SlideShare a Scribd company logo

A comparison of segment routing data-plane encodings

Gunter Van de Velde, profile picture
Gunter Van de Velde

Segment Routing provides simplified packet forwarding by encoding forwarding instructions as segments rather than per-flow state. This document compares different encodings of segments: 32-bit segments encoded directly in MPLS or UDP over IPv4/IPv6 (SRoMPLS, SRoUDP); and 128-bit segments encoded in a new IPv6 extension header (SRv6). SRoMPLS and SRoUDP are well-suited for brownfield networks as they can reuse existing MPLS and IP infrastructure with minimal overhead. SRv6 is designed for native IPv6 but has higher overhead. All approaches simplify operations but have different performance implications depending on the network environment.

Technology
1 of 23
Downloaded 77 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
1 © Nokia 2019 A Comparison of Segment Routing Data-plane Encodings Service enablement based upon segments (32bit or 128bit) • Gunter Van de Velde • 11-04-2019
2 © Nokia 2019 • Introduction • Evolution of Segment Routing • Conclusion Agenda
3 © Nokia 2019 Market needs Network adapts for application and user experience Simple architecture *** Reduced state in the network *** Ease of operation Segment Routing Doesn’t scale for newest network services and adaptive network behavior Current Architecture Policy Mapping, RSVP, LDP, Policy Based Routing, … Policy imposed directly upon each payload packet Pick your poison
4 © Nokia 2019 Segment Routing Value Proposition – Simplicity by “Enhanced Forwarding Behavior” • Packet Forwarding decision is based upon “Segments” and not upon “IP payload prefix” • Segments are encoded as 32bits or 128bits - 32bit Segments supported IPv6, MPLS, (or even IPv4) dataplane - 128bit Segments supported only upon IPv6 dataplane - Sequence of segments represents a set of actions/instructions imposed to the packet • No per-flow state contained within the network • Segments are distributed by Routing or SDN control - No more LDP, because LDP is “Soo Sad” - Fair balance between “distributed intelligence” and “centralized optimization/programming” • Perfect complement to NSH (Network Services Header) - However, minimal context could be encoded in segments (see later)
5 © Nokia 2019 • Introduction • Evolution of Segment Routing • Conclusion Agenda A story to compare Apples with Apples !
6 © Nokia 2019 • Do not confuse with MPLS ! - There is no ‘LDP’ with Segment Routing • Segments encoded directly into MPLS Dataplane • https://datatracker.ietf.org/doc/draft-ietf-spring-segment-routing/ • Principle used: - Encode the Segments as a sequence of 32bit Label fields • MPLS label itself is 20 bits added with 12 bit operational overhead/information - Segments directly distributed by Routing Protocols or controllers (there is NO LDP) - Build upon massive existing technology experience (Fast-Reroute, L2/3 Services support, etc…) - Well known and documented security implications • Minimal packet overhead imposed by Segment Routing (i.e. 32bit/segment) • Mature dataplane technology well supported by Network vendors and Forwarding ASICs • Technology sweet-spot: Reduce complexity in MPLS based networks Evolution of Segment Routing # 1 Encoding: 32bits Segments directly into MPLS Dataplane
7 © Nokia 2019 How does segment Routing look like? Using 32bit Segments (on dataplane it mimics MPLS) 32 bit per Segment SR Header (MPLS Dataplane Encapsulation) Segment Routing Payload (e.g. original IP Packet) Original IP Header Original IP packet payload (variable size)
