rfc9830.original   rfc9830.txt 
Network Working Group S. Previdi Internet Engineering Task Force (IETF) S. Previdi
Internet-Draft Huawei Technologies Request for Comments: 9830 Huawei Technologies
Updates: 9012 (if approved) C. Filsfils Updates: 9012 C. Filsfils
Intended status: Standards Track K. Talaulikar, Ed. Category: Standards Track K. Talaulikar, Ed.
Expires: 10 August 2025 Cisco Systems ISSN: 2070-1721 Cisco Systems
P. Mattes P. Mattes
Microsoft Microsoft
D. Jain D. Jain
Google Google
6 February 2025 July 2025
Advertising Segment Routing Policies in BGP Advertising Segment Routing Policies in BGP
draft-ietf-idr-sr-policy-safi-13
Abstract Abstract
A Segment Routing (SR) Policy is an ordered list of segments (also A Segment Routing (SR) Policy is an ordered list of segments (also
referred to as instructions) that define a source-routed policy. An referred to as "instructions") that define a source-routed policy.
SR Policy consists of one or more candidate paths, each comprising An SR Policy consists of one or more candidate paths, each comprising
one or more segment lists. A headend can be provisioned with these one or more segment lists. A headend can be provisioned with these
candidate paths using various mechanisms, such as CLI, NETCONF, PCEP, candidate paths using various mechanisms such as Command-Line
or BGP. Interface (CLI), Network Configuration Protocol (NETCONF), Path
Computation Element Communication Protocol (PCEP), or BGP.
This document specifies how BGP can be used to distribute SR Policy This document specifies how BGP can be used to distribute SR Policy
candidate paths. It introduces a BGP SAFI for advertising a candidate paths. It introduces a BGP SAFI for advertising a
candidate path of an SR Policy and defines sub-TLVs for the Tunnel candidate path of an SR Policy and defines sub-TLVs for the Tunnel
Encapsulation Attribute to signal information related to these Encapsulation Attribute to signal information related to these
candidate paths. candidate paths.
Furthermore, this document updates RFC9012 by extending the Color Furthermore, this document updates RFC 9012 by extending the Color
Extended Community to support additional steering modes over SR Extended Community to support additional steering modes over SR
Policy. Policy.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This is an Internet Standards Track document.
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering This document is a product of the Internet Engineering Task Force
Task Force (IETF). Note that other groups may also distribute (IETF). It represents the consensus of the IETF community. It has
working documents as Internet-Drafts. The list of current Internet- received public review and has been approved for publication by the
Drafts is at https://datatracker.ietf.org/drafts/current/. Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 7841.
Internet-Drafts are draft documents valid for a maximum of six months Information about the current status of this document, any errata,
and may be updated, replaced, or obsoleted by other documents at any and how to provide feedback on it may be obtained at
time. It is inappropriate to use Internet-Drafts as reference https://www.rfc-editor.org/info/rfc9830.
material or to cite them other than as "work in progress."
This Internet-Draft will expire on 10 August 2025.
Copyright Notice Copyright Notice
Copyright (c) 2025 IETF Trust and the persons identified as the Copyright (c) 2025 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents
license-info) in effect on the date of publication of this document. (https://trustee.ietf.org/license-info) in effect on the date of
Please review these documents carefully, as they describe your rights publication of this document. Please review these documents
and restrictions with respect to this document. Code Components carefully, as they describe your rights and restrictions with respect
extracted from this document must include Revised BSD License text as to this document. Code Components extracted from this document must
described in Section 4.e of the Trust Legal Provisions and are include Revised BSD License text as described in Section 4.e of the
provided without warranty as described in the Revised BSD License. Trust Legal Provisions and are provided without warranty as described
in the Revised BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction
1.1. Requirements Language . . . . . . . . . . . . . . . . . . 6 1.1. Requirements Language
2. SR Policy Encoding . . . . . . . . . . . . . . . . . . . . . 6 2. SR Policy Encoding
2.1. SR Policy SAFI and NLRI . . . . . . . . . . . . . . . . . 6 2.1. SR Policy SAFI and NLRI
2.2. SR Policy and Tunnel Encapsulation Attribute . . . . . . 8 2.2. SR Policy and Tunnel Encapsulation Attribute
2.3. Applicability of Tunnel Encapsulation Attribute 2.3. Applicability of Tunnel Encapsulation Attribute Sub-TLVs
Sub-TLVs . . . . . . . . . . . . . . . . . . . . . . . . 10 2.4. SR Policy Sub-TLVs
2.4. SR Policy Sub-TLVs . . . . . . . . . . . . . . . . . . . 10 2.4.1. Preference Sub-TLV
2.4.1. Preference Sub-TLV . . . . . . . . . . . . . . . . . 11 2.4.2. Binding SID Sub-TLV
2.4.2. Binding SID Sub-TLV . . . . . . . . . . . . . . . . . 11 2.4.3. SRv6 Binding SID Sub-TLV
2.4.3. SRv6 Binding SID Sub-TLV . . . . . . . . . . . . . . 13 2.4.4. Segment List Sub-TLV
2.4.4. Segment List Sub-TLV . . . . . . . . . . . . . . . . 15 2.4.5. Explicit NULL Label Policy Sub-TLV
2.4.5. Explicit NULL Label Policy Sub-TLV . . . . . . . . . 21 2.4.6. Policy Priority Sub-TLV
2.4.6. Policy Priority Sub-TLV . . . . . . . . . . . . . . . 23 2.4.7. Policy Candidate Path Name Sub-TLV
2.4.7. Policy Candidate Path Name Sub-TLV . . . . . . . . . 23 2.4.8. Policy Name Sub-TLV
2.4.8. Policy Name Sub-TLV . . . . . . . . . . . . . . . . . 24 3. Color Extended Community
3. Color Extended Community . . . . . . . . . . . . . . . . . . 26 4. SR Policy Operations
4. SR Policy Operations . . . . . . . . . . . . . . . . . . . . 27 4.1. Advertisement of SR Policies
4.1. Advertisement of SR Policies . . . . . . . . . . . . . . 27 4.2. Reception of an SR Policy NLRI
4.2. Reception of an SR Policy NLRI . . . . . . . . . . . . . 27 4.2.1. Validation of an SR Policy NLRI
4.2.1. Validation of an SR Policy NLRI . . . . . . . . . . . 28 4.2.2. Eligibility for Local Use of an SR Policy NLRI
4.2.2. Eligibility for Local Use of an SR Policy NLRI . . . 28 4.2.3. Propagation of an SR Policy
4.2.3. Propagation of an SR Policy . . . . . . . . . . . . . 29 5. Error Handling and Fault Management
5. Error Handling and Fault Management . . . . . . . . . . . . . 29 6. IANA Considerations
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 30 6.1. Subsequent Address Family Identifiers (SAFI) Parameters
6.1. Subsequent Address Family Identifiers (SAFI) 6.2. BGP Tunnel Encapsulation Attribute Tunnel Types
Parameters . . . . . . . . . . . . . . . . . . . . . . . 31 6.3. BGP Tunnel Encapsulation Attribute Sub-TLVs
6.2. BGP Tunnel Encapsulation Attribute Tunnel Types . . . . . 31 6.4. Color Extended Community Flags
6.3. BGP Tunnel Encapsulation Attribute sub-TLVs . . . . . . . 32 6.5. SR Policy Segment List Sub-TLVs
6.4. Color Extended Community Flags . . . . . . . . . . . . . 32 6.6. SR Policy Binding SID Flags
6.5. SR Policy Segment List Sub-TLVs . . . . . . . . . . . . . 32 6.7. SR Policy SRv6 Binding SID Flags
6.6. SR Policy Binding SID Flags . . . . . . . . . . . . . . . 33 6.8. SR Policy Segment Flags
6.7. SR Policy SRv6 Binding SID Flags . . . . . . . . . . . . 33 6.9. Color Extended Community Color-Only Types
6.8. SR Policy Segment Flags . . . . . . . . . . . . . . . . . 34 6.10. SR Policy ENLP Values
6.9. Color Extended Community Color-Only Types . . . . . . . . 34 7. Security Considerations
6.10. SR Policy ENLP Values . . . . . . . . . . . . . . . . . . 35 8. Manageability Considerations
7. Security Considerations . . . . . . . . . . . . . . . . . . . 35 9. References
8. Manageability Considerations . . . . . . . . . . . . . . . . 36 9.1. Normative References
9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 36 9.2. Informative References
10. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 37 Acknowledgments
11. References . . . . . . . . . . . . . . . . . . . . . . . . . 38 Contributors
11.1. Normative References . . . . . . . . . . . . . . . . . . 38 Authors' Addresses
11.2. Informational References . . . . . . . . . . . . . . . . 40
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 41
1. Introduction 1. Introduction
Segment Routing (SR) [RFC8402] allows a headend node to steer a Segment Routing (SR) [RFC8402] allows a headend node to steer a
packet flow along a specific path. Intermediate per-path states are packet flow along a specific path. Intermediate per-path states are
eliminated thanks to source routing. eliminated thanks to source routing.
The headend node is said to steer a flow into an SR Policy [RFC9256]. The headend node is said to steer a flow into an SR Policy [RFC9256].
The packets steered into an SR Policy carry an ordered list of The packets steered into an SR Policy carry an ordered list of
segments associated with that SR Policy. segments associated with that SR Policy.
[RFC9256] further details the concepts of SR Policy and steering into [RFC9256] further details the concepts of SR Policy and steering into
an SR Policy. These apply equally to the SR-MPLS and Segment Routing an SR Policy. These apply equally to the SR-MPLS and Segment Routing
for IPv6 (SRv6) data-plane instantiations of Segment Routing using for IPv6 (SRv6) data plane instantiations of Segment Routing using
SR-MPLS and SRv6 Segment Identifiers (SIDs) as described in SR-MPLS and SRv6 Segment Identifiers (SIDs) as described in
[RFC8402]. [RFC8660] describes the representation and processing of [RFC8402]. [RFC8660] describes the representation and processing of
this ordered list of segments as an MPLS label stack for SR-MPLS. this ordered list of segments as an MPLS label stack for SR-MPLS.
While [RFC8754] and [RFC8986] describe the same for SRv6 with the use [RFC8754] and [RFC8986] describe the same for SRv6 with the use of
of the Segment Routing Header (SRH). the Segment Routing Header (SRH).
The SR Policy related functionality described in [RFC9256] can be The functionality related to SR Policy described in [RFC9256] can be
conceptually viewed as being incorporated in an SR Policy Module conceptually viewed as being incorporated in an SR Policy Module
(SRPM). Following is a reminder of the high-level functionality of (SRPM). The following is a reminder of the high-level functionality
SRPM: of SRPM:
* Learning multiple candidate paths (CP) for an SR Policy via * Learning multiple candidate paths (CPs) for an SR Policy via
various mechanisms (CLI, NETCONF, PCEP, or BGP). various mechanisms (CLI, NETCONF, PCEP, or BGP).
* Selection of the best candidate path for an SR Policy. * Selection of the best candidate path for an SR Policy.
* Associating a Binding SID (BSID) to the selected candidate path of * Associating a Binding SID (BSID) to the selected candidate path of
an SR Policy. an SR Policy.
* Installation of the selected candidate path and its BSID in the * Installation of the selected candidate path and its BSID in the
forwarding plane. forwarding plane.
This document specifies the use of BGP to distribute one or more of This document specifies the use of BGP to distribute one or more of
the candidate paths of an SR Policy to the headend of that policy. the candidate paths of an SR Policy to the headend of that SR Policy.
The document describes the functionality provided by BGP and, as The document describes the functionality provided by BGP and, as
appropriate, provides references for the functionality which is appropriate, provides references for the functionality, which is
outside the scope of BGP (i.e. resides within SRPM on the headend outside the scope of BGP (i.e., resides within SRPM on the headend
node). node).
This document specifies a way of representing SR Policy candidate This document specifies a way of representing SR Policy candidate
paths in BGP UPDATE messages. BGP can then be used to propagate the paths in BGP UPDATE messages. BGP can then be used to propagate the
SR Policy candidate paths to the headend nodes in a network. The SR Policy candidate paths to the headend nodes in a network. The
usual BGP rules for BGP propagation and best-path selection are used. usual BGP rules for BGP propagation and best-path selection are used.
At the headend of a specific policy, this will result in one or more At the headend of a specific policy, this will result in one or more
candidate paths being installed into the "BGP table". These paths candidate paths being installed into the "BGP table". These paths
are then passed to the SRPM. The SRPM may compare them to candidate are then passed to the SRPM. The SRPM may compare them to candidate
paths learned via other mechanisms and will choose one or more paths paths learned via other mechanisms and will choose one or more paths
to be installed in the data plane. BGP itself does not install SR to be installed in the data plane. BGP itself does not install SR
Policy candidate paths into the data plane. Policy candidate paths into the data plane.
This document introduces a BGP subsequent address family (SAFI) for This document introduces a BGP Subsequent Address Family Identifier
IPv4 and IPv6 address families. In UPDATE messages of those AFI/ (SAFI) for IPv4 and IPv6 address families. In UPDATE messages of
SAFIs, the Network Layer Reachability Information (NLRI) identifies those AFI/SAFIs, the Network Layer Reachability Information (NLRI)
an SR Policy Candidate Path while the attributes encode the segment identifies an SR Policy Candidate Path while the attributes encode
lists and other details of that SR Policy Candidate Path. the segment lists and other details of that SR Policy Candidate Path.
While for simplicity the text in this document states that BGP While, for simplicity, the text in this document states that BGP
advertises an SR Policy, it is to be understood that BGP advertises a advertises an SR Policy, it is to be understood that BGP advertises a
candidate path of an SR policy and that this SR Policy might have candidate path of an SR policy and that this SR Policy might have
several other candidate paths provided via BGP (via an NLRI with a several other candidate paths provided via BGP (via an NLRI with a
different distinguisher as defined in Section 2.1), PCEP, NETCONF, or different distinguisher as defined in Section 2.1), PCEP, NETCONF, or
local policy configuration. local policy configuration.
Typically, a SR Policy Controller [RFC9256] defines the set of Typically, an SR Policy Controller [RFC9256] defines the set of
policies and advertises them to policy headend routers (typically policies and advertises them to policy headend routers (typically
ingress routers). These policy advertisements use the BGP extensions ingress routers). These policy advertisements use the BGP extensions
defined in this document. In most cases, the policy advertisement is defined in this document. In most cases, the policy advertisement is
tailored for a specific policy headend; consequently, it may be tailored for a specific policy headend; consequently, it may be
transmitted over a direct BGP session (i.e., without intermediate BGP transmitted over a direct BGP session (i.e., without intermediate BGP
hops) to that headend and is not propagated any further. In such hops) to that headend and is not propagated any further. In such
cases, the policy advertisements will not traverse any Route cases, the policy advertisements will not traverse any Route
Reflector (RR, [RFC4456]) (see Section 4.2.3). Reflector (RR) (see [RFC4456] and Section 4.2.3).
Alternatively, a BGP egress router may advertise SR Policies that Alternatively, a BGP egress router may advertise SR Policies that
represent paths terminating on itself. In such cases, the router can represent paths terminating on itself. In such cases, the router can
send these policies directly to each headend over a dedicated BGP send these policies directly to each headend over a dedicated BGP
session, without necessitating any further propagation of the policy. session, without necessitating any further propagation of the policy.
