< draft-ssangli-idr-bgp-vpn-srv6-plus-00.txt   draft-ssangli-idr-bgp-vpn-srv6-plus-01.txt >
IDR S. Sangli IDR S. Sangli
Internet-Draft R. Bonica Internet-Draft R. Bonica
Intended status: Standards Track Juniper Networks Inc. Intended status: Standards Track Juniper Networks Inc.
Expires: January 6, 2020 July 5, 2019 Expires: January 6, 2020 July 5, 2019
BGP based Virtual Private Network (VPN) Services over SRv6+ enabled IPv6 BGP based Virtual Private Network (VPN) Services over SRv6+ enabled IPv6
networks networks
draft-ssangli-idr-bgp-vpn-srv6-plus-00 draft-ssangli-idr-bgp-vpn-srv6-plus-01
Abstract Abstract
This document defines BGP protocol extensions for encoding and This document defines BGP protocol extensions for encoding and
carrying SRv6+ Per-Path Service Instruction information to support carrying SRv6+ Per-Path Service Instruction information to support
Virtual Private Network services. This is applicable when the VPN Virtual Private Network services. This is applicable when the VPN
services are offered in a SRv6+ enabled IPv6 network such that the services are offered in a SRv6+ enabled IPv6 network such that the
VPN payload is transported over IPv6. The Per-Path Service VPN payload is transported over IPv6. The Per-Path Service
Instruction information is encoded in the IPv6 Destination Option Instruction information is encoded in the IPv6 Destination Option
Header in the IPv6 data packets. Header in the IPv6 data packets.
skipping to change at page 2, line 18 skipping to change at page 2, line 18
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Requirements Language . . . . . . . . . . . . . . . . . . . . 3 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 3
3. Per-Path Service Instruction Information . . . . . . . . . . 3 3. Per-Path Service Instruction Information . . . . . . . . . . 3
4. Usage of Tunnel Encapsulation Attribute . . . . . . . . . . . 4 4. Usage of Tunnel Encapsulation Attribute . . . . . . . . . . . 4
5. Procedures for Egress BGP Speaker . . . . . . . . . . . . . . 6 5. Procedures for Egress BGP Speaker . . . . . . . . . . . . . . 6
6. Procedures for Ingress BGP Speaker . . . . . . . . . . . . . 6 6. Procedures for Ingress BGP Speaker . . . . . . . . . . . . . 6
7. BGP based L3 VPN services over IPv6 . . . . . . . . . . . . . 7 7. BGP based L3 VPN services over IPv6 . . . . . . . . . . . . . 7
7.1. IPv4 VPN on SRv6+ enabled IPv6 Core . . . . . . . . . . . 7 7.1. IPv4 VPN on SRv6+ enabled IPv6 Core . . . . . . . . . . . 7
7.2. IPv6 VPN on SRv6+ enabled IPv6 Core . . . . . . . . . . . 7 7.2. IPv6 VPN on SRv6+ enabled IPv6 Core . . . . . . . . . . . 8
7.3. IPv4 Global Routes on SRv6+ enabled IPv6 Core . . . . . . 8 7.3. IPv4 Global Routes on SRv6+ enabled IPv6 Core . . . . . . 8
8. BGP based Ethernet VPN services over IPv6 . . . . . . . . . . 8 8. BGP based Ethernet VPN services over IPv6 . . . . . . . . . . 9
8.1. Ethernet Auto-Discovery (A-D) route . . . . . . . . . . . 9 8.1. Ethernet Per ES Auto-Discovery (A-D) route . . . . . . . 9
8.2. MAC/IP Advertisement route . . . . . . . . . . . . . . . 9 8.2. Ethernet per EVI Auto-Discovery (A-D) route . . . . . . . 10
9. Deployment Considerations . . . . . . . . . . . . . . . . . . 9 8.3. MAC/IP Advertisement route . . . . . . . . . . . . . . . 10
10. Backward Compatibility . . . . . . . . . . . . . . . . . . . 11 8.4. Inclusive Multicast Ethernet Route . . . . . . . . . . . 11
11. Security Considerations . . . . . . . . . . . . . . . . . . . 11 8.5. IP Prefix Route . . . . . . . . . . . . . . . . . . . . . 11
12. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 9. Deployment Considerations . . . . . . . . . . . . . . . . . . 11
13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 11 10. Backward Compatibility . . . . . . . . . . . . . . . . . . . 13
14. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 11. Security Considerations . . . . . . . . . . . . . . . . . . . 13
