Routing area

Internet Engineering Task Force (IETF)                          S. Hegde
Internet-Draft
Request for Comments: 9703                                 M. Srivastava
Intended status:
Category: Standards Track                          Juniper Networks Inc.
Expires: 29 January 2025
ISSN: 2070-1721                                                 K. Arora
                                                  Individual Contributor
                                                                S. Ninan
                                                                   Ciena
                                                                   X. Xu
                                                            China Mobile
                                                            28 July
                                                           December 2024

   Label Switched Path (LSP) Ping/Traceroute for Segment Routing (SR)
Egress Peer Engineering (EPE) Segment Identifiers (SIDs) with MPLS Data
                                 Plane
                     draft-ietf-mpls-sr-epe-oam-19

Abstract

   Egress Peer Engineering (EPE) is an application of Segment Routing to
   solve
   (SR) that solves the problem of egress peer selection.  The Segment Routing
   based SR-based
   BGP-EPE solution allows a centralized controller, e.g. e.g., a
   Software Software-
   Defined Network (SDN) controller controller, to program any egress peer.  The
   EPE solution requires the node or the SDN controller to program 1)
   the PeerNode Segment Identifier(SID) Identifier (SID) describing a session between
   two nodes, 2) the PeerAdj SID describing the link (one or more) links that is are
   used by the sessions between peer nodes, and 3) the PeerSet SID
   describing any connected interface to any peer in the related group.
   This document provides new sub-TLVs for EPE Segment Identifiers (SID) EPE-SIDs that would be are used in the MPLS
   Target stack FEC Stack TLV (Type 1), 1) in MPLS Ping and Traceroute procedures.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents an Internet Standards Track document.

   This document is a product of the Internet Engineering Task Force
   (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list  It represents the consensus of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid the IETF community.  It has
   received public review and has been approved for a maximum publication by the
   Internet Engineering Steering Group (IESG).  Further information on
   Internet Standards is available in Section 2 of six months RFC 7841.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be updated, replaced, or obsoleted by other documents obtained at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on 29 January 2025.
   https://www.rfc-editor.org/info/rfc9703.

Copyright Notice

   Copyright (c) 2024 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents (https://trustee.ietf.org/
   license-info)
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Revised BSD License text as described in Section 4.e of the
   Trust Legal Provisions and are provided without warranty as described
   in the Revised BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Theory of Operation . . . . . . . . . . . . . . . . . . . . .   4
   3.  Requirements Language . . . . . . . . . . . . . . . . . . . .   5
   4.  FEC Definitions . . . . . . . . . . . . . . . . . . . . . . .   5
     4.1.  PeerNode SID Sub-TLV  . . . . . . . . . . . . . . . . . .   5
     4.2.  PeerAdj SID Sub-TLV . . . . . . . . . . . . . . . . . . .   7
     4.3.  PeerSet SID Sub-TLV . . . . . . . . . . . . . . . . . . .   9
   5.  EPE-SID FEC validation  . . . . . . . . . . . . . . . . . . .  11 Validation
     5.1.  EPE-SID FEC validiation . . . . . . . . . . . . . . . . .  11 Validation Rules
   6.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .  13
   7.  Security Considerations . . . . . . . . . . . . . . . . . . .  14
   8.  Implementation Status . . . . . . . . . . . . . . . . . . . .  14
     8.1.  Juniper Networks  . . . . . . . . . . . . . . . . . . . .  15
   9.  Acknowledgments . . . . . . . . . . . . . . . . . . . . . . .  15
   10.  References  . . . . . . . . . . . . . . . . . . . . . . . . .  15
     10.1.
     8.1.  Normative References . . . . . . . . . . . . . . . . . .  15
     10.2.
     8.2.  Informative References . . . . . . . . . . . . . . . . .  16
   Appendix A.  APPENDIX . . . . . . . . . . . . . . . . . . . . . .  17  Examples of Programmed States
   Acknowledgments
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  18

1.  Introduction

   Egress Peer Engineering (EPE) (EPE), as defined in [RFC9087] [RFC9087], is an
   effective mechanism that is used to select the egress peer link based
   on different criteria.  In this scenario, egress peers may belong to
   a completely different ownership.  The EPE-SIDs provide the means to
   represent egress peer nodes, links, sets of links links, and sets of nodes.
   Many network deployments have built their networks consisting of
   multiple Autonomous Systems, Systems (ASes) either for the ease of operations
   or as a result of network mergers and acquisitions.  The inter-AS
   links connecting any two Autonomous Systems ASes could be traffic-engineered using EPE-SIDs EPE-
   SIDs in this case, where there is single ownership but different AS
   numbers.  It is important to validate the control plane to forwarding
   plane synchronization for these SIDs so that any anomaly can be
   detected
   easily detected by the network operator.  EPE-SIDs may also be used
   in an ingress SR Segment Routing (SR) policy [RFC9256]to [RFC9256] to choose exit
   points where the remote AS belongs to has a completely different ownership.
   This scenario is out of scope of for this document.