In some situations, it is undesirable for a controller or BGP egress In some situations, it is undesirable for a controller or BGP egress
router to have a BGP session to each policy headend. In these router to have a BGP session to each policy headend. In these
situations, BGP Route Reflectors may be used to propagate the situations, BGP Route Reflectors may be used to propagate the
advertisements. In certain other deployments, it may be necessary advertisements. In certain other deployments, it may be necessary
for the advertisement to propagate through a sequence of one or more for the advertisement to propagate through a sequence of one or more
ASes within an SR Domain (refer to Section 7 for the associated Autonomous Systems (ASes) within an SR Domain (refer to Section 7 for
security considerations). To make this possible, an attribute needs the associated security considerations). To make this possible, an
to be attached to the advertisement that enables a BGP speaker to attribute needs to be attached to the advertisement that enables a
determine whether it is intended to be a headend for the advertised BGP speaker to determine whether it is intended to be a headend for
policy. This is done by attaching one or more Route Target Extended the advertised policy. This is done by attaching one or more Route
Communities to the advertisement [RFC4360]. Target Extended Communities to the advertisement [RFC4360].
The BGP extensions for the advertisement of SR Policies include The BGP extensions for the advertisement of SR Policies include
following components: following components:
* A Subsequent Address Family Identifier (SAFI) whose NLRIs * A Subsequent Address Family Identifier (SAFI) whose NLRIs identify
identifies an SR Policy candidate path. an SR Policy candidate path.
* A Tunnel Type identifier for SR Policy, and a set of sub-TLVs to * A Tunnel Type identifier for SR Policy and a set of sub-TLVs to be
be inserted into the Tunnel Encapsulation Attribute (as defined in inserted into the Tunnel Encapsulation Attribute (as defined in
[RFC9012]) specifying segment lists of the SR Policy candidate [RFC9012]) specifying segment lists of the SR Policy candidate
path, as well as other information about the SR Policy. path as well as other information about the SR Policy.
* One or more IPv4 address-specific format route target extended * One or more IPv4 address-specific format route target extended
community ([RFC4360]) attached to the SR Policy Candidate Path community ([RFC4360]) attached to the SR Policy Candidate Path
advertisement and that indicates the intended headend of such an advertisement that indicates the intended headend of such an SR
SR Policy Candidate Path advertisement. Policy Candidate Path advertisement.
The SR Policy SAFI route updates utilize the Tunnel Encapsulation The SR Policy SAFI route updates utilize the Tunnel Encapsulation
Attribute to signal an SR Policy, which itself functions as a tunnel. Attribute to signal an SR Policy, which itself functions as a tunnel.
This usage differs notably from the approach described in [RFC9012], This usage differs notably from the approach described in [RFC9012],
where the Tunnel Encapsulation Attribute is associated with a BGP where the Tunnel Encapsulation Attribute is associated with a BGP
route update (e.g., for Internet or VPN routes) to specify the tunnel route update (e.g., for Internet or VPN routes) to specify the tunnel
used for forwarding traffic. This document does not modify or used for forwarding traffic. This document does not modify or
supersede the usage of the Tunnel Encapsulation Attribute for supersede the usage of the Tunnel Encapsulation Attribute for
existing AFI/SAFIs as defined in [RFC9012]. Details regarding the existing AFIs/SAFIs as defined in [RFC9012]. Details regarding the
processing of the Tunnel Encapsulation Attribute for the SR Policy processing of the Tunnel Encapsulation Attribute for the SR Policy
SAFI are provided in Section 2.2 and Section 2.3. SAFI are provided in Sections 2.2 and 2.3.
The northbound advertisement of the operational state of the SR The northbound advertisement of the operational state of the SR
Policy Candidate Paths as part of BGP-LS [RFC9552] topology Policy Candidate Paths as part of BGP - Link State (BGP-LS) [RFC9552]
information is specified in [I-D.ietf-idr-bgp-ls-sr-policy]. topology information is specified in [SR-BGP-LS].
The signaling of Dynamic and Composite Candidate Paths (sections 5.2 The signaling of Dynamic and Composite Candidate Paths (Sections 5.2
and 5.3 respectively of [RFC9256]) is outside the scope of this and 5.3, respectively, of [RFC9256]) is outside the scope of this
document. document.
The Color Extended Community (as defined in [RFC9012]) is used to The Color Extended Community (as defined in [RFC9012]) is used to
steer traffic into an SR Policy, as described in section 8.8 of steer traffic into an SR Policy, as described in Section 8.8 of
[RFC9256]. The Section 3 of this document updates [RFC9012] with [RFC9256]. Section 3 of this document updates [RFC9012] with
modifications to the format of the Flags field of the Color Extended modifications to the format of the Flags field of the Color Extended
Community by using the two leftmost bits of that field. Community by using the two leftmost bits of that field.
1.1. Requirements Language 1.1. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP "OPTIONAL" in this document are to be interpreted as described in
14 [RFC2119] [RFC8174] when, and only when, they appear in all BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
2. SR Policy Encoding 2. SR Policy Encoding
2.1. SR Policy SAFI and NLRI 2.1. SR Policy SAFI and NLRI
A SAFI is introduced in this document: the SR Policy SAFI with The SR Policy SAFI with code point 73 is introduced in this document.
codepoint 73. The AFI used MUST be IPv4(1) or IPv6(2). The AFI used MUST be IPv4(1) or IPv6(2).
The SR Policy SAFI uses the NLRI format defined as follows: The SR Policy SAFI uses the NLRI format defined as follows:
+------------------+ +------------------+
| NLRI Length | 1 octet | NLRI Length | 1 octet
+------------------+ +------------------+
| Distinguisher | 4 octets | Distinguisher | 4 octets
+------------------+ +------------------+
| Policy Color | 4 octets | Policy Color | 4 octets
+------------------+ +------------------+
| Endpoint | 4 or 16 octets | Endpoint | 4 or 16 octets
+------------------+ +------------------+
Figure 1: SR Policy SAFI Format Figure 1: SR Policy SAFI Format
where: Where:
* NLRI Length: 1 octet indicating the length expressed in bits as NLRI Length: 1 octet indicating the length expressed in bits as
defined in [RFC4760]. When AFI = 1 the value MUST be 96 and when defined in [RFC4760]. When AFI = 1, the value MUST be 96; when
AFI = 2 the value MUST be 192. AFI = 2, the value MUST be 192.
* Distinguisher: 4-octet value uniquely identifying the policy in Distinguisher: 4-octet value uniquely identifying the policy in the
the context of <color, endpoint> tuple. The distinguisher has no context of <color, endpoint> tuple. The distinguisher has no
semantic value and is solely used by the SR Policy originator to semantic value and is solely used by the SR Policy originator to
make unique (from an NLRI perspective) both for multiple candidate make unique (from an NLRI perspective) both for multiple candidate
paths of the same SR Policy as well as candidate paths of paths of the same SR Policy as well as candidate paths of
different SR Policies (i.e. with different segment lists) with the different SR Policies (i.e., with different segment lists) with
same Color and Endpoint but meant for different headends. The the same Color and Endpoint but meant for different headends. The
distinguisher is the discriminator of the SR Policy candidate path distinguisher is the discriminator of the SR Policy candidate path
as specified in section 2.5 of [RFC9256]. as specified in Section 2.5 of [RFC9256].
* Policy Color: 4 octets that carry an unsigned non-zero integer Policy Color: 4 octets that carry an unsigned non-zero integer value
value indicating the color of the SR Policy as specified in indicating the color of the SR Policy as specified in Section 2.1
section 2.1 of [RFC9256]. The color is used to match the color of of [RFC9256]. The color is used to match the color of the
the destination prefixes to steer traffic into the SR Policy as destination prefixes to steer traffic into the SR Policy as
specified in section 8 of [RFC9256]. specified in Section 8 of [RFC9256].
* Endpoint: value identifies the endpoint of a policy. The Endpoint Endpoint: a value that identifies the endpoint of a policy. The
may represent a single node or a set of nodes (e.g., an anycast Endpoint may represent a single node or a set of nodes (e.g., an
address). The Endpoint is an IPv4 (4-octet) address or an IPv6 anycast address). The Endpoint is an IPv4 (4-octet) address or an
(16-octet) address according to the AFI of the NLRI. The address IPv6 (16-octet) address according to the AFI of the NLRI. The
can be either a unicast or an unspecified address (0.0.0.0 for address can be either unicast or an unspecified address (0.0.0.0
IPv4, :: for IPv6), known as null endpoint, as specified in for IPv4, :: for IPv6), known as a null endpoint as specified in
section 2.1 of [RFC9256]. Section 2.1 of [RFC9256].
The color and endpoint are used to automate the steering of BGP The color and endpoint are used to automate the steering of BGP
service routes on SR Policy as described in section 8 of [RFC9256]. service routes on an SR Policy as described in Section 8 of
[RFC9256].
The NLRI containing an SR Policy candidate path is carried in a BGP The NLRI containing an SR Policy candidate path is carried in a BGP
UPDATE message [RFC4271] using BGP multi-protocol extensions UPDATE message [RFC4271] using BGP multiprotocol extensions [RFC4760]
[RFC4760] with an AFI of 1 or 2 (IPv4 or IPv6) and with a SAFI of 73. with an AFI of 1 or 2 (IPv4 or IPv6) and with a SAFI of 73. The
The fault management and error handling in the encoding of the NLRI fault management and error handling in the encoding of the NLRI are
is specified in Section 5. specified in Section 5.
An update message that carries the MP_REACH_NLRI or MP_UNREACH_NLRI An update message that carries the MP_REACH_NLRI or MP_UNREACH_NLRI
attribute with the SR Policy SAFI MUST also carry the BGP mandatory attribute with the SR Policy SAFI MUST also carry the BGP mandatory
attributes. In addition, the BGP update message MAY also contain any attributes. In addition, the BGP update message MAY also contain any
of the BGP optional attributes. of the BGP optional attributes.
The next-hop network address field in SR Policy SAFI (73) updates may The next-hop network address field in SR Policy SAFI (73) updates may
be either a 4-octet IPv4 address or a 16-octet IPv6 address, be either a 4-octet IPv4 address or a 16-octet IPv6 address,
independent of the SR Policy AFI. The length field of the next-hop independent of the SR Policy AFI. The length field of the next-hop
address specifies the next-hop address family. If the next-hop address specifies the next-hop address family. If the next-hop
length is 4, then the next-hop is an IPv4 address; if the next-hop length is 4, then the next-hop is an IPv4 address. If the next-hop
length is 16, then it is a global IPv6 address; if the next-hop length is 16, then it is a global IPv6 address. If the next-hop
length is 32, then it has a global IPv6 address followed by a link- length is 32, then it has a global IPv6 address followed by a link-
local IPv6 address. The setting of the next-hop field and its local IPv6 address. The setting of the next-hop field and its
attendant processing is governed by standard BGP procedures as attendant processing is governed by standard BGP procedures as
described in section 3 of [RFC4760] and section 3 of [RFC2545]. described in Section 3 of [RFC4760] and Section 3 of [RFC2545].
It is important to note that at any BGP speaker receiving BGP updates It is important to note that at any BGP speaker receiving BGP updates
with SR Policy NLRIs, the SRPM processes only the best path as per with SR Policy NLRIs, the SRPM processes only the best path as per
the BGP best-path selection algorithm. In other words, this document the BGP best-path selection algorithm. In other words, this document
leverages the existing BGP propagation and best-path selection rules. leverages the existing BGP propagation and best-path selection rules.
Details of the procedures are described in Section 4. Details of the procedures are described in Section 4.
It has to be noted that if several candidate paths of the same SR It has to be noted that if several candidate paths of the same SR
Policy (endpoint, color) are signaled via BGP to a headend, then it Policy (endpoint, color) are signaled via BGP to a headend, then it
is RECOMMENDED that each NLRI uses a different distinguisher. If BGP is RECOMMENDED that each NLRI use a different distinguisher. If BGP
has installed into the BGP table two advertisements whose respective has installed into the BGP table two advertisements whose respective
NLRIs have the same color and endpoint, but different distinguishers, NLRIs have the same color and endpoint, but different distinguishers,
both advertisements are passed to the SRPM as different candidate both advertisements are passed to the SRPM as different candidate
paths along with their respective originator information (i.e., ASN paths along with their respective originator information (i.e.,
and BGP Router-ID) as described in section 2.4 of [RFC9256]. The ASN Autonomous System Number (ASN) and BGP Router-ID) as described in
would be the ASN of the origin and the BGP Router-ID is determined in Section 2.4 of [RFC9256]. The ASN would be the ASN of the origin and
the following order: the BGP Router-ID is determined in the following order:
* From the Route Origin Community [RFC4360] if present and carrying * From the Route Origin Community [RFC4360] if present and carrying
an IP Address, or an IP Address, or
* As the BGP Originator ID [RFC4456] if present, or * As the BGP Originator ID [RFC4456] if present, or
* As the BGP Router-ID of the peer from which the update was * As the BGP Router-ID of the peer from which the update was
received as a last resort. received as a last resort.
The Section 2.9 of [RFC9256] specifies the selection of the active Section 2.9 of [RFC9256] specifies the selection of the active
candidate path of the SR Policy by the SRPM based on the information candidate path of the SR Policy by the SRPM based on the information
provided to it by BGP. provided to it by BGP.
2.2. SR Policy and Tunnel Encapsulation Attribute 2.2. SR Policy and Tunnel Encapsulation Attribute
The content of the SR Policy Candidate Path is encoded in the Tunnel The content of the SR Policy Candidate Path is encoded in the Tunnel
Encapsulation Attribute defined in [RFC9012] using a Tunnel-Type Encapsulation Attribute defined in [RFC9012] using a Tunnel-Type
called SR Policy Type with codepoint 15. The use of SR Policy called the "SR Policy" type with code point 15. The use of the SR
Tunnel-type is applicable only for the AFI/SAFI pairs of (1/73, Policy Tunnel-type is applicable only for the AFI/SAFI pairs of
2/73). This document specifies the use of the Tunnel Encapsulation (1/73, 2/73). This document specifies the use of the Tunnel
Attribute with the SR Policy Tunnel-Type and the use of any other Encapsulation Attribute with the SR Policy Tunnel-Type and the use of
Tunnel-Type with the SR Policy SAFI MUST be considered malformed and any other Tunnel-Type with the SR Policy SAFI MUST be considered
handled by the "Treat-as-Withdraw" strategy [RFC7606]. malformed and handled by the "treat-as-withdraw" strategy [RFC7606].
The SR Policy Encoding structure is as follows: The SR Policy Encoding structure is as follows:
SR Policy SAFI NLRI: <Distinguisher, Policy-Color, Endpoint> SR Policy SAFI NLRI: <Distinguisher, Policy-Color, Endpoint>
Attributes: Attributes:
Tunnel Encapsulation Attribute (23) Tunnel Encapsulation Attribute (23)
Tunnel Type: SR Policy (15) Tunnel Type: SR Policy (15)
Binding SID Binding SID
Preference Preference
Priority Priority
Policy Name Policy Name
Policy Candidate Path Name Policy Candidate Path Name
Explicit NULL Label Policy (ENLP) Explicit NULL Label Policy (ENLP)
Segment List Segment List
Weight Weight
Segment Segment
Segment Segment
... ...
... ...
Figure 2: SR Policy Encoding Figure 2: SR Policy Encoding
where: Where:
* SR Policy SAFI NLRI is defined in Section 2.1. * The SR Policy SAFI NLRI is defined in Section 2.1.
* Tunnel Encapsulation Attribute is defined in [RFC9012]. * The Tunnel Encapsulation Attribute is defined in [RFC9012].
* Tunnel-Type is set to 15. * The Tunnel-Type is set to 15.
* Preference, Binding SID, Priority, Policy Name, Policy Candidate * Preference, Binding SID, Priority, Policy Name, Policy Candidate
Path Name, ENLP, Segment-List, Weight, and Segment sub-TLVs are Path Name, ENLP, Segment-List, Weight, and Segment sub-TLVs are
defined in Section 2.4. defined in Section 2.4.
