rfc8754xml2.original.xml   rfc8754.xml 
<?xml version="1.0" encoding="US-ASCII"?> <?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd"> <rfc xmlns:xi="http://www.w3.org/2001/XInclude" version="3" category="std" conse
<?rfc toc="yes"?> nsus="true" docName="draft-ietf-6man-segment-routing-header-26" indexInclude="tr
<?rfc tocompact="yes"?> ue" ipr="trust200902" number="8754" prepTime="2020-03-13T22:03:40" scripts="Comm
<?rfc tocdepth="3"?> on,Latin" sortRefs="true" submissionType="IETF" symRefs="true" tocDepth="3" tocI
<?rfc tocindent="yes"?> nclude="true" xml:lang="en">
<?rfc symrefs="yes"?> <link href="https://datatracker.ietf.org/doc/draft-ietf-6man-segment-routing-h
<?rfc sortrefs="yes"?> eader-26" rel="prev"/>
<?rfc comments="yes"?> <link href="https://dx.doi.org/10.17487/rfc8754" rel="alternate"/>
<?rfc inline="yes"?> <link href="urn:issn:2070-1721" rel="alternate"/>
<?rfc compact="yes"?>
<?rfc subcompact="no"?>
<rfc category="std" docName="draft-ietf-6man-segment-routing-header-26"
ipr="trust200902">
<front> <front>
<title abbrev="IPv6 Segment Routing Header (SRH)">IPv6 Segment Routing <title abbrev="IPv6 Segment Routing Header (SRH)">IPv6 Segment Routing Heade
Header (SRH)</title> r (SRH)</title>
<seriesInfo name="RFC" value="8754" stream="IETF"/>
<author fullname="Clarence Filsfils" initials="C." role="editor" <author fullname="Clarence Filsfils" initials="C." role="editor" surname="Fi
surname="Filsfils"> lsfils">
<organization>Cisco Systems, Inc.</organization> <organization showOnFrontPage="true">Cisco Systems, Inc.</organization>
<address> <address>
<postal> <postal>
<street/> <street/>
<city>Brussels</city> <city>Brussels</city>
<region/> <region/>
<code/> <code/>
<country>BE</country> <country>BE</country>
</postal> </postal>
<email>cfilsfil@cisco.com</email> <email>cfilsfil@cisco.com</email>
</address> </address>
</author> </author>
<author fullname="Darren Dukes" initials="D." role="editor" surname="Dukes">
<author fullname="Darren Dukes" initials="D." role="editor" <organization showOnFrontPage="true">Cisco Systems, Inc.</organization>
surname="Dukes">
<organization>Cisco Systems, Inc.</organization>
<address> <address>
<postal> <postal>
<street/> <street/>
<city>Ottawa</city> <city>Ottawa</city>
<region/> <region/>
<code/> <code/>
<country>CA</country> <country>CA</country>
</postal> </postal>
<email>ddukes@cisco.com</email> <email>ddukes@cisco.com</email>
</address> </address>
</author> </author>
<author fullname="Stefano Previdi" initials="S." surname="Previdi"> <author fullname="Stefano Previdi" initials="S." surname="Previdi">
<organization>Huawei</organization> <organization showOnFrontPage="true">Huawei</organization>
<address> <address>
<postal> <postal>
<street/> <street/>
<city/> <city/>
<code/> <code/>
<country>Italy</country> <country>Italy</country>
</postal> </postal>
<email>stefano@previdi.net</email> <email>stefano@previdi.net</email>
</address> </address>
</author> </author>
<author fullname="John Leddy" initials="J." surname="Leddy"> <author fullname="John Leddy" initials="J." surname="Leddy">
<organization>Individual</organization> <organization showOnFrontPage="true">Individual</organization>
<address> <address>
<postal> <postal>
<street/> <street/>
<city/> <city/>
<region/> <region/>
<code/> <code/>
<country>US</country> <country>US</country>
</postal> </postal>
<email>john@leddy.net</email> <email>john@leddy.net</email>
</address> </address>
</author> </author>
<author fullname="Satoru Matsushima" initials="S." surname="Matsushima"> <author fullname="Satoru Matsushima" initials="S." surname="Matsushima">
<organization>Softbank</organization> <organization showOnFrontPage="true">SoftBank</organization>
<address> <address>
<email>satoru.matsushima@g.softbank.co.jp</email> <email>satoru.matsushima@g.softbank.co.jp</email>
</address> </address>
</author> </author>
<author fullname="Daniel Voyer" initials="D." surname="Voyer"> <author fullname="Daniel Voyer" initials="D." surname="Voyer">
<organization>Bell Canada</organization> <organization showOnFrontPage="true">Bell Canada</organization>
<address> <address>
<email>daniel.voyer@bell.ca</email> <email>daniel.voyer@bell.ca</email>
</address> </address>
</author> </author>
<date month="03" year="2020"/>
<date year="2019"/>
<workgroup>Network Working Group</workgroup> <workgroup>Network Working Group</workgroup>
<keyword>SRv6</keyword>
<abstract> <keyword>source-routing</keyword>
<t>Segment Routing can be applied to the IPv6 data plane using a new <keyword>network-programming</keyword>
type of Routing Extension Header called the Segment Routing Header. This <abstract pn="section-abstract">
document describes the Segment Routing Header and how it is used by <t pn="section-abstract-1">Segment Routing can be applied to the IPv6 data
Segment Routing capable nodes.</t> plane using a new
type of Routing Extension Header called the Segment Routing Header (SRH).
This
document describes the SRH and how it is used by nodes that are
Segment Routing (SR) capable.</t>
</abstract> </abstract>
<boilerplate>
<section anchor="status-of-memo" numbered="false" removeInRFC="false" toc=
"exclude" pn="section-boilerplate.1">
<name slugifiedName="name-status-of-this-memo">Status of This Memo</name
>
<t pn="section-boilerplate.1-1">
This is an Internet Standards Track document.
</t>
<t pn="section-boilerplate.1-2">
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by
the Internet Engineering Steering Group (IESG). Further
information on Internet Standards is available in Section 2 of
RFC 7841.
</t>
<t pn="section-boilerplate.1-3">
Information about the current status of this document, any
errata, and how to provide feedback on it may be obtained at
<eref target="https://www.rfc-editor.org/info/rfc8754" brackets="non
e"/>.
</t>
</section>
<section anchor="copyright" numbered="false" removeInRFC="false" toc="excl
ude" pn="section-boilerplate.2">
<name slugifiedName="name-copyright-notice">Copyright Notice</name>
<t pn="section-boilerplate.2-1">
Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved.
</t>
<t pn="section-boilerplate.2-2">
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(<eref target="https://trustee.ietf.org/license-info" brackets="none
"/>) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this
document must include Simplified BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Simplified BSD License.
</t>
</section>
</boilerplate>
<toc>
<section anchor="toc" numbered="false" removeInRFC="false" toc="exclude" p
n="section-toc.1">
<name slugifiedName="name-table-of-contents">Table of Contents</name>
<ul bare="true" empty="true" indent="2" spacing="compact" pn="section-to
c.1-1">
<li pn="section-toc.1-1.1">
<t keepWithNext="true" pn="section-toc.1-1.1.1"><xref derivedContent
="1" format="counter" sectionFormat="of" target="section-1"/>.  <xref derivedCon
tent="" format="title" sectionFormat="of" target="name-introduction">Introductio
n</xref></t>
<ul bare="true" empty="true" indent="2" spacing="compact" pn="sectio
n-toc.1-1.1.2">
<li pn="section-toc.1-1.1.2.1">
<t keepWithNext="true" pn="section-toc.1-1.1.2.1.1"><xref derive
dContent="1.1" format="counter" sectionFormat="of" target="section-1.1"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-terminology">
Terminology</xref></t>
</li>
<li pn="section-toc.1-1.1.2.2">
<t keepWithNext="true" pn="section-toc.1-1.1.2.2.1"><xref derive
dContent="1.2" format="counter" sectionFormat="of" target="section-1.2"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-requirements-
language">Requirements Language</xref></t>
</li>
</ul>
</li>
<li pn="section-toc.1-1.2">
<t keepWithNext="true" pn="section-toc.1-1.2.1"><xref derivedContent
="2" format="counter" sectionFormat="of" target="section-2"/>.  <xref derivedCon
tent="" format="title" sectionFormat="of" target="name-segment-routing-header">S
egment Routing Header</xref></t>
<ul bare="true" empty="true" indent="2" spacing="compact" pn="sectio
n-toc.1-1.2.2">
<li pn="section-toc.1-1.2.2.1">
<t keepWithNext="true" pn="section-toc.1-1.2.2.1.1"><xref derive
dContent="2.1" format="counter" sectionFormat="of" target="section-2.1"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-srh-tlvs">SRH
TLVs</xref></t>
<ul bare="true" empty="true" indent="2" spacing="compact" pn="se
ction-toc.1-1.2.2.1.2">
<li pn="section-toc.1-1.2.2.1.2.1">
<t keepWithNext="true" pn="section-toc.1-1.2.2.1.2.1.1"><xre
f derivedContent="2.1.1" format="counter" sectionFormat="of" target="section-2.1
.1"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-p
adding-tlvs">Padding TLVs</xref></t>
</li>
<li pn="section-toc.1-1.2.2.1.2.2">
<t keepWithNext="true" pn="section-toc.1-1.2.2.1.2.2.1"><xre
f derivedContent="2.1.2" format="counter" sectionFormat="of" target="section-2.1
.2"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-h
mac-tlv">HMAC TLV</xref></t>
</li>
</ul>
</li>
</ul>
</li>
<li pn="section-toc.1-1.3">
<t keepWithNext="true" pn="section-toc.1-1.3.1"><xref derivedContent
="3" format="counter" sectionFormat="of" target="section-3"/>.  <xref derivedCon
tent="" format="title" sectionFormat="of" target="name-sr-nodes">SR Nodes</xref>
</t>
<ul bare="true" empty="true" indent="2" spacing="compact" pn="sectio
n-toc.1-1.3.2">
<li pn="section-toc.1-1.3.2.1">
<t keepWithNext="true" pn="section-toc.1-1.3.2.1.1"><xref derive
dContent="3.1" format="counter" sectionFormat="of" target="section-3.1"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-sr-source-nod
e">SR Source Node</xref></t>
</li>
<li pn="section-toc.1-1.3.2.2">
<t keepWithNext="true" pn="section-toc.1-1.3.2.2.1"><xref derive
dContent="3.2" format="counter" sectionFormat="of" target="section-3.2"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-transit-node"
>Transit Node</xref></t>
</li>
<li pn="section-toc.1-1.3.2.3">
<t keepWithNext="true" pn="section-toc.1-1.3.2.3.1"><xref derive
dContent="3.3" format="counter" sectionFormat="of" target="section-3.3"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-sr-segment-en
dpoint-node">SR Segment Endpoint Node</xref></t>
</li>
</ul>
</li>
<li pn="section-toc.1-1.4">
<t keepWithNext="true" pn="section-toc.1-1.4.1"><xref derivedContent
="4" format="counter" sectionFormat="of" target="section-4"/>.  <xref derivedCon
tent="" format="title" sectionFormat="of" target="name-packet-processing">Packet
Processing</xref></t>
<ul bare="true" empty="true" indent="2" spacing="compact" pn="sectio
n-toc.1-1.4.2">
<li pn="section-toc.1-1.4.2.1">
<t keepWithNext="true" pn="section-toc.1-1.4.2.1.1"><xref derive
dContent="4.1" format="counter" sectionFormat="of" target="section-4.1"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-sr-source-nod
e-2">SR Source Node</xref></t>
<ul bare="true" empty="true" indent="2" spacing="compact" pn="se
ction-toc.1-1.4.2.1.2">
<li pn="section-toc.1-1.4.2.1.2.1">
<t keepWithNext="true" pn="section-toc.1-1.4.2.1.2.1.1"><xre
f derivedContent="4.1.1" format="counter" sectionFormat="of" target="section-4.1
.1"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-r
educed-srh">Reduced SRH</xref></t>
</li>
</ul>
</li>
<li pn="section-toc.1-1.4.2.2">
<t keepWithNext="true" pn="section-toc.1-1.4.2.2.1"><xref derive
dContent="4.2" format="counter" sectionFormat="of" target="section-4.2"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-transit-node-
2">Transit Node</xref></t>
</li>
<li pn="section-toc.1-1.4.2.3">
<t keepWithNext="true" pn="section-toc.1-1.4.2.3.1"><xref derive
dContent="4.3" format="counter" sectionFormat="of" target="section-4.3"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-sr-segment-en
dpoint-node-2">SR Segment Endpoint Node</xref></t>
<ul bare="true" empty="true" indent="2" spacing="compact" pn="se
ction-toc.1-1.4.2.3.2">
<li pn="section-toc.1-1.4.2.3.2.1">
<t keepWithNext="true" pn="section-toc.1-1.4.2.3.2.1.1"><xre
f derivedContent="4.3.1" format="counter" sectionFormat="of" target="section-4.3
.1"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-f
ib-entry-is-a-locally-inst">FIB Entry Is a Locally Instantiated SRv6 SID</xref><
/t>
</li>
<li pn="section-toc.1-1.4.2.3.2.2">
<t keepWithNext="true" pn="section-toc.1-1.4.2.3.2.2.1"><xre
f derivedContent="4.3.2" format="counter" sectionFormat="of" target="section-4.3
.2"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-f
ib-entry-is-a-local-interf">FIB Entry Is a Local Interface</xref></t>
</li>
<li pn="section-toc.1-1.4.2.3.2.3">
<t keepWithNext="true" pn="section-toc.1-1.4.2.3.2.3.1"><xre
f derivedContent="4.3.3" format="counter" sectionFormat="of" target="section-4.3
.3"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-f
ib-entry-is-a-nonlocal-rou">FIB Entry Is a Nonlocal Route</xref></t>
</li>
<li pn="section-toc.1-1.4.2.3.2.4">
<t keepWithNext="true" pn="section-toc.1-1.4.2.3.2.4.1"><xre
f derivedContent="4.3.4" format="counter" sectionFormat="of" target="section-4.3
.4"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-f
ib-entry-is-a-no-match">FIB Entry Is a No Match</xref></t>
</li>
</ul>
</li>
</ul>
</li>
<li pn="section-toc.1-1.5">
<t keepWithNext="true" pn="section-toc.1-1.5.1"><xref derivedContent
="5" format="counter" sectionFormat="of" target="section-5"/>.  <xref derivedCon
tent="" format="title" sectionFormat="of" target="name-intra-sr-domain-deploymen
t-">Intra-SR-Domain Deployment Model</xref></t>
<ul bare="true" empty="true" indent="2" spacing="compact" pn="sectio
n-toc.1-1.5.2">
<li pn="section-toc.1-1.5.2.1">
<t keepWithNext="true" pn="section-toc.1-1.5.2.1.1"><xref derive
dContent="5.1" format="counter" sectionFormat="of" target="section-5.1"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-securing-the-
sr-domain">Securing the SR Domain</xref></t>
</li>
<li pn="section-toc.1-1.5.2.2">
<t keepWithNext="true" pn="section-toc.1-1.5.2.2.1"><xref derive
dContent="5.2" format="counter" sectionFormat="of" target="section-5.2"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-sr-domain-as-
a-single-syste">SR Domain as a Single System with Delegation among Components</x
ref></t>
</li>
<li pn="section-toc.1-1.5.2.3">
<t keepWithNext="true" pn="section-toc.1-1.5.2.3.1"><xref derive
dContent="5.3" format="counter" sectionFormat="of" target="section-5.3"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-mtu-considera
tions">MTU Considerations</xref></t>
</li>
<li pn="section-toc.1-1.5.2.4">
<t keepWithNext="true" pn="section-toc.1-1.5.2.4.1"><xref derive
dContent="5.4" format="counter" sectionFormat="of" target="section-5.4"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-icmp-error-pr
ocessing">ICMP Error Processing</xref></t>
</li>
<li pn="section-toc.1-1.5.2.5">
<t keepWithNext="true" pn="section-toc.1-1.5.2.5.1"><xref derive
dContent="5.5" format="counter" sectionFormat="of" target="section-5.5"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-load-balancin
g-and-ecmp">Load Balancing and ECMP</xref></t>
</li>
<li pn="section-toc.1-1.5.2.6">
<t keepWithNext="true" pn="section-toc.1-1.5.2.6.1"><xref derive
dContent="5.6" format="counter" sectionFormat="of" target="section-5.6"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-other-deploym
ents">Other Deployments</xref></t>
</li>
</ul>
</li>
<li pn="section-toc.1-1.6">
<t keepWithNext="true" pn="section-toc.1-1.6.1"><xref derivedContent
="6" format="counter" sectionFormat="of" target="section-6"/>.  <xref derivedCon
tent="" format="title" sectionFormat="of" target="name-illustrations">Illustrati
ons</xref></t>
<ul bare="true" empty="true" indent="2" spacing="compact" pn="sectio
n-toc.1-1.6.2">
<li pn="section-toc.1-1.6.2.1">
<t keepWithNext="true" pn="section-toc.1-1.6.2.1.1"><xref derive
dContent="6.1" format="counter" sectionFormat="of" target="section-6.1"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-abstract-repr
esentation-of-">Abstract Representation of an SRH</xref></t>
</li>
<li pn="section-toc.1-1.6.2.2">
<t keepWithNext="true" pn="section-toc.1-1.6.2.2.1"><xref derive
dContent="6.2" format="counter" sectionFormat="of" target="section-6.2"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-example-topol
ogy">Example Topology</xref></t>
</li>
<li pn="section-toc.1-1.6.2.3">
<t keepWithNext="true" pn="section-toc.1-1.6.2.3.1"><xref derive
dContent="6.3" format="counter" sectionFormat="of" target="section-6.3"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-sr-source-nod
e-3">SR Source Node</xref></t>
<ul bare="true" empty="true" indent="2" spacing="compact" pn="se
ction-toc.1-1.6.2.3.2">
<li pn="section-toc.1-1.6.2.3.2.1">
<t keepWithNext="true" pn="section-toc.1-1.6.2.3.2.1.1"><xre
f derivedContent="6.3.1" format="counter" sectionFormat="of" target="section-6.3
.1"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-i
ntra-sr-domain-packet">Intra-SR-Domain Packet</xref></t>
</li>
<li pn="section-toc.1-1.6.2.3.2.2">
<t keepWithNext="true" pn="section-toc.1-1.6.2.3.2.2.1"><xre
f derivedContent="6.3.2" format="counter" sectionFormat="of" target="section-6.3
.2"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-i
nter-sr-domain-packet-tran">Inter-SR-Domain Packet -- Transit</xref></t>
</li>
<li pn="section-toc.1-1.6.2.3.2.3">
<t keepWithNext="true" pn="section-toc.1-1.6.2.3.2.3.1"><xre
f derivedContent="6.3.3" format="counter" sectionFormat="of" target="section-6.3
.3"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-i
nter-sr-domain-packet-inte">Inter-SR-Domain Packet -- Internal to External</xref
></t>
</li>
</ul>
</li>
<li pn="section-toc.1-1.6.2.4">
<t keepWithNext="true" pn="section-toc.1-1.6.2.4.1"><xref derive
dContent="6.4" format="counter" sectionFormat="of" target="section-6.4"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-transit-node-
3">Transit Node</xref></t>
</li>
<li pn="section-toc.1-1.6.2.5">
<t keepWithNext="true" pn="section-toc.1-1.6.2.5.1"><xref derive
dContent="6.5" format="counter" sectionFormat="of" target="section-6.5"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-sr-segment-en
dpoint-node-3">SR Segment Endpoint Node</xref></t>
</li>
<li pn="section-toc.1-1.6.2.6">
<t keepWithNext="true" pn="section-toc.1-1.6.2.6.1"><xref derive
dContent="6.6" format="counter" sectionFormat="of" target="section-6.6"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-delegation-of
-function-with">Delegation of Function with HMAC Verification</xref></t>
<ul bare="true" empty="true" indent="2" spacing="compact" pn="se
ction-toc.1-1.6.2.6.2">
<li pn="section-toc.1-1.6.2.6.2.1">
<t keepWithNext="true" pn="section-toc.1-1.6.2.6.2.1.1"><xre
f derivedContent="6.6.1" format="counter" sectionFormat="of" target="section-6.6
.1"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-s
id-list-verification">SID List Verification</xref></t>
</li>
</ul>
</li>
</ul>
</li>
<li pn="section-toc.1-1.7">
<t keepWithNext="true" pn="section-toc.1-1.7.1"><xref derivedContent
="7" format="counter" sectionFormat="of" target="section-7"/>.  <xref derivedCon
tent="" format="title" sectionFormat="of" target="name-security-considerations">
Security Considerations</xref></t>
<ul bare="true" empty="true" indent="2" spacing="compact" pn="sectio
n-toc.1-1.7.2">
<li pn="section-toc.1-1.7.2.1">
<t keepWithNext="true" pn="section-toc.1-1.7.2.1.1"><xref derive
dContent="7.1" format="counter" sectionFormat="of" target="section-7.1"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-sr-attacks">S
R Attacks</xref></t>
</li>
<li pn="section-toc.1-1.7.2.2">
<t keepWithNext="true" pn="section-toc.1-1.7.2.2.1"><xref derive
dContent="7.2" format="counter" sectionFormat="of" target="section-7.2"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-service-theft
">Service Theft</xref></t>
</li>
<li pn="section-toc.1-1.7.2.3">
<t keepWithNext="true" pn="section-toc.1-1.7.2.3.1"><xref derive
dContent="7.3" format="counter" sectionFormat="of" target="section-7.3"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-topology-disc
losure">Topology Disclosure</xref></t>
</li>
<li pn="section-toc.1-1.7.2.4">
<t keepWithNext="true" pn="section-toc.1-1.7.2.4.1"><xref derive
dContent="7.4" format="counter" sectionFormat="of" target="section-7.4"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-icmp-generati
on">ICMP Generation</xref></t>
</li>
<li pn="section-toc.1-1.7.2.5">
<t keepWithNext="true" pn="section-toc.1-1.7.2.5.1"><xref derive
dContent="7.5" format="counter" sectionFormat="of" target="section-7.5"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-applicability
-of-ah">Applicability of AH</xref></t>
