Deterministic Networking specific SID

The DetNet Working Group has defined Packet Replication (PRF), Packet Elimination (PEF), and Packet Ordering (POF) Functions (represented as PREOF) to provide service protection by the DetNet service sub-layer . This service protection method relies on copies of the same packet sent over multiple maximally disjoint paths and uses sequencing information to eliminate duplicates. DetNet over an SRv6 data plane can provide a solution to transport sequencing information within a SID. This document describes a DetNet-specific SID (SID = Segment Identifier, ) and a set of related packet processing rules inside an SRv6 domain. The DetNet-specific SID provides Flow-ID and Sequence-Number information for the DetNet service sub-layer functions (i.e., PREOF). The usage of DetNet-specific SID provides a native IPv6 data plane for DetNet networks and supports the implementation of PREOF functionalities on IPv6-only DetNet nodes. It is using native SRv6 technology and does not require additional tunneling or implementation of other protocol stack(s) (e.g., MPLS).

This document uses the terminology established in the DetNet architecture and in the SRv6 Network Programming . The reader is assumed to be familiar with that document and its terminology.

The following abbreviations are used in this document: Arguments. Deterministic Networking. Function. Locator. Packet Elimination Function. Packet Ordering Function. Packet Replication, Elimination and Ordering Functions. Packet Replication Function. Sequence Number.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here.

In SRv6, a SID represents a 128-bit value containing the following three parts : Locator (LOC): first part of the SID with most significant bits and represents a specific SRv6 node. Function (FUNCT): the portion of the SID that is local to the owner node and designates a specific SRv6 function (network instruction) that is executed locally on a particular node (specified by Locator). Arguments (ARG): optional field and represents optional argument(s) to the function. For PREOF processing, two arguments are needed: Flow-ID: defines which DetNet flow the packet belongs to (what is used to determine which PREOF instance has to be used on a node). Its size is 20 bits for the DetNet MPLS data plane and same size is appropriate for DetNet IP data plane as well. Sequence Number: defines the sequencing information, it is created at the DetNet edge node (or by the first PRF node) and used by PEF/POF functionalities. For DetNet MPLS data plane the following sizes are defined: 0/16/28 bits . The required size for these two arguments are maximum 48 bits. The explicit format of DetNet-specific SID is network addressing design specific. PREOF specific parameters are encoded as follows: LOC: specifies the DetNet Relay node (same allocation rule applies as for any SRv6-enabled node). FUNCT: a single value represents all PREOF instances of a DetNet Relay node. ARG: Contains the Flow-ID and the Sequence Number parameters. Note: if Function=PREOF, Arg=0 is also a meaningful value and does not refer to the lack of arguments. The DetNet-specific SID must be the last segment in an SR Policy! The following packet processing rules are defined as a new set of SRv6 SID behaviors regarding the DetNet-specific SID: (i) End.PREOF, (ii) H.Encaps.PREOF, (iii) H.Encaps.PREOF.Red, (iv) H.Encaps.PREOF.L2, and (v) H.Encaps.PREOF.L2.Red.

When a node "N" receives a packet whose IPv6 DA is "S" and "S" is a local End.PREOF SID, "N" does the following:

When a node "N" receives a packet P=(A, B) identified as a DetNet Flow. B is neither a local address nor SID of "N". It executes the DetNet Flow related PREOF functions, resulting in one or more member flow (P1=(A, B), P2=(A, B), ...) with related parameters ([Flow-ID1, SeqNum], [Flow-ID2, SeqNum], ...). Node "N" is configured with an IPv6 address "T" (e.g., assigned to its loopback). "N" steers the egress packet P1 into an SRv6 Policy with a Source Address T and a segment list SP1=<S11, S12, S13>, where S13 is a DetNet-specific SID (LOC+FUNCT) with 0 as ARG. The H.Encaps.PREOF encapsulation behavior is defined as follows (SA: source address, DA: destination address): After the H.Encaps.PREOF behavior, P1, and P2 respectively look like: (T, S11) (S13, S12, S11; SL=2) (A, B), note: S13.ARG=Flow-ID1, SeqNum (T, S21) (S23, S22, S21; SL=2) (A, B), note: S23.ARG=Flow-ID2, SeqNum The member flow packet is encapsulated unmodified (with the exception of the IPv4 TTL or IPv6 Hop Limit that is decremented). The push of the SRH MAY be omitted when the SRv6 Policy only contains one segment and there is no need to use any flag, tag, or TLV. In such cases the outer destination address is the DetNet-specific SID.

The H.Encaps.PREOF.Red behavior is an optimization of the H.Encaps.PREOF behavior. H.Encaps.PREOF.Red reduces the length of the SRH by excluding the first SID in the SRH of the pushed IPv6 header. The first SID is only placed in the Destination Address field of the pushed IPv6 header. After the H.Encaps.PREOF.Red behavior, P1, and P2 respectively look like: (T, S11) (S13, S12; SL=2) (A, B), note: S13.ARG=Flow-ID1, SeqNum (T, S21) (S23, S22; SL=2) (A, B), note: S23.ARG=Flow-ID2, SeqNum

The H.Encaps.PREOF.L2 behavior encapsulates a received Ethernet frame and its attached VLAN header, if present, in an IPv6 packet with an SRH. The Ethernet frame becomes the payload of the new IPv6 packet. The H.Encaps.PREOF.L2 encapsulation behavior is similar to H.Encaps.PREOF but sets an Ethernet specific outer Next Header and lacks the TTL/Hop Limit related action. H.Encaps.PREOF.L2 is defined as follows: S06. Submit the packet to the IPv6 module for transmission to S11 ]]> The Next Header field of the SRH MUST be set to 143. The push of the SRH MAY be omitted when the SRv6 Policy only contains one segment and there is no need to use any flag, tag, or TLV. The encapsulating node MUST remove the preamble (if any) and frame check sequence (FCS) from the Ethernet frame upon encapsulation, and the decapsulating node MUST regenerate, as required, the preamble and FCS before forwarding the Ethernet frame.

The H.Encaps.PREOF.L2.Red behavior is an optimization of the H.Encaps.PREOF.L2 behavior. H.Encaps.PREOF.L2.Red reduces the length of the SRH by excluding the first SID in the SRH of the pushed IPv6 header. The first SID is only placed in the Destination Address field of the pushed IPv6 header. The push of the SRH MAY be omitted when the SRv6 Policy only contains one segment and there is no need to use any flag, tag, or TLV.

PREOF implementation may provide counters per DetNet flow. However, in order to be inline with the intention of RFC8986 (section 6. Counters), its recommendation may apply on the DetNet-specific SID and the above described set of SR Behaviors. It means, a node supporting DetNet-specific SID should implement a pair of traffic counters (one for packets and one for bytes) per local SID entry, for traffic that matched that SID and was processed successfully (i.e., packets that generate ICMP Error Messages or are dropped are not counted). The retrieval of these counters from MIB, NETCONF/YANG, or any other data structure is outside the scope of this document.

DetNet PREOF related security considerations are described in section 3.3 of . There are no additional related security considerations originating from this document. SRv6 Network Programming related security considerations are described in section 9 of . There are no additional related security considerations originating from this document.

This document makes no IANA requests.

Authors extend their appreciation to Janos Farkas, Istvan Moldovan and Miklos Mate for their insightful comments and productive discussion that helped to improve the document.