Network Working Group                                            Y. Liu
Internet Draft                                                 W. Cheng
Intended status: Standards Track                           China Mobile
Expires: January 11, 2023                                        C. Lin
                                                                M. Chen
                                                   New H3C Technologies
                                                                M. Xiao
                                                          July 11, 2022

                   Encapsulation of BFD for SRv6 Policy


   Bidirectional Forwarding Detection (BFD) mechanisms can be used for
   fast detection of failures in the forwarding path of SR Policy. This
   document describes the encapsulation of BFD for SRv6 Policy, which
   can be applied for both S-BFD and U-BFD. The BFD packets may be
   encapsulated in transport mode or tunnel mode.

   This Internet-Draft will expire on January 11, 2023.

   1. Introduction...................................................2
      1.1. Requirements Language.....................................3
   2. Encapsulation of BFD Packet for SRv6 Policy....................3
      2.1. Control Packet in Transport Mode..........................4
      2.2. Echo Packet in Transport Mode.............................6
      2.3. Control Packet in Tunnel Mode.............................7
      2.4. Echo Packet in Tunnel Mode................................8
   3. Choice of Headend and Tail-end IPv6 Addresses.................10
      3.1. Control Packet...........................................10
      3.2. Echo Packet..............................................10
   4. Checksum in UDP Header........................................11
   5. Control of Inserting Additional IPv6 Address in SRH...........11
   6. Example.......................................................11
   7. Security Considerations.......................................13
   8. IANA Considerations...........................................13
1. Introduction

   Segment Routing (SR) [RFC8402] allows a headend node to steer a
   packet flow along any path. Per-path states of Intermediate nodes
   are eliminated thanks to source routing. A Segment Routing Policy
   (SR Policy) [I-D.ietf-spring-segment-routing-policy] is an ordered
   list of segments (i.e., instructions) that represent a source-routed
   policy. The packets steered into an SR Policy carry an ordered list
   of segments associated with that SR Policy. The SRv6 Policy is the
   instantiation of SR Policy for SR over IPv6 (SRv6) data-plane.

   In order to provide end-to-end protection, the headend node need to
   rapidly detect any failures in the forwarding path of SR Policy, so
   that it could switch from the active candidate path to another
   backup candidate path within the same SR Policy or switch from the
   active SR Policy to another backup SR Policy. Bidirectional

   Forwarding Detection (BFD) mechanisms [RFC5880] [RFC7880] can be
   used for fast detection of such failures.

   As described in [I-D.ali-spring-bfd-sr-policy], the BFD mechanism to
   be used for monitoring SRv6 Policies is expected to be simple and
   lightweight, which can be setup and deleted dynamically and on-
   demand. S-BFD simplifies the mechanism for using BFD with a large
   proportion of negotiation aspects eliminated. [I-D.ali-spring-bfd-
   sr-policy] describes the use of S-BFD for monitoring of SR Policy
   paths, and specifies the S-BFD Discriminator selection, the S-BFD
   session initiation and the return path control related to S-BFD use
   for SR Policy.

   Unaffiliated BFD Echo Function (U-BFD) [I-D.ietf-bfd-unaffiliated-
   echo] simplifies the BFD Echo Function procedure, by which the
   remote system does not need to support BFD or maintain any BFD
   session states. U-BFD may also be used to monitor SR Policies.

   This document describes the encapsulation of BFD for SRv6 Policy,
   which can be applied for both S-BFD and U-BFD. The BFD packets may
   be encapsulated in transport mode or tunnel mode.

1.1. Requirements Language

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "OPTIONAL" in this document are to be interpreted as described in
   BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
   capitals, as shown here.

2. Encapsulation of BFD Packet for SRv6 Policy

   On SRv6 data-plane, a BFD packet for SRv6 Policy carries a Segment
   Routing Header (SRH) [RFC8754] containing a list of SRv6 SIDs
   associated with that SRv6 Policy.