</li>
</ul>
</li>
<li pn="section-toc.1-1.8">
<t keepWithNext="true" pn="section-toc.1-1.8.1"><xref derivedContent
="8" format="counter" sectionFormat="of" target="section-8"/>.  <xref derivedCon
tent="" format="title" sectionFormat="of" target="name-iana-considerations">IANA
Considerations</xref></t>
<ul bare="true" empty="true" indent="2" spacing="compact" pn="sectio
n-toc.1-1.8.2">
<li pn="section-toc.1-1.8.2.1">
<t keepWithNext="true" pn="section-toc.1-1.8.2.1.1"><xref derive
dContent="8.1" format="counter" sectionFormat="of" target="section-8.1"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-segment-routi
ng-header-flag">Segment Routing Header Flags Registry</xref></t>
</li>
<li pn="section-toc.1-1.8.2.2">
<t keepWithNext="true" pn="section-toc.1-1.8.2.2.1"><xref derive
dContent="8.2" format="counter" sectionFormat="of" target="section-8.2"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-segment-routi
ng-header-tlvs">Segment Routing Header TLVs Registry</xref></t>
</li>
</ul>
</li>
<li pn="section-toc.1-1.9">
<t keepWithNext="true" pn="section-toc.1-1.9.1"><xref derivedContent
="9" format="counter" sectionFormat="of" target="section-9"/>.  <xref derivedCon
tent="" format="title" sectionFormat="of" target="name-references">References</x
ref></t>
<ul bare="true" empty="true" indent="2" spacing="compact" pn="sectio
n-toc.1-1.9.2">
<li pn="section-toc.1-1.9.2.1">
<t keepWithNext="true" pn="section-toc.1-1.9.2.1.1"><xref derive
dContent="9.1" format="counter" sectionFormat="of" target="section-9.1"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-normative-ref
erences">Normative References</xref></t>
</li>
<li pn="section-toc.1-1.9.2.2">
<t keepWithNext="true" pn="section-toc.1-1.9.2.2.1"><xref derive
dContent="9.2" format="counter" sectionFormat="of" target="section-9.2"/>.  <xre
f derivedContent="" format="title" sectionFormat="of" target="name-informative-r
eferences">Informative References</xref></t>
</li>
</ul>
</li>
<li pn="section-toc.1-1.10">
<t keepWithNext="true" pn="section-toc.1-1.10.1"><xref derivedConten
t="" format="none" sectionFormat="of" target="section-appendix.a"/><xref derived
Content="" format="title" sectionFormat="of" target="name-acknowledgements">Ackn
owledgements</xref></t>
</li>
<li pn="section-toc.1-1.11">
<t keepWithNext="true" pn="section-toc.1-1.11.1"><xref derivedConten
t="" format="none" sectionFormat="of" target="section-appendix.b"/><xref derived
Content="" format="title" sectionFormat="of" target="name-contributors">Contribu
tors</xref></t>
</li>
<li pn="section-toc.1-1.12">
<t keepWithNext="true" pn="section-toc.1-1.12.1"><xref derivedConten
t="" format="none" sectionFormat="of" target="section-appendix.c"/><xref derived
Content="" format="title" sectionFormat="of" target="name-authors-addresses">Aut
hors' Addresses</xref></t>
</li>
</ul>
</section>
</toc>
</front> </front>
<middle> <middle>
<section anchor="INTRO" title="Introduction"> <section anchor="INTRO" numbered="true" toc="include" removeInRFC="false" pn
<t>Segment Routing can be applied to the IPv6 data plane using a new ="section-1">
type of Routing Header called the Segment Routing Header. This document <name slugifiedName="name-introduction">Introduction</name>
describes the Segment Routing Header and how it is used by Segment <t pn="section-1-1">Segment Routing (SR) can be applied to the IPv6 data p
Routing capable nodes.</t> lane using a new
type of routing header called the Segment Routing Header (SRH). This docum
<t>The Segment Routing Architecture <xref target="RFC8402"/> describes ent
Segment Routing and its instantiation in two data planes; MPLS and describes the SRH and how it is used by nodes that are SR capable.</t>
<t pn="section-1-2">"Segment Routing Architecture" <xref target="RFC8402"
format="default" sectionFormat="of" derivedContent="RFC8402"/> describes
Segment Routing and its instantiation in two data planes: MPLS and
IPv6.</t> IPv6.</t>
<t pn="section-1-3">The encoding of IPv6 segments in the SRH is
<t>The encoding of IPv6 segments in the Segment Routing Header is
defined in this document.</t> defined in this document.</t>
<section anchor="TERMS" numbered="true" toc="include" removeInRFC="false"
<t>This document uses the terms Segment Routing, SR Domain, SRv6, pn="section-1.1">
Segment ID (SID), SRv6 SID, Active Segment, and SR Policy as defined in <name slugifiedName="name-terminology">Terminology</name>
<xref target="RFC8402"/>.</t> <t pn="section-1.1-1">This document uses the terms Segment Routing (SR),
SR domain, SR over
<section title="Requirements Language"> IPv6 (SRv6), Segment Identifier (SID), SRv6 SID, Active Segment, and SR Po
<t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", licy as defined in
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and <xref target="RFC8402" format="default" sectionFormat="of" derivedContent=
"OPTIONAL" in this document are to be interpreted as described in BCP "RFC8402"/>.</t>
14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only </section>
when, they appear in all capitals, as shown here.</t> <section numbered="true" toc="include" removeInRFC="false" pn="section-1.2
">
<name slugifiedName="name-requirements-language">Requirements Language</
name>
<t pn="section-1.2-1">
The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>",
"<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL NOT</bcp14>
", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>",
"<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>",
"<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are to
be interpreted as
described in BCP 14 <xref target="RFC2119" format="default" sectionFormat="o
f" derivedContent="RFC2119"/> <xref target="RFC8174" format="default" sectionFor
mat="of" derivedContent="RFC8174"/>
when, and only when, they appear in all capitals, as shown here.
</t>
</section> </section>
</section> </section>
<section anchor="SRH" numbered="true" toc="include" removeInRFC="false" pn="
<section anchor="SRH" title="Segment Routing Header"> section-2">
<t>Routing Headers are defined in <xref target="RFC8200"/>. The Segment <name slugifiedName="name-segment-routing-header">Segment Routing Header</
Routing Header has a new Routing Type (suggested value 4) to be assigned name>
by IANA.</t> <t pn="section-2-1">Routing headers are defined in <xref target="RFC8200"
format="default" sectionFormat="of" derivedContent="RFC8200"/>. The Segment
<t>The Segment Routing Header (SRH) is defined as follows:<figure Routing Header (SRH) has a new Routing Type (4).</t>
align="left" anchor="SRHFIG" suppress-title="true"> <t pn="section-2-2">The SRH is defined as follows:</t>
<artwork> <artwork name="" type="" align="left" alt="" pn="section-2-3">
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Next Header | Hdr Ext Len | Routing Type | Segments Left | | Next Header | Hdr Ext Len | Routing Type | Segments Left |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Last Entry | Flags | Tag | | Last Entry | Flags | Tag |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
| Segment List[0] (128 bits IPv6 address) | | Segment List[0] (128-bit IPv6 address) |
| | | |
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
| | | |
... ...
| | | |
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
| Segment List[n] (128 bits IPv6 address) | | Segment List[n] (128-bit IPv6 address) |
| | | |
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// // // //
// Optional Type Length Value objects (variable) // // Optional Type Length Value objects (variable) //
// // // //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork>
where:</artwork> <t pn="section-2-4">where:</t>
</figure><list style="symbols"> <dl spacing="normal" newline="false" pn="section-2-5">
<t>Next Header: Defined in <xref target="RFC8200"/> Section 4.4</t> <dt pn="section-2-5.1">Next Header:</dt>
<dd pn="section-2-5.2">Defined in <xref target="RFC8200" sectionFormat="
<t>Hdr Ext Len: Defined in <xref target="RFC8200"/> Section 4.4</t> comma" section="4.4" format="default" derivedLink="https://rfc-editor.org/rfc/rf
c8200#section-4.4" derivedContent="RFC8200"/>.</dd>
<t>Routing Type: TBD, to be assigned by IANA (suggested value: <dt pn="section-2-5.3">Hdr Ext Len:</dt>
4).</t> <dd pn="section-2-5.4">Defined in <xref target="RFC8200" sectionFormat="
comma" section="4.4" format="default" derivedLink="https://rfc-editor.org/rfc/rf
<t>Segments Left: Defined in <xref target="RFC8200"/> Section c8200#section-4.4" derivedContent="RFC8200"/>.</dd>
4.4</t> <dt pn="section-2-5.5">Routing Type:</dt>
<dd pn="section-2-5.6">4.</dd>
<t>Last Entry: contains the index (zero based), in the Segment List, <dt pn="section-2-5.7">Segments Left:</dt>
of the last element of the Segment List.</t> <dd pn="section-2-5.8">Defined in <xref target="RFC8200" sectionFormat="
comma" section="4.4" format="default" derivedLink="https://rfc-editor.org/rfc/rf
<t>Flags: 8 bits of flags. <xref target="SRHFLAGSREG"/> creates an c8200#section-4.4" derivedContent="RFC8200"/>.</dd>
<dt pn="section-2-5.9">Last Entry:</dt>
<dd pn="section-2-5.10">contains the index (zero based), in the Segment
List,
of the last element of the Segment List.</dd>
<dt pn="section-2-5.11">Flags:</dt>
<dd pn="section-2-5.12">8 bits of flags. <xref target="SRHFLAGSREG" form
at="default" sectionFormat="of" derivedContent="Section 8.1"/> creates an
IANA registry for new flags to be defined. The following flags are IANA registry for new flags to be defined. The following flags are
defined:<figure align="left" anchor="SRHFLAGS" suppress-title="true"> defined:</dd>
<artwork align="left"> </dl>
<artwork align="left" name="" type="" alt="" pn="section-2-6">
0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
|U U U U U U U U| |U U U U U U U U|
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
</artwork> </artwork>
</figure><list style="hanging"> <dl newline="false" spacing="normal" pn="section-2-7">
<t>U: Unused and for future use. MUST be 0 on transmission and <dt pn="section-2-7.1"/>
ignored on receipt.</t> <dd pn="section-2-7.2">U: Unused and for future use. <bcp14>MUST</bcp14>
</list></t> be 0 on transmission and
ignored on receipt.</dd>
<t>Tag: tag a packet as part of a class or group of packets, e.g., </dl>
packets sharing the same set of properties. When tag is not used at <dl spacing="normal" newline="false" pn="section-2-8">
source it MUST be set to zero on transmission. When tag is not used <dt pn="section-2-8.1">Tag:</dt>
during SRH Processing it SHOULD be ignored. Tag is not used when <dd pn="section-2-8.2">Tag a packet as part of a class or group of packe
processing the SID defined in <xref target="pktENDSID"/>. It may be ts -- e.g.,
packets sharing the same set of properties. When Tag is not used at th
e
source, it <bcp14>MUST</bcp14> be set to zero on transmission. When
Tag is not used during SRH processing, it <bcp14>SHOULD</bcp14> be
ignored. Tag is not used when
processing the SID defined in <xref target="pktENDSID" format="default
" sectionFormat="of" derivedContent="Section 4.3.1"/>. It may be
used when processing other SIDs that are not defined in this used when processing other SIDs that are not defined in this
document. The allocation and use of tag is outside the scope of this document. The allocation and use of tag is outside the scope of this
document.</t> document.</dd>
<dt pn="section-2-8.3">Segment List[0..n]:</dt>
<t>Segment List[n]: 128 bit IPv6 addresses representing the nth <dd pn="section-2-8.4">128-bit IPv6 addresses representing the nth
segment in the Segment List. The Segment List is encoded starting segment in the Segment List. The Segment List is encoded starting
from the last segment of the SR Policy. I.e., the first element of from the last segment of the SR Policy. That is, the first element of
the segment list (Segment List [0]) contains the last segment of the the Segment List (Segment List[0]) contains the last segment of the
SR Policy, the second element contains the penultimate segment of SR Policy, the second element contains the penultimate segment of
the SR Policy and so on.</t> the SR Policy, and so on.</dd>
<dt pn="section-2-8.5">TLV:</dt>
<t>Type Length Value (TLV) are described in <xref <dd pn="section-2-8.6">Type Length Value (TLV) is described in <xref tar
target="TLVS"/>.</t> get="TLVS" format="default" sectionFormat="of" derivedContent="Section 2.1"/>.</
</list></t> dd>
</dl>
<t>In the SRH, the Next Header, Hdr Ext Len, Routing Type, and Segments <t pn="section-2-9">In the SRH, the Next Header, Hdr Ext Len, Routing Type
Left fields are defined in Section 4.4 of <xref target="RFC8200"/>. , and Segments
Left fields are defined in <xref target="RFC8200" sectionFormat="of" secti
on="4.4" format="default" derivedLink="https://rfc-editor.org/rfc/rfc8200#sectio
n-4.4" derivedContent="RFC8200"/>.
Based on the constraints in that section, Next Header, Header Ext Len, Based on the constraints in that section, Next Header, Header Ext Len,
and Routing Type are not mutable while Segments Left is mutable.</t> and Routing Type are not mutable while Segments Left is mutable.</t>
<t pn="section-2-10">The mutability of the TLV value is defined by the mos
<t>The mutability of the TLV value is defined by the most significant t significant
bit in the type, as specified in <xref target="TLVS"/>.</t> bit in the type, as specified in <xref target="TLVS" format="default" sect
ionFormat="of" derivedContent="Section 2.1"/>.</t>
<t><xref target="ENDSID"/> defines the mutability of the remaining <t pn="section-2-11"><xref target="ENDSID" format="default" sectionFormat=
"of" derivedContent="Section 4.3"/> defines the mutability of the remaining
fields in the SRH (Flags, Tag, Segment List) in the context of the SID fields in the SRH (Flags, Tag, Segment List) in the context of the SID
defined in this document.</t> defined in this document.</t>
<t pn="section-2-12">New SIDs defined in the future <bcp14>MUST</bcp14> sp
<t>New SIDs defined in the future MUST specify the mutability properties ecify the mutability properties
of the Flags, Tag, and Segment List and indicate how the HMAC TLV (<xref of the Flags, Tag, and Segment List and indicate how the Hashed Message
target="HMACTLV"/>) verification works. Note, that in effect these Authentication Code (HMAC) TLV (<xref target="HMACTLV" format="default" se
ctionFormat="of" derivedContent="Section 2.1.2"/>) verification works. Note that
, in effect, these
fields are mutable.</t> fields are mutable.</t>
<t pn="section-2-13">Consistent with the SR model, the source of the SRH
<t>Consistent with the source routing model, the source of the SRH always knows how to set the Segment List, Flags, Tag, and TLVs of the SRH
always knows how to set the segment list, Flags, Tag and TLVs of the SRH for use within the SR domain. How it achieves this is outside the scope
for use within the SR Domain. How it achieves this is outside the scope of this document but may be based on topology, available SIDs and their
of this document, but may be based on topology, available SIDs and their
mutability properties, the SRH mutability requirements of the mutability properties, the SRH mutability requirements of the
destination, or any other information.</t> destination, or any other information.</t>
<section anchor="TLVS" numbered="true" toc="include" removeInRFC="false" p
<section anchor="TLVS" title="SRH TLVs"> n="section-2.1">
<t>This section defines TLVs of the Segment Routing Header.</t> <name slugifiedName="name-srh-tlvs">SRH TLVs</name>
<t pn="section-2.1-1">This section defines TLVs of the Segment Routing H
<t>A TLV provides meta-data for segment processing. The only TLVs eader.</t>
defined in this document are the HMAC (<xref target="HMACTLV"/>) and <t pn="section-2.1-2">A TLV provides metadata for segment processing. Th
PAD (<xref target="PADDINGTLV"/>) TLVs. While processing the SID e only TLVs
defined in <xref target="pktENDSID"/>, all TLVs are ignored unless defined in this document are the HMAC (<xref target="HMACTLV" format="de
local configuration indicates otherwise (<xref target="TLVPROCESS"/>). fault" sectionFormat="of" derivedContent="Section 2.1.2"/>) and
Thus, TLV and HMAC support is optional for any implementation, padding TLVs (<xref target="PADDINGTLV" format="default" sectionFormat="
however, an implementation adding or parsing TLVs MUST support PAD of" derivedContent="Section 2.1.1"/>). While processing the SID
defined in <xref target="pktENDSID" format="default" sectionFormat="of"
derivedContent="Section 4.3.1"/>, all TLVs are ignored unless
local configuration indicates otherwise (<xref target="TLVPROCESS" forma
t="default" sectionFormat="of" derivedContent="Section 4.3.1.1.1"/>).
Thus, TLV and HMAC support is optional for any implementation;
however, an implementation adding or parsing TLVs <bcp14>MUST</bcp14> su
pport PAD
TLVs. Other documents may define additional TLVs and processing rules TLVs. Other documents may define additional TLVs and processing rules
for them.</t> for them.</t>
<t pn="section-2.1-3">TLVs are present when the Hdr Ext Len is greater t
<t>TLVs are present when the Hdr Ext Len is greater than (Last han (Last
Entry+1)*2.</t> Entry+1)*2.</t>
<t pn="section-2.1-4">While processing TLVs at a segment endpoint, TLVs
<t>While processing TLVs at a segment endpoint, TLVs MUST be fully <bcp14>MUST</bcp14> be fully
contained within the SRH as determined by the Hdr Ext Len. Detection contained within the SRH as determined by the Hdr Ext
Len.  Detection
of TLVs exceeding the boundary of the SRH Hdr Ext Len results in an of TLVs exceeding the boundary of the SRH Hdr Ext Len results in an
ICMP Parameter Problem, Code 0, message to the Source Address, ICMP Parameter Problem, Code 0, message to the Source Address,
pointing to the Hdr Ext Len field of the SRH, and the packet being pointing to the Hdr Ext Len field of the SRH, and the packet being
discarded.</t> discarded.</t>
<t pn="section-2.1-5">An implementation <bcp14>MAY</bcp14> limit the num
<t>An implementation MAY limit the number and/or length of TLVs it ber and/or length of TLVs it
processes based on local configuration. It MAY:<list style="symbols"> processes based on local configuration. It <bcp14>MAY</bcp14> limit:</t>
<t>Limit the number of consecutive Pad1 (<xref target="PAD1"/>) <ul spacing="normal" bare="false" empty="false" pn="section-2.1-6">
<li pn="section-2.1-6.1">the number of consecutive Pad1 (<xref target=
"PAD1" format="default" sectionFormat="of" derivedContent="Section 2.1.1.1"/>)
options to 1. If padding of more than one byte is required, then options to 1. If padding of more than one byte is required, then
PadN (<xref target="PADN"/>) should be used.</t> PadN (<xref target="PADN" format="default" sectionFormat="of" derive
dContent="Section 2.1.1.2"/>) should be used.</li>
<t>Limit the length in PadN to 5.</t> <li pn="section-2.1-6.2">The length in PadN to 5.</li>
<li pn="section-2.1-6.3">The maximum number of non-Pad TLVs to be proc
<t>Limit the maximum number of non-Pad TLVs to be processed.</t> essed.</li>
<li pn="section-2.1-6.4">The maximum length of all TLVs to be processe
<t>Limit the maximum length of all TLVs to be processed.</t> d.</li>
</list> The implementation MAY stop processing additional TLVs in </ul>
<t pn="section-2.1-7"> The implementation <bcp14>MAY</bcp14> stop proces
sing additional TLVs in
the SRH when these configured limits are exceeded.</t> the SRH when these configured limits are exceeded.</t>
<artwork name="" type="" align="left" alt="" pn="section-2.1-8">
<figure>
<artwork>
0 1 0 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+----------------------- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-----------------------
| Type | Length | Variable length data | Type | Length | Variable-length data
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+----------------------- +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-----------------------
</artwork> </artwork>
</figure> <dl spacing="normal" newline="false" pn="section-2.1-9">
<dt pn="section-2.1-9.1">Type:</dt>
<t>Type: An 8 bit codepoint from Segment Routing Header TLVs Registry <dd pn="section-2.1-9.2">An 8-bit codepoint from the "Segment Routing
TBD IANA Reference. Unrecognized Types MUST be ignored on receipt.</t> Header TLVs" <xref target="IANA-SRHTLV" format="default" sectionFormat="of" deri
vedContent="IANA-SRHTLV"/>.
