SR-TE Path Midpoint RestorationHuawei TechnologiesHuawei Bld., No.156 Beiqing Rd.Beijing100095Chinahuzhibo@huawei.comFutureweiBoston, MAUSAHuaimo.chen@futurewei.comHuawei TechnologiesHuawei Bld., No.156 Beiqing Rd.Beijing100095Chinayaojunda@huawei.comJuniper Networks1194 N. Mathilda Ave.Sunnyvale, CA94089USAcbowers@juniper.netChina Telecom109, West Zhongshan Road, Tianhe DistrictGuangzhou510000Chinazhuyq8@chinatelecom.cnChina Mobile510000Chinaliuyisong@chinamobile.comSegment Routing Traffic Engineering (SR-TE) supports explicit
paths using segment lists containing adjacency-SIDs,
node-SIDs and binding-SIDs.
The current SR FRR such as TI-LFA provides fast re-route protection
for the failure of a node along a SR-TE path by the direct
neighbor or say point of local repair (PLR) to the failure.
However, once the IGP converges,
the SR FRR is no longer sufficient to forward traffic of the path
around the failure, since the non-neighbors
of the failure will no longer have a route to the failed node.
This document describes a mechanism for the restoration of the
routes to the failure of a SR-MPLS TE path after the IGP converges.
It provides the restoration of the routes to an adjacency segment,
a node segment and a binding segment of the path.
With the restoration of the routes to the failure,
the traffic is continuously sent to the neighbor of the
failure after the IGP converges.
The neighbor as a PLR fast re-routes the traffic around the
failure.The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in
when, and only when, they appear in all capitals, as shown here.Segment Routing Traffic Engineering (SR-TE) is a technology that implements
traffic engineering using a segment list. SR-TE supports the creation
of explicit paths using adjacency-SIDs, node-SIDs, anycast-SIDs, and binding-SIDs.
A node-SID in the segment list defining an SR-TE path indicates a loose
hop that the SR-TE path should pass through.
When the node fails, the network
may no longer be able to properly forward traffic on that SR-TE path. describes
an SR FRR mechanism that provides fast re-route protection for
the failure of a node on a SR-TE path by the direct
neighbor or say point of local repair (PLR) to the failure.
However, once the IGP converges,
the SR FRR is no longer sufficient
to forward traffic of the path around the failure, since the
non-neighbors of the failure will no longer have a route to the failed
node and drop the traffic.To solve this problem,
proposes that a hold timer should be configured on every router in a network.
After the IGP converges on the event of a node failure,
if the node-SID of the failed node becomes unreachable,
the forwarding changes should not be communicated to the forwarding planes
on all configured routers
(including PLRs for the failed node) until the hold timer expires.
This solution may not work for some cases such as
some of nodes in the network not supporting this solution.
This document describes a proxy forwarding mechanism
for the restoration of the
routes to the failure of a SR-MPLS TE path after the IGP converges.
It provides the restoration of the routes to an adjacency segment,
a node segment and a binding segment on a failed node along
the path.
With the restoration of the routes to the failure,
the traffic for the SR-MPLS TE path is continuously sent to
the neighbor of the failure after the IGP converges.
The neighbor as a PLR fast re-routes the traffic around the
failure.Segment Routing.Point of Local Repair.Link State Protocol Data Unit (PDU) in IS-IS.Link State Advertisement in OSPF.Link State, which is LSP or LSA.In the proxy forwarding mechanism, each neighbor of a possible
failed node advertises its SR proxy forwarding capability in
its network domain when it has the capability. This capability
indicates that the neighbor (Proxy Forwarder) will forward
traffic on behalf of the failed node.
A router (non-neighbor) receiving the SR Proxy Forwarding capability
from the
neighbors of a failed node will send traffic using the node-SID
of the failed node to the nearest Proxy Forwarder
after the IGP converges on the event of the failure.Once receiving the traffic, the Proxy Forwarder
sends the traffic on the post-failure shortest path to the node
immediately following the failed node in the segment list.For a binding SID of a possible failed node, the node
advertises the information about the binding,
including the binding SID and the list of SIDs
associated with
the binding SID, to its direct neighbors only.
