
! <--- Domain 1 -----> ! !<- Domain 2 ->!
SR Path 1: A->P1->B1->B3->BSID-B3(->Q3->C);BSID-B3 w/ SID-list 1
SID-list 1: {SID-Q3,SID-C}; BSID-B4 w/ SID-list 2: {SID-Q3,SID-C}
SID-list 7: {SID-B4,BSID-B4} - backup bath for B3 on Path 1 in TAD
Figure 12: B3 on SR Path 1 in TAD failed and before convergence
The procedure and the result of the procedure on each of nodes A, P1,
P3, Q3 and C are the same as those described in Section 2.4.2.1. The
procedure and the result of the procedure on each of nodes B1
(neighbor of B3) and B4 (alternate border) are described below.
4. Neighbor B1 pops SID-B3 from the packet received, replaces
Chen, et al. Expires 4 August 2024 [Page 20]
Internet-Draft SR Binding Protection February 2024
BSID-B3 in the packet with SID-list 7 according to its FIB entry
for BSID-B3 of node B3 with ID-B3, and sends the packet to B4
according to the top SID (i.e., SID-B4) in the packet without
going through failed B3 using TI-LFA. The packet sent to B4 is
represented by "4. {SID-B4, BSID-B4}Pkt".
5. Border node B4 pops its SID-B4 from the packet received, replaces
BSID-B4 with SID-list 2 according to its FIB entry for BSID-B4,
and sends the packet to Q3 according to the top SID (SID-Q3) in
the packet. The packet sent to Q3 is represented by "5. {SID-Q3,
SID-C}Pkt".
2.7.1.2. After Convergence on Failure
The procedure and the result of the procedure on each node are the
same as those described in Section 2.7.1.1 except for the procedure
on node B1 described below.
4. Since upstream node B1 of B3 along SR path 1 does not have a FIB
entry for SID-B3 as top SID of the packet, node B1 pops SID-B3
from the packet, replaces BSID-B3 with SID-list 7 in the packet
according to its FIB entry for BSID-B3 of node B3 with ID-B3, and
sends the packet to B4 according to the top SID (SID-B4) in the
packet. The packet sent to P4 is represented by "4. {SID-B4,
BSID-B4}Pkt".
2.7.2. SR Path using Adjacency SIDs
2.7.2.1. Before Convergence on Failure
Figure 13 shows the result of executing procedure on each of the
related nodes on SR path 2 using adjacency SIDs when border node B3
failed and before the convergence on the failure.
Chen, et al. Expires 4 August 2024 [Page 21]
Internet-Draft SR Binding Protection February 2024
2.{..}Pkt 3.{..}Pkt
| | 4.{SID-B4,BSID2-B4}Pkt
| | ! | !
! v V ! | ! !
! [P1]-----[P3]----[B1] | [B3]----[Q3] !
! / | \ / | \ / | \ V / | \ 6.{SID-C}Pkt
Pkt /1.{..}Pkt | \ / | \ / | \ !
[CE1]---[A] | X | X | X | X | [C]---[CE2]
! \ | / \ | / \ | / \ | / | / 7.Pkt
! \ | / \ | / \ | / \ | /5.{SID-Q3,SID-C}Pkt
! [P2]-----[P4]----[B2]----[B4]-----[Q4] !
: :
! <--- Domain 1 -----> ! !<- Domain 2 ->!
SR Path 2: A->P1->P3->B1->B3->BSID2-B3(->Q3->C);BSID2-B3 w/ SID-list 3
SID-list 3: {SID-B3-Q3,SID-C}; BSID2-B4 w/ SID-list 4: {SID-Q3,SID-C}
SID-list 8: {SID-B4,BSID2-B4} - backup bath for B3 on Path 2 in TAD
Figure 13: B3 on SR Path 2 in TAD failed and before convergence
The procedure and the result of the procedure on each of nodes A, P1,
P3, Q3 and C are the same as those described in Section 2.4.2.2. The
procedure and the result of the procedure on each of nodes B1
(neighbor of B3) and B4 (alternate border) are as follows.