<t>Length: The length of the Variable length data in bytes.</t>
<t>Variable length data: Length bytes of data that is specific to the
Type.</t>
<t>Type Length Value (TLV) entries contain OPTIONAL information that Unrecognized Types <bcp14>MUST</bcp14> be ignored on receipt.</dd>
<dt pn="section-2.1-9.3">Length:</dt>
<dd pn="section-2.1-9.4">The length of the variable-length data field
in bytes.</dd>
<dt pn="section-2.1-9.5">Variable-length data:</dt>
<dd pn="section-2.1-9.6">data that is specific to the
Type.</dd>
</dl>
<t pn="section-2.1-10">Type Length Value (TLV) entries contain <bcp14>OP
TIONAL</bcp14> information that
may be used by the node identified in the Destination Address (DA) of may be used by the node identified in the Destination Address (DA) of
the packet.</t> the packet.</t>
<t pn="section-2.1-11">Each TLV has its own length, format, and semantic
<t>Each TLV has its own length, format and semantic. The codepoint . The codepoint
allocated (by IANA) to each TLV Type defines both the format and the allocated (by IANA) to each TLV Type defines both the format and the
semantic of the information carried in the TLV. Multiple TLVs may be semantic of the information carried in the TLV. Multiple TLVs may be
encoded in the same SRH.</t> encoded in the same SRH.</t>
<t pn="section-2.1-12">The highest-order bit of the TLV type (bit 0) spe
<t>The highest-order bit of the TLV type (bit 0) specifies whether or cifies whether or
not the TLV data of that type can change en route to the packet's not the TLV data of that type can change en route to the packet's
final destination: <list> final destination: </t>
<t>0: TLV data does not change en route</t> <ul empty="true" spacing="normal" bare="false" pn="section-2.1-13">
<li pn="section-2.1-13.1">0: TLV data does not change en route</li>
<t>1: TLV data does change en route</t> <li pn="section-2.1-13.2">1: TLV data does change en route</li>
</list></t> </ul>
<t pn="section-2.1-14">All TLVs specify their alignment requirements usi
<t>All TLVs specify their alignment requirements using an xn+y format. ng an xn+y format.
The xn+y format is defined as per <xref target="RFC8200"/>. The SR The xn+y format is defined as per <xref target="RFC8200" format="default
Source nodes use the xn+y alignment requirements of TLVs and Padding " sectionFormat="of" derivedContent="RFC8200"/>. The SR
source nodes use the xn+y alignment requirements of TLVs and Padding
TLVs when constructing an SRH.</t> TLVs when constructing an SRH.</t>
<t pn="section-2.1-15">The Length field of the TLV is used to skip the T
<t>The "Length" field of the TLV is used to skip the TLV while LV while
inspecting the SRH in case the node doesn't support or recognize the inspecting the SRH in case the node doesn't support or recognize the
Type. The "Length" defines the TLV length in octets, not including the Type. The Length defines the TLV length in octets, not including the
"Type" and "Length" fields.</t> Type and Length fields.</t>
<t pn="section-2.1-16">The following TLVs are defined in this document:<
<t>The following TLVs are defined in this document:<list> /t>
<t>Padding TLVs</t> <ul empty="true" spacing="normal" bare="false" pn="section-2.1-17">
<li pn="section-2.1-17.1">Padding TLVs</li>
<t>HMAC TLV</t> <li pn="section-2.1-17.2">HMAC TLV</li>
</list></t> </ul>
<t pn="section-2.1-18">Additional TLVs may be defined in the future.</t>
<t>Additional TLVs may be defined in the future.</t> <section anchor="PADDINGTLV" numbered="true" toc="include" removeInRFC="
false" pn="section-2.1.1">
<section anchor="PADDINGTLV" title="Padding TLVs"> <name slugifiedName="name-padding-tlvs">Padding TLVs</name>
<t>There are two types of Padding TLVs, pad1 and padN, the following <t pn="section-2.1.1-1">There are two types of Padding TLVs, Pad1 and
applies to both:<list> PadN, and the following
<t>Padding TLVs are used for meeting the alignment requirement applies to both:</t>
of the subsequent TLVs.</t> <ul empty="true" spacing="normal" bare="false" pn="section-2.1.1-2">
<li pn="section-2.1.1-2.1">Padding TLVs are used for meeting the ali
<t>Padding TLVs are used to pad the SRH to a multiple of 8 gnment requirement
octets.</t> of the subsequent TLVs.</li>
<li pn="section-2.1.1-2.2">Padding TLVs are used to pad the SRH to a
<t>Padding TLVs are ignored by a node processing the SRH multiple of 8
TLV.</t> octets.</li>
<li pn="section-2.1.1-2.3">Padding TLVs are ignored by a node proces
<t>Multiple Padding TLVs MAY be used in one SRH</t> sing the SRH
</list></t> TLV.</li>
<li pn="section-2.1.1-2.4">Multiple Padding TLVs <bcp14>MAY</bcp14>
<section anchor="PAD1" title="PAD1"> be used in one SRH.</li>
<t>Alignment requirement: none</t> </ul>
<section anchor="PAD1" numbered="true" toc="exclude" removeInRFC="fals
<figure> e" pn="section-2.1.1.1">
<artwork> <name slugifiedName="name-pad1">Pad1</name>
0 1 2 3 4 5 6 7 <t pn="section-2.1.1.1-1">Alignment requirement: none</t>
<artwork name="" type="" align="left" alt="" pn="section-2.1.1.1-2">
0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
| Type | | Type |
+-+-+-+-+-+-+-+-+</artwork> +-+-+-+-+-+-+-+-+</artwork>
</figure> <dl spacing="normal" newline="false" pn="section-2.1.1.1-3">
<dt pn="section-2.1.1.1-3.1">Type:</dt>
<t><list> <dd pn="section-2.1.1.1-3.2">0</dd>
<t>Type: to be assigned by IANA (Suggested value 0)</t> </dl>
</list></t> <t pn="section-2.1.1.1-4">A single Pad1 TLV <bcp14>MUST</bcp14> be u
sed when a single byte of padding is
<t>A single Pad1 TLV MUST be used when a single byte of padding is required. A Pad1 TLV <bcp14>MUST NOT</bcp14> be used if more than on
required. A Pad1 TLV MUST NOT be used if more than one consecutive e consecutive
byte of padding is required.</t> byte of padding is required.</t>
</section> </section>
<section anchor="PADN" numbered="true" toc="exclude" removeInRFC="fals
<section anchor="PADN" title="PADN"> e" pn="section-2.1.1.2">
<t>Alignment requirement: none</t> <name slugifiedName="name-padn">PadN</name>
<t pn="section-2.1.1.2-1">Alignment requirement: none</t>
<figure> <artwork name="" type="" align="left" alt="" pn="section-2.1.1.2-2">
<artwork>
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Padding (variable) | | Type | Length | Padding (variable) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// Padding (variable) // // Padding (variable) //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+</artwork> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+</artwork>
</figure> <dl spacing="normal" newline="false" pn="section-2.1.1.2-3">
<dt pn="section-2.1.1.2-3.1">Type:</dt>
<t><list> <dd pn="section-2.1.1.2-3.2">4</dd>
<t>Type: to be assigned by IANA (suggested value 4).</t> <dt pn="section-2.1.1.2-3.3">Length:</dt>
<dd pn="section-2.1.1.2-3.4">0 to 5. The length of the Padding fie
<t>Length: 0 to 5</t> ld in bytes.</dd>
<dt pn="section-2.1.1.2-3.5">Padding:</dt>
<t>Padding: Length octets of padding. Padding bits have no <dd pn="section-2.1.1.2-3.6">Padding bits have no
semantic. They MUST be set to 0 on transmission and ignored on semantic. They <bcp14>MUST</bcp14> be set to 0 on transmission a
receipt.</t> nd ignored on
</list></t> receipt.</dd>
</dl>
<t>The PadN TLV MUST be used when more than one byte of padding is <t pn="section-2.1.1.2-4">The PadN TLV <bcp14>MUST</bcp14> be used w
hen more than one byte of padding is
required.</t> required.</t>
</section> </section>
</section> </section>
<section anchor="HMACTLV" numbered="true" toc="include" removeInRFC="fal
<section anchor="HMACTLV" title="HMAC TLV"> se" pn="section-2.1.2">
<t>Alignment requirement: 8n</t> <name slugifiedName="name-hmac-tlv">HMAC TLV</name>
<t pn="section-2.1.2-1">Alignment requirement: 8n</t>
<t>The keyed Hashed Message Authentication Code (HMAC) TLV is <t pn="section-2.1.2-2">The keyed Hashed Message Authentication Code (
OPTIONAL and has the following format:<figure> HMAC) TLV is
<artwork> 0 1 2 <bcp14>OPTIONAL</bcp14> and has the following format:</t>
3 <artwork name="" type="" align="left" alt="" pn="section-2.1.2-3"> 0
1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length |D| RESERVED | | Type | Length |D| RESERVED |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| HMAC Key ID (4 octets) | | HMAC Key ID (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| // | //
| HMAC (Variable) // | HMAC (variable) //
| // | //
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:</artwork> where:</artwork>
</figure> <list style="symbols"> <dl spacing="normal" newline="false" pn="section-2.1.2-4">
<t>Type: to be assigned by IANA (suggested value 5).</t> <dt pn="section-2.1.2-4.1">Type:</dt>
<dd pn="section-2.1.2-4.2">5.</dd>
<t>Length: The length of the variable length data in bytes.</t> <dt pn="section-2.1.2-4.3">Length:</dt>
<dd pn="section-2.1.2-4.4">The length of the variable-length data in
<t>D: 1 bit. 1 indicates the Destination Address verification is bytes.</dd>
disabled due to use of reduced segment list, <xref <dt pn="section-2.1.2-4.5">D:</dt>
target="REDUCED"/>.</t> <dd pn="section-2.1.2-4.6">1 bit. 1 indicates that the Destination A
ddress verification is
<t>RESERVED: 15 bits. MUST be 0 on transmission.</t> disabled due to use of a reduced Segment List (see <xref target="R
EDUCED" format="default" sectionFormat="of" derivedContent="Section 4.1.1"/>).</
<t>HMAC Key ID: A 4 octet opaque number which uniquely dd>
<dt pn="section-2.1.2-4.7">RESERVED:</dt>
<dd pn="section-2.1.2-4.8">15 bits. <bcp14>MUST</bcp14> be 0 on tran
smission.</dd>
<dt pn="section-2.1.2-4.9">HMAC Key ID:</dt>
<dd pn="section-2.1.2-4.10">A 4-octet opaque number that uniquely
identifies the pre-shared key and algorithm used to generate the identifies the pre-shared key and algorithm used to generate the
HMAC.</t> HMAC.</dd>
<dt pn="section-2.1.2-4.11">HMAC:</dt>
<t>HMAC: Keyed HMAC, in multiples of 8 octets, at most 32 <dd pn="section-2.1.2-4.12">Keyed HMAC, in multiples of 8 octets, at
octets.</t> most 32
</list></t> octets.</dd>
</dl>
<t>The HMAC TLV is used to verify that the SRH applied to a packet <t pn="section-2.1.2-5">The HMAC TLV is used to verify that the SRH ap
was selected by an authorized party, and to ensure that the segment plied to a packet
was selected by an authorized party and to ensure that the segment
list is not modified after generation. This also allows for list is not modified after generation. This also allows for
verification that the current segment (by virtue of being in the verification that the current segment (by virtue of being in the
authorized segment list) is authorized for use. The SR Domain authorized Segment List) is authorized for use. The SR domain
ensures the source node is permitted to use the source address in ensures that the source node is permitted to use the source address in
the packet via ingress filtering mechanisms as defined in BCP 84 the packet via ingress filtering mechanisms as defined in BCP 84
<xref target="RFC3704"/>, or other strategies as appropriate.</t> <xref target="RFC3704" format="default" sectionFormat="of" derivedCont
ent="RFC3704"/> or other strategies as appropriate.</t>
<section title="HMAC Generation and Verification"> <section numbered="true" toc="exclude" removeInRFC="false" pn="section
<t>Local configuration determines when to check for an HMAC. This -2.1.2.1">
<name slugifiedName="name-hmac-generation-and-verific">HMAC Generati
on and Verification</name>
<t pn="section-2.1.2.1-1">Local configuration determines when to che
ck for an HMAC. This
local configuration is outside the scope of this document. It may local configuration is outside the scope of this document. It may
be based on the active segment at an SR Segment endpoint node, the be based on the active segment at an SR Segment endpoint node, the
result of an ACL that considers incoming interface, HMAC Key ID, result of an Access Control List (ACL) that considers incoming inter face, HMAC Key ID,
or other packet fields.</t> or other packet fields.</t>
<t pn="section-2.1.2.1-2">An implementation that supports the genera
<t>An implementation that supports the generation and verification tion and verification
of the HMAC supports the following default behavior, as of the HMAC supports the following default behavior, as
defined in the remainder of this section.</t> defined in the remainder of this section.</t>
<t pn="section-2.1.2.1-3">The HMAC verification begins by checking t
<t>The HMAC verification begins by checking the current segment is hat the current segment is
equal to the destination address of the IPv6 header. The check is equal to the destination address of the IPv6 header. The check is
successful when either<list style="symbols"> successful when either:</t>
<t>HMAC D bit is 1 and Segments Left is greater than Last <ul spacing="normal" bare="false" empty="false" pn="section-2.1.2.1-
Entry.</t> 4">
<li pn="section-2.1.2.1-4.1">HMAC D bit is 1 and Segments Left is
<t>HMAC Segments Left is less than or equal to Last Entry and greater than Last
destination address is equal to Segment List [Segments Entry, or</li>
Left].</t> <li pn="section-2.1.2.1-4.2">HMAC Segments Left is less than or eq
</list></t> ual to Last Entry, and the
destination address is equal to Segment List[Segments
<t>The HMAC field is the output of the HMAC computation as defined Left].</li>
in <xref target="RFC2104"/>, using:<list style="symbols"> </ul>
<t>key: the pre-shared key identified by HMAC Key ID</t> <t pn="section-2.1.2.1-5">The HMAC field is the output of the HMAC c
omputation as defined
<t>HMAC algorithm: identified by the HMAC Key ID</t> in <xref target="RFC2104" format="default" sectionFormat="of" derive
dContent="RFC2104"/>, using:</t>
<t>Text: a concatenation of the following fields from the IPv6 <ul spacing="normal" bare="false" empty="false" pn="section-2.1.2.1-
6">
<li pn="section-2.1.2.1-6.1">key: The pre-shared key identified by
HMAC Key ID</li>
<li pn="section-2.1.2.1-6.2">HMAC algorithm: Identified by the HMA
C Key ID</li>
<li pn="section-2.1.2.1-6.3">
<t pn="section-2.1.2.1-6.3.1">Text: A concatenation of the follo
wing fields from the IPv6
header and the SRH, as it would be received at the node header and the SRH, as it would be received at the node
verifying the HMAC:<list style="symbols"> verifying the HMAC:</t>
<t>IPv6 header: source address (16 octets)</t> <ul spacing="normal" bare="false" empty="false" pn="section-2.1.
2.1-6.3.2">
<t>SRH: Last Entry (1 octet)</t> <li pn="section-2.1.2.1-6.3.2.1">IPv6 header: Source address (
16 octets)</li>
<t>SRH: Flags (1 octet)</t> <li pn="section-2.1.2.1-6.3.2.2">SRH: Last Entry (1 octet)</li
>
<t>SRH: HMAC 16 bits following Length</t> <li pn="section-2.1.2.1-6.3.2.3">SRH: Flags (1 octet)</li>
<li pn="section-2.1.2.1-6.3.2.4">SRH: HMAC 16 bits following L
<t>SRH: HMAC Key ID (4 octets)</t> ength</li>
<li pn="section-2.1.2.1-6.3.2.5">SRH: HMAC Key ID (4 octets)</
<t>SRH: all addresses in the Segment List (variable li>
octets)</t> <li pn="section-2.1.2.1-6.3.2.6">SRH: All addresses in the Seg
</list></t> ment List (variable
</list></t> octets)</li>
</ul>
<t>The HMAC digest is truncated to 32 octets and placed in the </li>
</ul>
<t pn="section-2.1.2.1-7">The HMAC digest is truncated to 32 octets
and placed in the
HMAC field of the HMAC TLV.</t> HMAC field of the HMAC TLV.</t>
<t pn="section-2.1.2.1-8">For HMAC algorithms producing digests less
<t>For HMAC algorithms producing digests less than 32 octets, the than 32 octets long, the
digest is placed in the lowest order octets of the HMAC field. digest is placed in the lowest-order octets of the HMAC field.
Subsequent octets MUST be set to zero such that the HMAC length is Subsequent octets <bcp14>MUST</bcp14> be set to zero such that the H
MAC length is
a multiple of 8 octets.</t> a multiple of 8 octets.</t>
<t pn="section-2.1.2.1-9">If HMAC verification is successful, proces
<t>If HMAC verification is successful, processing proceeds as sing proceeds as
normal.</t> normal.</t>
<t pn="section-2.1.2.1-10">If HMAC verification fails, an ICMP error
<t>If HMAC verification fails, an ICMP error message (parameter message (parameter
problem, error code 0, pointing to the HMAC TLV) SHOULD be problem, error code 0, pointing to the HMAC TLV) <bcp14>SHOULD</bcp1
generated (but rate limited) and SHOULD be logged and the packet 4> be
discarded.</t> generated (but rate limited) and logged, and the packet
<bcp14>SHOULD</bcp14> be discarded.</t>
</section> </section>
<section numbered="true" toc="exclude" removeInRFC="false" pn="section
<section title="HMAC Pre-Shared Key Algorithm"> -2.1.2.2">
<t>The HMAC Key ID field allows for the simultaneous existence of <name slugifiedName="name-hmac-pre-shared-key-algorit">HMAC Pre-shar
ed Key Algorithm</name>
<t pn="section-2.1.2.2-1">The HMAC Key ID field allows for the simul
taneous existence of
several hash algorithms (SHA-256, SHA3-256 ... or future ones) as several hash algorithms (SHA-256, SHA3-256 ... or future ones) as
well as pre-shared keys.</t> well as pre-shared keys.</t>
<t pn="section-2.1.2.2-2">The HMAC Key ID field is opaque -- i.e., i
<t>The HMAC Key ID field is opaque, i.e., it has neither syntax t has neither syntax
nor semantic except as an identifier of the right combination of nor semantic except as an identifier of the right combination of
pre-shared key and hash algorithm.</t> pre-shared key and hash algorithm.</t>
<t pn="section-2.1.2.2-3">At the HMAC TLV generating and verificatio
<t>At the HMAC TLV generating and verification nodes, the Key ID n nodes, the Key ID
uniquely identifies the pre-shared key and HMAC algorithm.</t> uniquely identifies the pre-shared key and HMAC algorithm.</t>
<t pn="section-2.1.2.2-4">At the HMAC TLV generating node, the Text
<t>At the HMAC TLV generating node, the Text for the HMAC for the HMAC
computation is set to the IPv6 header fields and SRH fields as computation is set to the IPv6 header fields and SRH fields as
they would appear at the verification node(s), not necessarily the they would appear at the verification node(s), not necessarily the
same as the source node sending a packet with the HMAC TLV.</t> same as the source node sending a packet with the HMAC TLV.</t>
<t pn="section-2.1.2.2-5">Pre-Shared key rollover is supported by ha
<t>Pre-shared key roll-over is supported by having two key IDs in ving two key IDs in
use while the HMAC TLV generating node and verifying node converge use while the HMAC TLV generating node and verifying node converge
to a new key.</t> to a new key.</t>
<t pn="section-2.1.2.2-6">The HMAC TLV generating node may need to r
<t>The HMAC TLV generating node may need to revoke an SRH for evoke an SRH for
which it previously generated an HMAC. Revocation is achieved by which it previously generated an HMAC. Revocation is achieved by
allocating a new key and key ID, then rolling over the key ID allocating a new key and key ID, then rolling over the key ID
associated with the SRH to be revoked. The HMAC TLV verifying node associated with the SRH to be revoked. The HMAC TLV verifying node
drops packets with the revoked SRH.</t> drops packets with the revoked SRH.</t>
<t pn="section-2.1.2.2-7">An implementation supporting HMAC can supp
<t>An implementation supporting HMAC can support multiple hash ort multiple hash
functions. An implementation supporting HMAC MUST implement SHA-2 functions. An implementation supporting HMAC <bcp14>MUST</bcp14> imp
<xref target="FIPS180-4"/> in its SHA-256 variant.</t> lement SHA-2
<xref target="FIPS180-4" format="default" sectionFormat="of" derived
<t>The selection of pre-shared key and algorithm, and their Content="FIPS180-4"/> in its SHA-256 variant.</t>
<t pn="section-2.1.2.2-8">The selection of pre-shared key and algori
thm and their
distribution is outside the scope of this document. Some options distribution is outside the scope of this document. Some options
may include: <list style="symbols"> may include: </t>
<t>in the configuration of the HMAC generating or verifying <ul spacing="normal" bare="false" empty="false" pn="section-2.1.2.2-
nodes, either by static configuration or any SDN oriented 9">
approach</t> <li pn="section-2.1.2.2-9.1">setting these items in the configurat
ion of the HMAC generating or verifying
<t>dynamically using a trusted key distribution protocol such nodes, either by static configuration or any
as <xref target="RFC6407"/></t> SDN-oriented
</list></t> approach</li>
<li pn="section-2.1.2.2-9.2">dynamically using a trusted key distr
<t>While key management is outside the scope of this document, the ibution protocol such
recommendations of BCP 107 <xref target="RFC4107"/> should be as <xref target="RFC6407" format="default" sectionFormat="of" de
rivedContent="RFC6407"/></li>
</ul>
<t pn="section-2.1.2.2-10">While key management is outside the scope
of this document, the
recommendations of BCP 107 <xref target="RFC4107" format="default" s
ectionFormat="of" derivedContent="RFC4107"/> should be
considered when choosing the key management system.</t> considered when choosing the key management system.</t>
</section> </section>
</section> </section>
</section> </section>
</section> </section>
<section anchor="SRNODES" numbered="true" toc="include" removeInRFC="false"
<section anchor="SRNODES" title="SR Nodes"> pn="section-3">
<t>There are different types of nodes that may be involved in segment <name slugifiedName="name-sr-nodes">SR Nodes</name>
routing networks: source SR nodes originate packets with a segment in <t pn="section-3-1">There are different types of nodes that may be involve
d in segment
routing networks: SR source nodes that originate packets with a segment in
the destination address of the IPv6 header, transit nodes that forward the destination address of the IPv6 header, transit nodes that forward
packets destined to a remote segment, and SR segment endpoint nodes that packets destined to a remote segment, and SR segment endpoint nodes that
process a local segment in the destination address of an IPv6 process a local segment in the destination address of an IPv6
header.</t> header.</t>
<section anchor="SOURCE" numbered="true" toc="include" removeInRFC="false"
<section anchor="SOURCE" title="Source SR Node"> pn="section-3.1">
<t>A Source SR Node is any node that originates an IPv6 packet with a <name slugifiedName="name-sr-source-node">SR Source Node</name>
segment (i.e. SRv6 SID) in the destination address of the IPv6 header. <t pn="section-3.1-1">A SR source node is any node that originates an IP
The packet leaving the source SR Node may or may not contain an SRH. v6 packet with a
This includes either: <list style="hanging"> segment (i.e., SRv6 SID) in the destination address of the IPv6 header.
