rfc8754xml2.original.xml   rfc8754.xml 
<?xml version="1.0" encoding="US-ASCII"?> <?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd">
<?rfc toc="yes"?>
<?rfc tocompact="yes"?>
<?rfc tocdepth="3"?>
<?rfc tocindent="yes"?>
<?rfc symrefs="yes"?>
<?rfc sortrefs="yes"?>
<?rfc comments="yes"?>
<?rfc inline="yes"?>
<?rfc compact="yes"?>
<?rfc subcompact="no"?>
<rfc category="std" docName="draft-ietf-6man-segment-routing-header-26"
ipr="trust200902">
<front>
<title abbrev="IPv6 Segment Routing Header (SRH)">IPv6 Segment Routing
Header (SRH)</title>
<author fullname="Clarence Filsfils" initials="C." role="editor" <!DOCTYPE rfc SYSTEM "rfc2629-xhtml.ent">
surname="Filsfils">
<organization>Cisco Systems, Inc.</organization>
<rfc xmlns:xi="http://www.w3.org/2001/XInclude" category="std"
consensus="true" docName="draft-ietf-6man-segment-routing-header-26"
number="8754" ipr="trust200902" obsoletes="" updates=""
submissionType="IETF" xml:lang="en" tocInclude="true" tocDepth="3"
symRefs="true" sortRefs="true" version="3">
<!-- xml2rfc v2v3 conversion 2.35.0 -->
<front>
<title abbrev="IPv6 Segment Routing Header (SRH)">IPv6 Segment Routing Heade
r (SRH)</title>
<seriesInfo name="RFC" value="8754" />
<author fullname="Clarence Filsfils" initials="C." role="editor" surname="Fi
lsfils">
<organization>Cisco Systems, Inc.</organization>
<address> <address>
<postal> <postal>
<street/> <street/>
<city>Brussels</city> <city>Brussels</city>
<region/> <region/>
<code/> <code/>
<country>BE</country> <country>BE</country>
</postal> </postal>
<email>cfilsfil@cisco.com</email> <email>cfilsfil@cisco.com</email>
</address> </address>
</author> </author>
<author fullname="Darren Dukes" initials="D." role="editor" surname="Dukes">
<author fullname="Darren Dukes" initials="D." role="editor"
surname="Dukes">
<organization>Cisco Systems, Inc.</organization> <organization>Cisco Systems, Inc.</organization>
<address> <address>
<postal> <postal>
<street/> <street/>
<city>Ottawa</city> <city>Ottawa</city>
<region/> <region/>
<code/> <code/>
<country>CA</country> <country>CA</country>
</postal> </postal>
<email>ddukes@cisco.com</email> <email>ddukes@cisco.com</email>
</address> </address>
</author> </author>
<author fullname="Stefano Previdi" initials="S." surname="Previdi"> <author fullname="Stefano Previdi" initials="S." surname="Previdi">
<organization>Huawei</organization> <organization>Huawei</organization>
<address> <address>
<postal> <postal>
<street/> <street/>
<city/> <city/>
<code/> <code/>
<country>Italy</country> <country>Italy</country>
</postal> </postal>
<email>stefano@previdi.net</email> <email>stefano@previdi.net</email>
</address> </address>
</author> </author>
<author fullname="John Leddy" initials="J." surname="Leddy"> <author fullname="John Leddy" initials="J." surname="Leddy">
<organization>Individual</organization> <organization>Individual</organization>
<address> <address>
<postal> <postal>
<street/> <street/>
<city/> <city/>
<region/> <region/>
<code/> <code/>
<country>US</country> <country>US</country>
</postal> </postal>
<email>john@leddy.net</email> <email>john@leddy.net</email>
</address> </address>
</author> </author>
<author fullname="Satoru Matsushima" initials="S." surname="Matsushima"> <author fullname="Satoru Matsushima" initials="S." surname="Matsushima">
<organization>Softbank</organization> <organization>SoftBank</organization>
<address> <address>
<email>satoru.matsushima@g.softbank.co.jp</email> <email>satoru.matsushima@g.softbank.co.jp</email>
</address> </address>
</author> </author>
<author fullname="Daniel Voyer" initials="D." surname="Voyer"> <author fullname="Daniel Voyer" initials="D." surname="Voyer">
<organization>Bell Canada</organization> <organization>Bell Canada</organization>
<address> <address>
<email>daniel.voyer@bell.ca</email> <email>daniel.voyer@bell.ca</email>
</address> </address>
</author> </author>
<date year="2020" month="March"/>
<date year="2019"/>
<workgroup>Network Working Group</workgroup> <workgroup>Network Working Group</workgroup>
<keyword>SRv6</keyword>
<keyword>source-routing</keyword>
<keyword>network-programming</keyword>
<abstract> <abstract>
<t>Segment Routing can be applied to the IPv6 data plane using a new <t>Segment Routing can be applied to the IPv6 data plane using a new
type of Routing Extension Header called the Segment Routing Header. This type of Routing Extension Header called the Segment Routing Header (SRH).
document describes the Segment Routing Header and how it is used by This
Segment Routing capable nodes.</t> document describes the SRH and how it is used by nodes that are
Segment Routing (SR) capable.</t>
</abstract> </abstract>
</front> </front>
<middle> <middle>
<section anchor="INTRO" title="Introduction"> <section anchor="INTRO" numbered="true" toc="default">
<t>Segment Routing can be applied to the IPv6 data plane using a new <name>Introduction</name>
type of Routing Header called the Segment Routing Header. This document <t>Segment Routing (SR) can be applied to the IPv6 data plane using a new
describes the Segment Routing Header and how it is used by Segment type of routing header called the Segment Routing Header (SRH). This docum
Routing capable nodes.</t> ent
describes the SRH and how it is used by nodes that are SR capable.</t>
<t>The Segment Routing Architecture <xref target="RFC8402"/> describes <t>"Segment Routing Architecture" <xref target="RFC8402" format="default"/
Segment Routing and its instantiation in two data planes; MPLS and > describes
Segment Routing and its instantiation in two data planes: MPLS and
IPv6.</t> IPv6.</t>
<t>The encoding of IPv6 segments in the SRH is
<t>The encoding of IPv6 segments in the Segment Routing Header is
defined in this document.</t> defined in this document.</t>
<section anchor="TERMS" numbered="true" toc="default">
<name>Terminology</name>
<t>This document uses the terms Segment Routing (SR), SR domain, SR over
IPv6 (SRv6), Segment Identifier (SID), SRv6 SID, Active Segment, and SR Po
licy as defined in
<xref target="RFC8402" format="default"/>.</t></section>
<section numbered="true" toc="default">
<name>Requirements Language</name>
<t>
The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>",
"<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL
NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>",
"<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>",
"<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are to
be interpreted as
described in BCP&nbsp;14 <xref target="RFC2119"/> <xref target="RFC8174"/>
when, and only when, they appear in all capitals, as shown here.
</t>
<t>This document uses the terms Segment Routing, SR Domain, SRv6,
Segment ID (SID), SRv6 SID, Active Segment, and SR Policy as defined in
<xref target="RFC8402"/>.</t>
<section title="Requirements Language">
<t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only
when, they appear in all capitals, as shown here.</t>
</section> </section>
</section> </section>
<section anchor="SRH" numbered="true" toc="default">
<section anchor="SRH" title="Segment Routing Header"> <name>Segment Routing Header</name>
<t>Routing Headers are defined in <xref target="RFC8200"/>. The Segment <t>Routing headers are defined in <xref target="RFC8200" format="default"/
Routing Header has a new Routing Type (suggested value 4) to be assigned >. The Segment
by IANA.</t> Routing Header (SRH) has a new Routing Type (4).</t>
<t>The SRH is defined as follows:</t>
<t>The Segment Routing Header (SRH) is defined as follows:<figure <artwork name="" type="" align="left" alt=""><![CDATA[
align="left" anchor="SRHFIG" suppress-title="true">
<artwork>
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Next Header | Hdr Ext Len | Routing Type | Segments Left | | Next Header | Hdr Ext Len | Routing Type | Segments Left |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Last Entry | Flags | Tag | | Last Entry | Flags | Tag |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
| Segment List[0] (128 bits IPv6 address) | | Segment List[0] (128-bit IPv6 address) |
| | | |
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
| | | |
... ...
| | | |
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
| Segment List[n] (128 bits IPv6 address) | | Segment List[n] (128-bit IPv6 address) |
| | | |
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// // // //
// Optional Type Length Value objects (variable) // // Optional Type Length Value objects (variable) //
// // // //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
]]></artwork>
<t>where:</t>
<dl spacing="normal">
<dt>Next Header:</dt><dd>Defined in <xref target="RFC8200"
sectionFormat="comma" section="4.4"/>.</dd>
<dt>Hdr Ext Len:</dt><dd>Defined in <xref target="RFC8200" sectionFormat
="comma" section="4.4"/>.</dd>
<dt>Routing Type:</dt><dd>4.</dd>
<dt>Segments Left:</dt><dd>Defined in <xref target="RFC8200"
sectionFormat="comma" section="4.4"/>.</dd>
<dt>Last Entry:</dt><dd>contains the index (zero based), in the Segment
List,
of the last element of the Segment List.</dd>
where:</artwork> <dt>Flags:</dt><dd>8 bits of flags. <xref target="SRHFLAGSREG" format=
</figure><list style="symbols"> "default"/> creates an
<t>Next Header: Defined in <xref target="RFC8200"/> Section 4.4</t>
<t>Hdr Ext Len: Defined in <xref target="RFC8200"/> Section 4.4</t>
<t>Routing Type: TBD, to be assigned by IANA (suggested value:
4).</t>
<t>Segments Left: Defined in <xref target="RFC8200"/> Section
4.4</t>
<t>Last Entry: contains the index (zero based), in the Segment List,
of the last element of the Segment List.</t>
<t>Flags: 8 bits of flags. <xref target="SRHFLAGSREG"/> creates an
IANA registry for new flags to be defined. The following flags are IANA registry for new flags to be defined. The following flags are
defined:<figure align="left" anchor="SRHFLAGS" suppress-title="true"> defined:</dd></dl>
<artwork align="left"> <artwork align="left" name="" type="" alt=""><![CDATA[
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
|U U U U U U U U| |U U U U U U U U|
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
</artwork> ]]></artwork>
</figure><list style="hanging"> <dl newline="false" spacing="normal">
<t>U: Unused and for future use. MUST be 0 on transmission and <dt/>
ignored on receipt.</t> <dd>U: Unused and for future use. <bcp14>MUST</bcp14> be 0 on transm
</list></t> ission and
ignored on receipt.</dd>
<t>Tag: tag a packet as part of a class or group of packets, e.g., </dl>
packets sharing the same set of properties. When tag is not used at <dl spacing="normal">
source it MUST be set to zero on transmission. When tag is not used <dt>Tag:</dt><dd>Tag a packet as part of a class or group of packets --
during SRH Processing it SHOULD be ignored. Tag is not used when e.g.,
processing the SID defined in <xref target="pktENDSID"/>. It may be packets sharing the same set of properties. When Tag is not used at th
e
source, it <bcp14>MUST</bcp14> be set to zero on transmission. When
Tag is not used during SRH processing, it <bcp14>SHOULD</bcp14> be
ignored. Tag is not used when
processing the SID defined in <xref target="pktENDSID" format="default
"/>. It may be
used when processing other SIDs that are not defined in this used when processing other SIDs that are not defined in this
document. The allocation and use of tag is outside the scope of this document. The allocation and use of tag is outside the scope of this
document.</t> document.</dd>
<t>Segment List[n]: 128 bit IPv6 addresses representing the nth <dt>Segment List[0..n]:</dt><dd>128-bit IPv6 addresses representing the nth
segment in the Segment List. The Segment List is encoded starting segment in the Segment List. The Segment List is encoded starting
from the last segment of the SR Policy. I.e., the first element of from the last segment of the SR Policy. That is, the first element of
the segment list (Segment List [0]) contains the last segment of the the Segment List (Segment List[0]) contains the last segment of the
SR Policy, the second element contains the penultimate segment of SR Policy, the second element contains the penultimate segment of
the SR Policy and so on.</t> the SR Policy, and so on.</dd>
<dt>TLV:</dt><dd>Type Length Value (TLV) is described in <xref target="T
<t>Type Length Value (TLV) are described in <xref LVS"
target="TLVS"/>.</t> format="default"/>.</dd>
</list></t> </dl>
<t>In the SRH, the Next Header, Hdr Ext Len, Routing Type, and Segments <t>In the SRH, the Next Header, Hdr Ext Len, Routing Type, and Segments
Left fields are defined in Section 4.4 of <xref target="RFC8200"/>. Left fields are defined in <xref target="RFC8200"
sectionFormat="of" section="4.4"/>.
