rfc9703.original   rfc9703.txt 
Routing area S. Hegde Internet Engineering Task Force (IETF) S. Hegde
Internet-Draft M. Srivastava Request for Comments: 9703 M. Srivastava
Intended status: Standards Track Juniper Networks Inc. Category: Standards Track Juniper Networks Inc.
Expires: 29 January 2025 K. Arora ISSN: 2070-1721 K. Arora
Individual Contributor Individual Contributor
S. Ninan S. Ninan
Ciena Ciena
X. Xu X. Xu
China Mobile China Mobile
28 July 2024 December 2024
Label Switched Path (LSP) Ping/Traceroute for Segment Routing (SR) Label Switched Path (LSP) Ping/Traceroute for Segment Routing (SR)
Egress Peer Engineering Segment Identifiers (SIDs) with MPLS Data Plane Egress Peer Engineering (EPE) Segment Identifiers (SIDs) with MPLS Data
draft-ietf-mpls-sr-epe-oam-19 Planes
Abstract Abstract
Egress Peer Engineering (EPE) is an application of Segment Routing to Egress Peer Engineering (EPE) is an application of Segment Routing
solve the problem of egress peer selection. The Segment Routing (SR) that solves the problem of egress peer selection. The SR-based
based BGP-EPE solution allows a centralized controller, e.g. a BGP-EPE solution allows a centralized controller, e.g., a Software-
Software Defined Network (SDN) controller to program any egress peer. Defined Network (SDN) controller, to program any egress peer. The
The EPE solution requires the node or the SDN controller to program EPE solution requires the node or the SDN controller to program 1)
the PeerNode Segment Identifier(SID) describing a session between two the PeerNode Segment Identifier (SID) describing a session between
nodes, the PeerAdj SID describing the link (one or more) that is used two nodes, 2) the PeerAdj SID describing the link or links that are
by sessions between peer nodes, and the PeerSet SID describing any used by the sessions between peer nodes, and 3) the PeerSet SID
connected interface to any peer in the related group. This document describing any connected interface to any peer in the related group.
provides new sub-TLVs for EPE Segment Identifiers (SID) that would be This document provides new sub-TLVs for EPE-SIDs that are used in the
used in the MPLS Target stack TLV (Type 1), in MPLS Ping and MPLS Target stack TLV (Type 1) in MPLS Ping and Traceroute
Traceroute procedures. procedures.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This is an Internet Standards Track document.
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months This document is a product of the Internet Engineering Task Force
and may be updated, replaced, or obsoleted by other documents at any (IETF). It represents the consensus of the IETF community. It has
time. It is inappropriate to use Internet-Drafts as reference received public review and has been approved for publication by the
material or to cite them other than as "work in progress." Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 7841.
This Internet-Draft will expire on 29 January 2025. Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
https://www.rfc-editor.org/info/rfc9703.
Copyright Notice Copyright Notice
Copyright (c) 2024 IETF Trust and the persons identified as the Copyright (c) 2024 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents
license-info) in effect on the date of publication of this document. (https://trustee.ietf.org/license-info) in effect on the date of
Please review these documents carefully, as they describe your rights publication of this document. Please review these documents
and restrictions with respect to this document. Code Components carefully, as they describe your rights and restrictions with respect
extracted from this document must include Revised BSD License text as to this document. Code Components extracted from this document must
described in Section 4.e of the Trust Legal Provisions and are include Revised BSD License text as described in Section 4.e of the
provided without warranty as described in the Revised BSD License. Trust Legal Provisions and are provided without warranty as described
in the Revised BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction
2. Theory of Operation . . . . . . . . . . . . . . . . . . . . . 4 2. Theory of Operation
3. Requirements Language . . . . . . . . . . . . . . . . . . . . 5 3. Requirements Language
4. FEC Definitions . . . . . . . . . . . . . . . . . . . . . . . 5 4. FEC Definitions
4.1. PeerNode SID Sub-TLV . . . . . . . . . . . . . . . . . . 5 4.1. PeerNode SID Sub-TLV
4.2. PeerAdj SID Sub-TLV . . . . . . . . . . . . . . . . . . . 7 4.2. PeerAdj SID Sub-TLV
4.3. PeerSet SID Sub-TLV . . . . . . . . . . . . . . . . . . . 9 4.3. PeerSet SID Sub-TLV
5. EPE-SID FEC validation . . . . . . . . . . . . . . . . . . . 11 5. EPE-SID FEC Validation
5.1. EPE-SID FEC validiation . . . . . . . . . . . . . . . . . 11 5.1. EPE-SID FEC Validation
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13 6. IANA Considerations
7. Security Considerations . . . . . . . . . . . . . . . . . . . 14 7. Security Considerations
8. Implementation Status . . . . . . . . . . . . . . . . . . . . 14 8. References
8.1. Juniper Networks . . . . . . . . . . . . . . . . . . . . 15 8.1. Normative References
9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 15 8.2. Informative References
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 15 Appendix A. Appendix
10.1. Normative References . . . . . . . . . . . . . . . . . . 15 Acknowledgments
10.2. Informative References . . . . . . . . . . . . . . . . . 16 Authors' Addresses
Appendix A. APPENDIX . . . . . . . . . . . . . . . . . . . . . . 17
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 18
1. Introduction 1. Introduction
Egress Peer Engineering (EPE) as defined in [RFC9087] is an effective Egress Peer Engineering (EPE), as defined in [RFC9087], is an
mechanism to select the egress peer link based on different criteria. effective mechanism that is used to select the egress peer link based
In this scenario, egress peers may belong to a completely different on different criteria. In this scenario, egress peers may belong to
ownership. The EPE-SIDs provide means to represent egress peer a completely different ownership. The EPE-SIDs provide the means to
nodes, links, sets of links and sets of nodes. Many network represent egress peer nodes, links, sets of links, and sets of nodes.
deployments have built their networks consisting of multiple Many network deployments have built their networks consisting of
Autonomous Systems, either for the ease of operations or as a result multiple Autonomous Systems (ASes) either for the ease of operations
of network mergers and acquisitions. The inter-AS links connecting or as a result of network mergers and acquisitions. The inter-AS
any two Autonomous Systems could be traffic-engineered using EPE-SIDs links connecting any two ASes could be traffic-engineered using EPE-
in this case, where there is single ownership but different AS SIDs in this case, where there is single ownership but different AS
numbers. It is important to validate the control plane to forwarding numbers. It is important to validate the control plane to forwarding
plane synchronization for these SIDs so that any anomaly can be plane synchronization for these SIDs so that any anomaly can be
detected easily by the network operator. EPE-SIDs may also be used easily detected by the network operator. EPE-SIDs may also be used
in ingress SR policy [RFC9256]to choose exit points where the remote in an ingress Segment Routing (SR) policy [RFC9256] to choose exit
AS belongs to completely different ownership. This scenario is out points where the remote AS has a completely different ownership.
of scope of this document. This scenario is out of scope for this document.