<t>A host originating an IPv6 packet.</t> The packet leaving the SR source node may or may not contain an SRH.
This includes either: </t>
<t>An SR domain ingress router encapsulating a received packet in <ul spacing="normal" bare="false" empty="false" pn="section-3.1-2">
an outer IPv6 header, followed by an optional SRH.</t> <li pn="section-3.1-2.1">A host originating an IPv6 packet, or</li>
</list></t> <li pn="section-3.1-2.2">An SR domain ingress router encapsulating a r
eceived packet in
<t>The mechanism through which a segment in the destination address of an outer IPv6 header, followed by an optional SRH.</li>
the IPv6 header and the Segment List in the SRH, is derived is outside </ul>
the scope of this document.</t> <t pn="section-3.1-3">It is out of the scope of this document to describ
e the mechanism
through which a segment in the destination address of
the IPv6 header and the Segment List in the SRH are derived.</t>
</section> </section>
<section anchor="TRANSIT" numbered="true" toc="include" removeInRFC="false
<section anchor="TRANSIT" title="Transit Node"> " pn="section-3.2">
<t>A transit node is any node forwarding an IPv6 packet where the <name slugifiedName="name-transit-node">Transit Node</name>
<t pn="section-3.2-1">A transit node is any node forwarding an IPv6 pack
et where the
destination address of that packet is not locally configured as a destination address of that packet is not locally configured as a
segment nor a local interface. A transit node is not required to be segment or a local interface. A transit node is not required to be
capable of processing a segment nor SRH.</t> capable of processing a segment or SRH.</t>
</section> </section>
<section numbered="true" toc="include" removeInRFC="false" pn="section-3.3
<section title="SR Segment Endpoint Node"> ">
<t>A SR segment endpoint node is any node receiving an IPv6 packet <name slugifiedName="name-sr-segment-endpoint-node">SR Segment Endpoint
Node</name>
<t pn="section-3.3-1">An SR segment endpoint node is any node receiving
an IPv6 packet
where the destination address of that packet is locally configured as where the destination address of that packet is locally configured as
a segment or local interface.</t> a segment or local interface.</t>
</section> </section>
</section> </section>
<section anchor="PacketProcessing" numbered="true" toc="include" removeInRFC
<section anchor="PacketProcessing" title="Packet Processing"> ="false" pn="section-4">
<t>This section describes SRv6 packet processing at the SR source, <name slugifiedName="name-packet-processing">Packet Processing</name>
Transit and SR segment endpoint nodes.</t> <t pn="section-4-1">This section describes SRv6 packet processing at the S
R source,
<section anchor="pktSourceNode" title="Source SR Node"> Transit, and SR segment endpoint nodes.</t>
<t>A Source node steers a packet into an SR Policy. If the SR Policy <section anchor="pktSourceNode" numbered="true" toc="include" removeInRFC=
results in a segment list containing a single segment, and there is no "false" pn="section-4.1">
need to add information to the SRH flag or to add TLV, the DA is set <name slugifiedName="name-sr-source-node-2">SR Source Node</name>
to the single segment list entry and the SRH MAY be omitted.</t> <t pn="section-4.1-1">A source node steers a packet into an SR Policy. I
f the SR Policy
<t>When needed, the SRH is created as follows:<list style="hanging"> results in a Segment List containing a single segment, and there is no
<t>Next Header and Hdr Ext Len fields are set as specified in need to add information to the SRH flag or add TLV; the DA is set
<xref target="RFC8200"/>.</t> to the single Segment List entry, and the SRH <bcp14>MAY</bcp14> be omit
ted.</t>
<t>Routing Type field is set as TBD (to be allocated by IANA, <t pn="section-4.1-2">When needed, the SRH is created as follows:</t>
suggested value 4).</t> <dl newline="false" spacing="normal" pn="section-4.1-3">
<dt pn="section-4.1-3.1"/>
<t>The DA of the packet is set with the value of the first <dd pn="section-4.1-3.2">The Next Header and Hdr Ext Len fields are se
segment.</t> t as specified in
<xref target="RFC8200" format="default" sectionFormat="of" derivedCo
<t>The first element of the SRH Segment List is the ultimate ntent="RFC8200"/>.</dd>
<dt pn="section-4.1-3.3"/>
<dd pn="section-4.1-3.4">The Routing Type field is set to 4.</dd>
<dt pn="section-4.1-3.5"/>
<dd pn="section-4.1-3.6">The DA of the packet is set with the value of
the first
segment.</dd>
<dt pn="section-4.1-3.7"/>
<dd pn="section-4.1-3.8">The first element of the SRH Segment List is
the ultimate
segment. The second element is the penultimate segment, and so segment. The second element is the penultimate segment, and so
on.</t> on.</dd>
<dt pn="section-4.1-3.9"/>
<t>The Segments Left field is set to n-1 where n is the number of <dd pn="section-4.1-3.10">The Segments Left field is set to n-1, where
elements in the SR Policy.</t> n is the number of
elements in the SR Policy.</dd>
<t>The Last Entry field is set to n-1 where n is the number of <dt pn="section-4.1-3.11"/>
elements in the SR Policy.</t> <dd pn="section-4.1-3.12">The Last Entry field is set to n-1, where n
is the number of
<t>TLVs (including HMAC) may be set according to their elements in the SR Policy.</dd>
specification.</t> <dt pn="section-4.1-3.13"/>
<dd pn="section-4.1-3.14">TLVs (including HMAC) may be set according t
<t>The packet is forwarded toward the packet's Destination Address o their
(the first segment).</t> specification.</dd>
</list></t> <dt pn="section-4.1-3.15"/>
<dd pn="section-4.1-3.16">The packet is forwarded toward the packet's
<section anchor="REDUCED" title="Reduced SRH"> Destination Address
<t>When a source does not require the entire SID list to be (the first segment).</dd>
</dl>
<section anchor="REDUCED" numbered="true" toc="include" removeInRFC="fal
se" pn="section-4.1.1">
<name slugifiedName="name-reduced-srh">Reduced SRH</name>
<t pn="section-4.1.1-1">When a source does not require the entire SID
list to be
preserved in the SRH, a reduced SRH may be used.</t> preserved in the SRH, a reduced SRH may be used.</t>
<t pn="section-4.1.1-2">A reduced SRH does not contain the first segme
<t>A reduced SRH does not contain the first segment of the related nt of the related
SR Policy (the first segment is the one already in the DA of the SR Policy (the first segment is the one already in the DA of the
IPv6 header), and the Last Entry field is set to n-2 where n is the IPv6 header), and the Last Entry field is set to n-2, where n is the
number of elements in the SR Policy.</t> number of elements in the SR Policy.</t>
</section> </section>
</section> </section>
<section numbered="true" toc="include" removeInRFC="false" pn="section-4.2
<section title="Transit Node"> ">
<t>As specified in <xref target="RFC8200"/>, the only node allowed to <name slugifiedName="name-transit-node-2">Transit Node</name>
inspect the Routing Extension Header (and therefore the SRH), is the <t pn="section-4.2-1">As specified in <xref target="RFC8200" format="def
ault" sectionFormat="of" derivedContent="RFC8200"/>, the only node allowed to
inspect the Routing Extension Header (and therefore the SRH) is the
node corresponding to the DA of the packet. Any other transit node node corresponding to the DA of the packet. Any other transit node
MUST NOT inspect the underneath routing header and MUST forward the <bcp14>MUST NOT</bcp14> inspect the underneath routing header and <bcp14 >MUST</bcp14> forward the
packet toward the DA according to its IPv6 routing table.</t> packet toward the DA according to its IPv6 routing table.</t>
<t pn="section-4.2-2">When a SID is in the destination address of an IPv
<t>When a SID is in the destination address of an IPv6 header of a 6 header of a
packet, it's routed through an IPv6 network as an IPv6 address. SIDs, packet, it's routed through an IPv6 network as an IPv6 address. SIDs,
or the prefix(es) covering SIDs, and their reachability may be or the prefix(es) covering SIDs, and their reachability may be
distributed by means outside the scope of this document. For example, distributed by means outside the scope of this document. For example,
<xref target="RFC5308"/> or <xref target="RFC5340"/> may be used to <xref target="RFC5308" format="default" sectionFormat="of" derivedConten t="RFC5308"/> or <xref target="RFC5340" format="default" sectionFormat="of" deri vedContent="RFC5340"/> may be used to
advertise a prefix covering the SIDs on a node.</t> advertise a prefix covering the SIDs on a node.</t>
</section> </section>
<section anchor="ENDSID" numbered="true" toc="include" removeInRFC="false"
<section anchor="ENDSID" title="SR Segment Endpoint Node"> pn="section-4.3">
<t>Without constraining the details of an implementation, the SR <name slugifiedName="name-sr-segment-endpoint-node-2">SR Segment Endpoin
t Node</name>
<t pn="section-4.3-1">Without constraining the details of an implementat
ion, the SR
segment endpoint node creates Forwarding Information Base (FIB) segment endpoint node creates Forwarding Information Base (FIB)
entries for its local SIDs.</t> entries for its local SIDs.</t>
<t pn="section-4.3-2">When an SRv6-capable node receives an IPv6 packet,
<t>When an SRv6-capable node receives an IPv6 packet, it performs a it performs a
longest-prefix-match lookup on the packets destination address. This longest-prefix-match lookup on the packet's destination address. This
lookup can return any of the following:<figure align="left"> lookup can return any of the following:</t>
<artwork> <ul bare="false" empty="false" spacing="normal" pn="section-4.3-3">
* A FIB entry that represents a locally instantiated SRv6 SID <li pn="section-4.3-3.1">A FIB entry that represents a locally instant
* A FIB entry that represents a local interface, not locally iated SRv6 SID</li>
instantiated as an SRv6 SID <li pn="section-4.3-3.2">A FIB entry that represents a local interface
* A FIB entry that represents a non-local route , not locally
* No Match</artwork> instantiated as an SRv6 SID</li>
</figure></t> <li pn="section-4.3-3.3">A FIB entry that represents a nonlocal route<
/li>
<section anchor="pktENDSID" <li pn="section-4.3-3.4">No Match</li>
title="FIB Entry Is Locally Instantiated SRv6 SID"> </ul>
<t>This document, and section, defines a single SRv6 SID. Future <section anchor="pktENDSID" numbered="true" toc="include" removeInRFC="f
documents may define additional SRv6 SIDs. In which case, the entire alse" pn="section-4.3.1">
<name slugifiedName="name-fib-entry-is-a-locally-inst">FIB Entry Is a
Locally Instantiated SRv6 SID</name>
<t pn="section-4.3.1-1">This document and section define a single SRv6
SID. Future
documents may define additional SRv6 SIDs. In such a case, the entire
content of this section will be defined in that document.</t> content of this section will be defined in that document.</t>
<t pn="section-4.3.1-2">If the FIB entry represents a locally instanti
<t>If the FIB entry represents a locally instantiated SRv6 SID, ated SRv6 SID,
process the next header chain of the IPv6 header as defined in process the next header chain of the IPv6 header as defined in
section 4 of <xref target="RFC8200"/>. <xref target="SRHPROC"/> <xref target="RFC8200" sectionFormat="of" section="4" format="default"
describes how to process an SRH, <xref target="UPPERHEADER"/> derivedLink="https://rfc-editor.org/rfc/rfc8200#section-4" derivedContent="RFC8
describes how to process an upper layer header or no next 200"/>. <xref target="SRHPROC" format="default" sectionFormat="of" derivedConten
header.</t> t="Section 4.3.1.1"/>
describes how to process an SRH; <xref target="UPPERHEADER" format="de
<t>Processing this SID modifies the Segments Left and, if configured fault" sectionFormat="of" derivedContent="Section 4.3.1.2"/>
to process TLVs, it may modify the "variable length data" of TLV describes how to process an upper-layer header or the absence of a Nex
types that change en route. Therefore Segments Left is mutable and t
Header.</t>
<t pn="section-4.3.1-3">Processing this SID modifies the Segments Left
and, if configured
to process TLVs, it may modify the "variable-length data" of TLV
types that change en route. Therefore, Segments Left is mutable, and
TLVs that change en route are mutable. The remainder of the SRH TLVs that change en route are mutable. The remainder of the SRH
(Flags, Tag, Segment List, and TLVs that do not change en route) are (Flags, Tag, Segment List, and TLVs that do not change en route) are
immutable while processing this SID.</t> immutable while processing this SID.</t>
<section anchor="SRHPROC" numbered="true" toc="exclude" removeInRFC="f
<section anchor="SRHPROC" title="SRH Processing"> alse" pn="section-4.3.1.1">
<t><figure align="left"> <name slugifiedName="name-srh-processing">SRH Processing</name>
<artwork> <artwork name="" type="" align="left" alt="" pn="section-4.3.1.1-1">
S01. When an SRH is processed { S01. When an SRH is processed {
S02. If Segments Left is equal to zero { S02. If Segments Left is equal to zero {
S03. Proceed to process the next header in the packet, S03. Proceed to process the next header in the packet,
whose type is identified by the Next Header field in whose type is identified by the Next Header field in
the Routing header. the routing header.
S04. } S04. }
S05. Else { S05. Else {
S06. If local configuration requires TLV processing { S06. If local configuration requires TLV processing {
S07. Perform TLV processing (see TLV Processing) S07. Perform TLV processing (see TLV Processing)
S08. } S08. }
S09. max_last_entry = ( Hdr Ext Len / 2 ) - 1 S09. max_last_entry = ( Hdr Ext Len / 2 ) - 1
S10. If ((Last Entry &gt; max_last_entry) or S10. If ((Last Entry &gt; max_last_entry) or
S11. (Segments Left is greater than (Last Entry+1)) { S11. (Segments Left is greater than (Last Entry+1)) {
S12. Send an ICMP Parameter Problem, Code 0, message to S12. Send an ICMP Parameter Problem, Code 0, message to
the Source Address, pointing to the Segments Left the Source Address, pointing to the Segments Left
skipping to change at line 753 skipping to change at line 890
S19. } S19. }
S20. Else { S20. Else {
S21. Decrement the Hop Limit by 1 S21. Decrement the Hop Limit by 1
S22. Resubmit the packet to the IPv6 module for transmission S22. Resubmit the packet to the IPv6 module for transmission
to the new destination. to the new destination.
S23. } S23. }
S24. } S24. }
S25. } S25. }
S26. } S26. }
</artwork> </artwork>
</figure></t> <section anchor="TLVPROCESS" numbered="true" toc="exclude" removeInR
FC="false" pn="section-4.3.1.1.1">
<section anchor="TLVPROCESS" title="TLV Processing"> <name slugifiedName="name-tlv-processing">TLV Processing</name>
<t>Local configuration determines how TLVs are to be processed <t pn="section-4.3.1.1.1-1">Local configuration determines how TLV
when the Active Segment is a local SID defined in this document. s are to be processed
The definition of local configuration is outside the scope of when the Active Segment is a local SID defined in this document.
this document.</t> The definition of local configuration is outside the scope of
this document.</t>
<t>For illustration purpose only, two example local <t pn="section-4.3.1.1.1-2">For illustration purposes only, two ex
configurations that may be associated with a SID are provided ample local
below.</t> configurations that may be associated with a SID are provided
below.</t>
<t><figure align="left"> <artwork name="" type="" align="left" alt="" pn="section-4.3.1.1.1
<artwork> -3">
Example 1: Example 1:
For any packet received from interface I2 For any packet received from interface I2
Skip TLV processing Skip TLV processing
Example 2: Example 2:
For any packet received from interface I1 For any packet received from interface I1
If first TLV is HMAC { If first TLV is HMAC {
Process the HMAC TLV Process the HMAC TLV
} }
Else { Else {
Discard the packet Discard the packet
}</artwork> }</artwork>
</figure></t>
</section> </section>
</section> </section>
<section anchor="UPPERHEADER" numbered="true" toc="exclude" removeInRF
<section anchor="UPPERHEADER" C="false" pn="section-4.3.1.2">
title="Upper-layer Header or No Next Header"> <name slugifiedName="name-upper-layer-header-or-no-ne">Upper-Layer H
<t>When processing the Upper-layer header of a packet matching a eader or No Next Header</name>
<t pn="section-4.3.1.2-1">When processing the upper-layer header of
a packet matching a
FIB entry locally instantiated as an SRv6 SID defined in this FIB entry locally instantiated as an SRv6 SID defined in this
document.</t> document:</t>
<artwork name="" type="" align="left" alt="" pn="section-4.3.1.2-2">
<t><figure>
<artwork>
IF (Upper-layer Header is IPv4 or IPv6) and IF (Upper-layer Header is IPv4 or IPv6) and
local configuration permits { local configuration permits {
Perform IPv6 decapsulation Perform IPv6 decapsulation
Resubmit the decapsulated packet to the IPv4 or IPv6 module Resubmit the decapsulated packet to the IPv4 or IPv6 module
} }
ELSE { ELSE {
Send an ICMP parameter problem message to the Source Address and Send an ICMP parameter problem message to the Source Address and
discard the packet. Error code (TBD by IANA) "SR Upper-layer discard the packet. Error code (4) "SR Upper-layer
Header Error", pointer set to the offset of the upper-layer Header Error", pointer set to the offset of the upper-layer
header. header.