Based on the constraints in that section, Next Header, Header Ext Len, Based on the constraints in that section, Next Header, Header Ext Len,
and Routing Type are not mutable while Segments Left is mutable.</t> and Routing Type are not mutable while Segments Left is mutable.</t>
<t>The mutability of the TLV value is defined by the most significant <t>The mutability of the TLV value is defined by the most significant
bit in the type, as specified in <xref target="TLVS"/>.</t> bit in the type, as specified in <xref target="TLVS" format="default"/>.</
t>
<t><xref target="ENDSID"/> defines the mutability of the remaining <t><xref target="ENDSID" format="default"/> defines the mutability of the
remaining
fields in the SRH (Flags, Tag, Segment List) in the context of the SID fields in the SRH (Flags, Tag, Segment List) in the context of the SID
defined in this document.</t> defined in this document.</t>
<t>New SIDs defined in the future <bcp14>MUST</bcp14> specify the mutabili
<t>New SIDs defined in the future MUST specify the mutability properties ty properties
of the Flags, Tag, and Segment List and indicate how the HMAC TLV (<xref of the Flags, Tag, and Segment List and indicate how the Hashed Message
target="HMACTLV"/>) verification works. Note, that in effect these Authentication Code (HMAC) TLV (<xref target="HMACTLV"
format="default"/>) verification works. Note that, in effect, these
fields are mutable.</t> fields are mutable.</t>
<t>Consistent with the SR model, the source of the SRH
<t>Consistent with the source routing model, the source of the SRH always knows how to set the Segment List, Flags, Tag, and TLVs of the SRH
always knows how to set the segment list, Flags, Tag and TLVs of the SRH for use within the SR domain. How it achieves this is outside the scope
for use within the SR Domain. How it achieves this is outside the scope of this document but may be based on topology, available SIDs and their
of this document, but may be based on topology, available SIDs and their
mutability properties, the SRH mutability requirements of the mutability properties, the SRH mutability requirements of the
destination, or any other information.</t> destination, or any other information.</t>
<section anchor="TLVS" numbered="true" toc="default">
<section anchor="TLVS" title="SRH TLVs"> <name>SRH TLVs</name>
<t>This section defines TLVs of the Segment Routing Header.</t> <t>This section defines TLVs of the Segment Routing Header.</t>
<t>A TLV provides meta-data for segment processing. The only TLVs <t>A TLV provides metadata for segment processing. The only TLVs
defined in this document are the HMAC (<xref target="HMACTLV"/>) and defined in this document are the HMAC (<xref target="HMACTLV" format="de
PAD (<xref target="PADDINGTLV"/>) TLVs. While processing the SID fault"/>) and
defined in <xref target="pktENDSID"/>, all TLVs are ignored unless padding TLVs (<xref target="PADDINGTLV" format="default"/>). While proce
local configuration indicates otherwise (<xref target="TLVPROCESS"/>). ssing the SID
Thus, TLV and HMAC support is optional for any implementation, defined in <xref target="pktENDSID" format="default"/>, all TLVs are ign
however, an implementation adding or parsing TLVs MUST support PAD ored unless
local configuration indicates otherwise (<xref target="TLVPROCESS" forma
t="default"/>).
Thus, TLV and HMAC support is optional for any implementation;
however, an implementation adding or parsing TLVs <bcp14>MUST</bcp14> su
pport PAD
TLVs. Other documents may define additional TLVs and processing rules TLVs. Other documents may define additional TLVs and processing rules
for them.</t> for them.</t>
<t>TLVs are present when the Hdr Ext Len is greater than (Last <t>TLVs are present when the Hdr Ext Len is greater than (Last
Entry+1)*2.</t> Entry+1)*2.</t>
<t>While processing TLVs at a segment endpoint, TLVs <bcp14>MUST</bcp14>
<t>While processing TLVs at a segment endpoint, TLVs MUST be fully be fully
contained within the SRH as determined by the Hdr Ext Len. Detection contained within the SRH as determined by the Hdr Ext
Len.&nbsp; Detection
of TLVs exceeding the boundary of the SRH Hdr Ext Len results in an of TLVs exceeding the boundary of the SRH Hdr Ext Len results in an
ICMP Parameter Problem, Code 0, message to the Source Address, ICMP Parameter Problem, Code 0, message to the Source Address,
pointing to the Hdr Ext Len field of the SRH, and the packet being pointing to the Hdr Ext Len field of the SRH, and the packet being
discarded.</t> discarded.</t>
<t>An implementation <bcp14>MAY</bcp14> limit the number and/or length o
<t>An implementation MAY limit the number and/or length of TLVs it f TLVs it
processes based on local configuration. It MAY:<list style="symbols"> processes based on local configuration. It <bcp14>MAY</bcp14> limit:</t>
<t>Limit the number of consecutive Pad1 (<xref target="PAD1"/>) <ul spacing="normal">
<li>the number of consecutive Pad1 (<xref target="PAD1" format="defaul
t"/>)
options to 1. If padding of more than one byte is required, then options to 1. If padding of more than one byte is required, then
PadN (<xref target="PADN"/>) should be used.</t> PadN (<xref target="PADN" format="default"/>) should be used.</li>
<li>The length in PadN to 5.</li>
<t>Limit the length in PadN to 5.</t> <li>The maximum number of non-Pad TLVs to be processed.</li>
<li>The maximum length of all TLVs to be processed.</li>
<t>Limit the maximum number of non-Pad TLVs to be processed.</t> </ul>
<t> The implementation <bcp14>MAY</bcp14> stop processing additional TLV
<t>Limit the maximum length of all TLVs to be processed.</t> s in
</list> The implementation MAY stop processing additional TLVs in
the SRH when these configured limits are exceeded.</t> the SRH when these configured limits are exceeded.</t>
<artwork name="" type="" align="left" alt=""><![CDATA[
<figure>
<artwork>
0 1 0 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+----------------------- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-----------------------
| Type | Length | Variable length data | Type | Length | Variable-length data
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+----------------------- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-----------------------
</artwork> ]]></artwork><dl spacing="normal">
</figure> <dt>Type:</dt><dd>An 8-bit codepoint from the &quot;Segment Routing Head
er TLVs&quot; <xref target="IANA-SRHTLV" format="default"/>.
<t>Type: An 8 bit codepoint from Segment Routing Header TLVs Registry
TBD IANA Reference. Unrecognized Types MUST be ignored on receipt.</t>
<t>Length: The length of the Variable length data in bytes.</t>
<t>Variable length data: Length bytes of data that is specific to the Unrecognized Types <bcp14>MUST</bcp14> be ignored on receipt.</dd>
Type.</t> <dt>Length:</dt><dd>The length of the variable-length data field in byte
s.</dd>
<t>Type Length Value (TLV) entries contain OPTIONAL information that <dt>Variable-length data:</dt><dd>data that is specific to the
Type.</dd></dl>
<t>Type Length Value (TLV) entries contain <bcp14>OPTIONAL</bcp14> infor
mation that
may be used by the node identified in the Destination Address (DA) of may be used by the node identified in the Destination Address (DA) of
the packet.</t> the packet.</t>
<t>Each TLV has its own length, format, and semantic. The codepoint
<t>Each TLV has its own length, format and semantic. The codepoint
allocated (by IANA) to each TLV Type defines both the format and the allocated (by IANA) to each TLV Type defines both the format and the
semantic of the information carried in the TLV. Multiple TLVs may be semantic of the information carried in the TLV. Multiple TLVs may be
encoded in the same SRH.</t> encoded in the same SRH.</t>
<t>The highest-order bit of the TLV type (bit 0) specifies whether or <t>The highest-order bit of the TLV type (bit 0) specifies whether or
not the TLV data of that type can change en route to the packet's not the TLV data of that type can change en route to the packet's
final destination: <list> final destination: </t>
<t>0: TLV data does not change en route</t> <ul empty="true" spacing="normal">
<li>0: TLV data does not change en route</li>
<t>1: TLV data does change en route</t> <li>1: TLV data does change en route</li>
</list></t> </ul>
<t>All TLVs specify their alignment requirements using an xn+y format. <t>All TLVs specify their alignment requirements using an xn+y format.
The xn+y format is defined as per <xref target="RFC8200"/>. The SR The xn+y format is defined as per <xref target="RFC8200" format="default
Source nodes use the xn+y alignment requirements of TLVs and Padding "/>. The SR
source nodes use the xn+y alignment requirements of TLVs and Padding
TLVs when constructing an SRH.</t> TLVs when constructing an SRH.</t>
<t>The Length field of the TLV is used to skip the TLV while
<t>The "Length" field of the TLV is used to skip the TLV while
inspecting the SRH in case the node doesn't support or recognize the inspecting the SRH in case the node doesn't support or recognize the
Type. The "Length" defines the TLV length in octets, not including the Type. The Length defines the TLV length in octets, not including the
"Type" and "Length" fields.</t> Type and Length fields.</t>
<t>The following TLVs are defined in this document:</t>
<t>The following TLVs are defined in this document:<list> <ul empty="true" spacing="normal">
<t>Padding TLVs</t> <li>Padding TLVs</li>
<li>HMAC TLV</li>
<t>HMAC TLV</t> </ul>
</list></t>
<t>Additional TLVs may be defined in the future.</t> <t>Additional TLVs may be defined in the future.</t>
<section anchor="PADDINGTLV" numbered="true" toc="default">
<section anchor="PADDINGTLV" title="Padding TLVs"> <name>Padding TLVs</name>
<t>There are two types of Padding TLVs, pad1 and padN, the following <t>There are two types of Padding TLVs, Pad1 and PadN, and the followi
applies to both:<list> ng
<t>Padding TLVs are used for meeting the alignment requirement applies to both:</t>
of the subsequent TLVs.</t> <ul empty="true" spacing="normal">
<li>Padding TLVs are used for meeting the alignment requirement
<t>Padding TLVs are used to pad the SRH to a multiple of 8 of the subsequent TLVs.</li>
octets.</t> <li>Padding TLVs are used to pad the SRH to a multiple of 8
octets.</li>
<t>Padding TLVs are ignored by a node processing the SRH <li>Padding TLVs are ignored by a node processing the SRH
TLV.</t> TLV.</li>
<li>Multiple Padding TLVs <bcp14>MAY</bcp14> be used in one SRH.</li
<t>Multiple Padding TLVs MAY be used in one SRH</t> >
</list></t> </ul>
<section anchor="PAD1" numbered="true" toc="default">
<section anchor="PAD1" title="PAD1"> <name>Pad1</name>
<t>Alignment requirement: none</t> <t>Alignment requirement: none</t>
<artwork name="" type="" align="left" alt=""><![CDATA[
<figure>
<artwork>
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
| Type | | Type |
+-+-+-+-+-+-+-+-+</artwork> +-+-+-+-+-+-+-+-+]]></artwork>
</figure> <dl spacing="normal">
<dt>Type:</dt><dd>0</dd>
<t><list> </dl>
<t>Type: to be assigned by IANA (Suggested value 0)</t> <t>A single Pad1 TLV <bcp14>MUST</bcp14> be used when a single byte
</list></t> of padding is
required. A Pad1 TLV <bcp14>MUST NOT</bcp14> be used if more than on
<t>A single Pad1 TLV MUST be used when a single byte of padding is e consecutive
required. A Pad1 TLV MUST NOT be used if more than one consecutive
byte of padding is required.</t> byte of padding is required.</t>
</section> </section>
<section anchor="PADN" numbered="true" toc="default">
<section anchor="PADN" title="PADN"> <name>PadN</name>
<t>Alignment requirement: none</t> <t>Alignment requirement: none</t>
<artwork name="" type="" align="left" alt=""><![CDATA[
<figure>
<artwork>
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Padding (variable) | | Type | Length | Padding (variable) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// Padding (variable) // // Padding (variable) //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+</artwork> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+]]></artwork>
</figure> <dl spacing="normal">
<dt>Type:</dt><dd>4</dd>
<t><list> <dt>Length:</dt><dd>0 to 5. The length of the Padding field in byt
<t>Type: to be assigned by IANA (suggested value 4).</t> es.</dd>
<t>Length: 0 to 5</t>
<t>Padding: Length octets of padding. Padding bits have no
semantic. They MUST be set to 0 on transmission and ignored on
receipt.</t>
</list></t>
<t>The PadN TLV MUST be used when more than one byte of padding is <dt>Padding:</dt><dd>Padding bits have no
semantic. They <bcp14>MUST</bcp14> be set to 0 on transmission a
nd ignored on
receipt.</dd>
</dl>
<t>The PadN TLV <bcp14>MUST</bcp14> be used when more than one byte
of padding is
required.</t> required.</t>
</section> </section>
</section> </section>
<section anchor="HMACTLV" numbered="true" toc="default">
<section anchor="HMACTLV" title="HMAC TLV"> <name>HMAC TLV</name>
<t>Alignment requirement: 8n</t> <t>Alignment requirement: 8n</t>
<t>The keyed Hashed Message Authentication Code (HMAC) TLV is <t>The keyed Hashed Message Authentication Code (HMAC) TLV is
OPTIONAL and has the following format:<figure> <bcp14>OPTIONAL</bcp14> and has the following format:</t>
<artwork> 0 1 2 <artwork name="" type="" align="left" alt=""><![CDATA[ 0
3 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length |D| RESERVED | | Type | Length |D| RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| HMAC Key ID (4 octets) | | HMAC Key ID (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| // | //
| HMAC (Variable) // | HMAC (variable) //
| // | //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:</artwork> where:]]></artwork>
</figure> <list style="symbols"> <dl spacing="normal">
<t>Type: to be assigned by IANA (suggested value 5).</t> <dt>Type:</dt><dd>5.</dd>
<dt>Length:</dt><dd>The length of the variable-length data in bytes.