   The BFD packets may be encapsulated in transport mode or tunnel
   mode. In transport mode, the SRH is inserted after the IPv6 header.
   In tunnel mode, an outer IPv6 header with an SRH is encapsulated,
   which looks like an BFD packet for plain IPv6 is steered into an
   SRv6 Policy.

   | IPv6 header |   SRH   | UDP Header  |  Payload   |

   Figure 1: Transport Mode Encapsulation

   | IPv6 header |   SRH   | IPv6 header | UDP Header |  Payload   |

   Figure 2: Tunnel Mode Encapsulation

   An SRv6 Policy may consist of multiple candidate paths, and each
   candidate path may consist of multiple Segment-Lists. To monitor a
   candidate path, an implementation may setup multiple sessions for
   each Segment-List associated with that path. If some of the Segment-
   Lists fail, the forwarding will be weighted load-balancing among the
   other Segment-Lists. If all of the Segment-Lists fail, the candidate
   path is deemed to be failed. An implementation may monitor each
   candidate path belonging to the SRv6 Policy respectively. If the
   active candidate path fails, the switchover to another backup
   candidate path will be triggered. If all the candidate paths fails,
   the SRv6 Policy is deemed to be failed. How to setup sessions for
   the candidate paths and Segment-Lists associated with an SRv6 Policy
   is out of the scope of this document.

2.1. Control Packet in Transport Mode

   In transport mode, the encapsulation format of BFD control packet is
   as follows:

   | IPv6 Header                                               |
   .  Source IP Address = Headend IPv6 Address                 .
   .  Destination IP Address = Segment List[SL]                .
   .  Next-Header = SRH                                        .
   .                                                           .
   | SRH                                                       |
   .  Segment List[0] = Tail-end IPv6 Address, or              .
   .                  Last Segment of SRv6 Policy Segment-List .
   .  Segment List[1]                                          .
   .  Segment List[2]                                          .
   .  ...                                                      .
   .  Next-Header = UDP                                        .
   .                                                           .
   | UDP Header                                                |
   .                                                           .
   | Payload                                                   |
   .                                                           .

   Figure 3: Format of Control Packet in Transport Mode

   In the SRH, the first element of the Segment List (Segment List[0])
   contains the SRv6 SID or IPv6 address of the tail-end node.

   If the last segment of the SRv6 Policy Segment-List does not belong
   to the tail-end node, an IPv6 address of tail-end should be added as
   Segment List[0], while Segment List[1] contains the last segment of
   the SRv6 Policy Segment-List. The typical scenarios are as follows:

   o The last segment of the SRv6 Policy Segment-List may be an End.X
      SID of the penultimate hop. If it is used as Segment List[0], the
      final destination for the BFD packet is missing.

   o The last segment of the SRv6 Policy Segment-List may be a Binding
      SID, for example, the application of SRv6 Policy for L3VPN
      service across multiple domains. If it is used as Segment
      List[0], according to [RFC8986], the node which instantiates the
      BSID will not perform the encapsulation behavior of the
      associated SRv6 Policy, but stop processing the SRH and proceed
      to process the next header in the packet.

   Else, the additional tail-end IPv6 address is not necessary, and it
   can be omitted in order to reduce the SRH size.

   After tail-end receives the control packet, it will send response
   packet back to the headend. The response packet is IP routed based
   on the IPv6 SA of the control packet from headend. Additional
   measures may be taken to control the forwarding path of response
   packet, which is out of the scope of this document.

2.2. Echo Packet in Transport Mode

   In transport mode, the encapsulation format of BFD echo packet is as

   | IPv6 Header                                               |
   .  Source IP Address = Headend IPv6 Address                 .
   .  Destination IP Address = Segment List[SL]                .
   .  Next-Header = SRH                                        .
   .                                                           .
   | SRH                                                       |
   .  Segment List[0] = Headend IPv6 Address                   .
   .  Segment List[1]                                          .
   .  Segment List[2]                                          .
   .  ...                                                      .
   .  Next-Header = UDP                                        .
   .                                                           .
   | UDP Header                                                |
   .                                                           .
   | Payload                                                   |
   .                                                           .

