Path Computation Element Communication Protocol (PCEP) extensions for SRv6 Policy SID List Optimization

Path Computation Element Communication Protocol (PCEP) extensions for SRv6 Policy SID List Optimization Cisco Systems, Inc.

zali@cisco.com

New H3C Technologies

linchangwang.04414@h3c.com

China Mobile

liuyisong@chinamobile.com

Cisco Systems, Inc.

melarco@cisco.com

ZTE Corporation

chen.ran@zte.com.cn

Huawei Technologies

c.l@huawei.com

New H3C Technologies

qiuyuanxiang@h3c.com

Cisco Systems, Inc.

ssidor@cisco.com

Routing PCE Working Group In some use cases, an SRv6 policy's SID list ends with the policy endpoint's node SID, and the traffic steered (over policy) already ensures that it is taken to the policy endpoint. In such cases, the SID list can be optimized by excluding the endpoint Node SID when installing the policy. This draft specifies a PCEP extension to indicate whether the endpoint's node SID needs to be included or excluded when installing the SRv6 Policy. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here.

Segment Routing (SR) allows a node to steer a packet flow along any path. A Segment Routing Policy (SR Policy) is an ordered list of segments that represent a source-routed policy. The headend node is said to steer a flow into an SR Policy. The packets steered into an SR Policy have an ordered list of segments associated with that SR Policy written into them. Segment Routing Policy Architecture updates as it details the concepts of SR Policy and steering into an SR Policy. describes the representation and processing of this ordered list of segments for Segment Routing over IPv6 (SRv6). specifies PCEP extensions to support SR for the IPv6 data plane. A PCE computes the SRv6 TE Policy SID list from the headend to the endpoint. The computed SID list may end with the policy endpoint's Node SID or the penultimate hop adjacency SID. If the computed SID list ends with the policy endpoint's node SID and the overlay SID in the steered traffic (over policy) already ensures that the traffic is taken to the policy endpoint with the same intent, the SRv6 policy endpoint device needs to process back-to-back local node SIDs. Examples of overlay SID containing the local node SID are a service SID, a binding SID for transit policies, an EPE SID, etc. From a compression efficiency viewpoint, carrying back-to-back end-point node SID is inefficient. The SID list in the packet can be optimized by excluding the end-point node SID when installing the policy. End-point node SID exclusion improves the compression efficiency and makes packet processing more efficient for the policy endpoint. Excluding the policy endpoint's node SID is possible in most use cases, but not all. For example, if the SRv6 policy is used to carry MPLS traffic, as described in [I-D.draft-agrawal-spring-srv6-mpls-interworking], it is not possible to exclude the policy endpoint's node SID. Specifically, the endpoint's node SID inclusion or exclusion is a policy attribute. This draft specifies a PCEP extension to include or exclude the node SID when installing the SRv6 Policy.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here.

This document uses the following terms defined in : PCC, PCE, PCEP, PCEP Peer. SR: Segment Routing. SID: Segment Identifier. SRv6: Segment Routing over IPv6 data plane.

The draft specifies a new SRPOLICY-POL-ATTRIBUTE TLV for the SR Policy Association object defined in [I-D.draft-ietf-pce-segment-routing-policy-cp]. The SRPOLICY-POL-ATTRIBUTE TLV is optional.

Type: TBD1 for "SRPOLICY-POL-ATTRIBUTE" TLV.
Length: 4.
Flags: The unassigned bits in the Flag octet MUST be set to zero upon transmission and MUST be ignored upon receipt.

This document specifies I-flag (endpoint node SID Inclusion flag) bit in the Flags field of "SRPOLICY-POL-ATTRIBUTE" TLV specified in this document. The flag is applicable only to SR policies with SRv6 data plane. The flag MUST be ignored for SR policies with SR-MPLS data planee. I (endpoint node SID Inclusion) - 1 bit (Bit Position TBD2):

If set to 1, the endpoint node SID MUST be included when installing the SRv6 Policy SID list(s) used to carry the data traffic.
If set to 0, the endpoint node SID MUST NOT be included when installing the SRv6 Policy SID list(s) used to carry the data traffic.

I-flag (endpoint node SID Inclusion capability flag) is proposed in the SRv6-PCE-CAPABILITY sub-TLV defined in [RFC9603]. The bit position for the flag in the SRv6 Capability Flag Field registry is to be defined by IANA. I (endpoint node SID Inclusion capability flag) - 1 bit (Bit Position TBD3):

If set to 1, it indicates support for the I-flag in the SRPOLICY-POL-ATTRIBUTE TLV.

A PCEP speaker indicates its ability to support I-flag in the Flags field of the SRPOLICY-POL-ATTRIBUTE TLV during the PCEP initialization phase by setting the I-flag in the SRv6-PCE-CAPABILITY sub-TLV in the Open message. A PCEP peer indicates the inclusion or exclusion of the endpoint's Node SID in I-flag in the Flags field of the SRPOLICY-POL-ATTRIBUTE TLV. A PCEP peer MUST NOT set the I-flag flag if capability was not advertised by both peers. If the PCEP peers are capable of supporting the I-flag and the I-flag in the Flags field of the SRPOLICY-POL-ATTRIBUTE TLV is set, the PCC MUST include the endpoint node SID when installing the SRv6 Policy sid list(s) used to carry data traffic. If the PCEP peers are capable of supporting the I-flag and the I-flag in the Flags field of the SRPOLICY-POL-ATTRIBUTE TLV is not set, the PCC MUST NOT include the endpoint node SID when installing the SRv6 Policy sid list(s) used to carry data traffic. I-flag value in the Flags field of the SRPOLICY-POL-ATTRIBUTE TLV MUST NOT change for a given SRv6 Policy Candidate Path during its lifetime. Local policy at PCC MAY override the I-flag. PCE ignores the I-flag received from the PCC when computing the path and computes the SRv6 Policy SID list from the headend to the endpoint. PCE MAY use the I-flag value for debugging purposes.

If at least one PCEP peer is not capable of supporting the I-flag, the endpoint Node SID inclusion/exclusion SHOULD be set based on local policy at the PCC.

defines the notion of an SR domain and use of SRH within the SR domain. Procedures for securing an SR domain are defined the section 5.1 and section 7 of . This document does not impose any additional security challenges to be considered beyond security threats described in , and .

TBA

The authors would like to thank Ketan Talaulikar for the review comments.