<t>Length: The length of the variable length data in bytes.</t> </dd>
<dt>D:</dt><dd>1 bit. 1 indicates that the Destination Address verif
<t>D: 1 bit. 1 indicates the Destination Address verification is ication is
disabled due to use of reduced segment list, <xref disabled due to use of a reduced Segment List (see <xref
target="REDUCED"/>.</t> target="REDUCED" format="default"/>).</dd>
<dt>RESERVED:</dt><dd>15 bits. <bcp14>MUST</bcp14> be 0 on transmiss
<t>RESERVED: 15 bits. MUST be 0 on transmission.</t> ion.</dd>
<dt>HMAC Key ID:</dt><dd>A 4-octet opaque number that uniquely
<t>HMAC Key ID: A 4 octet opaque number which uniquely
identifies the pre-shared key and algorithm used to generate the identifies the pre-shared key and algorithm used to generate the
HMAC.</t> HMAC.</dd>
<dt>HMAC:</dt><dd>Keyed HMAC, in multiples of 8 octets, at most 32
<t>HMAC: Keyed HMAC, in multiples of 8 octets, at most 32 octets.</dd>
octets.</t> </dl>
</list></t>
<t>The HMAC TLV is used to verify that the SRH applied to a packet <t>The HMAC TLV is used to verify that the SRH applied to a packet
was selected by an authorized party, and to ensure that the segment was selected by an authorized party and to ensure that the segment
list is not modified after generation. This also allows for list is not modified after generation. This also allows for
verification that the current segment (by virtue of being in the verification that the current segment (by virtue of being in the
authorized segment list) is authorized for use. The SR Domain authorized Segment List) is authorized for use. The SR domain
ensures the source node is permitted to use the source address in ensures that the source node is permitted to use the source address in
the packet via ingress filtering mechanisms as defined in BCP 84 the packet via ingress filtering mechanisms as defined in BCP 84
<xref target="RFC3704"/>, or other strategies as appropriate.</t> <xref target="RFC3704" format="default"/> or other strategies as appro
priate.</t>
<section title="HMAC Generation and Verification"> <section numbered="true" toc="default">
<name>HMAC Generation and Verification</name>
<t>Local configuration determines when to check for an HMAC. This <t>Local configuration determines when to check for an HMAC. This
local configuration is outside the scope of this document. It may local configuration is outside the scope of this document. It may
be based on the active segment at an SR Segment endpoint node, the be based on the active segment at an SR Segment endpoint node, the
result of an ACL that considers incoming interface, HMAC Key ID, result of an Access Control List (ACL) that considers incoming inter face, HMAC Key ID,
or other packet fields.</t> or other packet fields.</t>
<t>An implementation that supports the generation and verification <t>An implementation that supports the generation and verification
of the HMAC supports the following default behavior, as of the HMAC supports the following default behavior, as
defined in the remainder of this section.</t> defined in the remainder of this section.</t>
<t>The HMAC verification begins by checking that the current segment
<t>The HMAC verification begins by checking the current segment is is
equal to the destination address of the IPv6 header. The check is equal to the destination address of the IPv6 header. The check is
successful when either<list style="symbols"> successful when either:</t>
<t>HMAC D bit is 1 and Segments Left is greater than Last <ul spacing="normal">
Entry.</t> <li>HMAC D bit is 1 and Segments Left is greater than Last
Entry, or</li>
<t>HMAC Segments Left is less than or equal to Last Entry and <li>HMAC Segments Left is less than or equal to Last Entry, and th
destination address is equal to Segment List [Segments e
Left].</t> destination address is equal to Segment List[Segments
</list></t> Left].</li>
</ul>
<t>The HMAC field is the output of the HMAC computation as defined <t>The HMAC field is the output of the HMAC computation as defined
in <xref target="RFC2104"/>, using:<list style="symbols"> in <xref target="RFC2104" format="default"/>, using:</t>
<t>key: the pre-shared key identified by HMAC Key ID</t> <ul spacing="normal">
<li>key: The pre-shared key identified by HMAC Key ID</li>
<t>HMAC algorithm: identified by the HMAC Key ID</t> <li>HMAC algorithm: Identified by the HMAC Key ID</li>
<li>
<t>Text: a concatenation of the following fields from the IPv6 <t>Text: A concatenation of the following fields from the IPv6
header and the SRH, as it would be received at the node header and the SRH, as it would be received at the node
verifying the HMAC:<list style="symbols"> verifying the HMAC:</t>
<t>IPv6 header: source address (16 octets)</t> <ul spacing="normal">
<li>IPv6 header: Source address (16 octets)</li>
<t>SRH: Last Entry (1 octet)</t> <li>SRH: Last Entry (1 octet)</li>
<li>SRH: Flags (1 octet)</li>
<t>SRH: Flags (1 octet)</t> <li>SRH: HMAC 16 bits following Length</li>
<li>SRH: HMAC Key ID (4 octets)</li>
<t>SRH: HMAC 16 bits following Length</t> <li>SRH: All addresses in the Segment List (variable
octets)</li>
<t>SRH: HMAC Key ID (4 octets)</t> </ul>
</li>
<t>SRH: all addresses in the Segment List (variable </ul>
octets)</t>
</list></t>
</list></t>
<t>The HMAC digest is truncated to 32 octets and placed in the <t>The HMAC digest is truncated to 32 octets and placed in the
HMAC field of the HMAC TLV.</t> HMAC field of the HMAC TLV.</t>
<t>For HMAC algorithms producing digests less than 32 octets long, t
<t>For HMAC algorithms producing digests less than 32 octets, the he
digest is placed in the lowest order octets of the HMAC field. digest is placed in the lowest-order octets of the HMAC field.
Subsequent octets MUST be set to zero such that the HMAC length is Subsequent octets <bcp14>MUST</bcp14> be set to zero such that the H
MAC length is
a multiple of 8 octets.</t> a multiple of 8 octets.</t>
<t>If HMAC verification is successful, processing proceeds as <t>If HMAC verification is successful, processing proceeds as
normal.</t> normal.</t>
<t>If HMAC verification fails, an ICMP error message (parameter <t>If HMAC verification fails, an ICMP error message (parameter
problem, error code 0, pointing to the HMAC TLV) SHOULD be problem, error code 0, pointing to the HMAC TLV) <bcp14>SHOULD</bcp1
generated (but rate limited) and SHOULD be logged and the packet 4> be
discarded.</t> generated (but rate limited) and logged, and the packet
<bcp14>SHOULD</bcp14> be discarded.</t>
</section> </section>
<section numbered="true" toc="default">
<section title="HMAC Pre-Shared Key Algorithm"> <name>HMAC Pre-shared Key Algorithm</name>
<t>The HMAC Key ID field allows for the simultaneous existence of <t>The HMAC Key ID field allows for the simultaneous existence of
several hash algorithms (SHA-256, SHA3-256 ... or future ones) as several hash algorithms (SHA-256, SHA3-256 ... or future ones) as
well as pre-shared keys.</t> well as pre-shared keys.</t>
<t>The HMAC Key ID field is opaque -- i.e., it has neither syntax
<t>The HMAC Key ID field is opaque, i.e., it has neither syntax
nor semantic except as an identifier of the right combination of nor semantic except as an identifier of the right combination of
pre-shared key and hash algorithm.</t> pre-shared key and hash algorithm.</t>
<t>At the HMAC TLV generating and verification nodes, the Key ID <t>At the HMAC TLV generating and verification nodes, the Key ID
uniquely identifies the pre-shared key and HMAC algorithm.</t> uniquely identifies the pre-shared key and HMAC algorithm.</t>
<t>At the HMAC TLV generating node, the Text for the HMAC <t>At the HMAC TLV generating node, the Text for the HMAC
computation is set to the IPv6 header fields and SRH fields as computation is set to the IPv6 header fields and SRH fields as
they would appear at the verification node(s), not necessarily the they would appear at the verification node(s), not necessarily the
same as the source node sending a packet with the HMAC TLV.</t> same as the source node sending a packet with the HMAC TLV.</t>
<t>Pre-Shared key rollover is supported by having two key IDs in
<t>Pre-shared key roll-over is supported by having two key IDs in
use while the HMAC TLV generating node and verifying node converge use while the HMAC TLV generating node and verifying node converge
to a new key.</t> to a new key.</t>
<t>The HMAC TLV generating node may need to revoke an SRH for <t>The HMAC TLV generating node may need to revoke an SRH for
which it previously generated an HMAC. Revocation is achieved by which it previously generated an HMAC. Revocation is achieved by
allocating a new key and key ID, then rolling over the key ID allocating a new key and key ID, then rolling over the key ID
associated with the SRH to be revoked. The HMAC TLV verifying node associated with the SRH to be revoked. The HMAC TLV verifying node
drops packets with the revoked SRH.</t> drops packets with the revoked SRH.</t>
<t>An implementation supporting HMAC can support multiple hash <t>An implementation supporting HMAC can support multiple hash
functions. An implementation supporting HMAC MUST implement SHA-2 functions. An implementation supporting HMAC <bcp14>MUST</bcp14> imp
<xref target="FIPS180-4"/> in its SHA-256 variant.</t> lement SHA-2
<xref target="FIPS180-4" format="default"/> in its SHA-256 variant.<
/t>
<t>The selection of pre-shared key and algorithm, and their <t>The selection of pre-shared key and algorithm and their
distribution is outside the scope of this document. Some options distribution is outside the scope of this document. Some options
may include: <list style="symbols"> may include: </t>
<t>in the configuration of the HMAC generating or verifying <ul spacing="normal">
nodes, either by static configuration or any SDN oriented
approach</t>
<t>dynamically using a trusted key distribution protocol such
as <xref target="RFC6407"/></t>
</list></t>
<li>setting these items in the configuration of the HMAC generatin
g or verifying
nodes, either by static configuration or any
SDN-oriented
approach</li>
<li>dynamically using a trusted key distribution protocol such
as <xref target="RFC6407" format="default"/></li>
</ul>
<t>While key management is outside the scope of this document, the <t>While key management is outside the scope of this document, the
recommendations of BCP 107 <xref target="RFC4107"/> should be recommendations of BCP 107 <xref target="RFC4107" format="default"/> should be
considered when choosing the key management system.</t> considered when choosing the key management system.</t>
</section> </section>
</section> </section>
</section> </section>
</section> </section>
<section anchor="SRNODES" numbered="true" toc="default">
<section anchor="SRNODES" title="SR Nodes"> <name>SR Nodes</name>
<t>There are different types of nodes that may be involved in segment <t>There are different types of nodes that may be involved in segment
routing networks: source SR nodes originate packets with a segment in routing networks: SR source nodes that originate packets with a segment in
the destination address of the IPv6 header, transit nodes that forward the destination address of the IPv6 header, transit nodes that forward
packets destined to a remote segment, and SR segment endpoint nodes that packets destined to a remote segment, and SR segment endpoint nodes that
process a local segment in the destination address of an IPv6 process a local segment in the destination address of an IPv6
header.</t> header.</t>
<section anchor="SOURCE" numbered="true" toc="default">
<section anchor="SOURCE" title="Source SR Node"> <name>SR Source Node</name>
<t>A Source SR Node is any node that originates an IPv6 packet with a <t>A SR source node is any node that originates an IPv6 packet with a
segment (i.e. SRv6 SID) in the destination address of the IPv6 header. segment (i.e., SRv6 SID) in the destination address of the IPv6 header.
The packet leaving the source SR Node may or may not contain an SRH. The packet leaving the SR source node may or may not contain an SRH.