      +---------+      +------+
      |         |      |      |
      |    H    B------D      G
      |         | +---/| AS 2 AS2  |\  +------+
      |         |/     +------+ \ |      |---L/8
      A   AS1   C---+            \|      |
      |         |\\  \  +------+ /| AS 4 AS4  |---M/8
      |         | \\  +-E      |/ +------+
      |    X    |  \\   |      K
      |         |   +===F AS 3 AS3  |
      +---------+       +------+

                        Figure 1: Reference Diagram

   In this reference diagram, Figure 1, EPE-SIDs are configured on AS1 towards AS2 and AS3 and
   advertised in BGP-LS the Border Gateway Protocol - Link State (BGP-LS)
   [RFC9086].  In certain cases cases, the EPE-SIDs advertised by the control
   plane may not be in synchronization with the label programmed in the
   data plane.  For example, on C C, a PeerAdj SID could be advertised to
   indicate it is for the link C->D.  Due to some software anomaly, the
   actual data forwarding on this PeerAdj SID could be happening over
   the C->E link.  If E had relevant data paths for further forwarding
   the packet, this kind of anomaly will would go unnoticed by the network
   operator.  A detailed example of a correctly programmed state and an
   incorrectly programmed state along with a description of how the
   incorrect state can be detected is described in Appendix A.  A FEC
   Forwarding Equivalence Class (FEC) definition for the EPE-SIDs will define the details of
   detail the control plane association of the SID.  The data plane
   validation of the SID will be done during the MPLS traceroute Traceroute
   procedure.  When there is a multi-hop EBGP External BGP (EBGP) session
   between the ASBRs, a PeerNode SID is advertised, and the traffic MAY
   be load-balanced between the interfaces connecting the two nodes.  In the reference diagram,
   Figure 1, C and F could have a PeerNode- PeerNode SID advertised.  When the OAM
   Operations, Administration, and Maintenance (OAM) packet is received
   on F, it needs to be validated that the packet came from one of the
   two interfaces connected to C.

   This document provides Target Forwarding Equivalence Class (FEC)
   stack
   Stack TLV definitions for EPE-SIDs.  This solution requires that the node
   constructing the target Target FEC stack can Stack TLV to determine the type types of the SIDs
   along the path of the LSP.  Other procedures for MPLS Ping and
   Traceroute
   Traceroute, as defined in [RFC8287] section Section 7 of [RFC8287] and clarified by
   [RFC8690] in
   [RFC8690], are applicable for EPE-SIDs as well.

2.  Theory of Operation

   [RFC9086] provides mechanisms to advertise the EPE-SIDs in BGP-LS.
   These EPE-SIDs may be used to build Segment Routing SR paths as and may be communicated
   using extensions described in [I-D.ietf-idr-segment-routing-te-policy] [BGP-SR-SEGTYPES-EXT] and
   [SR-BGP-POLICY] or using Path Computation Element Protocol (PCEP)
   extensions as defined in [RFC8664].  Data plane monitoring for such
   paths which that consist of EPE-SIDs will use extensions defined in this
   document to build the Target FEC stack Stack TLV.  The MPLS Ping and
   Traceroute procedures MAY be initiated by the head-end of the Segment Routing SR path
   or a centralized topology-aware data plane monitoring system system, as
   described in [RFC8403].  The extensions in
   [I-D.ietf-idr-segment-routing-te-policy] [BGP-SR-SEGTYPES-EXT],
   [SR-BGP-POLICY], and [RFC8664] do not define how to acquire and carry
   the details of the SID that can be used to construct the FEC.  Such
   extensions are out of the scope for this document.  The node initiating
   the data plane monitoring may acquire the details of EPE-SIDs through
   BGP-LS advertisements advertisements, as described in [RFC9086].  There may be other
   possible mechanisms that can be used to learn the definition of the
   SID from the controller.  Details of such mechanisms are out of scope
   for this document.

   The EPE-SIDs are advertised for inter-AS links which that run EBGP
   sessions.  [RFC9086] does not define the detailed procedures of how
   to operate EBGP sessions in a scenario with unnumbered interfaces.
   Therefore, these scenarios are out of scope for this document.
   Anycast and multicast addresses are not in the scope of this
   document.  During the AS migration scenario scenario, procedures described in
   [RFC7705] may be in force.  In these scenarios, if the local and
   remote AS fields in the FEC as (as described in Section 4 carries 4) carry the
   globally configured ASN AS Number and not the "local AS" as (as defined in
   [RFC7705],
   [RFC7705]), then the FEC validation procedures may fail.