8 © Nokia 2019 • Do not confuse with classic IPv6 - This is NOT classic IPv6 Routing • Segments encoded as [Outer IPv6 header] [SRH extension header] [optional HMAC security header] • https://tools.ietf.org/html/draft-ietf-6man-segment-routing-header-16 • Principle used: - Based upon IPv6 Source Routing with new innovative IPv6 extension header (SRH) - Each segment is 128 bit • 128bit segments allow limited service semantics to be encoded (NSH not absolutely required anymore) • Larger header overhead tax compared to MPLS encoding • IPv6-only data-plane support • HW forwarding ASIC considerations - Processing long extension headers is computationally expensive • Security consideration: semantics mix of “location” and “context” is good topic for discussion Evolution of Segment Routing # 2 Encoding: 128bits Segments directly into IPv6 Header
9 © Nokia 2019 How does SRv6 Look like Segments (128 bit) with IPv6 encapsulation 8 byte fixed SRH header + (X * 128 bit/segment SRv6 Header (IPv6 Dataplane Encapsulation) Segment Routing Payload (e.g. original IP Packet) Original IP Header Original IP packet payload (variable size) IPv6 Encapsulation (Tunnel/Outer Header) 40 Byte (320 bit) Optional HMAC (Security)40 Byte (320 bit) SRH Extension Header
10 © Nokia 2019 Encoding 128bit Segment How does it look on the wire? IP Packet (v4 or v6) Provider Edge Router Provider BackboneCustomer Site or Data-Center IP Packet (v4 or v6) SR Headers IPv6-Only for SRv6IPv6/IPv4
11 © Nokia 2019 Encoding 128bit Segment How does it look on the wire? IP Packet (v4 or v6) Provider Edge Router Provider BackboneCustomer Site or Data-Center IP Packet (v4 or v6) SR Headers IPv6-Only for SRv6IPv6/IPv4 IP Packet (v4 or v6) IP Packet (v4 or v6) SR Headers HMAC SRH IPv6 Payload 40 byte 8 + (x * 16) byte 40 byte SRv6
12 © Nokia 2019 Encoding 128bit Segment How does it look on the wire? IP Packet (v4 or v6) Provider Edge Router Provider BackboneCustomer Site or Data-Center IP Packet (v4 or v6) SR Headers IPv6-Only for SRv6IPv6/IPv4 IP Packet (v4 or v6) IP Packet (v4 or v6) SR Headers HMAC SRH IPv6 Payload 40 byte 8 + (x * 16) byte 40 byte SRv6 Typical SRv6 overhead properties Typically 8 bytes of overhead (4 bytes are mandatory) Typically, another 16 bytes per SID Routing header with 3 SIDs is 56 bytes long Imposed bandwidth overhead Short packets ( >500) bytes are common on the Internet Routing header with three SIDS may become common > 10% Routing header overhead (https://datatracker.ietf.org/meeting/104/materials/slides-104-spring-the-ipv6-compressed-routing-header-crh-01)*Note1: Reference *Note1 *Note1
13 © Nokia 2019 Encoding 128bit Segment Comparing 128bit vs 32bit encoding IP Packet (v4 or v6) Provider Edge Router Provider BackboneCustomer Site or Data-Center IP Packet (v4 or v6) SR Headers IPv6-Only for SRv6IPv6/IPv4 IP Packet (v4 or v6) IP Packet (v4 or v6) SR Headers HMAC SRH IPv6 Payload 40 byte 8 + (x * 16) byte 40 byte SRv6 IP Packet (v4 or v6) IP Packet (v4 or v6) SR Headers Segments Payload 4 byte/segment MPLS
14 © Nokia 2019 • What we discussed sofar - We have 32bit segments encoded in MPLS dataplane - We have 128bit segments encoded in IPv6 dataplane • So, can we not have 32bit segments encoded using native IPv6 and IPv4? Ofcours we can !!! Evolution of Segment Routing What is next?
15 © Nokia 2019 • Support of 32bit SIDs for IP-based networks • 32bit Segments encoded using UDP header - Outer IPv4 header is 20byte (variable length) and IPv6 header is 40 byte (fixed) - UDP header size is 8 Byte - 32bit Segments sequence will look like MPLS labels - Nothing new and existed for years for MPLS under the technology radar • https://tools.ietf.org/html/draft-ietf-mpls-sr-over-ip-02 • Principle used: - Encode the Segments as a sequence of 32bit Labels encoded inside UDP - Build upon existing technology experience (MPLS), Fast-Path forwarding, Fast-Reroute - Native support for IPv6 and IPv4 dataplane (NO flag day at operator) - Well known and documented security implications - Payload Meta-data is added using NSH (IETF SFC standard technology) Evolution of Segment Routing # 3 Encoding: 32bits Segments directly in SRoUDP (v4 or v6)