4. Neighbor B1 replaces BSID2-B3 in the packet received with SID-
list 8 according to its FIB entry for BSID2-B3 of node B3 with
ID-B3, and sends the packet to B4 according to the top SID (i.e.,
SID-B4) in the packet without going through failed B3 using TI-
LFA. The packet sent to B4 is represented by "4. {SID-B4,
BSID2-B4}Pkt".
5. Border node B4 pops its SID-B4 from the packet received, replaces
BSID2-B4 with SID-list 4 according to its FIB entry for BSID2-B4,
and sends the packet to Q3 according to the top SID (SID-Q3) in
the packet. The packet sent to Q3 is represented by "5. {SID-Q3,
SID-C}Pkt".
2.7.2.2. After Convergence on Failure
The procedure and result of executing procedure on each of the
related nodes on SR path 2 when border node B3 failed and after the
convergence on the failure are the same as those described in
Section 2.7.2.1.
The procedure on node B1 is different from the one on B1 in
Section 2.7.2.1, which is as follows.
4. Since upstream (neighbor) node B1 of B3 along SR path 2 does not
Chen, et al. Expires 4 August 2024 [Page 22]
Internet-Draft SR Binding Protection February 2024
have a FIB entry for SID-B1-B3 as top SID of the packet, node B1
replaces BSID2-B3 with SID-list 8 in the packet according to its
FIB entry for BSID2-B3 of node B3 with ID-B3, and sends the
packet to B4 according to the top SID (SID-B4) in the packet.
The packet sent to B4 is represented by "4. {SID-B4,
BSID2-B4}Pkt".
3. Procedures
3.1. on Neighbor of Node with Binding SID
When there is no failure, neighbor N of node B with binding SID on an
SR path sends the packet to B. When neighbor N detects the failure
of B, N pops top SID (SID-B or SID-N-B) from the packet, and does the
following steps:
1. If the current top SID in the packet is a Binding SID of B (BSID-
B), replaces BSID-B in the packet with a SID list and sends the
packet toward the top SID of the packet without going through B.
The SID list represents a backup path segment for the failure of
B.
2. Otherwise (i.e., the current top SID in the packet is an
adjacency SID of the node or a node SID of next hop), executes
the corresponding action for the SID from
[I-D.ietf-rtgwg-segment-routing-ti-lfa].
3.2. on Upstream Node of Node with Binding SID
A upstream node of node B with binding SID on an SR path pops the top
SID from the packet received if the top SID is a SID of the upstream
node.
When there is no failure or B on an SR path failed and before the
convergence on the failure of B, the upstream node sends the packet
according to its FIB entry for the top SID in the packet.
After B failed and the convergence on the failure of B, the upstream
node pops the node SID of B (SID-B) from the packet and does the
following steps:
1. If the current top SID in the packet is a Binding SID of B (BSID-
B), then executes the action indicated by the FIB entry for
BSID-B of node B. The action is to replace BSID-B in the packet
with a SID list and send the packet according to the current top
SID in the packet. The SID list represents a backup path segment
for the failure of B.
Chen, et al. Expires 4 August 2024 [Page 23]
Internet-Draft SR Binding Protection February 2024
2. Otherwise (i.e., the current top SID in the packet is an
adjacency SID of the node or a node SID of next hop), executes
the corresponding action for the SID from
[I-D.ietf-rtgwg-segment-routing-ti-lfa].
3.3. Integrated Procedure
A procedure running on a node that forwards the packet to be
transported by an SR path in different cases is called an integrated
procedure. The node is a border node or an internal node. The cases
include normal case without any failure, a border or internal node
failure.
Suppose that Packet = the packet received by node X. an integrated
procedure running on node X is described in Pseudo code as shown in
Figure 14.