* Additional sub-TLVs may be defined in the future. * Additional sub-TLVs may be defined in the future.
A Tunnel Encapsulation Attribute MUST NOT contain more than one TLV A Tunnel Encapsulation Attribute MUST NOT contain more than one TLV
of type "SR Policy"; such updates MUST be considered malformed and of type "SR Policy"; such updates MUST be considered malformed and
handled by the "Treat-as-Withdraw" strategy [RFC7606]. handled by the "treat-as-withdraw" strategy [RFC7606].
BGP does not need to perform the validation of the tunnel (i.e., SR BGP does not need to perform the validation of the tunnel (i.e., SR
Policy) itself as indicated in section 6 of [RFC9012]. The Policy) itself as indicated in Section 6 of [RFC9012]. The
validation of the SR Policy information that is advertised using the validation of the SR Policy information that is advertised using the
sub-TLVs specified in Section 2.4 is performed by the SRPM. sub-TLVs specified in Section 2.4 is performed by the SRPM.
2.3. Applicability of Tunnel Encapsulation Attribute Sub-TLVs 2.3. Applicability of Tunnel Encapsulation Attribute Sub-TLVs
The Tunnel Egress Endpoint and Color sub-TLVs of the Tunnel The Tunnel Egress Endpoint and Color sub-TLVs of the Tunnel
Encapsulation Attribute, as defined in [RFC9012], are not utilized Encapsulation Attribute, as defined in [RFC9012], are not utilized
for SR Policy encodings. Consequently, their values are not relevant for SR Policy encodings. Consequently, their values are not relevant
within the context of the SR Policy SAFI NLRI. If these sub-TLVs are within the context of the SR Policy SAFI NLRI. If these sub-TLVs are
present, a BGP speaker MUST ignore them and MAY remove them from the present, a BGP speaker MUST ignore them and MAY remove them from the
skipping to change at page 10, line 32 skipping to change at line 440
information about the SR Policy Candidate Path. information about the SR Policy Candidate Path.
Preference, Binding SID, SRv6 Binding SID, Segment-List, Priority, Preference, Binding SID, SRv6 Binding SID, Segment-List, Priority,
Policy Name, Policy Candidate Path Name, and Explicit NULL Label Policy Name, Policy Candidate Path Name, and Explicit NULL Label
Policy are all optional sub-TLVs introduced for the BGP Tunnel Policy are all optional sub-TLVs introduced for the BGP Tunnel
Encapsulation Attribute [RFC9012] being defined in this section. Encapsulation Attribute [RFC9012] being defined in this section.
Weight and Segment are sub-TLVs of the Segment-List sub-TLV mentioned Weight and Segment are sub-TLVs of the Segment-List sub-TLV mentioned
above. above.
An early version of this document included only the Binding SID sub- An early draft version of this document included only the Binding SID
TLV that could be used for both SR-MPLS and SRv6 Binding SIDs. The sub-TLV that could be used for both SR-MPLS and SRv6 Binding SIDs.
SRv6 Binding SID TLV was introduced in later versions to support the The SRv6 Binding SID TLV was introduced in later versions to support
advertisement of additional SRv6 capabilities without affecting the advertisement of additional SRv6 capabilities without affecting
backward compatibility for early implementations. backward compatibility for early implementations.
The fault management and error handling in the encoding of the sub- The fault management and error handling in the encoding of the sub-
TLVs defined in this section are specified in Section 5. For the TLVs defined in this section are specified in Section 5. For the
TLVs/sub-TLVs that are specified as single instance, only the first TLVs/sub-TLVs that are specified as single instance, only the first
instance of that TLV/sub-TLV is used and the other instances MUST be instance of that TLV/sub-TLV is used: the other instances MUST be
ignored and MUST NOT considered to be malformed. ignored and MUST NOT considered to be malformed.
None of the sub-TLVs defined in the following sub-sections have any None of the sub-TLVs defined in the following subsections have any
effect on the BGP best-path selection or propagation procedures. effect on the BGP best-path selection or propagation procedures.
These sub-TLVs are not used by the BGP path selection process and are These sub-TLVs are not used by the BGP path selection process and are
instead passed on to SRPM as SR Policy Candidate Path information for instead passed on to SRPM as SR Policy Candidate Path information for
further processing described in section 2 of [RFC9256]. further processing as described in Section 2 of [RFC9256].
The use of SR Policy Sub-TLVs is applicable only for the AFI/SAFI The use of SR Policy Sub-TLVs is applicable only for the AFI/SAFI
pairs of (1/73, 2/73). Future documents may extend their pairs of (1/73, 2/73). Future documents may extend their
applicability to other AFI/SAFI. applicability to other AFI/SAFI.
2.4.1. Preference Sub-TLV 2.4.1. Preference Sub-TLV
The Preference sub-TLV is used to carry the Preference of an SR The Preference sub-TLV is used to carry the Preference of an SR
Policy candidate path. The contents of this sub-TLV are used by the Policy candidate path. The contents of this sub-TLV are used by the
SRPM as described in section 2.7 of [RFC9256]. SRPM as described in Section 2.7 of [RFC9256].
The Preference sub-TLV is OPTIONAL and it MUST NOT appear more than The Preference sub-TLV is OPTIONAL; it MUST NOT appear more than once
once in the SR Policy encoding. in the SR Policy encoding.
The Preference sub-TLV has following format: The Preference sub-TLV has the following format:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED | | Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Preference (4 octets) | | Preference (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 3: Preference sub-TLV Figure 3: Preference Sub-TLV
where: Where:
* Type: 12 Type: 12
* Length: Specifies the length of the value field (i.e., not Length: Specifies the length of the value field (i.e., not including
including Type and Length fields) in terms of octets. The value Type and Length fields) in terms of octets. The value MUST be 6.
MUST be 6.
* Flags: 1 octet of flags. No flags are defined in this document. Flags: 1 octet of flags. No flags are defined in this document.
The Flags field MUST be set to zero on transmission and MUST be The Flags field MUST be set to zero on transmission and MUST be
ignored on receipt. ignored on receipt.
* RESERVED: 1 octet of reserved bits. This field MUST be set to RESERVED: 1 octet of reserved bits. This field MUST be set to zero
zero on transmission and MUST be ignored on receipt. on transmission and MUST be ignored on receipt.
* Preference: a 4-octet value indicating the Preference of the SR Preference: a 4-octet value indicating the Preference of the SR
Policy Candidate Path as described in section 2.7 of [RFC9256]. Policy Candidate Path as described in Section 2.7 of [RFC9256].
2.4.2. Binding SID Sub-TLV 2.4.2. Binding SID Sub-TLV
The Binding SID sub-TLV is used to signal the binding SID related The Binding SID sub-TLV is used to signal the BSID-related
information of the SR Policy candidate path. The contents of this information of the SR Policy candidate path. The contents of this
sub-TLV are used by the SRPM as described in section 6 in [RFC9256]. sub-TLV are used by the SRPM as described in Section 6 of [RFC9256].
The Binding SID sub-TLV is OPTIONAL and it MUST NOT appear more than The Binding SID sub-TLV is OPTIONAL; it MUST NOT appear more than
once in the SR Policy encoding. once in the SR Policy encoding.
When the Binding SID sub-TLV is used to signal an SRv6 SID, the When the Binding SID sub-TLV is used to signal an SRv6 SID, the
selection of the corresponding SRv6 Endpoint Behavior [RFC8986] to be selection of the corresponding SRv6 Endpoint Behavior [RFC8986] to be
instantiated is determined by the headend node. It is RECOMMENDED instantiated is determined by the headend node. It is RECOMMENDED
that the SRv6 Binding SID sub-TLV, as defined in Section 2.4.3, be that the SRv6 Binding SID sub-TLV, as defined in Section 2.4.3, be
used when signaling an SRv6 Binding SID for an SR Policy candidate used when signaling an SRv6 Binding SID for an SR Policy candidate
path. The support for the use of this Binding SID sub-TLV for path. The support for the use of this Binding SID sub-TLV for the
signaling of SRv6 Binding SID is retained primarily for backward signaling of an SRv6 Binding SID is retained primarily for backward
compatibility with implementations that followed early versions of compatibility with implementations that followed early draft versions
this document that had not defined the SRv6 Binding SID sub-TLV. of this document that had not defined the SRv6 Binding SID sub-TLV.
The Binding SID sub-TLV has the following format: The Binding SID sub-TLV has the following format:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED | | Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Binding SID (variable, optional) | | Binding SID (variable, optional) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 4: Binding SID sub-TLV Figure 4: Binding SID Sub-TLV
where: Where:
* Type: 13 Type: 13
* Length: Specifies the length of the value field (i.e., not Length: Specifies the length of the value field (i.e., not including
including Type and Length fields) in terms of octets. The value Type and Length fields) in terms of octets. The value MUST be 18
MUST be one of: 18 when a SRv6 BSID is present, 6 when a SR-MPLS when a SRv6 BSID is present, 6 when an SR-MPLS BSID is present, or
BSID is present, or 2 when no BSID is present. 2 when no BSID is present.
* Flags: 1 octet of flags. The following flags are defined in the Flags: 1 octet of flags. The following flags are defined in the
registry "SR Policy Binding SID Flags" as described in registry "SR Policy Binding SID Flags" as described in
Section 6.6: Section 6.6:
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
|S|I| | |S|I| |
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
Figure 5: SR Policy Binding SID Flags Figure 5: SR Policy Binding SID Flags
where: Where:
- S-Flag: This flag encodes the "Specified-BSID-only" behavior. * The S-Flag encodes the "Specified-BSID-Only" behavior. It is
It is used by SRPM as described in section 6.2.3 in [RFC9256]. used by SRPM as described in Section 6.2.3 of [RFC9256].
- I-Flag: This flag encodes the "Drop Upon Invalid" behavior. It * The I-Flag encodes the "Drop Upon Invalid" behavior. It is
is used by SRPM as described in section 8.2 in [RFC9256] to used by SRPM as described in Section 8.2 of [RFC9256] to define
define a specific SR Policy forwarding behavior. The flag a specific SR Policy forwarding behavior. The flag indicates
indicates that the SR Policy is to perform the "drop upon that the SR Policy is to perform the "drop upon invalid"
invalid" behavior when no valid candidate path (CP) is behavior when no valid candidate path (CP) is available for
available for this SR Policy. In this situation, the CP with this SR Policy. In this situation, the CP with the highest
the highest preference amongst those with the "drop upon preference amongst those with the "drop upon invalid" config is
invalid" config is made active to drop traffic steered over the made active to drop traffic steered over the SR Policy.
SR Policy.
- The unassigned bits in the Flag octet MUST be set to zero upon * The unassigned bits in the Flag octet MUST be set to zero upon
transmission and MUST be ignored upon receipt. transmission and MUST be ignored upon receipt.
* RESERVED: 1 octet of reserved bits. MUST be set to zero on RESERVED: 1 octet of reserved bits. MUST be set to zero on
transmission and MUST be ignored on receipt. transmission and MUST be ignored on receipt.
* Binding SID: If the length is 2, then no Binding SID is present. Binding SID: If the length is 2, then no Binding SID is present. If
If the length is 6 then the Binding SID is encoded in 4 octets the length is 6, then the Binding SID is encoded in 4 octets using
using the format below. Traffic Class (TC), S, and TTL (Total of the format below. Traffic Class (TC), S, and TTL (Total of 12
12 bits) are RESERVED and MUST be set to zero and MUST be ignored. bits) are RESERVED and MUST be set to zero and MUST be ignored.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Label | TC |S| TTL | | Label | TC |S| TTL |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 6: Binding SID Label Encoding Figure 6: Binding SID Label Encoding
The Label field is validated by the SRPM, but MUST NOT contain the The Label field is validated by the SRPM but MUST NOT contain the
reserved MPLS label values (0-15). If the length is 18 then the reserved MPLS label values (0-15). If the length is 18, then the
Binding SID contains a 16-octet SRv6 SID. Binding SID contains a 16-octet SRv6 SID.
2.4.3. SRv6 Binding SID Sub-TLV 2.4.3. SRv6 Binding SID Sub-TLV
The SRv6 Binding SID sub-TLV is used to signal the SRv6 Binding SID The SRv6 Binding SID sub-TLV is used to signal the SRv6 Binding SID
related information of an SR Policy candidate path. It enables the related information of an SR Policy candidate path. It enables the
specification of the SRv6 Endpoint Behavior [RFC8986] to be specification of the SRv6 Endpoint Behavior [RFC8986] to be
instantiated on the headend node. The contents of this sub-TLV are instantiated on the headend node. The contents of this sub-TLV are
used by the SRPM as described in section 6 in [RFC9256]. used by the SRPM as described in Section 6 of [RFC9256].
The SRv6 Binding SID sub-TLV is OPTIONAL. More than one SRv6 Binding The SRv6 Binding SID sub-TLV is OPTIONAL. More than one SRv6 Binding
SID sub-TLVs MAY be signaled in the same SR Policy encoding to SID sub-TLV MAY be signaled in the same SR Policy encoding to
indicate one or more SRv6 SIDs, each with potentially different SRv6 indicate one or more SRv6 SIDs, each with potentially different SRv6
Endpoint Behaviors to be instantiated. Endpoint Behaviors to be instantiated.
The SRv6 Binding SID sub-TLV has the following format: The SRv6 Binding SID sub-TLV has the following format:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED | | Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| SRv6 Binding SID (16 octets) | | SRv6 Binding SID (16 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// SRv6 Endpoint Behavior and SID Structure (optional) // // SRv6 Endpoint Behavior and SID Structure (optional) //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 7: SRv6 Binding SID sub-TLV Figure 7: SRv6 Binding SID Sub-TLV
where: Where:
* Type: 20 Type: 20
* Length: Specifies the length of the value field (i.e., not Length: Specifies the length of the value field (i.e., not including
including Type and Length fields) in terms of octets. The value Type and Length fields) in terms of octets. The value MUST be 26
MUST be 26 when the SRv6 Endpoint Behavior and SID Structure is when the SRv6 Endpoint Behavior and SID Structure is present;
present else it MUST be 18. else, it MUST be 18.
* Flags: 1 octet of flags. The following flags are defined in the Flags: 1 octet of flags. The following flags are defined in the
registry "SR Policy SRv6 Binding SID Flags" as described in registry "SR Policy SRv6 Binding SID Flags" as described in
Section 6.7: Section 6.7:
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
|S|I|B| | |S|I|B| |
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
Figure 8: SR Policy SRv6 Binding SID Flags Figure 8: SR Policy SRv6 Binding SID Flags
where: Where:
- S-Flag: This flag encodes the "Specified-BSID-only" behavior. * The S-Flag encodes the "Specified-BSID-Only" behavior. It is
It is used by SRPM as described in section 6.2.3 in [RFC9256]. used by SRPM as described in Section 6.2.3 of [RFC9256].
- I-Flag: This flag encodes the "Drop Upon Invalid" behavior. It * The I-Flag encodes the "Drop Upon Invalid" behavior. It is
is used by SRPM as described in section 8.2 in [RFC9256]. used by SRPM as described in Section 8.2 of [RFC9256].
- B-Flag: This flag, when set, indicates the presence of the SRv6 * The B-Flag, when set, indicates the presence of the "SRv6
Endpoint Behavior and SID Structure encoding specified in Endpoint Behavior & SID Structure" encoding specified in
Section 2.4.4.2.4. Section 2.4.4.2.4.
- The unassigned bits in the Flag octet MUST be set to zero upon * The unassigned bits in the Flag octet MUST be set to zero upon
transmission and MUST be ignored upon receipt. transmission and MUST be ignored upon receipt.