This includes either: <list style="hanging"> This includes either: </t>
<t>A host originating an IPv6 packet.</t> <ul spacing="normal">
<li>A host originating an IPv6 packet, or</li>
<t>An SR domain ingress router encapsulating a received packet in <li>An SR domain ingress router encapsulating a received packet in
an outer IPv6 header, followed by an optional SRH.</t> an outer IPv6 header, followed by an optional SRH.</li>
</list></t> </ul>
<t>It is out of the scope of this document to describe the mechanism
<t>The mechanism through which a segment in the destination address of through which a segment in the destination address of
the IPv6 header and the Segment List in the SRH, is derived is outside the IPv6 header and the Segment List in the SRH are derived.</t>
the scope of this document.</t>
</section> </section>
<section anchor="TRANSIT" numbered="true" toc="default">
<section anchor="TRANSIT" title="Transit Node"> <name>Transit Node</name>
<t>A transit node is any node forwarding an IPv6 packet where the <t>A transit node is any node forwarding an IPv6 packet where the
destination address of that packet is not locally configured as a destination address of that packet is not locally configured as a
segment nor a local interface. A transit node is not required to be segment or a local interface. A transit node is not required to be
capable of processing a segment nor SRH.</t> capable of processing a segment or SRH.</t>
</section> </section>
<section numbered="true" toc="default">
<section title="SR Segment Endpoint Node"> <name>SR Segment Endpoint Node</name>
<t>A SR segment endpoint node is any node receiving an IPv6 packet <t>An SR segment endpoint node is any node receiving an IPv6 packet
where the destination address of that packet is locally configured as where the destination address of that packet is locally configured as
a segment or local interface.</t> a segment or local interface.</t>
</section> </section>
</section> </section>
<section anchor="PacketProcessing" numbered="true" toc="default">
<section anchor="PacketProcessing" title="Packet Processing"> <name>Packet Processing</name>
<t>This section describes SRv6 packet processing at the SR source, <t>This section describes SRv6 packet processing at the SR source,
Transit and SR segment endpoint nodes.</t> Transit, and SR segment endpoint nodes.</t>
<section anchor="pktSourceNode" numbered="true" toc="default">
<section anchor="pktSourceNode" title="Source SR Node"> <name>SR Source Node</name>
<t>A Source node steers a packet into an SR Policy. If the SR Policy <t>A source node steers a packet into an SR Policy. If the SR Policy
results in a segment list containing a single segment, and there is no results in a Segment List containing a single segment, and there is no
need to add information to the SRH flag or to add TLV, the DA is set need to add information to the SRH flag or add TLV; the DA is set
to the single segment list entry and the SRH MAY be omitted.</t> to the single Segment List entry, and the SRH <bcp14>MAY</bcp14> be omit
ted.</t>
<t>When needed, the SRH is created as follows:<list style="hanging"> <t>When needed, the SRH is created as follows:</t>
<t>Next Header and Hdr Ext Len fields are set as specified in <dl newline="false" spacing="normal">
<xref target="RFC8200"/>.</t> <dt/>
<dd>The Next Header and Hdr Ext Len fields are set as specified in
<t>Routing Type field is set as TBD (to be allocated by IANA, <xref target="RFC8200" format="default"/>.</dd>
suggested value 4).</t> <dt/>
<dd>The Routing Type field is set to 4.</dd>
<t>The DA of the packet is set with the value of the first <dt/>
segment.</t> <dd>The DA of the packet is set with the value of the first
segment.</dd>
<t>The first element of the SRH Segment List is the ultimate <dt/>
<dd>The first element of the SRH Segment List is the ultimate
segment. The second element is the penultimate segment, and so segment. The second element is the penultimate segment, and so
on.</t> on.</dd>
<dt/>
<t>The Segments Left field is set to n-1 where n is the number of <dd>The Segments Left field is set to n-1, where n is the number of
elements in the SR Policy.</t> elements in the SR Policy.</dd>
<dt/>
<t>The Last Entry field is set to n-1 where n is the number of <dd>The Last Entry field is set to n-1, where n is the number of
elements in the SR Policy.</t> elements in the SR Policy.</dd>
<dt/>
<t>TLVs (including HMAC) may be set according to their <dd>TLVs (including HMAC) may be set according to their
specification.</t> specification.</dd>
<dt/>
<t>The packet is forwarded toward the packet's Destination Address <dd>The packet is forwarded toward the packet's Destination Address
(the first segment).</t> (the first segment).</dd>
</list></t> </dl>
<section anchor="REDUCED" numbered="true" toc="default">
<section anchor="REDUCED" title="Reduced SRH"> <name>Reduced SRH</name>
<t>When a source does not require the entire SID list to be <t>When a source does not require the entire SID list to be
preserved in the SRH, a reduced SRH may be used.</t> preserved in the SRH, a reduced SRH may be used.</t>
<t>A reduced SRH does not contain the first segment of the related <t>A reduced SRH does not contain the first segment of the related
SR Policy (the first segment is the one already in the DA of the SR Policy (the first segment is the one already in the DA of the
IPv6 header), and the Last Entry field is set to n-2 where n is the IPv6 header), and the Last Entry field is set to n-2, where n is the
number of elements in the SR Policy.</t> number of elements in the SR Policy.</t>
</section> </section>
</section> </section>
<section numbered="true" toc="default">
<section title="Transit Node"> <name>Transit Node</name>
<t>As specified in <xref target="RFC8200"/>, the only node allowed to <t>As specified in <xref target="RFC8200" format="default"/>, the only n
inspect the Routing Extension Header (and therefore the SRH), is the ode allowed to
inspect the Routing Extension Header (and therefore the SRH) is the
node corresponding to the DA of the packet. Any other transit node node corresponding to the DA of the packet. Any other transit node
MUST NOT inspect the underneath routing header and MUST forward the <bcp14>MUST NOT</bcp14> inspect the underneath routing header and <bcp14 >MUST</bcp14> forward the
packet toward the DA according to its IPv6 routing table.</t> packet toward the DA according to its IPv6 routing table.</t>
<t>When a SID is in the destination address of an IPv6 header of a <t>When a SID is in the destination address of an IPv6 header of a
packet, it's routed through an IPv6 network as an IPv6 address. SIDs, packet, it's routed through an IPv6 network as an IPv6 address. SIDs,
or the prefix(es) covering SIDs, and their reachability may be or the prefix(es) covering SIDs, and their reachability may be
distributed by means outside the scope of this document. For example, distributed by means outside the scope of this document. For example,
<xref target="RFC5308"/> or <xref target="RFC5340"/> may be used to <xref target="RFC5308" format="default"/> or <xref target="RFC5340" form at="default"/> may be used to
advertise a prefix covering the SIDs on a node.</t> advertise a prefix covering the SIDs on a node.</t>
</section> </section>
<section anchor="ENDSID" numbered="true" toc="default">
<section anchor="ENDSID" title="SR Segment Endpoint Node"> <name>SR Segment Endpoint Node</name>
<t>Without constraining the details of an implementation, the SR <t>Without constraining the details of an implementation, the SR
segment endpoint node creates Forwarding Information Base (FIB) segment endpoint node creates Forwarding Information Base (FIB)
entries for its local SIDs.</t> entries for its local SIDs.</t>
<t>When an SRv6-capable node receives an IPv6 packet, it performs a <t>When an SRv6-capable node receives an IPv6 packet, it performs a
longest-prefix-match lookup on the packets destination address. This longest-prefix-match lookup on the packet's destination address. This
lookup can return any of the following:<figure align="left"> lookup can return any of the following:</t>
<artwork> <ul>
* A FIB entry that represents a locally instantiated SRv6 SID <li>A FIB entry that represents a locally instantiated SRv6 SID</li>
* A FIB entry that represents a local interface, not locally <li>A FIB entry that represents a local interface, not locally
instantiated as an SRv6 SID instantiated as an SRv6 SID</li>
* A FIB entry that represents a non-local route <li>A FIB entry that represents a nonlocal route</li>
* No Match</artwork> <li>No Match</li>
</figure></t> </ul>
<section anchor="pktENDSID" numbered="true" toc="default">
<section anchor="pktENDSID" <name>FIB Entry Is a Locally Instantiated SRv6 SID</name>
title="FIB Entry Is Locally Instantiated SRv6 SID"> <t>This document and section define a single SRv6 SID. Future
<t>This document, and section, defines a single SRv6 SID. Future documents may define additional SRv6 SIDs. In such a case, the entire
documents may define additional SRv6 SIDs. In which case, the entire
content of this section will be defined in that document.</t> content of this section will be defined in that document.</t>
<t>If the FIB entry represents a locally instantiated SRv6 SID, <t>If the FIB entry represents a locally instantiated SRv6 SID,
process the next header chain of the IPv6 header as defined in process the next header chain of the IPv6 header as defined in
section 4 of <xref target="RFC8200"/>. <xref target="SRHPROC"/> <xref target="RFC8200" sectionFormat="of" section="4"/>. <xref
describes how to process an SRH, <xref target="UPPERHEADER"/> target="SRHPROC" format="default"/>
describes how to process an upper layer header or no next describes how to process an SRH; <xref target="UPPERHEADER" format="de
header.</t> fault"/>
describes how to process an upper-layer header or the absence of a Nex
t
Header.</t>
<t>Processing this SID modifies the Segments Left and, if configured <t>Processing this SID modifies the Segments Left and, if configured
to process TLVs, it may modify the "variable length data" of TLV to process TLVs, it may modify the "variable-length data" of TLV
types that change en route. Therefore Segments Left is mutable and types that change en route. Therefore, Segments Left is mutable, and
TLVs that change en route are mutable. The remainder of the SRH TLVs that change en route are mutable. The remainder of the SRH
(Flags, Tag, Segment List, and TLVs that do not change en route) are (Flags, Tag, Segment List, and TLVs that do not change en route) are
immutable while processing this SID.</t> immutable while processing this SID.</t>
<section anchor="SRHPROC" numbered="true" toc="default">
<section anchor="SRHPROC" title="SRH Processing"> <name>SRH Processing</name>
<t><figure align="left"> <artwork name="" type="" align="left" alt=""><![CDATA[
<artwork>
S01. When an SRH is processed { S01. When an SRH is processed {
S02. If Segments Left is equal to zero { S02. If Segments Left is equal to zero {
S03. Proceed to process the next header in the packet, S03. Proceed to process the next header in the packet,
whose type is identified by the Next Header field in whose type is identified by the Next Header field in
the Routing header. the routing header.
S04. } S04. }
S05. Else { S05. Else {
S06. If local configuration requires TLV processing { S06. If local configuration requires TLV processing {
S07. Perform TLV processing (see TLV Processing) S07. Perform TLV processing (see TLV Processing)
S08. } S08. }
S09. max_last_entry = ( Hdr Ext Len / 2 ) - 1 S09. max_last_entry = ( Hdr Ext Len / 2 ) - 1
S10. If ((Last Entry &gt; max_last_entry) or S10. If ((Last Entry > max_last_entry) or
S11. (Segments Left is greater than (Last Entry+1)) { S11. (Segments Left is greater than (Last Entry+1)) {
S12. Send an ICMP Parameter Problem, Code 0, message to S12. Send an ICMP Parameter Problem, Code 0, message to
the Source Address, pointing to the Segments Left the Source Address, pointing to the Segments Left
field, and discard the packet. field, and discard the packet.
S13. } S13. }
S14. Else { S14. Else {
S15. Decrement Segments Left by 1. S15. Decrement Segments Left by 1.
S16. Copy Segment List[Segments Left] from the SRH to the S16. Copy Segment List[Segments Left] from the SRH to the
destination address of the IPv6 header. destination address of the IPv6 header.
S17. If the IPv6 Hop Limit is less than or equal to 1 { S17. If the IPv6 Hop Limit is less than or equal to 1 {
skipping to change at line 752 skipping to change at line 655
the packet. the packet.
S19. } S19. }
S20. Else { S20. Else {
S21. Decrement the Hop Limit by 1 S21. Decrement the Hop Limit by 1
S22. Resubmit the packet to the IPv6 module for transmission S22. Resubmit the packet to the IPv6 module for transmission
to the new destination. to the new destination.
S23. } S23. }
S24. } S24. }
S25. } S25. }
S26. } S26. }
</artwork> ]]></artwork>
</figure></t>
<section anchor="TLVPROCESS" title="TLV Processing">
<t>Local configuration determines how TLVs are to be processed
when the Active Segment is a local SID defined in this document.
The definition of local configuration is outside the scope of
this document.</t>
<t>For illustration purpose only, two example local <section anchor="TLVPROCESS" numbered="true" toc="default">
configurations that may be associated with a SID are provided <name>TLV Processing</name>
below.</t> <t>Local configuration determines how TLVs are to be processed
when the Active Segment is a local SID defined in this document.
The definition of local configuration is outside the scope of
this document.</t>
<t>For illustration purposes only, two example local
configurations that may be associated with a SID are provided
below.</t>
<t><figure align="left"> <artwork name="" type="" align="left" alt=""><![CDATA[
<artwork>
Example 1: Example 1:
For any packet received from interface I2 For any packet received from interface I2
Skip TLV processing Skip TLV processing
Example 2: Example 2:
For any packet received from interface I1 For any packet received from interface I1
If first TLV is HMAC { If first TLV is HMAC {
Process the HMAC TLV Process the HMAC TLV
} }
Else { Else {
Discard the packet Discard the packet
}</artwork> }]]></artwork>
</figure></t>
</section> </section>
</section> </section>
<section anchor="UPPERHEADER" numbered="true" toc="default">
<section anchor="UPPERHEADER" <name>Upper-Layer Header or No Next Header</name>
title="Upper-layer Header or No Next Header"> <t>When processing the upper-layer header of a packet matching a
<t>When processing the Upper-layer header of a packet matching a
FIB entry locally instantiated as an SRv6 SID defined in this FIB entry locally instantiated as an SRv6 SID defined in this
document.</t> document:</t>
<artwork name="" type="" align="left" alt=""><![CDATA[
<t><figure>
<artwork>
IF (Upper-layer Header is IPv4 or IPv6) and IF (Upper-layer Header is IPv4 or IPv6) and
local configuration permits { local configuration permits {
Perform IPv6 decapsulation Perform IPv6 decapsulation
Resubmit the decapsulated packet to the IPv4 or IPv6 module Resubmit the decapsulated packet to the IPv4 or IPv6 module
} }
ELSE { ELSE {
Send an ICMP parameter problem message to the Source Address and Send an ICMP parameter problem message to the Source Address and
discard the packet. Error code (TBD by IANA) "SR Upper-layer discard the packet. Error code (4) "SR Upper-layer
Header Error", pointer set to the offset of the upper-layer Header Error", pointer set to the offset of the upper-layer
header. header.