16 © Nokia 2019 How does SRoUDP Look like Segments (32 bit) with IP encapsulation Don’t forget about NSH Meta-Data Applications use it (=16 byte for NSH Type1) (>16byte for NSH type 2) 32 bit per Segment SR Header (MPLS Dataplane Encapsulation) Segment Routing Payload (e.g. original IP Packet) Original IP Header Original IP packet payload (variable size) UDP Transport HeaderUDP Header IP Tunnel Encapsulation HeaderIP Outer (Tunnel) Header NSH 8 byte UDP Header 40 byte (IPv6) or 20 byte (IPv4)
17 © Nokia 2019 How does SRoUDP compare with SRv6? Comparing the encoding Each segment is 32 bit Original IP Header Original IP packet payload (variable size) UDP Header IP Tunnel Header (v4 or v6) Optional NSH 8 byte fixed 40 byte (IPv6) or 20 byte (IPv4) 8 byte fixed SRH header + (X * 128 bit/segment) Original IP Header Original IP packet payload (variable size) IPv6 Encapsulation (Tunnel Header) 40 byte Optional HMAC (Security)40 Byte SRH Extension Header Optional NSH SRv6 (128 bit segments) SRoUDP (32 bit segments) SRv6 can use a 128bit Segment encoding for limited meta-data
18 © Nokia 2019 Comparing the encoding: Use-case perspective Approved for Native IPv6 Data-plane transport RFC8354: Use Cases for IPv6 SPRING
19 © Nokia 2019 How does SRoUDP compare with SRv6? Comparing the encoding >10% BW overhead for 500byte packets w/ 3 SID +-4% BW overhead for 500byte packets w/ 3 SID SRv6 Fixed SRH + 3 * SID 8Byte + 3*16Byte 56 Byte 11.2% BW overhead SRoUDP UDP header + 3 * SID 8Byte + 3*4Byte 20 Byte 4% BW overhead For a 500Byte Payload (https://datatracker.ietf.org/meeting/104/materials/slides-104-spring-the-ipv6-compressed-routing-header-crh-01)*Note1: Reference
20 © Nokia 2019 • Seamless Segment Routing support for - Native IPv6 dataplane (SRoUDPv6) - Native MPLS dataplane - (and even native IPv4 Dataplane (SRoUDPv4)) • A Segment Routing 32bit-Segment is mapped to most appropriate data-plane encapsulation (performance, security, availability) - Part of Nokia NF-IX (Network Function Interconnect Framework) - NFIX uses predominant BGP (BGP-LS, BGP-LU, BGP SR-TE, EVPN etc…) as the dominant protocol - NFIX segment routing underlay: Advanced LFA, SRTE tunnels, scale optimization, SDN controller driven - Note: Nokia NFIX architecture allows SRv6 as well if needed/required • Deployment scenario - Sweet spot: Brownfield networks (Fixed and Mobile providers) - Easy integration of existing L2/3 and resiliency services - Deploy proven/secure technology first and seamlessly optimize when appropriate to different types of segments Evolution of Segment Routing - 4 Seamless Segment Routing Encoding
21 © Nokia 2019 • Introduction • Evolution of Segment Routing • Conclusion Agenda
22 © Nokia 2019 Confidential • SRoMPLS & SRoUDP (32bit segments) run over MPLS/IPv4/IPv6 - Good fit for brownfield networks • Can keep using existing MPLS, IPv4 and IPv6 dataplane • No need for forklift upgrade • Seamless across all dataplanes - Small BW overhead imposed by Segment Routing - Forwarding ASIC friendly - Well documented security properties • SRv6 (128bit segments) runs over IPv6 network - Innovative technology fit for IPv6 networks - 128bit segments could contain service/context properties • Simplification: SRv6 may use industry standard NSH header, but not a must anymore - Ongoing work progressed at IETF - Processing long extension headers is computationally expensive • Be aware of forwarding ASIC limitations Conclusion Segment Routing Data-plane encoding
A comparison of segment routing data-plane encodings