   As described in Section 1, this document defines Target FEC stack Stack
   TLVs for
   EPE-SIDs, EPE-SIDs that can be used in detecting MPLS data plane
   failures [RFC8029].  This mechanism applies to paths created across across
   ASes of co-operating cooperating administrations.  If the ping or traceroute
   packet enters a non co-operating non-cooperating AS domain, it might be dropped by the
   routers in the non co-operating non-cooperating domain.  Although a complete path
   validation cannot be done across, non co-operating across non-cooperating domains, it still
   provides useful information that the ping/traceroute ping or traceroute packet
   entered a
   non co-operating non-cooperating domain.

3.  Requirements Language

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
   "OPTIONAL" in this document are to be interpreted as described in BCP
   14, [RFC2119], [RFC8174] when, and only when, they appear in all
   capitals, as shown here.

4.  FEC Definitions

   Three

   In this document, three new sub-TLVs are defined for the Target FEC
   Stack TLV (Type 1), the Reverse-Path Target FEC Stack TLV (Type 16),
   and the Reply Path TLV (Type 21).

               Sub-Type    Sub-TLV Name
               --------  ---------------
                TBD1      PeerAdj SID Sub-TLV
                TBD2      PeerNode SID Sub-TLV
                TBD3      PeerSet SID Sub-TLV

                        Figure 2: New sub-TLV types 21); see Table 1.

4.1.  PeerNode SID Sub-TLV

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |Type = TBD2 39                      |          Length               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |              Local AS Number (4 octets)                       |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |              Remote AS Number (4 octets)                      |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |              Local BGP router Router ID (4 octets)                   |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |              Remote BGP Router ID (4 octets)                  |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                       Figure 3: 2: PeerNode SID Sub-TLV
   Type :

   Type:  2 octets

   Value:TBD2

   Length :

   Value:  39

   Length:  2 octets

   Value:  16

   Local AS Number : Number:  4 octets octets.  The unsigned integer representing the AS
      number [RFC6793] of the AS to which the PeerNode SID advertising
      node belongs.  If Confederations [RFC5065] are in use, and if the
      remote node is a member of a different Member-AS within the local
      Confederation, this is the Member-AS Number inside the
      Confederation and not the Confederation Identifier.

   Remote AS Number : Number:  4 octets octets.  The unsigned integer representing the
      AS number [RFC6793] of the AS of the remote node for which the
      PeerNode SID is advertised.  If Confederations [RFC5065] are in
      use, and if the remote node is a member of a different Member-AS
      within the local Confederation, this is the Member-AS Number
      inside the Confederation and not the Confederation Identifier.

   Local BGP Router ID : ID:  4 octets octets.  The unsigned integer representing
      the BGP Identifier of the PeerNode SID advertising node as defined
      in [RFC4271] and [RFC6286].

   Remote BGP Router ID : ID:  4 octets octets.  The unsigned integer representing
      the BGP Identifier of the remote node as defined in [RFC4271] and
      [RFC6286].

   When there is a multi-hop EBGP session between two ASBRs, a PeerNode
   SID is advertised for this session session, and traffic can be load balanced load-balanced
   across these interfaces.  An EPE controller that does performs bandwidth
   management for these links should be aware of the links on which the
   traffic will be load-balanced.  As per [RFC8029], the node
   advertising the EPE SIDs EPE-SIDs will send a Downstream Detailed Mapping
   (DDMAP) TLV
   (DDMAP TLV) specifying the details of nexthop interfaces, the OAM
   packet will be sent out. next-hop interfaces.  Based
   on this information information, the controller MAY choose to verify the actual
   forwarding state with the topology information that the controller
   has.  On the router, the validation procedures will include, include the
   received DDMAP validation validation, as specified in [RFC8029] [RFC8029], to verify the
   control state and the forwarding state synchronization on the two
   routers.  Any discrepancies between the controller's state and the
   forwarding state will not be detected by the procedures described in the
   this document.

4.2.  PeerAdj SID Sub-TLV

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |Type = TBD1 38                      |          Length               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   | Adj-Type Adj type      |            RESERVED                           |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |              Local AS Number (4 octets)                       |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |              Remote AS Number (4 octets)                      |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |              Local BGP router Router ID (4 octets)                   |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |              Remote BGP Router ID (4 octets)                  |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |              Local Interface address Address (4/16 octets)            |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |              Remote Interface address Address (4/16 octets)           |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                       Figure 4: 3: PeerAdj SID Sub-TLV

   Type :

   Type:  2 octets

   Value: TBD1

   Length :  38

   Length:  2 octets

   Value: variable  Variable based on the IPv4/IPv6 interface address.  Length
      excludes the length of the Type and Length fields.For fields.  For IPv4
      interface
   addresses addresses, the length will be 28 octets.  In the case of
      an IPv6 address address, the length will be 52 octets.

