BGP Flow Specification for SRv6
draft-li-idr-flowspec-srv6-05

Document Type Active Internet-Draft (idr WG)
Authors Zhenbin Li  , Lei Li , Huaimo Chen  , Christoph Loibl  , Gyan Mishra  , Yanhe Fan  , Yongqing Zhu  , Lei Liu  , Xufeng Liu 
Last updated 2021-03-29
Stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Formats plain text xml pdf htmlized (tools) htmlized bibtex
Stream WG state Candidate for WG Adoption
Document shepherd No shepherd assigned
IESG IESG state I-D Exists
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                              Z. Li
Internet-Draft                                                     L. Li
Intended status: Standards Track                                  Huawei
Expires: September 30, 2021                                      H. Chen
                                                               Futurewei
                                                                C. Loibl
                                               Next Layer Communications
                                                               G. Mishra
                                                            Verizon Inc.
                                                                  Y. Fan
                                                            Casa Systems
                                                                  Y. Zhu
                                                           China Telecom
                                                                  L. Liu
                                                                 Fujitsu
                                                                  X. Liu
                                                          Volta Networks
                                                          March 29, 2021

                    BGP Flow Specification for SRv6
                     draft-li-idr-flowspec-srv6-05

Abstract

   This document proposes extensions to BGP Flow Specification for SRv6
   for filtering SRv6 packets that match a sequence of conditions.

Requirements Language

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

Li, et al.             Expires September 30, 2021               [Page 1]
Internet-Draft       BGP Flow Specification for SRv6          March 2021

   This Internet-Draft will expire on September 30, 2021.

Copyright Notice

   Copyright (c) 2021 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Definitions and Acronyms  . . . . . . . . . . . . . . . . . .   3
   3.  The Flow Specification Encoding for SRv6  . . . . . . . . . .   4
     3.1.  Type TBD1 - Whole SID . . . . . . . . . . . . . . . . . .   4
     3.2.  Type TBD2 - Some bits of SID  . . . . . . . . . . . . . .   5
   4.  Security Considerations . . . . . . . . . . . . . . . . . . .   6
   5.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   6
   6.  Acknowledgments . . . . . . . . . . . . . . . . . . . . . . .   7
   7.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   7
     7.1.  Normative References  . . . . . . . . . . . . . . . . . .   7
     7.2.  Informative References  . . . . . . . . . . . . . . . . .   7
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .   8

1.  Introduction

   [RFC8955] describes in details about a new BGP NLRI to distribute a
   flow specification, which is an n-tuple comprising a sequence of
   matching criteria that can be applied to IP traffic.  [RFC8956]
   extends [RFC8955] to make it also usable and applicable to IPv6 data
   packets.  [I-D.ietf-idr-flowspec-l2vpn] extends the flow-spec rules
   for layer 2 Ethernet packets.

   Segment Routing (SR) for unicast traffic has been proposed to cope
   with the usecases in traffic engineering, fast re-reroute, service
   chain, etc.  SR architecture can be implemented over an IPv6 data
   plane using a new type of Segment Routing Header (SRH)
   [I-D.ietf-6man-segment-routing-header].  SRv6 Network Programming
   [RFC8986] defines the SRv6 network programming concept and its most
   basic functions.  An SRv6 SID may have the form of LOC:FUNCT:ARGS::.

Li, et al.             Expires September 30, 2021               [Page 2]
Internet-Draft       BGP Flow Specification for SRv6          March 2021

   LOC: Each operator is free to use the locator length it chooses.
   Most often the LOC part of the SID is routable and leads to the node
   which instantiates that SID.

   FUNCT: The FUNCT part of the SID is an opaque identification of a
   local function bound to the SID. (e.g.  End: Endpoint, End.X, End.T,
   End.DX2 etc.).

   ARGS: A function may require additional arguments that would be
   placed immediately after the FUNCT.

   This document specifies two new BGP Flow Specification (FS) component
   types to support Segment Routing over IPv6 data plane (SRv6)
   filtering.  The match field is destination address of IPv6 header,
   but it's a SID copy from SRH rather than a traditional IPv6 address
   (refer to Figure 1).

            +-----------------------------+
 IPv6 Header|     SA      |     DA        |<--Match field of this document
            +--------------------^--------+
                                 |
            +--------------------|--------+
            |             +-------------+ |     +-------------------+
            |             | Segment[0]  +-------> Loc | Func | Args |
            |             +-------------+ |     +-------------------+
            |             | Segment[1]  | |
            |             +-------------+ |
            |             |    ...      | |
   SR Header|             +-------------+ |
            |             | Segment[n]  | |
            |             +-------------+ |
            |             +-------------+ |
            |             ~  Option TLV ~ |
            |             +-------------+ |
            +-----------------------------+

                           Figure 1: Match Field

2.  Definitions and Acronyms

   o  FS: Flow Specification

   o  BGP-FS: Border Gateway Protocol (BGP) Flow Specification (FS)

   o  SR: Segment Routing

   o  SRH: SR Header.