* RESERVED: 1 octet of reserved bits. This field MUST be set to RESERVED: 1 octet of reserved bits. This field MUST be set to zero
zero on transmission and MUST be ignored on receipt. on transmission and MUST be ignored on receipt.
* SRv6 Binding SID: Contains a 16-octet SRv6 SID. The value 0 MAY SRv6 Binding SID: Contains a 16-octet SRv6 SID. The value 0 MAY be
be used when the controller wants to indicate the desired SRv6 used when the controller wants to indicate the desired SRv6
Endpoint Behavior, SID Structure, or flags without specifying the Endpoint Behavior, SID Structure, or flags without specifying the
BSID. BSID.
* SRv6 Endpoint Behavior and SID Structure: Optional, as defined in SRv6 Endpoint Behavior and SID Structure: Optional, as defined in
Section 2.4.4.2.4. The SRv6 Endpoint Behavior and SID Structure Section 2.4.4.2.4. The SRv6 Endpoint Behavior and SID Structure
MUST NOT be included when the SRv6 SID has not been included. MUST NOT be included when the SRv6 SID has not been included.
2.4.4. Segment List Sub-TLV 2.4.4. Segment List Sub-TLV
The Segment List sub-TLV encodes a single explicit path towards the The Segment List sub-TLV encodes a single explicit path towards the
endpoint as described in section 5.1 of [RFC9256]. The Segment List endpoint as described in Section 5.1 of [RFC9256]. The Segment List
sub-TLV includes the elements of the paths (i.e., segments) as well sub-TLV includes the elements of the paths (i.e., segments) as well
as an optional Weight sub-TLV. as an optional Weight sub-TLV.
The Segment List sub-TLV may exceed 255 bytes in length due to a The Segment List sub-TLV may exceed 255 bytes in length due to a
large number of segments. A 2-octet length is thus required. large number of segments. A 2-octet length is thus required.
According to section 2 of [RFC9012], the sub-TLV type defines the According to Section 2 of [RFC9012], the sub-TLV type defines the
size of the length field. Therefore, for the Segment List sub-TLV, a size of the length field. Therefore, for the Segment List sub-TLV, a
code point of 128 or higher is used. code point of 128 or higher is used.
The Segment List sub-TLV is OPTIONAL and MAY appear multiple times in The Segment List sub-TLV is OPTIONAL and MAY appear multiple times in
the SR Policy encoding. The ordering of Segment List sub-TLVs does the SR Policy encoding. The ordering of Segment List sub-TLVs does
not matter since each sub-TLV encodes a Segment List. not matter since each sub-TLV encodes a Segment List.
The Segment List sub-TLV contains zero or more Segment sub-TLVs and The Segment List sub-TLV contains zero or more Segment sub-TLVs and
MAY contain a Weight sub-TLV. MAY contain a Weight sub-TLV.
The Segment List sub-TLV has the following format: The Segment List sub-TLV has the following format:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | RESERVED | | Type | Length | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// sub-TLVs // // sub-TLVs //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 9: Segment List sub-TLV Figure 9: Segment List Sub-TLV
where:
* Type: 128. Where:
* Length: the total length (not including the Type and Length Type: 128
fields) of the sub-TLVs encoded within the Segment List sub-TLV in
terms of octets.
* RESERVED: 1 octet of reserved bits. This field MUST be set to Length: The total length (not including the Type and Length fields)
zero on transmission and MUST be ignored on receipt. of the sub-TLVs encoded within the Segment List sub-TLV in terms
of octets.
* sub-TLVs currently defined: RESERVED: 1 octet of reserved bits. This field MUST be set to zero
on transmission and MUST be ignored on receipt.
- An optional single Weight sub-TLV. sub-TLVs currently defined:
* An optional single Weight sub-TLV
- Zero or more Segment sub-TLVs. * Zero or more Segment sub-TLVs
Validation of an explicit path encoded by the Segment List sub-TLV is Validation of an explicit path encoded by the Segment List sub-TLV is
beyond the scope of BGP and performed by the SRPM as described in beyond the scope of BGP and performed by the SRPM as described in
section 5 of [RFC9256]. Section 5 of [RFC9256].
2.4.4.1. Weight Sub-TLV 2.4.4.1. Weight Sub-TLV
The Weight sub-TLV specifies the weight associated with a given The Weight sub-TLV specifies the weight associated with a given
segment list. The contents of this sub-TLV are used only by the SRPM segment list. The contents of this sub-TLV are used only by the SRPM
as described in section 2.11 of [RFC9256]. as described in Section 2.11 of [RFC9256].
The Weight sub-TLV is OPTIONAL and it MUST NOT appear more than once The Weight sub-TLV is OPTIONAL; it MUST NOT appear more than once
inside the Segment List sub-TLV. inside the Segment List sub-TLV.
The Weight sub-TLV has the following format: The Weight sub-TLV has the following format:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED | | Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Weight | | Weight |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 10: Weight sub-TLV Figure 10: Weight Sub-TLV
where: Where:
* Type: 9. Type: 9
* Length: Specifies the length of the value field (i.e., not Length: Specifies the length of the value field (i.e., not including
including Type and Length fields) in terms of octets. The value Type and Length fields) in terms of octets. The value MUST be 6.
MUST be 6.
* Flags: 1 octet of flags. No flags are defined in this document. Flags: 1 octet of flags. No flags are defined in this document.
The Flags field MUST be set to zero on transmission and MUST be The Flags field MUST be set to zero on transmission and MUST be
ignored on receipt. ignored on receipt.
* RESERVED: 1 octet of reserved bits. This field MUST be set to RESERVED: 1 octet of reserved bits. This field MUST be set to zero
zero on transmission and MUST be ignored on receipt. on transmission and MUST be ignored on receipt.
* Weight: 4 octets an unsigned integer value indicating the weight Weight: 4 octets an unsigned integer value indicating the weight
associated with a segment list as described in section 2.11 of associated with a segment list as described in Section 2.11 of
[RFC9256]. A weight value of zero is invalid. [RFC9256]. A weight value of zero is invalid.
2.4.4.2. Segment Sub-TLVs 2.4.4.2. Segment Sub-TLVs
A Segment sub-TLV describes a single segment in a segment list (i.e., A Segment sub-TLV describes a single segment in a segment list (i.e.,
a single element of the explicit path). One or more Segment sub-TLVs a single element of the explicit path). One or more Segment sub-TLVs
constitute an explicit path of the SR Policy candidate path. The constitute an explicit path of the SR Policy candidate path. The
contents of these sub-TLVs are used only by the SRPM as described in contents of these sub-TLVs are used only by the SRPM as described in
section 4 in [RFC9256]. Section 4 of [RFC9256].
The Segment sub-TLVs are OPTIONAL and MAY appear multiple times in The Segment sub-TLVs are OPTIONAL and MAY appear multiple times in
the Segment List sub-TLV. the Segment List sub-TLV.
Section 4 of [RFC9256] defines several Segment Types: Section 4 of [RFC9256] defines several Segment Types:
Type A: SR-MPLS Label Type A: SR-MPLS Label
Type B: SRv6 SID
Type C: IPv4 Prefix with optional SR Algorithm
Type D: IPv6 Global Prefix with optional SR Algorithm for SR-MPLS
Type E: IPv4 Prefix with Local Interface ID
Type F: IPv4 Addresses for link endpoints as Local, Remote pair
Type G: IPv6 Prefix and Interface ID for link endpoints as Local,
Remote pair for SR-MPLS
Type H: IPv6 Addresses for link endpoints as Local, Remote pair
for SR-MPLS
Type I: IPv6 Global Prefix with optional SR Algorithm for SRv6
Type J: IPv6 Prefix and Interface ID for link endpoints as Local,
Remote pair for SRv6
Type K: IPv6 Addresses for link endpoints as Local, Remote pair
for SRv6
The following sub-sections specify the sub-TLVs used for Segment Type B: SRv6 SID
Types A and B. The other segment types are specified in
[I-D.ietf-idr-bgp-sr-segtypes-ext]. As specified in section 5.1 of Type C: IPv4 Prefix with optional SR Algorithm
[RFC9256], a mix of SR-MPLS and SRv6 segments make the segment-list
invalid. Type D: IPv6 Global Prefix with optional SR Algorithm for SR-MPLS
Type E: IPv4 Prefix with Local Interface ID
Type F: IPv4 Addresses for link endpoints as Local, Remote pair
Type G: IPv6 Prefix and Interface ID for link endpoints as Local,
Remote pair for SR-MPLS
Type H: IPv6 Addresses for link endpoints as Local, Remote pair for
SR-MPLS
Type I: IPv6 Global Prefix with optional SR Algorithm for SRv6
Type J: IPv6 Prefix and Interface ID for link endpoints as Local,
Remote pair for SRv6
Type K: IPv6 Addresses for link endpoints as Local, Remote pair for
SRv6
The following subsections specify the sub-TLVs used for Segment Types
A and B. The other segment types are specified in [RFC9831]. As
specified in Section 5.1 of [RFC9256], a mix of SR-MPLS and SRv6
segments make the segment-list invalid.
2.4.4.2.1. Segment Type A 2.4.4.2.1. Segment Type A
The Type A Segment Sub-TLV encodes a single SR-MPLS SID. The format The Type A Segment sub-TLV encodes a single SR-MPLS SID. The format
is as follows and is used to encode MPLS Label fields as specified in is as follows and is used to encode MPLS Label fields as specified in
[RFC3032] [RFC5462].: [RFC3032] and [RFC5462]:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED | | Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Label | TC |S| TTL | | Label | TC |S| TTL |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 11: Type A Segment sub-TLV Figure 11: Type A Segment Sub-TLV
where: Where:
* Type: 1. Type: 1
* Length: Specifies the length of the value field (i.e., not Length: Specifies the length of the value field (i.e., not including
including Type and Length fields) in terms of octets. The value Type and Length fields) in terms of octets. The value MUST be 6.
MUST be 6.
* Flags: 1 octet of flags as defined in Section 2.4.4.2.3. Flags: 1 octet of flags as defined in Section 2.4.4.2.3.
* RESERVED: 1 octet of reserved bits. This field MUST be set to RESERVED: 1 octet of reserved bits. This field MUST be set to zero
zero on transmission and MUST be ignored on receipt. on transmission and MUST be ignored on receipt.
* Label: 20 bits of label value. Label: 20 bits of label value.
* TC: 3 bits of traffic class. TC: 3 bits of traffic class.
* S: 1 bit of bottom-of-stack. S: 1 bit of bottom-of-stack.
* TTL: 1 octet of TTL. TTL: 1 octet of TTL.
The following applies to the Type-1 Segment sub-TLV: The following applies to the Type-1 Segment sub-TLV:
* The S bit MUST be zero upon transmission and MUST be ignored upon * The S bit MUST be zero upon transmission and MUST be ignored upon
reception. reception.
* If the originator wants the receiver to choose the TC value, it * If the originator wants the receiver to choose the TC value, it
sets the TC field to zero. sets the TC field to zero.
* If the originator wants the receiver to choose the TTL value, it * If the originator wants the receiver to choose the TTL value, it
skipping to change at page 19, line 29 skipping to change at line 868
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED | | Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// SRv6 SID (16 octets) // // SRv6 SID (16 octets) //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// SRv6 Endpoint Behavior and SID Structure // // SRv6 Endpoint Behavior and SID Structure //
// (optional, 8 octets) // // (optional, 8 octets) //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 12: Type B Segment sub-TLV Figure 12: Type B Segment Sub-TLV
where: Where:
* Type: 13. Type: 13
* Length: Specifies the length of the value field (i.e., not Length: Specifies the length of the value field (i.e., not including
including Type and Length fields) in terms of octets. The value Type and Length fields) in terms of octets. The value MUST be 26
MUST be 26 when the SRv6 Endpoint Behavior and SID Structure is when the SRv6 Endpoint Behavior and SID Structure is present;
present else it MUST be 18. else, it MUST be 18.
* Flags: 1 octet of flags as defined in Section 2.4.4.2.3. Flags: 1 octet of flags as defined in Section 2.4.4.2.3.
* RESERVED: 1 octet of reserved bits. This field MUST be set to RESERVED: 1 octet of reserved bits. This field MUST be set to zero
zero on transmission and MUST be ignored on receipt. on transmission and MUST be ignored on receipt.
* SRv6 SID: 16 octets of IPv6 address. SRv6 SID: 16 octets of IPv6 address.
* SRv6 Endpoint Behavior and SID Structure: Optional, as defined in SRv6 Endpoint Behavior and SID Structure: Optional, as defined in
Section 2.4.4.2.4. The SRv6 Endpoint Behavior and SID Structure Section 2.4.4.2.4. The SRv6 Endpoint Behavior and SID Structure
MUST NOT be included when the SRv6 SID has not been included. MUST NOT be included when the SRv6 SID has not been included.
The Sub-TLV code point 2 defined for the advertisement of Segment The Sub-TLV code point 2 defined for the advertisement of Segment
Type B in the earlier versions of this document has been deprecated Type B in the earlier draft versions of this document has been
to avoid backward compatibility issues. deprecated to avoid backward compatibility issues.
2.4.4.2.3. SR Policy Segment Flags 2.4.4.2.3. SR Policy Segment Flags
The Segment Types sub-TLVs described above may contain the following The Segment Types sub-TLVs described above may contain the following
SR Policy Segment Flags in their "Flags" field. Also refer to SR Policy Segment Flags in their "Flags" field. Also refer to
Section 6.8: Section 6.8:
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
|V| |B| | |V| |B| |
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
Figure 22: SR Policy Segment Flags Figure 13: SR Policy Segment Flags
where: Where:
V-Flag: This flag, when set, is used by SRPM for "SID * When the V-Flag is set, it is used by SRPM for "SID verification"
verification" as described in Section 5.1 of [RFC9256]. as described in Section 5.1 of [RFC9256].
B-Flag: This flag, when set, indicates the presence of the SRv6 * When the B-Flag is set, it indicates the presence of the "SRv6
Endpoint Behavior and SID Structure encoding specified in Endpoint Behavior & SID Structure" encoding specified in
Section 2.4.4.2.4. Section 2.4.4.2.4.
The unassigned bits in the Flag octet MUST be set to zero upon * The unassigned bits in the Flag octet MUST be set to zero upon
transmission and MUST be ignored upon receipt. transmission and MUST be ignored upon receipt.
The following applies to the Segment Flags: The following applies to the Segment Flags:
* V-Flag applies to all Segment Types. * V-Flag applies to all Segment Types.
* B-Flag applies to Segment Type B. If B-Flag appears with Segment * B-Flag applies to Segment Type B. If B-Flag appears with Segment
Type A it MUST be ignored. Type A, it MUST be ignored.
2.4.4.2.4. SRv6 SID Endpoint Behavior and Structure 2.4.4.2.4. SRv6 SID Endpoint Behavior and Structure
The Segment Types sub-TLVs described above MAY contain the SRv6 The Segment Types sub-TLVs described above MAY contain the SRv6
Endpoint Behavior and SID Structure [RFC8986] encoding as described Endpoint Behavior and SID Structure [RFC8986] encoding as described
below: below:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Endpoint Behavior | Reserved | | Endpoint Behavior | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| LB Length | LN Length | Fun. Length | Arg. Length | | LB Length | LN Length | Fun. Length | Arg. Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 23: SRv6 SID Endpoint Behavior and Structure Figure 14: SRv6 SID Endpoint Behavior and Structure
where: Where:
Endpoint Behavior: 2 octets. It carries the SRv6 Endpoint Endpoint Behavior: 2 octets. It carries the SRv6 Endpoint Behavior
Behavior code point for this SRv6 SID as defined in section 10.2 code point for this SRv6 SID as defined in Section 10.2 of
of [RFC8986]. When set with the value 0xFFFF (i.e., Opaque), the [RFC8986]. When set with the value 0xFFFF (i.e., Opaque), the
choice of SRv6 Endpoint Behavior is left to the headend. choice of SRv6 Endpoint Behavior is left to the headend.