   Adj-Type :

   Adj type:  1 octet

   Value:  Set to 1 when the Adjacency Segment is IPv4 IPv4.  Set to 2 when
      the Adjacency Segment is IPv6
   RESERVED : IPv6.

   RESERVED:  3 octets.  MUST be zero when sending, sending and ignored on
      receiving.

   Local AS Number : Number:  4 octets octets.  The unsigned integer representing the AS
      number [RFC6793] of the AS to which the PeerAdj SID advertising
      node belongs.  If Confederations [RFC5065] are in use, and if the
      remote node is a member of a different Member-AS within the local
      Confederation, this is the Member-AS Number inside the
      Confederation and not the Confederation Identifier.

   Remote AS Number : Number:  4 octets octets.  The unsigned integer representing the
      AS number[RFC6793] of the AS number [RFC6793] of the remote node node's AS for which the PeerAdj
      SID is advertised.  If Confederations [RFC5065] are in use, and if
      the remote node is a member of a different Member-AS within the
      local Confederation, this is the Member-AS Number inside the
      Confederation and not the Confederation Identifier.

   Local BGP Router ID : ID:  4 octets octets.  The unsigned integer representing
      the BGP Identifier of the PeerAdj SID advertising node as defined
      in [RFC4271] and [RFC6286].

   Remote BGP Router ID : ID:  4 octets octets.  The unsigned integer representing
      the BGP Identifier of the remote node as defined in [RFC4271] and
      [RFC6286].

   Local Interface Address :4 octets/16 Address:  4 octets or 16 octets.  In the case of
      PeerAdj SID, Local the local interface address corresponding to the
      PeerAdj SID should be specified in this field.  For IPv4,this IPv4, this
      field is 4 octets; for IPv6, this field is 16 octets.  Link-local
      IPv6 addresses are not in the scope of this document.

   Remote Interface Address :4 octets/16 Address:  4 octets or 16 octets.  In the case of
      PeerAdj SID Remote SID, the remote interface address corresponding to the
      PeerAdj SID should be apecified specified in this field.  For IPv4, this
      field is 4 octets; for IPv6, this field is 16 octets.  Link-local
      IPv6 addresses are not in the scope of this document.. document.

   [RFC9086] mandates sending a local interface ID and remote interface
   ID in the Link Descriptors link descriptors and allows a value of 0 in the remote
   descriptors.  It is useful to validate the incoming interface for an
   OAM packet and packet, but if the remote descriptor is 0 0, this validation is not
   possible.  [RFC9086] allows optional  Optional link descriptors of local and remote interface
   addresses are allowed as described in section 4.2.  This
   document RECOMMENDs sending Section 4.2 of [RFC9086].  In
   this document, it is RECOMMENDED to send these optional descriptors
   and using use them to validate incoming interface. interfaces.  When these local and
   remote interface addresses are not available, an ingress node can
   send 0 in the local and/or remote interface address field.  The
   receiver SHOULD skip the validation for the incoming interface if the
   address field contains 0.

4.3.  PeerSet SID Sub-TLV

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |Type = TBD3 40                     |          Length               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |              Local AS Number (4 octets)                       |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |              Local BGP router Router ID (4 octets)                   |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |   No.of    No. of elements in set     |          Reserved             |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |              Remote AS Number (4 octets)                      |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |              Remote BGP Router ID (4 octets)                  |
   ++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-++

    One element in set consists of below the details below
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |              Remote AS Number (4 octets)                      |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |              Remote BGP Router ID (4 octets)                  |
   ++-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-++

                       Figure 5: 4: PeerSet SID Sub-TLV
   Type :

   Type:  2 octets

   Value: TBD3

   Length :  40

   Length:  2 octets

   Value:  Expressed in octets and is a variable based on the number of
      elements in the set.  The length field does not include the length
      of Type and Length fields.

   Local AS Number :4 octets Number:  4 octets.  The unsigned integer representing the AS
      number [RFC6793] of the AS to which the PeerSet SID advertising
      node belongs.  If Confederations [RFC5065] are in use, and if the
      remote node is a member of a different Member-AS within the local
      Confederation, this is the Member-AS Number inside the
      Confederation and not the Confederation Identifier.

   Local BGP Router ID : ID:  4 octets octets.  The unsigned integer representing
      the BGP Identifier of the PeerSet SID advertising node node, as defined
      in [RFC4271] and [RFC6286].

