About segment routing
Segment routing can perform shortest path routing or source routing using the concept of abstract segment. A segment can represent the local prefix of a node, a specific adjacency of the node (interface or next hop), a service context, or a specific explicit path over the network. Each segment is identified by a Segment ID (SID).
With segment routing, the source router can define the end-to-end path for packets to reach a destination using an ordered list of segments represented by their SIDs. Each SID represents actions that subsequent nodes in the network execute, such as forwarding a packet to a specific destination or interface.
Unlike a typical Multiprotocol Label Switching (MPLS) architecture, a segment routing network does not require LDP or RSVP‑TE to set up tunnels. Instead, segment routing extensions to the IGP (such as IS-IS) provide support for allocation and signaling of SID information.
SR-MPLS
When segment routing is instantiated over the MPLS data plane (referred to as SR-MPLS), a SID is represented by a standard MPLS label or an index that maps to an MPLS label. To route a packet to a destination, the source router pushes onto the packet one or more MPLS labels representing the required SIDs. Each subsequent node forwards the packet based on the outer label, removes the outer label, and forwards the packet to the next segment on the path.
The MPLS data plane requires no modifications to support SR-MPLS.
SR Linux supports SR-MPLS over both IPv4 (SR-MPLS IPv4) and IPv6 (SR-MPLS over IPv6).
Node SID
A prefix SID is a segment type that represents the ECMP-aware shortest path to reach a particular IP prefix from any IGP topology location. A node SID is a type of prefix SID that identifies a specific node in the IGP topology using a loopback address as the prefix. When a node SID is included in an MPLS label stack, it instructs the receiving node to forward the packet to the destination along the ECMP-aware shortest path determined by the IGP.
You allocate the node SIDs to use in the network in a similar fashion as the loopback IP addresses. Like all prefix SIDs, node SIDs must be unique within the domain, and are allocated in the form of an MPLS label (or index). The range of labels available for prefix and node SIDs is defined in the SRGB.
Protocol-independent prefix SIDs
You can set a prefix SID at the network instance level that is shared by multiple IGPs (currently only IS‑IS).
SR Linux supports up to four protocol-independent prefix SIDs to be associated with the default network instance. By default, all prefix SIDs are set as node SIDs. However, you can disable the node SID flag as required.
It is possible to configure on a single interface an IS-IS node SID and a protocol-independent prefix SID. In this case, the IS-IS IGP overrides the protocol independent prefix SID configuration, and only the IGP node SID is advertised.
A protocol-independent prefix SID provides more flexiblity over an IS-IS node SID. If required, you can override the protocol-independent prefix SID with an IGP node SID.
SRGB
The Segment Routing Global Block (SRGB) defines the range of MPLS labels available for global segments, such as prefix and node SIDs. The SRGB is defined as one contiguous block of MPLS labels. Nokia strongly recommends using identical SRGBs on all nodes within the SR domain. The use of identical SRGBs simplifies troubleshooting because the same MPLS label represents the same prefix or node SID on each node.
The SRGB configuration is supported on the default network instance only.
SRLB
While the SRGB defines a range of MPLS labels for global segments, the Segment Routing Label Block (SRLB) defines a range of MPLS labels for local segments, such as adjacency SIDs. An adjacency SID is a segment type that represents an instruction to forward packets over a specific (one-hop) adjacency between two nodes in the IGP.
The SRLB is configurable per IGP protocol instance (on the default network instance only). It is defined as one contiguous block of MPLS labels per IGP instance.
SR Linux can support a dynamic SRLB, a static SRLB, or a combination of both.
With a dynamic SRLB, SR Linux dynamically assigns adjacency SIDs as required. With a static SRLB, you must define the static adjacency SID values manually.
See the SR Linux MPLS Guide for more information about MPLS and MPLS labels.
IS-IS extensions for segment routing
Segment routing with IS-IS (also known as SR-ISIS) refers to the segment routing extensions of the IS-IS IGP protocol and the forwarding entries created by those extensions. The SR-ISIS extensions advertise segment routing specific TLVs that propagate SIDs across the domain.
With segment routing enabled on the IS-IS instance, IS-IS extensions can support TLVs to advertise IPv4/IPv6 prefix SIDs. The following new sub-TLVs are defined in RFC 8667 and are supported in the implementation of SR-ISIS:
- Prefix SID sub-TLV
- Adjacency SID sub-TLV
- SR-Capabilities sub-TLV
- SR-Algorithm sub-TLV
By default, SR Linux advertises each configured prefix SID as a node SID. You can disable the node SID flag for protocol-independent prefix SIDs, but not for IS-IS-specific node SIDs.
