Signaling Maximum SID Depth (MSD) Using the Border Gateway Protocol - Link StateApstra, Inc.jefftant.ietf@gmail.comFuturewei Technologiesumac.ietf@gmail.comCisco Systemsketant@cisco.comZTE Corp.gregimirsky@gmail.comAmazon Web Servicesnikost@amazon.com
Routing
IDR Working GroupBGP-LSSIDMSDSRThis document defines a way for a Border Gateway Protocol - Link State
(BGP-LS) speaker to advertise multiple types of supported Maximum SID
Depths (MSDs) at node and/or link granularity.Such advertisements allow entities (e.g., centralized controllers) to
determine whether a particular Segment Identifier (SID) stack can be
supported in a given network.Status of This Memo
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by
the Internet Engineering Steering Group (IESG). Further
information on Internet Standards is available in Section 2 of
RFC 7841.
Information about the current status of this document, any
errata, and how to provide feedback on it may be obtained at
.
Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
() in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this
document must include Simplified BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Simplified BSD License.
Table of Contents
. Introduction
. Conventions Used in This Document
. Terminology
. Requirements Language
. Advertisement of MSD via BGP-LS
. Node MSD TLV
. Link MSD TLV
. IANA Considerations
. Manageability Considerations
. Security Considerations
. References
. Normative References
. Informative References
Acknowledgements
Contributors
Authors' Addresses
IntroductionWhen Segment Routing (SR) paths are computed
by a centralized controller, it is critical that the controller learns
the Maximum SID Depth (MSD) that can be imposed at each node/link on a
given SR path. This ensures that the Segment Identifier (SID) stack
depth of a computed path doesn't exceed the number of SIDs the node is
capable of imposing. defines how to signal
MSD in the Path Computation Element Protocol (PCEP). The OSPF and IS-IS
extensions for the signaling of MSD are defined in
and , respectively.However, if PCEP is not supported/configured on the head-end of an SR
tunnel or a Binding-SID anchor node, and the controller does not participate
in IGP routing, it has no way of learning the MSD of nodes and links.
BGP-LS defines a way to expose topology and
associated attributes and capabilities of the nodes in that topology to
a centralized controller. This document defines extensions to BGP-LS to advertise one or more
types of MSDs at node and/or link granularity. Other types of MSDs are
known to be useful. For example, and define Entropy Readable Label Depth (ERLD), which is
used by a head-end to insert an Entropy Label (EL) at a depth that can
be read by transit nodes.In the future, it is expected that new MSD-Types will be defined to
signal additional capabilities, e.g., ELs, SIDs that can be imposed
through recirculation, or SIDs associated with another data plane such
as IPv6. MSD advertisements may be useful even if SR itself is not
enabled. For example, in a non-SR MPLS network, MSD defines the maximum
label depth.Conventions Used in This DocumentTerminology
MSD:
Maximum SID Depth - the number of SIDs supported by a node or a link on a node
PCE:
Path Computation Element
PCEP:
Path Computation Element Protocol
SID:
Segment Identifier as defined in
SR:
Segment Routing
Label Imposition:
Imposition is the act of modifying and/or
adding labels to the outgoing label stack associated with a packet.
This includes:
replacing the label at the top of the label stack with a new
label
pushing one or more new labels onto the label stack
The number of labels imposed is then the sum of the number of labels
that are replaced and the number of labels that are pushed. See
for further details.
Requirements LanguageThe key words "MUST", "MUST NOT",
"REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT",
"RECOMMENDED", "NOT RECOMMENDED",
"MAY", and "OPTIONAL" in this document
are to be interpreted as described in BCP 14 when,
and only when, they appear in all capitals, as shown here.Advertisement of MSD via BGP-LSThis document describes extensions that enable BGP-LS speakers to
signal the MSD capabilities of
nodes and their links in a network to a BGP-LS consumer of network
topology such as a centralized controller. The centralized controller
can leverage this information in computation of SR paths based on their
MSD capabilities. When a BGP-LS speaker is originating the topology
learnt via link-state routing protocols such as OSPF or IS-IS, the MSD
information for the nodes and their links is sourced from the underlying
extensions as defined in and
, respectively. The extensions introduced in this document allow for advertisement of
different MSD-Types, which are defined elsewhere and were introduced in .