   No.of

   No. of elements in set:  2 octets octets.  The number of remote ASes over
      which the set SID performs load
   balancing.

   Reserved : load-balancing.

   Reserved:  2 octets.  MUST be zero when sent and ignored when
      received.

   Remote AS Number : Number:  4 octets octets.  The unsigned integer representing the
      AS number [RFC6793] of the AS
   of the remote node node's AS for which the PeerSet
      SID is advertised.  If Confederations [RFC5065] are in use, and if
      the remote node is a member of a different Member-AS within the
      local Confederation, this is the Member-AS Number inside the
      Confederation and not the Confederation Identifier.

   Remote BGP Router ID : ID:  4 octets octets.  The unsigned integer representing
      the BGP Identifier of the remote node as defined in [RFC4271] and
      [RFC6286].

   PeerSet SID may be associated with a number of PeerNode SIDs and
   PeerAdj SIDs.  The remote AS number and the Router ID of each of
   these PeerNode SIDs and PeerAdj SIDs MUST be included in the FEC.

5.  EPE-SID FEC validation Validation

   When a remote ASBR of the EPE-SID advertisement receives the MPLS OAM
   packet with the top FEC being the EPE-SID, it MUST perform validity
   checks on the content of the EPE-SID FEC sub-TLV.  The basic length
   check should be performed on the received FEC.

    PeerAdj SID sub-TLV
    -----------
    if
    If Adj type = 1 1, Length should be 28 octets
    If Adj type =2 = 2, Length should be 52 octets

    PeerNode SID sub-TLV
    -------------
    Length = ( 20 (20 + No.of No. of IPv4 interface pairs * 8 +
             No.of
              No. of IPv6 interface pairs * 32 ) 32) octets

    PeerSet SID sub-TLV
    -----------
    Length = (9 + No.of No. of elements in the set *
             (8 + No.of No. of IPv4 interface pairs * 8 +
              No.of
              No. of IPv6 interface pairs * 32)) 32) octets

                        Figure 6: 5: Length Validation

   If a malformed FEC sub-TLV is received, then a return code of 1,
   "Malformed echo request received" received", as defined in [RFC8029] MUST be
   sent.  The below section below is appended to the procedure given in step
   4a of Section 7.4 point 4a of [RFC8287].

5.1.  EPE-SID FEC validiation Validation Rules

   This is an example of Segment Routing IGP-Prefix, IGP-Adjacency SID SID,
   and EPE-SID Validation
   : Receiving node validations.  Note that the term used "receiving node" in this
   section implies corresponds to the node that receives the OAM message with
   the Target FEC stack Stack TLV.

   Else, if the Label-stack-depth is 0 and the Target FEC Stack sub-TLV
   at FEC-stack-depth FEC stack-depth is TBD1 38 (PeerAdj SID sub-TLV), {

       Set the Best-return-code to 10, "Mapping for this FEC is not
       the given label at stack-depth <RSC>" [RFC8029].  Check if
       any below conditions fail:

              -  Validate that the receiving node's BGP Local AS matches
                 with the remote AS field in the received PeerAdj SID
                  FEC
                 sub-TLV.

              -  Validate that the receiving node's BGP Router-ID
                 matches with the Remote Router ID field in the
                 received PeerAdj SID FEC. sub-TLV.

              -  Validate that there is a an EBGP session with a peer
                 having a local AS number and BGP Router-ID as
                 specified in the Local local AS number and Local Router-ID
                 field in the received PeerAdj SID FEC sub-TLV.

       If the Remote remote interface address is not zero, validate the
       incoming interface.  Set the Best-return-code to 35 35,
       "Mapping for this FEC is not associated with the incoming
       interface"  [RFC8287] [RFC8287].  Check if any below conditions fail:

              -  Validate that the incoming interface on which the
                 OAM packet was receieved, received matches with the remote
                 interface specified in the PeerAdj SID FEC sub-TLV sub-TLV.

       If all above validations have passed, set the return code to 3 3,
       "Replying router is an egress for the FEC at stack-depth" stack-depth <RSC>"
       [RFC8029].
       }

   Else, if the Target FEC Stack sub-TLV at FEC-stack-depth FEC stack-depth is TBD2 39
        (PeerNode SID sub-TLV), {

       Set the Best-return-code to 10, "Mapping for this FEC is not
       the given label at stack-depth <RSC>" [RFC8029].  Check if any
       below conditions fail:

          -  Validate that the receiving node's BGP Local AS matches
             with the remote AS field in the received PeerNode SID
             FEC sub-TLV.