More Related Content

PDF
MikroTik & RouterOS
Faelix Ltd
 
PDF
Segment Routing Lab
Cisco Canada
 
PPTX
HSRP ccna
MohamedJafar5
 
PPT
Bgp
Febrian ‎
 
PDF
DevConf 2014 Kernel Networking Walkthrough
Thomas Graf
 
PPT
Spanning tree protocol
Muuluu
 
PPTX
Policy Based Routing
NetProtocol Xpert
 
PPT
Cisco Packet Tracer Overview
Ali Usman
 
MikroTik & RouterOS
Faelix Ltd
 
Segment Routing Lab
Cisco Canada
 
HSRP ccna
MohamedJafar5
 
Bgp
Febrian ‎
 
DevConf 2014 Kernel Networking Walkthrough
Thomas Graf
 
Spanning tree protocol
Muuluu
 
Policy Based Routing
NetProtocol Xpert
 
Cisco Packet Tracer Overview
Ali Usman
 

What's hot (20)

PPTX
MPLS VPN
Shahzaib Mahesar
 
PPT
Juniper mpls best practice part 1
Febrian ‎
 
PDF
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Milan Jan/2014
Bruno Teixeira
 
PPTX
SDN Architecture & Ecosystem
Kingston Smiler
 
PDF
CCNA CheatSheet
Eng. Emad Al-Atoum
 
PDF
Network Address Translation (NAT)
Joud Khattab
 
PDF
Access Network Evolution
Cisco Canada
 
PDF
Netmanias L2,L3 Training (3) L2, L3 QoS
Chris Changmo Yoo
 
PDF
VXLAN Design and Deployment.pdf
NelAlv1
 
PDF
Troubleshooting BGP
APNIC
 
PDF
SDN Presentation
Abderrahmane TEKFI
 
PDF
VXLAN BGP EVPN: Technology Building Blocks
APNIC
 
PPTX
Wi fi call flows
framedrelay
 
PPTX
The Basic Introduction of Open vSwitch
Te-Yen Liu
 
PDF
802.11w Tutorial
AirTight Networks
 
PPTX
Differences of the Cisco Operating Systems
美兰 曾
 
PDF
Mikro tik advanced training
Jignesh H. Bhalsod
 
PPTX
Ise 1 2-bdm-v4
Danny Liu
 
PPTX
Ppt of routing protocols
Bhagyashri Dhoke
 
PDF
Beginners: Bandwidth, Throughput, Latency & Jitter in mobile networks
3G4G
 
MPLS VPN
Shahzaib Mahesar
 
Juniper mpls best practice part 1
Febrian ‎
 
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Milan Jan/2014
Bruno Teixeira
 
SDN Architecture & Ecosystem
Kingston Smiler
 
CCNA CheatSheet
Eng. Emad Al-Atoum
 
Network Address Translation (NAT)
Joud Khattab
 
Access Network Evolution
Cisco Canada
 
Netmanias L2,L3 Training (3) L2, L3 QoS
Chris Changmo Yoo
 
VXLAN Design and Deployment.pdf
NelAlv1
 
Troubleshooting BGP
APNIC
 
SDN Presentation
Abderrahmane TEKFI
 
VXLAN BGP EVPN: Technology Building Blocks
APNIC
 
Wi fi call flows
framedrelay
 
The Basic Introduction of Open vSwitch
Te-Yen Liu
 
802.11w Tutorial
AirTight Networks
 
Differences of the Cisco Operating Systems
美兰 曾
 
Mikro tik advanced training
Jignesh H. Bhalsod
 
Ise 1 2-bdm-v4
Danny Liu
 
Ppt of routing protocols
Bhagyashri Dhoke
 
Beginners: Bandwidth, Throughput, Latency & Jitter in mobile networks
3G4G
 
Ad

Similar to A comparison of segment routing data-plane encodings (20)