+---------+ +------+ +---------+ +------+
| | | | | | | |
| H B------D G | H B------D G
| | +---/| AS 2 |\ +------+ | | +---/| AS2 |\ +------+
| |/ +------+ \ | |---L/8 | |/ +------+ \ | |---L/8
A AS1 C---+ \| | A AS1 C---+ \| |
| |\\ \ +------+ /| AS 4 |---M/8 | |\\ \ +------+ /| AS4 |---M/8
| | \\ +-E |/ +------+ | | \\ +-E |/ +------+
| X | \\ | K | X | \\ | K
| | +===F AS 3 | | | +===F AS3 |
+---------+ +------+ +---------+ +------+
Figure 1: Reference Diagram Figure 1: Reference Diagram
In this reference diagram, EPE-SIDs are configured on AS1 towards AS2 In Figure 1, EPE-SIDs are configured on AS1 towards AS2 and AS3 and
and AS3 and advertised in BGP-LS [RFC9086]. In certain cases the advertised in the Border Gateway Protocol - Link State (BGP-LS)
EPE-SIDs advertised by the control plane may not be in [RFC9086]. In certain cases, the EPE-SIDs advertised by the control
synchronization with the label programmed in the data plane. For plane may not be in synchronization with the label programmed in the
example, on C a PeerAdj SID could be advertised to indicate it is for data plane. For example, on C, a PeerAdj SID could be advertised to
the link C->D. Due to some software anomaly, the actual data indicate it is for the link C->D. Due to some software anomaly, the
forwarding on this PeerAdj SID could be happening over the C->E link. actual data forwarding on this PeerAdj SID could be happening over
If E had relevant data paths for further forwarding the packet, this the C->E link. If E had relevant data paths for further forwarding
kind of anomaly will go unnoticed by the network operator. A the packet, this kind of anomaly would go unnoticed by the network
detailed example of a correctly programmed state and an incorrectly operator. A detailed example of a correctly programmed state and an
programmed state along with a description of how the incorrect state incorrectly programmed state along with a description of how the
can be detected is described in Appendix A. A FEC definition for the incorrect state can be detected is described in Appendix A. A
EPE-SIDs will define the details of the control plane association of Forwarding Equivalence Class (FEC) definition for the EPE-SIDs will
the SID. The data plane validation of the SID will be done during detail the control plane association of the SID. The data plane
the MPLS traceroute procedure. When there is a multi-hop EBGP validation of the SID will be done during the MPLS traceroute
session between the ASBRs, PeerNode SID is advertised, and the procedure. When there is a multi-hop External BGP (EBGP) session
traffic MAY be load-balanced between the interfaces connecting the between the ASBRs, a PeerNode SID is advertised, and the traffic MAY
two nodes. In the reference diagram, C and F could have a PeerNode- be load-balanced between the interfaces connecting the two nodes. In
SID advertised. When the OAM packet is received on F, it needs to be Figure 1, C and F could have a PeerNode SID advertised. When the
validated that the packet came from one of the two interfaces Operations, Administration, and Maintenance (OAM) packet is received
connected to C. on F, it needs to be validated that the packet came from one of the
two interfaces connected to C.
This document provides Target Forwarding Equivalence Class (FEC) This document provides Target Forwarding Equivalence Class (FEC)
stack TLV definitions for EPE-SIDs. This solution requires that the Stack TLV definitions for EPE-SIDs. This solution requires the node
node constructing the target FEC stack can determine the type of the constructing the target FEC stack to determine the types of SIDs
SIDs along the path of the LSP. Other procedures for MPLS Ping and along the path of the LSP. Other procedures for MPLS Ping and
Traceroute as defined in [RFC8287] section 7 and clarified by Traceroute, as defined in Section 7 of [RFC8287] and clarified in
[RFC8690] are applicable for EPE-SIDs as well. [RFC8690], are applicable for EPE-SIDs as well.
2. Theory of Operation 2. Theory of Operation
[RFC9086] provides mechanisms to advertise the EPE-SIDs in BGP-LS. [RFC9086] provides mechanisms to advertise the EPE-SIDs in BGP-LS.
These EPE-SIDs may be used to build Segment Routing paths as These EPE-SIDs may be used to build SR paths as described in
described in [I-D.ietf-idr-segment-routing-te-policy] or using Path [SR-TE-POLICY] or using Path Computation Element Protocol (PCEP)
Computation Element Protocol (PCEP) extensions as defined in extensions as defined in [RFC8664]. Data plane monitoring for such
[RFC8664]. Data plane monitoring for such paths which consist of paths that consist of EPE-SIDs will use extensions defined in this
EPE-SIDs will use extensions defined in this document to build the document to build the Target FEC stack TLV. The MPLS Ping and
Target FEC stack TLV. The MPLS Ping and Traceroute procedures MAY be Traceroute procedures MAY be initiated by the head-end of the SR path
initiated by the head-end of the Segment Routing path or a or a centralized topology-aware data plane monitoring system, as
centralized topology-aware data plane monitoring system as described described in [RFC8403]. The extensions in [SR-TE-POLICY] and
in [RFC8403]. The extensions in [RFC8664] do not define how to carry the details of the SID that can
[I-D.ietf-idr-segment-routing-te-policy] and [RFC8664] do not define be used to construct the FEC. Such extensions are out of scope for
how to carry the details of the SID that can be used to construct the this document. The node initiating the data plane monitoring may
FEC. Such extensions are out of the scope for this document. The acquire the details of EPE-SIDs through BGP-LS advertisements, as
node initiating the data plane monitoring may acquire the details of described in [RFC9086]. There may be other possible mechanisms that
EPE-SIDs through BGP-LS advertisements as described in [RFC9086]. can be used to learn the definition of the SID from the controller.
There may be other possible mechanisms to learn the definition of the Details of such mechanisms are out of scope for this document.
SID from controller. Details of such mechanisms are out of scope for
this document.
The EPE-SIDs are advertised for inter-AS links which run EBGP The EPE-SIDs are advertised for inter-AS links that run EBGP
sessions. [RFC9086] does not define the detailed procedures to sessions. [RFC9086] does not define the detailed procedures of how
operate EBGP sessions in a scenario with unnumbered interfaces. to operate EBGP sessions in a scenario with unnumbered interfaces.
Therefore, these scenarios are out of scope for this document. Therefore, these scenarios are out of scope for this document.
