Internet DRAFT - draft-ietf0-idr-srv6-flowspec-path-redirect
draft-ietf0-idr-srv6-flowspec-path-redirect
IDR Working Group G. Van de Velde
Internet-Draft Nokia
Intended status: Standards Track K. Patel
Expires: 13 July 2024 Arrcus
Z. Li
Huawei Technologies
H. Chen
Futurewei
10 January 2024
Flowspec Indirection-id Redirect for SRv6
draft-ietf0-idr-srv6-flowspec-path-redirect-11
Abstract
This document defines extensions to "FlowSpec Redirect to
indirection-id Extended Community" for SRv6. This extended community
can trigger advanced redirection capabilities to flowspec clients for
SRv6. When activated, this flowspec extended community is used by a
flowspec client to retrieve the corresponding next-hop and encoding
information within a localised indirection-id mapping table.
The functionality detailed in this document allows a network
controller to decouple the BGP flowspec redirection instruction from
the operation of the available paths.
Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [2].
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
Van de Velde, et al. Expires 13 July 2024 [Page 1]
Internet-Draft Indirection-id Redirect for SRv6 January 2024
This Internet-Draft will expire on 13 July 2024.
Copyright Notice
Copyright (c) 2024 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components
extracted from this document must include Revised BSD License text as
described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Revised BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Redirect to indirection-id Community . . . . . . . . . . . . 2
3. Security Considerations . . . . . . . . . . . . . . . . . . . 4
4. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 4
5. Contributor Addresses . . . . . . . . . . . . . . . . . . . . 4
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5
7. References . . . . . . . . . . . . . . . . . . . . . . . . . 5
7.1. Normative References . . . . . . . . . . . . . . . . . . 5
7.2. Informative References . . . . . . . . . . . . . . . . . 5
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 6
1. Introduction
"FlowSpec Redirect to indirection-id Extended Community" for IPv4 is
defined in ietf-idr-flowspec-path-redirect [1]. This draft specifies
extensions to this community for SRv6.
2. Redirect to indirection-id Community
This document defines a new sub-type value for SRv6 in "FlowSpec
Redirect to indirection-id Extended Community". The format of this
extended community with the new sub-type value is show below:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type |Sub-Type (TBD) | Flags(1 octet)| ID-Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Generalized indirection_id (16 octets) |
~ ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Van de Velde, et al. Expires 13 July 2024 [Page 2]
Internet-Draft Indirection-id Redirect for SRv6 January 2024
Where
Type: 1 octet, defined in ietf-idr-flowspec-path-redirect [1].
Sub-Type: 1 octet, its value (TBD) will be assigned by IANA.
Flags: Same as that defined in ietf-idr-flowspec-path-redirect [1].
ID-Type: 1 octet value. This draft defines following Context Types:
* 0 - Localised ID (The flowspec client uses the received
indirection-id to lookup forwarding information within the
localised indirection-id table. The allocation and programming of
the localised indirection-id table is outside scope of the
document)
* 1 - Node ID with SID/index in MPLS-based Segment Routing (This
means the indirection-id is mapped to an MPLS label using the
index as a global offset in the SID/label space)
* 2 - Node ID with SID/label in MPLS-based Segment Routing (This
means the indirection-id is mapped to an MPLS label using the
indirection-id as global label)
* 3 - Binding Segment ID with SID/index in MPLS-based Segment
Routing (This means the indirection-id is mapped to an MPLS
binding label using the indirection-id as index for global offset
in the SID/label space).
* 4 - Binding Segment ID with SID/label in MPLS-based Segment
Routing (This means indirection-id is mapped to an MPLS binding
label using the indirection-id as global label).
* 5 - Tunnel ID (Tunnel ID is within a single administrative domain
a globally unique tunnel identifier. The allocation and
programming of the Tunnel ID within the localised indirection-id
table is outside scope of the document)
* 6 - Node ID with SID/index in SRv6 (This means the indirection-id
is mapped to an SRv6 SID using the indirection-id as global SRv6
SID or index)
* 7 - Binding Segment ID with SID/index in SRv6 (This means the
indirection-id is mapped to an SRv6 binding SID using the
indirection-id as index for global offset in the SID space).
Van de Velde, et al. Expires 13 July 2024 [Page 3]
Internet-Draft Indirection-id Redirect for SRv6 January 2024
* 8 - Binding Segment ID with SID/index in SRv6 (This means
indirection-id is mapped to an SRv6 binding SID using the
indirection-id as global SRv6 SID).