14.1. Normative References . . . . . . . . . . . . . . . . . . 11 12. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13
14.2. Informative References . . . . . . . . . . . . . . . . . 12 13. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 13
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 14 14. References . . . . . . . . . . . . . . . . . . . . . . . . . 13
14.1. Normative References . . . . . . . . . . . . . . . . . . 13
14.2. Informative References . . . . . . . . . . . . . . . . . 14
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 16
1. Introduction 1. Introduction
Virtual Private Network (VPN) technologies allow network providers to Virtual Private Network (VPN) technologies allow network providers to
emulate private networks with shared infrastructure. For example, emulate private networks with shared infrastructure. For example,
assume that a set of red sites, set of blue sites and a set of green assume that a set of red sites, set of blue sites and a set of green
sites connect to a provider network. Furthermore, assume that red sites connect to a provider network. Furthermore, assume that red
sites and blue sites wish to interconnect, exchange packets. sites and blue sites wish to interconnect, exchange packets.
However, the green sites wish to communicate with green sites only. However, the green sites wish to communicate with green sites only.
The provider should allow its infrastructure network to scale to both The provider should allow its infrastructure network to scale to both
skipping to change at page 4, line 22 skipping to change at page 4, line 22
The Per-Path Service Instruction (PPSI) Identifier is defined as The Per-Path Service Instruction (PPSI) Identifier is defined as
follows: follows:
o 32 bit quantity. o 32 bit quantity.
The PPSI Identifier have node-local significance and is assigned by The PPSI Identifier have node-local significance and is assigned by
the egress BGP router. The value of zero is reserved. The PPSI the egress BGP router. The value of zero is reserved. The PPSI
Identifier will serve 2 purposes. Identifier will serve 2 purposes.
o It MUST uniquely identify the VPN Routing Instance upon which o It MUST uniquely identify the VPN Routing Instance for L3VPN or
forwarding decision can be taken. identify an Ethernet Segment for EVPN or identify a leaf property
for EVPN TREE upon which forwarding decision can be taken.
o It MAY provide information for special processing before the o It MAY provide information for special processing before the
packet is forwarded. packet is forwarded.
The structure of 3 octet PPSI Identifier will be updated in the next The structure of 3 octet PPSI Identifier will be updated in the next
version of this document. version of this document.
The encoding of the Per-Path Service Instruction Identifier for VPNs The encoding of the Per-Path Service Instruction Identifier for VPNs
is described in Section 7 and Section 8. is described in Section 7 and Section 8.
skipping to change at page 6, line 14 skipping to change at page 6, line 14
The value of 2 indicates that the label field in the NLRI MUST be The value of 2 indicates that the label field in the NLRI MUST be
ignored at the ingress router. ignored at the ingress router.
5. Procedures for Egress BGP Speaker 5. Procedures for Egress BGP Speaker
The PPSI Information instructs the egress router to de-encapsulate The PPSI Information instructs the egress router to de-encapsulate
the packet and forward the newly exposed payload inner packet through the packet and forward the newly exposed payload inner packet through
the specified interface or forward using the specified Routing the specified interface or forward using the specified Routing
Instance. The PPSI Identifier described in Section 3 will be Instance. The PPSI Identifier described in Section 3 will be
assigned by the egress BGP Router. assigned by the egress BGP Router except in the case of EVPN per ES
AD route when P2MP tunnel is used for delivering BUM traffic in EVPN.