Anycast and multicast addresses are not in the scope of this Anycast and multicast addresses are not in the scope of this
document. During AS migration scenario procedures described in document. During the AS migration scenario, procedures described in
[RFC7705] may be in force. In these scenarios, if the local and [RFC7705] may be in force. In these scenarios, if the local and
remote AS fields in the FEC as described in Section 4 carries the remote AS fields in the FEC (as described in Section 4) carry the
globally configured ASN and not the "local AS" as defined in globally configured Access Service Network (ASN) and not the "local
[RFC7705], the FEC validation procedures may fail. AS" (as defined in [RFC7705]), then the FEC validation procedures may
fail.
As described in Section 1, this document defines FEC stack TLVs for As described in Section 1, this document defines FEC stack TLVs for
EPE-SIDs, that can be used in detecting MPLS data plane failures EPE-SIDs that can be used in detecting MPLS data plane failures
[RFC8029]. This mechanism applies to paths created across across [RFC8029]. This mechanism applies to paths created across ASes of
ASes of co-operating administrations. If the ping or traceroute cooperating administrations. If the ping or traceroute packet enters
packet enters a non co-operating AS domain, it might be dropped by a non-cooperating AS domain, it might be dropped by the routers in
the routers in the non co-operating domain. Although complete path the non-cooperating domain. Although a complete path validation
validation cannot be done across, non co-operating domains, it still cannot be done across non-cooperating domains, it still provides
provides useful information that the ping/traceroute packet entered a useful information that the ping or traceroute packet entered a non-
non co-operating domain. cooperating domain.
3. Requirements Language 3. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP "OPTIONAL" in this document are to be interpreted as described in BCP
14, [RFC2119], [RFC8174] when, and only when, they appear in all 14, [RFC2119], [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
4. FEC Definitions 4. FEC Definitions
Three new sub-TLVs are defined for the Target FEC Stack TLV (Type 1), In this document, three new sub-TLVs are defined for the Target FEC
the Reverse-Path Target FEC Stack TLV (Type 16), and the Reply Path Stack TLV (Type 1), the Reverse-Path Target FEC Stack TLV (Type 16),
TLV (Type 21). and the Reply Path TLV (Type 21).
Sub-Type Sub-TLV Name +==========+==============+
-------- --------------- | Sub-Type | Sub-TLV Name |
TBD1 PeerAdj SID Sub-TLV +==========+==============+
TBD2 PeerNode SID Sub-TLV | 38 | PeerAdj SID |
TBD3 PeerSet SID Sub-TLV +----------+--------------+
| 39 | PeerNode SID |
+----------+--------------+
| 40 | PeerSet SID |
+----------+--------------+
Figure 2: New sub-TLV types Table 1: New Sub-TLV Types
4.1. PeerNode SID Sub-TLV 4.1. PeerNode SID Sub-TLV
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Type = TBD2 | Length | |Type = 39 | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Local AS Number (4 octets) | | Local AS Number (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Remote AS Number (4 octets) | | Remote AS Number (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Local BGP router ID (4 octets) | | Local BGP Router ID (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Remote BGP Router ID (4 octets) | | Remote BGP Router ID (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 3: PeerNode SID Sub-TLV
Type : 2 octets
Value:TBD2
Length : 2 octets
Value: 16 Figure 2: PeerNode SID Sub-TLV
Local AS Number : 4 octets Type: 2 octets
The unsigned integer representing the AS number [RFC6793] of the AS Value: 39
to which the PeerNode SID advertising node belongs. If
Confederations [RFC5065] are in use, and if the remote node is a
member of a different Member-AS within the local Confederation, this
is the Member-AS Number inside the Confederation and not the
Confederation Identifier.
Remote AS Number : 4 octets Length: 2 octets
The unsigned integer representing the AS number [RFC6793] of the AS Value: 16
of the remote node for which the PeerNode SID is advertised. If
Confederations [RFC5065] are in use, and if the remote node is a
member of a different Member-AS within the local Confederation, this
is the Member-AS Number inside the Confederation and not the
Confederation Identifier.
Local BGP Router ID : 4 octets Local AS Number: 4 octets. The unsigned integer representing the AS
number [RFC6793] of the AS to which the PeerNode SID advertising
node belongs. If Confederations [RFC5065] are in use, and if the
remote node is a member of a different Member-AS within the local
Confederation, this is the Member-AS Number inside the
Confederation and not the Confederation Identifier.
unsigned integer representing the BGP Identifier of the PeerNode SID Remote AS Number: 4 octets. The unsigned integer representing the
advertising node as defined in [RFC4271] and [RFC6286]. AS number [RFC6793] of the AS of the remote node for which the
PeerNode SID is advertised. If Confederations [RFC5065] are in
use, and if the remote node is a member of a different Member-AS
within the local Confederation, this is the Member-AS Number
inside the Confederation and not the Confederation Identifier.
Remote BGP Router ID : 4 octets Local BGP Router ID: 4 octets. Unsigned integer representing the
BGP Identifier of the PeerNode SID advertising node as defined in
[RFC4271] and [RFC6286].
unsigned integer representing the BGP Identifier of the remote node Remote BGP Router ID: 4 octets. Unsigned integer representing the
as defined in [RFC4271] and [RFC6286]. BGP Identifier of the remote node as defined in [RFC4271] and
[RFC6286].
When there is a multi-hop EBGP session between two ASBRs, PeerNode When there is a multi-hop EBGP session between two ASBRs, a PeerNode
SID is advertised for this session and traffic can be load balanced SID is advertised for this session, and traffic can be load-balanced
across these interfaces. An EPE controller that does bandwidth across these interfaces. An EPE controller that performs bandwidth
management for these links should be aware of the links on which the management for these links should be aware of the links on which the
traffic will be load-balanced. As per [RFC8029], the node traffic will be load-balanced. As per [RFC8029], the node
advertising the EPE SIDs will send Downstream Detailed Mapping TLV advertising the EPE-SIDs will send a Downstream Detailed Mapping
(DDMAP TLV) specifying the details of nexthop interfaces, the OAM (DDMAP) TLV specifying the details of the next-hop interfaces, e.g,
packet will be sent out. Based on this information controller MAY when the OAM packet will be sent out. Based on this information, the
choose to verify the actual forwarding state with the topology controller MAY choose to verify the actual forwarding state with the
information controller has. On the router, the validation procedures topology information that the controller has. On the router, the
will include, received DDMAP validation as specified in [RFC8029] to validation procedures will include the received DDMAP validation, as
verify the control and forwarding state synchronization on the two specified in [RFC8029], to verify the control state and the
routers. Any discrepancies between controller's state and forwarding forwarding state synchronization on the two routers. Any
state will not be detected by the procedures described in the discrepancies between the controller's state and the forwarding state
document. will not be detected by the procedures described in this document.