} }
</artwork> </artwork>
</figure></t> <t pn="section-4.3.1.2-3">A unique error code allows an SR source no
de to recognize an
<t>A unique error code allows an SR Source node to recognize an
error in SID processing at an endpoint.</t> error in SID processing at an endpoint.</t>
</section> </section>
</section> </section>
<section numbered="true" toc="include" removeInRFC="false" pn="section-4
<section title="FIB Entry Is A Local Interface"> .3.2">
<t>If the FIB entry represents a local interface, not locally <name slugifiedName="name-fib-entry-is-a-local-interf">FIB Entry Is a
instantiated as an SRv6 SID, the SRH is processed as follows:<list> Local Interface</name>
<t>If Segments Left is zero, the node must ignore the Routing <t pn="section-4.3.2-1">If the FIB entry represents a local interface
and is not locally
instantiated as an SRv6 SID, the SRH is processed as follows:</t>
<ul empty="true" spacing="normal" bare="false" pn="section-4.3.2-2">
<li pn="section-4.3.2-2.1">If Segments Left is zero, the node must i
gnore the routing
header and proceed to process the next header in the packet, header and proceed to process the next header in the packet,
whose type is identified by the Next Header field in the Routing whose type is identified by the Next Header field in the routing
Header.</t> header.</li>
<li pn="section-4.3.2-2.2">If Segments Left is non-zero, the node mu
<t>If Segments Left is non-zero, the node must discard the st discard the
packet and send an ICMP Parameter Problem, Code 0, message to packet and send an ICMP Parameter Problem, Code 0, message to
the packet's Source Address, pointing to the unrecognized the packet's Source Address, pointing to the unrecognized
Routing Type.</t> Routing Type.</li>
</list></t> </ul>
</section> </section>
<section numbered="true" toc="include" removeInRFC="false" pn="section-4
<section title="FIB Entry Is A Non-Local Route"> .3.3">
<t>Processing is not changed by this document.</t> <name slugifiedName="name-fib-entry-is-a-nonlocal-rou">FIB Entry Is a
Nonlocal Route</name>
<t pn="section-4.3.3-1">Processing is not changed by this document.</t
>
</section> </section>
<section numbered="true" toc="include" removeInRFC="false" pn="section-4
<section title="FIB Entry Is A No Match"> .3.4">
<t>Processing is not changed by this document.</t> <name slugifiedName="name-fib-entry-is-a-no-match">FIB Entry Is a No M
atch</name>
<t pn="section-4.3.4-1">Processing is not changed by this document.</t
>
</section> </section>
</section> </section>
</section> </section>
<section anchor="DEP" numbered="true" toc="include" removeInRFC="false" pn="
<section anchor="DEP" title="Intra SR Domain Deployment Model"> section-5">
<t>The use of the SIDs exclusively within the SR Domain and solely for <name slugifiedName="name-intra-sr-domain-deployment-">Intra-SR-Domain Dep
packets of the SR Domain is an important deployment model.</t> loyment Model</name>
<t pn="section-5-1">The use of the SIDs exclusively within the SR domain a
<t>This enables the SR Domain to act as a single routing system.</t> nd solely for
packets of the SR domain is an important deployment model.</t>
<t>This section covers:<list style="symbols"> <t pn="section-5-2">This enables the SR domain to act as a single routing
<t>securing the SR Domain from external attempt to use its SIDs</t> system.</t>
<t pn="section-5-3">This section covers:</t>
<t>SR Domain as a single system with delegation between <ul spacing="normal" bare="false" empty="false" pn="section-5-4">
components</t> <li pn="section-5-4.1">securing the SR domain from external attempts to
use its SIDs</li>
<t>handling packets of the SR Domain</t> <li pn="section-5-4.2">using the SR domain as a single system with deleg
</list></t> ation between
components</li>
<section anchor="SECSRDOMAIN" title="Securing the SR Domain"> <li pn="section-5-4.3">handling packets of the SR domain</li>
<t>Nodes outside the SR Domain are not trusted: they cannot directly </ul>
<section anchor="SECSRDOMAIN" numbered="true" toc="include" removeInRFC="f
alse" pn="section-5.1">
<name slugifiedName="name-securing-the-sr-domain">Securing the SR Domain
</name>
<t pn="section-5.1-1">Nodes outside the SR domain are not trusted: they
cannot directly
use the SIDs of the domain. This is enforced by two levels of access use the SIDs of the domain. This is enforced by two levels of access
control lists: <list style="numbers"> control lists: </t>
<t>Any packet entering the SR Domain and destined to a SID within <ol spacing="normal" type="1" start="1" pn="section-5.1-2">
the SR Domain is dropped. This may be realized with the following <li pn="section-5.1-2.1" derivedCounter="1.">
<t pn="section-5.1-2.1.1">Any packet entering the SR domain and dest
ined to a SID within
the SR domain is dropped. This may be realized with the following
logic. Other methods with equivalent outcome are considered logic. Other methods with equivalent outcome are considered
compliant: <list style="symbols"> compliant: </t>
<t>allocate all the SID's from a block S/s</t> <ul spacing="normal" bare="false" empty="false" pn="section-5.1-2.1.
2">
<t>configure each external interface of each edge node of the <li pn="section-5.1-2.1.2.1">Allocate all the SIDs from a block S/
domain with an inbound infrastructure access list (IACL) which s</li>
<li pn="section-5.1-2.1.2.2">Configure each external interface of
each edge node of the
domain with an inbound infrastructure access list (IACL) that
drops any incoming packet with a destination address in drops any incoming packet with a destination address in
S/s</t> S/s</li>
<li pn="section-5.1-2.1.2.3">Failure to implement this method of i
<t>Failure to implement this method of ingress filtering ngress filtering
exposes the SR Domain to source routing attacks as described exposes the SR domain to source-routing attacks, as described
and referenced in <xref target="RFC5095"/></t> and referenced in <xref target="RFC5095" format="default" sectio
</list></t> nFormat="of" derivedContent="RFC5095"/></li>
</ul>
<t>The distributed protection in #1 is complemented with per node </li>
<li pn="section-5.1-2.2" derivedCounter="2.">
<t pn="section-5.1-2.2.1">The distributed protection in #1 is comple
mented with per-node
protection, dropping packets to SIDs from source addresses outside protection, dropping packets to SIDs from source addresses outside
the SR Domain. This may be realized with the following logic. the SR domain. This may be realized with the following logic.
Other methods with equivalent outcome are considered compliant: Other methods with equivalent outcome are considered compliant:
<list style="symbols"> </t>
<t>assign all interface addresses from prefix A/a</t> <ul spacing="normal" bare="false" empty="false" pn="section-5.1-2.2.
2">
<t>at node k, all SIDs local to k are assigned from prefix <li pn="section-5.1-2.2.2.1">Assign all interface addresses from p
Sk/sk</t> refix A/a</li>
<li pn="section-5.1-2.2.2.2">At node k, all SIDs local to k are as
<t>configure each internal interface of each SR node k in the signed from prefix
SR Domain with an inbound IACL which drops any incoming packet Sk/sk</li>
<li pn="section-5.1-2.2.2.3">Configure each internal interface of
each SR node k in the
SR domain with an inbound IACL that drops any incoming packet
with a destination address in Sk/sk if the source address is with a destination address in Sk/sk if the source address is
not in A/a.</t> not in A/a.</li>
</list></t> </ul>
</list></t> </li>
</ol>
</section> </section>
<section anchor="SINGLESYS" numbered="true" toc="include" removeInRFC="fal
<section anchor="SINGLESYS" se" pn="section-5.2">
title="SR Domain as A Single System with Delegation Among Compone <name slugifiedName="name-sr-domain-as-a-single-syste">SR Domain as a Si
nts"> ngle System with Delegation among Components</name>
<t>All intra SR Domain packets are of the SR Domain. The IPv6 header <t pn="section-5.2-1">All intra-SR-domain packets are of the SR domain.
is originated by a node of the SR Domain, and is destined to a node of The IPv6 header
the SR Domain.</t> is originated by a node of the SR domain and is destined to a node of
the SR domain.</t>
<t>All inter domain packets are encapsulated for the part of the <t pn="section-5.2-2">All interdomain packets are encapsulated for the p
packet journey that is within the SR Domain. The outer IPv6 header is art of the
originated by a node of the SR Domain, and is destined to a node of packet journey that is within the SR domain. The outer IPv6 header is
the SR Domain.</t> originated by a node of the SR domain and is destined to a node of
the SR domain.</t>
<t>As a consequence, any packet within the SR Domain is of the SR <t pn="section-5.2-3">As a consequence, any packet within the SR domain
Domain.</t> is of the SR
domain.</t>
<t>The SR Domain is a system in which the operator may want to <t pn="section-5.2-4">The SR domain is a system in which the operator ma
distribute or delegate different operations of the outer most header y want to
distribute or delegate different operations of the outermost header
to different nodes within the system.</t> to different nodes within the system.</t>
<t pn="section-5.2-5">An operator of an SR domain may choose to delegate
<t>An operator of an SR domain may choose to delegate SRH addition to SRH addition to
a host node within the SR domain, and validation of the contents of a host node within the SR domain and delegate validation of the contents
of
any SRH to a more trusted router or switch attached to the host. any SRH to a more trusted router or switch attached to the host.
Consider a top of rack switch (T) connected to host (H) via interface Consider a top-of-rack switch T connected to host H via interface
(I). H receives an SRH (SRH1) with a computed HMAC via some SDN method I. H receives an SRH (SRH1) with a computed HMAC via some SDN method
outside the scope of this document. H classifies traffic it sources outside the scope of this document. H classifies traffic it sources
and adds SRH1 to traffic requiring a specific SLA. T is configured and adds SRH1 to traffic requiring a specific Service Level
Agreement (SLA). T is configured
with an IACL on I requiring verification of the SRH for any packet with an IACL on I requiring verification of the SRH for any packet
destined to the SID block of the SR Domain (S/s). T checks and destined to the SID block of the SR domain (S/s). T checks and
verifies that SRH1 is valid, contains an HMAC TLV and verifies the verifies that SRH1 is valid and contains an HMAC TLV; T then verifies th
e
HMAC.</t> HMAC.</t>
<t pn="section-5.2-6">An operator of the SR domain may choose to have al
<t>An operator of the SR Domain may choose to have all segments in the l segments in the
SR Domain verify the HMAC. This mechanism would verify that the SRH SR domain verify the HMAC. This mechanism would verify that the SRH
segment list is not modified while traversing the SR Domain.</t> Segment List is not modified while traversing the SR domain.</t>
</section> </section>
<section anchor="MTU" numbered="true" toc="include" removeInRFC="false" pn
<section anchor="MTU" title="MTU Considerations"> ="section-5.3">
<t>An SR Domain ingress edge node encapsulates packets traversing the <name slugifiedName="name-mtu-considerations">MTU Considerations</name>
SR Domain, and needs to consider the MTU of the SR Domain. Within the <t pn="section-5.3-1">An SR domain ingress edge node encapsulates packet
SR Domain, well known mitigation techniques are RECOMMENDED, such as s traversing the
deploying a greater MTU value within the SR Domain than at the ingress SR domain and needs to consider the MTU of the SR domain. Within the
SR domain, well-known mitigation techniques are <bcp14>RECOMMENDED</bcp1
4>, such as
deploying a greater MTU value within the SR domain than at the ingress
edges.</t> edges.</t>
<t pn="section-5.3-2">Encapsulation with an outer IPv6 header and SRH sh
<t>Encapsulation with an outer IPv6 header and SRH share the same MTU ares the same MTU
and fragmentation considerations as IPv6 tunnels described in <xref and fragmentation considerations as IPv6 tunnels described in <xref targ
target="RFC2473"/>. Further investigation on the limitation of various et="RFC2473" format="default" sectionFormat="of" derivedContent="RFC2473"/>. Fur
tunneling methods (including IPv6 tunnels) are discussed in <xref ther investigation on the limitation of various
target="I-D.ietf-intarea-tunnels"/> and SHOULD be considered by tunneling methods (including IPv6 tunnels) is discussed in <xref target=
operators when considering MTU within the SR Domain.</t> "I-D.ietf-intarea-tunnels" format="default" sectionFormat="of" derivedContent="I
NTAREA-TUNNELS"/> and
<bcp14>SHOULD</bcp14> be considered by
operators when considering MTU within the SR domain.</t>
</section> </section>
<section anchor="ICMP" numbered="true" toc="include" removeInRFC="false" p
<section anchor="ICMP" title="ICMP Error Processing"> n="section-5.4">
<t>ICMP error packets generated within the SR Domain are sent to <name slugifiedName="name-icmp-error-processing">ICMP Error Processing</
source nodes within the SR Domain. The invoking packet in the ICMP name>
<t pn="section-5.4-1">ICMP error packets generated within the SR domain
are sent to
source nodes within the SR domain. The invoking packet in the ICMP
error message may contain an SRH. Since the destination address of a error message may contain an SRH. Since the destination address of a
packet with an SRH changes as each segment is processed, it may not be packet with an SRH changes as each segment is processed, it may not be
the destination used by the socket or application that generated the the destination used by the socket or application that generated the
invoking packet.</t> invoking packet.</t>
<t pn="section-5.4-2">For the source of an invoking packet to process th
<t>For the source of an invoking packet to process the ICMP error e ICMP error
message, the ultimate destination address of the IPv6 header may be message, the ultimate destination address of the IPv6 header may be
required. The following logic is used to determine the destination required. The following logic is used to determine the destination
address for use by protocol error handlers.<list style="symbols"> address for use by protocol-error handlers.</t>
<t>Walk all extension headers of the invoking IPv6 packet to the <ul spacing="normal" bare="false" empty="false" pn="section-5.4-3">
routing extension header preceding the upper layer header.<list <li pn="section-5.4-3.1">
style="symbols"> <t pn="section-5.4-3.1.1">Walk all extension headers of the invoking
<t>If routing header is type TBD IANA (SRH)<list IPv6 packet to the
style="symbols"> routing extension header preceding the upper-layer header.</t>
<t>The SID at Segment List[0] may be used as the <ul spacing="normal" bare="false" empty="false" pn="section-5.4-3.1.
destination address of the invoking packet.</t> 2">
</list></t> <li pn="section-5.4-3.1.2.1">
</list></t> <t pn="section-5.4-3.1.2.1.1">If routing header is type 4 Segmen
</list></t> t Routing Header (SRH)</t>
<ul spacing="normal" bare="false" empty="false" pn="section-5.4-
<t>ICMP errors are then processed by upper layer transports as defined 3.1.2.1.2">
in <xref target="RFC4443"/>.</t> <li pn="section-5.4-3.1.2.1.2.1">The SID at Segment List[0] ma
y be used as the
<t>For IP packets encapsulated in an outer IPv6 header, ICMP error destination address of the invoking packet.</li>
handling is as defined in <xref target="RFC2473"/>.</t> </ul>
</li>
</ul>
</li>
</ul>
<t pn="section-5.4-4">ICMP errors are then processed by upper-layer tran
sports as defined
in <xref target="RFC4443" format="default" sectionFormat="of" derivedCon
tent="RFC4443"/>.</t>
<t pn="section-5.4-5">For IP packets encapsulated in an outer IPv6 heade
r, ICMP error
handling is as defined in <xref target="RFC2473" format="default" sectio
nFormat="of" derivedContent="RFC2473"/>.</t>
</section> </section>
<section anchor="LBECMP" numbered="true" toc="include" removeInRFC="false"
<section anchor="LBECMP" title="Load Balancing and ECMP"> pn="section-5.5">
<t>For any inter domain packet, the SR Source node MUST impose a flow <name slugifiedName="name-load-balancing-and-ecmp">Load Balancing and EC
MP</name>
<t pn="section-5.5-1">For any interdomain packet, the SR source node <bc
p14>MUST</bcp14> impose a flow
label computed based on the inner packet. The computation of the flow label computed based on the inner packet. The computation of the flow
label is as recommended in <xref target="RFC6438"/> for the sending label is as recommended in <xref target="RFC6438" format="default" secti onFormat="of" derivedContent="RFC6438"/> for the sending
Tunnel End Point.</t> Tunnel End Point.</t>
<t pn="section-5.5-2">For any intradomain packet, the SR source node <bc
<t>For any intra domain packet, the SR Source node SHOULD impose a p14>SHOULD</bcp14> impose a
flow label computed as described in <xref target="RFC6437"/> to assist flow label computed as described in <xref target="RFC6437" format="defau
lt" sectionFormat="of" derivedContent="RFC6437"/> to assist
ECMP load balancing at transit nodes incapable of computing a 5-tuple ECMP load balancing at transit nodes incapable of computing a 5-tuple
beyond the SRH.</t> beyond the SRH.</t>
<t pn="section-5.5-3">At any transit node within an SR domain, the flow
<t>At any transit node within an SR domain, the flow label MUST be label <bcp14>MUST</bcp14> be
used as defined in <xref target="RFC6438"/> to calculate the ECMP hash used as defined in <xref target="RFC6438" format="default" sectionFormat
toward the destination address. If flow label is not used, the transit ="of" derivedContent="RFC6438"/> to calculate the ECMP hash
toward the destination address. If a flow label is not used, the transit
node would likely hash all packets between a pair of SR Edge nodes to node would likely hash all packets between a pair of SR Edge nodes to
the same link.</t> the same link.</t>
<t pn="section-5.5-4">At an SR segment endpoint node, the flow label <bc
<t>At an SR segment endpoint node, the flow label MUST be used as p14>MUST</bcp14> be used as
defined in <xref target="RFC6438"/> to calculate any ECMP hash used to defined in <xref target="RFC6438" format="default" sectionFormat="of" de
rivedContent="RFC6438"/> to calculate any ECMP hash used to
forward the processed packet to the next segment.</t> forward the processed packet to the next segment.</t>
</section> </section>
<section anchor="other" numbered="true" toc="include" removeInRFC="false"
<section anchor="other" title="Other Deployments"> pn="section-5.6">
<t>Other deployment models and their implications on security, MTU, <name slugifiedName="name-other-deployments">Other Deployments</name>
HMAC, ICMP error processing and interaction with other extension <t pn="section-5.6-1">Other deployment models and their implications on
security, MTU,
HMAC, ICMP error processing, and interaction with other extension
headers are outside the scope of this document.</t> headers are outside the scope of this document.</t>
</section> </section>
</section> </section>
<section anchor="ILL" numbered="true" toc="include" removeInRFC="false" pn="
<section anchor="ILL" title="Illustrations"> section-6">
<t>This section provides illustrations of SRv6 packet processing at SR <name slugifiedName="name-illustrations">Illustrations</name>
source, transit and SR segment endpoint nodes.</t> <t pn="section-6-1">This section provides illustrations of SRv6 packet pro
cessing at SR
<section title="Abstract Representation of an SRH"> source, transit, and SR segment endpoint nodes.</t>
<t>For a node k, its IPv6 address is represented as Ak, its SRv6 SID <section numbered="true" toc="include" removeInRFC="false" pn="section-6.1
">
<name slugifiedName="name-abstract-representation-of-">Abstract Represen
tation of an SRH</name>
<t pn="section-6.1-1">For a node k, its IPv6 address is represented as A
k, and its SRv6 SID
is represented as Sk.</t> is represented as Sk.</t>
<t pn="section-6.1-2">IPv6 headers are represented as the tuple of (sour
<t>IPv6 headers are represented as the tuple of (source, destination). ce,destination).
For example, a packet with source address A1 and destination address For example, a packet with source address A1 and destination address
A2 is represented as (A1,A2). The payload of the packet is A2 is represented as (A1,A2). The payload of the packet is
omitted.</t> omitted.</t>
<t pn="section-6.1-3">An SR Policy is a list of segments. A list of segm
<t>An SR Policy is a list of segments. A list of segments is ents is
represented as &lt;S1,S2,S3&gt; where S1 is the first SID to visit, S2 represented as &lt;S1,S2,S3&gt; where S1 is the first SID to visit, S2
is the second SID to visit and S3 is the last SID to visit.</t> is the second SID to visit, and S3 is the last SID to visit.</t>
<t pn="section-6.1-4">(SA,DA) (S3,S2,S1; SL) represents an IPv6 packet w
<t>(SA,DA) (S3, S2, S1; SL) represents an IPv6 packet with:<list ith:</t>
style="symbols"> <ul spacing="normal" bare="false" empty="false" pn="section-6.1-5">
<t>Source Address is SA, Destination Addresses is DA, and <li pn="section-6.1-5.1">Source Address SA, Destination Addresses DA,
next-header is SRH.</t> and
next header SRH.</li>
<t>SRH with SID list &lt;S1, S2, S3&gt; with SegmentsLeft = <li pn="section-6.1-5.2">SRH with SID list &lt;S1,S2,S3&gt; with Segme
SL.</t> ntsLeft =
SL.</li>
<t>Note the difference between the &lt;&gt; and () symbols. <li pn="section-6.1-5.3">Note the difference between the &lt;&gt; and
&lt;S1, S2, S3&gt; represents a SID list where the leftmost () symbols.