          -  Validate that the receiving node's BGP Router-ID matches
             with the Remote Router ID field in the received
             PeerNode SID FEC.

          -  Validate that there is a an EBGP session with a peer
             having a local AS number and BGP Router-ID as
             specified in the Local local AS number and Local Router-ID
             field in the received PeerNode SID FEC sub-TLV.

       If all above validations have passed, set the return code to 3 3,
       "Replying router is an egress for the FEC at stack-depth". stack-depth <RSC>"
       [RFC8029].
       }
   Else, if the Target FEC Stack sub-TLV at FEC-stack-depth FEC stack-depth is TBD3 40
        (PeerSet SID sub-TLV), {

       Set the Best-return-code to 10, "Mapping for this FEC is not
       the given label at stack-depth" stack-depth <RSC>" [RFC8029].  Check if any
       below conditions fail:

          -  Validate that the Receiving Node receiving node's BGP Local AS matches
             with one of the remote AS field fields in the received
             PeerSet SID FEC sub-TLV.

          -  Validate that the Receiving Node receiving node's BGP Router-ID matches
             with one of the Remote Router ID field fields in the
             received PeerSet SID FEC sub-TLV.

          -  Validate that there is a an EBGP session with a peer having
             a local AS number and BGP Router-ID as specified in the Local
             local AS number and Local Router-ID
              field fields in the received
             PeerSet SID FEC sub-TLV.

       If all above validations have passed, set the return code to 3 3,
       "Replying router is an egress for the FEC at stack-depth" stack-depth <RSC>"
       [RFC8029].
       }

6.  IANA Considerations

   IANA is requested to allocate has allocated three new Target FEC stack Stack sub-TLVs
   from in the "Sub-TLVs "Sub-
   TLVs for TLV types 1,16 Types 1, 16, and 21" subregistry in registry
   [IANA-MPLS-LSP-PING-Parameters] within the "TLVs" registry of the "Multi-Protocol
   "Multiprotocol Label switching Switching (MPLS) Label Switched Paths (LSPs)
   Ping parameters" namespace. Parameters" registry group.

                        +==========+==============+
                        | Sub-Type | Sub-TLV Name |
                        +==========+==============+
                        | 38       | PeerAdj SID Sub-TLV : TBD1  |
                        +----------+--------------+
                        | 39       | PeerNode SID Sub-TLV: TBD2 |
                        +----------+--------------+
                        | 40       | PeerSet SID Sub-TLV : TBD3

   The three lowest free values from the Standard Tracks range should be
   allocated if possible.  |
                        +----------+--------------+

                           Table 1: Sub-TLVs for
                          TLV Types 1, 16, and 21
                                  Registry

7.  Security Considerations

   The EPE-SIDs are advertised for egress links for Egress Peer
   Engineering EPE purposes or for
   inter-AS links between co-operating cooperating ASes.  When co-operating cooperating domains
   are involved, they can allow the packets arriving on trusted
   interfaces to reach the control plane and get be processed.

   When EPE-SIDs are created for egress TE links where the neighbor AS
   is an independent entity, it may not allow the packets arriving from
   the external world to reach the control plane.  In such deployments deployments,
   the MPLS OAM packets will be dropped by the neighboring AS that
   receives the MPLS OAM packet.

   In MPLS traceroute Traceroute applications, when the AS boundary is crossed with
   the EPE-SIDs, the Target FEC stack Stack TLV is changed.  [RFC8287] does
   not mandate that the initiator initiator, upon receiving an MPLS Echo Reply
   message that includes the Target FEC Stack Change TLV with one or
   more of the original segments being popped popped, remove a the corresponding
   FEC(s) from the Target FEC Stack TLV in the next (TTL+1) traceroute
   request.

   If an initiator does not remove the FECs belonging to the previous AS
   that has traversed, it may expose the internal AS information to the
   following AS being traversed in the traceroute.

8.  Implementation Status

   This section is to be removed before publishing as an RFC.

   RFC-Editor: Please clean up the references cited by this section
   before publication.

   This section records the status of known implementations of the
   protocol defined by this specification at the time of posting of this
   Internet-Draft, and is based on a proposal described in [RFC7942].
   The description of implementations in this section is intended to
   assist the IETF in its decision processes in progressing drafts to
   RFCs.  Please note that the listing of any individual implementation
   here does not imply endorsement by the IETF.  Furthermore, no effort
   has been spent to verify the information presented here that was
   supplied by IETF contributors.  This is not intended as, and must not
   be construed to be, a catalog of available implementations or their
   features.  Readers are advised to note that other implementations may
   exist.

8.1.  Juniper Networks

   Juniper networks reported a prototype implementation of this draft.