If P2MP tunnel is used to deliver BUM traffic for EVPN, the PPSI
Identifier used to identify an Ethernet Segment is assigned by the
upstream ingress BGP Router. Otherwise, it is downstream assigned by
the egress BGP router.
When the egress BGP Speaker advertises the NLRI, it will include the When the egress BGP Speaker advertises the NLRI, it will include the
PPSI Information in the encoding described in Section 7 and PPSI Information in the encoding described in Section 7 and
Section 8. The egress BGP Speaker MUST include the Tunnel Section 8. The egress BGP Speaker MUST include the Tunnel
Encapsulation Attribute with Route type SRv6+ as described in Encapsulation Attribute with Route type SRv6+ as described in
Section 4 in such BGP updates. Section 4 in such BGP updates.
By tagging the BGP update with Tunnel Encapsulation attribute of By tagging the BGP update with Tunnel Encapsulation attribute of
SRv6+ type, the BGP Speaker informs how the SRv6+_NLRI should be SRv6+ type, the BGP Speaker informs how the SRv6+_NLRI should be
decoded and processed by the receiving BGP Speaker. decoded and processed by the receiving BGP Speaker.
Via the Remote Tunnel Endpoint Sub-TLV encoding, the egress BGP Via the Remote Tunnel Endpoint Sub-TLV encoding, the egress BGP
router may specify the SRv6+ Path Destination Address. The Protocol router may specify the SRv6+ Path Destination Address. The Protocol
type Sub-TLV and the Color Sub-TLV may be used by the egress BGP type Sub-TLV and the Color Sub-TLV may be used by the egress BGP
router to influence the payload packets to be put on SRv6+ path. The router to influence the payload packets to be put on SRv6+ path. The
Embedded Label Handling Sub-TLV MUST be set to 2 to inform that the Embedded Label Handling Sub-TLV MUST be set to 2 to inform that the
MPLS label field should be ignored. MPLS label field should be ignored.
A single PPSI Identifier may be associated with all the prefixes in a A single PPSI Identifier may be associated with all the prefixes in a
Routing Instance or a unique PPSI Identifier may be associated for Routing Instance or a unique PPSI Identifier may be associated for
each prefix in the Routing Instance. The choice is left to the each prefix in the Routing Instance. Similarly, a PPSI Identifier
Network Operator and is outside the scope of this document. may be assigned to identify an Ethernet segment or leaf AC property
by EVPN. The choice is left to the Network Operator and is outside
the scope of this document.
6. Procedures for Ingress BGP Speaker 6. Procedures for Ingress BGP Speaker
Upon receiving a BGP update, the receiving BGP Speaker will look for Upon receiving a BGP update, the receiving BGP Speaker will look for
Tunnel Encapsulation attribute. If the tunnel type carried in the Tunnel Encapsulation attribute. If the tunnel type carried in the
Tunnel Encapsulation attribute is SRv6+, the BGP updates is said to Tunnel Encapsulation attribute is SRv6+, the BGP updates is said to
be carrying the SRv6+_NLRI and the Label field in the Network Layer be carrying the SRv6+_NLRI and the Label field in the Network Layer
Reachability Information is treated as Per-Path Service Instruction Reachability Information is treated as Per-Path Service Instruction
(PPSI) Identifier. (PPSI) Identifier.
skipping to change at page 9, line 4 skipping to change at page 9, line 13
be appended to the Path attribute associated with the NLRI. be appended to the Path attribute associated with the NLRI.