} }
</artwork> ]]></artwork>
</figure></t> <t>A unique error code allows an SR source node to recognize an
<t>A unique error code allows an SR Source node to recognize an
error in SID processing at an endpoint.</t> error in SID processing at an endpoint.</t>
</section> </section>
</section> </section>
<section numbered="true" toc="default">
<name>FIB Entry Is a Local Interface</name>
<section title="FIB Entry Is A Local Interface"> <t>If the FIB entry represents a local interface and is not locally
<t>If the FIB entry represents a local interface, not locally instantiated as an SRv6 SID, the SRH is processed as follows:</t>
instantiated as an SRv6 SID, the SRH is processed as follows:<list> <ul empty="true" spacing="normal">
<t>If Segments Left is zero, the node must ignore the Routing <li>If Segments Left is zero, the node must ignore the routing
header and proceed to process the next header in the packet, header and proceed to process the next header in the packet,
whose type is identified by the Next Header field in the Routing whose type is identified by the Next Header field in the routing
Header.</t> header.</li>
<li>If Segments Left is non-zero, the node must discard the
<t>If Segments Left is non-zero, the node must discard the
packet and send an ICMP Parameter Problem, Code 0, message to packet and send an ICMP Parameter Problem, Code 0, message to
the packet's Source Address, pointing to the unrecognized the packet's Source Address, pointing to the unrecognized
Routing Type.</t> Routing Type.</li>
</list></t> </ul>
</section> </section>
<section numbered="true" toc="default">
<section title="FIB Entry Is A Non-Local Route"> <name>FIB Entry Is a Nonlocal Route</name>
<t>Processing is not changed by this document.</t> <t>Processing is not changed by this document.</t>
</section> </section>
<section numbered="true" toc="default">
<section title="FIB Entry Is A No Match"> <name>FIB Entry Is a No Match</name>
<t>Processing is not changed by this document.</t> <t>Processing is not changed by this document.</t>
</section> </section>
</section> </section>
</section> </section>
<section anchor="DEP" numbered="true" toc="default">
<section anchor="DEP" title="Intra SR Domain Deployment Model"> <name>Intra-SR-Domain Deployment Model</name>
<t>The use of the SIDs exclusively within the SR Domain and solely for <t>The use of the SIDs exclusively within the SR domain and solely for
packets of the SR Domain is an important deployment model.</t> packets of the SR domain is an important deployment model.</t>
<t>This enables the SR domain to act as a single routing system.</t>
<t>This enables the SR Domain to act as a single routing system.</t> <t>This section covers:</t>
<ul spacing="normal">
<t>This section covers:<list style="symbols"> <li>securing the SR domain from external attempts to use its SIDs</li>
<t>securing the SR Domain from external attempt to use its SIDs</t> <li>using the SR domain as a single system with delegation between
components</li>
<t>SR Domain as a single system with delegation between <li>handling packets of the SR domain</li>
components</t> </ul>
<section anchor="SECSRDOMAIN" numbered="true" toc="default">
<t>handling packets of the SR Domain</t> <name>Securing the SR Domain</name>
</list></t> <t>Nodes outside the SR domain are not trusted: they cannot directly
<section anchor="SECSRDOMAIN" title="Securing the SR Domain">
<t>Nodes outside the SR Domain are not trusted: they cannot directly
use the SIDs of the domain. This is enforced by two levels of access use the SIDs of the domain. This is enforced by two levels of access
control lists: <list style="numbers"> control lists: </t>
<t>Any packet entering the SR Domain and destined to a SID within <ol spacing="normal" type="1">
the SR Domain is dropped. This may be realized with the following <li>
<t>Any packet entering the SR domain and destined to a SID within
the SR domain is dropped. This may be realized with the following
logic. Other methods with equivalent outcome are considered logic. Other methods with equivalent outcome are considered
compliant: <list style="symbols"> compliant: </t>
<t>allocate all the SID's from a block S/s</t> <ul spacing="normal">
<li>Allocate all the SIDs from a block S/s</li>
<t>configure each external interface of each edge node of the <li>Configure each external interface of each edge node of the
domain with an inbound infrastructure access list (IACL) which domain with an inbound infrastructure access list (IACL) that
drops any incoming packet with a destination address in drops any incoming packet with a destination address in
S/s</t> S/s</li>
<li>Failure to implement this method of ingress filtering
<t>Failure to implement this method of ingress filtering exposes the SR domain to source-routing attacks, as described
exposes the SR Domain to source routing attacks as described and referenced in <xref target="RFC5095" format="default"/></li>
and referenced in <xref target="RFC5095"/></t> </ul>
</list></t> </li>
<li>
<t>The distributed protection in #1 is complemented with per node <t>The distributed protection in #1 is complemented with per-node
protection, dropping packets to SIDs from source addresses outside protection, dropping packets to SIDs from source addresses outside
the SR Domain. This may be realized with the following logic. the SR domain. This may be realized with the following logic.
Other methods with equivalent outcome are considered compliant: Other methods with equivalent outcome are considered compliant:
<list style="symbols"> </t>
<t>assign all interface addresses from prefix A/a</t> <ul spacing="normal">
<li>Assign all interface addresses from prefix A/a</li>
<t>at node k, all SIDs local to k are assigned from prefix <li>At node k, all SIDs local to k are assigned from prefix
Sk/sk</t> Sk/sk</li>
<li>Configure each internal interface of each SR node k in the
<t>configure each internal interface of each SR node k in the SR domain with an inbound IACL that drops any incoming packet
SR Domain with an inbound IACL which drops any incoming packet
with a destination address in Sk/sk if the source address is with a destination address in Sk/sk if the source address is
not in A/a.</t> not in A/a.</li>
</list></t> </ul>
</list></t> </li>
</ol>
</section> </section>
<section anchor="SINGLESYS" numbered="true" toc="default">
<section anchor="SINGLESYS" <name>SR Domain as a Single System with Delegation among Components</nam
title="SR Domain as A Single System with Delegation Among Compone e>
nts"> <t>All intra-SR-domain packets are of the SR domain. The IPv6 header
<t>All intra SR Domain packets are of the SR Domain. The IPv6 header is originated by a node of the SR domain and is destined to a node of
is originated by a node of the SR Domain, and is destined to a node of the SR domain.</t>
the SR Domain.</t> <t>All interdomain packets are encapsulated for the part of the
packet journey that is within the SR domain. The outer IPv6 header is
<t>All inter domain packets are encapsulated for the part of the originated by a node of the SR domain and is destined to a node of
packet journey that is within the SR Domain. The outer IPv6 header is the SR domain.</t>
originated by a node of the SR Domain, and is destined to a node of <t>As a consequence, any packet within the SR domain is of the SR
the SR Domain.</t> domain.</t>
<t>The SR domain is a system in which the operator may want to
<t>As a consequence, any packet within the SR Domain is of the SR distribute or delegate different operations of the outermost header
Domain.</t>
<t>The SR Domain is a system in which the operator may want to
distribute or delegate different operations of the outer most header
to different nodes within the system.</t> to different nodes within the system.</t>
<t>An operator of an SR domain may choose to delegate SRH addition to <t>An operator of an SR domain may choose to delegate SRH addition to
a host node within the SR domain, and validation of the contents of a host node within the SR domain and delegate validation of the contents of
any SRH to a more trusted router or switch attached to the host. any SRH to a more trusted router or switch attached to the host.
Consider a top of rack switch (T) connected to host (H) via interface Consider a top-of-rack switch T connected to host H via interface
(I). H receives an SRH (SRH1) with a computed HMAC via some SDN method I. H receives an SRH (SRH1) with a computed HMAC via some SDN method
outside the scope of this document. H classifies traffic it sources outside the scope of this document. H classifies traffic it sources
and adds SRH1 to traffic requiring a specific SLA. T is configured and adds SRH1 to traffic requiring a specific Service Level
Agreement (SLA). T is configured
with an IACL on I requiring verification of the SRH for any packet with an IACL on I requiring verification of the SRH for any packet
destined to the SID block of the SR Domain (S/s). T checks and destined to the SID block of the SR domain (S/s). T checks and
verifies that SRH1 is valid, contains an HMAC TLV and verifies the verifies that SRH1 is valid and contains an HMAC TLV; T then verifies th
e
HMAC.</t> HMAC.</t>
<t>An operator of the SR domain may choose to have all segments in the
<t>An operator of the SR Domain may choose to have all segments in the SR domain verify the HMAC. This mechanism would verify that the SRH
SR Domain verify the HMAC. This mechanism would verify that the SRH Segment List is not modified while traversing the SR domain.</t>
segment list is not modified while traversing the SR Domain.</t>
</section> </section>
<section anchor="MTU" numbered="true" toc="default">
<section anchor="MTU" title="MTU Considerations"> <name>MTU Considerations</name>
<t>An SR Domain ingress edge node encapsulates packets traversing the <t>An SR domain ingress edge node encapsulates packets traversing the
SR Domain, and needs to consider the MTU of the SR Domain. Within the SR domain and needs to consider the MTU of the SR domain. Within the
SR Domain, well known mitigation techniques are RECOMMENDED, such as SR domain, well-known mitigation techniques are <bcp14>RECOMMENDED</bcp1
deploying a greater MTU value within the SR Domain than at the ingress 4>, such as
deploying a greater MTU value within the SR domain than at the ingress
edges.</t> edges.</t>
<t>Encapsulation with an outer IPv6 header and SRH shares the same MTU
<t>Encapsulation with an outer IPv6 header and SRH share the same MTU and fragmentation considerations as IPv6 tunnels described in <xref targ
and fragmentation considerations as IPv6 tunnels described in <xref et="RFC2473" format="default"/>. Further investigation on the limitation of vari
target="RFC2473"/>. Further investigation on the limitation of various ous
tunneling methods (including IPv6 tunnels) are discussed in <xref tunneling methods (including IPv6 tunnels) is discussed in <xref
target="I-D.ietf-intarea-tunnels"/> and SHOULD be considered by target="I-D.ietf-intarea-tunnels" format="default"/> and
operators when considering MTU within the SR Domain.</t> <bcp14>SHOULD</bcp14> be considered by
operators when considering MTU within the SR domain.</t>
</section> </section>
<section anchor="ICMP" numbered="true" toc="default">
<section anchor="ICMP" title="ICMP Error Processing"> <name>ICMP Error Processing</name>
<t>ICMP error packets generated within the SR Domain are sent to <t>ICMP error packets generated within the SR domain are sent to
source nodes within the SR Domain. The invoking packet in the ICMP source nodes within the SR domain. The invoking packet in the ICMP
error message may contain an SRH. Since the destination address of a error message may contain an SRH. Since the destination address of a
packet with an SRH changes as each segment is processed, it may not be packet with an SRH changes as each segment is processed, it may not be
the destination used by the socket or application that generated the the destination used by the socket or application that generated the
invoking packet.</t> invoking packet.</t>
<t>For the source of an invoking packet to process the ICMP error <t>For the source of an invoking packet to process the ICMP error
message, the ultimate destination address of the IPv6 header may be message, the ultimate destination address of the IPv6 header may be
required. The following logic is used to determine the destination required. The following logic is used to determine the destination
address for use by protocol error handlers.<list style="symbols"> address for use by protocol-error handlers.</t>
<ul spacing="normal">
<li>
<t>Walk all extension headers of the invoking IPv6 packet to the <t>Walk all extension headers of the invoking IPv6 packet to the
routing extension header preceding the upper layer header.<list routing extension header preceding the upper-layer header.</t>
style="symbols"> <ul spacing="normal">
<t>If routing header is type TBD IANA (SRH)<list <li>
style="symbols"> <t>If routing header is type 4 Segment Routing Header (SRH)</t>
<t>The SID at Segment List[0] may be used as the <ul spacing="normal">
destination address of the invoking packet.</t> <li>The SID at Segment List[0] may be used as the
</list></t> destination address of the invoking packet.</li>
</list></t> </ul>
</list></t> </li>
</ul>
<t>ICMP errors are then processed by upper layer transports as defined </li>
in <xref target="RFC4443"/>.</t> </ul>
<t>ICMP errors are then processed by upper-layer transports as defined
in <xref target="RFC4443" format="default"/>.</t>
<t>For IP packets encapsulated in an outer IPv6 header, ICMP error <t>For IP packets encapsulated in an outer IPv6 header, ICMP error
handling is as defined in <xref target="RFC2473"/>.</t> handling is as defined in <xref target="RFC2473" format="default"/>.</t>
</section> </section>
<section anchor="LBECMP" numbered="true" toc="default">
<section anchor="LBECMP" title="Load Balancing and ECMP"> <name>Load Balancing and ECMP</name>
<t>For any inter domain packet, the SR Source node MUST impose a flow <t>For any interdomain packet, the SR source node <bcp14>MUST</bcp14> im
pose a flow
label computed based on the inner packet. The computation of the flow label computed based on the inner packet. The computation of the flow
label is as recommended in <xref target="RFC6438"/> for the sending label is as recommended in <xref target="RFC6438" format="default"/> for the sending
Tunnel End Point.</t> Tunnel End Point.</t>
<t>For any intradomain packet, the SR source node <bcp14>SHOULD</bcp14>
<t>For any intra domain packet, the SR Source node SHOULD impose a impose a
flow label computed as described in <xref target="RFC6437"/> to assist flow label computed as described in <xref target="RFC6437" format="defau
lt"/> to assist
ECMP load balancing at transit nodes incapable of computing a 5-tuple ECMP load balancing at transit nodes incapable of computing a 5-tuple
beyond the SRH.</t> beyond the SRH.</t>
<t>At any transit node within an SR domain, the flow label <bcp14>MUST</
<t>At any transit node within an SR domain, the flow label MUST be bcp14> be
used as defined in <xref target="RFC6438"/> to calculate the ECMP hash used as defined in <xref target="RFC6438" format="default"/> to calculat
toward the destination address. If flow label is not used, the transit e the ECMP hash
toward the destination address. If a flow label is not used, the transit
node would likely hash all packets between a pair of SR Edge nodes to node would likely hash all packets between a pair of SR Edge nodes to
the same link.</t> the same link.</t>
<t>At an SR segment endpoint node, the flow label <bcp14>MUST</bcp14> be
<t>At an SR segment endpoint node, the flow label MUST be used as used as
defined in <xref target="RFC6438"/> to calculate any ECMP hash used to defined in <xref target="RFC6438" format="default"/> to calculate any EC
MP hash used to
forward the processed packet to the next segment.</t> forward the processed packet to the next segment.</t>
</section> </section>
<section anchor="other" numbered="true" toc="default">
<section anchor="other" title="Other Deployments"> <name>Other Deployments</name>
<t>Other deployment models and their implications on security, MTU, <t>Other deployment models and their implications on security, MTU,
HMAC, ICMP error processing and interaction with other extension HMAC, ICMP error processing, and interaction with other extension
headers are outside the scope of this document.</t> headers are outside the scope of this document.</t>
</section> </section>
</section> </section>
<section anchor="ILL" numbered="true" toc="default">
<section anchor="ILL" title="Illustrations"> <name>Illustrations</name>
<t>This section provides illustrations of SRv6 packet processing at SR <t>This section provides illustrations of SRv6 packet processing at SR
source, transit and SR segment endpoint nodes.</t> source, transit, and SR segment endpoint nodes.</t>
<section numbered="true" toc="default">
<section title="Abstract Representation of an SRH"> <name>Abstract Representation of an SRH</name>
<t>For a node k, its IPv6 address is represented as Ak, its SRv6 SID <t>For a node k, its IPv6 address is represented as Ak, and its SRv6 SID
is represented as Sk.</t> is represented as Sk.</t>
<t>IPv6 headers are represented as the tuple of (source, destination). <t>IPv6 headers are represented as the tuple of (source,destination).