Generalized indirection_id: 128-bit identifier used as indirection_id
3. Security Considerations
A system using "Redirect to indirection-id" extended community can
cause during the redirect mitigation of a DDoS attack overflow of
traffic received by the mitigation infrastructure.
4. Acknowledgements
This document received valuable comments and input from IDR working
group including Adam Simpson, Mustapha Aissaoui, Jan Mertens, Robert
Raszuk, Jeff Haas, Susan Hares and Lucy Yong.
5. Contributor Addresses
Below is a list of other contributing authors in alphabetical order:
Arjun Sreekantiah
Cisco Systems
170 W. Tasman Drive
San Jose, CA 95134
USA
Email: asreekan@cisco.com
Nan Wu
Huawei Technologies
Huawei Bld., No. 156 Beiquing Rd
Beijing 100095
China
Email: eric.wu@huawei.com
Shunwan Zhuang
Huawei Technologies
Huawei Bld., No. 156 Beiquing Rd
Beijing 100095
China
Email: zhuangshunwan@huawei.com
Van de Velde, et al. Expires 13 July 2024 [Page 4]
Internet-Draft Indirection-id Redirect for SRv6 January 2024
Wim Henderickx
Nokia
Antwerp
BE
Email: wim.henderickx@nokia.com
6. IANA Considerations
This document requests a new sub-type value under "FlowSpec Redirect
to indirection-id Extended Community Sub-Type" registery.
Value Code Reference
0x01 Flowspec Redirect to 128-bit Path-id for SRv6 [RFC-To-Be]
7. References
7.1. Normative References
[1] Van de Velde, G., Patel, K., and Z. Li, "Flowspec
Indirection-id Redirect", Work in Progress, Internet-
Draft, draft-ietf-idr-flowspec-path-redirect-12, 24
November 2022, <https://datatracker.ietf.org/doc/html/
draft-ietf-idr-flowspec-path-redirect-12>.
[2] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997,
<http://xml.resource.org/public/rfc/html/rfc2119.html>.
[3] Marques, P., Sheth, N., Raszuk, R., Greene, B., Mauch, J.,
and D. McPherson, "Dissemination of Flow Specification
Rules", RFC 5575, DOI 10.17487/RFC5575, August 2009,
<https://www.rfc-editor.org/info/rfc5575>.
7.2. Informative References
[4] Uttaro, J., Filsfils, C., Alcaide, J., and P. Mohapatra,
"Revised Validation Procedure for BGP Flow
Specifications", January 2014.
[5] Filsfils, C., Previdi, S., Aries, E., Ginsburg, D., and D.
Afanasiev, "Segment Routing Centralized Egress Peer
Engineering", October 2015.
Van de Velde, et al. Expires 13 July 2024 [Page 5]
Internet-Draft Indirection-id Redirect for SRv6 January 2024
[6] Sreekantiah, A., Filsfils, C., Previdi, S., Sivabalan, S.,
Mattes, P., and S. Lin, "Segment Routing Traffic
Engineering Policy using BGP", October 2015.
[7] Filsfils, C., Previdi, S., Decraene, B., Litkowski, S.,
Shakir, R., Bashandy, A., Horneffer, M., Henderickx, W.,
Tantsura, J., Crabbe, E., Milojevic, I., and S. Ytti,
"Segment Routing Architecture", December 2015.
[8] Sivabalan, S., Medved, M., Filsfils, C., Litkowski, S.,
Raszuk, R., Bashandy, A., Lopez, V., Tantsura, J.,
Henderickx, W., Hardwick, J., Milojevic, I., and S. Ytti,
"PCEP Extensions for Segment Routing", December 2015.
Authors' Addresses
Gunter Van de Velde
Nokia
Antwerp
Belgium
Email: gunter.van_de_velde@nokia.com
Keyur Patel
Arrcus
United States of America
Email: keyur@arrcus.com
Zhenbin Li
Huawei Technologies
Huawei Bld., No. 156 Beiquing Rd
Beijing
100095
China
Email: lizhenbin@huawei.com
Huaimo Chen
Futurewei
Boston, MA,
United States of America
Email: Huaimo.chen@futurewei.com
Van de Velde, et al. Expires 13 July 2024 [Page 6]