PPTX
A comparison of Segment Routing Data-Plane encodings
Gunter Van de Velde
 
PPTX
Brkrst 3123 previdi-final
Stefano Previdi
 
PDF
Segment Routing
APNIC
 
PDF
Segment Routing: A Tutorial
APNIC
 
PPTX
Leveraging IPv6 extension header for traffic engineering, by Eric Vyncke [APN...
APNIC
 
PDF
SEGMENT Routing
Bangladesh Network Operators Group
 
PDF
Cisco Connect Montreal 2017 - Segment Routing - Technology Deep-dive and Adva...
Cisco Canada
 
PDF
Segment Routing Session#1.pdfSegment Routing Session#1.pdf
AhMEd22627
 
PDF
Segment Routing Session#2.pdfSegment Routing Session#2.pdf
AhMEd22627
 
PDF
WAN SDN meet Segment Routing
APNIC
 
PDF
201901-SRv6.pdf
HebaalrahmanAzletine
 
PDF
1 bonica tutorial_segment_routing
hptoga
 
PDF
Engineering The New IP Transport
MyNOG
 
PPTX
TechWiseTV Workshop: Segment Routing for the Datacenter
Robb Boyd
 
PDF
Segment Routing: Prepare Your Network For New Business Models
Cisco Service Provider
 
PPTX
IPv6 Segment Routing : an end-to-end solution ?
Olivier Bonaventure
 
PPTX
MENOG-Segment Routing Introduction
Rasoul Mesghali, CCIE RS
 
PDF
Segment Routing Technology Deep Dive and Advanced Use Cases
Cisco Canada
 
PDF
Segment Routing v6 (SRv6) Academy Update
Chunghan Lee
 
PPTX
Implementing IPv6 Segment Routing in the Linux kernel
Olivier Bonaventure
 
A comparison of Segment Routing Data-Plane encodings
Gunter Van de Velde
 
Brkrst 3123 previdi-final
Stefano Previdi
 
Segment Routing
APNIC
 
Segment Routing: A Tutorial
APNIC
 
Leveraging IPv6 extension header for traffic engineering, by Eric Vyncke [APN...
APNIC
 
SEGMENT Routing
Bangladesh Network Operators Group
 
Cisco Connect Montreal 2017 - Segment Routing - Technology Deep-dive and Adva...
Cisco Canada
 
Segment Routing Session#1.pdfSegment Routing Session#1.pdf
AhMEd22627
 
Segment Routing Session#2.pdfSegment Routing Session#2.pdf
AhMEd22627
 
WAN SDN meet Segment Routing
APNIC
 
201901-SRv6.pdf
HebaalrahmanAzletine
 
1 bonica tutorial_segment_routing
hptoga
 
Engineering The New IP Transport
MyNOG
 
TechWiseTV Workshop: Segment Routing for the Datacenter
Robb Boyd
 
Segment Routing: Prepare Your Network For New Business Models
Cisco Service Provider
 
IPv6 Segment Routing : an end-to-end solution ?
Olivier Bonaventure
 
MENOG-Segment Routing Introduction
Rasoul Mesghali, CCIE RS
 
Segment Routing Technology Deep Dive and Advanced Use Cases
Cisco Canada
 
Segment Routing v6 (SRv6) Academy Update
Chunghan Lee
 
Implementing IPv6 Segment Routing in the Linux kernel
Olivier Bonaventure
 
Ad

Recently uploaded (20)

PDF
Encapsulation theory and applications.pdf
gurumoop
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
PDF
Modernizing your data center with Dell and AMD
Principled Technologies
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PDF
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PDF
KodekX | Application Modernization Development
KodekX
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PDF
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Encapsulation theory and applications.pdf
gurumoop
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
Modernizing your data center with Dell and AMD
Principled Technologies
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
A Presentation on Artificial Intelligence
memembruh336
 
