]> China Mobile

chengweiqiang@chinamobile.com

China Mobile

lihan@chinamobile.com

Huawei Technologies

China c.l@huawei.com

Cisco Systems, Inc.

Canada rgandhi@cisco.com

Broadcom

royi.zigler@broadcom.com

rtg spring Performance Measurement Bidirectional SR Path End-to-End Path Protection SR Path Segment Path Segment A Segment Routing (SR) path is identified by an SR segment list. A subset of segments from the segment list cannot be leveraged to distinguish one SR path from another as they may be partially congruent. SR path identification is a prerequisite for various use cases such as performance measurement and end-to-end 1+1 path protection. In an SR over MPLS (SR-MPLS) data plane, an egress node cannot determine on which SR path a packet traversed the network from the label stack because the segment identifiers are removed from the label stack as the packet transits the network. This document defines a Path Segment Identifier (PSID) to identify an SR path on the egress node of the path.

Introduction Segment Routing (SR) leverages the source-routing paradigm to steer packets from a source node through a controlled set of instructions, called "segments", by prepending the packet with an SR header. In SR with the MPLS data plane , the SR header is instantiated through a label stack. In an SR-MPLS network, when a packet is transmitted along an SR path, the labels in the MPLS label stack will be swapped or popped. The result of this is that no label or only the last label may be left in the MPLS label stack when the packet reaches the egress node. Thus, the egress node cannot use the SR label stack to determine along which SR path the packet came. However, identifying a path on the egress node is a prerequisite for various use cases in SR-MPLS networks, such as performance measurement (), bidirectional paths (), and end-to-end 1+1 path protection (a Live-Live case) (). Therefore, this document defines a new segment type, referred to herein as a "Path Segment". A Path Segment is defined to uniquely identify an SR path on the egress node of the path. It MAY be used by the egress node for path identification. Note that per-path state will be maintained in the egress node due to the requirements in the aforementioned use cases, though in normal cases, the per-path state will be maintained in the ingress node only.

Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here.

Abbreviations and Terms

MPLS:

Multiprotocol Label Switching

PSID:

Path Segment Identifier

SID:

Segment Identifier

SR:

Segment Routing

SR-MPLS:

SR over MPLS

SR path:

A path described by a segment list.

Sub-Path:

A part of a path, which contains a subset of the nodes and links of the path.

Path Segment A Path Segment is a local segment that uniquely identifies an SR path on the egress node. A Path Segment Identifier (PSID) is a single label that is assigned from the Segment Routing Local Block (SRLB) of the egress node of an SR path. A PSID is used to identify a segment list. However, one PSID can be used to identify multiple segment lists in some use cases if needed. For example, one single PSID MAY be used to identify some or all segment lists in a candidate path or an SR policy if an operator would like to aggregate these segment lists in operation. When a PSID is used, the PSID can be inserted at the ingress node and MUST immediately follow the last label of the SR path; in other words, it must be inserted after the routing segment (adjacency, node, or prefix segment) that is pointing to the egress node of the SR path. Therefore, a PSID will not be the top label in the label stack when received on an intermediate node of the associated path, but it can be the top label in the label stack on the penultimate node. The value of the TTL field in the MPLS label stack entry containing a PSID can be set to any value except 0. If a PSID is the bottom label, the S bit MUST be set, and if the PSID is NOT the bottom label, the S bit MUST be 0. The egress node MUST pop the PSID. The egress node MAY use the PSID for further processing. For example, when performance measurement is enabled on the SR path, it can trigger packet counting or timestamping. The addition of the PSID will require the egress to read and process the PSID label in addition to the regular processing. This additional processing may have an impact on forwarding performance. Behavior relating to the use of explicit null directly preceding the PSID is undefined in this document. A Generic Associated Channel Label (GAL) MAY be used for Operations, Administration, and Maintenance (OAM) in MPLS networks. As per , when a GAL is used, the Associated Channel Header (ACH) appears immediately after the bottom of the label stack. The SR path computation needs to know the Maximum SID Depth (MSD) that can be imposed at the ingress node of a given SR path . This ensures that the SID stack depth of a computed path does not exceed the number of SIDs the node is capable of imposing. As per , the MSD signals the total number of MPLS labels that can be imposed, where the total number of MPLS labels includes the PSID. An example label stack with a PSID is shown in :

Label Stack with a PSID

Where:

• The Labels 1 to n are the segment label stack used to direct how to steer the packets along the SR path.
• The PSID identifies the SR path in the context of the egress node of the SR path.

The signaling of the PSID between the egress node, the ingress node, and possibly a centralized controller is out of the scope of this document.

Equal-Cost Multipath (ECMP) Considerations If an Entropy Label (EL) is also used on the egress node, as per , the EL and Entropy Label Indicator (ELI) would be placed before the tunnel label; hence, they do not interfere with the PSID, which is placed below. It is worthy to note that in the case of ECMP, with or without the use of an EL, the SR packets may be forwarded over multiple paths. In this case, the SID list cannot directly reflect the actual forwarding path and the PSID can only identify the SID list rather than the actual forwarding path. Also, similar to a Synonymous Flow Label (SFL) , the introduction of a PSID to an existing flow may cause that flow to take a different path through the network under the conditions of ECMP. In turn, this may invalidate certain uses of the PSID, such as performance measurement applications. Therefore, the considerations of SFLs as per also apply to PSIDs in implementation.

Use Cases This section describes use cases that can leverage the PSID. The content is for informative purposes, and the detailed solutions might be defined in other documents in the future.