8. BGP based Ethernet VPN services over IPv6 8. BGP based Ethernet VPN services over IPv6
The [RFC7432] describes the BGP extensions for carrying the Ethernet The [RFC7432] describes the BGP extensions for carrying the Ethernet
Virtual Private Network Overlay on MPLS network. It defines 4 types Virtual Private Network Overlay on MPLS network. It defines 4 types
of EVPN NLRI. This document specifies changes to certain fields for of EVPN NLRI. This document specifies changes to certain fields for
those NLRIs. those NLRIs.
o Ethernet Auto-Discovery (A-D) route o Ethernet Auto-Discovery (A-D) route
o MAC/IP Advertisement route o MAC/IP Advertisement route
o Inclusive Multicast Ethernet Tag route o Inclusive Multicast Ethernet Tag route
o Ethernet Segment route o IP Prefix route
8.1. Ethernet Auto-Discovery (A-D) route 8.1. Ethernet Per ES Auto-Discovery (A-D) route
The MP_REACH and MP_UNREACH attributes will carry this route in the The MP_REACH and MP_UNREACH attributes will carry this route in the
NLRI encoding described in [RFC7432]. In addition to Tunnel NLRI encoding described in [RFC7432]. In addition to Tunnel
Encapsulation attribute encoding, this document recommends to follow Encapsulation attribute encoding, this document recommends to follow
the [RFC4732] encoding except the following. the [RFC4732] encoding except the following. For MPLS label carried
in the Ethernet A-D per ESI route:
o MPLS label : Per [RFC7432], it is set to zero.
o Tunnel Encapsulation Path Attribute : SRv6+ Type as described in
Section 4
The MPLS label field is not part of the route but treated as route
attribute. For procedures and usage of this route, refer to
[RFC7432]. The Tunnel Encapsulation attribute with SRv6+ type MUST
be appended to the Path attribute associated with the NLRI.
An EVPN Ethernet per ES A-D route is usually signaled together with
an ESI label extended community. For ESI Label carried in the ESI
label extended community:
o ESI Label: Per-Path Service Instruction Identifier
The Per-Path Service Instruction Identifier is used to identify an
Ethernet segment attached to the BGP PE for EVPN.
If P2MP tunnel is used to deliver BUM traffic, then this PPSI
Identifier is upstream assigned by the ingress router, otherwise it
is downstream assigned by the egress router.
8.2. Ethernet per EVI Auto-Discovery (A-D) route
The MP_REACH and MP_UNREACH attributes will carry this route in the
NLRI encoding described in [RFC7432]. In addition to Tunnel
Encapsulation attribute encoding, this document recommends to follow
the [RFC4732] encoding except the following:
o MPLS label : Per-Path Service Instruction Identifier o MPLS label : Per-Path Service Instruction Identifier
o Tunnel Encapsulation Path Attribute : SRv6+ Type as described in o Tunnel Encapsulation Path Attribute : SRv6+ Type as described in
Section 4 Section 4
The MPLS label field is not part of the route but treated as route The MPLS label field is not part of the route but treated as route
attribute. For procedures and usage of this route, refer to attribute. For procedures and usage of this route, refer to
[RFC7432]. The Tunnel Encapsulation attribute with SRv6+ type MUST [RFC7432]. The Tunnel Encapsulation attribute with SRv6+ type MUST
be appended to the Path attribute associated with the NLRI. be appended to the Path attribute associated with the NLRI.
8.2. MAC/IP Advertisement route In addition, for EVPN E-tree service, this route may be signaled
together with an E-Tree Extended Community as it is specified in
[RFC8317]. For the leaf label carried in the E-Tree Extended
Community:
o Leaf Label: Per-Path Service Instruction Identifier
In case of EVPN E-tree service, the per-path service identifier
carried in the E-Tree extended community is used to signal a leaf AC
property.
In the data plane, this PPSI identifier specified in the Destination
Option header is used by an egress router to identify that a data
packet is ingressed from a leaf AC such that appropriate forwarding
decision can be made.
If P2MP tunnel is used to deliver BUM traffic, then this PPSI
Identifier is upstream assigned by the ingress router. Otherwise it
is downstream assigned by the egress router.
