SRv6 for Redundancy
ProtectionHuawei TechnologiesChinagengxuesong@huawei.comHuawei TechnologiesChinamach.chen@huawei.comHuawei TechnologiesChinashirley.yangfan@huawei.comCisco Systems, Inc.Spainpcamaril@cisco.comVerizon Inc.gyan.s.mishra@verizon.comSPRING Working GroupRedundancy Protection is a generalized protection mechanism to
achieve the high reliability of service transmission in Segment Routing
network. The mechanism inherits the "Live-Live" methodology, targeting
to enhance the functionalities of Segment Routing over IPv6. Inspired by
DetNet Packet Replication and Packet Elimination functions, two new
Segments are introduced to provide replication and elimination functions
on specific network nodes by leveraging SRv6 Segment programming
capabilities.The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in .Redundancy Protection is a generalized protection mechanism to
achieve the high reliability of service transmission in Segment Routing
network. Specifically, packets of flows are replicated at a network node
into two or more copies, which are transported via different paths in
parallel. When copies of packets are received and merged at one network
node, the redundant packets are determined and further eliminated to
guarantee only one copy of packets is transmitted. The mechanism
inherits the "Live-Live" methodology, targeting to enhance the
functionalities of Segment Routing over IPv6 .
Inspired by DetNet Packet Replication and
Packet Elimination Functions, two new Segments are introduced to provide
the replication and elimination functions on specific network nodes by
leveraging SRv6 Segment programming capabilities. As it is unnecessary
to perform switchover between different paths triggered by failure
detection, redundancy protection can facilitate to achieve zero packet
loss target when failure on either path happens.Redundancy protection provides ultra reliable protection to many
services, for example Cloud VR/Game, IPTV service and other type of
video services, high value private line service etc. In this document,
redundancy protection is applied to point-to-point service. The
mechanism for P2MP service stays out of the scope of this document.Segment Routing (SR) leverages the source routing paradigm. An
ingress node steers a packet through an ordered list of instructions,
called "segments". A segment can be associated to an arbitrary
processing of the packet in the node identified by the segment.This document extends the Segment Routing capabilities to support the
redundancy protection in an SRv6 environment, including the definitions
of two new Segments, meta data encapsulation, and a variation of Segment
Routing Policy.The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
14 when, and only
when, they appear in all capitals, as shown here.SR: Segment RoutingURLLC: Ultra-Reliable Low-Latency CommunicationVR: Virtual RealityRed Node: Redundancy NodeMer Node: Merging NodeFID: Flow IDentificationSN: Sequence NumberThis figure shows an example of redundancy protection used in SRv6
domain. R1, R2, R3, R4, Red and Mer are SR-capable nodes. When a flow is
sent into SRv6 domain, the process is:1) R1 receives the traffic flow and encapsulates packets with a list
of segments destined to R2, which is instantiated as an ordered list of
SRv6 SIDs.2) When the packet flow arrives at Red node, known as Redundancy
Node, each packet is replicated into two or more copies. Each copy of
the packet is encapsulated with a new segment list, which represents
different disjoint forwarding paths.3) Meta data information such as flow identification (FID) and
sequence number (SN) is used to facilitate the packet elimination on
Merging node (Mer). Flow identification identifies the specific flow,
and sequence number distinguishes the packet sequence of a flow. Meta
data is either carried in the packet before it arrives at Red node, or
added to each of the replicas at Red node.4) The multiple replicas go through different paths until the Mer
node. The first received packet of the flow is transmitted from Merging
Node to R2, and the redundant packets are eliminated.5) When there is any failures or packet loss in one path, the service
continues undisrupted through the other path without break.6) Sometimes, the packet will arrive out of order because of
redundancy protection, the function of reordering may be also necessary
on Merging Node. In such case the Merging node may include a reordering
function, which is implementation specific and out of the scope of this
document.In this example, service protection is supported by utilizing two
packet flows transmitted over two forwarding paths. It is noted that
there is no limitation of the number of replicas. For a unidirectional
flow, Red node supports replication function, and Mer node supports
elimination function. Reordering function MAY be required in combination
of elimination function on merging node. To minimize the jitter caused
by random packet loss, the disjoint paths are recommended to have
similar path forwarding delay.To achieve the packet replication and elimination functions,
Redundancy Segment and Merging Segment, as well as the related SRv6
Endpoint Behavior are introduced.Redundancy Segment is the identifier of packets which need the
replication function on redundancy node. It is also a variation of
Binding SID, and associated with a Redundancy Policy to provide
segment lists of disjoint paths. Thus, Redundancy segment is
associated with service instructions, indicating the following
operations:Steers the packet into the corresponding redundancy policyEncapsulates flow identification and sequence number in packets
if the two information is not carried in packetsPacket replication and segment encapsulation based on the
information of redundancy policy, e.g., the number of replication
copies, an ordered list of segments with a topological
instructionIn the case of SRv6, a new behavior End.R for Redundancy
Segment is defined. An instance of a redundancy SID is associated with
a redundancy policy B and a source address A. In the following
description, End.R behavior is specified in the encapsulation mode.
The End.R behavior in the insertion mode is for further study.When an SRv6-capable node (N) receives an IPv6 packet whose
destination address matches a local IPv6 address instantiated as an
SRv6 SID (S), and S is a Redundancy SID, N does:Merging Segment is associated with service instructions, indicates
the following operations:Packet merging and elimination: forward the first received
packets and eliminate the redundant packetsIn order to eliminate the redundant packet of a flow, merging
node utilizes sequence number to evaluate the redundant status of a
packet. Note that implementation specific mechanism could be applied
to control the amount of state monitored on sequence number, so that
system memory usage can be limited at a reasonable level.As merging node needs to maintain the state of flows, a centralized
controller should have a knowledge of merging nodes capability, and
never provision the redundancy policy to redundancy node when the
computation result goes beyond the flow recovery capability of merging
node. The capability advertisement of merging node will be specified
separately elsewhere, which is not within the scope of this
document.In the case of SRv6, a new behavior End.M for Merging Segment is
defined.When an SRv6-capable node (N) receives an IPv6 packet whose
destination address matches a local IPv6 address instantiated as an
SRv6 SID (S), and S is a Merging SID, N does:To support the redundancy protection function, flow identification
and sequence number are required. Flow identification identifies one
specific flow of redundancy protection, and is usually allocated from
centralized controller to the SR ingress node or redundancy node in SR
network. Sequence number distinguishes the packets within a flow by
specifying the order of packets. It is usually generated at SR ingress
node. If necessary, redundancy node can also facilitate to add sequence
number if required. Thus, encapsulations of flow identification and
sequence number should be specified accordingly.Redundancy Policy is a variation of SR Policy to conduct the replicas
to multiple disjoint paths for redundancy protection. It extends SR
policy to include more than one ordered lists of segments between
redundancy node and merging node, and all the ordered lists of segments
are used at the same time to steer the copies of flow into different
disjoint paths.This document requires registration of End.R behavior and End.M
behavior in "SRv6 Endpoint Behaviors" sub-registry of "Segment Routing
Parameters" registry.TBDThe authors would like to thank Bruno Decraene, Ron Bonica, James
Guichard, Jeffrey Zhang, Balazs Varga for their valuable comments and
discussions.