Note that the node does not advertise the information
about the binding to any of its non-neighbors.After the node fails and the IGP converges on the failure,
the non-neighbors of the failed node send
the traffic with the node-SID of the failed node followed by the
binding SID
to the neighbor (Proxy Forwarder) of the failed node.
Once receiving the traffic with the node-SID of the failed node,
the Proxy Forwarder finds the forwarding entry for
the node-SID of the failed node in its Routing Table and pops the node-SID.
According to the action in the entry,
the Proxy Forwarder will swap the binding SID
with the list of SIDs
associated with the binding SID and
send the traffic along the post-failure shortest path to the
first node in the segment list.
This section describes the semantic of
protocol extensions/re-uses for advertising
the information about each binding segment
(including its binding SID and the list of SIDs
associated with the binding SID)
of a node to its direct neighbors and
the SR proxy forwarding capability of a node in a network
domain.For a binding segment (or binding for short) on a node A,
which consists of a binding SID and a list of SIDs,
node A advertises
the binding (i.e., the binding SID and the list of the SIDs)
in a binding segment TLV in an LS.
Node A advertises the LS only to node A's neighboring nodes.
For OSPFv2, the LS is a opaque LSA of LS type 9
(i.e., a link local scope LSA).
For IS-IS, the LS is a Circuit Scoped
Link State PDUs (CS-LSP) .
Alternatively, when a protocol (such as
PCE or BGP running on a controller) supports sending a binding
on node A to A, this protocol may be extended to send the binding
to A's neighbors if the controller knows the neighbors and
there are protocol (PCE or BGP) sessions between the controller and
the neighbors.
Note: how to send bindings on node A to A's neighbors
via which protocol is out of the scope of this document.When a node P is able to do SR proxy forwarding
for its neighboring nodes for protecting
the failures of these
nodes, P advertises its SR proxy forwarding capability
for these nodes.
P advertises
the mirror SID
for a node N (Neighboring node of P)
using IS-IS extensions
to indicate P's capability for N.
Node N advertises its node-SID to every node in the network.
When a non-neighbor X of node N learns the node-SID of
node N, node X creates a proxy node-SID of node N for node P if node P is
capable of doing SR proxy forwarding for node N.
The proxy node-SID of node N for node P is
a copy of the node-SID
of node N originated by node N, but stored under
(or say, associated with) node P.
The route to the proxy node-SID is through
proxy forwarding capable nodes.In normal operations, node X prefers to use the node-SID of
node N. When node N fails, node X uses the proxy node-SID
of node N. Thus node X will forward the traffic with the node-SID of node N
to node P when node N fails, and node P will do a SR proxy forwarding
for node N and forward the traffic towards its final destination without
going through node N.
Note that the behaviors of normal IP forwarding and routing convergences
in a network are not changed at all by the SR proxy forwarding.
For example, the next hop used by BGP is an IP address (or prefix).
The IGP and BGP converge in normal ways for changes in the network.
The packet with its IP destination to this next hop is forwarded
according to the IP forwarding table (FIB) derived from IGP
and BGP routes.Similar to IS-IS ,
OSPF should be extended for advertising mirror SID to
indicate the capability.
Note that OSPF extensions is out of the scope of this document.This section illustrates the proxy forwarding for
a binding SID through an example.
The proxy forwarding for a node-SID and an adjacency SID
can refer to or
Appendix.
is an example network topology used to illustrate
the proxy forwarding mechanism for a binding SID.
Each node RTi has SRGB = [i000-i999]. RT1 is an ingress node of
SR domain.
RT3 is a failure node.
RT2 is a Point of Local Repair (PLR) node, i.e., a proxy forwarding node.
Label Stack 1 uses a node-SID and a binding-SID.
The Binding-SID with label = 100 at RT3 represents the ECMP-aware path
RT3->RT4->RT5.
So Label Stack 1, which consists of the node-SID of RT3 followed by
Binding-SID = 100, represents the ECMP-aware path
RT1->RT3->RT4->RT5.
If the Point of Local Repair (PLR), for example, RT2,
has the capability to do SR proxy
forwarding for its neighboring nodes such as RT3,
RT2 advertises this capability to all the other nodes
in the network.