4.2. PeerAdj SID Sub-TLV 4.2. PeerAdj SID Sub-TLV
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Type = TBD1 | Length | |Type = 38 | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Adj-Type | RESERVED | | Adj-Type | RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Local AS Number (4 octets) | | Local AS Number (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Remote AS Number (4 octets) | | Remote AS Number (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Local BGP router ID (4 octets) | | Local BGP Router ID (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Remote BGP Router ID (4 octets) | | Remote BGP Router ID (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Local Interface address (4/16 octets) | | Local Interface Address (4/16 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Remote Interface address (4/16 octets) | | Remote Interface Address (4/16 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 4: PeerAdj SID Sub-TLV
Type : 2 octets
Value: TBD1
Length : 2 octets
Value: variable based on IPv4/IPv6 interface address. Length
excludes the length of Type and Length fields.For IPv4 interface
addresses length will be 28 octets. In case of IPv6 address length
will be 52 octets.
Adj-Type : 1 octet Figure 3: PeerAdj SID Sub-TLV
Value: Set to 1 when the Adjacency Segment is IPv4 Set to 2 when the Type: 2 octets
Adjacency Segment is IPv6
RESERVED : 3 octets. MUST be zero when sending, and ignored on
receiving.
Local AS Number : 4 octets Value: 38
The unsigned integer representing the AS number [RFC6793] of the AS Length: 2 octets
to which the PeerAdj SID advertising node belongs. If Confederations
[RFC5065] are in use, and if the remote node is a member of a
different Member-AS within the local Confederation, this is the
Member-AS Number inside the Confederation and not the Confederation
Identifier.
Remote AS Number : 4 octets Value: Variable based on the IPv4/IPv6 interface address. Length
excludes the length of the Type and Length fields. For IPv4
interface addresses, the length will be 28 octets. In the case of
an IPv6 address, the length will be 52 octets.
The unsigned integer representing the AS number[RFC6793] of the AS of Adj-Type: 1 octet
the remote node for which the PeerAdj SID is advertised. If
Confederations [RFC5065] are in use, and if the remote node is a
member of a different Member-AS within the local Confederation, this
is the Member-AS Number inside the Confederation and not the
Confederation Identifier.
Local BGP Router ID : 4 octets Value: Set to 1 when the Adjacency Segment is IPv4. Set to 2 when
the Adjacency Segment is IPv6.
unsigned integer representing the BGP Identifier of the PeerAdj SID RESERVED: 3 octets. MUST be zero when sending and ignored on
advertising node as defined in [RFC4271] and [RFC6286]. receiving.
Remote BGP Router ID : 4 octets Local AS Number: 4 octets. The unsigned integer representing the AS
number [RFC6793] of the AS to which the PeerAdj SID advertising
node belongs. If Confederations [RFC5065] are in use, and if the
remote node is a member of a different Member-AS within the local
Confederation, this is the Member-AS Number inside the
Confederation and not the Confederation Identifier.
unsigned integer representing the BGP Identifier of the remote node Remote AS Number: 4 octets. The unsigned integer representing the
as defined in [RFC4271] and [RFC6286]. AS number [RFC6793] of the remote node's AS for which the PeerAdj
SID is advertised. If Confederations [RFC5065] are in use, and if
the remote node is a member of a different Member-AS within the
local Confederation, this is the Member-AS Number inside the
Confederation and not the Confederation Identifier.
Local Interface Address :4 octets/16 octets Local BGP Router ID: 4 octets. The unsigned integer representing
the BGP Identifier of the PeerAdj SID advertising node as defined
in [RFC4271] and [RFC6286].
In case of PeerAdj SID, Local interface address corresponding to the Remote BGP Router ID: 4 octets. Unsigned integer representing the
PeerAdj SID should be specified in this field. For IPv4,this field BGP Identifier of the remote node as defined in [RFC4271] and
is 4 octets; for IPv6, this field is 16 octets. Link-local IPv6 [RFC6286].
addresses are not in the scope of this document.
Remote Interface Address :4 octets/16 octets Local Interface Address: 4 octets or 16 octets. In the case of
PeerAdj SID, the Local interface address corresponding to the
PeerAdj SID should be specified in this field. For IPv4, this
field is 4 octets; for IPv6, this field is 16 octets. Link-local
IPv6 addresses are not in the scope of this document.
In case of PeerAdj SID Remote interface address corresponding to the Remote Interface Address: 4 octets or 16 octets. In the case of
PeerAdj SID should be apecified in this field. For IPv4, this field PeerAdj SID, the Remote interface address corresponding to the
is 4 octets; for IPv6, this field is 16 octets. Link-local IPv6 PeerAdj SID should be specified in this field. For IPv4, this
addresses are not in the scope of this document.. field is 4 octets; for IPv6, this field is 16 octets. Link-local
IPv6 addresses are not in the scope of this document.
[RFC9086] mandates sending local interface ID and remote interface ID [RFC9086] mandates sending a local interface ID and remote interface
in the Link Descriptors and allows a value of 0 in the remote ID in the Link Descriptors and allows a value of 0 in the remote
descriptors. It is useful to validate the incoming interface for an descriptors. It is useful to validate the incoming interface for an
OAM packet and if the remote descriptor is 0 this validation is not OAM packet, but if the remote descriptor is 0, this validation is not
possible. [RFC9086] allows optional link descriptors of local and possible. Optional link descriptors of local and remote interface
remote interface addresses as described in section 4.2. This addresses are allowed as described in Section 4.2 of [RFC9086]. In
document RECOMMENDs sending these optional descriptors and using them this document, it is RECOMMENDED to send these optional descriptors
to validate incoming interface. When these local and remote and use them to validate incoming interfaces. When these local and
interface addresses are not available, an ingress node can send 0 in remote interface addresses are not available, an ingress node can
the local and/or remote interface address field. The receiver SHOULD send 0 in the local and/or remote interface address field. The
skip the validation for the incoming interface if the address field receiver SHOULD skip the validation for the incoming interface if the
contains 0. address field contains 0.
