| Internet-Draft | Mirror Binding | October 2022 |
| Chen, et al. | Expires 26 April 2023 | [Page] |
BGP is used to distribute a binding SID with a list of SIDs to a node. This document describes extensions to BGP for distributing the binding SID with the list of SIDs and an identifier of the node. When detecting the failure of the node, an neighbor of the node protects the binding SID of the failed node.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119].¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 26 April 2023.¶
Copyright (c) 2022 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
[I-D.ietf-idr-segment-routing-te-policy] specifies how BGP may be used to distribute a Segment Routing (SR) Policy to a network node. An SR Policy is an ordered list of segments (i.e., instructions) that represent a source-routed policy. An SR Policy consists of one or more candidate paths, each consisting of one or more segment lists. An SR Policy may contain a binding SID associated with a path represented by a segment list (i.e., a list of SIDs).¶
After a BGP as a controller distributes an SR policy containing a binding SID associated with a list of SIDs to a network node, each neighbor of the node needs the information about the binding SID for protecting the binding SID of the node when the node fails. The information includes the binding SID, the list of SIDs and the identifier (ID) of the node. This document proposes some procedures and extensions to BGP for distributing the information.¶
This section defines a new Binding Protection sub-TLV under a Tunnel Encapsulation Attribute TLV of type 15 (i.e., SR Policy TLV). A Tunnel Encapsulation Attribute contains a Tunnel Encapsulation Attribute TLV.¶
The structure containing a Binding Protection sub-TLV is shown below.¶
Attributes:
Tunnel Encapsulation Attribute (23)
Tunnel Type (15): SR Policy TLV
Preference sub-TLV
Binding SID sub-TLV
SRv6 Binding SID sub-TLV
Explicit NULL Label Policy (ENLP) sub-TLV
Priority sub-TLV
Policy Candidate Path Name sub-TLV
Policy Name sub-TLV
Binding Protection sub-TLV
Segment List sub-TLV
Weight sub-TLV
Segment sub-TLV
Segment sub-TLV
...
...¶
A Binding Protection sub-TLV contains the information about a binding SID of a network node for a neighbor of the node to protect the Binding SID of the node when the neighbor detects the failure of the node.¶
The format of a Binding Protection sub-TLV is illustrated below.¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type (TBD1) | Length | Flags | RESERVED | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | sub-TLVs | ~ ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
This field contains the sub-TLV below to indicate the node to be protected (i.e., the protected node).¶
When a SR Policy (i.e., SR Policy TLV) contains a binding SID and a path with a protected node, the SR policy is for distributing the binding information of the node for protecting the binding SID of the node when the node fails (binding protection for short). The binding SID is encoded by a Binding SID sub-TLV or SRv6 Binding SID sub-TLV, the path is encoded by a Segment List Sub-TLV, and the node is encoded by a Binding Protection sub-TLV.¶
When a SR Policy contains a binding SID and a path without a protected node, the SR policy is for replacing the Binding SID with the path (i.e., the list of SIDs) when the node receives a packet with the Binding SID (binding for short).¶
The format of Protected Node BGP ID sub-TLV is illustrated below.¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type (1) | Length (4) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Protected Node BGP ID (4 octets) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
When a BGP sends a piece of binding information to node N in a first Update message, the BGP sends the corresponding binding protection information to each neighbor of node N in a second Update message. The first message contains a first SR Policy carried in MP_REACH_NLRI. The first SR Policy includes a binding SID and a path but does not include node N as a protected node. The second message contains a second SR Policy carried in MP_REACH_NLRI. The second SR Policy includes the binding SID, the path and node N as a protected node.¶
After a BGP sends the binding information to node N, if BGP removes the binding information from node N through sending a third Update message to node N, BGP removes the corresponding binding protection information from each neighbor of node N through sending a fourth Update message to the neighbor. The third message contains a third SR Policy carried in MP_UNREACH_NLRI. The third SR Policy includes the binding SID and the path but does not include node N as a protected node. The fourth message contains a fourth SR Policy carried in MP_UNREACH_NLRI. The fourth SR Policy includes the binding SID, the path and node N as a protected node.¶
After a BGP sends the binding information to node N, if the BGP changes the binding information in node N through sending a fifth Update message to node N, BGP changes the corresponding binding protection information in each neighbor of node N through sending a sixth Update message to the neighbor. The fifth message contains a fifth SR Policy carried in MP_REACH_NLRI. The fifth SR Policy includes the binding SID and a (changed) path but does not include node N as a protected node. The sixth message contains a sixth SR Policy carried in MP_REACH_NLRI. The sixth SR Policy includes the binding SID, the (changed) path and node N as a protected node.¶
Protocol extensions defined in this document do not affect the BGP security other than those as discussed in the Security Considerations section of [RFC5575].¶
This document requests assigning a new sub-TLV in the registry "BGP Tunnel Encapsulation Attribute sub-TLVs" as follows:¶
+------------+--------------------+-------------+ | Code Point | Description | Reference | +------------+--------------------+-------------+ | TBD1 | Binding Protection |This document| +------------+--------------------+-------------+¶