9.  Acknowledgments

   Thanks to Loa Andersson, Dhruv Dhody, Ketan Talaulikar, Italo Busi
   and Alexander Vainshtein, Deepti Rathi for careful review and
   comments.  Thanks to Tarek Saad for providing the example described
   in Appendix section.

10.  References

10.1.

8.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <https://www.rfc-editor.org/info/rfc2119>.

   [RFC6793]  Vohra, Q. and E. Chen, "BGP Support for Four-Octet
              Autonomous System (AS) Number Space", RFC 6793,
              DOI 10.17487/RFC6793, December 2012,
              <https://www.rfc-editor.org/info/rfc6793>.

   [RFC8029]  Kompella, K., Swallow, G., Pignataro, C., Ed., Kumar, N.,
              Aldrin, S., and M. Chen, "Detecting Multiprotocol Label
              Switched (MPLS) Data-Plane Failures", RFC 8029,
              DOI 10.17487/RFC8029, March 2017,
              <https://www.rfc-editor.org/info/rfc8029>.

   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
              May 2017, <https://www.rfc-editor.org/info/rfc8174>.

   [RFC8287]  Kumar, N., Ed., Pignataro, C., Ed., Swallow, G., Akiya,
              N., Kini, S., and M. Chen, "Label Switched Path (LSP)
              Ping/Traceroute for Segment Routing (SR) IGP-Prefix and
              IGP-Adjacency Segment Identifiers (SIDs) with MPLS Data
              Planes", RFC 8287, DOI 10.17487/RFC8287, December 2017,
              <https://www.rfc-editor.org/info/rfc8287>.

   [RFC8690]  Nainar, N., Pignataro, C., Iqbal, F., and A. Vainshtein,
              "Clarification of Segment ID Sub-TLV Length for RFC 8287",
              RFC 8690, DOI 10.17487/RFC8690, December 2019,
              <https://www.rfc-editor.org/info/rfc8690>.

   [RFC9086]  Previdi, S., Talaulikar, K., Ed., Filsfils, C., Patel, K.,
              Ray, S., and J. Dong, "Border Gateway Protocol - Link
              State (BGP-LS) Extensions for Segment Routing BGP Egress
              Peer Engineering", RFC 9086, DOI 10.17487/RFC9086, August
              2021, <https://www.rfc-editor.org/info/rfc9086>.

10.2.

8.2.  Informative References

   [I-D.ietf-idr-segment-routing-te-policy]
              Previdi, S., Filsfils, C.,

   [BGP-SR-SEGTYPES-EXT]
              Talaulikar, K., Filsfils, C., Previdi, S., Mattes, P., and
              D. Jain, "Advertising Segment "Segment Routing Policies in BGP", Segment Types Extensions for BGP
              SR Policy", Work in Progress, Internet-Draft, draft-ietf-idr-segment-
              routing-te-policy-26, 23 October 2023,
              <https://datatracker.ietf.org/doc/html/draft-ietf-idr-
              segment-routing-te-policy-26>. draft-ietf-
              idr-bgp-sr-segtypes-ext-06, 7 November 2024,
              <https://datatracker.ietf.org/doc/html/draft-ietf-idr-bgp-
              sr-segtypes-ext-06>.

   [IANA-MPLS-LSP-PING-Parameters]
              IANA, "Sub-TLVs for TLV Types 1, 16, and 21",
              <https://www.iana.org/assignments/mpls-lsp-ping-
              parameters>.

   [RFC4271]  Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A
              Border Gateway Protocol 4 (BGP-4)", RFC 4271,
              DOI 10.17487/RFC4271, January 2006,
              <https://www.rfc-editor.org/info/rfc4271>.

   [RFC5065]  Traina, P., McPherson, D., and J. Scudder, "Autonomous
              System Confederations for BGP", RFC 5065,
              DOI 10.17487/RFC5065, August 2007,
              <https://www.rfc-editor.org/info/rfc5065>.

   [RFC6286]  Chen, E. and J. Yuan, "Autonomous-System-Wide Unique BGP
              Identifier for BGP-4", RFC 6286, DOI 10.17487/RFC6286,
              June 2011, <https://www.rfc-editor.org/info/rfc6286>.

   [RFC7705]  George, W. and S. Amante, "Autonomous System Migration
              Mechanisms and Their Effects on the BGP AS_PATH
              Attribute", RFC 7705, DOI 10.17487/RFC7705, November 2015,
              <https://www.rfc-editor.org/info/rfc7705>.

   [RFC7942]  Sheffer, Y. and A. Farrel, "Improving Awareness of Running
              Code: The Implementation Status Section", BCP 205,
              RFC 7942, DOI 10.17487/RFC7942, July 2016,
              <https://www.rfc-editor.org/info/rfc7942>.