This enables sharing of MSD-Types that may be defined in the future by the IGPs in BGP-LS. Node MSD TLVThe Node MSD () is encoded in a new Node Attribute TLV
to carry the provisioned SID depth of the router identified by the
corresponding Router-ID. Node MSD is the smallest MSD supported by the node
on the set of interfaces configured for use. MSD values may be learned via
a hardware API or may be provisioned. The following format is used:Where:
Type:
266
Length:
variable (multiple of 2); represents the total
length of
the value field in octets.
Value:
consists of one or more pairs of a 1-octet
MSD-Type and
1-octet MSD-Value.
MSD-Type:
one of the values defined in the "IGP
MSD-Types" registry defined in .
MSD-Value:
a number in the range of 0-255. For all
MSD-Types, 0 represents the lack of ability to impose an MSD stack
of any depth; any other value represents that of the node. This
value MUST represent the lowest value supported by
any link configured for use by the advertising protocol
instance.
Link MSD TLVThe Link MSD () is defined to
carry the MSD of the interface associated with the link.
It is encoded in a new Link Attribute TLV using the following format:Where:
Type:
267
Length:
variable (multiple of 2); represents the total
length of
the value field in octets.
Value:
consists of one or more pairs of a 1-octet
MSD-Type and
1-octet MSD-Value.
MSD-Type:
one of the values defined in
the "IGP MSD-Types" registry defined in .
MSD-Value:
a number in the range of 0-255. For all
MSD-Types, 0 represents the lack of ability to impose an MSD stack
of any depth; any other value represents that of the link when
used as an outgoing interface.
IANA ConsiderationsIANA has assigned code points from the registry
"BGP-LS Node Descriptor, Link Descriptor, Prefix Descriptor, and
Attribute TLVs" based on the table below.
BGP-LS MSD TLV Code Points
TLV Code Point
Description
IS-IS TLV/Sub-TLV
Reference
266
Node MSD
242/23
This document
267
Link MSD
(22,23,25,141,222,223)/15
This document
Manageability ConsiderationsThe new protocol extensions introduced in this document augment the
existing IGP topology information that is distributed via . Procedures and protocol extensions
defined in this document do not affect the BGP protocol operations and
management other than as discussed in Section Manageability
Considerations of . Specifically, the malformed attribute tests for
syntactic checks in Section Fault Management of now encompass the new BGP-LS
Attribute TLVs defined in this document. The semantic or content
checking for the TLVs specified in this document and their association
with the BGP-LS Network Layer Reachability Information (NLRI) types or their BGP-LS Attribute is left to the
consumer of the BGP-LS information (e.g., an application or a controller)
and not the BGP protocol.A consumer of the BGP-LS information retrieves this information over
a BGP-LS session (refer to Sections and of ).This document only introduces new Attribute TLVs, and any syntactic
error in them would result in the BGP-LS Attribute being discarded .
The MSD information introduced in BGP-LS by this
specification, may be used by BGP-LS consumer applications like an SR PCE
to learn the SR SID stack handling
capabilities of the nodes in the topology. This can enable the SR PCE to
perform path computations taking into consideration the size of SID
stack that the specific head-end node may be able to impose. Errors in
the encoding or decoding of the MSD information may result in the
unavailability of such information to the SR PCE, or incorrect
information being made available to it. This may result in the head-end
node not being able to instantiate the desired SR path in its forwarding
and provide the SR-based optimization functionality. The handling of
such errors by applications like SR PCE may be implementation specific
and out of scope of this document.
The extensions specified in this document do not specify
any new configuration or monitoring aspects in BGP or BGP-LS.
The specification of BGP models is an
ongoing work based on the .Security ConsiderationsThe advertisement of an incorrect MSD value may have negative
consequences. If the value is smaller than supported, path computation
may fail to compute a viable path. If the value is larger than
supported, an attempt to instantiate a path that can't be supported by
the head-end (the node performing the SID imposition) may occur. The
presence of this information may also inform an attacker of how to
induce any of the aforementioned conditions.The procedures and protocol extensions defined in this document do not
affect the BGP security model. See the "Security Considerations" Section of
for a discussion of BGP security.