The following sections describes the behaviors and limitations of the SR-ISIS TLV and sub-TLVs.
Router Capability TLV advertisement
In SR Linux, advertisement of the Router Capability TLV (TLV 242) with the segment routing related sub‑TLVs is automatically enabled when segment routing is configured on the IS-IS instance. The originated TLV 242 encodes the router ID and always indicates domain-wide scope. There is no explicit configuration to enable or disable router capability advertisement.
The following table describes the TLV 242 sub-TLVs that SR Linux supports.
Sub-TLVs | Description |
---|---|
SR Capabilities sub-TLV |
Advertises one SRGB block and data plane capability:
|
SR Algorithm sub-TLV |
The algorithm field is set to 0, indicating shortest path first (SPF) algorithm based on link metric. (The value is not checked on receive.) |
SR Local Block sub-TLV |
(Optional) Advertises the SRLB. SR Linux does not support multiple, discontinuous SRLB blocks. |
SRMS Preference sub‑TLV | Not supported. |
Receiving Router Capability TLVs
SR Linux decodes the received Router Capability TLVs and maintains the details in the LSDB YANG state model.
Prefix SID processing
SR Linux uses Prefix SID sub-TLVs to advertise IPv4/IPv6 prefix SIDs.
Origination of IPv4 and IPv6 Prefix SID sub-TLVs
SR Linux originates Prefix SID sub-TLVs with the following processing rules and flag encoding.
- Originates a single Prefix SID sub-TLV per IS-IS IP Reachability TLV.
- Encodes the 32-bit index in the Prefix SID sub-TLV. The 24-bit label is not supported.
- Both IPv4 and IPv6 Prefix SID sub-TLVs originate within MT=0.
Flag | Default Encoding | Description |
---|---|---|
R-flag | R=1 (for node SID) |
Re-advertisement flag When R=1, the Prefix SID sub-TLV and its corresponding IP reachability TLV are propagated between levels. |
R=0 (for prefix SID) |
R=0 initially, but his setting can change to R=1 during propagation by other routers. | |
N-flag | N=1 | Node SID flag Set by default, meaning that SR Linux advertises each configured prefix SID as a node SID. You can disable the node SID flag for protocol-independent prefix SIDs, but not for IGP-specific prefix SIDs. If the
referenced interface is |
P-flag | P=1 | No-PHP Flag Always set, meaning the label for the prefix SID is pushed by the PHP router when forwarding to this router. When the SR Linux PHP router (with P-flag set to 1) processes a received prefix SID with the P-flag set to zero, it uses implicit-null for the outgoing label toward the router that advertised it. |
E-flag | E=0 | Explicit null flag Always set to 0, meaning that the router is requesting no explicit null termination. However, the SR Linux PHP router processes a received prefix SID with the E-flag set to 1 as long as the P‑flag is also set to 1. In this case, the PHP router pushes explicit-null for the outgoing label toward the router that advertised it. The system ignores the value of the E-flag if the P-flag is not set. |
V-flag | V=0 | Value flag Always set to 0 to indicate an index for the SID, rather than a specific value. |
L-flag | L=0 | Local flag Always set to 0 to indicate that the SID index value is not locally significant. |
Algorithm field | algorithm 0 | Always set to 0 to indicate shortest path first (SPF) algorithm based on link metric. This field is not checked on a received Prefix SID sub-TLV. |
Receiving IPv4 and IPv6 Prefix SID sub-TLVs
SR Linux processes a Prefix SID sub-TLV using the following rules.
- Decodes Prefix SID sub-TLVs that are received in TLVs 135, 235, 236 and 237 for representation in the YANG state model of the LSDB.
- Ignores Prefix SID sub-TLVs received in TLVs 235 and 237 for further processing. They do not appear in the state representation of the local SID database (only in the LSDB).
- If the local flag is set or the algorithm is not 0, deems a Prefix SID sub-TLV
in a received TLV 135 or TLV‑236 invalid and makes it inactive.
- If the MPLS label value implied by the received Prefix SID sub-TLV falls outside the range of the SRGB block, deems the node SID invalid and makes it inactive (reason = sid-index-out-of-range). No forwarding state is created for invalid entries.
- Resolves a Prefix SID sub-TLV received without the N-flag set as long as the prefix length is 32 (for IPv4) or 128 (for IPv6).
