Network Working Group J. Zhao Internet Draft W. Lyu Intended status: Standards Track China Unicom Expires: January 8, 2025 July 8, 2024 The Correspondence between Packets and SRv6 Tunnels draft-zhao-spring-srh-extended-srv6-policy-key-00 Abstract This paper defines a new extension header-SRv6 Policy Key to focusing on the problems of timeliness and accuracy of controller-aware paths in SRv6 networks. The scheme enables network nodes to report path information to the controller by adding a path unique identifier to the message header, which ensures that the controller has a real-time and accurate picture of the SR path status. Even if the SID is lost in transmission or the controller is unable to monitor it in real time and accurately. This approach aims to network availability and O&M efficiency of SDN, particularly in scenarios involving multi-path tunnel configurations and load balancing. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. Zhao, et al. Expire January 8, 2025 [Page 1] Internet-Draft Mapping Packets to SRv6 Tunnels July 2024 The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html This Internet-Draft will expire on January 8, 2025. Copyright Notice Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Zhao, et al. Expire January 8, 2025 [Page 2] Internet-Draft Mapping Packets to SRv6 Tunnels July 2024 Table of Contents 1. Introduction..................................................3 1.1. Requirements Language.......................................4 1.2. Terminology.................................................5 2. SRv6 Policy KEY...............................................5 2.1. Format of an SRv6 Policy KEY................................5 2.2. SRv6 Policy KEY TLV.........................................6 3. Use Cases and Requirements....................................7 3.1. Case 1......................................................7 3.2. Case 2......................................................7 4. Functional Description........................................8 4.1. Function1: Path Consistency Verification....................8 4.2. Function2: Service flow analysis function...................8 4.3. Function3: Controller path visualization....................8 5. Security Considerations.......................................9 6. IANA Considerations...........................................9 7. References....................................................9 7.1. Normative References........................................9 7.2. Informational References...................................10 Authors' Addresses..............................................11 Zhao, et al. Expire January 8, 2025 [Page 3] Internet-Draft Mapping Packets to SRv6 Tunnels July 2024 1. Introduction In SRv6 networks, the software-defined network (SDN) controller, as a core component, is responsible for the centralized management and dynamic configuration of network resources. It is the key to achieving network flexibility and intelligence. In SR, a path needs to be identified for several use cases such as binding bidirectional paths [I-D.ietf-pce-sr-bidir-path] and end-to-end performance measurement [I-D.gandhi-spring-udp-pm]. Currently, the controller's perception of SRv6 message paths only relies only on theoretical derivation, which is limitated in timeliness and accuracy. Specifically, there exists an inherent latency in the controller's update of the network state, and the state acquisition mechanism can occasionally malfunction, necessitating a secondary refresh for validation. This poses a significant challenge for scenarios that rely heavily on real-time state information for path computation and decision-making processes. Using the configuration of multipath tunnels as an example, ideally, it ought to dynamically adjust traffic routing based on the master-standby relationships and priority levels of the three preconfigured tunnels. This adjustment is crucial to ensuring the high availability and operational efficiency of the network. However, in practical application, due to the latency in the controller's state sensing, it may fail to promptly react to the real-time alterations in network linkages. This delay leads to inaccurate path determinations, impacting the efficacy of operations such as traffic metering and appropriate traffic direction. Moreover, in scenarios involving load balancing across tunnels, where a singular path encompasses multiple parallel sub-paths, the traffic distribution strategies based on hashing rules or random device allocation can enhance bandwidth utilization efficiency. However, they concurrently escalate the intricacy of operational maintenance monitoring. This is because the current mechanisms struggle to track and validate the actual forwarding routes of packets in real-time, thereby complicating the operation and maintenance oversight. In order to solve the above problems, this paper defines a new SRH extension header called "SRv6 Policy Key", which is used to identify the tunnel. This identifier is conveyed through the message header and communicated to the controller by way of the network node. This process empowers the controller to discern the SR path, thereby bolstering its state-aware capabilities within the Segment Routing domain. As a result, the controller is enabled to apprehend the network's real-time status with greater speed and accuracy. This enhancement significantly aids in the facilitation of operational maintenance decision-making processes. Zhao, et al. Expire January 8, 2025 [Page 4] Internet-Draft Mapping Packets to SRv6 Tunnels July 2024 1.1. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. 1.2. Terminology SID: Segment ID. SRH: Segment Routing Header [RFC8754]. SR-MPLS: Segment Routing with MPLS data plane. Further, this document makes use of the terms defined in [RFC8402] and [RFC8986]. 