Li, et al.             Expires September 30, 2021               [Page 3]
Internet-Draft       BGP Flow Specification for SRv6          March 2021

   o  SRv6: IPv6 Segment Routing, SRv6 is a method of forwarding IPv6
      packets on the network based on the concept of source routing.

   o  SID: Segment Identifier

   o  BSID: Binding SID

3.  The Flow Specification Encoding for SRv6

   The Flow Specification NLRI-type consists of several optional
   components, each of which begins with a type field (1 octet) followed
   by a variable length parameter. 13 component types are defined in
   [RFC8955] and [RFC8956] for IPv4 and IPv6.  This document defines two
   new component types for SRv6.

3.1.  Type TBD1 - Whole SID

   Encoding: <type (1 octet), [op, value]+>

   Contains a list of {operator, value} pairs that are used to match the
   SID/binding SID or a range of whole SID.

   The operator byte is encoded as:

                          0   1   2   3   4   5   6   7
                        +---+---+---+---+---+---+---+---+
                        | e | a | 0 | 0 | 0 |lt |gt |eq |
                        +---+---+---+---+---+---+---+---+

   Where:

   e - end-of-list bit.  Set in the last {op, value} pair in the
   sequence.

   a - AND bit.  If unset, the previous term is logically ORed with the
   current one.  If set, the operation is a logical AND.  It should be
   unset in the first operator byte of a sequence.  The AND operator has
   higher priority than OR for the purposes of evaluating logical
   expressions.

   0 - SHOULD be set to 0 on NLRI encoding, and MUST be ignored during
   decoding.

   lt - less than comparison between data and value.

   gt - greater than comparison between data and value.

   eq - equality between data and value.

Li, et al.             Expires September 30, 2021               [Page 4]
Internet-Draft       BGP Flow Specification for SRv6          March 2021

   The bits lt, gt, and eq can be combined to match the SID or a range
   of SID (e.g. less than SID1 and greater than SID2).

   The value field is encoded as:

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +---------------------------------------------------------------+
   ~                         SID(128bits)                          ~
   +---------------------------------------------------------------+

   The format of SID is described in
   [I-D.ietf-6man-segment-routing-header] and [RFC8986]

3.2.  Type TBD2 - Some bits of SID

   For some scenarios route policy with the whole 128 bits SID matching
   is too long and not necessary.  [RFC8986] defines the format of SID
   is LOC:FUNCT:ARGS::. In some scenarios, traffic packets can just
   match Locator, Function ID, Argument or some combinations of these
   different fields rather than whole 128 bits SID.  In order to match
   the Function ID (FUNCT), the Locator (LOC) needs to be examined and
   matched first.  The new component type TBD2 defined below is for
   matching some bits of SID.

   Encoding: <type (1 octet), [op, value]+>

   Contains a list of {operator, value} pairs that are used to match
   some bits of SID.

   The operator byte is encoded as:

                           0   1   2   3   4   5   6   7
                        +---+---+---+---+---+---+---+---+
                        | e | a | field type|lt |gt |eq |
                        +---+---+---+---+---+---+---+---+

   Where:

   e and a are the same as defined in Section "Type TBD1 - Whole SID".

   field type:

   000 : SID's LOC bits

   001 : SID's FUNCT bits

   010 : SID's LOC:FUNCT bits

Li, et al.             Expires September 30, 2021               [Page 5]
Internet-Draft       BGP Flow Specification for SRv6          March 2021

   011 : SID's FUNCT:ARGS bits

   lt - less than comparison between data' and value'.

   gt - greater than comparison between data' and value'.

   eq - equality between data' and value'.

   The data' and value' used in lt, gt and eq are indicated by the field
   type in a operator and its corresponding length in the value field
   following the operator.

   The value field is encoded below as the lengths in bits of LOC, FUNCT
   and ARGS followed by the SID rounding up to bytes:

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |  LOC Length   | FUNCT Length  | ARGS Length |    SID          |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   ~                        SID(continue)                          ~
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

   Where:

   LOC Length : 1-octet field indicating the length in bits of LOC in
   SID.

   FUNCT Length : 1-octet field indicating the length in bits of FUNCT
   in SID.

   ARGS Length : 1-octet field indicating the length in bits of ARGS in
   SID.