Reserved: 2 octets of reserved bits. This field MUST be set to Reserved: 2 octets of reserved bits. This field MUST be set to zero
zero on transmission and MUST be ignored on receipt. on transmission and MUST be ignored on receipt.
Locator Block Length: 1 octet. SRv6 SID Locator Block length in Locator Block Length: 1 octet. SRv6 SID Locator Block length in
bits. bits.
Locator Node Length: 1 octet. SRv6 SID Locator Node length in Locator Node Length: 1 octet. SRv6 SID Locator Node length in bits.
bits.
Function Length: 1 octet. SRv6 SID Function length in bits. Function Length: 1 octet. SRv6 SID Function length in bits.
Argument Length: 1 octet. SRv6 SID Arguments length in bits. Argument Length: 1 octet. SRv6 SID Arguments length in bits.
The total of the locator block, locator node, function, and argument The total of the locator block, locator node, function, and argument
lengths MUST be less than or equal to 128. lengths MUST be less than or equal to 128.
2.4.5. Explicit NULL Label Policy Sub-TLV 2.4.5. Explicit NULL Label Policy Sub-TLV
To steer an unlabeled IP packet into an SR policy for the MPLS data To steer an unlabeled IP packet into an SR policy for the MPLS data
plane, it is necessary to push a label stack of one or more labels on plane, it is necessary to push a label stack of one or more labels on
that packet. that packet.
The Explicit NULL Label Policy (ENLP) sub-TLV is used to indicate The Explicit NULL Label Policy (ENLP) sub-TLV is used to indicate
whether an Explicit NULL Label [RFC3032] must be pushed on an whether an Explicit NULL Label [RFC3032] must be pushed on an
unlabeled IP packet before any other labels. unlabeled IP packet before any other labels.
If an ENLP Sub-TLV is not present, the decision of whether to push an If an ENLP Sub-TLV is not present, the decision of whether to push an
Explicit NULL label on a given packet is a matter of local Explicit NULL label on a given packet is a matter of local
configuration. configuration.
The ENLP sub-TLV is OPTIONAL and it MUST NOT appear more than once in The ENLP sub-TLV is OPTIONAL; it MUST NOT appear more than once in
the SR Policy encoding. the SR Policy encoding.
The contents of this sub-TLV are used by the SRPM as described in The contents of this sub-TLV are used by the SRPM as described in
section 4.1 of [RFC9256]. Section 4.1 of [RFC9256].
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | RESERVED | | Type | Length | Flags | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ENLP | | ENLP |
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
Figure 24: ELNP sub-TLV Figure 15: ELNP Sub-TLV
Where: Where:
Type: 14. Type: 14
Length: Specifies the length of the value field (i.e., not Length: Specifies the length of the value field (i.e., not including
including Type and Length fields) in terms of octets. The value Type and Length fields) in terms of octets. The value MUST be 3.
MUST be 3.
Flags: 1 octet of flags. No flags are defined in this document. Flags: 1 octet of flags. No flags are defined in this document.
The Flags field MUST be set to zero on transmission and MUST be The Flags field MUST be set to zero on transmission and MUST be
ignored on receipt. ignored on receipt.
RESERVED: 1 octet of reserved bits. This field MUST be set to RESERVED: 1 octet of reserved bits. This field MUST be set to zero
zero on transmission and MUST be ignored on receipt. on transmission and MUST be ignored on receipt.
ENLP (Explicit NULL Label Policy): Indicates whether Explicit NULL ENLP (Explicit NULL Label Policy): Indicates whether Explicit NULL
labels are to be pushed on unlabeled IP packets that are being labels are to be pushed on unlabeled IP packets that are being
steered into a given SR policy. The following values have been steered into a given SR policy. The following values have been
currently defined for this field: currently defined for this field:
- 1: Push an IPv4 Explicit NULL label on an unlabeled IPv4 1: Push an IPv4 Explicit NULL label on an unlabeled IPv4 packet
packet, but do not push an IPv6 Explicit NULL label on an but do not push an IPv6 Explicit NULL label on an unlabeled
unlabeled IPv6 packet. IPv6 packet.
- 2: Push an IPv6 Explicit NULL label on an unlabeled IPv6 2: Push an IPv6 Explicit NULL label on an unlabeled IPv6 packet
packet, but do not push an IPv4 Explicit NULL label on an but do not push an IPv4 Explicit NULL label on an unlabeled
unlabeled IPv4 packet. IPv4 packet.
- 3: Push an IPv4 Explicit NULL label on an unlabeled IPv4 3: Push an IPv4 Explicit NULL label on an unlabeled IPv4 packet
packet, and push an IPv6 Explicit NULL label on an unlabeled and push an IPv6 Explicit NULL label on an unlabeled IPv6
IPv6 packet. packet.
- 4: Do not push an Explicit NULL label. 4: Do not push an Explicit NULL label.
This field can have one of the values as specified in This field can have one of the values as specified in
Section 6.10. The ENLP unassigned values may be used for future Section 6.10. The ENLP unassigned values may be used for future
extensions. Implementations adhering to this document MUST ignore extensions. Implementations adhering to this document MUST ignore
the ENLP Sub-TLV with unrecognized values (viz. other than 1 the ENLP Sub-TLV with unrecognized values (viz. other than 1
through 4). The behavior signaled in this Sub-TLV MAY be through 4). The behavior signaled in this Sub-TLV MAY be
overridden by local configuration by the network operator based on overridden by local configuration by the network operator based on
their deployment requirements. The section 4.1 of [RFC9256] their deployment requirements. Section 4.1 of [RFC9256] describes
describes the behavior on the headend for the handling of the the behavior on the headend for the handling of the explicit null
explicit null label. label.
2.4.6. Policy Priority Sub-TLV 2.4.6. Policy Priority Sub-TLV
An operator MAY set the Policy Priority sub-TLV to indicate the order An operator MAY set the Policy Priority sub-TLV to indicate the order
in which the SR policies are re-computed upon topological change. in which the SR policies are recomputed upon topological change. The
The contents of this sub-TLV are used by the SRPM as described in contents of this sub-TLV are used by the SRPM as described in
section 2.12 of [RFC9256]. Section 2.12 of [RFC9256].
The Priority sub-TLV is OPTIONAL and it MUST NOT appear more than The Priority sub-TLV is OPTIONAL; it MUST NOT appear more than once
once in the SR Policy encoding. in the SR Policy encoding.
The Priority sub-TLV has following format: The Priority sub-TLV has the following format:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Priority | RESERVED | | Type | Length | Priority | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 25: Priority sub-TLV Figure 16: Priority Sub-TLV
Where: Where:
Type: 15 Type: 15
Length: Specifies the length of the value field (i.e., not Length: Specifies the length of the value field (i.e., not including
including Type and Length fields) in terms of octets.The value Type and Length fields) in terms of octets. The value MUST be 2.
MUST be 2.
Priority: a 1-octet value indicating the priority as specified in Priority: A 1-octet value indicating the priority as specified in
section 2.12 of [RFC9256]. Section 2.12 of [RFC9256].
RESERVED: 1 octet of reserved bits. This field MUST be set to RESERVED: 1 octet of reserved bits. This field MUST be set to zero
zero on transmission and MUST be ignored on receipt. on transmission and MUST be ignored on receipt.
2.4.7. Policy Candidate Path Name Sub-TLV 2.4.7. Policy Candidate Path Name Sub-TLV
An operator MAY set the Policy Candidate Path Name sub-TLV to attach An operator MAY set the Policy Candidate Path Name sub-TLV to attach
a symbolic name to the SR Policy candidate path. a symbolic name to the SR Policy candidate path.
Usage of Policy Candidate Path Name sub-TLV is described in section Usage of the Policy Candidate Path Name sub-TLV is described in
2.6 of [RFC9256]. Section 2.6 of [RFC9256].
The Policy Candidate Path Name sub-TLV may exceed 255 bytes in length The Policy Candidate Path Name sub-TLV may exceed 255 bytes in length
due to a long name. A 2-octet length is thus required. According to due to a long name. A 2-octet length is thus required. According to
section 2 of [RFC9012], the sub-TLV type defines the size of the Section 2 of [RFC9012], the sub-TLV type defines the size of the
length field. Therefore, for the Policy Candidate Path Name sub-TLV length field. Therefore, for the Policy Candidate Path Name sub-TLV,
a code point of 128 or higher is used. a code point of 128 or higher is used.
It is RECOMMENDED that the size of the symbolic name for the It is RECOMMENDED that the size of the symbolic name for the
candidate path is limited to 255 bytes. Implementations MAY choose candidate path be limited to 255 bytes. Implementations MAY choose
to truncate long names to 255 bytes when signaling via BGP. to truncate long names to 255 bytes when signaling via BGP.
The Policy Candidate Path Name sub-TLV is OPTIONAL and it MUST NOT The Policy Candidate Path Name sub-TLV is OPTIONAL; it MUST NOT
appear more than once in the SR Policy encoding. appear more than once in the SR Policy encoding.
The Policy Candidate Path Name sub-TLV has following format: The Policy Candidate Path Name sub-TLV has the following format:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | RESERVED | | Type | Length | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// Policy Candidate Path Name // // Policy Candidate Path Name //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 26: Policy Candidate Path Name sub-TLV Figure 17: Policy Candidate Path Name Sub-TLV
Where: Where:
Type: 129. Type: 129
Length: Specifies the length of the value field (i.e., not Length: Specifies the length of the value field (i.e., not including
including Type and Length fields) in terms of octets. The value Type and Length fields) in terms of octets. The value is
is variable. variable.
RESERVED: 1 octet of reserved bits. This field MUST be set to RESERVED: 1 octet of reserved bits. This field MUST be set to zero
zero on transmission and MUST be ignored on receipt. on transmission and MUST be ignored on receipt.
Policy Candidate Path Name: Symbolic name for the SR Policy Policy Candidate Path Name: Symbolic name for the SR Policy
candidate path without a NULL terminator with encoding as candidate path without a NULL terminator with encoding as
specified in section 2.6 of [RFC9256]. specified in Section 2.6 of [RFC9256].
2.4.8. Policy Name Sub-TLV 2.4.8. Policy Name Sub-TLV
An operator MAY set the Policy Name sub-TLV to associate a symbolic An operator MAY set the Policy Name sub-TLV to associate a symbolic
name with the SR Policy for which the candidate path is being name with the SR Policy for which the candidate path is being
advertised via the SR Policy NLRI. advertised via the SR Policy NLRI.
Usage of Policy Name sub-TLV is described in section 2.1 of Usage of the Policy Name sub-TLV is described in Section 2.1 of
[RFC9256]. [RFC9256].
The Policy Name sub-TLV may exceed 255 bytes in length due to a long The Policy Name sub-TLV may exceed 255 bytes in length due to a long
policy name. A 2-octet length is thus required. According to policy name. A 2-octet length is thus required. According to
section 2 of [RFC9012], the sub-TLV type defines the size of the Section 2 of [RFC9012], the sub-TLV type defines the size of the
length field. Therefore, for the Policy Name sub-TLV a code point of length field. Therefore, for the Policy Name sub-TLV, a code point
128 or higher is used. of 128 or higher is used.
It is RECOMMENDED that the size of the symbolic name for the SR It is RECOMMENDED that the size of the symbolic name for the SR
Policy is limited to 255 bytes. Implementations MAY choose to Policy be limited to 255 bytes. Implementations MAY choose to
truncate long names to 255 bytes when signaling via BGP. truncate long names to 255 bytes when signaling via BGP.
The Policy Name sub-TLV is OPTIONAL and it MUST NOT appear more than The Policy Name sub-TLV is OPTIONAL; it MUST NOT appear more than
once in the SR Policy encoding. once in the SR Policy encoding.
The Policy Name sub-TLV has following format: The Policy Name sub-TLV has the following format:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | RESERVED | | Type | Length | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// Policy Name // // Policy Name //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 27: Policy Name sub-TLV Figure 18: Policy Name Sub-TLV
Where: Where:
Type: 130 Type: 130
Length: Specifies the length of the value field (i.e., not Length: Specifies the length of the value field (i.e., not including
including Type and Length fields) in terms of octets. The value Type and Length fields) in terms of octets. The value is
is variable. variable.
RESERVED: 1 octet of reserved bits. This field MUST be set to RESERVED: 1 octet of reserved bits. This field MUST be set to zero
zero on transmission and MUST be ignored on receipt. on transmission and MUST be ignored on receipt.
Policy Name: Symbolic name for the SR Policy without a NULL Policy Name: Symbolic name for the SR Policy without a NULL
terminator with encoding as specified in section 2.1 of [RFC9256]. terminator with encoding as specified in Section 2.1 of [RFC9256].
3. Color Extended Community 3. Color Extended Community
The Color Extended Community [RFC9012] is used to steer traffic The Color Extended Community [RFC9012] is used to steer traffic
corresponding to BGP routes into an SR Policy with matching color corresponding to BGP routes into an SR Policy with matching color
value. The Color Extended Community MAY be carried in any BGP UPDATE value. The Color Extended Community MAY be carried in any BGP UPDATE
message whose AFI/SAFI is 1/1 (IPv4 Unicast), 2/1 (IPv6 Unicast), 1/4 message whose AFI/SAFI is 1/1 (IPv4 Unicast), 2/1 (IPv6 Unicast), 1/4
(IPv4 Labeled Unicast), 2/4 (IPv6 Labeled Unicast), 1/128 (VPN-IPv4 (IPv4 Labeled Unicast), 2/4 (IPv6 Labeled Unicast), 1/128 (VPN-IPv4
Labeled Unicast), 2/128 (VPN-IPv6 Labeled Unicast), or 25/70 Labeled Unicast), 2/128 (VPN-IPv6 Labeled Unicast), or 25/70
(Ethernet VPN, usually known as EVPN). Use of the Color Extended (Ethernet VPN, usually known as EVPN). Use of the Color Extended
Community in BGP UPDATE messages of other AFI/SAFIs is not covered by Community in BGP UPDATE messages of other AFI/SAFIs is not covered by
[RFC9012] and is hence outside the scope of this document as well. [RFC9012]; hence, it is outside the scope of this document as well.
Two bits from the Flags field of the Color Extended Community are Two bits from the Flags field of the Color Extended Community are
used as follows to support the requirements of Color-Only steering as used as follows to support the requirements of Color-Only steering as
specified in Section 8.8 of [RFC9256]: specified in Section 8.8 of [RFC9256]:
1 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|C O| Unassigned | |C O| Unassigned |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 28: Color Extended Community Flags Figure 19: Color Extended Community Flags
The CO bits together form the Color-Only Type field which indicates The C and O bits together form the Color-Only Type field, which
the various matching criteria between BGP NH and SR Policy endpoint indicates the various matching criteria between the BGP NH and the SR
in addition to the matching of the color value. Following types are Policy endpoint in addition to the matching of the color value. The
defined: following types are defined:
* Type 0 (bits 00): Specific Endpoint Match: Request match for the Type 0 (bits 00): Specific Endpoint Match. Request a match for the
endpoint that is the BGP NH endpoint that is the BGP NH.
* Type 1 (bits 01): Specific or Null Endpoint Match: Request match Type 1 (bits 01): Specific or Null Endpoint Match. Request a match
for either the endpoint that is the BGP NH or a null endpoint for either the endpoint that is the BGP NH or a null endpoint
(e.g., like a default gateway) (e.g., a default gateway).