8.3. MAC/IP Advertisement route
The MP_REACH and MP_UNREACH attributes will carry this route in the The MP_REACH and MP_UNREACH attributes will carry this route in the
NLRI encoding described in [RFC7432]. In addition to Tunnel NLRI encoding described in [RFC7432]. In addition to Tunnel
Encapsulation attribute encoding, this document recommends to follow Encapsulation attribute encoding, this document recommends to follow
the [RFC4732] encoding except the following. the [RFC4732] encoding except the following.
o MPLS label1 : Per-Path Service Instruction Identifier1 o MPLS label1 : Per-Path Service Instruction Identifier1
o MPLS label2 : Per-Path Service Instruction Identifier2 o MPLS label2 : Per-Path Service Instruction Identifier2
o Tunnel Encapsulation Path Attribute : SRv6+ Type as described in o Tunnel Encapsulation Path Attribute : SRv6+ Type as described in
Section 4 Section 4
The MPLS label field is not part of the route but treated as route The MPLS label field is not part of the route but treated as route
attribute. For procedures and usage of this route, refer to attribute. For procedures and usage of this route, refer to
[RFC7432]. The Tunnel Encapsulation attribute with SRv6+ type MUST [RFC7432]. The Tunnel Encapsulation attribute with SRv6+ type MUST
be appended to the Path attribute associated with the NLRI. be appended to the Path attribute associated with the NLRI.
8.4. Inclusive Multicast Ethernet Route
The MP_REACH and MP_UNREACH attributes will carry this route in the
NLRI encoding described in [RFC7432]. In addition to Tunnel
Encapsulation attribute encoding, this document recommends to follow
the [RFC4732] encoding except the following.
o If MPLS label field in the PMSI Tunnel Attributed is non-zero, it
is set to Per-Path Service Instruction Identifier.
o Tunnel Encapsulation Path Attribute : SRv6+ Type as described in
Section 4
The Tunnel Encapsulation attribute with SRv6+ type MUST be appended
to the Path attribute associated with the NLRI.
8.5. IP Prefix Route
The MP_REACH and MP_UNREACH attributes will carry this route in the
NLRI encoding described in [I-D draft-ietf-bess-evpn-prefix-
advertisement]. In addition to Tunnel Encapsulation attribute
encoding, this document recommends the following change:
o MPLS label: if it is non-zero, it is set to Per-Path Service
Instruction Identifier.
o Tunnel Encapsulation Path Attribute : SRv6+ Type as described in
Section 4
The MPLS label field is not part of the route but treated as route
attribute. For procedures and usage of this route, refer to [I-D
draft-ietf-bess-evpn-prefix-advertisement]. The Tunnel Encapsulation
attribute with SRv6+ type MUST be appended to the Path attribute
associated with the NLRI.
9. Deployment Considerations 9. Deployment Considerations
This document proposes to reuse the NLRI encoding for BGP L3VPN and This document proposes to reuse the NLRI encoding for BGP L3VPN and
EVPN Network Layer Routing Information. However, care should be EVPN Network Layer Routing Information. However, care should be
taken when BGP VPN overlay services are enabled on SRv6+ underlay taken when BGP VPN overlay services are enabled on SRv6+ underlay
such that Tunnel Encapsulation Path attribute with SRv6+ type MUST be such that Tunnel Encapsulation Path attribute with SRv6+ type MUST be
appended. When a BGP router advertises SRv6+_NLRI, it MUST not appended. When a BGP router advertises SRv6+_NLRI, it MUST NOT
remove the Tunnel Encapsulation Path attribute. remove the Tunnel Encapsulation Path attribute.
