SPRING Working Group W. Cheng Internet Draft China Mobile Intended status: Standards Track P. Ma Expires: January 01, 2025 China Telecom F. Ren China Unicom C. Lin New H3C Technologies L. Gong China Mobile S. Zadok Broadcom M.Wu CentecNetworks X. Wang Ruijie Networks Co., Ltd. July 02, 2024 Encoding Network Slice Identification for SRv6 draft-cheng-spring-srv6-encoding-network-sliceid-09 Abstract A Network Resource Partition (NRP) is a subset of the network resources and associated policies on each of a connected set of links in the underlay network. An NRP could be used as the underlay to support one or a group of enhanced VPN services. For packet forwarding in a specific NRP, some fields in the data packet are used to identify the NRP the packet belongs to, so that NRP-specific processing can be performed on each node along a path in the NRP. This document describes a novel method to encode NRP-ID in the outer IPv6 header of an SRv6 domain, which could be used to identify the NRP-specific processing to be performed on the packets by each network node along a network path in the NRP. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Cheng, et al. Expire January 01, 2025 [Page 1] Internet-Draft Encoding Network Slice Identification July 2024 Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html This Internet-Draft will expire on January 01, 2025. Copyright Notice Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction...................................................3 1.1. Requirements Language.....................................3 2. Slice Identifier...............................................3 3. SLID Assignment................................................4 4. Per-Slice Forwarding...........................................5 5. Example........................................................5 6. Backward Compatibility.........................................6 7. Acknowledgements...............................................7 8. Security Considerations........................................7 9. IANA Considerations............................................7 10. References....................................................7 10.1. Normative References.....................................7 10.2. Informative References...................................7 Authors' Addresses................................................9 Cheng, et al. Expires January 01, 2025 [Page 2] Internet-Draft Encoding Network Slice Identification July 2024 1. Introduction SRv6 Network Programming [RFC8986] enables the creation of overlays with underlay optimization to be deployed in an SR domain [RFC8402]. As defined in [RFC8754], all inter-domain packets are encapsulated for the part of the packet journey that is within the SR domain. The outer IPv6 header [RFC8200] is originated by a node of the SR domain and is destined to a node of the SR domain. Network slicing provides the ability to partition a physical network into multiple isolated logical networks of varying sizes, structures, and functions so that each slice can be dedicated to specific services or customers. [I-D.ietf-teas-ietf-network-slices] defines the term "IETF Network Slice" and establishes the general principles of network slicing in the IETF context. In a network that provides slicing services, the NRP-ID can be carried in the packet. In the process of packet forwarding, the routers on the forwarding path can extract NRP-ID from the packet, determine the NRP to which the packet belongs, and then forward the packet using the resources associated with the NRP. This document describes a novel method to encode NRP-ID in the outer IPv6 header of an SRv6 domain, which could be used to identify the NRP-specific processing to be performed on the packets by each network node along a network path in the NRP. 1.1. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. 2. Slice Identifier The Slice identifier (SLID) is a network slicing identifier encoded within the IPv6 packet that allows transit routers to apply the proper forwarding treatment with associated network resources. [I-D.ietf-teas-ietf-network-slices] defines the network resource mapped to the network slice as NRP (Network Resource Partition). A NRP may be associated with a unique IETF network slice or a group of slices. In this document, SLID also refers to NRP-ID, which is used to identify the network resource used in the forwarding process. Cheng, et al. Expires January 01, 2025 [Page 3] Internet-Draft Encoding Network Slice Identification July 2024 3. SLID Assignment When an SR domain enables network slicing, the ingress PE should reserve least significant bits in a local IPv6 address for slicing use. The number of bits used to encode SLID is governed by local policy and uniform within the SR domain. When a packet enters the SR domain from an ingress PE, the ingress PE encapsulates the packet in an outer IPv6 header and optional SRH as defined in [RFC8754]. The ingress PE MAY also classify the packet into a slice and set the slice identifier as follows: o Write this SLID in the least significant bits of source address of the outer IPv6 header. o Set the SLID Presence Indicator (SPI) in the outer IPv6 header. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Version| SPI (Option A)| Flow Label | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Payload Length | Next Header | Hop Limit | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | SPI (Option B) ~ | ++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- + | | + Source Address + | | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ~ SLID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + + | | + Destination Address + | | + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 1: Encoding of SLID and SPI The SPI is used to inform transit routers that a SLID is encoded in the packet. There are two possible places in the outer IPv6 header that may be used to encode SPI: Cheng, et al. Expires January 01, 2025 [Page 4] Internet-Draft Encoding Network Slice Identification July 2024 o SPI Option A - Traffic Class: The SPI is encoded as a specific bit in the Traffic Class field. The choice of the SPI bit is governed by local policy and uniform within the SR domain. Traffic Class +---------------+ | .....SPI Bit. | +---------------+ o SPI Option B - Source Address: The SPI is encoded as a specific prefix covering the Source Address. The assignment of the SPI prefix is governed by local policy and uniform within the SR domain. Furthermore, some bits in the SPI prefix can be masked, which provides greater flexibility for network administrators to plan IPv6 addresses. Source Address +------------+---------+---------+------+ | SPI Prefix | Node ID | Padding | SLID | +------------+---------+---------+------+ 4. Per-Slice Forwarding Any router within the SR domain that forwards a packet with SPI set uses the SLID to select a slice and apply per-slice policies. The most significant bit of SLID may be used to carry an S-flag, which is used to indicate whether the packet MUST be forwarded strictly using the network resource associated with the SLID. When the network resource associated with the SLID does not exist or is not available, if the S-flag is set to 1, the packet MUST be discarded, otherwise the packet SHOULD be forwarded using the default network resource or ignoring the SLID. +------------+ |S| SLID | +------------+ 5. Example Figure 2 shows an example of network slice packet forwarding using the proposed encoding method. Assume the SPI is encoded using option B as the SPI prefix in Source Address. Cheng, et al. Expires January 01, 2025 [Page 5] Internet-Draft Encoding Network Slice Identification July 2024 SPI prefix: AA::/64 +--------------+--------------+ | | | v v v +---+ +---+ +---+ +---+ +---+ |CE1|------|PE1|----------|P1 |----------|PE2|-----|CE2| +---+ +---+ +---+ +---+ +---+ ^ | IPv6 Addr: AA::1:0:0 (Lowest 32 bits reserved for SLID) +------------+ +------------+ | IPv6 | | IPv6 | |SA=AA::1:0:5| |SA=AA::1:0:5| +------------+ +------------+ | SRH | | SRH | +-------+ +------------+ +------------+ +-------+ |Payload| --> | Payload | --> | Payload | --> |Payload| +-------+ PE1 +------------+ P1 +------------+ PE2 +-------+ Figure 2: Packet Forwarding for Network Slice The PE and P routers are configured to use the prefix AA::/64 as SPI. The IPv6 address AA::1:0:0 is assigned to PE1 as the source address used for network slicing. And the lowest 32 bits of the address is reserved for SLID. PE1 encapsulates the network slice packet with an outer IPv6 header along with an SRH. The Source Address in the outer header is AA::1:0:5, in which the lowest 32 bits carries the SLID 5. P1 checks the Source Address and finds it matching the SPI prefix AA::/64. So, P1 parses SLID 5 from the Source Address, and uses the network resources associated with SLID 5 to forward the packet. PE2 decapsulates the outer IPv6 header and SRH. 6. Backward Compatibility PE routers that do not set the SPI do not enable the SLID semantic of the IPv6 source address bits. Hence, SLID-aware routers would not attempt to classify these packets into a slice. Any router that does not process the SPI nor the SLID forwards packets as usual. Cheng, et al. Expires January 01, 2025 [Page 6] Internet-Draft Encoding Network Slice Identification July 2024 7. Acknowledgements The authors would like to thank AAAA, BBBB and CCCC for their insightful feedback on this document. 8. Security Considerations TBD 9. IANA Considerations TBD 10. References 10.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, May 2017 [RFC8200] Deering, S., and Hinden, D., "Internet Protocol, Version 6 (IPv6) Specification", RFC 8200, DOI 10.17487/RFC8200, July 2017, . [RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L., Decraene, B., Litkowski, S., and R. Shakir, "Segment Routing Architecture", RFC 8402, DOI 10.17487/RFC8402, July 2018, . 10.2. Informative References [RFC8754] Filsfils, C., Ed., Dukes, D., Ed., Previdi, S., Leddy, J., Matsushima, S., and D. Voyer, "IPv6 Segment Routing Header (SRH)", RFC 8754, DOI 10.17487/RFC8754, March 2020, . [RFC8986] Filsfils, C., Ed., Camarillo, P., Ed., Leddy, J., Voyer, D., Matsushima, S., and Z. Li, "Segment Routing over IPv6 (SRv6) Network Programming", RFC 8986, DOI 10.17487/RFC8986, February 2021, . Cheng, et al. Expires January 01, 2025 [Page 7] Internet-Draft Encoding Network Slice Identification July 2024 [I-D.ietf-teas-ietf-network-slices] Farrel, A., Drake, J., Rokui, R., Homma, S., Makhijani, K., Contreras, L. M., and J. Tantsura, "Framework for IETF Network Slices", Work inProgress, Internet-Draft, draft-ietf-teas-ietf-network- slices-21, June 2023, . Cheng, et al. Expires January 01, 2025 [Page 8] Internet-Draft Encoding Network Slice Identification July 2024 Authors' Addresses Weiqiang Cheng China Mobile Beijing China Email: chengweiqiang@chinamobile.com Peiyong Ma China Telecom Guangzhou China Email: mapeiy@chinatelecom.cn Fenghua Ren China Unicom Beijing China Email: renfh3@chinaunicom.cn Changwang Lin New H3C Technologies Beijing China Email: linchangwang.04414@h3c.com Liyan Gong China Mobile Beijing China Email: gongliyan@chinamobile.com Shay Zadok Broadcom Israel Email: shay.zadok@broadcom.com Cheng, et al. Expires January 01, 2025 [Page 9] Internet-Draft Encoding Network Slice Identification July 2024 Mingyu Wu CentecNetworks Suzhou Industrial Park China Email: wumy@centec.com Xuewei Wang Ruijie Networks Co., Ltd. Beijing China Email: wangxuewei1@ruijie.com.cn Cheng, et al. Expires January 01, 2025 [Page 10]