Segment Routing
Definition
Segment Routing (SR) is a protocol designed to forward data packets on a network based on source routes.
Segment Routing divides a network path into several segments and assigns a segment ID (SID) to each segment and forwarding node. The segments and nodes are sequentially arranged into a segment list to form a forwarding path.
Segment Routing is divided into two types based on the forwarding plane. Segment Routing MPLS (SR MPLS for short) is based on the MPLS forwarding plane, whereas Segment Routing IPv6 (SRv6 for short) is based on the IPv6 forwarding plane.
This document focuses on Segment Routing MPLS (hereinafter referred to as Segment Routing).
Background of Segment Routing
Currently, networks that need to adapt to services are evolving towards service-driven networks. Network adaptation to services refers to reactive adjustments of the network architecture and configurations based on service requirements. This model does not match the rapid development of services. Moreover, it makes network deployment more complex and network maintenance more difficult.
Figure 1-1 shows a service-driven network where explicit paths are calculated based on the requirements of applications. The network is dynamically adjusted in real time to rapidly meet service change requirements.
Segment Routing Fundamentals
Segment Routing involves the following concepts:
Segment Routing domain: a set of Segment Routing nodes.
SID: unique identifier of a segment. A SID is mapped to an MPLS label on the forwarding plane.
Segment Routing global block (SRGB): a set of local labels reserved for Segment Routing.
Table 1-1 describes different types of segments.
Label |
Generation Method |
Function |
|---|---|---|
Prefix segment |
Manually configured |
Identifies the prefix of a destination address. An IGP propagates the prefix segment of an NE to the other NEs. The prefix segment is visible and takes effect globally. Each prefix segment is identified by a prefix SID. A prefix SID is an offset value within the SRGB range and advertised by a source node. The receive end uses the local SRGB to compute label values and then generates MPLS forwarding entries. |
Adjacency segment |
Dynamically allocated by the ingress through a protocol or manually configured |
Identifies an adjacency on a network. An IGP propagates the adjacency segment of an NE to the other NEs. The adjacency segment is visible globally but takes effect locally. Each adjacency segment is identified by an adjacency SID. The adjacency SID is a local SID that is outside of the SRGB range. |
Node segment |
Manually configured |
Identifies a specific node. Node segments are special prefix segments. When an IP address is configured as a prefix for a loopback interface of a node, the prefix SID is the node SID. |
Figure 1-2 shows prefix, adjacency, and node SID examples.
In plain terms, a prefix segment indicates a destination address, and an adjacency segment indicates a link for outgoing data packets. The prefix and adjacency segments are similar to the destination IP address and outbound interface in conventional IP forwarding, respectively. In an IGP area, an NE propagates its node SID and adjacency SID through extended IGP messages, so that any NE in the area can obtain information about the other NEs.
Combining prefix (node) and adjacency SIDs in sequence can construct any network path. Every hop on a path identifies a next hop, which is based on the segment information on the top of the label stack. The segment information is stacked in sequence at the top of the data header. If the top SID identifies another node, the receive end forwards the received data packet to that node through equal-cost multi-path routing (ECMP). If the top SID identifies the local node, the receive end removes the top SID and proceeds with the following procedure.
Prefix, adjacency, and node segments can be used independently or in combinations. They are mainly used in the following three modes:
1. Prefix segment-based mode: An IGP uses the shortest path first (SPF) algorithm to compute the shortest path. This mode is also called Segment Routing-Best Effort (SR-BE).
As shown in Figure 1-3, node Z is connected to the destination network with a prefix SID of 68. After an IGP propagates the prefix SID, each node in the IGP area learns the prefix SID of the network from node Z and then runs SPF to compute the shortest path to the network.
2. Adjacency segment-based mode: As shown in Figure 1-4, an adjacency segment is allocated to each adjacency on the network, and a segment list with multiple adjacency segments is defined on the ingress, so that any strict explicit path can be specified. In this mode, path adjustment and traffic optimization can be implemented in a centralized manner, facilitating software-defined networking (SDN) implementation. This mode is mainly used for Segment Routing-Traffic Engineering (SR-TE).
3. Mode in which adjacency and node segments are combined: As shown in Figure 1-5, adjacency and node segments are combined, and the adjacency segment allows a path to forcibly include a specified adjacency. Nodes can run SPF to compute the shortest path based on node segments or establish multiple paths to load-balance traffic. The paths computed in this mode are not strictly fixed. Therefore, they are also called loose explicit paths. This mode is mainly used for SR-TE.
SR-BE Tunnel Establishment
A forwarding path established using SR-BE technology is an LSP without a tunnel interface. This type of LSP is called SR LSP for short. The establishment and data forwarding of SR LSPs are similar to those of LDP LSPs.
Figure 1-6 shows how an SR LSP is established.
The establishment procedure is as follows:
- Manual configuration: The prefix SID and SRGB are manually configured on the desired NE and then propagated through an IGP packet.
- Label distribution: Each NE parses the received IGP packet and computes a label value by summing up the start value in the local SRGB range and the prefix SID. In addition, each NE computes an outgoing label value by summing up the start value in the next-hop SRGB range and the prefix SID.
- Path computation: Based on IGP-collected topology information, the NEs use the same SPF algorithm to compute a label forwarding path and then generate a forwarding entry.
Similar to traffic forwarding over MPLS LDP LSPs, traffic forwarding over SR LSPs also involves push, swap, and pop operations on label stacks and supports penultimate hop popping (PHP), MPLS QoS, and other features.
SR-TE Tunnel Establishment
SR-TE is a new TE tunnel technology that uses Segment Routing as a control protocol. A tunnel established using SR-TE is called an SR-TE tunnel.