When RT3 fails, RT2 needs to maintain
its SR proxy forwarding capability
for a period of time. When the proxy forwarding
table corresponding to the fault node is deleted,
the capability is withdrawn. Every node advertises its node-SID to all the other nodes
in the network.
For example, RT3 advertises its node-SID
to all the other nodes.
The other nodes (e.g., RT1) learn RT3's node-SID and
the proxy forwarding capability of RT2, which is a neighbor of RT3.
When RT3 is normal, the nodes (e.g., RT1) prefer the route to
RT3 for the traffic with RT3's node-SID.
When the RT3 fails, the nodes use the route to RT2
(proxy forwarder for RT3) for the traffic with RT3's node-SID.For binding-SID 100,
which is associated with segment list {30034, 40045},
RT3 advertises the binding (i.e., 100 bond to {30034, 40045})
to its neighbors RT2, RT4 and RT7 only.
RT3 does not advertise the binding to any non-neighbors of RT3
(e.g., RT1).
RT2 as PLR uses the binding to build an entry
for proxy forwarding for binding-SID 100
in its Proxy Forwarding Table for RT3.
RT2 uses the entry when RT3 fails.A SR proxy node P (e.g., RT2) needs to build an independent
proxy forwarding table for each neighbor N (e.g., RT3).
The proxy forwarding table for node N
contains the following information:1: Node N's SRGB range and the difference between the SRGB
start value of node P and that of node N,2: Every adjacency-SID of N and Node-SID of the node pointed to by
node N's adjacency-SID, and3: Every binding-SID of N and the label stack associated with
the binding-SID.Node P (PLR) uses a proxy forwarding table based on the next
segment to find a backup forwarding entry for the
adjacency-SID
and Node-SID of node N. When node N fails, node P maintains
the proxy forwarding table for N
for a period of time, which is recommended for
30 minutes.RT2 (as P) in
builds the proxy forwarding table for RT3 (as N)
as shown in .
1: The difference (SRGBDiffValue) between the SRGB start
value of RT2 (P) and that of RT3 (N) is -1000 since
the SRGB start value of RT2 is 2000 and that of RT3 is 3000.
2: RT3 has adjacency-SIDs 30034, 30036 and 30037 for the adjacencies
from RT3 to RT4, RT6 and RT7 respectively.
The node-SIDs of RT4, RT6 and RT7 are 2004, 2006 and 2007 respectively
(i.e., the node-SIDs of the nodes pointed to by RT3's adjacency-SIDs
30034, 30036 and 30037 are 2004, 2006 and 2007 respectively).
RT2 builds a forwarding entry for each of RT3's
adjacency-SIDs 30034, 30036 and 30037.
The entry contains the adjacency-SID (e.g., 30034) in Next Label column,
forward (fwd) to adjacent node (e.g., fwd to RT4) in Action column,
and the node-SID of the adjacent node (e.g., 2004) in Map Label column.
3: RT3 has binding-SID 100, which is associated with label stack
{30034, 40045}.
RT2 builds a forwarding entry for binding-SID 100
in the proxy forwarding table for RT3.
The entry contains binding-SID 100 in Next Label column and
"Swap to {30034, 40045}" in Action column.This Section shows through example
how a proxy node uses the SR proxy
forwarding mechanism to forward traffic to the destination node
when a node fails and the
next segment of label stack is a binding-SID.As shown in ,
Label Stack 1 {1003, 100} represents
SR-TE loose path RT1->RT3->RT4->RT5,
where 100 is a Binding-SID, which represents
segment list {30034, 40045}.When RT3 fails, RT1 forwards the packet with RT3's node-SID 1003
to RT2, which is the proxy forwarder for RT3.
RT2 acts as a PLR and uses Binding-SID to query the proxy
forwarding table locally built for RT3. RT2 gets the
label forwarding path to RT3's next hop node (RT4), which bypasses
RT3. The specific steps are as follows:a. RT1 swaps label 1003 to out-label 2003 to RT3.b. RT2 receives the label forwarding packet whose top label of
label stack is 2003 (RT3's node-SID) and
finds the forwarding entry for 2003 in its Routing Table.