* Type 2 (bits 10): Specific, Null, or Any Endpoint Match: Request Type 2 (bits 10): Specific, Null, or Any Endpoint Match. Request a
match for either the endpoint that is the BGP NH or with a null or match for either the endpoint that is the BGP NH or a null or any
any endpoint endpoint.
* Type 3 (bits 11): reserved for future use and SHOULD NOT be used. Type 3 (bits 11): Reserved for future use and SHOULD NOT be used.
Upon reception, an implementation MUST treat it like Type 0. Upon reception, an implementation MUST treat it like Type 0.
The details of the SR Policy steering mechanisms based on these The details of the SR Policy steering mechanisms based on these
Color-Only types are specified in section 8.8 of [RFC9256]. Color-Only types are specified in Section 8.8 of [RFC9256].
One or more Color Extended Communities MAY be associated with a BGP One or more Color Extended Communities MAY be associated with a BGP
route update. Sections 8.4.1, 8.5.1, and 8.8.2 of [RFC9256] specify route update. Sections 8.4.1, 8.5.1, and 8.8.2 of [RFC9256] specify
the steering behaviors over SR Policies when multiple Color Extended the steering behaviors over SR Policies when multiple Color Extended
Communities are associated with a BGP route. Communities are associated with a BGP route.
4. SR Policy Operations 4. SR Policy Operations
As mentioned in Section 1, BGP is not the actual consumer of an SR As mentioned in Section 1, BGP is not the actual consumer of an SR
Policy NLRI. BGP is in charge of the origination and propagation of Policy NLRI. BGP is in charge of the origination and propagation of
the SR Policy NLRI but its installation and use are outside the scope the SR Policy NLRI, but its installation and use are outside the
of BGP. The details of SR Policy installation and use are specified scope of BGP. The details of SR Policy installation and use are
in [RFC9256]. specified in [RFC9256].
4.1. Advertisement of SR Policies 4.1. Advertisement of SR Policies
Typically, but not limited to, an SR Policy is computed by a Typically, but not limited to, an SR Policy is computed by a
controller or a path computation engine (PCE) and originated by a BGP controller or a Path Computation Engine (PCE) and originated by a BGP
speaker on its behalf. speaker on its behalf.
Multiple SR Policy NLRIs may be present with the same <color, Multiple SR Policy NLRIs may be present with the same <color,
endpoint> tuple but with different distinguishers when these SR endpoint> tuple but with different distinguishers when these SR
policies are intended for different headends. policies are intended for different headends.
The distinguisher of each SR Policy NLRI prevents undesired BGP route The distinguisher of each SR Policy NLRI prevents undesired BGP route
selection among these SR Policy NLRIs and allows their propagation selection among these SR Policy NLRIs and allows their propagation
across route reflectors [RFC4456]. across route reflectors [RFC4456].
skipping to change at page 27, line 45 skipping to change at line 1250
If no route target is attached to the SR Policy NLRI, then it is If no route target is attached to the SR Policy NLRI, then it is
assumed that the originator sends the SR Policy update directly assumed that the originator sends the SR Policy update directly
(e.g., through a BGP session) to the intended receiver. In such a (e.g., through a BGP session) to the intended receiver. In such a
case, the NO_ADVERTISE community [RFC1997] MUST be attached to the SR case, the NO_ADVERTISE community [RFC1997] MUST be attached to the SR
Policy update (see further details in Section 4.2.3). Policy update (see further details in Section 4.2.3).
4.2. Reception of an SR Policy NLRI 4.2. Reception of an SR Policy NLRI
On reception of an SR Policy NLRI, a BGP speaker first determines if On reception of an SR Policy NLRI, a BGP speaker first determines if
it is valid as described in Section 4.2.1 and then performs the it is valid as described in Section 4.2.1; then, the BGP speaker
decision process for selection of the best route (Section 9.1 of performs the decision process for selection of the best route
[RFC4271]). The key difference from the base BGP decision process is (Section 9.1 of [RFC4271]). The key difference from the base BGP
that BGP does not download the selected best routes of SR Policy SAFI decision process is that BGP does not download the selected best
into the forwarding and instead considers them "usable" for passing routes of the SR Policy SAFI into the forwarding; instead, it
on to the SRPM for further processing as described in Section 4.2.2. considers them "usable" for passing on to the SRPM for further
The selected best route is "propagated" (Section 9.1.3 of [RFC4271]) processing as described in Section 4.2.2. The selected best route is
as described in Section 4.2.3 irrespective of its "usability" by the "propagated" (Section 9.1.3 of [RFC4271]) as described in
local router. Section 4.2.3, irrespective of its "usability" by the local router.
4.2.1. Validation of an SR Policy NLRI 4.2.1. Validation of an SR Policy NLRI
When a BGP speaker receives an SR Policy NLRI from a neighbor it MUST When a BGP speaker receives an SR Policy NLRI from a neighbor, it
first perform validation based on the following rules in addition to MUST first perform validation based on the following rules in
the validation described in Section 5: addition to the validation described in Section 5:
* The SR Policy NLRI MUST include a distinguisher, color, and * The SR Policy NLRI MUST include a distinguisher, color, and
endpoint field which implies that the length of the NLRI MUST be endpoint field that implies that the length of the NLRI MUST be
either 12 or 24 octets (depending on the address family of the either 12 or 24 octets (depending on the address family of the
endpoint). endpoint).
* The SR Policy update MUST have either the NO_ADVERTISE community * The SR Policy update MUST have either the NO_ADVERTISE community,
or at least one route target extended community in IPv4-address at least one route target extended community in IPv4-address
format or both. If a router supporting this specification format, or both. If a router supporting this specification
receives an SR Policy update with no route target extended receives an SR Policy update with no route target extended
communities and no NO_ADVERTISE community, the update MUST be communities and no NO_ADVERTISE community, the update MUST be
considered as malformed. considered to be malformed.
* The Tunnel Encapsulation Attribute MUST be attached to the BGP * The Tunnel Encapsulation Attribute MUST be attached to the BGP
Update and MUST have a Tunnel Type TLV set to SR Policy (codepoint Update and MUST have a Tunnel Type TLV set to SR Policy (code
is 15). point is 15).
A router that receives an SR Policy update that is not valid A router that receives an SR Policy update that is not valid
according to these criteria MUST treat the update as malformed and according to these criteria MUST treat the update as malformed, and
the SR Policy candidate path MUST NOT be passed to the SRPM. the SR Policy candidate path MUST NOT be passed to the SRPM.
4.2.2. Eligibility for Local Use of an SR Policy NLRI 4.2.2. Eligibility for Local Use of an SR Policy NLRI
An SR Policy NLRI update without any route target extended community An SR Policy NLRI update that does not have a route target extended
but having the NO_ADVERTISE community is considered usable. community but does have the NO_ADVERTISE community is considered
usable.
If one or more route targets are present, then at least one route If one or more route targets are present, then at least one route
target MUST match the BGP Identifier of the receiver for the update target MUST match the BGP Identifier of the receiver for the update
to be considered usable. The BGP Identifier is defined in [RFC4271] to be considered usable. The BGP Identifier is defined in [RFC4271]
as a 4-octet IPv4 address and updated by [RFC6286] as a 4-octet, as a 4-octet IPv4 address and is updated by [RFC6286] as a 4-octet,
unsigned, non-zero integer. Therefore, the route target extended unsigned, non-zero integer. Therefore, the route target extended
community MUST be of the same format. community MUST be of the same format.
If one or more route targets are present and none matches the local If one or more route targets are present and none matches the local
BGP Identifier, then, while the SR Policy NLRI is valid, it is not BGP Identifier, then, while the SR Policy NLRI is valid, it is not
usable on the receiver node. usable on the receiver node.
When the SR Policy tunnel type includes any sub-TLV that is When the SR Policy tunnel type includes any sub-TLV that is
unrecognized or unsupported, the update SHOULD NOT be considered unrecognized or unsupported, the update SHOULD NOT be considered
usable. An implementation MAY provide an option for ignoring usable. An implementation MAY provide an option for ignoring
unsupported sub-TLVs. unsupported sub-TLVs.
Once BGP on the receiving node has determined that the SR Policy NLRI Once BGP on the receiving node has determined that the SR Policy NLRI
is usable, it passes the SR Policy candidate path to the SRPM. Note is usable, it passes the SR Policy candidate path to the SRPM. Note
that, along with the candidate path details, BGP also passes the that, along with the candidate path details, BGP also passes the
originator information for breaking ties in the candidate path originator information for breaking ties in the candidate path
selection process as described in section 2.4 of [RFC9256]. selection process as described in Section 2.4 of [RFC9256].
When an update for an SR Policy NLRI results in its becoming When an update for an SR Policy NLRI results in its becoming
unusable, BGP MUST delete its corresponding SR Policy candidate path unusable, BGP MUST delete its corresponding SR Policy candidate path
from the SRPM. from the SRPM.
The SRPM applies the rules defined in section 2 of [RFC9256] to The SRPM applies the rules defined in Section 2 of [RFC9256] to
determine whether the SR Policy candidate path is valid and to select determine whether the SR Policy candidate path is valid and to select
the active candidate path for a given SR Policy. the active candidate path for a given SR Policy.
4.2.3. Propagation of an SR Policy 4.2.3. Propagation of an SR Policy
SR Policy NLRIs that have the NO_ADVERTISE community attached to them SR Policy NLRIs that have the NO_ADVERTISE community attached to them
MUST NOT be propagated. MUST NOT be propagated.
By default, a BGP node receiving an SR Policy NLRI MUST NOT propagate By default, a BGP node receiving an SR Policy NLRI MUST NOT propagate
it to any EBGP neighbor. An implementation MAY provide an explicit it to any External BGP (EBGP) neighbor. An implementation MAY
configuration to override this and enable the propagation of valid SR provide an explicit configuration to override this and enable the
Policy NLRIs to specific EBGP neighbors where the SR domain comprises propagation of valid SR Policy NLRIs to specific EBGP neighbors where
multiple-ASes within a single service provider domain (see Section 7 the SR domain comprises multiple ASes within a single service
for details). provider domain (see Section 7 for details).
A BGP node advertises a received SR Policy NLRI to its IBGP neighbors A BGP node advertises a received SR Policy NLRI to its Internal BGP
according to normal IBGP propagation rules. (IBGP) neighbors according to normal IBGP propagation rules.
By default, a BGP node receiving an SR Policy NLRI SHOULD NOT remove By default, a BGP node receiving an SR Policy NLRI SHOULD NOT remove
route target extended community before propagation. An the route target extended community before propagation. An
implementation MAY provide support for configuration to filter and/or implementation MAY provide support for configuration to filter and/or
remove route target extended community before propagation. remove the route target extended community before propagation.
A BGP node MUST NOT alter the SR Policy information carried in the A BGP node MUST NOT alter the SR Policy information carried in the
Tunnel Encapsulation Attribute during propagation. Tunnel Encapsulation Attribute during propagation.
5. Error Handling and Fault Management 5. Error Handling and Fault Management
This section describes the error handling actions, as described in This section describes the error-handling actions, as described in
[RFC7606], that are to be performed for the handling of the BGP [RFC7606], that are to be performed for the handling of the BGP
update messages for BGP SR Policy SAFI. update messages for the BGP SR Policy SAFI.
A BGP Speaker MUST perform the following syntactic validation of the A BGP speaker MUST perform the following syntactic validation of the
SR Policy NLRI to determine if it is malformed. This includes the SR Policy NLRI to determine if it is malformed. This includes the
validation of the length of each NLRI and the total length of the validation of the length of each NLRI and the total length of the
MP_REACH_NLRI and MP_UNREACH_NLRI attributes. It also includes the MP_REACH_NLRI and MP_UNREACH_NLRI attributes. It also includes the
validation of the consistency of the NLRI length with the AFI and the validation of the consistency of the NLRI length with the AFI and the
endpoint address as specified in Section 2.1. endpoint address as specified in Section 2.1.
When the error determined allows for the router to skip the malformed When the error determined allows for the router to skip the malformed
NLRI(s) and continue the processing of the rest of the update NLRI(s) and continue the processing of the rest of the update
message, then it MUST handle such malformed NLRIs as 'Treat-as- message, then it MUST handle such malformed NLRIs as 'treat-as-
withdraw'. In other cases, where the error in the NLRI encoding withdraw'. In other cases, where the error in the NLRI encoding
results in the inability to process the BGP update message (e.g. results in the inability to process the BGP update message (e.g.,
length related encoding errors), then the router SHOULD handle such length-related encoding errors), then the router SHOULD handle such
malformed NLRIs as 'AFI/SAFI disable' when other AFI/SAFI besides SR malformed NLRIs as "AFI/SAFI disable" when other AFIs/SAFIs besides
Policy are being advertised over the same session. Alternately, the SR Policy are being advertised over the same session. Alternately,
router MUST perform 'session reset' when the session is only being the router MUST perform "session reset" when the session is only
used for SR Policy or when it 'AFI/SAFI disable' action is not being used for SR Policy or when a "AFI/SAFI disable" action is not
possible. possible.
The validation of the TLVs/sub-TLVs introduced in this document and The validation of the TLVs/sub-TLVs introduced in this document and
defined in their respective sub-sections of Section 2.4 MUST be defined in their respective subsections of Section 2.4 MUST be
performed to determine if they are malformed or invalid. The performed to determine if they are malformed or invalid. The
validation of the Tunnel Encapsulation Attribute itself and the other validation of the Tunnel Encapsulation Attribute itself and the other
TLVs/sub-TLVs specified in Section 13 of [RFC9012] MUST be done as TLVs/sub-TLVs specified in Section 13 of [RFC9012] MUST be done as
described in that document. In case of any error detected, either at described in that document. In case of any error detected, either at
the attribute or its TLV/sub-TLV level, the "treat-as-withdraw" the attribute or its TLV/sub-TLV level, the "treat-as-withdraw"
strategy MUST be applied. This is because an SR Policy update strategy MUST be applied. This is because an SR Policy update
without a valid Tunnel Encapsulation Attribute (comprising of all without a valid Tunnel Encapsulation Attribute (comprised of all
valid TLVs/sub-TLVs) is not usable. valid TLVs/sub-TLVs) is not usable.
An SR Policy update that is determined to be not valid, and therefore An SR Policy update that is determined not to be valid (and,
malformed, based on rules described in Section 4.2.1 MUST be handled therefore, malformed) based on the rules described in Section 4.2.1
by the "treat-as-withdraw" strategy. MUST be handled by the "treat-as-withdraw" strategy.
The validation of the individual fields of the TLVs/sub-TLVs defined The validation of the individual fields of the TLVs/sub-TLVs defined
in Section 2.4 are beyond the scope of BGP as they are handled by the in Section 2.4 are beyond the scope of BGP as they are handled by the
SRPM as described in the individual TLV/sub-TLV sub-sections. A BGP SRPM as described in the individual TLV/sub-TLV subsections. A BGP
implementation MUST NOT perform semantic verification of such fields implementation MUST NOT perform semantic verification of such fields
nor consider the SR Policy update to be invalid or not usable based nor consider the SR Policy update to be invalid or not usable based
on such validation. on such validation.
An implementation SHOULD log any errors found during the above An implementation SHOULD log any errors found during the above
validation for further analysis. validation for further analysis.