SR-TE tunnels support the attributes of MPLS TE tunnels. In addition, they support bidirectional forwarding detection (BFD).
SR-TE tunnels can be manually configured. Manual configuration is suitable for small-scale networks because it does not require the cooperation of a controller. However, this method does not support bandwidth reservation. In addition to manual configuration, another way to generate an SR-TE tunnel is to run the Constrained Shortest Path First (CSPF) algorithm for path computation on the ingress. Although this way supports bandwidth reservation, the computed path is only locally optimal. SR-TE tunnels can also be generated by using a controller for path computation, as shown in Figure 1-7.
The establishment procedure is as follows:
- Manual configuration: Configure IGP SR on forwarders to generate link topology and label information.
- Topology and label information reporting: BGP-LS reports the information to the controller.
- Link generation: PCEP computes a label forwarding path.
- Information delivery: Tunnel attributes and LSP information are delivered by NETCONF and PCEP, respectively.
- Tunnel creation: An SR-TE tunnel is automatically created between PEs based on tunnel attributes and LSP information.
An SR-TE tunnel generated by a controller has the following advantages:
- The controller supports bandwidth computation and resource reservation, and can therefore compute a globally optimal path.
- The controller can cooperate with network applications. Upon receipt of an application-generated requirement, the controller can quickly respond to the requirement and compute a network forwarding path that meets the requirement, helping achieve a service-driven network.
- The controller does not require a lot of manual tunnel configurations, making this method more suitable for large-scale networks.
Segment Routing TI-LFA FRR
Traditional Loop-Free Alternate (LFA) and remote LFA (RLFA) technologies have constraints on the network topology and therefore cannot achieve 100% fault protection. This document uses RLFA as an example to describe the differences between RLFA and Topology-Independent Loop-Free Alternate (TI-LFA).
If RLFA is used and the link between B and E is faulty, B forwards data packets to C. Because the cost between C and D is 1000, C considers that the optimal path to F passes through B. As a result, the packets are forwarded back to B, causing a loop and forwarding failure.
If TI-LFA is used and the link between B and E is faulty, B directly uses TI-LFA FRR backup entries to add new path information (node SID of C and adjacency SID for C-to-D) to the data packets to ensure that the packets can be forwarded along the backup path.
TI-LFA establishes a backup path over an explicit path without topology constraints, theoretically achieving 100% FRR protection.
Segment Routing Advantages
Segment Routing has the following advantages:
1. Simplified MPLS control plane: Segment Routing does not require LDP or RSVP-TE deployment. Instead, it uses an IGP to distribute labels and compute paths, without changing the existing MPLS forwarding architecture. Table 1-2 compares Segment Routing with MPLS.
Item |
Segment Routing |
MPLS |
|---|---|---|
Control protocol |
IGP |
LDP/RSVP-TE/BGP/IGP |
Label distribution |
A label is allocated to each adjacency or node, and the number of labels to be distributed is independent of the number of tunnels, reducing the number of required resources. |
The number of labels to be distributed increases with the number of tunnels, requiring a large number of resources. |
Path adjustment and control |
The ingress performs re-computation to complete path adjustment and control. |
Configurations need to be delivered node by node for path adjustment and control. |
2. Simplified TE technology and improved capacity expansion capability: MPLS TE is a connection-oriented technology. To maintain the connection status, nodes need to exchange a large number of refresh packets. This increases the control plane load.
Segment Routing controls service paths only through label operations on the ingress. It does not require transit nodes to maintain path information, reducing the control plane load.
MPLS TE and Segment Routing need to maintain different numbers of connection states.
- For MPLS TE, the number of connection states to be maintained is directly proportional to the number of TE tunnels. That is, the number of connection states to be maintained is equal to the number of nodes raised to the power of 2.
- For Segment Routing, the ingress maintains tunnel status. The number of connection states to be maintained is equal to the sum of the number of nodes and the number of connections.
3. Smoother network evolution to SDN
- Existing protocols are extended, enabling the network to smoothly evolve.
- The ingress controls and adjusts service paths through the source routing technology, enabling the network to quickly respond to the requirements of upper-layer applications.
- Balancing centralized control and distributed control/forwarding prevents controller performance from becoming a service bottleneck.
Segment Routing Applications
After SR tunnels are established, service traffic needs to be steered to the tunnels. This process is called traffic steering. Because SR-BE tunnels do not have tunnel interfaces, the traffic steering mode of SR-BE is different from that of SR-TE.
SR-BE supports the following traffic steering modes:
- Tunnel policy: Use a tunnel type prioritizing policy to select SR-BE tunnels.
- Static route: When configuring a static route, specify the next hop as the destination address of an SR-BE tunnel and configure the route to recurse to the SR-BE tunnel based on the next hop.
- IP route recursion to tunnels: Configure a public IP route, such as a BGP route, to recurse to an SR-BE tunnel based on the next hop of the route.
SR-TE supports the following traffic steering modes:
- Tunnel policy: Use a tunnel type prioritizing policy to select SR-TE tunnels or a tunnel binding policy to bind SR-TE tunnels.
- Static route: When configuring a static route, specify the outbound interface of the route as an SR-TE tunnel interface.
- Auto route: An IGP uses an auto route related to an SR-TE tunnel functioning as a logical link to compute a path. The outbound interface of the route is used as an SR-TE tunnel interface.
- Policy-based routing: The outbound interface in an apply clause is used as an SR-TE tunnel interface.
Routes and services that can recurse to SR tunnels include static routes, BGP public network routes, and L3VPN, VPLS, VPWS, and EVPN services.
References
For details about Segment Routing and how to configure Segment Routing, see New IP Technologies.