The SRv6+ underlay is similar to other "tunnel" technologies viz The SRv6+ underlay is similar to other "tunnel" technologies viz
MPLS, GRE, IP-in-IP, L2TPv3. The egress and ingress BGP routers can MPLS, GRE, IP-in-IP, L2TPv3. The egress and ingress BGP routers can
be connected via one or more such underlay technologies. A BGP be connected via one or more such underlay technologies. A BGP
speaker can advertise the VPN NLRI with the nexthop reachable via one speaker can advertise the VPN NLRI with the nexthop reachable via one
or more such underlay paths. Each such mechanism can co-exist or more such underlay paths. Each such mechanism can co-exist
together as ships-in-night. However, when SRv6+_NLRI is advertised together as ships-in-night. However, when SRv6+_NLRI is advertised
by a egress BGP speaker and received by an ingress BGP speaker, they by a egress BGP speaker and received by an ingress BGP speaker, they
MUST follow the procedures mentioned in this document. MUST follow the procedures mentioned in this document.
skipping to change at page 11, line 26 skipping to change at page 13, line 27
idr-tunnel-encaps-12]. idr-tunnel-encaps-12].
12. IANA Considerations 12. IANA Considerations
IANA is requested to assign a code point for SRv6+ Route Type for BGP IANA is requested to assign a code point for SRv6+ Route Type for BGP
Tunnel Encapsulation Path Attribute from BGP Tunnel Encapsulation Tunnel Encapsulation Path Attribute from BGP Tunnel Encapsulation
Attribute Tunnel Types Registry. Attribute Tunnel Types Registry.
13. Acknowledgements 13. Acknowledgements
The authors would like to thank Jeff Haas for careful review and The authors would like to thank Jeff Haas and Wen Lin for careful
suggestions. review and suggestions.
14. References 14. References
14.1. Normative References 14.1. Normative References
[I-D.bonica-6man-vpn-dest-opt] [I-D.bonica-6man-vpn-dest-opt]
Bonica, R., Lenart, C., So, N., Xu, F., Presbury, G., Bonica, R., Lenart, C., So, N., Xu, F., Presbury, G.,
Chen, G., Zhu, Y., Yang, G., and Y. Zhou, "The IPv6 Chen, G., Zhu, Y., Yang, G., and Y. Zhou, "The IPv6
Virtual Private Network (VPN) Context Information Option", Virtual Private Network (VPN) Context Information Option",
draft-bonica-6man-vpn-dest-opt-05 (work in progress), draft-bonica-6man-vpn-dest-opt-05 (work in progress),
skipping to change at page 14, line 19 skipping to change at page 16, line 19
[RFC8077] Martini, L., Ed. and G. Heron, Ed., "Pseudowire Setup and [RFC8077] Martini, L., Ed. and G. Heron, Ed., "Pseudowire Setup and
Maintenance Using the Label Distribution Protocol (LDP)", Maintenance Using the Label Distribution Protocol (LDP)",
STD 84, RFC 8077, DOI 10.17487/RFC8077, February 2017, STD 84, RFC 8077, DOI 10.17487/RFC8077, February 2017,
<https://www.rfc-editor.org/info/rfc8077>. <https://www.rfc-editor.org/info/rfc8077>.
[RFC8277] Rosen, E., "Using BGP to Bind MPLS Labels to Address [RFC8277] Rosen, E., "Using BGP to Bind MPLS Labels to Address
Prefixes", RFC 8277, DOI 10.17487/RFC8277, October 2017, Prefixes", RFC 8277, DOI 10.17487/RFC8277, October 2017,
<https://www.rfc-editor.org/info/rfc8277>. <https://www.rfc-editor.org/info/rfc8277>.
[RFC8317] Sajassi, A., Ed., Salam, S., Drake, J., Uttaro, J.,
Boutros, S., and J. Rabadan, "Ethernet-Tree (E-Tree)
Support in Ethernet VPN (EVPN) and Provider Backbone
Bridging EVPN (PBB-EVPN)", RFC 8317, DOI 10.17487/RFC8317,
January 2018, <https://www.rfc-editor.org/info/rfc8317>.
Authors' Addresses Authors' Addresses
Srihari Sangli Srihari Sangli
Juniper Networks Inc. Juniper Networks Inc.
Exora Business Park Exora Business Park
Bangalore, KA 560103 Bangalore, KA 560103
India India
Email: ssangli@juniper.net Email: ssangli@juniper.net
 End of changes. 16 change blocks. 
27 lines changed or deleted 130 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/