   Figure 4: Format of Echo Packet in Transport Mode

   The BFD echo packet u-turns on the tail-end node and returns to the
   headend node. The difference from the control packet is that the
   final destination of the echo packet is the headend itself. So,
   Segment List[0] in the SRH should contain the IPv6 address of the
   headend, in order to indicate the tail-end to forward the echo
   packet back to headend. The return path is IP routed.

   In both S-BFD and U-BFD for SRv6 Policy, the echo packet may be used
   to control the return path. After the echo packet reaches the tail-
   end along the forwarding path of SRv6 Policy Segment-List,
   additional segments will indicate the packet to be forwarded along
   specific path back to the headend.

   If segments of the return path is included in the SRH of echo packet
   and the last segment of the return path belongs to the headend, the
   additional headend IPv6 address is not necessary to be added as
   Segment List[0]. How to identify corresponding segment stack for the
   return paths are outside the scope of this document.

2.3. Control Packet in Tunnel Mode

   In tunnel mode, the encapsulation format of BFD control packet is as

   | IPv6 Header                                               |
   .  Source IP Address = Headend IPv6 Address                 .
   .  Destination IP Address = Segment List[SL]                .
   .  Next-Header = SRH                                        .
   .                                                           .
   | SRH                                                       |
   .  Segment List[0] = Tail-end IPv6 Address, or              .
   .                  Last Segment of SRv6 Policy Segment-List .
   .  Segment List[1]                                          .
   .  Segment List[2]                                          .
   .  ...                                                      .
   .  Next-Header = IPv6                                       .
   .                                                           .
   | IPv6 Header                                               |
   .  Source IP Address = Headend IPv6 Address                 .
   .  Destination IP Address = Tail-end IPv6 Address           .
   .  Next-Header = UDP                                        .
   .                                                           .
   | UDP Header                                                |
   .                                                           .
   | Payload                                                   |
   .                                                           .

   Figure 5: Format of Control Packet in Tunnel Mode

   In the SRH, the first element of the Segment List (Segment List[0])
   contains the SRv6 SID or IPv6 address of the tail-end node.

   If the last segment of the SRv6 Policy Segment-List does not belong
   to the tail-end node and its function does not include decapsulation
   of the outer IPv6 header, an IPv6 address of tail-end should be

   added as Segment List[0], while Segment List[1] contains the last
   segment of the SRv6 Policy Segment-List. The typical scenarios are
   as follows:

   o The last segment of the SRv6 Policy may be an End.X SID of the
      penultimate hop. If it is used as Segment List[0], the
      penultimate hop needs to remove the outer IPv6 header with all
      SRH, and forwards the inner IPv6 packet to reflector. If the last
      segment is with Ultimate Segment Decapsulation (USD) flavor, the
      penultimate SR endpoint node will perform such decapsulation as
      defined in [RFC8986]. Otherwise, how to process the packet when
      the upper-layer header type is IPv6, is not clearly defined in
      [RFC8986]. It depends on implementation, and may not work well
      for BFD.

   o The last segment of the SRv6 Policy may be a Binding SID, which
      is the same with the Binding SID case in section 2.1.

   Else, the additional tail-end IPv6 address is not necessary, and it
   can be omitted in order to reduce the SRH size.

   After tail-end receives the control packet, it will send response
   packet back to the headend. The response packet is IP routed based
   on the inner IPv6 SA of the control packet from headend. Additional
   measures may be taken to control the forwarding path of response
   packet, which is out of the scope of this document.