   [RFC8403]  Geib, R., Ed., Filsfils, C., Pignataro, C., Ed., and N.
              Kumar, "A Scalable and Topology-Aware MPLS Data-Plane
              Monitoring System", RFC 8403, DOI 10.17487/RFC8403, July
              2018, <https://www.rfc-editor.org/info/rfc8403>.

   [RFC8664]  Sivabalan, S., Filsfils, C., Tantsura, J., Henderickx, W.,
              and J. Hardwick, "Path Computation Element Communication
              Protocol (PCEP) Extensions for Segment Routing", RFC 8664,
              DOI 10.17487/RFC8664, December 2019,
              <https://www.rfc-editor.org/info/rfc8664>.

   [RFC9087]  Filsfils, C., Ed., Previdi, S., Dawra, G., Ed., Aries, E.,
              and D. Afanasiev, "Segment Routing Centralized BGP Egress
              Peer Engineering", RFC 9087, DOI 10.17487/RFC9087, August
              2021, <https://www.rfc-editor.org/info/rfc9087>.

   [RFC9256]  Filsfils, C., Talaulikar, K., Ed., Voyer, D., Bogdanov,
              A., and P. Mattes, "Segment Routing Policy Architecture",
              RFC 9256, DOI 10.17487/RFC9256, July 2022,
              <https://www.rfc-editor.org/info/rfc9256>.

   [SR-BGP-POLICY]
              Previdi, S., Filsfils, C., Talaulikar, K., Mattes, P., and
              D. Jain, "Advertising Segment Routing Policies in BGP",
              Work in Progress, Internet-Draft, draft-ietf-idr-sr-
              policy-safi-10, 7 November 2024,
              <https://datatracker.ietf.org/doc/html/draft-ietf-idr-sr-
              policy-safi-10>.

Appendix A.  APPENDIX  Examples of Programmed States

   This section describes an example examples of both a correctly programmed state and an
   incorrectly programmed state and provides details on how the new sub-
   TLVs described in this document can be used to validate the
   correctness.  Consider the diagram from Figure 1, 1.

   Correctly programed programmed state:

      

   *  C assigns label 16001 and binds it to adjacency C->E

      

   *  C signals that label 16001 is bound to adjacency C->E (e.g. (e.g., via BGP-
      LS)

      • Controller/Ingress
      BGP-LS)

   *  The controller/ingress programs an SR path that has SID/label
      16001 to steer the packet on the exit point from C onto adjacency
      C->E

      

   *  Using MPLS trace Traceroute procedures defined in this document, the
      PeerAdj SID Sub-TLV sub-TLV is populates populated with entities to be validated by
      C when the OAM packet reaches it.

      • it

   *  C receives the OAM packet, it packet and validates that the top label (16001)
      is indeed corresponding to the entities populated in the PeerAdj
      SID
      Sub-TLV sub-TLV

   Incorrectly programed programmed state:

      

   *  C assigns label 16001 and binds it to adjacency C->D

      

   *  The controller learns of that PeerAdj SID label 16001 is bound to
      adjacency C->E (e.g. (e.g., via BGP-LS)  -- this could be a software bug
      on C or on the controller
      • Controller/Ingress

   *  The controller/ingress programs an SR path that has SID/label
      16001 to steer the packet on the exit point from C onto adjacency
      C->E

      

   *  Using MPLS trace Traceroute procedures defined in this document, the
      PeerAdj SID Sub-TLV sub-TLV is populates populated with entities to be validated by
      C (including a local/remote interface address of C->E) when the
      OAM packet reaches it.

      • it

   *  C receives the OAM packet, it packet and validates that the top label (16001)
      is NOT bound to C->E as populated in the PeerAdj SID Sub-TLV sub-TLV and can
      respond
      then responds with the respective error code

Acknowledgments

   Thanks to Loa Andersson, Dhruv Dhody, Ketan Talaulikar, Italo Busi,
   Alexander Vainshtein, and Deepti Rathi for careful reviews and
   comments.  Thanks to Tarek Saad for providing the example described
   in Appendix A.

Authors' Addresses

   Shraddha Hegde
   Juniper Networks Inc.
   Exora Business Park
   Bangalore 560103
   KA
   Karnataka
   India
   Email: shraddha@juniper.net

   Mukul Srivastava
   Juniper Networks Inc.
   Email: msri@juniper.net

   Kapil Arora
   Individual Contributor
   Email: kapil.it@gmail.com

   Samson Ninan
   Ciena
   Email: samson.cse@gmail.com

   Xiaohu Xu
   China Mobile
   Beijing
   China
   Email: xuxiaohu_ietf@hotmail.com