4.3. PeerSet SID Sub-TLV 4.3. PeerSet SID Sub-TLV
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Type = TBD3 | Length | |Type = 40 | Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Local AS Number (4 octets) | | Local AS Number (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Local BGP router ID (4 octets) | | Local BGP Router ID (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| No.of elements in set | Reserved | | No.of elements in set | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Remote AS Number (4 octets) | | Remote AS Number (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Remote BGP Router ID (4 octets) | | Remote BGP Router ID (4 octets) |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-++ ++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-++
One element in set consists of below details
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Remote AS Number (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Remote BGP Router ID (4 octets) |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-++
Figure 5: PeerSet SID Sub-TLV
Type : 2 octets
Value: TBD3
Length : 2 octets
Value: Expressed in octets and variable based on the number of One element in set consists of the details below
elements in the set. The length field does not include the length of +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type and Length fields. | Remote AS Number (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Remote BGP Router ID (4 octets) |
++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-++
Local AS Number :4 octets Figure 4: PeerSet SID Sub-TLV
The unsigned integer representing the AS number [RFC6793] of the AS Type: 2 octets
to which the PeerSet SID advertising node belongs. If Confederations
[RFC5065] are in use, and if the remote node is a member of a
different Member-AS within the local Confederation, this is the
Member-AS Number inside the Confederation and not the Confederation
Identifier.
Local BGP Router ID : 4 octets Value: 40
unsigned integer representing the BGP Identifier of the PeerSet SID Length: 2 octets
advertising node as defined in [RFC4271] and [RFC6286].
No.of elements in set: 2 octets Value: Expressed in octets and variable based on the number of
elements in the set. The length field does not include the length
of Type and Length fields.
The number of remote ASes over which the set SID performs load Local AS Number: 4 octets. The unsigned integer representing the AS
balancing. number [RFC6793] of the AS to which the PeerSet SID advertising
node belongs. If Confederations [RFC5065] are in use, and if the
remote node is a member of a different Member-AS within the local
Confederation, this is the Member-AS Number inside the
Confederation and not the Confederation Identifier.
Reserved : 2 octets. MUST be zero when sent and ignored when Local BGP Router ID: 4 octets. The unsigned integer representing
received. the BGP Identifier of the PeerSet SID advertising node, as defined
in [RFC4271] and [RFC6286].
Remote AS Number : 4 octets No.of elements in set: 2 octets. The number of remote ASes over
which the set SID performs load-balancing.
The unsigned integer representing the AS number [RFC6793] of the AS Reserved: 2 octets. MUST be zero when sent and ignored when
of the remote node for which the PeerSet SID is advertised. If received.
Confederations [RFC5065] are in use, and if the remote node is a
member of a different Member-AS within the local Confederation, this
is the Member-AS Number inside the Confederation and not the
Confederation Identifier.
Remote BGP Router ID : 4 octets Remote AS Number: 4 octets. The unsigned integer representing the
AS number [RFC6793] of the remote node's AS for which the PeerSet
SID is advertised. If Confederations [RFC5065] are in use, and if
the remote node is a member of a different Member-AS within the
local Confederation, this is the Member-AS Number inside the
Confederation and not the Confederation Identifier.
unsigned integer representing the BGP Identifier of the remote node Remote BGP Router ID: 4 octets. The unsigned integer representing
as defined in [RFC4271] and [RFC6286]. the BGP Identifier of the remote node as defined in [RFC4271] and
[RFC6286].
PeerSet SID may be associated with a number of PeerNode SIDs and PeerSet SID may be associated with a number of PeerNode SIDs and
PeerAdj SIDs. The remote AS number and the Router ID of each of PeerAdj SIDs. The remote AS number and the Router ID of each of
these PeerNode SIDs PeerAdj SIDs MUST be included in the FEC. these PeerNode SIDs and PeerAdj SIDs MUST be included in the FEC.
5. EPE-SID FEC validation 5. EPE-SID FEC Validation
When a remote ASBR of the EPE-SID advertisement receives the MPLS OAM When a remote ASBR of the EPE-SID advertisement receives the MPLS OAM
packet with top FEC being the EPE-SID, it MUST perform validity packet with the top FEC being the EPE-SID, it MUST perform validity
checks on the content of the EPE-SID FEC sub-TLV. The basic length checks on the content of the EPE-SID FEC sub-TLV. The basic length
check should be performed on the received FEC. check should be performed on the received FEC.
PeerAdj SID PeerAdj SID
----------- -----------
if Adj type = 1 Length should be 28 octets If Adj type = 1, Length should be 28 octets
If Adj type =2 Length should be 52 octets If Adj type = 2, Length should be 52 octets
PeerNode SID PeerNode SID
------------- -------------
Length = ( 20 + No.of IPv4 interface pairs * 8 + Length = (20 + No.of IPv4 interface pairs * 8 +
No.of IPv6 interface pairs * 32 ) octets No.of IPv6 interface pairs * 32) octets
PeerSet SID PeerSet SID
----------- -----------
Length = (9 + No.of elements in the set * Length = (9 + No.of elements in the set *
(8 + No.of IPv4 interface pairs * 8 + (8 + No.of IPv4 interface pairs * 8 +
No.of IPv6 interface pairs * 32)) octets No.of IPv6 interface pairs * 32) octets
Figure 6: Length Validation Figure 5: Length Validation
If a malformed FEC sub-TLV is received, then a return code of 1, If a malformed FEC sub-TLV is received, then a return code of 1,
"Malformed echo request received" as defined in [RFC8029] MUST be "Malformed echo request received", as defined in [RFC8029] MUST be
sent. The below section is appended to the procedure given in sent. The section below is appended to the procedure given in step
Section 7.4 point 4a of [RFC8287]. 4a of Section 7.4 of [RFC8287].
5.1. EPE-SID FEC validiation 5.1. EPE-SID FEC Validation
Segment Routing IGP-Prefix, IGP-Adjacency SID and EPE-SID Validation Segment Routing IGP-Prefix, IGP-Adjacency SID, and EPE-SID
: Receiving node term used in this section implies the node that Validation: Receiving node term used in this section implies the node
receives OAM message with the FEC stack TLV. that receives OAM message with the FEC stack TLV.
Else, if the Label-stack-depth is 0 and the Target FEC Stack sub-TLV Else, if the Label-stack-depth is 0 and the Target FEC Stack sub-TLV
at FEC-stack-depth is TBD1 (PeerAdj SID sub-TLV), { at FEC-stack-depth is 38 (PeerAdj SID sub-TLV), {
Set the Best-return-code to 10, "Mapping for this FEC is not Set the Best-return-code to 10, "Mapping for this FEC is not
the given label at stack-depth if any below the given label at stack-depth". If any below conditions fail:
conditions fail:
- Validate that the receiving node's BGP Local AS matches - Validate that the receiving node's BGP Local AS matches
with the remote AS field in the received PeerAdj SID with the remote AS field in the received PeerAdj SID
FEC sub-TLV. FEC sub-TLV.
- Validate that the receiving node's BGP Router-ID - Validate that the receiving node's BGP Router-ID
matches with the Remote Router ID field in the matches with the Remote Router ID field in the
received PeerAdj SID FEC. received PeerAdj SID FEC.