Also, refer to and for analyses of security issues for BGP.
Security considerations for acquiring and distributing BGP-LS information are discussed in .
The TLVs introduced in this document are used to propagate the MSD IGP
extensions defined in and .
It is assumed that the IGP
instances originating these TLVs will support all the required security (as
described in and ) in order to prevent any security
issues when propagating the TLVs into BGP-LS.
The advertisement of the node and link attribute information defined in this
document presents no significant additional risk beyond that associated with the
existing node and link attribute information already supported in .
ReferencesNormative ReferencesKey words for use in RFCs to Indicate Requirement LevelsIn many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.North-Bound Distribution of Link-State and Traffic Engineering (TE) Information Using BGPIn a number of environments, a component external to a network is called upon to perform computations based on the network topology and current state of the connections within the network, including Traffic Engineering (TE) information. This is information typically distributed by IGP routing protocols within the network.This document describes a mechanism by which link-state and TE information can be collected from networks and shared with external components using the BGP routing protocol. This is achieved using a new BGP Network Layer Reachability Information (NLRI) encoding format. The mechanism is applicable to physical and virtual IGP links. The mechanism described is subject to policy control.Applications of this technique include Application-Layer Traffic Optimization (ALTO) servers and Path Computation Elements (PCEs).Ambiguity of Uppercase vs Lowercase in RFC 2119 Key WordsRFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.Signaling Maximum SID Depth (MSD) Using OSPFThis document defines a way for an Open Shortest Path First (OSPF) router to advertise multiple types of supported Maximum SID Depths (MSDs) at node and/or link granularity. Such advertisements allow entities (e.g., centralized controllers) to determine whether a particular Segment Identifier (SID) stack can be supported in a given network. This document only refers to the Signaling MSD as defined in RFC 8491, but it defines an encoding that can support other MSD types. Here, the term "OSPF" means both OSPFv2 and OSPFv3.Signaling Maximum SID Depth (MSD) Using IS-ISThis document defines a way for an Intermediate System to Intermediate System (IS-IS) router to advertise multiple types of supported Maximum SID Depths (MSDs) at node and/or link granularity. Such advertisements allow entities (e.g., centralized controllers) to determine whether a particular Segment ID (SID) stack can be supported in a given network. This document only defines one type of MSD: Base MPLS Imposition. However, it defines an encoding that can support other MSD types. This document focuses on MSD use in a network that is Segment Routing (SR) enabled, but MSD may also be useful when SR is not enabled.Informative ReferencesBGP YANG Model for Service Provider NetworksThis document defines a YANG data model for configuring and managing BGP, including protocol, policy, and operational aspects, such as RIB, based on data center, carrier and content provider operational requirements.Work in ProgressSignaling Entropy Label Capability and Entropy Readable Label Depth Using IS-ISMultiprotocol Label Switching (MPLS) has defined a mechanism to load- balance traffic flows using Entropy Labels (EL). An ingress Label Switching Router (LSR) cannot insert ELs for packets going into a given Label Switched Path (LSP) unless an egress LSR has indicated via signaling that it has the capability to process ELs, referred to as the Entropy Label Capability (ELC), on that LSP. In addition, it would be useful for ingress LSRs to know each LSR's capability for reading the maximum label stack depth and performing EL-based load- balancing, referred to as Entropy Readable Label Depth (ERLD). This document defines a mechanism to signal these two capabilities using IS-IS and BGP-LS.Work in ProgressSignaling Entropy Label Capability and Entropy Readable Label Depth Using OSPFMultiprotocol Label Switching (MPLS) has defined a mechanism to load- balance traffic flows using Entropy Labels (EL). An ingress Label Switching Router (LSR) cannot insert ELs for packets going into a given Label Switched Path (LSP) unless an egress LSR has indicated via signaling that it has the capability to process ELs, referred to as the Entropy Label Capability (ELC), on that LSP. In addition, it would be useful for ingress LSRs to know each LSR's capability for reading the maximum label stack depth and performing EL-based load- balancing, referred