   SID : the SID containing LOC, FUNCT and ARGS, and rounding up to
   bytes.

4.  Security Considerations

   No new security issues are introduced to the BGP protocol by this
   specification over the security considerations in [RFC8955] and
   [RFC8956].

5.  IANA Considerations

   This section complies with [RFC7153].

Li, et al.             Expires September 30, 2021               [Page 6]
Internet-Draft       BGP Flow Specification for SRv6          March 2021

   Under "Flow Spec IPv6 Component Types" registry, IANA is requested to
   assign the following values:

      +-----------+-------------------+----------------+
      | Value     | Name              | Reference      |
      +-----------+-------------------+----------------+
      | TBD1 (14) | Whole SID         | This Document  |
      +-----------+-------------------+----------------+
      | TBD2 (15) | Some bits of SID  | This Document  |
      +-----------+-------------------+----------------+

6.  Acknowledgments

   The authors would like to thank Joel Halpern, Shunwan Zhuang and
   Rainsword Wang for their valuable suggestions and comments on this
   draft.

7.  References

7.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <https://www.rfc-editor.org/info/rfc2119>.

   [RFC7153]  Rosen, E. and Y. Rekhter, "IANA Registries for BGP
              Extended Communities", RFC 7153, DOI 10.17487/RFC7153,
              March 2014, <https://www.rfc-editor.org/info/rfc7153>.

   [RFC8955]  Loibl, C., Hares, S., Raszuk, R., McPherson, D., and M.
              Bacher, "Dissemination of Flow Specification Rules",
              RFC 8955, DOI 10.17487/RFC8955, December 2020,
              <https://www.rfc-editor.org/info/rfc8955>.

   [RFC8956]  Loibl, C., Ed., Raszuk, R., Ed., and S. Hares, Ed.,
              "Dissemination of Flow Specification Rules for IPv6",
              RFC 8956, DOI 10.17487/RFC8956, December 2020,
              <https://www.rfc-editor.org/info/rfc8956>.

7.2.  Informative References

   [I-D.ietf-6man-segment-routing-header]
              Filsfils, C., Dukes, D., Previdi, S., Leddy, J.,
              Matsushima, S., and D. Voyer, "IPv6 Segment Routing Header
              (SRH)", draft-ietf-6man-segment-routing-header-26 (work in
              progress), October 2019.

Li, et al.             Expires September 30, 2021               [Page 7]
Internet-Draft       BGP Flow Specification for SRv6          March 2021

   [I-D.ietf-idr-flowspec-l2vpn]
              Weiguo, H., Eastlake, D., Litkowski, S., and S. Zhuang,
              "BGP Dissemination of L2 Flow Specification Rules", draft-
              ietf-idr-flowspec-l2vpn-16 (work in progress), November
              2020.

   [RFC8986]  Filsfils, C., Ed., Camarillo, P., Ed., Leddy, J., Voyer,
              D., Matsushima, S., and Z. Li, "Segment Routing over IPv6
              (SRv6) Network Programming", RFC 8986,
              DOI 10.17487/RFC8986, February 2021,
              <https://www.rfc-editor.org/info/rfc8986>.

Authors' Addresses

   Zhenbin Li
   Huawei
   156 Beiqing Road
   Beijing, 100095
   P.R. China

   Email: lizhenbin@huawei.com

   Lei Li
   Huawei
   156 Beiqing Road
   Beijing  100095
   P.R. China

   Email: lily.lilei@huawei.com

   Huaimo Chen
   Futurewei
   Boston, MA
   USA

   Email: Huaimo.chen@futurewei.com

   Christoph Loibl
   Next Layer Communications
   Mariahilfer Guertel 37/7
   Vienna  1150
   AT

   Email: cl@tix.at

Li, et al.             Expires September 30, 2021               [Page 8]
Internet-Draft       BGP Flow Specification for SRv6          March 2021

   Gyan S. Mishra
   Verizon Inc.
   13101 Columbia Pike
   Silver Spring  MD 20904
   USA

   Phone:  301 502-1347
   Email: gyan.s.mishra@verizon.com

   Yanhe Fan
   Casa Systems
   USA

   Email: yfan@casa-systems.com

   Yongqing Zhu
   China Telecom
   109, West Zhongshan Road, Tianhe District
   Guangzhou  510000
   China

   Email: zhuyq.gd@chinatelecom.cn

   Lei Liu
   Fujitsu

   USA

   Email: liulei.kddi@gmail.com

   Xufeng Liu
   Volta Networks

   McLean, VA
   USA

   Email: xufeng.liu.ietf@gmail.com

Li, et al.             Expires September 30, 2021               [Page 9]