- Validate that there is a EBGP session with a peer - Validate that there is an EBGP session with a peer
having local AS number and BGP Router-ID as having a local AS number and BGP Router-ID as
specified in the Local AS number and Local Router-ID specified in the Local AS number and Local Router-ID
field in the received PeerAdj SID FEC sub-TLV. field in the received PeerAdj SID FEC sub-TLV.
If the Remote interface address is not zero, validate the If the Remote interface address is not zero, validate the
incoming interface. incoming interface. Set the Best-return-code to 35,
Set the Best-return-code to 35 "Mapping for this FEC is not "Mapping for this FEC is not associated with the incoming
associated with the incoming interface" [RFC8287] if any below interface" [RFC8287]. If any below conditions fail:
conditions fail:
- Validate the incoming interface on which the OAM - Validate that the incoming interface on which the
packet was receieved, matches with the remote OAM packet was received matches with the remote
interface specified in the PeerAdj SID FEC sub-TLV interface specified in the PeerAdj SID FEC sub-TLV.
If all above validations have passed, set the return code to 3 If all above validations have passed, set the return code to 3,
"Replying router is an egress for the FEC at stack-depth" "Replying router is an egress for the FEC at stack-depth".
} }
Else, if the Target FEC sub-TLV at FEC-stack-depth is TBD2 Else, if the Target FEC sub-TLV at FEC-stack-depth is 39
(PeerNode SID sub-TLV), { (PeerNode SID sub-TLV), {
Set the Best-return-code to 10, "Mapping for this FEC is not Set the Best-return-code to 10, "Mapping for this FEC is not
the given label at stack-depth if any below the given label at stack-depth". If any below conditions
conditions fail: fail:
- Validate that the receiving node's BGP Local AS matches - Validate that the receiving node's BGP Local AS matches
with the remote AS field in the with the remote AS field in the received PeerNode SID
received PeerNode SID FEC sub-TLV. FEC sub-TLV.
- Validate that the receiving node's BGP Router-ID matches - Validate that the receiving node's BGP Router-ID matches
with the Remote Router ID field in the received with the Remote Router ID field in the received
PeerNode SID FEC. PeerNode SID FEC.
- Validate that there is a EBGP session with a peer - Validate that there is an EBGP session with a peer
having local AS number and BGP Router-ID as having a local AS number and BGP Router-ID as
specified in the Local AS number and Local Router-ID specified in the Local AS number and Local Router-ID
field in the received PeerNode SID FEC sub-TLV. field in the received PeerNode SID FEC sub-TLV.
If all above validations have passed, set the return code to 3 If all above validations have passed, set the return code to 3,
"Replying router is an egress for the FEC at stack-depth". "Replying router is an egress for the FEC at stack-depth".
} }
Else, if the Target FEC sub-TLV at FEC-stack-depth is TBD3 Else, if the Target FEC sub-TLV at FEC-stack-depth is 40
(PeerSet SID sub-TLV), { (PeerSet SID sub-TLV), {
Set the Best-return-code to 10, "Mapping for this FEC is not Set the Best-return-code to 10, "Mapping for this FEC is not
the given label at stack-depth" if any below the given label at stack-depth". If any below conditions
conditions fail: fail:
- Validate that the Receiving Node BGP Local AS matches - Validate that the Receiving Node BGP Local AS matches
with one of the remote AS field in the received PeerSet with one of the remote AS fields in the received
SID FEC sub-TLV. PeerSet SID FEC sub-TLV.
- Validate that the Receiving Node BGP Router-ID matches - Validate that the Receiving Node BGP Router-ID matches
with one of the Remote Router ID field in the received with one of the Remote Router ID fields in the
PeerSet SID FEC sub-TLV. received PeerSet SID FEC sub-TLV.
- Validate that there is a EBGP session with a peer having - Validate that there is an EBGP session with a peer having
local AS number and BGP Router-ID as a local AS number and BGP Router-ID as specified in the
specified in the Local AS number and Local Router-ID Local AS number and Local Router-ID fields in the received
field in the received PeerSet SID FEC sub-TLV. PeerSet SID FEC sub-TLV.
If all above validations have passed, set the return code to 3 If all above validations have passed, set the return code to 3,
"Replying router is an egress for the FEC at stack-depth" "Replying router is an egress for the FEC at stack-depth".
} }
6. IANA Considerations 6. IANA Considerations
IANA is requested to allocate three new Target FEC stack sub-TLVs IANA has allocated three new Target FEC stack sub-TLVs in the "Sub-
from the "Sub-TLVs for TLV types 1,16 and 21" subregistry in the TLVs for TLV Types 1, 16, and 21" registry within the "TLVs" registry
"TLVs" registry of the "Multi-Protocol Label switching (MPLS) Label of the "Multiprotocol Label Switching (MPLS) Label Switched Paths
Switched Paths (LSPs) Ping parameters" namespace. (LSPs) Ping Parameters" registry group.
PeerAdj SID Sub-TLV : TBD1
PeerNode SID Sub-TLV: TBD2
PeerSet SID Sub-TLV : TBD3 +==========+==============+
| Sub-Type | Sub-TLV Name |
+==========+==============+
| 38 | PeerAdj SID |
+----------+--------------+
| 39 | PeerNode SID |
+----------+--------------+
| 40 | PeerSet SID |
+----------+--------------+
The three lowest free values from the Standard Tracks range should be Table 2: Sub-TLVs for
allocated if possible. TLV Types 1, 16, and 21
Registry
7. Security Considerations 7. Security Considerations
The EPE-SIDs are advertised for egress links for Egress Peer The EPE-SIDs are advertised for egress links for EPE purposes or for
Engineering purposes or for inter-AS links between co-operating ASes. inter-AS links between cooperating ASes. When cooperating domains
When co-operating domains are involved, they can allow the packets are involved, they can allow the packets arriving on trusted
arriving on trusted interfaces to reach the control plane and get interfaces to reach the control plane and be processed.
processed.
When EPE-SIDs are created for egress TE links where the neighbor AS When EPE-SIDs are created for egress TE links where the neighbor AS
is an independent entity, it may not allow packets arriving from is an independent entity, it may not allow the packets arriving from
external world to reach the control plane. In such deployments MPLS the external world to reach the control plane. In such deployments,
OAM packets will be dropped by the neighboring AS that receives the the MPLS OAM packets will be dropped by the neighboring AS that
MPLS OAM packet. receives the MPLS OAM packet.