For example, a packet with source address A1 and destination address For example, a packet with source address A1 and destination address
A2 is represented as (A1,A2). The payload of the packet is A2 is represented as (A1,A2). The payload of the packet is
omitted.</t> omitted.</t>
<t>An SR Policy is a list of segments. A list of segments is <t>An SR Policy is a list of segments. A list of segments is
represented as &lt;S1,S2,S3&gt; where S1 is the first SID to visit, S2 represented as &lt;S1,S2,S3&gt; where S1 is the first SID to visit, S2
is the second SID to visit and S3 is the last SID to visit.</t> is the second SID to visit, and S3 is the last SID to visit.</t>
<t>(SA,DA) (S3,S2,S1; SL) represents an IPv6 packet with:</t>
<t>(SA,DA) (S3, S2, S1; SL) represents an IPv6 packet with:<list <ul spacing="normal">
style="symbols"> <li>Source Address SA, Destination Addresses DA, and
<t>Source Address is SA, Destination Addresses is DA, and next header SRH.</li>
next-header is SRH.</t> <li>SRH with SID list &lt;S1,S2,S3&gt; with SegmentsLeft =
SL.</li>
<t>SRH with SID list &lt;S1, S2, S3&gt; with SegmentsLeft = <li>Note the difference between the &lt;&gt; and () symbols.
SL.</t> &lt;S1,S2,S3&gt; represents a SID list where the leftmost
segment is the first segment. In contrast, (S3,S2,S1; SL) represents
<t>Note the difference between the &lt;&gt; and () symbols.
&lt;S1, S2, S3&gt; represents a SID list where the leftmost
segment is the first segment. Whereas, (S3, S2, S1; SL) represents
the same SID list but encoded in the SRH Segment List format where the same SID list but encoded in the SRH Segment List format where
the leftmost segment is the last segment. When referring to an SR the leftmost segment is the last segment. When referring to an SR
policy in a high-level use-case, it is simpler to use the &lt;S1, Policy in a high-level use case, it is simpler to use the &lt;S1,S2,
S2, S3&gt; notation. When referring to an illustration of detailed S3&gt; notation. When referring to an illustration of detailed
behavior, the (S3, S2, S1; SL) notation is more convenient.</t> behavior, the (S3,S2,S1; SL) notation is more convenient.</li>
</list></t> </ul>
<t>At its SR Policy headend, the Segment List &lt;S1,S2,S3&gt; results <t>At its SR Policy headend, the Segment List &lt;S1,S2,S3&gt; results
in SRH (S3,S2,S1; SL=2) represented fully as: <figure align="left"> in SRH (S3,S2,S1; SL=2) represented fully as: </t>
<artwork> <artwork name="" type="" align="left" alt=""><![CDATA[
Segments Left=2 Segments Left=2
Last Entry=2 Last Entry=2
Flags=0 Flags=0
Tag=0 Tag=0
Segment List[0]=S3 Segment List[0]=S3
Segment List[1]=S2 Segment List[1]=S2
Segment List[2]=S1</artwork> Segment List[2]=S1]]></artwork>
</figure></t>
</section> </section>
<section numbered="true" toc="default">
<section title="Example Topology"> <name>Example Topology</name>
<t>The following topology is used in examples below: <figure <t>The following topology is used in examples below: </t>
align="center" anchor="TOPO1"> <figure anchor="TOPO1">
<artwork> <artwork name="" type="" align="left" alt=""><![CDATA[
+ * * * * * * * * * * * * * * * * * * * * + + * * * * * * * * * * * * * * * * * * * * +
* [8] [9] * * [8] [9] *
| | | |
* | | * * | | *
[1]----[3]--------[5]----------------[6]---------[4]---[2] [1]----[3]--------[5]----------------[6]---------[4]---[2]
* | | * * | | *
| | | |
* | | * * | | *
+--------[7]-------+ +--------[7]-------+
* * * *
+ * * * * * * * SR Domain * * * * * * * +</artwork> + * * * * * * * SR domain * * * * * * * +]]></artwork>
</figure><list style="symbols"> </figure>
<t>3 and 4 are SR Domain edge routers</t> <ul spacing="normal">
<li>3 and 4 are SR domain edge routers</li>
<t>5, 6, and 7 are all SR Domain routers</t> <li>5, 6, and 7 are all SR domain routers</li>
<li>8 and 9 are hosts within the SR domain</li>
<t>8 and 9 are hosts within the SR Domain</t> <li>1 and 2 are hosts outside the SR domain</li>
<li>The SR domain implements ingress filtering as per <xref
<t>1 and 2 are hosts outside the SR Domain</t> target="SECSRDOMAIN" format="default"/> and no external packet can
enter the domain
<t>The SR domain implements ingress filtering as per <xref with a destination address equal to a segment of the domain.</li>
target="SECSRDOMAIN"/> and no external packet can enter the domain </ul>
with a destination address equal to a segment of the domain.</t>
</list></t>
</section> </section>
<section numbered="true" toc="default">
<section title="Source SR Node"> <name>SR Source Node</name>
<section title="Intra SR Domain Packet"> <section numbered="true" toc="default">
<name>Intra-SR-Domain Packet</name>
<t>When host 8 sends a packet to host 9 via an SR Policy <t>When host 8 sends a packet to host 9 via an SR Policy
&lt;S7,A9&gt; the packet is</t> &lt;S7,A9&gt; the packet is</t>
<t>P1: (A8,S7)(A9,S7; SL=1)</t> <t>P1: (A8,S7)(A9,S7; SL=1)</t>
<section numbered="true" toc="default">
<section title="Reduced Variant"> <name>Reduced Variant</name>
<t>When host 8 sends a packet to host 9 via an SR Policy <t>When host 8 sends a packet to host 9 via an SR Policy
&lt;S7,A9&gt; and it wants to use a reduced SRH, the packet is</t> &lt;S7,A9&gt; and it wants to use a reduced SRH, the packet is</t>
<t>P2: (A8,S7)(A9; SL=1)</t> <t>P2: (A8,S7)(A9; SL=1)</t>
</section> </section>
</section> </section>
<section numbered="true" toc="default">
<section title="Inter SR Domain Packet - Transit"> <name>Inter-SR-Domain Packet -- Transit</name>
<t>When host 1 sends a packet to host 2, the packet is</t> <t>When host 1 sends a packet to host 2, the packet is</t>
<t>P3: (A1,A2)</t> <t>P3: (A1,A2)</t>
<t>The SR domain ingress router 3 receives P3 and steers it to SR
<t>The SR Domain ingress router 3 receives P3 and steers it to SR domain egress router 4 via an SR Policy &lt;S7,S4&gt;. Router 3
Domain egress router 4 via an SR Policy &lt;S7, S4&gt;. Router 3
encapsulates the received packet P3 in an outer header with an SRH. encapsulates the received packet P3 in an outer header with an SRH.
The packet is</t> The packet is</t>
<t>P4: (A3,S7)(S4,S7; SL=1)(A1,A2)</t>
<t>P4: (A3, S7)(S4, S7; SL=1)(A1, A2)</t>
<t>If the SR Policy contains only one segment (the egress router 4), <t>If the SR Policy contains only one segment (the egress router 4),
the ingress Router 3 encapsulates P3 into an outer header (A3, S4) the ingress router 3 encapsulates P3 into an outer header (A3,S4)
without SRH. The packet is</t> without SRH. The packet is</t>
<t>P5: (A3,S4)(A1,A2)</t>
<t>P5: (A3, S4)(A1, A2)</t> <section numbered="true" toc="default">
<name>Reduced Variant</name>
<section title="Reduced Variant"> <t>The SR domain ingress router 3 receives P3 and steers it to SR
<t>The SR Domain ingress router 3 receives P3 and steers it to SR domain egress router 4 via an SR Policy &lt;S7,S4&gt;. If router
Domain egress router 4 via an SR Policy &lt;S7, S4&gt;. If router 3 wants to use a reduced SRH, it encapsulates the received
3 wants to use a reduced SRH, Router 3 encapsulates the received
packet P3 in an outer header with a reduced SRH. The packet is</t> packet P3 in an outer header with a reduced SRH. The packet is</t>
<t>P6: (A3,S7)(S4; SL=1)(A1,A2)</t>
<t>P6: (A3, S7)(S4; SL=1)(A1, A2)</t>
</section> </section>
</section> </section>
<section numbered="true" toc="default">
<section title="Inter SR Domain Packet - Internal to External"> <name>Inter-SR-Domain Packet -- Internal to External</name>
<t>When host 8 sends a packet to host 1, the packet is encapsulated <t>When host 8 sends a packet to host 1, the packet is encapsulated
for the portion of its journey within the SR Domain. From 8 to 3 the for the portion of its journey within the SR domain. From 8 to 3 the
packet is</t> packet is</t>
<t>P7: (A8,S3)(A8,A1)</t> <t>P7: (A8,S3)(A8,A1)</t>
<t>In the opposite direction, the packet generated from 1 to 8 <t>In the opposite direction, the packet generated from 1 to 8
is</t> is</t>
<t>P8: (A1,A8)</t> <t>P8: (A1,A8)</t>
<t>At node 3, P8 is encapsulated for the portion of its journey
<t>At node 3 P8 is encapsulated for the portion of its journey
within the SR domain, with the outer header destined to segment S8. within the SR domain, with the outer header destined to segment S8.