6. IANA Considerations 6. IANA Considerations
This document uses code point allocations from the following existing This document uses code point allocations from the following existing
registries: registries in the "Subsequent Address Family Identifiers (SAFI)
Parameters" registry group:
* Subsequent Address Family Identifiers (SAFI) Parameters registry * The "SAFI Values" registry
* BGP Tunnel Encapsulation Attribute Tunnel Types registry under the This document uses code point allocations from the following existing
BGP Tunnel Encapsulation registry registries in the "Border Gateway Protocol (BGP) Tunnel
Encapsulation" registry group:
* BGP Tunnel Encapsulation Attribute sub-TLVs registry under the BGP * The "BGP Tunnel Encapsulation Attribute Tunnel Types" registry
Tunnel Encapsulation registry
* Color Extended Community Flags registry under the BGP Tunnel * The "BGP Tunnel Encapsulation Attribute Sub-TLVs" registry
Encapsulation registry
This document also requests the creation of the following new * The "Color Extended Community Flags" registry
registries:
* SR Policy Segment List Sub-TLVs under the BGP Tunnel Encapsulation This document creates the following new registries in the "Border
registry Gateway Protocol (BGP) Tunnel Encapsulation" registry group:
* SR Policy Binding SID Flags under the BGP Tunnel Encapsulation * The "SR Policy Segment List Sub-TLVs" registry
registry
* SR Policy SRv6 Binding SID Flags under the BGP Tunnel * The "SR Policy Binding SID Flags" registry
Encapsulation registry
* SR Policy Segment Flags under the BGP Tunnel Encapsulation * The "SR Policy SRv6 Binding SID Flags" registry
registry
* Color Extended Community Color-Only Types registry under the BGP * The "SR Policy Segment Flags" registry
Tunnel Encapsulation registry
* SR Policy ENLP Values under the Segment Routing registry * The "Color Extended Community Color-Only Types" registry
This document creates the following new registry in the "Segment
Routing" registry group:
* The "SR Policy ENLP Values" registry
6.1. Subsequent Address Family Identifiers (SAFI) Parameters 6.1. Subsequent Address Family Identifiers (SAFI) Parameters
This document introduces a SAFI in the registry "Subsequent Address This document registers a SAFI code point in the "SAFI Values"
Family Identifiers (SAFI) Parameters" that has been assigned a code registry of the "Subsequent Address Family Identifiers (SAFI)
point by IANA. The entry needs to be updated as follows: Parameters" registry group as follows:
Code Point Description Reference +=======+================+===========+
----------------------------------------------- | Value | Description | Reference |
73 SR Policy SAFI This document +=======+================+===========+
| 73 | SR Policy SAFI | RFC 9830 |
+-------+----------------+-----------+
Table 1: BGP SAFI Code Point Table 1: BGP SAFI Code Point
6.2. BGP Tunnel Encapsulation Attribute Tunnel Types 6.2. BGP Tunnel Encapsulation Attribute Tunnel Types
This document introduces a Tunnel-Type in the registry "BGP Tunnel This document registers a Tunnel-Type code point in the "BGP Tunnel
Encapsulation Attribute Tunnel Types" that has been assigned a Encapsulation Attribute Tunnel Types" registry under the "Border
codepoint by IANA. The entry needs to be updated as follows: Gateway Protocol (BGP) Tunnel Encapsulation" registry group.
Code Point Description Reference +=======+=============+===========+
-------------------------------------------------- | Value | Description | Reference |
15 SR Policy This document +=======+=============+===========+
| 15 | SR Policy | RFC 9830 |
+-------+-------------+-----------+
Table 2: Tunnel Type Code Point Table 2: Tunnel Type Code Point
6.3. BGP Tunnel Encapsulation Attribute sub-TLVs 6.3. BGP Tunnel Encapsulation Attribute Sub-TLVs
This document defines sub-TLVs in the registry "BGP Tunnel This document defines sub-TLVs in the "BGP Tunnel Encapsulation
Encapsulation Attribute sub-TLVs" that have been assigned code points Attribute Sub-TLVs" registry under the "Border Gateway Protocol (BGP)
by IANA as follows via the early allocation process which needs to be Tunnel Encapsulation" registry group.
made permanent:
Code Point Description Reference +=======+====================================+===========+
------------------------------------------------------------ | Value | Description | Reference |
12 Preference sub-TLV This document +=======+====================================+===========+
13 Binding SID sub-TLV This document | 12 | Preference sub-TLV | RFC 9830 |
14 ENLP sub-TLV This document +-------+------------------------------------+-----------+
15 Priority sub-TLV This document | 13 | Binding SID sub-TLV | RFC 9830 |
20 SRv6 Binding SID sub-TLV This document +-------+------------------------------------+-----------+
128 Segment List sub-TLV This document | 14 | ENLP sub-TLV | RFC 9830 |
129 Policy Candidate Path Name sub-TLV This document +-------+------------------------------------+-----------+
130 Policy Name sub-TLV This document | 15 | Priority sub-TLV | RFC 9830 |
+-------+------------------------------------+-----------+
| 20 | SRv6 Binding SID sub-TLV | RFC 9830 |
+-------+------------------------------------+-----------+
| 128 | Segment List sub-TLV | RFC 9830 |
+-------+------------------------------------+-----------+
| 129 | Policy Candidate Path Name sub-TLV | RFC 9830 |
+-------+------------------------------------+-----------+
| 130 | Policy Name sub-TLV | RFC 9830 |
+-------+------------------------------------+-----------+
Table 3: BGP Tunnel Encapsulation Attribute Code Points Table 3: BGP Tunnel Encapsulation Attribute Sub-TLV
Code Points
6.4. Color Extended Community Flags 6.4. Color Extended Community Flags
This document defines the use of 2 bits in the registry called "Color This document defines the use of 2 bits in the "Color Extended
Extended Community Flags" under the "BGP Tunnel Encapsulation" Community Flags" registry under the "Border Gateway Protocol (BGP)
registry that have been assigned by IANA via the early allocation Tunnel Encapsulation" registry group.
process to form the Color-Only Types field which needs to be made
permanent:
Bit +==============+========================+===========+
Position Description Reference | Bit Position | Description | Reference |
------------------------------------------------------------------ +==============+========================+===========+
0-1 Color-only Types Field This document | 0-1 | Color-only Types Field | RFC 9830 |
+--------------+------------------------+-----------+
Table 4: Color Extended Community Flag Bits Table 4: Color Extended Community Flag Bits
6.5. SR Policy Segment List Sub-TLVs 6.5. SR Policy Segment List Sub-TLVs
This document requests the creation of a new registry called "SR This document creates a new registry called "SR Policy Segment List
Policy Segment List Sub-TLVs" under the "BGP Tunnel Encapsulation" Sub-TLVs" under the "Border Gateway Protocol (BGP) Tunnel
registry. The allocation policy of this registry is "IETF Review" Encapsulation" registry group. The registration policy of this
according to [RFC8126]. registry is "IETF Review" (see [RFC8126]).
Following initial Sub-TLV codepoints are assigned by this document: The following initial sub-TLV code points are assigned by this
document:
Value Description Reference +========+========================+===========+
----------------------------------------------------- | Value | Description | Reference |
0 Reserved This document +========+========================+===========+
1 Segment Type A sub-TLV This document | 0 | Reserved | RFC 9830 |
2 Deprecated This document +--------+------------------------+-----------+
3-8 Unassigned | 1 | Segment Type A sub-TLV | RFC 9830 |
9 Weight sub-TLV This document +--------+------------------------+-----------+
10 Deprecated This document | 2 | Deprecated | RFC 9830 |
11 Deprecated This document +--------+------------------------+-----------+
12 Deprecated This document | 3-8 | Unassigned |
13 Segment Type B sub-TLV This document +--------+------------------------+-----------+
14-255 Unassigned | 9 | Weight sub-TLV | RFC 9830 |
+--------+------------------------+-----------+
| 10 | Deprecated | RFC 9830 |
+--------+------------------------+-----------+
| 11 | Deprecated | RFC 9830 |
+--------+------------------------+-----------+
| 12 | Deprecated | RFC 9830 |
+--------+------------------------+-----------+
| 13 | Segment Type B sub-TLV | RFC 9830 |
+--------+------------------------+-----------+
| 14-255 | Unassigned |
+--------+------------------------------------+
Table 5: SR Policy Segment List Code Points Table 5: SR Policy Segment List Sub-TLV
Code Points
6.6. SR Policy Binding SID Flags 6.6. SR Policy Binding SID Flags
This document requests the creation of a new registry called "SR This document creates a new registry called "SR Policy Binding SID
Policy Binding SID Flags" under the "BGP Tunnel Encapsulation" Flags" under the "Border Gateway Protocol (BGP) Tunnel Encapsulation"
registry. The allocation policy of this registry is "Standards registry group. The registration policy of this registry is
Action" according to [RFC8126]. "Standards Action" (see [RFC8126]).
The following flags are defined: The following flags are defined:
Bit Description Reference +=====+===================================+===========+
----------------------------------------------------------------- | Bit | Description | Reference |
0 Specified-BSID-Only Flag (S-Flag) This document +=====+===================================+===========+
1 Drop Upon Invalid Flag (I-Flag) This document | 0 | Specified-BSID-Only Flag (S-Flag) | RFC 9830 |
2-7 Unassigned +-----+-----------------------------------+-----------+
| 1 | Drop Upon Invalid Flag (I-Flag) | RFC 9830 |
+-----+-----------------------------------+-----------+
| 2-7 | Unassigned |
+-----+-----------------------------------------------+
Table 6: SR Policy Binding SID Flags Table 6: SR Policy Binding SID Flags
6.7. SR Policy SRv6 Binding SID Flags 6.7. SR Policy SRv6 Binding SID Flags
This document requests the creation of a new registry called "SR This document creates a new registry called "SR Policy SRv6 Binding
Policy SRv6 Binding SID Flags" under the "BGP Tunnel Encapsulation" SID Flags" under the "Border Gateway Protocol (BGP) Tunnel
registry. The allocation policy of this registry is "Standards Encapsulation" registry group. The registration policy of this
Action" according to [RFC8126]. registry is "Standards Action" (see [RFC8126]).
The following flags are defined: The following flags are defined:
Bit Description Reference +=====+===================================+===========+
----------------------------------------------------------------- | Bit | Description | Reference |
0 Specified-BSID-Only Flag (S-Flag) This document +=====+===================================+===========+
1 Drop Upon Invalid Flag (I-Flag) This document | 0 | Specified-BSID-Only Flag (S-Flag) | RFC 9830 |
2 SRv6 Endpoint Behavior & +-----+-----------------------------------+-----------+
SID Structure Flag (B-Flag) This document | 1 | Drop Upon Invalid Flag (I-Flag) | RFC 9830 |
3-7 Unassigned +-----+-----------------------------------+-----------+
| 2 | SRv6 Endpoint Behavior & SID | RFC 9830 |
| | Structure Flag (B-Flag) | |
+-----+-----------------------------------+-----------+
| 3-7 | Unassigned |
+-----+-----------------------------------------------+
Table 7: SR Policy SRv6 Binding SID Flags Table 7: SR Policy SRv6 Binding SID Flags
6.8. SR Policy Segment Flags 6.8. SR Policy Segment Flags
This document requests the creation of a new registry called "SR This document creates a new registry called "SR Policy Segment Flags"
Policy Segment Flags" under the "BGP Tunnel Encapsulation" registry. under the "Border Gateway Protocol (BGP) Tunnel Encapsulation"
The allocation policy of this registry is "IETF Review" according to registry group. The registration policy of this registry is "IETF
[RFC8126]. Review" (see [RFC8126]).
The following flags are defined: The following flags are defined:
Bit Description Reference +=====+====================================+===========+
------------------------------------------------------------------ | Bit | Description | Reference |
0 Segment Verification Flag (V-Flag) This document +=====+====================================+===========+
1-2 Unassigned | 0 | Segment Verification Flag (V-Flag) | RFC 9830 |
3 SRv6 Endpoint Behavior & +-----+------------------------------------+-----------+
SID Structure Flag (B-Flag) This document | 1-2 | Unassigned |
4-7 Unassigned +-----+------------------------------------+-----------+
| 3 | SRv6 Endpoint Behavior & SID | RFC 9830 |
| | Structure Flag (B-Flag) | |
+-----+------------------------------------+-----------+
| 4-7 | Unassigned |
+-----+------------------------------------------------+
Table 8: SR Policy Segment Flags Table 8: SR Policy Segment Flags
6.9. Color Extended Community Color-Only Types 6.9. Color Extended Community Color-Only Types
This document requests the creation of a new registry called "Color This document creates a new registry called "Color Extended Community
Extended Community Color-Only Types" under the "BGP Tunnel Color-Only Types" under the "Border Gateway Protocol (BGP) Tunnel
Encapsulation" registry for assignment of codepoints (values 0 Encapsulation" registry group for assignment of code points (values 0
through 3) in the Color-Only Type field of the Color Extended through 3) in the Color-Only Type field of the Color Extended
Community Flags field. The allocation policy of this registry is Community Flags field. The registration policy of this registry is
"Standards Action" according to [RFC8126]. "Standards Action" (see [RFC8126]).
The following types are defined: The following types are defined:
Type Description Reference +======+=======================================+===========+
----------------------------------------------------------- | Type | Description | Reference |
0 Specific Endpoint Match This document +======+=======================================+===========+
1 Specific or Null Endpoint Match This document | 0 | Specific Endpoint Match | RFC 9830 |
2 Specific, Null, or Any Endpoint Match This document +------+---------------------------------------+-----------+
3 Unassigned This document | 1 | Specific or Null Endpoint Match | RFC 9830 |
+------+---------------------------------------+-----------+
| 2 | Specific, Null, or Any Endpoint Match | RFC 9830 |
+------+---------------------------------------+-----------+
| 3 | Unassigned | RFC 9830 |
+------+---------------------------------------+-----------+
Table 9: Color Extended Community Color-Only Types Table 9: Color Extended Community Color-Only Types
6.10. SR Policy ENLP Values 6.10. SR Policy ENLP Values
Note to IANA (RFC editor to remove this before publication): The new IANA will maintain a new registry under the "Segment Routing"
registry creation request below is also present in the draft-ietf- registry group with the registration policy of "Standards Action"
pce-segment-routing-policy-cp. IANA is requested to process the (see [RFC8126]). The new registry is called "SR Policy ENLP Values"
registry creation via the first of these two documents to reach and contains the code points allocated to the "ENLP" field defined in
publication stage and the authors of the other document would update Section 2.4.5. The registry contains the following code points:
the IANA considerations suitably.
This document requests IANA to maintain a new registry under "Segment
Routing" registry group with the allocation policy of "Standards
Action" [RFC8126]. The new registry is called "SR Policy ENLP
Values" and contains the codepoints allocated to the "ENLP" field
defined in Section 2.4.5. The registry contains the following
codepoints, with initial values, to be assigned by IANA with the
reference set to this document:
+-------+-----------------------------------+---------------+ +=======+===================================+===========+
| Code | | | | Code | Description | Reference |
| Point | Description | Reference | | Point | | |
+-------+-----------------------------------+---------------+ +=======+===================================+===========+
| 0 | Reserved (not to be used) | This document | | 0 | Reserved (not to be used) | RFC 9830 |
| 1 | Push an IPv4 Explicit NULL label | This document | +-------+-----------------------------------+-----------+
| | on an unlabeled IPv4 packet, but | | | 1 | Push an IPv4 Explicit NULL label | RFC 9830 |
| | do not push an IPv6 Explicit NULL | | | | on an unlabeled IPv4 packet but | |
| | label on an unlabeled IPv6 packet | | | | do not push an IPv6 Explicit NULL | |
| 2 | Push an IPv6 Explicit NULL label | This document | | | label on an unlabeled IPv6 packet | |
| | on an unlabeled IPv6 packet, but | | +-------+-----------------------------------+-----------+
| | do not push an IPv4 Explicit NULL | | | 2 | Push an IPv6 Explicit NULL label | RFC 9830 |
| | label on an unlabeled IPv4 packet | | | | on an unlabeled IPv6 packet but | |
| 3 | Push an IPv6 Explicit NULL label | This document | | | do not push an IPv4 Explicit NULL | |
| | on an unlabeled IPv6 packet, and | | | | label on an unlabeled IPv4 packet | |
| | push an IPv4 Explicit NULL label | | +-------+-----------------------------------+-----------+
| | on an unlabeled IPv4 packet | | | 3 | Push an IPv6 Explicit NULL label | RFC 9830 |
| 4 | Do not push an Explicit NULL | This document | | | on an unlabeled IPv6 packet and | |
| | label | | | | push an IPv4 Explicit NULL label | |
| 5-255 | Unassigned | | | | on an unlabeled IPv4 packet | |
+-------+-----------------------------------+---------------+ +-------+-----------------------------------+-----------+
| 4 | Do not push an Explicit NULL | RFC 9830 |
| | label | |
+-------+-----------------------------------+-----------+
| 5-255 | Unassigned |
+-------+-----------------------------------------------+
Table 10: SR Policy ENLP Values Table 10: SR Policy ENLP Values
7. Security Considerations 7. Security Considerations
The security mechanisms of the base BGP security model apply to the The security mechanisms of the base BGP security model apply to the
extensions described in this document as well. See the Security extensions described in this document as well. See the Security
Considerations section of [RFC4271] for a discussion of BGP security. Considerations section of [RFC4271] for a discussion of BGP security.