In MPLS traceroute applications, when the AS boundary is crossed with In MPLS traceroute applications, when the AS boundary is crossed with
the EPE-SIDs, the FEC stack is changed. [RFC8287] does not mandate the EPE-SIDs, the FEC stack is changed. [RFC8287] does not mandate
that the initiator upon receiving an MPLS Echo Reply message that that the initiator, upon receiving an MPLS Echo Reply message that
includes the FEC Stack Change TLV with one or more of the original includes the FEC Stack Change TLV with one or more of the original
segments being popped remove a corresponding FEC(s) from the Target segments being popped, remove the corresponding FEC(s) from the
FEC Stack TLV in the next (TTL+1) traceroute request. Target FEC Stack TLV in the next (TTL+1) traceroute request.
If an initiator does not remove the FECs belonging to the previous AS If an initiator does not remove the FECs belonging to the previous AS
that has traversed, it may expose the internal AS information to the that has traversed, it may expose the internal AS information to the
following AS being traversed in traceroute. following AS being traversed in the traceroute.
8. Implementation Status
This section is to be removed before publishing as an RFC.
RFC-Editor: Please clean up the references cited by this section
before publication.
This section records the status of known implementations of the
protocol defined by this specification at the time of posting of this
Internet-Draft, and is based on a proposal described in [RFC7942].
The description of implementations in this section is intended to
assist the IETF in its decision processes in progressing drafts to
RFCs. Please note that the listing of any individual implementation
here does not imply endorsement by the IETF. Furthermore, no effort
has been spent to verify the information presented here that was
supplied by IETF contributors. This is not intended as, and must not
be construed to be, a catalog of available implementations or their
features. Readers are advised to note that other implementations may
exist.
8.1. Juniper Networks
Juniper networks reported a prototype implementation of this draft.
9. Acknowledgments
Thanks to Loa Andersson, Dhruv Dhody, Ketan Talaulikar, Italo Busi
and Alexander Vainshtein, Deepti Rathi for careful review and
comments. Thanks to Tarek Saad for providing the example described
in Appendix section.
10. References 8. References
10.1. Normative References 8.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC6793] Vohra, Q. and E. Chen, "BGP Support for Four-Octet [RFC6793] Vohra, Q. and E. Chen, "BGP Support for Four-Octet
Autonomous System (AS) Number Space", RFC 6793, Autonomous System (AS) Number Space", RFC 6793,
DOI 10.17487/RFC6793, December 2012, DOI 10.17487/RFC6793, December 2012,
<https://www.rfc-editor.org/info/rfc6793>. <https://www.rfc-editor.org/info/rfc6793>.
skipping to change at page 16, line 11 skipping to change at line 636
"Clarification of Segment ID Sub-TLV Length for RFC 8287", "Clarification of Segment ID Sub-TLV Length for RFC 8287",
RFC 8690, DOI 10.17487/RFC8690, December 2019, RFC 8690, DOI 10.17487/RFC8690, December 2019,
<https://www.rfc-editor.org/info/rfc8690>. <https://www.rfc-editor.org/info/rfc8690>.
[RFC9086] Previdi, S., Talaulikar, K., Ed., Filsfils, C., Patel, K., [RFC9086] Previdi, S., Talaulikar, K., Ed., Filsfils, C., Patel, K.,
Ray, S., and J. Dong, "Border Gateway Protocol - Link Ray, S., and J. Dong, "Border Gateway Protocol - Link
State (BGP-LS) Extensions for Segment Routing BGP Egress State (BGP-LS) Extensions for Segment Routing BGP Egress
Peer Engineering", RFC 9086, DOI 10.17487/RFC9086, August Peer Engineering", RFC 9086, DOI 10.17487/RFC9086, August
2021, <https://www.rfc-editor.org/info/rfc9086>. 2021, <https://www.rfc-editor.org/info/rfc9086>.
10.2. Informative References 8.2. Informative References
[I-D.ietf-idr-segment-routing-te-policy]
Previdi, S., Filsfils, C., Talaulikar, K., Mattes, P., and
D. Jain, "Advertising Segment Routing Policies in BGP",
Work in Progress, Internet-Draft, draft-ietf-idr-segment-
routing-te-policy-26, 23 October 2023,
<https://datatracker.ietf.org/doc/html/draft-ietf-idr-
segment-routing-te-policy-26>.
[RFC4271] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A [RFC4271] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A
Border Gateway Protocol 4 (BGP-4)", RFC 4271, Border Gateway Protocol 4 (BGP-4)", RFC 4271,
DOI 10.17487/RFC4271, January 2006, DOI 10.17487/RFC4271, January 2006,
<https://www.rfc-editor.org/info/rfc4271>. <https://www.rfc-editor.org/info/rfc4271>.
[RFC5065] Traina, P., McPherson, D., and J. Scudder, "Autonomous [RFC5065] Traina, P., McPherson, D., and J. Scudder, "Autonomous
System Confederations for BGP", RFC 5065, System Confederations for BGP", RFC 5065,
DOI 10.17487/RFC5065, August 2007, DOI 10.17487/RFC5065, August 2007,
<https://www.rfc-editor.org/info/rfc5065>. <https://www.rfc-editor.org/info/rfc5065>.
[RFC6286] Chen, E. and J. Yuan, "Autonomous-System-Wide Unique BGP [RFC6286] Chen, E. and J. Yuan, "Autonomous-System-Wide Unique BGP
Identifier for BGP-4", RFC 6286, DOI 10.17487/RFC6286, Identifier for BGP-4", RFC 6286, DOI 10.17487/RFC6286,
June 2011, <https://www.rfc-editor.org/info/rfc6286>. June 2011, <https://www.rfc-editor.org/info/rfc6286>.
[RFC7705] George, W. and S. Amante, "Autonomous System Migration [RFC7705] George, W. and S. Amante, "Autonomous System Migration
Mechanisms and Their Effects on the BGP AS_PATH Mechanisms and Their Effects on the BGP AS_PATH
Attribute", RFC 7705, DOI 10.17487/RFC7705, November 2015, Attribute", RFC 7705, DOI 10.17487/RFC7705, November 2015,
<https://www.rfc-editor.org/info/rfc7705>. <https://www.rfc-editor.org/info/rfc7705>.
[RFC7942] Sheffer, Y. and A. Farrel, "Improving Awareness of Running
Code: The Implementation Status Section", BCP 205,
RFC 7942, DOI 10.17487/RFC7942, July 2016,
<https://www.rfc-editor.org/info/rfc7942>.
[RFC8403] Geib, R., Ed., Filsfils, C., Pignataro, C., Ed., and N. [RFC8403] Geib, R., Ed., Filsfils, C., Pignataro, C., Ed., and N.