- Does not resolve a Prefix SID sub-TLV received with the N-flag set and a prefix length different than 32 (for IPv4) or 128 (for IPv6).
- Does not resolve a Prefix SID sub-TLV received in TLV 135 or TLV 236 if the L-flag is set.
- Resolves a Prefix SID received within an IP reachability TLV based on the
following route preference:
- SID received via L1 in a Prefix SID sub-TLV part of the IP reachability TLV
- SID received via L2 in a Prefix SID sub-TLV part of the IP reachability TLV
- Processes only the first Prefix SID sub-TLV if multiple are received within the same IS-IS IP reachability TLV.
Inter-level propagation of prefix SIDs
SR Linux performs inter-level propagation of prefix SIDs as follows.
- An L1L2 router propagates a prefix (and Prefix SID sub-TLV) received in an IP reachability TLV from L1 to L2. A router in L2 sets up an SR-ISIS tunnel to the L1 router via the L1L2 router, which acts as an LSR.
- If an ABR summarizes a prefix, the Prefix SID sub-TLV is not propagated with the summarized route between levels. To propagate the node SID for a /32 prefix, you must disable route summarization.
- By default, an L1L2 router does not propagate a prefix (and Prefix SID sub-TLV) received in an IP reachability TLV from L2 to L1.
- Using an export policy, an L1L2 router propagates a prefix (and Prefix SID
sub-TLV) received in an IP reachability TLV from L2 to L1. A router in L1 sets
up an SR-ISIS tunnel to the L2 router via the L1L2 router, which acts as an
LSR.
- L2 to L1 route leaking occurs when a level 2 IS-IS route is matched by the IS-IS export policy.
IS-IS prefix SID database
In the YANG state model, the IS-IS prefix SID database captures information about:
- advertised IS-IS node SIDs
- remotely originated node and prefix SIDs learned and marked as active by IS-IS
Global SID Database
In the YANG state model, the global SID database captures information about:
- configured protocol-independent prefix SIDs
- advertised IS-IS node SIDs
- remotely originated node and prefix SIDs learned and marked as active by IS-IS
Prefix SID conflicts
Remotely signaled prefix SID entries can cause conflicts with local prefix SIDs in the following cases:
- Prefix conflict
If you configure a SID index value for a prefix/node SID that creates an overlap with an existing ILM entry in the SRGB block, a prefix conflict occurs.
In SR Linux, all local prefix/node SID entries have a lower numerical preference than remote prefix SID entries learned via IS-IS. Therefore the local prefix/node SID remains active and advertised, but in the SID database the entry appears with a status of: prefix-conflict = true. All other conflicting entries show as inactive in the IS-IS prefix SID database and may no longer be visible in the global SID database.
- SID conflict
After SR Linux removes the inactive prefix SID entries, a SID conflict can still occur if the same SID is assigned to multiple IS-IS prefixes. In this case, the prefix SID with the lowest SID index remains active, but in the SID database the entry appears with a status of: sid-conflict = true. All other conflicting entries show as inactive in the IS-IS prefix SID database and may no longer be visible in the global SID database.
- SID out of range
When a prefix SID advertised from another router has a SID index or label value that is not within the locally defined SRGB range of the network instance, SR Linux determines that it is out of range. All other conflicting entries show as inactive in the IS-IS prefix SID database and may no longer be visible in the global SID database.
Adjacency SID processing
SR Linux uses Adjacency SID sub-TLVs to advertise IPv4/IPv6 adjacency SIDs.
Origination of IPv4 and IPv6 Adjacency SID sub-TLVs
By default, SR Linux does not automatically assign adjacency SIDs, but you can enable dynamic adjacency SID assignment on the IS-IS instance. SR Linux supports origination of IPv4 and IPv6 Adjacency SID sub-TLVs in TLVs 22 and 222. Dynamic adjacency SIDs are allocated as follows:
- SR-ISIS assigns dynamic adjacency SIDs on all P2P and LAN IS-IS interfaces in all levels (except for interfaces individually configured with an adjacency SID assignment of none or static).
- If an interface is enabled for IPv4, SR-ISIS allocates IPv4 adjacency SIDs.
- If the interface is enabled for IPv6, SR-ISIS allocates IPv6 adjacency SIDs.
- For each IS-IS interface, the YANG state indicates all IPv4 and IPv6 adjacency SIDs that are currently active and programmed in the ILM table.