PSID for Performance Measurement As defined in , performance measurement can be classified into Passive, Active, and Hybrid measurements. Since a PSID is encoded in the SR-MPLS label stack, as shown in , existing implementations on the egress node can leverage a PSID for measuring packet counts. For Passive performance measurement, path identification at the measuring points is the prerequisite. A PSID can be used by the measuring points (e.g., the ingress and egress nodes of the SR path or a centralized controller) to correlate the packet counts and timestamps from the ingress and egress nodes for a specific SR path; then, packet loss and delay can be calculated for the end-to-end path, respectively. Furthermore, a PSID can also be used for:

• Active performance measurement for an SR path in SR-MPLS networks for collecting packet counters and timestamps from the egress node using probe messages.
• In situ OAM for SR-MPLS to identify the SR path associated with the in situ data fields in the data packets on the egress node.
• In-band performance measurement for SR-MPLS to identify the SR path associated with the collected performance metrics.

PSID for Bidirectional SR Paths In some scenarios (e.g., mobile backhaul transport networks), there are requirements to support bidirectional paths , and the path is normally treated as a single entity. Forward and reverse directions of the path have the same fate; for example, failure in one direction will result in switching traffic at both directions. MPLS supports this by introducing the concepts of a co-routed bidirectional Label Switched Path (LSP) and an associated bidirectional LSP . In the current SR architecture, an SR path is a unidirectional path . In order to support bidirectional SR paths, a straightforward way is to bind two unidirectional SR paths to a single bidirectional SR path. PSIDs can be used to identify and correlate the traffic for the two unidirectional SR paths at both ends of the bidirectional path. The mechanism of constructing bidirectional paths using a PSID is out of the scope of this document and has been described in several documents, such as and .

PSID for End-to-End Path Protection For end-to-end 1+1 path protection (i.e., a Live-Live case), the egress node of the path needs to know the set of paths that constitute the primary and the secondaries in order to select the primary path packets for onward transmission and to discard the packets from the secondaries . To do this in SR, each SR path needs a path identifier that is unique at the egress node. For SR-MPLS, this can be the Path Segment label allocated by the egress node. The detailed solution of using a PSID in end-to-end 1+1 path protection is out of the scope of this document.

Nesting of PSIDs A Binding SID (BSID) can be used for SID list compression. With a BSID, an end-to-end SR path in a trusted domain can be split into several sub-paths, where each sub-path is identified by a BSID. Then, an end-to-end SR path can be identified by a list of BSIDs; therefore, it can provide better scalability. A BSID and a PSID can be combined to achieve both sub-path and end-to-end path monitoring. A reference model for such a combination () shows an end-to-end path (A->D) in a trusted domain that spans three subdomains (the Access, Aggregation, and Core domains) and consists of three sub-paths, one in each subdomain (sub-path (A->B), sub-path (B->C), and sub-path (C->D)). The SID list of a sub-path can be expressed as <SID1, SID2, ..., SIDn, s-PSID>, where the s-PSID is the PSID of the sub-path. Each sub-path is associated with a BSID and an s-PSID. The SID list of the end-to-end path can be expressed as <BSID1, BSID2, ..., BSIDn, e-PSID>, where the e-PSID is the PSID of the end-to-end path. shows the details of the label stacks when a PSID and a BSID are used to support both sub-path and end-to-end path monitoring in a multi-domain scenario.

Nesting of PSIDs B) sub-path(B->C) sub-path(C->D) |<--------------->|<-------------->|<-------------->| E2E Path(A->D) |<------------------------------------------------->| +-------------+ ~A->B sub-path~ +-------------+ +-------------+ |s-PSID(A->B) | ~B->C sub-path~ +-------------+ +-------------+ +-------------+ | BSID(B->C) | |s-PSID(B->C) | ~C->D sub-path~ +-------------+ +-------------+ +-------------+ | BSID(C->D) | | BSID(C->D) | |s-PSID(C->D) | +-------------+ +-------------+ +-------------+ +------------+ |e-PSID(A->D) | |e-PSID(A->D) | |e-PSID(A->D) | |e-PSID(A->D)| +-------------+ +-------------+ +-------------+ +------------+ ]]>

Security Considerations A PSID in SR-MPLS is a local label similar to other labels and segments, such as a VPN label, defined in MPLS and SR-MPLS. The data plane processing of a PSID is a local implementation of an ingress node or an egress node, which follows the same logic of an existing MPLS data plane. As per the definition of a PSID, only the egress node and the ingress node of the associated path will learn the information of a PSID. The intermediate nodes of this path will not learn it. A PSID may be used on an ingress node that is not the ingress of the associated path if the associated label stack with the PSID is part of a deeper label stack that represents a longer path. For example, the case described in and the related BSID are not used while the original label stack of a sub-path is inserted as a part of the whole label stack. In this case, the PSID must be distributed in a trusted domain under the considerations defined in . A PSID is used within an SR-MPLS trusted domain and must not leak outside the domain; therefore, no new security threats are introduced compared to current SR-MPLS. As per , SR domain boundary routers MUST filter any external traffic destined to a label associated with a segment within the trusted domain; this applies to a PSID as well. Other security considerations of SR-MPLS described in apply to this document. The distribution of a PSID from an egress node to an ingress node is performed within an SR-trusted domain, and it is out of the scope of this document. The details of the mechanism and related security considerations will be described in other documents.

IANA Considerations This document has no IANA actions.

References Normative References Informative References

Acknowledgements The authors would like to thank , , , , , , , , , and for their review, suggestions, comments, and contributions to this document. The authors would like to acknowledge the contribution from on "Nesting of PSIDs" ().

Contributors The following people have substantially contributed to this document. Huawei Technologies Co., Ltd.

mach.chen@huawei.com

China Mobile

wangleiyj@chinamobile.com

ZTE Corp.

liu.aihua@zte.com.cn

ZTE Corp.

gregimirsky@gmail.com

Verizon Inc.

gyan.s.mishra@verizon.com