2. SRv6 Policy KEY 2.1. Format of an SRv6 Policy KEY 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Next Header | Hdr Ext Len | Routing Type | Segments Left | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Last Entry | Flags | Tag | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Segment List[0] (128-bit IPv6 address) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Segment List[n] (128-bit IPv6 address) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | SRv6 Policy KEY | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ // // // Optional Type Length Value objects (variable) // // // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 1: Format of an SRv6 Policy KEY Zhao, et al. Expire January 8, 2025 [Page 5] Internet-Draft Mapping Packets to SRv6 Tunnels July 2024 2.2. SRv6 Policy KEY TLV 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | Flags | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Preference | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Policy Color | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Headend | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Endpoint | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 2: SRv6 Policy KEY TLV Type: An 8-bit code point. Length: The length of the variable-length data field in bytes 6. Flags: 8bit, marks list. Preference: 32bit, marks SRv6 Policy Candidate Path. Policy Color: 32bit, a Color of SRv6 Policy. Headend: 128bit, first node of SRv6 Policy. Endpoint: 128bit, destination address of SRv6 Policy. Zhao, et al. Expire January 8, 2025 [Page 6] Internet-Draft Mapping Packets to SRv6 Tunnels July 2024 3. Use Cases and Requirements 3.1. Case 1 The controller cannot sense packet paths in real-time. The SRv6 Policy Key confronts this limitation by offering distinctive identifiers for each path, thereby enhancing the controller's ability to identify actual paths in real-time. The accuracy of deducing real paths is impeded by the latency in sensing path information. In light of the challenges posed by delays in link state updates and the necessity for revalidation of initially detected anomalies, coupled with the issue of delayed updates to network device configurations, the SRv6 Policy Key fortifies the controller’s capability for instantaneous path recognition. By embedding a unique identifier for each path, the SRv6 Policy Key effectively mitigates the difficulties associated with making path decisions reliant on immediate information. This enhancement ensures the accuracy and efficiency of network control, facilitating superior decision-making based on real-time data." This is evident in two scenarios: 1. In the architectural design featuring triple-redundant tunnels, achieving a seamless switch-over between the primary and backup tunnels necessitates a precise awareness of the state of each path to uphold uninterrupted service delivery. 2. Under the policy of single-tunnel multipath, traffic is dynamically distributed based on link conditions and priority levels. This requires accurate path awareness to ensure efficient traffic handling and optimization, thus maximizing network performance. 3.2. Case 2 The controller cannot sense it in real-time. In intricate network load-balancing scenarios, a single path is bifurcated into three concurrent sub-paths to collaboratively bear traffic load, with allocation executed randomly by devices following designated hash rules. While this mechanism enhances bandwidth utilization, it presents the challenge of not being able to deduce the actual path taken, thereby introducing complexities to Operation & Maintenance (O&M)management and hindering fault diagnosis and resolution. Through the SRv6 Policy Key, the controller can attain real-time visibility of paths, thereby overcoming the uncertainty and unpredictability of paths engendered by the original random allocation mechanism. Zhao, et al. Expire January 8, 2025 [Page 7] Internet-Draft Mapping Packets to SRv6 Tunnels July 2024 4. Functional Description By precisely ascertaining the actual path of message transmission, the management and control capabilities of the SDN controller can be significantly enhanced. 4.1. Function1: Path Consistency Verification The awareness of actual paths ensures the controller can accurately evaluate the congruence between the factual routes of data transmission and the pre-established ideal paths. This procedure encompasses a systematic comparison of network packets'forwarding trajectories against the planned routes, aiming to detect and rectify potential deviations in path. Consequently, this boosts the network's reliability and operational efficiency. 4.2. Function2: Service flow analysis function A network node can document the traversal of SRv6 Policies, Candidate Paths, and Lists, and accumulate statistics in accordance with the service logic at these three hierarchical levels. In instances of node upgrade or relocation, the impacted services can thus be identified. Network nodes are capable of gathering traffic statistics based on the SRv6 Policies, Candidate Paths, and Lists that traverse the node, correlating these statistics with the service logic at the three tiers. 4.3. Function3: Controller path visualization The controller gathers the header information from packets processed at each network node and conducts statistical analyses, thereby enriching the visibility and manageability of network path data. Zhao, et al. Expire January 8, 2025 [Page 8] Internet-Draft Mapping Packets to SRv6 Tunnels July 2024 5. Security Considerations TBD. 6. IANA Considerations TBD. 7. References 7.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC8754] Filsfils, C., Ed., Dukes, D., Ed., Previdi, S., Leddy, J., Matsushima, S., and D. Voyer, "IPv6 Segment Routing Header (SRH)", RFC 8754, DOI 10.17487/RFC8754, March 2020, . [RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L., Decraene, B.,Litkowski, S., and R. Shakir, "Segment Routing Architecture", RFC 8402, DOI 10.17487/RFC8402, July 2018, . [RFC8986] Filsfils, C., Ed., Camarillo, P., Ed., Leddy, J., Voyer, D., Matsushima, S., and Z. Li, "Segment Routing over IPv6 (SRv6) Network Programming", RFC 8986, DOI 10.17487/RFC8986, February 2021, . [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, . Zhao, et al. Expire January 8, 2025 [Page 9] Internet-Draft Mapping Packets to SRv6 Tunnels July 2024 6.2. Informational References [I-D.gandhi-spring-udp-pm] Gandhi, R., Filsfils, C., Voyer, D., Salsano, S., Ventre, P. L., and M. Chen, "UDP Path for In-band Performance Measurement for Segment Routing Networks", Work in Progress, Internet-Draft, draft-gandhi-spring-udp-pm-02, 14 September 2018, . [I-D.ietf-pce-sr-bidir-path] Li, C., Chen, M., Cheng, W., Gandhi, R., and Q. Xiong, "Path Computation Element Communication Protocol (PCEP) Extensions for Associated Bidirectional Segment Routing (SR) Paths", Work in Progress, Internet-Draft, draft-ietf-pce-sr-bidir-path-13, 13 February 2024, . Zhao, et al. Expire January 8, 2025 [Page 10] Internet-Draft Mapping Packets to SRv6 Tunnels July 2024 Authors' Addresses Jing Zhao China Unicom China Email:zhaoj501@chinaunicom.cn Wenxiang Lyu China Unicom China Email:lvwx28@chinaunicom.cn Zhao, et al. Expire January 8, 2025 [Page 11]