2.4. Echo Packet in Tunnel Mode

   In tunnel mode, the encapsulation format of BFD echo packet is as

   | IPv6 Header                                               |
   .  Source IP Address = Headend IPv6 Address                 .
   .  Destination IP Address = Segment List[SL]                .
   .  Next-Header = SRH                                        .
   .                                                           .
   | SRH                                                       |
   .  Segment List[0] = Tail-end IPv6 Address, or              .
   .                  Last Segment of SRv6 Policy Segment-List .
   .  Segment List[1]                                          .
   .  Segment List[2]                                          .
   .  ...                                                      .
   .  Next-Header = IPv6                                       .
   .                                                           .
   | IPv6 Header                                               |
   .  Source IP Address = Headend IPv6 Address                 .
   .  Destination IP Address = Headend IPv6 Address            .
   .  Next-Header = UDP                                        .
   .                                                           .
   | UDP Header                                                |
   .                                                           .
   | Payload                                                   |
   .                                                           .

   Figure 6: Format of Echo Packet in Tunnel Mode

   If the last segment of the SRv6 Policy Segment-List does not belong
   to the tail-end node, an IPv6 address of tail-end should be added as
   Segment List[0], in order to guarantee that the packet can reach the

   After the tail-end receives the control packet, it decapsulates the
   outer IPv6 header with SRH, and then forwards the inner IPv6 packet
   back to the headend based on the IPv6 DA.

   If additional segments of the return path are included in the SRH of
   echo packet, the tail-end IPv6 address should not be included in the
   SRH. The segment stack should guarantee that the packet can reach
   the tail-end and then goes back to the headend. How to identify
   corresponding segment stack for the return paths are outside the
   scope of this document.

3. Choice of Headend and Tail-end IPv6 Addresses

3.1. Control Packet

   When traffics are steered into an SRv6 Policy, the headend
   encapsulates the received packets in an outer IPv6 header along with
   an SRH. The Source Address of the outer IPv6 header is an IPv6
   Address of the headend itself which can be routed. It may be a local
   interface address of the headend used for all SRv6 Policies. Or,
   different source addresses may be allocated per SRv6 Policy by local

   For the BFD control packet, the headend IPv6 address in the Source
   Address of IPv6 header may use the source address associated with
   the SRv6 Policy.

   An SRv6 Policy is identified through the tuple <headend, color,
   endpoint>. The endpoint indicates the destination of the policy, and
   is usually specified as an IPv6 address of the tail-end node.

   For the BFD control packet, the headend may choose endpoint of the
   SRv6 Policy to be the tail-end IPv6 address which appears in the
   first segment of SRH or DA of inner IPv6 header, without additional
   knowledge of the tail-end. However, in some scenarios, the endpoint
   of SRv6 Policy can be the unspecified address (:: for IPv6), and the
   tail-end IPv6 Address may be specified by local configuration or
   network controller.

3.2. Echo Packet

   For the BFD echo packet, the headend IPv6 address in the Source
   Address of IPv6 header may use the source address associated with
   the SRv6 Policy, which is similar with the control packet.

   Because the echo packet u-turns on the tail-end, the tail-end does
   not need to parse the packet or use the source address as the
   destination address to send back, which is different from the
   control packet. So, the SA of echo packet is not necessary to be
   routable. An implementation may use unreachable address as the
   headend IPv6 address in the SA, which would prevent icmpv6 messages
   from flooding into the headend in failure cases.

   For the headend IPv6 address which appears in the first segment of
   SRH or DA of inner IPv6 header of the echo packet, it should be an
   IPv6 address belonging to the headend and can be routed. An
   implementation may use the source address associated with the SRv6
   Policy. Or, particular addresses may be allocated per SRv6 Policy by

   local configuration, in order to distinguish the BFD echo packets
   for different SRv6 Policies.

4. Checksum in UDP Header

   The computation of Checksum in UDP header includes the Destination
   Address of IPv6 header.

   In the encapsulation of transport mode, the IPv6 DA may change along
   the SRv6 forwarding path. When computing the UDP Checksum, the
   headend should use the first segment in the SRH as the IPv6 DA. It
   is consistent with the packet received by the final destination, the
   tail-end node for control packet or the headend node for echo
   packet. So, when the final destination processes the UDP header, the
   verification of Checksum will be passed.

   In the encapsulation of transport mode, the computation of UDP
   Checksum only involves the inner IPv6 header, which does not change
   en route. No additional action needs to be taken.