NewMind AI Monthly Chronicles - July 2025
NewMind AI
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
KodekX | Application Modernization Development
KodekX
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Teaching material agriculture food technology
LiaRayya
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 

A comparison of segment routing data-plane encodings

  • 1. 1 © Nokia 2019 A Comparison of Segment Routing Data-plane Encodings Service enablement based upon segments (32bit or 128bit) • Gunter Van de Velde • 11-04-2019
  • 2. 2 © Nokia 2019 • Introduction • Evolution of Segment Routing • Conclusion Agenda
  • 3. 3 © Nokia 2019 Market needs Network adapts for application and user experience Simple architecture *** Reduced state in the network *** Ease of operation Segment Routing Doesn’t scale for newest network services and adaptive network behavior Current Architecture Policy Mapping, RSVP, LDP, Policy Based Routing, … Policy imposed directly upon each payload packet Pick your poison
  • 4. 4 © Nokia 2019 Segment Routing Value Proposition – Simplicity by “Enhanced Forwarding Behavior” • Packet Forwarding decision is based upon “Segments” and not upon “IP payload prefix” • Segments are encoded as 32bits or 128bits - 32bit Segments supported IPv6, MPLS, (or even IPv4) dataplane - 128bit Segments supported only upon IPv6 dataplane - Sequence of segments represents a set of actions/instructions imposed to the packet • No per-flow state contained within the network • Segments are distributed by Routing or SDN control - No more LDP, because LDP is “Soo Sad” - Fair balance between “distributed intelligence” and “centralized optimization/programming” • Perfect complement to NSH (Network Services Header) - However, minimal context could be encoded in segments (see later)
  • 5. 5 © Nokia 2019 • Introduction • Evolution of Segment Routing • Conclusion Agenda A story to compare Apples with Apples !
  • 6. 6 © Nokia 2019 • Do not confuse with MPLS ! - There is no ‘LDP’ with Segment Routing • Segments encoded directly into MPLS Dataplane • https://datatracker.ietf.org/doc/draft-ietf-spring-segment-routing/ • Principle used: - Encode the Segments as a sequence of 32bit Label fields • MPLS label itself is 20 bits added with 12 bit operational overhead/information - Segments directly distributed by Routing Protocols or controllers (there is NO LDP) - Build upon massive existing technology experience (Fast-Reroute, L2/3 Services support, etc…) - Well known and documented security implications • Minimal packet overhead imposed by Segment Routing (i.e. 32bit/segment) • Mature dataplane technology well supported by Network vendors and Forwarding ASICs • Technology sweet-spot: Reduce complexity in MPLS based networks Evolution of Segment Routing # 1 Encoding: 32bits Segments directly into MPLS Dataplane
  • 7. 7 © Nokia 2019 How does segment Routing look like? Using 32bit Segments (on dataplane it mimics MPLS) 32 bit per Segment SR Header (MPLS Dataplane Encapsulation) Segment Routing Payload (e.g. original IP Packet) Original IP Header Original IP packet payload (variable size)
  • 8. 8 © Nokia 2019 • Do not confuse with classic IPv6 - This is NOT classic IPv6 Routing • Segments encoded as [Outer IPv6 header] [SRH extension header] [optional HMAC security header] • https://tools.ietf.org/html/draft-ietf-6man-segment-routing-header-16 • Principle used: - Based upon IPv6 Source Routing with new innovative IPv6 extension header (SRH) - Each segment is 128 bit • 128bit segments allow limited service semantics to be encoded (NSH not absolutely required anymore) • Larger header overhead tax compared to MPLS encoding • IPv6-only data-plane support • HW forwarding ASIC considerations - Processing long extension headers is computationally expensive • Security consideration: semantics mix of “location” and “context” is good topic for discussion Evolution of Segment Routing # 2 Encoding: 128bits Segments directly into IPv6 Header