Kumar, "A Scalable and Topology-Aware MPLS Data-Plane Kumar, "A Scalable and Topology-Aware MPLS Data-Plane
Monitoring System", RFC 8403, DOI 10.17487/RFC8403, July Monitoring System", RFC 8403, DOI 10.17487/RFC8403, July
2018, <https://www.rfc-editor.org/info/rfc8403>. 2018, <https://www.rfc-editor.org/info/rfc8403>.
[RFC8664] Sivabalan, S., Filsfils, C., Tantsura, J., Henderickx, W., [RFC8664] Sivabalan, S., Filsfils, C., Tantsura, J., Henderickx, W.,
and J. Hardwick, "Path Computation Element Communication and J. Hardwick, "Path Computation Element Communication
Protocol (PCEP) Extensions for Segment Routing", RFC 8664, Protocol (PCEP) Extensions for Segment Routing", RFC 8664,
DOI 10.17487/RFC8664, December 2019, DOI 10.17487/RFC8664, December 2019,
<https://www.rfc-editor.org/info/rfc8664>. <https://www.rfc-editor.org/info/rfc8664>.
skipping to change at page 17, line 21 skipping to change at line 678
[RFC9087] Filsfils, C., Ed., Previdi, S., Dawra, G., Ed., Aries, E., [RFC9087] Filsfils, C., Ed., Previdi, S., Dawra, G., Ed., Aries, E.,
and D. Afanasiev, "Segment Routing Centralized BGP Egress and D. Afanasiev, "Segment Routing Centralized BGP Egress
Peer Engineering", RFC 9087, DOI 10.17487/RFC9087, August Peer Engineering", RFC 9087, DOI 10.17487/RFC9087, August
2021, <https://www.rfc-editor.org/info/rfc9087>. 2021, <https://www.rfc-editor.org/info/rfc9087>.
[RFC9256] Filsfils, C., Talaulikar, K., Ed., Voyer, D., Bogdanov, [RFC9256] Filsfils, C., Talaulikar, K., Ed., Voyer, D., Bogdanov,
A., and P. Mattes, "Segment Routing Policy Architecture", A., and P. Mattes, "Segment Routing Policy Architecture",
RFC 9256, DOI 10.17487/RFC9256, July 2022, RFC 9256, DOI 10.17487/RFC9256, July 2022,
<https://www.rfc-editor.org/info/rfc9256>. <https://www.rfc-editor.org/info/rfc9256>.
Appendix A. APPENDIX [SR-TE-POLICY]
Previdi, S., Filsfils, C., Talaulikar, K., Mattes, P., and
D. Jain, "Advertising Segment Routing Policies in BGP",
Work in Progress, Internet-Draft, draft-ietf-idr-segment-
routing-te-policy-26, 23 October 2023,
<https://datatracker.ietf.org/doc/html/draft-ietf-idr-
segment-routing-te-policy-26>.
This section describes an example of correctly programmed state and Appendix A. Appendix
This section describes examples of both a correctly and an
incorrectly programmed state and provides details on how the new sub- incorrectly programmed state and provides details on how the new sub-
TLVs described in this document can be used to validate the TLVs described in this document can be used to validate the
correctness. Consider the diagram from Figure 1, correctness. Consider the diagram from Figure 1.
Correctly programed state: Correctly programmed state:
C assigns label 16001 and binds it to adjacency C->E * C assigns label 16001 and binds it to adjacency C->E
C signals label 16001 is bound to adjacency C->E (e.g. via BGP- * C signals that label 16001 is bound to adjacency C->E (e.g., via
LS) BGP-LS)
• Controller/Ingress programs an SR path that has SID/label 16001 * The controller/ingress programs an SR path that has SID/label
to steer packet on the exit point from C onto adjacency C->E 16001 to steer the packet on the exit point from C onto adjacency
C->E
Using MPLS trace procedures defined in this document, the * Using MPLS trace procedures defined in this document, the PeerAdj
PeerAdj SID Sub-TLV is populates with entities to be validated by SID Sub-TLV is populated with entities to be validated by C when
C when OAM packet reaches it. the OAM packet reaches it
C receives the OAM packet, it validates the top label (16001) is * C receives the OAM packet and validates that the top label (16001)
indeed corresponding to the entities populated in the PeerAdj SID is indeed corresponding to the entities populated in the PeerAdj
Sub-TLV SID Sub-TLV
Incorrectly programed state: Incorrectly programmed state:
C assigns label 16001 and binds it to adjacency C->D * C assigns label 16001 and binds it to adjacency C->D
The controller learns of PeerAdj SID label 16001 is bound to * The controller learns that PeerAdj SID label 16001 is bound to
adjacency C->E (e.g. via BGP-LS) this could be a software bug on adjacency C->E (e.g., via BGP-LS) -- this could be a software bug
C or on controller on C or on the controller
• Controller/Ingress programs an SR path that has SID/label 16001
to steer packet on the exit point from C onto adjacency C->E
• Using MPLS trace procedures defined in this document, the * The controller/ingress programs an SR path that has SID/label
PeerAdj SID Sub-TLV is populates with entities to be validated by 16001 to steer the packet on the exit point from C onto adjacency
C (including local/remote interface address of C->E) when OAM C->E
packet reaches it.
C receives the OAM packet, it validates the top label (16001) is * Using MPLS trace procedures defined in this document, the PeerAdj
NOT bound to C->E as populated in the PeerAdj SID Sub-TLV and can SID Sub-TLV is populated with entities to be validated by C
respond with the respective error code (including a local/remote interface address of C->E) when the OAM
packet reaches it
* C receives the OAM packet and validates that the top label (16001)
is NOT bound to C->E as populated in the PeerAdj SID Sub-TLV and
then responds with the respective error code
Acknowledgments
Thanks to Loa Andersson, Dhruv Dhody, Ketan Talaulikar, Italo Busi,
Alexander Vainshtein, and Deepti Rathi for careful reviews and
comments. Thanks to Tarek Saad for providing the example described
in Appendix A.
Authors' Addresses Authors' Addresses
Shraddha Hegde Shraddha Hegde
Juniper Networks Inc. Juniper Networks Inc.
Exora Business Park Exora Business Park
Bangalore 560103 Bangalore 560103
KA Karnataka
India India
Email: shraddha@juniper.net Email: shraddha@juniper.net
Mukul Srivastava Mukul Srivastava
Juniper Networks Inc. Juniper Networks Inc.
Email: msri@juniper.net Email: msri@juniper.net
Kapil Arora Kapil Arora
Individual Contributor Individual Contributor
Email: kapil.it@gmail.com Email: kapil.it@gmail.com
 End of changes. 122 change blocks. 
511 lines changed or deleted 466 lines changed or added

This html diff was produced by rfcdiff 1.48.