5. Control of Inserting Additional IPv6 Address in SRH

   An implementation may have local configurations to control whether
   to insert a headend or tail-end IPv6 address as the first segment in
   the SRH. Or, an implementation may always insert additional IPv6

6. Example

   In the following network, the headend A installs an SRv6 Policy to
   tail-end D with the segment list <SID-A1, SID-B1, SID-C1, SID-D2>.
   SID-A1, SID-B1 and SID-C1 are all SRv6 End.X SIDs.


   Figure 7: example network

   Assume that A uses SBFD to monitor that SRv6 Policy. A may send S-
   BFD control packet in transport mode, as shown in Figure 8.

   +=================+                      +=================+
   | IPv6 Header     |                      | IPv6 Header     |
   +-----------------+                      +-----------------+
   | SA=A's Addr     |                      | SA=A's Addr     |
   | DA=SID-B1       |                      | DA=D's Addr     |
   +=================+                      +=================+
   | SRH             |                      | SRH             |
   +-----------------+                      +-----------------+
   | SL=2            |                      | SL=0            |
   | Seg[0]=D's Addr |                      | Seg[0]=D's Addr |
   | Seg[1]=SID-C1   |                      | Seg[1]=SID-C1   |
   | Seg[2]=SID-B1   |                      | Seg[2]=SID-B1   |
   | Seg[3]=SID-A1   |                      | Seg[3]=SID-A1   |
   +=================+                      +=================+
   | UDP-header      |                      | UDP-header      |
   +=================+                      +=================+
   | SBFD-payload    |                      | SBFD-payload    |
   +=================+                      +=================+

   Figure 8: Example of S-BFD Control Packet in Transport Mode

   Assume that A uses U-BFD to monitor that SRv6 Policy. A may send U-
   BFD echo packet in tunnel mode, as shown in Figure 9.

   +=================+                      +=================+
   | IPv6 Header     |                      | IPv6 Header     |
   +-----------------+                      +-----------------+
   | SA=A's Addr     |                      | SA=A's Addr     |
   | DA=SID-B1       |                      | DA=D's Addr     |
   +=================+                      +=================+
   | SRH             |                      | SRH             |
   +-----------------+                      +-----------------+
   | SL=2            |                      | SL=0            |
   | Seg[0]=D's Addr |                      | Seg[0]=D's Addr |
   | Seg[1]=SID-C1   |                      | Seg[1]=SID-C1   |
   | Seg[2]=SID-B1   |                      | Seg[2]=SID-B1   |
   | Seg[3]=SID-A1   |                      | Seg[3]=SID-A1   |
   +=================+                      +=================+
   | IPv6 Header     |                      | IPv6 Header     |
   +-----------------+                      +-----------------+
   | SA=A's Addr     |                      | SA=A's Addr     |
   | DA=A's Addr     |                      | DA=A's Addr     |
   +=================+                      +=================+
   | UDP-header      |                      | UDP-header      |
   +=================+                      +=================+
   | SBFD-payload    |                      | SBFD-payload    |
   +=================+                      +=================+
            -------------> ------------> ---------->
           A              B             C           D
            <------------- <------------ <----------
   +=================+                      +=================+
   | IPv6 Header     |                      | IPv6 Header     |
   +-----------------+                      +-----------------+
   | SA=A's Addr     |                      | SA=A's Addr     |
   | DA=A's Addr     |                      | DA=A's Addr     |
   +=================+                      +=================+
   | UDP-header      |                      | UDP-header      |
   +=================+                      +=================+
   | SBFD-payload    |                      | SBFD-payload    |
   +=================+                      +=================+

   Figure 9: Example of U-BFD Echo Packet in Tunnel Mode

7. Security Considerations


8. IANA Considerations

   This document has no IANA actions.

Authors' Addresses

   Yisong Liu
   China Mobile

   Weiqiang Cheng
   China Mobile

   Changwang Lin
   New H3C Technologies

   Mengxiao Chen
   New H3C Technologies

   Min Xiao
   ZTE Corp.