  • 9. 9 © Nokia 2019 How does SRv6 Look like Segments (128 bit) with IPv6 encapsulation 8 byte fixed SRH header + (X * 128 bit/segment SRv6 Header (IPv6 Dataplane Encapsulation) Segment Routing Payload (e.g. original IP Packet) Original IP Header Original IP packet payload (variable size) IPv6 Encapsulation (Tunnel/Outer Header) 40 Byte (320 bit) Optional HMAC (Security)40 Byte (320 bit) SRH Extension Header
  • 10. 10 © Nokia 2019 Encoding 128bit Segment How does it look on the wire? IP Packet (v4 or v6) Provider Edge Router Provider BackboneCustomer Site or Data-Center IP Packet (v4 or v6) SR Headers IPv6-Only for SRv6IPv6/IPv4
  • 11. 11 © Nokia 2019 Encoding 128bit Segment How does it look on the wire? IP Packet (v4 or v6) Provider Edge Router Provider BackboneCustomer Site or Data-Center IP Packet (v4 or v6) SR Headers IPv6-Only for SRv6IPv6/IPv4 IP Packet (v4 or v6) IP Packet (v4 or v6) SR Headers HMAC SRH IPv6 Payload 40 byte 8 + (x * 16) byte 40 byte SRv6
  • 12. 12 © Nokia 2019 Encoding 128bit Segment How does it look on the wire? IP Packet (v4 or v6) Provider Edge Router Provider BackboneCustomer Site or Data-Center IP Packet (v4 or v6) SR Headers IPv6-Only for SRv6IPv6/IPv4 IP Packet (v4 or v6) IP Packet (v4 or v6) SR Headers HMAC SRH IPv6 Payload 40 byte 8 + (x * 16) byte 40 byte SRv6 Typical SRv6 overhead properties Typically 8 bytes of overhead (4 bytes are mandatory) Typically, another 16 bytes per SID Routing header with 3 SIDs is 56 bytes long Imposed bandwidth overhead Short packets ( >500) bytes are common on the Internet Routing header with three SIDS may become common > 10% Routing header overhead (https://datatracker.ietf.org/meeting/104/materials/slides-104-spring-the-ipv6-compressed-routing-header-crh-01)*Note1: Reference *Note1 *Note1
  • 13. 13 © Nokia 2019 Encoding 128bit Segment Comparing 128bit vs 32bit encoding IP Packet (v4 or v6) Provider Edge Router Provider BackboneCustomer Site or Data-Center IP Packet (v4 or v6) SR Headers IPv6-Only for SRv6IPv6/IPv4 IP Packet (v4 or v6) IP Packet (v4 or v6) SR Headers HMAC SRH IPv6 Payload 40 byte 8 + (x * 16) byte 40 byte SRv6 IP Packet (v4 or v6) IP Packet (v4 or v6) SR Headers Segments Payload 4 byte/segment MPLS
  • 14. 14 © Nokia 2019 • What we discussed sofar - We have 32bit segments encoded in MPLS dataplane - We have 128bit segments encoded in IPv6 dataplane • So, can we not have 32bit segments encoded using native IPv6 and IPv4? Ofcours we can !!! Evolution of Segment Routing What is next?
  • 15. 15 © Nokia 2019 • Support of 32bit SIDs for IP-based networks • 32bit Segments encoded using UDP header - Outer IPv4 header is 20byte (variable length) and IPv6 header is 40 byte (fixed) - UDP header size is 8 Byte - 32bit Segments sequence will look like MPLS labels - Nothing new and existed for years for MPLS under the technology radar • https://tools.ietf.org/html/draft-ietf-mpls-sr-over-ip-02 • Principle used: - Encode the Segments as a sequence of 32bit Labels encoded inside UDP - Build upon existing technology experience (MPLS), Fast-Path forwarding, Fast-Reroute - Native support for IPv6 and IPv4 dataplane (NO flag day at operator) - Well known and documented security implications - Payload Meta-data is added using NSH (IETF SFC standard technology) Evolution of Segment Routing # 3 Encoding: 32bits Segments directly in SRoUDP (v4 or v6)