segment is the first segment. Whereas, (S3, S2, S1; SL) represents &lt;S1,S2,S3&gt; represents a SID list where the leftmost
segment is the first segment. In contrast, (S3,S2,S1; SL) represents
the same SID list but encoded in the SRH Segment List format where the same SID list but encoded in the SRH Segment List format where
the leftmost segment is the last segment. When referring to an SR the leftmost segment is the last segment. When referring to an SR
policy in a high-level use-case, it is simpler to use the &lt;S1, Policy in a high-level use case, it is simpler to use the &lt;S1,S2,
S2, S3&gt; notation. When referring to an illustration of detailed S3&gt; notation. When referring to an illustration of detailed
behavior, the (S3, S2, S1; SL) notation is more convenient.</t> behavior, the (S3,S2,S1; SL) notation is more convenient.</li>
</list></t> </ul>
<t pn="section-6.1-6">At its SR Policy headend, the Segment List &lt;S1,
<t>At its SR Policy headend, the Segment List &lt;S1,S2,S3&gt; results S2,S3&gt; results
in SRH (S3,S2,S1; SL=2) represented fully as: <figure align="left"> in SRH (S3,S2,S1; SL=2) represented fully as: </t>
<artwork> <artwork name="" type="" align="left" alt="" pn="section-6.1-7">
Segments Left=2 Segments Left=2
Last Entry=2 Last Entry=2
Flags=0 Flags=0
Tag=0 Tag=0
Segment List[0]=S3 Segment List[0]=S3
Segment List[1]=S2 Segment List[1]=S2
Segment List[2]=S1</artwork> Segment List[2]=S1</artwork>
</figure></t>
</section> </section>
<section numbered="true" toc="include" removeInRFC="false" pn="section-6.2
<section title="Example Topology"> ">
<t>The following topology is used in examples below: <figure <name slugifiedName="name-example-topology">Example Topology</name>
align="center" anchor="TOPO1"> <t pn="section-6.2-1">The following topology is used in examples below:
<artwork> </t>
<figure anchor="TOPO1" align="left" suppress-title="false" pn="figure-1"
>
<artwork name="" type="" align="left" alt="" pn="section-6.2-2.1">
+ * * * * * * * * * * * * * * * * * * * * + + * * * * * * * * * * * * * * * * * * * * +
* [8] [9] * * [8] [9] *
| | | |
* | | * * | | *
[1]----[3]--------[5]----------------[6]---------[4]---[2] [1]----[3]--------[5]----------------[6]---------[4]---[2]
* | | * * | | *
| | | |
* | | * * | | *
+--------[7]-------+ +--------[7]-------+
* * * *
+ * * * * * * * SR Domain * * * * * * * +</artwork> + * * * * * * * SR domain * * * * * * * +</artwork>
</figure><list style="symbols"> </figure>
<t>3 and 4 are SR Domain edge routers</t> <ul spacing="normal" bare="false" empty="false" pn="section-6.2-3">
<li pn="section-6.2-3.1">3 and 4 are SR domain edge routers</li>
<t>5, 6, and 7 are all SR Domain routers</t> <li pn="section-6.2-3.2">5, 6, and 7 are all SR domain routers</li>
<li pn="section-6.2-3.3">8 and 9 are hosts within the SR domain</li>
<t>8 and 9 are hosts within the SR Domain</t> <li pn="section-6.2-3.4">1 and 2 are hosts outside the SR domain</li>
<li pn="section-6.2-3.5">The SR domain implements ingress filtering as
<t>1 and 2 are hosts outside the SR Domain</t> per <xref target="SECSRDOMAIN" format="default" sectionFormat="of" derivedConte
nt="Section 5.1"/> and no external packet can
<t>The SR domain implements ingress filtering as per <xref enter the domain
target="SECSRDOMAIN"/> and no external packet can enter the domain with a destination address equal to a segment of the domain.</li>
with a destination address equal to a segment of the domain.</t> </ul>
</list></t>
</section> </section>
<section numbered="true" toc="include" removeInRFC="false" pn="section-6.3
<section title="Source SR Node"> ">
<section title="Intra SR Domain Packet"> <name slugifiedName="name-sr-source-node-3">SR Source Node</name>
<t>When host 8 sends a packet to host 9 via an SR Policy <section numbered="true" toc="include" removeInRFC="false" pn="section-6
.3.1">
<name slugifiedName="name-intra-sr-domain-packet">Intra-SR-Domain Pack
et</name>
<t pn="section-6.3.1-1">When host 8 sends a packet to host 9 via an SR
Policy
&lt;S7,A9&gt; the packet is</t> &lt;S7,A9&gt; the packet is</t>
<t pn="section-6.3.1-2">P1: (A8,S7)(A9,S7; SL=1)</t>
<t>P1: (A8,S7)(A9,S7; SL=1)</t> <section numbered="true" toc="exclude" removeInRFC="false" pn="section
-6.3.1.1">
<section title="Reduced Variant"> <name slugifiedName="name-reduced-variant">Reduced Variant</name>
<t>When host 8 sends a packet to host 9 via an SR Policy <t pn="section-6.3.1.1-1">When host 8 sends a packet to host 9 via a
n SR Policy
&lt;S7,A9&gt; and it wants to use a reduced SRH, the packet is</t> &lt;S7,A9&gt; and it wants to use a reduced SRH, the packet is</t>
<t pn="section-6.3.1.1-2">P2: (A8,S7)(A9; SL=1)</t>
<t>P2: (A8,S7)(A9; SL=1)</t>
</section> </section>
</section> </section>
<section numbered="true" toc="include" removeInRFC="false" pn="section-6
<section title="Inter SR Domain Packet - Transit"> .3.2">
<t>When host 1 sends a packet to host 2, the packet is</t> <name slugifiedName="name-inter-sr-domain-packet-tran">Inter-SR-Domain
Packet -- Transit</name>
<t>P3: (A1,A2)</t> <t pn="section-6.3.2-1">When host 1 sends a packet to host 2, the pack
et is</t>
<t>The SR Domain ingress router 3 receives P3 and steers it to SR <t pn="section-6.3.2-2">P3: (A1,A2)</t>
Domain egress router 4 via an SR Policy &lt;S7, S4&gt;. Router 3 <t pn="section-6.3.2-3">The SR domain ingress router 3 receives P3 and
steers it to SR
domain egress router 4 via an SR Policy &lt;S7,S4&gt;. Router 3
encapsulates the received packet P3 in an outer header with an SRH. encapsulates the received packet P3 in an outer header with an SRH.
The packet is</t> The packet is</t>
<t pn="section-6.3.2-4">P4: (A3,S7)(S4,S7; SL=1)(A1,A2)</t>
<t>P4: (A3, S7)(S4, S7; SL=1)(A1, A2)</t> <t pn="section-6.3.2-5">If the SR Policy contains only one segment (th
e egress router 4),
<t>If the SR Policy contains only one segment (the egress router 4), the ingress router 3 encapsulates P3 into an outer header (A3,S4)
the ingress Router 3 encapsulates P3 into an outer header (A3, S4)
without SRH. The packet is</t> without SRH. The packet is</t>
<t pn="section-6.3.2-6">P5: (A3,S4)(A1,A2)</t>
<t>P5: (A3, S4)(A1, A2)</t> <section numbered="true" toc="exclude" removeInRFC="false" pn="section
-6.3.2.1">
<section title="Reduced Variant"> <name slugifiedName="name-reduced-variant-2">Reduced Variant</name>
<t>The SR Domain ingress router 3 receives P3 and steers it to SR <t pn="section-6.3.2.1-1">The SR domain ingress router 3 receives P3
Domain egress router 4 via an SR Policy &lt;S7, S4&gt;. If router and steers it to SR
3 wants to use a reduced SRH, Router 3 encapsulates the received domain egress router 4 via an SR Policy &lt;S7,S4&gt;. If router
3 wants to use a reduced SRH, it encapsulates the received
packet P3 in an outer header with a reduced SRH. The packet is</t> packet P3 in an outer header with a reduced SRH. The packet is</t>
<t pn="section-6.3.2.1-2">P6: (A3,S7)(S4; SL=1)(A1,A2)</t>
<t>P6: (A3, S7)(S4; SL=1)(A1, A2)</t>
</section> </section>
</section> </section>
<section numbered="true" toc="include" removeInRFC="false" pn="section-6
<section title="Inter SR Domain Packet - Internal to External"> .3.3">
<t>When host 8 sends a packet to host 1, the packet is encapsulated <name slugifiedName="name-inter-sr-domain-packet-inte">Inter-SR-Domain
for the portion of its journey within the SR Domain. From 8 to 3 the Packet -- Internal to External</name>
<t pn="section-6.3.3-1">When host 8 sends a packet to host 1, the pack
et is encapsulated
for the portion of its journey within the SR domain. From 8 to 3 the
packet is</t> packet is</t>
<t pn="section-6.3.3-2">P7: (A8,S3)(A8,A1)</t>
<t>P7: (A8,S3)(A8,A1)</t> <t pn="section-6.3.3-3">In the opposite direction, the packet generate
d from 1 to 8
<t>In the opposite direction, the packet generated from 1 to 8
is</t> is</t>
<t pn="section-6.3.3-4">P8: (A1,A8)</t>
<t>P8: (A1,A8)</t> <t pn="section-6.3.3-5">At node 3, P8 is encapsulated for the portion
of its journey
<t>At node 3 P8 is encapsulated for the portion of its journey
within the SR domain, with the outer header destined to segment S8. within the SR domain, with the outer header destined to segment S8.
Resulting in</t> This results in</t>
<t pn="section-6.3.3-6">P9: (A3,S8)(A1,A8)</t>
<t>P9: (A3,S8)(A1,A8)</t> <t pn="section-6.3.3-7">At node 8, the outer IPv6 header is removed by
S8 processing, then
<t>At node 8 the outer IPv6 header is removed by S8 processing, then
processed again when received by A8.</t> processed again when received by A8.</t>
</section> </section>
</section> </section>
<section numbered="true" toc="include" removeInRFC="false" pn="section-6.4
<section title="Transit Node"> ">
<t>Nodes 5 acts as transit nodes for packet P1, and sends packet</t> <name slugifiedName="name-transit-node-3">Transit Node</name>
<t pn="section-6.4-1">Node 5 acts as transit node for packet P1 and send
<t>P1: (A8,S7)(A9,S7;SL=1)</t> s packet</t>
<t pn="section-6.4-2">P1: (A8,S7)(A9,S7;SL=1)</t>
<t>on the interface toward node 7.</t> <t pn="section-6.4-3">on the interface toward node 7.</t>
</section> </section>
<section numbered="true" toc="include" removeInRFC="false" pn="section-6.5
<section title="SR Segment Endpoint Node"> ">
<t>Node 7 receives packet P1 and, using the logic in <xref <name slugifiedName="name-sr-segment-endpoint-node-3">SR Segment Endpoin
target="pktENDSID"/>, sends packet</t> t Node</name>
<t pn="section-6.5-1">Node 7 receives packet P1 and, using the logic in
<t>P7: (A8,A9)(A9,S7; SL=0)</t> <xref target="pktENDSID" format="default" sectionFormat="of" derivedContent="Sec
tion 4.3.1"/>, sends packet</t>
<t>on the interface toward router 6.</t> <t pn="section-6.5-2">P7: (A8,A9)(A9,S7; SL=0)</t>
<t pn="section-6.5-3">on the interface toward router 6.</t>
</section> </section>
<section numbered="true" toc="include" removeInRFC="false" pn="section-6.6
<section title="Delegation of Function with HMAC Verification"> ">
<t>This section describes how a function may be delegated within the <name slugifiedName="name-delegation-of-function-with">Delegation of Fun
SR Domain. In the following sections consider a host 8 connected to a ction with HMAC Verification</name>
<t pn="section-6.6-1">This section describes how a function may be deleg
ated within the
SR domain. In the following sections, consider a host 8 connected to a
top of rack 5.</t> top of rack 5.</t>
<section numbered="true" toc="include" removeInRFC="false" pn="section-6
<section title="SID List Verification"> .6.1">
<t>An operator may prefer to apply the SRH at source 8, while 5 <name slugifiedName="name-sid-list-verification">SID List Verification
verifies the SID list is valid.</t> </name>
<t pn="section-6.6.1-1">An operator may prefer to apply the SRH at sou
<t>For illustration purpose, an SDN controller provides 8 an SRH rce 8, while 5
terminating at node 9, with segment list &lt;S5,S7,S6,A9&gt;, and verifies that the SID list is valid.</t>
<t pn="section-6.6.1-2">For illustration purposes, an SDN controller p
rovides 8 an SRH
terminating at node 9, with Segment List &lt;S5,S7,S6,A9&gt;, and
HMAC TLV computed for the SRH. The HMAC key ID and key associated HMAC TLV computed for the SRH. The HMAC key ID and key associated
with the HMAC TLV is shared with 5. Node 8 does not know the key. with the HMAC TLV is shared with 5. Node 8 does not know the key.
Node 5 is configured with an IACL applied to the interface connected Node 5 is configured with an IACL applied to the interface connected
to 8, requiring HMAC verification for any packet destined to to 8, requiring HMAC verification for any packet destined to
S/s.</t> S/s.</t>
<t pn="section-6.6.1-3">Node 8 originates packets with the received SR
<t>Node 8 originates packets with the received SRH including HMAC H, including HMAC
TLV.</t> TLV.</t>
<t pn="section-6.6.1-4">P15: (A8,S5)(A9,S6,S7,S5;SL=3;HMAC)</t>
<t>P15:(A8,S5)(A9,S6,S7,S5;SL=3;HMAC)</t> <t pn="section-6.6.1-5">Node 5 receives and verifies the HMAC for the
SRH, then forwards
<t>Node 5 receives and verifies the HMAC for the SRH, then forwards
the packet to the next segment</t> the packet to the next segment</t>
<t pn="section-6.6.1-6">P16: (A8,S7)(A9,S6,S7,S5;SL=2;HMAC)</t>
<t>P16:(A8,S7)(A9,S6,S7,S5;SL=2;HMAC)</t> <t pn="section-6.6.1-7">Node 6 receives</t>
<t pn="section-6.6.1-8">P17: (A8,S6)(A9,S6,S7,S5;SL=1;HMAC)</t>
<t>Node 6 receives</t> <t pn="section-6.6.1-9">Node 9 receives</t>
<t pn="section-6.6.1-10">P18: (A8,A9)(A9,S6,S7,S5;SL=0;HMAC)</t>
<t>P17:(A8,S6)(A9,S6,S7,S5;SL=1;HMAC)</t> <t pn="section-6.6.1-11">This use of an HMAC is particularly valuable
within an
<t>Node 9 receives</t> enterprise-based SR domain <xref target="SRN" format="default" sectionF
ormat="of" derivedContent="SRN"/>.</t>
<t>P18:(A8,A9)(A9,S6,S7,S5;SL=0;HMAC)</t>
<t>This use of an HMAC is particularly valuable within an enterprise
based SR Domain <xref target="SRN"/>.</t>
</section> </section>
</section> </section>
</section> </section>
<section anchor="Security" numbered="true" toc="include" removeInRFC="false"
<section anchor="Security" title="Security Considerations"> pn="section-7">
<t>This section reviews security considerations related to the SRH, <name slugifiedName="name-security-considerations">Security Considerations
</name>
<t pn="section-7-1">This section reviews security considerations related t
o the SRH,
given the SRH processing and deployment models discussed in this given the SRH processing and deployment models discussed in this
document.</t> document.</t>
<t pn="section-7-2">As described in <xref target="DEP" format="default" se
<t>As described in <xref target="DEP"/>, it is necessary to filter ctionFormat="of" derivedContent="Section 5"/>, it is necessary to filter
packets ingress to the SR Domain, destined to SIDs within the SR Domain packets' ingress to the SR domain, destined to SIDs within the SR domain
(i.e., bearing a SID in the destination address). This ingress filtering (i.e., bearing a SID in the destination address). This ingress filtering
is via an IACL at SR Domain ingress border nodes. Additional protection is via an IACL at SR domain ingress border nodes. Additional protection
is applied via an IACL at each SR Segment Endpoint node, filtering is applied via an IACL at each SR Segment Endpoint node, filtering
packets not from within the SR Domain, destined to SIDs in the SR packets not from within the SR domain, destined to SIDs in the SR domain.
Domain. ACLs are easily supported for small numbers of prefixes, making ACLs are easily supported for small numbers of seldom changing prefixes, making
summarization important, and when the prefixes requiring filtering is summarization important.</t>
kept to a seldom changing set.</t> <t pn="section-7-3">Additionally, ingress filtering of IPv6 source address
es as
<t>Additionally, ingress filtering of IPv6 source addresses as recommended in BCP 38 <xref target="RFC2827" format="default" sectionForma
recommended in BCP38 <xref target="RFC2827"/> SHOULD be used.</t> t="of" derivedContent="RFC2827"/> <bcp14>SHOULD</bcp14> be used.</t>
<section numbered="true" toc="include" removeInRFC="false" pn="section-7.1
<section title="Source Routing Attacks"> ">
<t>An SR domain implements distributed and per node protection as <name slugifiedName="name-sr-attacks">SR Attacks</name>
described in section 5.1. Additionally, domains deny traffic with <t pn="section-7.1-1">An SR domain implements distributed and per-node p
spoofed addresses by implementing the recommendations in BCP 84 <xref rotection as
target="RFC3704"/>.</t> described in <xref target="SECSRDOMAIN" format="default" sectionFormat="
of" derivedContent="Section 5.1"/>. Additionally, domains deny traffic with
<t>Full implementation of the recommended protection blocks the spoofed addresses by implementing the recommendations in BCP 84 <xref ta
attacks documented in <xref target="RFC5095"/> from outside the SR rget="RFC3704" format="default" sectionFormat="of" derivedContent="RFC3704"/>.</
domain, including bypassing filtering devices, reaching otherwise t>
unreachable Internet systems, network topology discovery, bandwidth <t pn="section-7.1-2">Full implementation of the recommended protection
blocks the
attacks documented in <xref target="RFC5095" format="default" sectionFor
mat="of" derivedContent="RFC5095"/> from outside the SR
domain, including bypassing filtering devices, reaching
otherwise-unreachable Internet systems, network topology discovery,
bandwidth
exhaustion, and defeating anycast.</t> exhaustion, and defeating anycast.</t>
<t pn="section-7.1-3">Failure to implement distributed and per-node prot
<t>Failure to implement distributed and per node protection allows ection allows
attackers to bypass filtering devices and exposes the SR Domain to attackers to bypass filtering devices and exposes the SR domain to
these attacks.</t> these attacks.</t>
<t pn="section-7.1-4">Compromised nodes within the SR domain may mount t
<t>Compromised nodes within the SR Domain may mount the attacks listed he attacks listed
above along with other known attacks on IP networks (e.g. DOS/DDOS, above along with other known attacks on IP networks (e.g., DoS/DDoS,
topology discovery, man-in-the-middle, traffic topology discovery, man-in-the-middle, traffic
interception/siphoning).</t> interception/siphoning).</t>
</section> </section>
<section numbered="true" toc="include" removeInRFC="false" pn="section-7.2
<section title="Service Theft"> ">
<t>Service theft is defined as the use of a service offered by the SR <name slugifiedName="name-service-theft">Service Theft</name>
Domain by a node not authorized to use the service.</t> <t pn="section-7.2-1">Service theft is defined as the use of a service o
ffered by the SR
<t>Service theft is not a concern within the SR Domain as all SR domain by a node not authorized to use the service.</t>
Source nodes and SR segment endpoint nodes within the domain are able <t pn="section-7.2-2">Service theft is not a concern within the SR domai
to utilize the services of the Domain. If a node outside the SR Domain n, as all SR
source nodes and SR segment endpoint nodes within the domain are able
to utilize the services of the domain. If a node outside the SR domain
learns of segments or a topological service within the SR domain, IACL learns of segments or a topological service within the SR domain, IACL
filtering denies access to those segments.</t> filtering denies access to those segments.</t>
</section> </section>
<section numbered="true" toc="include" removeInRFC="false" pn="section-7.3
<section title="Topology Disclosure"> ">
<t>The SRH is unencrypted and may contain SIDs of some intermediate <name slugifiedName="name-topology-disclosure">Topology Disclosure</name
SR-nodes in the path towards the destination within the SR Domain. If >
packets can be snooped within the SR Domain, the SRH may reveal <t pn="section-7.3-1">The SRH is unencrypted and may contain SIDs of som
e intermediate
SR nodes in the path towards the destination within the SR domain. If
packets can be snooped within the SR domain, the SRH may reveal
topology, traffic flows, and service usage.</t> topology, traffic flows, and service usage.</t>
<t pn="section-7.3-2">This is applicable within an SR domain, but the di
<t>This is applicable within an SR Domain, but the disclosure is less sclosure is less
relevant as an attacker has other means of learning topology, flows, relevant as an attacker has other means of learning topology, flows,
and service usage.</t> and service usage.</t>
</section> </section>
<section numbered="true" toc="include" removeInRFC="false" pn="section-7.4
<section title="ICMP Generation"> ">
<t>The generation of ICMPv6 error messages may be used to attempt <name slugifiedName="name-icmp-generation">ICMP Generation</name>
<t pn="section-7.4-1">The generation of ICMPv6 error messages may be use
d to attempt
denial-of-service attacks by sending an error-causing destination denial-of-service attacks by sending an error-causing destination
address or SRH in back-to-back packets. An implementation that address or SRH in back-to-back packets. An implementation that
correctly follows Section 2.4 of <xref target="RFC4443"/> would be correctly follows <xref target="RFC4443" sectionFormat="of" section="2.4 " format="default" derivedLink="https://rfc-editor.org/rfc/rfc4443#section-2.4" derivedContent="RFC4443"/> would be
protected by the ICMPv6 rate-limiting mechanism.</t> protected by the ICMPv6 rate-limiting mechanism.</t>
</section> </section>
<section numbered="true" toc="include" removeInRFC="false" pn="section-7.5
<section title="Applicability of AH"> ">
<t>The SR Domain is a trusted domain, as defined in <xref <name slugifiedName="name-applicability-of-ah">Applicability of AH</name
target="RFC8402"/> Section 2 and Section 8.2. The SR Source is trusted >
<t pn="section-7.5-1">The SR domain is a trusted domain, as defined in <
xref target="RFC8402" format="default" sectionFormat="of" derivedContent="RFC840
2"/>, Sections <xref target="RFC8402" section="2" sectionFormat="bare" format="d
efault" derivedLink="https://rfc-editor.org/rfc/rfc8402#section-2" derivedConten
t="RFC8402"/> and <xref target="RFC8402" section="8.2" sectionFormat="bare" form
at="default" derivedLink="https://rfc-editor.org/rfc/rfc8402#section-8.2" derive
dContent="RFC8402"/>. The SR source is trusted
to add an SRH (optionally verified as having been generated by a to add an SRH (optionally verified as having been generated by a
trusted source via the HMAC TLV in this document), and segments trusted source via the HMAC TLV in this document), and segments
advertised within the domain are trusted to be accurate and advertised advertised within the domain are trusted to be accurate and advertised
by trusted sources via a secure control plane. As such the SR Domain by trusted sources via a secure control plane. As such, the SR domain
does not rely on the Authentication Header (AH) as defined in <xref does not rely on the Authentication Header (AH) as defined in <xref targ
target="RFC4302"/> to secure the SRH.</t> et="RFC4302" format="default" sectionFormat="of" derivedContent="RFC4302"/> to s
ecure the SRH.</t>
<t>The use of SRH with AH by an SR source node, and processing at a SR <t pn="section-7.5-2">The use of SRH with AH by an SR source node and it
segment endpoint node is not defined in this document. Future s processing at an SR
segment endpoint node are not defined in this document. Future
documents may define use of SRH with AH and its processing.</t> documents may define use of SRH with AH and its processing.</t>
</section> </section>
</section> </section>
<section anchor="IANA" numbered="true" toc="include" removeInRFC="false" pn=
<section anchor="IANA" title="IANA Considerations"> "section-8">
<t>This document makes the following registrations in the Internet <name slugifiedName="name-iana-considerations">IANA Considerations</name>
Protocol Version 6 (IPv6) Parameters "Routing Type" registry maintained <t pn="section-8-1">This document makes the following registrations in the
by IANA:<figure align="center"> "Internet
<artwork align="left"> Protocol Version 6 (IPv6) Parameters" "Routing Types" subregistry maintain
Suggested Description Reference ed
Value by IANA:</t>
4 Segment Routing Header (SRH) This document</artwork> <table anchor="SRH-REG" align="center" pn="table-1">
</figure></t> <name slugifiedName="name-srh-registration">SRH Registration</name>
<thead>
<t>This document makes the following registrations in "Type 4 - <tr>
<th align="left" colspan="1" rowspan="1">Value</th>
<th align="left" colspan="1" rowspan="1">Description</th>
<th align="left" colspan="1" rowspan="1">Reference</th>
</tr>
</thead>
<tbody>
<tr>
<td align="left" colspan="1" rowspan="1">4</td>
<td align="left" colspan="1" rowspan="1">Segment Routing Header (SRH
)</td>
<td align="left" colspan="1" rowspan="1">This document</td>
</tr>
</tbody>
</table>
<t pn="section-8-3">This document makes the following registrations in the
"Type 4 -
Parameter Problem" message of the "Internet Control Message Protocol Parameter Problem" message of the "Internet Control Message Protocol
version 6 (ICMPv6) Parameters" registry maintained by IANA:<figure version 6 (ICMPv6) Parameters" registry maintained by IANA:</t>
align="center"> <table anchor="UPPER-LAYER" align="center" pn="table-2">
<artwork align="left"> <name slugifiedName="name-sr-upper-layer-header-error">SR Upper-layer He
CODE NAME/DESCRIPTION ader Error Registration</name>
TBD IANA SR Upper-layer Header Error</artwork> <thead>
</figure></t> <tr>
<th align="left" colspan="1" rowspan="1">Code</th>
<t>This section provides guidance to the Internet Assigned Numbers <th align="left" colspan="1" rowspan="1">Name</th>
Authority (IANA) regarding registration of values related to the SRH, in </tr>
accordance with BCP 26, <xref target="RFC8126"/>.</t> </thead>
<tbody>
<t>The following terms are used here with the meanings defined in BCP <tr>
26: "namespace", "assigned value", "registration".</t> <td align="left" colspan="1" rowspan="1">4</td>
<td align="left" colspan="1" rowspan="1">SR Upper-layer Header Error
<t>The following policies are used here with the meanings defined in BCP </td>
26 <xref target="RFC8126"/>: "IETF Review".</t> </tr>
</tbody>
<section anchor="SRHFLAGSREG" </table>
title="Segment Routing Header Flags Registry"> <section anchor="SRHFLAGSREG" numbered="true" toc="include" removeInRFC="f
<t>This document requests the creation of a new IANA managed registry alse" pn="section-8.1">
<name slugifiedName="name-segment-routing-header-flag">Segment Routing H
eader Flags Registry</name>
<t pn="section-8.1-1">This document describes a new IANA-managed registr
y
to identify SRH Flags Bits. The registration procedure is "IETF to identify SRH Flags Bits. The registration procedure is "IETF
Review". Suggested registry name is "Segment Routing Header Flags". Review" <xref target="RFC8126" format="default" sectionFormat="of" deriv
Flags is 8 bits.</t> edContent="RFC8126"/>. The registry name is "Segment Routing Header Flags".
