How to Enable SRv6 Network Programming in IS-IS Networks
SUMMARY Learn about enabling SRv6 network programming for the IS-IS protocol.
What's Next
For more information on SRv6 Network Programming, see the Example: Configuring SRv6 Network Programming in IS-IS Networks.
Understanding SRv6 Network Programming in IS-IS Networks
- Benefits of SRv6 Network Programming
- SRv6 Network Programming Overview
- What is a Segment Routing Extension Header (SRH)?
- Flexible Algorithm for SRv6 Dataplane
- TI-LFA for SRv6
- Micro SID support in SRv6
- Supported and Unsupported Features for SRv6 Network Programming in IS-IS
Benefits of SRv6 Network Programming
SRv6 Network Programming provides the following benefits in an IPv6 network:
-
Network Programming depends entirely on the IPv6 header and the header extension to transport a packet, eliminating protocols such as MPLS. This ensures a seamless deployment without any major hardware or software upgrade in a core IPv6 network.
-
Packets can be transported through an SRv6 ingress node even if the transit routers are not SRv6-capable, thereby eliminating the need to deploy segment routing on all nodes in an IPv6 network.
-
Junos OS supports multiple functions on a single segment identifier (SID) and can inter-operate in the insert mode and the encapsulation mode. This allows a single device to simultaneously perform the provider (P) router and the provider edge (PE) router roles.
SRv6 Network Programming Overview
Network Programming is the capability of a network to encode a network program into individual instructions that are then inserted into the IPv6 packet headers. The IPv6 packet carrying the network instructions explicitly tells the network about the precise SRv6 nodes available for packet processing. The network instruction is the SRv6 segment identifier (SID) that is represented by a 128-bit IPv6 address. The IS-IS protocol encodes the network instructions in IPv6 packet headers and distributes them through the network. Along with the addressing, network instructions define a particular task or function for each SRv6-capable node in the SRv6 network.
Starting in Junos OS Release 20.3R1, you can configure segment routing in a core IPv6 network without an MPLS data plane on MX Series devices with MPC7E, MPC8E and MPC9E line cards.
This feature is useful for service providers whose networks are predominantly IPv6 and have not deployed MPLS. Such networks depend only on IPv6 headers and header extensions for transmitting data. This feature also benefits networks that need to deploy segment routing traffic through transit routers that do not have segment routing capability yet. In such networks, the SRv6 network programming feature can provide flexibility to leverage segment routing without deploying MPLS.
What is a Segment Routing Extension Header (SRH)?
A Segment Identifier represents a specific segment in a segment routing domain. In an IPv6 network, the SID-type used is a 128-bit IPv6 address also referred to as an SRv6 Segment or SRv6 SID. SRv6 stacks up these IPv6 addresses instead of MPLS labels in a segment routing extension header. The Segment Routing Extension Header (SRH) is a type of IPv6 routing extension header. Typically, the SRH contains a segment list encoded as an SRv6 SID. An SRv6 SID consists of the following parts:
-
Locator— Locator is the first part of a SID that consists of the most significant bits representing the address of a particular SRv6 node. The locator is very similar to a network address that provides a route to its parent node. The IS-IS protocol installs the locator route in the
inet6.0
routing table. IS-IS routes the segment to its parent node, which subsequently performs a function defined in the other part of the SRv6 SID. You can also specify the algorithm associated with this locator. You can define a flexible algorithm as per your network requirements. -
Function—The other part of the SID defines a function that is performed locally on the node that is specified by the locator. There are several functions that have already been defined in the Internet draft draft-ietf-spring-srv6-network-programming-07draft, SRv6 Network Programming. However, the following functions are available on Junos OS that are signalled in IS-IS. IS-IS installs these function SIDs in the
inet6.0
routing table.-
End— An endpoint function for SRv6 instantiation of a Prefix SID. It does not allow for decapsulation of an outer header for the removal of an SRH. Therefore, an End SID cannot be the last SID of a SID list and cannot be the Destination Address (DA) of a packet without an SRH (unless combined with the PSP, USP or USD flavors).
-
End.X— An endpoint X function is an SRv6 instantiation of an adjacent SID. It is a variant of the endpoint function with Layer 3 cross-connect to an array of Layer 3 adjacencies.
You can specify End SID behavior such as Penultimate Segment Pop (PSP), Ultimate Segment Pop (USP) or Ultimate Segment Decapsulation (USD).
-
PSP— When the last SID is written in the destination address, the End and End.X functions with the PSP flavor pop the top-most SRH. Subsequent stacked SRHs may be present but are not processed as part of the function.
-
USP— When the next header is an SRH and there are no more segments left, the IS-IS protocol pops the top SRH, looks up the updated destination address and forwards the packet based on match table entry.
-
USD— When the next Header in the packet is 41 or is an SRH and there are no more segments left, then IS-IS pops the outer IPv6 header and its extension headers, looks up the exposed inner IP destination address and forwards the packet to the matched table entry.
-
The size of the locator and function is flexible, and you can customize the size per your requirements. You must configure the locator before you define the functions. Each locator can advertise multiple end SIDs and end.X SIDs that are associated with it. Ensure that the locator and SIDs belong to the same subnet to avoid commit error.
For example, you can have an SRv6 SID where 2001:::db8:AC05:FF01:FF01: is the locator and A000:B000:C000:A000 is the function:
Locator |
Function |
2001::db8:AC05:FF01:FF01 |
A000:B000:C000:A000 |
Flexible Algorithm for SRv6 Dataplane
In a core IPv6 domain configured with segment routing you can define flexible algorithms that compute paths using different parameters and link constraints based on your requirements. For example, you can define a flexible algorithm that computes a path to minimize the IGP metric and define another flexible algorithm to compute a path based on the traffic engineering metrics to divide the network into separate planes. You can configure the flexible algorithm locators to steer packets along the constraint-based paths in an SRv6 domain.