The following table describes the flag encoding for the Adjacency SID sub-TLVs:
Flag | Encoding | Description |
---|---|---|
F-flag | F=0 (for IPv4) |
Address-family flag for IPv4 adjacency encapsulation |
F=1 (for IPv6) |
Address-family flag for IPv6 adjacency encapsulation |
|
B-flag | B=0 |
Backup flag. Set to zero and is not processed on receipt. |
V-flag | V=1 |
Value flag. Always set to 1, indicating that the adjacency SID carries a value. |
L-flag | L=1 |
Local flag. Always set to 1, indicating that the adjacency SID has local significance. |
S-flag | S=0 |
Set flag. Always set to zero because assigning adjacency SIDs to parallel links between neighbors is not supported. A received adjacency SID with the S-flag set is not processed. |
P-Flag | P=1 (static) |
Set to 1 when static adjacency-sid is configured on the interface, indicating that the adjacency SID allocation is persistent |
P=0 (dynamic) |
Set to 0 when dynamic adjacency-sid is configured on the interface. |
|
weight octet | N/A |
Not supported and is set to all zeros |
Receiving IPv4 and IPv6 Adjacency SID sub-TLVs
- LAN Adjacency SID sub-TLVs received in TLVs 22 and 222 are decoded for representation in the YANG state model of the LSDB. If there are multiple Adjacency SID sub-TLVs in a particular TLV, only the first Adjacency SID sub-TLV is processed.
- LAN Adjacency SID sub-TLVs received in TLVs 23 and 223 are ignored for further processing.
- A LAN Adjacency SID sub-TLV in a received TLV 22/222 is invalid and not used if
either of the following are true:
- The V-flag is not set.
- The L-flag is not set.
- A received adjacency SID with the S-flag set is not processed.
Datapath programming by SID type
The following table describes the datapath programming by SID type.
SID type | Datapath Programming |
---|---|
IS-IS node SID |
When advertised, the IS-IS node SID creates an ILM entry that matches the associated MPLS label value (SRGB start-label + index) and performs a POP operation. The POP operation indicates that the default network instance is the context for the IP header lookup that follows. |
Protocol-independent prefix SID |
When configured, the protocol-independent prefix SID (whether advertised or not), creates an ILM entry that matches the associated MPLS label value (SRGB start-label + index) and performs a POP operation. The POP operation indicates that the default network instance is the context for the IP header lookup that follows. |
IS-IS adjacency SID (P2P and LAN) | When advertised, the adjacency SID:
|
Remote prefix SID |
When received and valid:
|
Supported functionality
SR-MPLS over IPv4 and SR-MPLS over IPv6 dataplane on 7250 IXR-6/10
- Maximum of one label pushed per packet (corresponding to a remote node SID)
- Maximum of one label popped per packet (corresponding to a local node SID)
- Transit and egress LSR ECMP hashing
- Ingress LSR ECMP hashing
- Prefix/node SID (IPv4/IPv6)
- Adjacency SID (IPv4/IPv6)
MPLS label management
- Configurable SRGB for the default network instance:
- SRGB is a reference to a static shared label range.
- SRGB must be one contiguous block.
- Configurable SRLB for the IS-IS instance of the default network instance:
- SR Linux supports a static SRLB (dedicated or shared) or a dynamic SRLB (dedicated only), or a combination of both.
- Each SRLB must be one contiguous block.
IS-IS segment routing extensions
- IPv4/IPv6 prefix/node SID
- SID collision handling (no event generated when collision detected)
BGP shortcuts over segment routing tunnels
- SR-ISIS-IPv4 tunnels in TTM can resolve BGP IPv4 routes.
- SR-ISIS-IPv6 tunnels in TTM can resolve:
- BGP IPv4 routes
- BGP IPv6 routes
- SR-ISIS tunnels are programmed into TTM with a non-configurable preference value of 11.
- SR-ISIS tunnels that correspond to an adjacency-SID have a metric of 0.
- SR-ISIS tunnels that correspond to a remote prefix-SID have a metric that reflects the IGP cost to reach the advertising router.
SR-MPLS OAM
- ICMP tunneling
- RFC 4950 extensions
ICMP tunneling
SR Linux supports ICMP extensions for MPLS to support debugging and tracing in MPLS and SR-MPLS networks. With ICMP tunneling enabled, ICMP messages can be tunneled to the endpoint of the tunnel and then returned through IP routing. For more information, see the SR Linux MPLS Guide.