IF (X detects N's failure){//X:neighbor of N, before convergence
Pops top SID from Packet; // pops SID-N or SID-X-N
IF (top SID in Packet is Binding SID (BSID) of N) {
Replace BSID in Packet with SID list;
}
Sends Packet without going N using TI-LFA for top SID in Packet;
} ELSE {//Normal or (N failed and after convergence on failure)
IF (no FIB entry for top SID in Packet){//N failed,after converges
Pops top SID from Packet;//pops SID-N or SID-X-N
IF (top SID in Packet is Binding SID (BSID) of N) {
Replace BSID in Packet with SID list;
}
} //Normal case: there is FIB entry for top SID, N works
Sends Packet using FIB entry for top SID in Packet;
}
Figure 14: Integrated Procedure
4. Protocol Extensions
This section describes the semantic of protocol extensions for
distributing binding protection information for a node with a BSID in
three cases: Single Domain, OAD and TAD.
For a Binding SID (BSID-B) of a node (e.g., transit node B1 in
Figure 1 or border node B3 in Figure 2) on a SR path, suppose that
the following information is sent to (or received from) the node:
1. BSID-B, and
Chen, et al. Expires 4 August 2024 [Page 24]
Internet-Draft SR Binding Protection February 2024
2. A list of SIDs (named SID-list a) associated with BSID-B, where
the SIDs are in the downstream domain.
For Single Domain, one piece of information is distributed. This one
piece is BSID-B, a new SID list (named SID-list c) and ID-B
(Identifier of the node). SID-list c represents a backup path for
the failure of the node on the SR path. It contains the SIDs for the
path segment corresponding to SID-list a.
This one piece (i.e., BSID-B, SID-list c and ID-B) is sent to the
upstream neighbor of the node on the SR path. It is also sent to the
closest upstream endpoint node (e.g., P1 on SR path 1 in Figure 1) of
the node if the node is a loose hop on the SR path, which is
indicated by node SID of the node (e.g., SID-B1) on the SR path. The
node SID is used to reach the node (e.g., B1).
For OAD, one piece of information is distributed. This one piece is
BSID-B, a new SID list (named SID-list c) and ID-B. SID-list c
represents a backup path for the failure of the border node on the SR
path. It contains the SIDs for the path segment to the alternate
border node and the path segment corresponding to SID-list a. This
piece is distributed in the same way as the one for Single Domain.
For TAD, two pieces of information are distributed.
Piece 1. BSID-aB, which is a Binding SID of an alternate border node
(e.g., B4 in Figure 2), and a list of SIDs (named SID-list b)
corresponding to SID-list a. SID-list b is SID-list a when the
first SID in SID-list a is a node SID. when the first SID in
SID-list a is an adjacency SID of an adjacency, the node SID of
the remote node of the adjacency and the other SIDs in SID-list a
constitutes SID-list b.
Piece 2. BSID-B, SID-list d {SID-aB, BSID-aB} and ID-B; where SID-aB
is a node SID of the alternate border node, and ID-B is an
Identifier (ID) of the border node.
These two pieces of information represent a backup path for the
failure of the border node on the SR path.
Piece 1 (i.e., BSID-aB and SID-list b) is sent to the alternate
border node. Piece 2 (i.e., BSID-B, SID-list d and ID-B) is
distributed in the same way as the one for OAD.
In one option, the TE router ID of a node is used as the ID of the
node.
Chen, et al. Expires 4 August 2024 [Page 25]
Internet-Draft SR Binding Protection February 2024
When a protocol (such as PCE or BGP running on a controller) supports
sending a binding (i.e., a BSID and a SID list) on a node, we may
extend this protocol to distribute the binding protection information
(refer to [I-D.chen-pce-mbinding] and [I-D.chen-idr-mbinding]).
Alternatively, we may extend YANG and IGP to distribute the binding
protection information.
Note: how to distribute binding protection information via which
protocol is out of the scope of this document.
5. Security Considerations
TBD.
6. Acknowledgements
The authors would like to thank Andrew Stone for his comments to this
work.
7. References
7.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
[RFC7356] Ginsberg, L., Previdi, S., and Y. Yang, "IS-IS Flooding
Scope Link State PDUs (LSPs)", RFC 7356,
DOI 10.17487/RFC7356, September 2014,
<https://www.rfc-editor.org/info/rfc7356>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L.,
Decraene, B., Litkowski, S., and R. Shakir, "Segment
Routing Architecture", RFC 8402, DOI 10.17487/RFC8402,
July 2018, <https://www.rfc-editor.org/info/rfc8402>.