The action in the entry is to lookup the Proxy Forwarding table for RT3
due to RT3 failure. RT2 pops label 2003.c. RT2 uses Binding-SID:100 to
lookup the forwarding entry (Next Label record) in the Proxy Forwarding
Table. The action in the entry is to swap to Segment list {30034, 40045}.d. RT2 swaps Binding-SID:100 to Segment list {30034, 40045}, and
uses 30034 (RT3's Adjacency-SID for the adjacency from RT3 to RT4) to
lookup the forwarding entry (Next Label record) in the Proxy
Forwarding table again.
The action in the entry is to forward the packet to RT4.e. RT2 queries its Routing Table to RT4,
using primary or backup path to RT4. The next hop is RT7.f. RT2 forwards the packet
to RT7. RT7 queries its routing table to forward the packet to RT4.The extensions to OSPF and IS-IS described in this
document result in two types of behaviors in data plane
when a node in a network fails.
One is that for a node, which is a upstream (except for
the direct upstream) node of the failed node along a SR-TE
path, it continues to send the traffic to the failed node
along the SR-TE path for an extended period of time.
The other is that for a node, which is the direct upstream
node of the failed node, it fast re-routes the traffic
around the failed node to the direct downstream node
of the failed node along the SR-TE path.
These behaviors are internal to a network and should not
cause extra security issues.The authors would like to thank Peter Psenak,
Acee Lindem, Les Ginsberg, Bruno Decraene, Joel Halpern and Jeff Tantsura
for their comments to this work.This Section shows through example
how a proxy node forward traffic to the destination node
when a node fails and the
next segment of label stack is an adjacency-SID or node-SID.As shown in ,
Label Stack 3 {10012, 20023, 30034, 40045}
uses only adjacency-SIDs and represents
the SR-TE strict explicit path
RT1->RT2->RT3->RT4->RT5.
When RT3 fails, node RT2 acts as a PLR, and uses next adjacency-SID (30034)
of the label stack to lookup the proxy forwarding table built by RT2
locally for RT3.
The path returned
is the label forwarding path to RT3's next hop node RT4, which
bypasses RT3. The specific steps are as follows:a. RT1 pops top adjacency-SID 10012, and forwards the packet to RT2;b. RT2 uses the label 20023 to identify the next hop node RT3, which
has failed. RT2 pops label 20023 and
queries the Proxy Forwarding Table corresponding to RT3 with
label 30034. The query result is 2004. RT2 uses 2004 as the incoming
label to query the label forwarding table. The next hop is RT7,
and the incoming label is changed to 7004.c. So the packet leaves RT2 out the interface to RT7 with label
stack {7004, 40045}. RT7 forwards it to RT4, where the original path
is rejoined.d. RT2 forwards packets
to RT7. RT7 queries the local routing table to forward the packet to RT4.As shown in ,
Label Stack 2 {1003, 3004, 4005}
uses only node-SIDs and represents the ECMP-aware path
RT1->RT3->RT4->RT5, where
1003 is the node-SID of RT3.When the node RT3 fails, the non-neighbors (e.g., RT1) of RT3
prefer the route to the proxy SID implied/advertised by RT2
(proxy forwarder for RT3).
Node RT2 acts as a PLR node and queries the proxy forwarding table
locally built for RT3. The path returned is the label forwarding
path to RT3's next hop node RT4, which bypasses RT3. The specific
steps are as follows:a. RT1 swaps label 1003 to out-label 2003 to RT3.b. RT2 receives the label forwarding packet whose top label of
label stack is 2003, and searches for the local Routing Table, the
behavior found is to lookup Proxy Forwarding table due to RT3
failure, RT2 pops label 2003.c. RT2 uses 3004 as the in-label to lookup Proxy Forwarding table,
The value of Map Label calculated based on SRGBDiffValue is 2004.
and the query result is forwarding the packet to RT4.d. Then RT2 queries the Routing Table to RT4, using the primary or backup
path to RT4. The next hop is RT7.e. RT2 forwards the packet
to RT7. RT7 queries the local routing table to forward the packet to RT4.f. After RT1 convergences, node-SID 1003 is preferred
to the proxy SID implied/advertised by RT2.