Resulting in</t> This results in</t>
<t>P9: (A3,S8)(A1,A8)</t> <t>P9: (A3,S8)(A1,A8)</t>
<t>At node 8, the outer IPv6 header is removed by S8 processing, then
<t>At node 8 the outer IPv6 header is removed by S8 processing, then
processed again when received by A8.</t> processed again when received by A8.</t>
</section> </section>
</section> </section>
<section numbered="true" toc="default">
<section title="Transit Node"> <name>Transit Node</name>
<t>Nodes 5 acts as transit nodes for packet P1, and sends packet</t> <t>Node 5 acts as transit node for packet P1 and sends packet</t>
<t>P1: (A8,S7)(A9,S7;SL=1)</t> <t>P1: (A8,S7)(A9,S7;SL=1)</t>
<t>on the interface toward node 7.</t> <t>on the interface toward node 7.</t>
</section> </section>
<section numbered="true" toc="default">
<section title="SR Segment Endpoint Node"> <name>SR Segment Endpoint Node</name>
<t>Node 7 receives packet P1 and, using the logic in <xref <t>Node 7 receives packet P1 and, using the logic in <xref target="pktEN
target="pktENDSID"/>, sends packet</t> DSID" format="default"/>, sends packet</t>
<t>P7: (A8,A9)(A9,S7; SL=0)</t> <t>P7: (A8,A9)(A9,S7; SL=0)</t>
<t>on the interface toward router 6.</t> <t>on the interface toward router 6.</t>
</section> </section>
<section numbered="true" toc="default">
<section title="Delegation of Function with HMAC Verification"> <name>Delegation of Function with HMAC Verification</name>
<t>This section describes how a function may be delegated within the <t>This section describes how a function may be delegated within the
SR Domain. In the following sections consider a host 8 connected to a SR domain. In the following sections, consider a host 8 connected to a
top of rack 5.</t> top of rack 5.</t>
<section numbered="true" toc="default">
<section title="SID List Verification"> <name>SID List Verification</name>
<t>An operator may prefer to apply the SRH at source 8, while 5 <t>An operator may prefer to apply the SRH at source 8, while 5
verifies the SID list is valid.</t> verifies that the SID list is valid.</t>
<t>For illustration purposes, an SDN controller provides 8 an SRH
<t>For illustration purpose, an SDN controller provides 8 an SRH terminating at node 9, with Segment List &lt;S5,S7,S6,A9&gt;, and
terminating at node 9, with segment list &lt;S5,S7,S6,A9&gt;, and
HMAC TLV computed for the SRH. The HMAC key ID and key associated HMAC TLV computed for the SRH. The HMAC key ID and key associated
with the HMAC TLV is shared with 5. Node 8 does not know the key. with the HMAC TLV is shared with 5. Node 8 does not know the key.
Node 5 is configured with an IACL applied to the interface connected Node 5 is configured with an IACL applied to the interface connected
to 8, requiring HMAC verification for any packet destined to to 8, requiring HMAC verification for any packet destined to
S/s.</t> S/s.</t>
<t>Node 8 originates packets with the received SRH, including HMAC
<t>Node 8 originates packets with the received SRH including HMAC
TLV.</t> TLV.</t>
<t>P15: (A8,S5)(A9,S6,S7,S5;SL=3;HMAC)</t>
<t>P15:(A8,S5)(A9,S6,S7,S5;SL=3;HMAC)</t>
<t>Node 5 receives and verifies the HMAC for the SRH, then forwards <t>Node 5 receives and verifies the HMAC for the SRH, then forwards
the packet to the next segment</t> the packet to the next segment</t>
<t>P16: (A8,S7)(A9,S6,S7,S5;SL=2;HMAC)</t>
<t>P16:(A8,S7)(A9,S6,S7,S5;SL=2;HMAC)</t>
<t>Node 6 receives</t> <t>Node 6 receives</t>
<t>P17: (A8,S6)(A9,S6,S7,S5;SL=1;HMAC)</t>
<t>P17:(A8,S6)(A9,S6,S7,S5;SL=1;HMAC)</t>
<t>Node 9 receives</t> <t>Node 9 receives</t>
<t>P18: (A8,A9)(A9,S6,S7,S5;SL=0;HMAC)</t>
<t>P18:(A8,A9)(A9,S6,S7,S5;SL=0;HMAC)</t> <t>This use of an HMAC is particularly valuable within an
enterprise-based SR domain <xref target="SRN"
<t>This use of an HMAC is particularly valuable within an enterprise format="default"/>.</t>
based SR Domain <xref target="SRN"/>.</t>
</section> </section>
</section> </section>
</section> </section>
<section anchor="Security" numbered="true" toc="default">
<section anchor="Security" title="Security Considerations"> <name>Security Considerations</name>
<t>This section reviews security considerations related to the SRH, <t>This section reviews security considerations related to the SRH,
given the SRH processing and deployment models discussed in this given the SRH processing and deployment models discussed in this
document.</t> document.</t>
<t>As described in <xref target="DEP" format="default"/>, it is necessary
<t>As described in <xref target="DEP"/>, it is necessary to filter to filter
packets ingress to the SR Domain, destined to SIDs within the SR Domain packets' ingress to the SR domain, destined to SIDs within the SR domain
(i.e., bearing a SID in the destination address). This ingress filtering (i.e., bearing a SID in the destination address). This ingress filtering
is via an IACL at SR Domain ingress border nodes. Additional protection is via an IACL at SR domain ingress border nodes. Additional protection
is applied via an IACL at each SR Segment Endpoint node, filtering is applied via an IACL at each SR Segment Endpoint node, filtering
packets not from within the SR Domain, destined to SIDs in the SR packets not from within the SR domain, destined to SIDs in the SR domain.
Domain. ACLs are easily supported for small numbers of prefixes, making ACLs are easily supported for small numbers of seldom changing prefixes, making
summarization important, and when the prefixes requiring filtering is summarization important.</t>
kept to a seldom changing set.</t>
<t>Additionally, ingress filtering of IPv6 source addresses as <t>Additionally, ingress filtering of IPv6 source addresses as
recommended in BCP38 <xref target="RFC2827"/> SHOULD be used.</t> recommended in BCP 38 <xref target="RFC2827" format="default"/> <bcp14>SHO
ULD</bcp14> be used.</t>
<section title="Source Routing Attacks"> <section numbered="true" toc="default">
<t>An SR domain implements distributed and per node protection as <name>SR Attacks</name>
described in section 5.1. Additionally, domains deny traffic with <t>An SR domain implements distributed and per-node protection as
spoofed addresses by implementing the recommendations in BCP 84 <xref described in <xref target="SECSRDOMAIN"/>. Additionally, domains deny tr
target="RFC3704"/>.</t> affic with
spoofed addresses by implementing the recommendations in BCP 84 <xref ta
rget="RFC3704" format="default"/>.</t>
<t>Full implementation of the recommended protection blocks the <t>Full implementation of the recommended protection blocks the
attacks documented in <xref target="RFC5095"/> from outside the SR attacks documented in <xref target="RFC5095" format="default"/> from out
domain, including bypassing filtering devices, reaching otherwise side the SR
unreachable Internet systems, network topology discovery, bandwidth domain, including bypassing filtering devices, reaching
otherwise-unreachable Internet systems, network topology discovery,
bandwidth
exhaustion, and defeating anycast.</t> exhaustion, and defeating anycast.</t>
<t>Failure to implement distributed and per-node protection allows
<t>Failure to implement distributed and per node protection allows attackers to bypass filtering devices and exposes the SR domain to
attackers to bypass filtering devices and exposes the SR Domain to
these attacks.</t> these attacks.</t>
<t>Compromised nodes within the SR domain may mount the attacks listed
<t>Compromised nodes within the SR Domain may mount the attacks listed above along with other known attacks on IP networks (e.g., DoS/DDoS,
above along with other known attacks on IP networks (e.g. DOS/DDOS,
topology discovery, man-in-the-middle, traffic topology discovery, man-in-the-middle, traffic
interception/siphoning).</t> interception/siphoning).</t>
</section> </section>
<section numbered="true" toc="default">
<section title="Service Theft"> <name>Service Theft</name>
<t>Service theft is defined as the use of a service offered by the SR <t>Service theft is defined as the use of a service offered by the SR
Domain by a node not authorized to use the service.</t> domain by a node not authorized to use the service.</t>
<t>Service theft is not a concern within the SR domain, as all SR
<t>Service theft is not a concern within the SR Domain as all SR source nodes and SR segment endpoint nodes within the domain are able
Source nodes and SR segment endpoint nodes within the domain are able to utilize the services of the domain. If a node outside the SR domain
to utilize the services of the Domain. If a node outside the SR Domain
learns of segments or a topological service within the SR domain, IACL learns of segments or a topological service within the SR domain, IACL
filtering denies access to those segments.</t> filtering denies access to those segments.</t>
</section> </section>
<section numbered="true" toc="default">
<section title="Topology Disclosure"> <name>Topology Disclosure</name>
<t>The SRH is unencrypted and may contain SIDs of some intermediate <t>The SRH is unencrypted and may contain SIDs of some intermediate
SR-nodes in the path towards the destination within the SR Domain. If SR nodes in the path towards the destination within the SR domain. If
packets can be snooped within the SR Domain, the SRH may reveal packets can be snooped within the SR domain, the SRH may reveal
topology, traffic flows, and service usage.</t> topology, traffic flows, and service usage.</t>
<t>This is applicable within an SR domain, but the disclosure is less
<t>This is applicable within an SR Domain, but the disclosure is less
relevant as an attacker has other means of learning topology, flows, relevant as an attacker has other means of learning topology, flows,
and service usage.</t> and service usage.</t>
</section> </section>
<section numbered="true" toc="default">
<section title="ICMP Generation"> <name>ICMP Generation</name>
<t>The generation of ICMPv6 error messages may be used to attempt <t>The generation of ICMPv6 error messages may be used to attempt
denial-of-service attacks by sending an error-causing destination denial-of-service attacks by sending an error-causing destination
address or SRH in back-to-back packets. An implementation that address or SRH in back-to-back packets. An implementation that
correctly follows Section 2.4 of <xref target="RFC4443"/> would be correctly follows <xref target="RFC4443"
sectionFormat="of" section="2.4"/> would be
protected by the ICMPv6 rate-limiting mechanism.</t> protected by the ICMPv6 rate-limiting mechanism.</t>
</section> </section>
<section numbered="true" toc="default">
<name>Applicability of AH</name>
<section title="Applicability of AH"> <t>The SR domain is a trusted domain, as defined in <xref
<t>The SR Domain is a trusted domain, as defined in <xref target="RFC8402" format="default"/>, Sections <xref target="RFC8402" sect
target="RFC8402"/> Section 2 and Section 8.2. The SR Source is trusted ion="2"
sectionFormat="bare" /> and <xref target="RFC8402" section="8.2"
sectionFormat="bare" />. The SR source is trusted
to add an SRH (optionally verified as having been generated by a to add an SRH (optionally verified as having been generated by a
trusted source via the HMAC TLV in this document), and segments trusted source via the HMAC TLV in this document), and segments
advertised within the domain are trusted to be accurate and advertised advertised within the domain are trusted to be accurate and advertised
by trusted sources via a secure control plane. As such the SR Domain by trusted sources via a secure control plane. As such, the SR domain
does not rely on the Authentication Header (AH) as defined in <xref does not rely on the Authentication Header (AH) as defined in <xref targ
target="RFC4302"/> to secure the SRH.</t> et="RFC4302" format="default"/> to secure the SRH.</t>
<t>The use of SRH with AH by an SR source node and its processing at an
<t>The use of SRH with AH by an SR source node, and processing at a SR SR
segment endpoint node is not defined in this document. Future segment endpoint node are not defined in this document. Future
documents may define use of SRH with AH and its processing.</t> documents may define use of SRH with AH and its processing.</t>
</section> </section>
</section> </section>
<section anchor="IANA" numbered="true" toc="default">
<name>IANA Considerations</name>
<t>This document makes the following registrations in the &quot;Internet
Protocol Version 6 (IPv6) Parameters&quot; &quot;Routing Types&quot; subre
gistry maintained
by IANA:</t>
<section anchor="IANA" title="IANA Considerations"> <table anchor="SRH-REG">
<t>This document makes the following registrations in the Internet <name>SRH Registration</name>
Protocol Version 6 (IPv6) Parameters "Routing Type" registry maintained <thead>
by IANA:<figure align="center"> <tr>
<artwork align="left"> <th>Value</th>
Suggested Description Reference <th>Description</th>
Value <th>Reference</th>
4 Segment Routing Header (SRH) This document</artwork> </tr>
</figure></t> </thead>
<tbody>
<tr>
<td>4</td>
<td>Segment Routing Header (SRH)</td>
<td>This document</td>
</tr>
</tbody>
</table>
<t>This document makes the following registrations in "Type 4 - <t>This document makes the following registrations in the "Type 4 -
Parameter Problem" message of the "Internet Control Message Protocol Parameter Problem" message of the "Internet Control Message Protocol
version 6 (ICMPv6) Parameters" registry maintained by IANA:<figure version 6 (ICMPv6) Parameters" registry maintained by IANA:</t>
align="center">
<artwork align="left">
CODE NAME/DESCRIPTION
TBD IANA SR Upper-layer Header Error</artwork>
</figure></t>
<t>This section provides guidance to the Internet Assigned Numbers
Authority (IANA) regarding registration of values related to the SRH, in
accordance with BCP 26, <xref target="RFC8126"/>.</t>
<t>The following terms are used here with the meanings defined in BCP
26: "namespace", "assigned value", "registration".</t>
<t>The following policies are used here with the meanings defined in BCP <table anchor="UPPER-LAYER">
26 <xref target="RFC8126"/>: "IETF Review".</t> <name>SR Upper-layer Header Error Registration</name>
<thead>
<tr>
<th>Code</th>
<th>Name</th>
</tr>
</thead>
<tbody>
<tr>
<td>4</td>
<td>SR Upper-layer Header Error</td>
</tr>
</tbody>
</table>
<section anchor="SRHFLAGSREG" <section anchor="SRHFLAGSREG" numbered="true" toc="default">
title="Segment Routing Header Flags Registry"> <name>Segment Routing Header Flags Registry</name>
<t>This document requests the creation of a new IANA managed registry <t>This document describes a new IANA-managed registry
to identify SRH Flags Bits. The registration procedure is "IETF to identify SRH Flags Bits. The registration procedure is "IETF
Review". Suggested registry name is "Segment Routing Header Flags". Review" <xref target="RFC8126" format="default"/>. The registry name is
Flags is 8 bits.</t> "Segment Routing Header Flags".