Flags are 8 bits.</t>
</section> </section>
<section anchor="SRHTLVREG" numbered="true" toc="include" removeInRFC="fal
<section anchor="SRHTLVREG" title="Segment Routing Header TLVs Registry"> se" pn="section-8.2">
<t>This document requests the creation of a new IANA managed registry <name slugifiedName="name-segment-routing-header-tlvs">Segment Routing H
eader TLVs Registry</name>
<t pn="section-8.2-1">This document describes a new IANA-managed registr
y
to identify SRH TLVs. The registration procedure is "IETF Review". to identify SRH TLVs. The registration procedure is "IETF Review".
Suggested registry name is "Segment Routing Header TLVs". A TLV is The registry name is "Segment Routing Header TLVs". A TLV is
identified through an unsigned 8 bit codepoint value, with assigned identified through an unsigned 8-bit codepoint value, with assigned
values 0-127 for TLVs that do not change en route, and 128-255 for values 0-127 for TLVs that do not change en route and 128-255 for
TLVs that may change en route. The following codepoints are defined in TLVs that may change en route. The following codepoints are defined in
this document: <figure align="center"> this document: </t>
<artwork align="left"> <table anchor="TLV-REG" align="center" pn="table-3">
Assigned Description Reference <name slugifiedName="name-segment-routing-header-tlvs-">Segment Routin
Value g Header TLVs Registry</name>
0 Pad1 TLV This document <thead>
1 Reserved This document <tr>
2 Reserved This document <th align="left" colspan="1" rowspan="1">Value</th>
3 Reserved This document <th align="left" colspan="1" rowspan="1">Description</th>
4 PadN TLV This document <th align="left" colspan="1" rowspan="1">Reference</th>
5 HMAC TLV This document </tr>
6 Reserved This document </thead>
124-126 Experimentation and Test This document <tbody>
127 Reserved This document <tr>
252-254 Experimentation and Test This document <td align="left" colspan="1" rowspan="1">0</td>
255 Reserved This document</artwork> <td align="left" colspan="1" rowspan="1">Pad1 TLV</td>
</figure></t> <td align="left" colspan="1" rowspan="1">This document</td>
</tr>
<t>Values 1,2,3,6 were defined in draft versions of this specification <tr>
<td align="left" colspan="1" rowspan="1">1</td>
<td align="left" colspan="1" rowspan="1">Reserved</td>
<td align="left" colspan="1" rowspan="1">This document</td>
</tr>
<tr>
<td align="left" colspan="1" rowspan="1">2</td>
<td align="left" colspan="1" rowspan="1">Reserved</td>
<td align="left" colspan="1" rowspan="1">This document</td>
</tr>
<tr>
<td align="left" colspan="1" rowspan="1">3</td>
<td align="left" colspan="1" rowspan="1">Reserved</td>
<td align="left" colspan="1" rowspan="1">This document</td>
</tr>
<tr>
<td align="left" colspan="1" rowspan="1">4</td>
<td align="left" colspan="1" rowspan="1">PadN TLV</td>
<td align="left" colspan="1" rowspan="1">This document</td>
</tr>
<tr>
<td align="left" colspan="1" rowspan="1">5</td>
<td align="left" colspan="1" rowspan="1">HMAC TLV</td>
<td align="left" colspan="1" rowspan="1">This document</td>
</tr>
<tr>
<td align="left" colspan="1" rowspan="1">6</td>
<td align="left" colspan="1" rowspan="1">Reserved</td>
<td align="left" colspan="1" rowspan="1">This document</td>
</tr>
<tr>
<td align="left" colspan="1" rowspan="1">124-126</td>
<td align="left" colspan="1" rowspan="1">Experimentation and Test<
/td>
<td align="left" colspan="1" rowspan="1">This document</td>
</tr>
<tr>
<td align="left" colspan="1" rowspan="1">127</td>
<td align="left" colspan="1" rowspan="1">Reserved</td>
<td align="left" colspan="1" rowspan="1">This document</td>
</tr>
<tr>
<td align="left" colspan="1" rowspan="1">252-254</td>
<td align="left" colspan="1" rowspan="1">Experimentation and Test<
/td>
<td align="left" colspan="1" rowspan="1">This document</td>
</tr>
<tr>
<td align="left" colspan="1" rowspan="1">255</td>
<td align="left" colspan="1" rowspan="1">Reserved</td>
<td align="left" colspan="1" rowspan="1">This document</td>
</tr>
</tbody>
</table>
<t pn="section-8.2-3">Values 1, 2, 3, and 6 were defined in draft versio
ns of this specification
and are Reserved for backwards compatibility with early and are Reserved for backwards compatibility with early
implementations and should not be reassigned. Values 127 and 255 are implementations and should not be reassigned. Values 127 and 255 are
Reserved to allow for expansion of the Type field in future Reserved to allow for expansion of the Type field in future
specifications if needed.</t> specifications, if needed.</t>
</section>
</section>
<section anchor="Implementation" title="Implementation Status">
<t>This section is to be removed prior to publishing as an RFC.</t>
<t>See <xref target="I-D.matsushima-spring-srv6-deployment-status"/> for
updated deployment and interoperability reports.</t>
<section anchor="IMPLINUX" title="Linux">
<t>Name: Linux Kernel v4.14</t>
<t>Status: Production</t>
<t>Implementation: adds SRH, performs END processing, supports HMAC
TLV</t>
<t>Details: https://irtf.org/anrw/2017/anrw17-final3.pdf and <xref
target="I-D.filsfils-spring-srv6-interop"/></t>
</section>
<section anchor="IMPCISCO" title="Cisco Systems">
<t>Name: IOS XR and IOS XE</t>
<t>Status: Production (IOS XR), Pre-production (IOS XE)</t>
<t>Implementation: adds SRH, performs END processing, no TLV
processing</t>
<t>Details: <xref target="I-D.filsfils-spring-srv6-interop"/></t>
</section>
<section anchor="IMPFDIO" title="FD.io">
<t>Name: VPP/Segment Routing for IPv6</t>
<t>Status: Production</t>
<t>Implementation: adds SRH, performs END processing, no TLV
processing</t>
<t>Details: https://wiki.fd.io/view/VPP/Segment_Routing_for_IPv6 and
<xref target="I-D.filsfils-spring-srv6-interop"/></t>
</section>
<section anchor="IMPBAREFOOT" title="Barefoot">
<t>Name: Barefoot Networks Tofino NPU</t>
<t>Status: Prototype</t>
<t>Implementation: performs END processing, no TLV processing</t>
<t>Details: <xref target="I-D.filsfils-spring-srv6-interop"/></t>
</section>
<section title="Juniper">
<t>Name: Juniper Networks Trio and vTrio NPU's</t>
<t>Status: Prototype &amp; Experimental</t>
<t>Implementation: SRH insertion mode, Process SID where SID is an
interface address, no TLV processing</t>
</section>
<section title="Huawei">
<t>Name: Huawei Systems VRP Platform</t>
<t>Status: Production</t>
<t>Implementation: adds SRH, performs END processing, no TLV
processing</t>
</section> </section>
</section> </section>
</middle>
<section anchor="Contributors" title="Contributors"> <back>
<t>Kamran Raza, Zafar Ali, Brian Field, Daniel Bernier, Ida Leung, Jen <displayreference target="I-D.ietf-intarea-tunnels" to="INTAREA-TUNNELS"/>
Linkova, Ebben Aries, Tomoya Kosugi, Eric Vyncke, David Lebrun, Dirk <references pn="section-9">
Steinberg, Robert Raszuk, Dave Barach, John Brzozowski, Pierre Francois, <name slugifiedName="name-references">References</name>
Nagendra Kumar, Mark Townsley, Christian Martin, Roberta Maglione, James <references pn="section-9.1">
Connolly, Aloys Augustin contributed to the content of this <name slugifiedName="name-normative-references">Normative References</na
me>
<reference anchor="FIPS180-4" target="http://csrc.nist.gov/publications/
fips/fips180-4/fips-180-4.pdf" quoteTitle="true" derivedAnchor="FIPS180-4">
<front>
<title>Secure Hash Standard (SHS)</title>
<author>
<organization showOnFrontPage="true">National Institute of Standar
ds and Technology (NIST)</organization>
</author>
<date month="August" year="2015"/>
</front>
<refcontent>FIPS PUB 180-4</refcontent>
<refcontent>DOI 10.6028/NIST.FIPS.180-4</refcontent>
</reference>
<reference anchor="IANA-SRHTLV" target="https://www.iana.org/assignments
/ipv6-parameters/" quoteTitle="true" derivedAnchor="IANA-SRHTLV">
<front>
<title>Segment Routing Header TLVs</title>
<author>
<organization showOnFrontPage="true">IANA</organization>
</author>
</front>
</reference>
<reference anchor="RFC2104" target="https://www.rfc-editor.org/info/rfc2
104" quoteTitle="true" derivedAnchor="RFC2104">
<front>
<title>HMAC: Keyed-Hashing for Message Authentication</title>
<author initials="H." surname="Krawczyk" fullname="H. Krawczyk">
<organization showOnFrontPage="true"/>
</author>
<author initials="M." surname="Bellare" fullname="M. Bellare">
<organization showOnFrontPage="true"/>
</author>
<author initials="R." surname="Canetti" fullname="R. Canetti">
<organization showOnFrontPage="true"/>
</author>
<date year="1997" month="February"/>
<abstract>
<t>This document describes HMAC, a mechanism for message authentic
ation using cryptographic hash functions. HMAC can be used with any iterative cr
yptographic hash function, e.g., MD5, SHA-1, in combination with a secret shared
key. The cryptographic strength of HMAC depends on the properties of the under
lying hash function. This memo provides information for the Internet community.
This memo does not specify an Internet standard of any kind</t>
</abstract>
</front>
<seriesInfo name="RFC" value="2104"/>
<seriesInfo name="DOI" value="10.17487/RFC2104"/>
</reference>
<reference anchor="RFC2119" target="https://www.rfc-editor.org/info/rfc2
119" quoteTitle="true" derivedAnchor="RFC2119">
<front>
<title>Key words for use in RFCs to Indicate Requirement Levels</tit
le>
<author initials="S." surname="Bradner" fullname="S. Bradner">
<organization showOnFrontPage="true"/>
</author>
<date year="1997" month="March"/>
<abstract>
<t>In many standards track documents several words are used to sig
nify the requirements in the specification. These words are often capitalized.
This document defines these words as they should be interpreted in IETF document
s. This document specifies an Internet Best Current Practices for the Internet
Community, and requests discussion and suggestions for improvements.</t>
</abstract>
</front>
<seriesInfo name="BCP" value="14"/>
<seriesInfo name="RFC" value="2119"/>
<seriesInfo name="DOI" value="10.17487/RFC2119"/>
</reference>
<reference anchor="RFC2473" target="https://www.rfc-editor.org/info/rfc2
473" quoteTitle="true" derivedAnchor="RFC2473">
<front>
<title>Generic Packet Tunneling in IPv6 Specification</title>
<author initials="A." surname="Conta" fullname="A. Conta">
<organization showOnFrontPage="true"/>
</author>
<author initials="S." surname="Deering" fullname="S. Deering">
<organization showOnFrontPage="true"/>
</author>
<date year="1998" month="December"/>
<abstract>
<t>This document defines the model and generic mechanisms for IPv6
encapsulation of Internet packets, such as IPv6 and IPv4. [STANDARDS-TRACK]</t
>
</abstract>
</front>
<seriesInfo name="RFC" value="2473"/>
<seriesInfo name="DOI" value="10.17487/RFC2473"/>
</reference>
<reference anchor="RFC2827" target="https://www.rfc-editor.org/info/rfc2
827" quoteTitle="true" derivedAnchor="RFC2827">
<front>
<title>Network Ingress Filtering: Defeating Denial of Service Attack
s which employ IP Source Address Spoofing</title>
<author initials="P." surname="Ferguson" fullname="P. Ferguson">
<organization showOnFrontPage="true"/>
</author>
<author initials="D." surname="Senie" fullname="D. Senie">
<organization showOnFrontPage="true"/>
</author>
<date year="2000" month="May"/>
<abstract>
<t>This paper discusses a simple, effective, and straightforward m
ethod for using ingress traffic filtering to prohibit DoS (Denial of Service) at
tacks which use forged IP addresses to be propagated from 'behind' an Internet S
ervice Provider's (ISP) aggregation point. This document specifies an Internet
Best Current Practices for the Internet Community, and requests discussion and s
uggestions for improvements.</t>
</abstract>
</front>
<seriesInfo name="BCP" value="38"/>
<seriesInfo name="RFC" value="2827"/>
<seriesInfo name="DOI" value="10.17487/RFC2827"/>
</reference>
<reference anchor="RFC3704" target="https://www.rfc-editor.org/info/rfc3
704" quoteTitle="true" derivedAnchor="RFC3704">
<front>
<title>Ingress Filtering for Multihomed Networks</title>
<author initials="F." surname="Baker" fullname="F. Baker">
<organization showOnFrontPage="true"/>
</author>
<author initials="P." surname="Savola" fullname="P. Savola">
<organization showOnFrontPage="true"/>
</author>
<date year="2004" month="March"/>
<abstract>
<t>BCP 38, RFC 2827, is designed to limit the impact of distribute
d denial of service attacks, by denying traffic with spoofed addresses access to
the network, and to help ensure that traffic is traceable to its correct source
network. As a side effect of protecting the Internet against such attacks, the
network implementing the solution also protects itself from this and other atta
cks, such as spoofed management access to networking equipment. There are cases
when this may create problems, e.g., with multihoming. This document describes
the current ingress filtering operational mechanisms, examines generic issues r
elated to ingress filtering, and delves into the effects on multihoming in parti
cular. This memo updates RFC 2827. This document specifies an Internet Best Cu
rrent Practices for the Internet Community, and requests discussion and suggesti
ons for improvements.</t>
</abstract>
</front>
<seriesInfo name="BCP" value="84"/>
<seriesInfo name="RFC" value="3704"/>
<seriesInfo name="DOI" value="10.17487/RFC3704"/>
</reference>
<reference anchor="RFC4107" target="https://www.rfc-editor.org/info/rfc4
107" quoteTitle="true" derivedAnchor="RFC4107">
<front>
<title>Guidelines for Cryptographic Key Management</title>
<author initials="S." surname="Bellovin" fullname="S. Bellovin">
<organization showOnFrontPage="true"/>
</author>
<author initials="R." surname="Housley" fullname="R. Housley">
<organization showOnFrontPage="true"/>
</author>
<date year="2005" month="June"/>
<abstract>
<t>The question often arises of whether a given security system re
quires some form of automated key management, or whether manual keying is suffic
ient. This memo provides guidelines for making such decisions. When symmetric c
ryptographic mechanisms are used in a protocol, the presumption is that automate
d key management is generally but not always needed. If manual keying is propos
ed, the burden of proving that automated key management is not required falls to
the proposer. This document specifies an Internet Best Current Practices for t
he Internet Community, and requests discussion and suggestions for improvements.
</t>
</abstract>
</front>
<seriesInfo name="BCP" value="107"/>
<seriesInfo name="RFC" value="4107"/>
<seriesInfo name="DOI" value="10.17487/RFC4107"/>
</reference>
<reference anchor="RFC4302" target="https://www.rfc-editor.org/info/rfc4
302" quoteTitle="true" derivedAnchor="RFC4302">
<front>
<title>IP Authentication Header</title>
<author initials="S." surname="Kent" fullname="S. Kent">
<organization showOnFrontPage="true"/>
</author>
<date year="2005" month="December"/>
<abstract>
<t>This document describes an updated version of the IP Authentica
tion Header (AH), which is designed to provide authentication services in IPv4 a
nd IPv6. This document obsoletes RFC 2402 (November 1998). [STANDARDS-TRACK]</
t>
</abstract>
</front>
<seriesInfo name="RFC" value="4302"/>
<seriesInfo name="DOI" value="10.17487/RFC4302"/>
</reference>
<reference anchor="RFC5095" target="https://www.rfc-editor.org/info/rfc5
095" quoteTitle="true" derivedAnchor="RFC5095">
<front>
<title>Deprecation of Type 0 Routing Headers in IPv6</title>
<author initials="J." surname="Abley" fullname="J. Abley">
<organization showOnFrontPage="true"/>
</author>
<author initials="P." surname="Savola" fullname="P. Savola">
<organization showOnFrontPage="true"/>
</author>
<author initials="G." surname="Neville-Neil" fullname="G. Neville-Ne
il">
<organization showOnFrontPage="true"/>
</author>
<date year="2007" month="December"/>
<abstract>
<t>The functionality provided by IPv6's Type 0 Routing Header can
be exploited in order to achieve traffic amplification over a remote path for th
e purposes of generating denial-of-service traffic. This document updates the I
Pv6 specification to deprecate the use of IPv6 Type 0 Routing Headers, in light
of this security concern. [STANDARDS-TRACK]</t>
</abstract>
</front>
<seriesInfo name="RFC" value="5095"/>
<seriesInfo name="DOI" value="10.17487/RFC5095"/>
</reference>
<reference anchor="RFC6407" target="https://www.rfc-editor.org/info/rfc6
407" quoteTitle="true" derivedAnchor="RFC6407">
<front>
<title>The Group Domain of Interpretation</title>
<author initials="B." surname="Weis" fullname="B. Weis">
<organization showOnFrontPage="true"/>
</author>
<author initials="S." surname="Rowles" fullname="S. Rowles">
<organization showOnFrontPage="true"/>
</author>
<author initials="T." surname="Hardjono" fullname="T. Hardjono">
<organization showOnFrontPage="true"/>
</author>
<date year="2011" month="October"/>
<abstract>
<t>This document describes the Group Domain of Interpretation (GDO
I) protocol specified in RFC 3547. The GDOI provides group key management to su
pport secure group communications according to the architecture specified in RFC
4046. The GDOI manages group security associations, which are used by IPsec an
d potentially other data security protocols. This document replaces RFC 3547.