To configure a flexible algorithm for SRv6, see How to Configure Flexible Algorithms in IS-IS for Segment Routing Traffic Engineering
To advertise the flexible algorithm mapped to the locator, include the
algorithm
option at the [edit protocols isis
source-packet-routing
srv6 locator]
hierarchy level. The mapped flexible algorithm is applied
to End SIDs and End-X-SIDs under SRv6
locators.
If a node is participating in a specific flexible algorithm it applies to both SR MPLS and SRv6 nodes. You cannot define flexible algorithms specifically for either SR MPLS or SRv6.
For ingress traffic, Junos OS uses the encapsulation mode by default. Therefore the destination needs to have USD capable SIDs. Other SRH anchor nodes in the flexible algorithm path can be of any flavor.
For transit traffic in the insert mode, the last anchor node for the flexible algorithm path must have a PSP-capable SID. In the absence of the PSP-capable SID, IS-IS does not download a path through that anchor node. In such cases, IS-IS downloads other ECMP paths with the appropriate flavored SIDs.
TI-LFA for SRv6
Topology Independent- Loop Free Alternate (TI-LFA) establishes a Fast Reroute (FRR) path that is aligned to a post-convergence path. An SRv6-capable node inserts a single segment into the IPv6 header or multiple segments into the SRH. Multiple SRHs can significantly raise the encapsulation overhead, which can sometimes be more than the actual packet payload. Therefore, by default, Junos OS supports SRv6 tunnel encapsulation with reduced SRH. The point-of-local repair (PLR) adds the FRR path information to the SRH containing the SRv6 SIDs.
The TI-LFA backup path is represented as a group of SRv6 SIDs inside an SRH. At the ingress router, IS-IS encapsulates the SRH in a fresh IPv6 header. However, at transit routers, IS-IS inserts the SRH into the data traffic in the following manner:
-
Insert Mode— IS-IS inserts an SRH as the next header in the original IPv6 packet header and modifies the next header according to the value of the SRH. The IPv6 destination address is replaced with the IPv6 address of the first SID in the segment list and the original IPv6 destination address is carried in the SRH header as the last segment in the list. To enable the insert mode at transit routers, include the
transit-srh-insert
statement at the[edit protocols isis source-packet-routing srv6]
hierarchy level. -
Encap Mode— In the encap mode, the original IPv6 packet is encapsulated and transported as the inner packet of an IPv6-in-IPv6 encapsulated packet. The outer IPv6 packet carries the SRH with the segment list. The original IPv6 packet travels unmodified in the network. By default, Junos OS supports SRv6 tunnel encapsulation in reduced SRH. However, you can choose one of the following tunnel encapsulation methods:
-
Reduced SRH (default)— With the reduced SRH mode, if there is only one SID, there is no SRH added and the last SID is copied into the IPV6 destination address. You cannot preserve the entire SID list in the SRH with a reduced SRH.
-
Non-reduced SRH— You can configure the non-reduced SRH tunnel encapsulation mode when you want to preserve the entire SID list in the SRH.
To configure non-reduced SRH, include the
no-reduced-srh
statement at the[edit routing-options source-packet-routing srv6]
hierarchy level.
-
If you configure or delete no-reduced-srh
on ACX7000 platforms,
it restarts the Packet Forwarding Engine (PFE).
The configuration of fate-sharing is currently not supported in IPv6 only networks. Also, SRv6 TI-LFA does not take Shared Risk Link Group (SRLG) into consideration when computing backup paths. For more information on TI-LFA, see Understanding Topology-Independent Loop-Free Alternate with Segment Routing for IS-IS.
Micro SID support in SRv6
Starting in Junos OS Release 23.4R1, you can compress multiple SRv6 addresses into a single IPv6 address (the micro-SID). If a packet needs to traverse multiple nodes, IS-IS can stack up the SRv6 SIDs using a segment routing header. This stacking of SIDs adds to the bandwidth overhead and the segment routing header processing overhead. With micro-SIDs, you can compress the SID list to a single destination address and reduce the bandwidth overhead. Enable micro-SID locator if you need to include more than six SRv6 SIDs, Note that if you configure micro-SID, you cannot configure other parameters. All micro-SIDs derived from this locator have the same length as per default micro-SID-length (16).
To configure micro SID, include the micro-sid and the block statements at the [edit routing-options
source-packet-routing srv6 locator]
and [edit routing-options
source-packet-routing srv6]
hierarchy levels.
Supported and Unsupported Features for SRv6 Network Programming in IS-IS
SRv6 Network Programming in IS-IS Networks currently supports::
-
Core IPv6 and dual stack. IPv4 and IPv6 transport is supported for dual stack.
-
IPv4 and IPv6 payloads.
-
Upto 6 SIDs in reduced mode at ingress router.
-
Upto 7 SIDs in transit routers.
SRv6 Network Programming in IS-IS Networks currently does not support:
-
Anycast for locator prefix.
-
Shared Risk Link Group (SRLG) when computing backup paths.
-
Static SRv6 tunnel with segment lists.
-
ICMP and ICMPv6 error handling.
-
SR-TE policy configuration for SRv6 Tunnel.
-
Conflict resolution for Flexible Algorithm locators. Multiple nodes sharing the same locator prefix with different algorithm values could result in unexpected routing behavior.
-
Interface group for End-X-SID.
-
Configuring normal or extended admin-groups for IPv6 networks without MPLS. These features can only be configured at [edit protocols mpls] hierarchy level.