RFC 9487 | IPFIX Segment Routing over IPv6 | November 2023 |
Graf, et al. | Standards Track | [Page] |
This document introduces new IP Flow Information Export (IPFIX) Information Elements (IEs) to identify a set of information related to Segment Routing over IPv6 (SRv6) such as data contained in a Segment Routing Header (SRH), the SRv6 control plane, and the SRv6 Endpoint behavior that traffic is being forwarded with.¶
This is an Internet Standards Track document.¶
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 7841.¶
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at https://www.rfc-editor.org/info/rfc9487.¶
Copyright (c) 2023 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
A dedicated Routing Extension Header, called "Segment Routing Header (SRH)", is defined in [RFC8754] for use of Segment Routing over IPv6 (SRv6) data plane.¶
Also, three routing protocol extensions, OSPFv3 [OSPFV3-SRV6-EXT], IS-IS [RFC9352], and BGP Prefix Segment Identifiers (Prefix-SIDs) [RFC8669]; the Path Computation Element Communication Protocol (PCEP) Extension [PCEP-SRV6-EXT]; and the Segment Routing Policy [RFC9256] are defined to propagate Segment Identifiers (SIDs).¶
SRv6 Segment Endpoint behaviors describe how packets should be processed by SRv6 Segment Endpoint Nodes. Such behaviors are defined in [RFC8986].¶
This document specifies eleven new IPFIX Information Elements (IEs) and one new subregistry within the "IPFIX Information Elements" registry [RFC7012], for SRv6 purposes.¶
These IEs are used to export the SRv6 active segment and its control plane protocol, the SRv6 Segment List, the next SRv6 node and its type, and the numbers of SRv6 segments left.¶
Some examples are provided in Appendix A.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
This document makes use of the terms defined in [RFC7011], [RFC8402], and [RFC8754].¶
The following terms are used as defined in [RFC7011]:¶
This section specifies the new IPFIX IPv6 SRH IEs.¶
Note that the srhSegmentIPv6, srhSegmentIPv6LocatorLength, and srhSegmentIPv6EndpointBehavior IPFIX IEs are generic fields to be used in the context of IPFIX Options Templates or IPFIX Structured Data [RFC6313].¶
The IPFIX IEs srhSegmentIPv6BasicList (496) or alternatively srhSegmentIPv6ListSection (497), srhActiveSegmentIPv6 (495), srhSegmentsIPv6Left (498), srhIPv6ActiveSegmentType (500), and forwardingStatus (89) [RFC7270] [IANA-IPFIX] as well as some existing counter information [IANA-IPFIX] provide answers to the following questions (amongst others):¶
IANA has added the following new IEs to the "IPFIX Information Elements" registry [RFC7012] at [IANA-IPFIX]:¶
ElementID | Name |
---|---|
492 | srhFlagsIPv6 |
493 | srhTagIPv6 |
494 | srhSegmentIPv6 |
495 | srhActiveSegmentIPv6 |
496 | srhSegmentIPv6BasicList |
497 | srhSegmentIPv6ListSection |
498 | srhSegmentsIPv6Left |
499 | srhIPv6Section |
500 | srhIPv6ActiveSegmentType |
501 | srhSegmentIPv6LocatorLength |
502 | srhSegmentIPv6EndpointBehavior |
IANA has created a new subregistry called "IPFIX IPv6 SRH Segment Type (Value 500)" under the "IPFIX Information Elements" registry [RFC7012] at [IANA-IPFIX].¶
The allocation policy of this new subregistry is Expert Review (Section 4.5 of [RFC8126]).¶
The designated experts for this registry should be familiar with SRH. The guidelines that are being followed by the designated experts for the "IPFIX Information Elements" registry should be followed for this subregistry. In particular, criteria that should be applied by the designated experts include determining whether the proposed registration duplicates existing entries and whether the registration description is clear and fits the purpose of this registry. Within the review period, the designated experts will either approve or deny the registration request, communicating this decision to IANA. Denials should include an explanation and, if applicable, suggestions as to how to make the request successful.¶
Initial values in the registry are defined in Table 2.¶
Value | Description | Reference |
---|---|---|
0 | Unknown | RFC 9487 |
1 | Segment Routing Policy | RFC 9487, [RFC9256] |
2 | Path Computation Element | RFC 9487, [PCEP-SRV6-EXT] |
3 | OSPFv3 Segment Routing | RFC 9487, [OSPFV3-SRV6-EXT] |
4 | IS-IS Segment Routing | RFC 9487, [RFC9352] |
5 | BGP Segment Routing Prefix-SID | RFC 9487, [RFC8669] |
The zero or more 128-bit IPv6 addresses in the SRH [RFC8754] can be exported in two different ways, with two different IPFIX IEs:¶
The srhSegmentIPv6BasicList encodes the SRv6 Segment List with a basicList, specified in the IPFIX Structured Data [RFC6313]. This encoding is an advantage for data collection since the different IPv6 addresses are already structured as a list, without the need of post-processing. However, this method requires some extra processing on the exporter to realize the basicList data mapping.¶