[STANDARDS-TRACK]</t>
</abstract>
</front>
<seriesInfo name="RFC" value="6407"/>
<seriesInfo name="DOI" value="10.17487/RFC6407"/>
</reference>
<reference anchor="RFC6437" target="https://www.rfc-editor.org/info/rfc6
437" quoteTitle="true" derivedAnchor="RFC6437">
<front>
<title>IPv6 Flow Label Specification</title>
<author initials="S." surname="Amante" fullname="S. Amante">
<organization showOnFrontPage="true"/>
</author>
<author initials="B." surname="Carpenter" fullname="B. Carpenter">
<organization showOnFrontPage="true"/>
</author>
<author initials="S." surname="Jiang" fullname="S. Jiang">
<organization showOnFrontPage="true"/>
</author>
<author initials="J." surname="Rajahalme" fullname="J. Rajahalme">
<organization showOnFrontPage="true"/>
</author>
<date year="2011" month="November"/>
<abstract>
<t>This document specifies the IPv6 Flow Label field and the minim
um requirements for IPv6 nodes labeling flows, IPv6 nodes forwarding labeled pac
kets, and flow state establishment methods. Even when mentioned as examples of
possible uses of the flow labeling, more detailed requirements for specific use
cases are out of the scope for this document.</t>
<t>The usage of the Flow Label field enables efficient IPv6 flow c
lassification based only on IPv6 main header fields in fixed positions. [STANDA
RDS-TRACK]</t>
</abstract>
</front>
<seriesInfo name="RFC" value="6437"/>
<seriesInfo name="DOI" value="10.17487/RFC6437"/>
</reference>
<reference anchor="RFC6438" target="https://www.rfc-editor.org/info/rfc6
438" quoteTitle="true" derivedAnchor="RFC6438">
<front>
<title>Using the IPv6 Flow Label for Equal Cost Multipath Routing an
d Link Aggregation in Tunnels</title>
<author initials="B." surname="Carpenter" fullname="B. Carpenter">
<organization showOnFrontPage="true"/>
</author>
<author initials="S." surname="Amante" fullname="S. Amante">
<organization showOnFrontPage="true"/>
</author>
<date year="2011" month="November"/>
<abstract>
<t>The IPv6 flow label has certain restrictions on its use. This
document describes how those restrictions apply when using the flow label for lo
ad balancing by equal cost multipath routing and for link aggregation, particula
rly for IP-in-IPv6 tunneled traffic. [STANDARDS-TRACK]</t>
</abstract>
</front>
<seriesInfo name="RFC" value="6438"/>
<seriesInfo name="DOI" value="10.17487/RFC6438"/>
</reference>
<reference anchor="RFC8174" target="https://www.rfc-editor.org/info/rfc8
174" quoteTitle="true" derivedAnchor="RFC8174">
<front>
<title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</ti
tle>
<author initials="B." surname="Leiba" fullname="B. Leiba">
<organization showOnFrontPage="true"/>
</author>
<date year="2017" month="May"/>
<abstract>
<t>RFC 2119 specifies common key words that may be used in protoco
l specifications. This document aims to reduce the ambiguity by clarifying tha
t only UPPERCASE usage of the key words have the defined special meanings.</t>
</abstract>
</front>
<seriesInfo name="BCP" value="14"/>
<seriesInfo name="RFC" value="8174"/>
<seriesInfo name="DOI" value="10.17487/RFC8174"/>
</reference>
<reference anchor="RFC8200" target="https://www.rfc-editor.org/info/rfc8
200" quoteTitle="true" derivedAnchor="RFC8200">
<front>
<title>Internet Protocol, Version 6 (IPv6) Specification</title>
<author initials="S." surname="Deering" fullname="S. Deering">
<organization showOnFrontPage="true"/>
</author>
<author initials="R." surname="Hinden" fullname="R. Hinden">
<organization showOnFrontPage="true"/>
</author>
<date year="2017" month="July"/>
<abstract>
<t>This document specifies version 6 of the Internet Protocol (IPv
6). It obsoletes RFC 2460.</t>
</abstract>
</front>
<seriesInfo name="STD" value="86"/>
<seriesInfo name="RFC" value="8200"/>
<seriesInfo name="DOI" value="10.17487/RFC8200"/>
</reference>
<reference anchor="RFC8402" target="https://www.rfc-editor.org/info/rfc8
402" quoteTitle="true" derivedAnchor="RFC8402">
<front>
<title>Segment Routing Architecture</title>
<author initials="C." surname="Filsfils" fullname="C. Filsfils" role
="editor">
<organization showOnFrontPage="true"/>
</author>
<author initials="S." surname="Previdi" fullname="S. Previdi" role="
editor">
<organization showOnFrontPage="true"/>
</author>
<author initials="L." surname="Ginsberg" fullname="L. Ginsberg">
<organization showOnFrontPage="true"/>
</author>
<author initials="B." surname="Decraene" fullname="B. Decraene">
<organization showOnFrontPage="true"/>
</author>
<author initials="S." surname="Litkowski" fullname="S. Litkowski">
<organization showOnFrontPage="true"/>
</author>
<author initials="R." surname="Shakir" fullname="R. Shakir">
<organization showOnFrontPage="true"/>
</author>
<date year="2018" month="July"/>
<abstract>
<t>Segment Routing (SR) leverages the source routing paradigm. A
node steers a packet through an ordered list of instructions, called "segments".
A segment can represent any instruction, topological or service based. A segm
ent can have a semantic local to an SR node or global within an SR domain. SR p
rovides a mechanism that allows a flow to be restricted to a specific topologica
l path, while maintaining per-flow state only at the ingress node(s) to the SR d
omain.</t>
<t>SR can be directly applied to the MPLS architecture with no cha
nge to the forwarding plane. A segment is encoded as an MPLS label. An ordered
list of segments is encoded as a stack of labels. The segment to process is on
the top of the stack. Upon completion of a segment, the related label is poppe
d from the stack.</t>
<t>SR can be applied to the IPv6 architecture, with a new type of
routing header. A segment is encoded as an IPv6 address. An ordered list of se
gments is encoded as an ordered list of IPv6 addresses in the routing header. T
he active segment is indicated by the Destination Address (DA) of the packet. T
he next active segment is indicated by a pointer in the new routing header.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="8402"/>
<seriesInfo name="DOI" value="10.17487/RFC8402"/>
</reference>
</references>
<references pn="section-9.2">
<name slugifiedName="name-informative-references">Informative References
</name>
<reference anchor="I-D.ietf-intarea-tunnels" quoteTitle="true" target="h
ttps://tools.ietf.org/html/draft-ietf-intarea-tunnels-10" derivedAnchor="INTAREA
-TUNNELS">
<front>
<title>IP Tunnels in the Internet Architecture</title>
<author initials="J" surname="Touch" fullname="Joseph Touch">
<organization showOnFrontPage="true"/>
</author>
<author initials="M" surname="Townsley" fullname="Mark Townsley">
<organization showOnFrontPage="true"/>
</author>
<date month="September" day="12" year="2019"/>
<abstract>
<t>This document discusses the role of IP tunnels in the Internet
architecture. An IP tunnel transits IP datagrams as payloads in non- link layer
protocols. This document explains the relationship of IP tunnels to existing pro
tocol layers and the challenges in supporting IP tunneling, based on the equival
ence of tunnels to links. The implications of this document are used to derive r
ecommendations that update MTU and fragment issues in RFC 4459.</t>
</abstract>
</front>
<seriesInfo name="Internet-Draft" value="draft-ietf-intarea-tunnels-10
"/>
<format type="TXT" target="http://www.ietf.org/internet-drafts/draft-i
etf-intarea-tunnels-10.txt"/>
<refcontent>Work in Progress</refcontent>
</reference>
<reference anchor="RFC4443" target="https://www.rfc-editor.org/info/rfc4
443" quoteTitle="true" derivedAnchor="RFC4443">
<front>
<title>Internet Control Message Protocol (ICMPv6) for the Internet P
rotocol Version 6 (IPv6) Specification</title>
<author initials="A." surname="Conta" fullname="A. Conta">
<organization showOnFrontPage="true"/>
</author>
<author initials="S." surname="Deering" fullname="S. Deering">
<organization showOnFrontPage="true"/>
</author>
<author initials="M." surname="Gupta" fullname="M. Gupta" role="edit
or">
<organization showOnFrontPage="true"/>
</author>
<date year="2006" month="March"/>
<abstract>
<t>This document describes the format of a set of control messages
used in ICMPv6 (Internet Control Message Protocol). ICMPv6 is the Internet Con
trol Message Protocol for Internet Protocol version 6 (IPv6). [STANDARDS-TRACK]
</t>
</abstract>
</front>
<seriesInfo name="STD" value="89"/>
<seriesInfo name="RFC" value="4443"/>
<seriesInfo name="DOI" value="10.17487/RFC4443"/>
</reference>
<reference anchor="RFC5308" target="https://www.rfc-editor.org/info/rfc5
308" quoteTitle="true" derivedAnchor="RFC5308">
<front>
<title>Routing IPv6 with IS-IS</title>
<author initials="C." surname="Hopps" fullname="C. Hopps">
<organization showOnFrontPage="true"/>
</author>
<date year="2008" month="October"/>
<abstract>
<t>This document specifies a method for exchanging IPv6 routing in
formation using the IS-IS routing protocol. The described method utilizes two n
ew TLVs: a reachability TLV and an interface address TLV to distribute the neces
sary IPv6 information throughout a routing domain. Using this method, one can r
oute IPv6 along with IPv4 and OSI using a single intra-domain routing protocol.
[STANDARDS-TRACK]</t>
</abstract>
</front>
<seriesInfo name="RFC" value="5308"/>
<seriesInfo name="DOI" value="10.17487/RFC5308"/>
</reference>
<reference anchor="RFC5340" target="https://www.rfc-editor.org/info/rfc5
340" quoteTitle="true" derivedAnchor="RFC5340">
<front>
<title>OSPF for IPv6</title>
<author initials="R." surname="Coltun" fullname="R. Coltun">
<organization showOnFrontPage="true"/>
</author>
<author initials="D." surname="Ferguson" fullname="D. Ferguson">
<organization showOnFrontPage="true"/>
</author>
<author initials="J." surname="Moy" fullname="J. Moy">
<organization showOnFrontPage="true"/>
</author>
<author initials="A." surname="Lindem" fullname="A. Lindem">
<organization showOnFrontPage="true"/>
</author>
<date year="2008" month="July"/>
<abstract>
<t>This document describes the modifications to OSPF to support ve
rsion 6 of the Internet Protocol (IPv6). The fundamental mechanisms of OSPF (fl
ooding, Designated Router (DR) election, area support, Short Path First (SPF) ca
lculations, etc.) remain unchanged. However, some changes have been necessary,
either due to changes in protocol semantics between IPv4 and IPv6, or simply to
handle the increased address size of IPv6. These modifications will necessitate
incrementing the protocol version from version 2 to version 3. OSPF for IPv6 i
s also referred to as OSPF version 3 (OSPFv3).</t>
<t>Changes between OSPF for IPv4, OSPF Version 2, and OSPF for IPv
6 as described herein include the following. Addressing semantics have been rem
oved from OSPF packets and the basic Link State Advertisements (LSAs). New LSAs
have been created to carry IPv6 addresses and prefixes. OSPF now runs on a per
-link basis rather than on a per-IP-subnet basis. Flooding scope for LSAs has b
een generalized. Authentication has been removed from the OSPF protocol and ins
tead relies on IPv6's Authentication Header and Encapsulating Security Payload (
ESP).</t>
<t>Even with larger IPv6 addresses, most packets in OSPF for IPv6
are almost as compact as those in OSPF for IPv4. Most fields and packet- size l
imitations present in OSPF for IPv4 have been relaxed. In addition, option hand
ling has been made more flexible.</t>
<t>All of OSPF for IPv4's optional capabilities, including demand
circuit support and Not-So-Stubby Areas (NSSAs), are also supported in OSPF for
IPv6. [STANDARDS-TRACK]</t>
</abstract>
</front>
<seriesInfo name="RFC" value="5340"/>
<seriesInfo name="DOI" value="10.17487/RFC5340"/>
</reference>
<reference anchor="RFC8126" target="https://www.rfc-editor.org/info/rfc8
126" quoteTitle="true" derivedAnchor="RFC8126">
<front>
<title>Guidelines for Writing an IANA Considerations Section in RFCs
</title>
<author initials="M." surname="Cotton" fullname="M. Cotton">
<organization showOnFrontPage="true"/>
</author>
<author initials="B." surname="Leiba" fullname="B. Leiba">
<organization showOnFrontPage="true"/>
</author>
<author initials="T." surname="Narten" fullname="T. Narten">
<organization showOnFrontPage="true"/>
</author>
<date year="2017" month="June"/>
<abstract>
<t>Many protocols make use of points of extensibility that use con
stants to identify various protocol parameters. To ensure that the values in th
ese fields do not have conflicting uses and to promote interoperability, their a
llocations are often coordinated by a central record keeper. For IETF protocols
, that role is filled by the Internet Assigned Numbers Authority (IANA).</t>
<t>To make assignments in a given registry prudently, guidance des
cribing the conditions under which new values should be assigned, as well as whe
n and how modifications to existing values can be made, is needed. This documen
t defines a framework for the documentation of these guidelines by specification
authors, in order to assure that the provided guidance for the IANA Considerati
ons is clear and addresses the various issues that are likely in the operation o
f a registry.</t>
<t>This is the third edition of this document; it obsoletes RFC 52
26.</t>
</abstract>
</front>
<seriesInfo name="BCP" value="26"/>
<seriesInfo name="RFC" value="8126"/>
<seriesInfo name="DOI" value="10.17487/RFC8126"/>
</reference>
<reference anchor="SRN" target="https://inl.info.ucl.ac.be/system/files/
sosr18-final15-embedfonts.pdf" quoteTitle="true" derivedAnchor="SRN">
<front>
<title>Software Resolved Networks: Rethinking Enterprise Networks wi
th IPv6 Segment Routing</title>
<author fullname="David Lebrun"/>
<author fullname="Mathieu Jadin"/>
<author fullname="Francois Clad"/>
<author fullname="Clarence Filsfils"/>
<author fullname="Olivier Bonaventure"/>
<date year="2018"/>
</front>
</reference>
</references>
</references>
<section anchor="Acknowledgements" numbered="false" toc="include" removeInRF
C="false" pn="section-appendix.a">
<name slugifiedName="name-acknowledgements">Acknowledgements</name>
<t pn="section-appendix.a-1">The authors would like to thank <contact full
name="Ole Troan"/>, <contact fullname="Bob Hinden"/>, <contact fullname="Ron Bon
ica"/>,
<contact fullname="Fred Baker"/>, <contact fullname="Brian Carpenter"/>, <
contact fullname="Alexandru Petrescu"/>, <contact fullname="Punit Kumar Jaiswal"
/>,
<contact fullname="David Lebrun"/>, <contact fullname="Benjamin Kaduk"/>,
<contact fullname="Frank Xialiang"/>, <contact fullname="Mirja Kühlewind"/>, <co
ntact fullname="Roman Danyliw"/>, <contact fullname="Joe Touch"/>, and <co
ntact fullname="Magnus Westerlund"/> for their comments to this
document.</t> document.</t>
</section> </section>
<section anchor="Contributors" numbered="false" toc="include" removeInRFC="f
<section anchor="Acknowledgements" title="Acknowledgements"> alse" pn="section-appendix.b">
<t>The authors would like to thank Ole Troan, Bob Hinden, Ron Bonica, <name slugifiedName="name-contributors">Contributors</name>
Fred Baker, Brian Carpenter, Alexandru Petrescu, Punit Kumar Jaiswal, <t pn="section-appendix.b-1"><contact fullname="Kamran Raza"/>, <contact f
David Lebrun, Benjamin Kaduk, Frank Xialiang, Mirja Kuhlewind, Roman ullname="Zafar Ali"/>, <contact fullname="Brian Field"/>, <contact fullname="Dan
Danyliw, Joe Touch, and Magnus Westerlund for their comments to this iel Bernier"/>, <contact fullname="Ida Leung"/>, <contact fullname="Jen Li
nkova"/>, <contact fullname="Ebben Aries"/>, <contact fullname="Tomoya Kosugi"/>
, <contact fullname="Éric Vyncke"/>, <contact fullname="David Lebrun"/>, <contac
t fullname="Dirk Steinberg"/>, <contact fullname="Robert Raszuk"/>, <conta
ct fullname="Dave Barach"/>, <contact fullname="John Brzozowski"/>, <contact ful
lname="Pierre Francois"/>,
<contact fullname="Nagendra Kumar"/>, <contact fullname="Mark Townsley"/>,
<contact fullname="Christian Martin"/>, <contact fullname="Roberta Maglione"/>,
<contact fullname="James Connolly"/>, and <contact fullname="Aloys August
in"/> contributed to the content of this
document.</t> document.</t>
</section> </section>
</middle> <section anchor="authors-addresses" numbered="false" removeInRFC="false" toc
="include" pn="section-appendix.c">
<back> <name slugifiedName="name-authors-addresses">Authors' Addresses</name>
<references title="Normative References"> <author fullname="Clarence Filsfils" initials="C." role="editor" surname="
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.211 Filsfils">
9.xml"?> <organization showOnFrontPage="true">Cisco Systems, Inc.</organization>
<address>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.817 <postal>
4.xml"?> <street/>
<city>Brussels</city>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.820 <region/>
0.xml"?> <code/>
<country>BE</country>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.509 </postal>
5.xml"?> <email>cfilsfil@cisco.com</email>
</address>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.640 </author>
7.xml"?> <author fullname="Darren Dukes" initials="D." role="editor" surname="Dukes
">
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.840 <organization showOnFrontPage="true">Cisco Systems, Inc.</organization>
2.xml"?> <address>
<postal>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.247 <street/>
3.xml"?> <city>Ottawa</city>
<region/>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.430 <code/>
2.xml"?> <country>CA</country>
</postal>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.282 <email>ddukes@cisco.com</email>
7.xml"?> </address>
</author>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.210 <author fullname="Stefano Previdi" initials="S." surname="Previdi">
4.xml"?> <organization showOnFrontPage="true">Huawei</organization>
<address>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.643 <postal>
8.xml"?> <street/>
<city/>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.643 <code/>
7.xml"?> <country>Italy</country>
</postal>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.410 <email>stefano@previdi.net</email>
7.xml"?> </address>
</author>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.370 <author fullname="John Leddy" initials="J." surname="Leddy">
4.xml"?> <organization showOnFrontPage="true">Individual</organization>
<address>
<reference anchor="FIPS180-4" <postal>
target="http://csrc.nist.gov/publications/fips/fips180-4/fips-1 <street/>
80-4.pdf"> <city/>
<front> <region/>
<title>FIPS 180-4 Secure Hash Standard (SHS)</title> <code/>
<country>US</country>
<author> </postal>
<organization>National Institute of Standards and <email>john@leddy.net</email>
Technology</organization> </address>
</author> </author>
<author fullname="Satoru Matsushima" initials="S." surname="Matsushima">
<date month="March" year="2012"/> <organization showOnFrontPage="true">SoftBank</organization>
</front> <address>
</reference> <email>satoru.matsushima@g.softbank.co.jp</email>
</references> </address>
</author>
<references title="Informative References"> <author fullname="Daniel Voyer" initials="D." surname="Voyer">
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.812 <organization showOnFrontPage="true">Bell Canada</organization>
6.xml"?> <address>
<email>daniel.voyer@bell.ca</email>
<?rfc include="reference.I-D.filsfils-spring-srv6-interop.xml"?> </address>
</author>
<?rfc include="reference.I-D.ietf-intarea-tunnels.xml"?> </section>
<?rfc include="reference.I-D.matsushima-spring-srv6-deployment-status.xml"
?>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.534
0.xml"?>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.530
8.xml"?>
<?rfc include="http://xml.resource.org/public/rfc/bibxml/reference.RFC.444
3.xml"?>
<reference anchor="SRN"
target="https://inl.info.ucl.ac.be/system/files/sosr18-final15-
embedfonts.pdf">
<front>
<title>Software Resolved Networks: Rethinking Enterprise Networks
with IPv6 Segment Routing</title>
<author fullname="David Lebrun"/>
<author fullname="Mathieu Jadin"/>
<author fullname="Francois Clad"/>
<author fullname="Clarence Filsfils"/>
<author fullname="Olivier Bonaventure"/>
<date year="2018"/>
</front>
</reference>
</references>
</back> </back>
</rfc> </rfc>
 End of changes. 191 change blocks. 
1124 lines changed or deleted 2288 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/