to as Entropy Readable Label Depth (ERLD). This document defines a mechanism to signal these two capabilities using OSPFv2 and OSPFv3 and BGP-LS.Work in ProgressMultiprotocol Label Switching ArchitectureThis document specifies the architecture for Multiprotocol Label Switching (MPLS). [STANDARDS-TRACK]A Border Gateway Protocol 4 (BGP-4)This document discusses the Border Gateway Protocol (BGP), which is an inter-Autonomous System routing protocol.The primary function of a BGP speaking system is to exchange network reachability information with other BGP systems. This network reachability information includes information on the list of Autonomous Systems (ASes) that reachability information traverses. This information is sufficient for constructing a graph of AS connectivity for this reachability from which routing loops may be pruned, and, at the AS level, some policy decisions may be enforced.BGP-4 provides a set of mechanisms for supporting Classless Inter-Domain Routing (CIDR). These mechanisms include support for advertising a set of destinations as an IP prefix, and eliminating the concept of network "class" within BGP. BGP-4 also introduces mechanisms that allow aggregation of routes, including aggregation of AS paths.This document obsoletes RFC 1771. [STANDARDS-TRACK]BGP Security Vulnerabilities AnalysisBorder Gateway Protocol 4 (BGP-4), along with a host of other infrastructure protocols designed before the Internet environment became perilous, was originally designed with little consideration for protection of the information it carries. There are no mechanisms internal to BGP that protect against attacks that modify, delete, forge, or replay data, any of which has the potential to disrupt overall network routing behavior.This document discusses some of the security issues with BGP routing data dissemination. This document does not discuss security issues with forwarding of packets. This memo provides information for the Internet community.Analysis of BGP, LDP, PCEP, and MSDP Issues According to the Keying and Authentication for Routing Protocols (KARP) Design GuideThis document analyzes TCP-based routing protocols, the Border Gateway Protocol (BGP), the Label Distribution Protocol (LDP), the Path Computation Element Communication Protocol (PCEP), and the Multicast Source Distribution Protocol (MSDP), according to guidelines set forth in Section 4.2 of "Keying and Authentication for Routing Protocols Design Guidelines", RFC 6518.Segment Routing ArchitectureSegment Routing (SR) leverages the source routing paradigm. A node steers a packet through an ordered list of instructions, called "segments". A segment can represent any instruction, topological or service based. A segment can have a semantic local to an SR node or global within an SR domain. SR provides a mechanism that allows a flow to be restricted to a specific topological path, while maintaining per-flow state only at the ingress node(s) to the SR domain.SR can be directly applied to the MPLS architecture with no change to the forwarding plane. A segment is encoded as an MPLS label. An ordered list of segments is encoded as a stack of labels. The segment to process is on the top of the stack. Upon completion of a segment, the related label is popped from the stack.SR can be applied to the IPv6 architecture, with a new type of routing header. A segment is encoded as an IPv6 address. An ordered list of segments is encoded as an ordered list of IPv6 addresses in the routing header. The active segment is indicated by the Destination Address (DA) of the packet. The next active segment is indicated by a pointer in the new routing header.Path Computation Element Communication Protocol (PCEP) Extensions for Segment RoutingSegment Routing (SR) enables any head-end node to select any path without relying on a hop-by-hop signaling technique (e.g., LDP or RSVP-TE). It depends only on "segments" that are advertised by link-state Interior Gateway Protocols (IGPs). An SR path can be derived from a variety of mechanisms, including an IGP Shortest Path Tree (SPT), an explicit configuration, or a Path Computation Element (PCE). This document specifies extensions to the Path Computation Element Communication Protocol (PCEP) that allow a stateful PCE to compute and initiate Traffic-Engineering (TE) paths, as well as a Path Computation Client (PCC) to request a path subject to certain constraints and optimization criteria in SR networks.This document updates RFC 8408.AcknowledgementsWe would like to thank , , ,
and for their reviews and valuable
comments.ContributorsCisco Systems Inc.Canadamsiva@cisco.comAuthors' AddressesApstra, Inc.jefftant.ietf@gmail.comFuturewei Technologiesumac.ietf@gmail.comCisco Systemsketant@cisco.comZTE Corp.gregimirsky@gmail.comAmazon Web Servicesnikost@amazon.com