The srhSegmentIPv6ListSection, on the other hand, encodes the list of IPv6 addresses as an octetArray. This doesn't impose any data flow manipulation on the exporter, facilitating the immediate export. However, the data collection MUST be able to decode the IPv6 addresses according to the SR specifications. Compared to the srhSegmentIPv6BasicList, the srhSegmentIPv6ListSection flow records length is slightly reduced.¶
It is not expected that an exporter would support both srhSegmentIPv6BasicList and srhSegmentIPv6ListSection at the same time.¶
The SRv6 Segment List in the IPFIX IEs srhSegmentIPv6BasicList, srhSegmentIPv6ListSection, and destinationIPv6Address could contain compressed-SID containers as described in [SRV6-SRH-COM]. The SR Endpoint Flavors, as described in Section 4 of [SRV6-SRH-COM], define new flavors for SID Endpoint behaviors and determine wherever the Segment List encoding is compressed, along with the flavor. The SID Locator, as described in Section 3.1 of [RFC8986], determines the common most significant bits. By using described information from srhSegmentIPv6EndpointBehavior and srhSegmentIPv6LocatorLength, the compressed-SID containers can be decoded at the data collection.¶
There are no additional security considerations regarding allocation of these new IPFIX IEs compared to [RFC7012].¶
The IEs described in this document export provider plane data metrics on how packets are being forwarded within an SRv6 network. Applications and operators using the IEs described in this document must evaluate the sensitivity of this information in their implementation context and apply the data-at-rest storage guidance in Section 11.8 of [RFC7011] as appropriate.¶
This appendix represents three different encodings for the newly introduced IEs, for the example values in Table 3. The three different encodings use the following IEs, respectively: srhSegmentIPv6BasicList, srhSegmentIPv6ListSection, and srhIPv6Section.¶
SRH Nr | SRH Flags | SRH Tag | Active Segment Type | Segment List |
---|---|---|---|---|
1 | 0 | 123 | IS-IS [4] | 2001:db8::1, 2001:db8::2, 2001:db8::3 |
2 | 0 | 456 | IS-IS [4] | 2001:db8::4, 2001:db8::5 |
3 | 0 | 789 | IS-IS [4] | 2001:db8::6 |
With encoding in Figure 1, the examples in Table 3 are represented with the following IEs, where "=>" is used to indicate which IE is mapped to given information:¶
In this example, the Template ID is 256, which will be used in the Data Record. The field length for srhSegmentIPv6BasicList is 0xFFFF, which means the length of this IE is variable, and the actual length of this IE is indicated by the List Length field in the basicList format as per [RFC6313].¶
The data set is represented as follows:¶
With encoding in Figure 3, the examples in Table 3 are represented with the following IEs, where "=>" is used to indicate which IE is mapped to given information:¶
In this example, the Template ID is 257, which will be used in the Data Record. The field length for srhSegmentIPv6ListSection in the Template Record is 0xFFFF, which means that the length of this IE is variable: its actual length is encoded in the Data Set. Note that, with an actual length inferior to 255 in the Data Record example, the length field is encoded in 8 bits (Section 7 of [RFC7011]).¶
The data can be represented as follows:¶
With encoding in Figure 5, the examples in Table 3 are represented with the following IEs, where "=>" is used to indicate which IE is mapped to given information:¶
In this example, the Template ID is 258, which will be used in the Data Record. The field length for srhIPv6Section in the Template Record is 0xFFFF, which means that the length of this IE is variable: its actual length is encoded in the Data Set. Note that, with an actual length inferior to 255 in the Data Record example, the length field is encoded in 8 bits (Section 7 of [RFC7011]).¶
The data can be represented as follows:¶
(*) The Length must be calculated to include the optional Type Length Value objects.¶
This appendix provides an SRv6 Endpoint Behavior Options Template example, for the values presented in Table 4. In the Options Template case, the srhActiveSegmentIPv6 IE is a Scope field.¶
Entry Nr | SRH Endpoint IPv6 | SRH Endpoint Behavior | SRH Segment Locator Length |
---|---|---|---|
1 | 2001:db8::1 | End [1] | 48 |
2 | 2001:db8::4 | End with NEXT-CSID [43] | 48 |
3 | 2001:db8::6 | End.DX6 [16] | 48 |
In this example, the Template ID is 259, which will be used in the Data Record.¶
The data set is represented as follows:¶
(*) The Length must be calculated to include the optional Type Length Value objects.¶
The authors would like to thank Yao Liu, Eduard Vasilenko, Bruno Decraene, Mohamed Boucadair, Kamran Raza, Qin Wu, Jim Guichard, Tero Kivinen, Paul Aitken, Roman Danyliw, John Scudder, Éric Vyncke, Erik Kline, Lars Eggert, and Andrew Alston for their reviews and valuable comments. And thank you to Paolo Lucente and Alex Huang Feng for the implementation and validation.¶