Also, refer to [RFC4272] and [RFC6952] for analysis of security Also, refer to [RFC4272] and [RFC6952] for analysis of security
issues for BGP. issues for BGP.
The BGP SR Policy extensions specified in this document enable The BGP SR Policy extensions specified in this document enable
traffic engineering and service programming use-cases within an SR traffic engineering and service programming use cases within an SR
domain as described in [RFC9256]. SR operates within a trusted SR domain as described in [RFC9256]. SR operates within a trusted SR
domain [RFC8402] and its security considerations also apply to BGP domain [RFC8402]; its security considerations also apply to BGP
sessions when carrying SR Policy information. The SR Policies sessions when carrying SR Policy information. The SR Policies
distributed by BGP are expected to be used entirely within this distributed by BGP are expected to be used entirely within this
trusted SR domain which comprises a single AS or multiple ASes/ trusted SR domain, which comprises a single AS or multiple ASes /
domains within a single provider network. Therefore, precaution is domains within a single provider network. Therefore, precaution is
necessary to ensure that the SR Policy information advertised via BGP necessary to ensure that the SR Policy information advertised via BGP
sessions is limited to nodes in a secure manner within this trusted sessions is limited to nodes in a secure manner within this trusted
SR domain. BGP peering sessions for address-families other than SR SR domain. BGP peering sessions for address families other than SR
Policy SAFI may be set up to routers outside the SR domain. The Policy SAFI may be set up to routers outside the SR domain. The
isolation of BGP SR Policy SAFI peering sessions may be used to isolation of BGP SR Policy SAFI peering sessions may be used to
ensure that the SR Policy information is not advertised by accident ensure that the SR Policy information is not advertised by accident
or error to an EBGP peering session outside the SR domain. or in error to an EBGP peering session outside the SR domain.
Additionally, it may be considered that the export of SR Policy Additionally, it may be a consideration that the export of SR Policy
information, as described in this document, constitutes a risk to information, as described in this document, constitutes a risk to
confidentiality of mission-critical or commercially sensitive confidentiality of mission-critical or commercially sensitive
information about the network (more specifically endpoint/node information about the network (more specifically endpoint/node
addresses, SR SIDs, and the SR Policies deployed). BGP peerings are addresses, SR SIDs, and the SR Policies deployed). BGP peerings are
not automatic and require configuration; thus, it is the not automatic and require configuration; thus, it is the
responsibility of the network operator to ensure that only trusted responsibility of the network operator to ensure that only trusted
nodes (that include both routers and controller applications) within nodes (that include both routers and controller applications) within
the SR domain are configured to receive such information. the SR domain are configured to receive such information.
8. Manageability Considerations 8. Manageability Considerations
The specification of BGP models is an ongoing work based on The specification of BGP models is an ongoing work based on
[I-D.ietf-idr-bgp-model] and its future extensions are expected to [BGP-YANG-MODEL]; its future extensions are expected to cover the SR
cover the SR Policy SAFI. Existing BGP operational procedures also Policy SAFI. Existing BGP operational procedures also apply to the
apply to the SAFI specified in this document. The management, SAFI specified in this document. The management, operations, and
operations, and monitoring of BGP speakers and the SR Policy SAFI monitoring of BGP speakers and the SR Policy SAFI sessions between
sessions between them are not very different from other BGP sessions them are not very different from other BGP sessions and can be
and can be managed using the same data models. managed using the same data models.
The YANG model for the operation and management of SR Policies
[I-D.ietf-spring-sr-policy-yang] reports the SR Policies provisioned
via BGP SR Policy SAFI along with their operational states.
9. Acknowledgments
The authors of this document would like to thank Shyam Sethuram, John
Scudder, Przemyslaw Krol, Alex Bogdanov, Nandan Saha, Bruno Decraene,
Gurusiddesh Nidasesi, Kausik Majumdar, Zafar Ali, Swadesh Agarwal,
Jakob Heitz, Viral Patel, Peng Shaofu, Cheng Li, Martin Vigoureux,
John Scudder, Vincent Roca, Brian Haberman, Mohamed Boucadair,
Shunwan Zhuang, Andrew Alston, Jeffrey (Zhaohui) Zhang, Nagendra
Nainar, Rajesh Melarcode Venkateswaran, Nat Kao, Boris Hassanov,
Vincent Roca, Russ Housley, and Dan Romascanu for their comments and
review of this document. The authors would like to thank Susan Hares
for her detailed shepherd review that helped in improving the
document.
10. Contributors
Eric Rosen
Juniper Networks
US
Email: erosen@juniper.net
Arjun Sreekantiah
Cisco Systems
US
Email: asreekan@cisco.com
Acee Lindem
Cisco Systems
US
Email: acee@cisco.com
Siva Sivabalan
Cisco Systems
US
Email: msiva@cisco.com
Imtiyaz Mohammad
Arista Networks
India
Email: imtiyaz@arista.com
Gaurav Dawra
Cisco Systems
US
Email: gdawra.ietf@gmail.com
Peng Shaofu
ZTE Corporation
China
Email: peng.shaofu@zte.com.cn
Steven Lin
Calix
USA
Email: steven.lin@calix.com The YANG data model for the operation and management of SR Policies
[SR-POLICY-YANG] reports the SR Policies provisioned via BGP SR
Policy SAFI along with their operational states.
11. References 9. References
11.1. Normative References 9.1. Normative References
[RFC1997] Chandra, R., Traina, P., and T. Li, "BGP Communities [RFC1997] Chandra, R., Traina, P., and T. Li, "BGP Communities
Attribute", RFC 1997, DOI 10.17487/RFC1997, August 1996, Attribute", RFC 1997, DOI 10.17487/RFC1997, August 1996,
<https://www.rfc-editor.org/info/rfc1997>. <https://www.rfc-editor.org/info/rfc1997>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
skipping to change at page 40, line 15 skipping to change at line 1810
[RFC9012] Patel, K., Van de Velde, G., Sangli, S., and J. Scudder, [RFC9012] Patel, K., Van de Velde, G., Sangli, S., and J. Scudder,
"The BGP Tunnel Encapsulation Attribute", RFC 9012, "The BGP Tunnel Encapsulation Attribute", RFC 9012,
DOI 10.17487/RFC9012, April 2021, DOI 10.17487/RFC9012, April 2021,
<https://www.rfc-editor.org/info/rfc9012>. <https://www.rfc-editor.org/info/rfc9012>.
[RFC9256] Filsfils, C., Talaulikar, K., Ed., Voyer, D., Bogdanov, [RFC9256] Filsfils, C., Talaulikar, K., Ed., Voyer, D., Bogdanov,
A., and P. Mattes, "Segment Routing Policy Architecture", A., and P. Mattes, "Segment Routing Policy Architecture",
RFC 9256, DOI 10.17487/RFC9256, July 2022, RFC 9256, DOI 10.17487/RFC9256, July 2022,
<https://www.rfc-editor.org/info/rfc9256>. <https://www.rfc-editor.org/info/rfc9256>.
11.2. Informational References 9.2. Informative References
[I-D.ietf-idr-bgp-ls-sr-policy]
Previdi, S., Talaulikar, K., Dong, J., Gredler, H., and J.
Tantsura, "Advertisement of Segment Routing Policies using
BGP Link-State", Work in Progress, Internet-Draft, draft-
ietf-idr-bgp-ls-sr-policy-10, 9 December 2024,
<https://datatracker.ietf.org/doc/html/draft-ietf-idr-bgp-
ls-sr-policy-10>.
[I-D.ietf-idr-bgp-model] [BGP-YANG-MODEL]
Jethanandani, M., Patel, K., Hares, S., and J. Haas, "YANG Jethanandani, M., Patel, K., Hares, S., and J. Haas, "YANG
Model for Border Gateway Protocol (BGP-4)", Work in Model for Border Gateway Protocol (BGP-4)", Work in
Progress, Internet-Draft, draft-ietf-idr-bgp-model-18, 21 Progress, Internet-Draft, draft-ietf-idr-bgp-model-18, 21
October 2024, <https://datatracker.ietf.org/doc/html/ October 2024, <https://datatracker.ietf.org/doc/html/
draft-ietf-idr-bgp-model-18>. draft-ietf-idr-bgp-model-18>.
[I-D.ietf-idr-bgp-sr-segtypes-ext]
Talaulikar, K., Filsfils, C., Previdi, S., Mattes, P., and
D. Jain, "Segment Routing Segment Types Extensions for BGP
SR Policy", Work in Progress, Internet-Draft, draft-ietf-
idr-bgp-sr-segtypes-ext-06, 7 November 2024,
<https://datatracker.ietf.org/doc/html/draft-ietf-idr-bgp-
sr-segtypes-ext-06>.
[I-D.ietf-spring-sr-policy-yang]
Raza, S. K., Saleh, T., Shunwan, Z., Voyer, D., Durrani,
M., Matsushima, S., and V. P. Beeram, "YANG Data Model for
Segment Routing Policy", Work in Progress, Internet-Draft,
draft-ietf-spring-sr-policy-yang-04, 22 November 2024,
<https://datatracker.ietf.org/doc/html/draft-ietf-spring-
sr-policy-yang-04>.
[RFC4272] Murphy, S., "BGP Security Vulnerabilities Analysis", [RFC4272] Murphy, S., "BGP Security Vulnerabilities Analysis",
RFC 4272, DOI 10.17487/RFC4272, January 2006, RFC 4272, DOI 10.17487/RFC4272, January 2006,
<https://www.rfc-editor.org/info/rfc4272>. <https://www.rfc-editor.org/info/rfc4272>.
[RFC4456] Bates, T., Chen, E., and R. Chandra, "BGP Route [RFC4456] Bates, T., Chen, E., and R. Chandra, "BGP Route
Reflection: An Alternative to Full Mesh Internal BGP Reflection: An Alternative to Full Mesh Internal BGP
(IBGP)", RFC 4456, DOI 10.17487/RFC4456, April 2006, (IBGP)", RFC 4456, DOI 10.17487/RFC4456, April 2006,
<https://www.rfc-editor.org/info/rfc4456>. <https://www.rfc-editor.org/info/rfc4456>.
[RFC6952] Jethanandani, M., Patel, K., and L. Zheng, "Analysis of [RFC6952] Jethanandani, M., Patel, K., and L. Zheng, "Analysis of
BGP, LDP, PCEP, and MSDP Issues According to the Keying BGP, LDP, PCEP, and MSDP Issues According to the Keying
and Authentication for Routing Protocols (KARP) Design and Authentication for Routing Protocols (KARP) Design
Guide", RFC 6952, DOI 10.17487/RFC6952, May 2013, Guide", RFC 6952, DOI 10.17487/RFC6952, May 2013,
<https://www.rfc-editor.org/info/rfc6952>. <https://www.rfc-editor.org/info/rfc6952>.
[RFC9552] Talaulikar, K., Ed., "Distribution of Link-State and [RFC9552] Talaulikar, K., Ed., "Distribution of Link-State and
Traffic Engineering Information Using BGP", RFC 9552, Traffic Engineering Information Using BGP", RFC 9552,
DOI 10.17487/RFC9552, December 2023, DOI 10.17487/RFC9552, December 2023,
<https://www.rfc-editor.org/info/rfc9552>. <https://www.rfc-editor.org/info/rfc9552>.
[RFC9831] Talaulikar, K., Ed., Filsfils, C., Previdi, S., Mattes,
P., and D. Jain, "Segment Routing Segment Types Extensions
for BGP SR Policy", RFC 9831, DOI 10.17487/RFC9831, July
2025, <https://www.rfc-editor.org/info/rfc9831>.
[SR-BGP-LS]
Previdi, S., Talaulikar, K., Ed., Dong, J., Gredler, H.,
and J. Tantsura, "Advertisement of Segment Routing
Policies using BGP Link-State", Work in Progress,
Internet-Draft, draft-ietf-idr-bgp-ls-sr-policy-16, 3
March 2025, <https://datatracker.ietf.org/doc/html/draft-
ietf-idr-bgp-ls-sr-policy-16>.
[SR-POLICY-YANG]
Raza, K., Ed., Saleh, T., Shunwan, Z., Voyer, D., Durrani,
M., Matsushima, S., and V. Beeram, "YANG Data Model for
Segment Routing Policy", Work in Progress, Internet-Draft,
draft-ietf-spring-sr-policy-yang-04, 22 November 2024,
<https://datatracker.ietf.org/doc/html/draft-ietf-spring-
sr-policy-yang-04>.
Acknowledgments
The authors of this document would like to thank Shyam Sethuram, John
Scudder, Przemyslaw Krol, Alex id Bogdanov, Nandan Saha, Bruno
Decraene, Gurusiddesh Nidasesi, Kausik Majumdar, Zafar Ali, Swadesh
Agarwal, Jakob Heitz, Viral Patel, Peng Shaofu, Cheng Li, Martin
Vigoureux, John Scudder, Vincent Roca, Brian Haberman, Mohamed
Boucadair, Shunwan Zhuang, Andrew Alston, Jeffrey (Zhaohui) Zhang,
Nagendra Nainar, Rajesh Melarcode Venkateswaran, Nat Kao, Boris
Hassanov, Vincent Roca, Russ Housley, and Dan Romascanu for their
comments and review of this document. The authors would like to
thank Susan Hares for her detailed shepherd review that helped in
improving the document.
Contributors
Eric Rosen
Juniper Networks
United States of America
Email: erosen@juniper.net
Arjun Sreekantiah
Cisco Systems
United States of America
Email: asreekan@cisco.com
Acee Lindem
Cisco Systems
United States of America
Email: acee@cisco.com
Siva Sivabalan
Cisco Systems
United States of America
Email: msiva@cisco.com
Imtiyaz Mohammad
Arista Networks
India
Email: imtiyaz@arista.com
Gaurav Dawra
Cisco Systems
United States of America
Email: gdawra.ietf@gmail.com
Peng Shaofu
ZTE Corporation
China
Email: peng.shaofu@zte.com.cn
Steven Lin
Calix
United States of America
Email: steven.lin@calix.com
Authors' Addresses Authors' Addresses
Stefano Previdi Stefano Previdi
Huawei Technologies Huawei Technologies
Italy Italy
Email: stefano@previdi.net Email: stefano@previdi.net
Clarence Filsfils Clarence Filsfils
Cisco Systems Cisco Systems
Brussels Brussels
 End of changes. 303 change blocks. 
763 lines changed or deleted 793 lines changed or added

This html diff was produced by rfcdiff 1.48.