[RFC8667] Previdi, S., Ed., Ginsberg, L., Ed., Filsfils, C.,
Bashandy, A., Gredler, H., and B. Decraene, "IS-IS
Extensions for Segment Routing", RFC 8667,
DOI 10.17487/RFC8667, December 2019,
<https://www.rfc-editor.org/info/rfc8667>.
Chen, et al. Expires 4 August 2024 [Page 26]
Internet-Draft SR Binding Protection February 2024
7.2. Informative References
[I-D.chen-idr-mbinding]
Chen, H., Decraene, B., Mishra, G. S., Fan, Y., Wang, A.,
and X. Liu, "BGP for Mirror Binding", Work in Progress,
Internet-Draft, draft-chen-idr-mbinding-03, 10 November
2023, <https://datatracker.ietf.org/doc/html/draft-chen-
idr-mbinding-03>.
[I-D.chen-pce-mbinding]
Chen, H., Decraene, B., Mishra, G. S., Wang, A., Liu, X.,
and L. Liu, "PCE for Mirror Binding", Work in Progress,
Internet-Draft, draft-chen-pce-mbinding-02, 8 October
2023, <https://datatracker.ietf.org/doc/html/draft-chen-
pce-mbinding-02>.
[I-D.hu-spring-segment-routing-proxy-forwarding]
Hu, Z., Chen, H., Yao, J., Bowers, C., Zhu, Y., and Y.
Liu, "SR-TE Path Midpoint Restoration", Work in Progress,
Internet-Draft, draft-hu-spring-segment-routing-proxy-
forwarding-24, 21 August 2023,
<https://datatracker.ietf.org/doc/html/draft-hu-spring-
segment-routing-proxy-forwarding-24>.
[I-D.ietf-rtgwg-segment-routing-ti-lfa]
Bashandy, A., Litkowski, S., Filsfils, C., Francois, P.,
Decraene, B., and D. Voyer, "Topology Independent Fast
Reroute using Segment Routing", Work in Progress,
Internet-Draft, draft-ietf-rtgwg-segment-routing-ti-lfa-
13, 16 January 2024,
<https://datatracker.ietf.org/doc/html/draft-ietf-rtgwg-
segment-routing-ti-lfa-13>.
[I-D.ietf-spring-segment-protection-sr-te-paths]
Hegde, S., Bowers, C., Litkowski, S., Xu, X., and F. Xu,
"Segment Protection for SR-TE Paths", Work in Progress,
Internet-Draft, draft-ietf-spring-segment-protection-sr-
te-paths-05, 27 September 2023,
<https://datatracker.ietf.org/doc/html/draft-ietf-spring-
segment-protection-sr-te-paths-05>.
[I-D.ietf-spring-segment-routing-policy]
Filsfils, C., Talaulikar, K., Voyer, D., Bogdanov, A., and
P. Mattes, "Segment Routing Policy Architecture", Work in
Progress, Internet-Draft, draft-ietf-spring-segment-
routing-policy-22, 22 March 2022,
<https://datatracker.ietf.org/doc/html/draft-ietf-spring-
segment-routing-policy-22>.
Chen, et al. Expires 4 August 2024 [Page 27]
Internet-Draft SR Binding Protection February 2024
Authors' Addresses
Huaimo Chen
Futurewei
Boston, MA,
United States of America
Email: hchen.ietf@gmail.com
Zhibo Hu
Huawei Technologies
Huawei Bld., No.156 Beiqing Rd.
Beijing
100095
China
Email: huzhibo@huawei.com
Weiqiang Cheng
China Mobile
China
Email: chengweiqiang@chinamobile.com
Aijun Wang
China Telecom
Beiqijia Town, Changping District
Beijing
102209
China
Email: wangaj3@chinatelecom.cn
Gyan S. Mishra
Verizon
13101 Columbia Pike
Silver Spring, MD 20904
United States of America
Phone: 301 502-1347
Email: gyan.s.mishra@verizon.com
Chen, et al. Expires 4 August 2024 [Page 28]