Flags are 8 bits.</t>
</section> </section>
<section anchor="SRHTLVREG" numbered="true" toc="default">
<section anchor="SRHTLVREG" title="Segment Routing Header TLVs Registry"> <name>Segment Routing Header TLVs Registry</name>
<t>This document requests the creation of a new IANA managed registry <t>This document describes a new IANA-managed registry
to identify SRH TLVs. The registration procedure is "IETF Review". to identify SRH TLVs. The registration procedure is "IETF Review".
Suggested registry name is "Segment Routing Header TLVs". A TLV is The registry name is "Segment Routing Header TLVs". A TLV is
identified through an unsigned 8 bit codepoint value, with assigned identified through an unsigned 8-bit codepoint value, with assigned
values 0-127 for TLVs that do not change en route, and 128-255 for values 0-127 for TLVs that do not change en route and 128-255 for
TLVs that may change en route. The following codepoints are defined in TLVs that may change en route. The following codepoints are defined in
this document: <figure align="center"> this document: </t>
<artwork align="left">
Assigned Description Reference
Value
0 Pad1 TLV This document
1 Reserved This document
2 Reserved This document
3 Reserved This document
4 PadN TLV This document
5 HMAC TLV This document
6 Reserved This document
124-126 Experimentation and Test This document
127 Reserved This document
252-254 Experimentation and Test This document
255 Reserved This document</artwork>
</figure></t>
<t>Values 1,2,3,6 were defined in draft versions of this specification <table anchor="TLV-REG">
<name>Segment Routing Header TLVs Registry</name>
<thead>
<tr>
<th>Value</th>
<th>Description</th>
<th>Reference</th>
</tr>
</thead>
<tbody>
<tr>
<td>0</td>
<td>Pad1 TLV</td>
<td>This document</td>
</tr>
<tr>
<td>1</td>
<td>Reserved</td>
<td>This document</td>
</tr>
<tr>
<td>2</td>
<td>Reserved</td>
<td>This document</td>
</tr>
<tr>
<td>3</td>
<td>Reserved</td>
<td>This document</td>
</tr>
<tr>
<td>4</td>
<td>PadN TLV</td>
<td>This document</td>
</tr>
<tr>
<td>5</td>
<td>HMAC TLV</td>
<td>This document</td>
</tr>
<tr>
<td>6</td>
<td>Reserved</td>
<td>This document</td>
</tr>
<tr>
<td>124-126</td>
<td>Experimentation and Test</td>
<td>This document</td>
</tr>
<tr>
<td>127</td>
<td>Reserved</td>
<td>This document</td>
</tr>
<tr>
<td>252-254</td>
<td>Experimentation and Test</td>
<td>This document</td>
</tr>
<tr>
<td>255</td>
<td>Reserved</td>
<td>This document</td>
</tr>
</tbody>
</table>
<t>Values 1, 2, 3, and 6 were defined in draft versions of this specific
ation
and are Reserved for backwards compatibility with early and are Reserved for backwards compatibility with early
implementations and should not be reassigned. Values 127 and 255 are implementations and should not be reassigned. Values 127 and 255 are
Reserved to allow for expansion of the Type field in future Reserved to allow for expansion of the Type field in future
specifications if needed.</t> specifications, if needed.</t>
</section> </section>
</section> </section>
<section anchor="Implementation" title="Implementation Status"> </middle>
<t>This section is to be removed prior to publishing as an RFC.</t> <back>
<t>See <xref target="I-D.matsushima-spring-srv6-deployment-status"/> for
updated deployment and interoperability reports.</t>
<section anchor="IMPLINUX" title="Linux">
<t>Name: Linux Kernel v4.14</t>
<t>Status: Production</t>
<t>Implementation: adds SRH, performs END processing, supports HMAC
TLV</t>
<t>Details: https://irtf.org/anrw/2017/anrw17-final3.pdf and <xref
target="I-D.filsfils-spring-srv6-interop"/></t>
</section>
<section anchor="IMPCISCO" title="Cisco Systems">
<t>Name: IOS XR and IOS XE</t>
<t>Status: Production (IOS XR), Pre-production (IOS XE)</t>
<t>Implementation: adds SRH, performs END processing, no TLV
processing</t>
<t>Details: <xref target="I-D.filsfils-spring-srv6-interop"/></t>
</section>
<section anchor="IMPFDIO" title="FD.io">
<t>Name: VPP/Segment Routing for IPv6</t>
<t>Status: Production</t>
<t>Implementation: adds SRH, performs END processing, no TLV
processing</t>
<t>Details: https://wiki.fd.io/view/VPP/Segment_Routing_for_IPv6 and
<xref target="I-D.filsfils-spring-srv6-interop"/></t>
</section>
<section anchor="IMPBAREFOOT" title="Barefoot">
<t>Name: Barefoot Networks Tofino NPU</t>
<t>Status: Prototype</t>
<t>Implementation: performs END processing, no TLV processing</t>
<t>Details: <xref target="I-D.filsfils-spring-srv6-interop"/></t> <displayreference target="I-D.ietf-intarea-tunnels" to="INTAREA-TUNNELS"/>
</section>
<section title="Juniper"> <references>
<t>Name: Juniper Networks Trio and vTrio NPU's</t> <name>References</name>
<references>
<name>Normative References</name>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
ence.RFC.2119.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
ence.RFC.8174.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
ence.RFC.8200.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
ence.RFC.5095.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
ence.RFC.6407.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
ence.RFC.8402.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
ence.RFC.2473.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
ence.RFC.4302.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
ence.RFC.2827.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
ence.RFC.2104.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
ence.RFC.6438.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
ence.RFC.6437.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
ence.RFC.4107.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
ence.RFC.3704.xml"/>
<t>Status: Prototype &amp; Experimental</t> <reference anchor="FIPS180-4" target="http://csrc.nist.gov/publications/
fips/fips180-4/fips-180-4.pdf">
<front>
<title>Secure Hash Standard (SHS)</title>
<author>
<organization>National Institute of Standards and Technology (NIST
)</organization>
</author>
<date month="August" year="2015"/>
</front>
<refcontent>FIPS PUB 180-4</refcontent>
<refcontent>DOI 10.6028/NIST.FIPS.180-4</refcontent>
</reference>
<reference anchor="IANA-SRHTLV" target="https://www.iana.org/assignmen
ts/ipv6-parameters/">
<front>
<title>Segment Routing Header TLVs</title>
<author>
<organization>IANA</organization>
</author>
</front>
</reference>
</references>
<t>Implementation: SRH insertion mode, Process SID where SID is an <references>
interface address, no TLV processing</t> <name>Informative References</name>
</section> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
ence.RFC.8126.xml"/>
<section title="Huawei"> <!-- I-D.draft-ietf-intarea-tunnels-10; IESG state I-D Exists -->
<t>Name: Huawei Systems VRP Platform</t> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml3/refe
rence.I-D.draft-ietf-intarea-tunnels-10.xml"/>
<t>Status: Production</t> <xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
ence.RFC.5340.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
ence.RFC.5308.xml"/>
<xi:include href="https://xml2rfc.tools.ietf.org/public/rfc/bibxml/refer
ence.RFC.4443.xml"/>
<t>Implementation: adds SRH, performs END processing, no TLV <reference anchor="SRN" target="https://inl.info.ucl.ac.be/system/files/
processing</t> sosr18-final15-embedfonts.pdf">
</section> <front>
</section> <title>Software Resolved Networks: Rethinking Enterprise Networks wi
th IPv6 Segment Routing</title>
<author fullname="David Lebrun"/>
<author fullname="Mathieu Jadin"/>
<author fullname="Francois Clad"/>
<author fullname="Clarence Filsfils"/>
<author fullname="Olivier Bonaventure"/>
<date year="2018"/>
</front>
</reference>
</references>
</references>
<section anchor="Contributors" title="Contributors"> <section anchor="Acknowledgements" numbered="false" toc="default">
<t>Kamran Raza, Zafar Ali, Brian Field, Daniel Bernier, Ida Leung, Jen <name>Acknowledgements</name>
Linkova, Ebben Aries, Tomoya Kosugi, Eric Vyncke, David Lebrun, Dirk <t>The authors would like to thank <contact fullname="Ole Troan"/>, <conta
Steinberg, Robert Raszuk, Dave Barach, John Brzozowski, Pierre Francois, ct fullname="Bob Hinden"/>, <contact fullname="Ron Bonica"/>,
Nagendra Kumar, Mark Townsley, Christian Martin, Roberta Maglione, James <contact fullname="Fred Baker"/>, <contact fullname="Brian Carpenter"/>, <
Connolly, Aloys Augustin contributed to the content of this contact fullname="Alexandru Petrescu"/>, <contact fullname="Punit Kumar Jaiswal"
/>,
<contact fullname="David Lebrun"/>, <contact fullname="Benjamin Kaduk"/>,
<contact fullname="Frank Xialiang"/>, <contact fullname="Mirja Kühlewind"/>, <co
ntact fullname="Roman
Danyliw"/>, <contact fullname="Joe Touch"/>, and <contact fullname="Magnus
Westerlund"/> for their comments to this
document.</t> document.</t>
</section> </section>
<section anchor="Contributors" numbered="false" toc="default">
<section anchor="Acknowledgements" title="Acknowledgements"> <name>Contributors</name>
<t>The authors would like to thank Ole Troan, Bob Hinden, Ron Bonica, <t><contact fullname="Kamran Raza"/>, <contact fullname="Zafar Ali"/>, <co
Fred Baker, Brian Carpenter, Alexandru Petrescu, Punit Kumar Jaiswal, ntact fullname="Brian Field"/>, <contact fullname="Daniel Bernier"/>, <contact f
David Lebrun, Benjamin Kaduk, Frank Xialiang, Mirja Kuhlewind, Roman ullname="Ida Leung"/>, <contact fullname="Jen
Danyliw, Joe Touch, and Magnus Westerlund for their comments to this Linkova"/>, <contact fullname="Ebben Aries"/>, <contact fullname="Tomoya K
osugi"/>, <contact fullname="Eric Vyncke"/>, <contact fullname="David Lebrun"/>,
<contact fullname="Dirk
Steinberg"/>, <contact fullname="Robert Raszuk"/>, <contact fullname="Dave
Barach"/>, <contact fullname="John Brzozowski"/>, <contact fullname="Pierre Fra
ncois"/>,
<contact fullname="Nagendra Kumar"/>, <contact fullname="Mark Townsley"/>,
<contact fullname="Christian Martin"/>, <contact fullname="Roberta Maglione"/>,
<contact fullname="James
Connolly"/>, and <contact fullname="Aloys Augustin"/> contributed to the c
ontent of this
document.</t> document.</t>
</section> </section>
</middle>
<back>
<references title="Normative References">
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.211
9.xml"?>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.817
4.xml"?>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.820
0.xml"?>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.509
5.xml"?>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.640
7.xml"?>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.840
2.xml"?>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.247
3.xml"?>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.430
2.xml"?>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.282
7.xml"?>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.210
4.xml"?>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.643
8.xml"?>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.643
7.xml"?>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.410
7.xml"?>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.370
4.xml"?>
<reference anchor="FIPS180-4"
target="http://csrc.nist.gov/publications/fips/fips180-4/fips-1
80-4.pdf">
<front>
<title>FIPS 180-4 Secure Hash Standard (SHS)</title>
<author>
<organization>National Institute of Standards and
Technology</organization>
</author>
<date month="March" year="2012"/>
</front>
</reference>
</references>
<references title="Informative References">
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.812
6.xml"?>
<?rfc include="reference.I-D.filsfils-spring-srv6-interop.xml"?>
<?rfc include="reference.I-D.ietf-intarea-tunnels.xml"?>
<?rfc include="reference.I-D.matsushima-spring-srv6-deployment-status.xml"
?>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.534
0.xml"?>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.530
8.xml"?>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.444
3.xml"?>
<reference anchor="SRN"
target="https://inl.info.ucl.ac.be/system/files/sosr18-final15-
embedfonts.pdf">
<front>
<title>Software Resolved Networks: Rethinking Enterprise Networks
with IPv6 Segment Routing</title>
<author fullname="David Lebrun"/>
<author fullname="Mathieu Jadin"/>
<author fullname="Francois Clad"/>
<author fullname="Clarence Filsfils"/>
<author fullname="Olivier Bonaventure"/>
<date year="2018"/>
</front>
</reference>
</references>
</back> </back>
</rfc> </rfc>
 End of changes. 261 change blocks. 
1024 lines changed or deleted 956 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/