  • 16. 16 © Nokia 2019 How does SRoUDP Look like Segments (32 bit) with IP encapsulation Don’t forget about NSH Meta-Data Applications use it (=16 byte for NSH Type1) (>16byte for NSH type 2) 32 bit per Segment SR Header (MPLS Dataplane Encapsulation) Segment Routing Payload (e.g. original IP Packet) Original IP Header Original IP packet payload (variable size) UDP Transport HeaderUDP Header IP Tunnel Encapsulation HeaderIP Outer (Tunnel) Header NSH 8 byte UDP Header 40 byte (IPv6) or 20 byte (IPv4)
  • 17. 17 © Nokia 2019 How does SRoUDP compare with SRv6? Comparing the encoding Each segment is 32 bit Original IP Header Original IP packet payload (variable size) UDP Header IP Tunnel Header (v4 or v6) Optional NSH 8 byte fixed 40 byte (IPv6) or 20 byte (IPv4) 8 byte fixed SRH header + (X * 128 bit/segment) Original IP Header Original IP packet payload (variable size) IPv6 Encapsulation (Tunnel Header) 40 byte Optional HMAC (Security)40 Byte SRH Extension Header Optional NSH SRv6 (128 bit segments) SRoUDP (32 bit segments) SRv6 can use a 128bit Segment encoding for limited meta-data
  • 18. 18 © Nokia 2019 Comparing the encoding: Use-case perspective Approved for Native IPv6 Data-plane transport RFC8354: Use Cases for IPv6 SPRING
  • 19. 19 © Nokia 2019 How does SRoUDP compare with SRv6? Comparing the encoding >10% BW overhead for 500byte packets w/ 3 SID +-4% BW overhead for 500byte packets w/ 3 SID SRv6 Fixed SRH + 3 * SID 8Byte + 3*16Byte 56 Byte 11.2% BW overhead SRoUDP UDP header + 3 * SID 8Byte + 3*4Byte 20 Byte 4% BW overhead For a 500Byte Payload (https://datatracker.ietf.org/meeting/104/materials/slides-104-spring-the-ipv6-compressed-routing-header-crh-01)*Note1: Reference
  • 20. 20 © Nokia 2019 • Seamless Segment Routing support for - Native IPv6 dataplane (SRoUDPv6) - Native MPLS dataplane - (and even native IPv4 Dataplane (SRoUDPv4)) • A Segment Routing 32bit-Segment is mapped to most appropriate data-plane encapsulation (performance, security, availability) - Part of Nokia NF-IX (Network Function Interconnect Framework) - NFIX uses predominant BGP (BGP-LS, BGP-LU, BGP SR-TE, EVPN etc…) as the dominant protocol - NFIX segment routing underlay: Advanced LFA, SRTE tunnels, scale optimization, SDN controller driven - Note: Nokia NFIX architecture allows SRv6 as well if needed/required • Deployment scenario - Sweet spot: Brownfield networks (Fixed and Mobile providers) - Easy integration of existing L2/3 and resiliency services - Deploy proven/secure technology first and seamlessly optimize when appropriate to different types of segments Evolution of Segment Routing - 4 Seamless Segment Routing Encoding
  • 21. 21 © Nokia 2019 • Introduction • Evolution of Segment Routing • Conclusion Agenda
  • 22. 22 © Nokia 2019 Confidential • SRoMPLS & SRoUDP (32bit segments) run over MPLS/IPv4/IPv6 - Good fit for brownfield networks • Can keep using existing MPLS, IPv4 and IPv6 dataplane • No need for forklift upgrade • Seamless across all dataplanes - Small BW overhead imposed by Segment Routing - Forwarding ASIC friendly - Well documented security properties • SRv6 (128bit segments) runs over IPv6 network - Innovative technology fit for IPv6 networks - 128bit segments could contain service/context properties • Simplification: SRv6 may use industry standard NSH header, but not a must anymore - Ongoing work progressed at IETF - Processing long extension headers is computationally expensive • Be aware of forwarding ASIC limitations Conclusion Segment Routing Data-plane encoding