Ever wondered what is segment routing and how SRv6 works?
Are these technologies similar to MPLS or different? Why is SRv6 considered the most flexible transport technology for a service provider?
Then this SRv6 tutorial is for you.
The best way to understand SRv6 is to understand how packet forwarding works in SRv6, but the information is too complex to understand; we will break it down so you can follow it easily.
The fact is that SRv6 is so flexible that many network operators find a way to collapse and integrate multiple layers in the network. Additionally, SRv6 can provide advanced use cases through its ability to provide network programming that goes beyond just routing.
The good news is that SRv6 does not require an end-to-end upgrade of the routers to support SRv6.
As long as the underlay is IPv6, it requires only a few routers at strategic locations to support SRv6. The other routers can work in traditional IPv6 mode, completely unaware of SRv6.
So we start with the introduction about SRv6, its packet architecture, and how it forwards the packet.
Do not worry! This tutorial assumes you do not know anything about SRv6, so we built a foundation for each topic, so you do not need to look for other sources.
Introduction to Segment routing and SRv6? Difference versus SR-MPLS
Segment routing ( SR) is a source-based routing. A source node adds an ordered list of segment IDs ( SIDs) which steers a packet through intermediate routers before the packet reaches its final destination.
When the packet reaches an intermediate router, it just needs to read the next segment ID in the list of SIDs and use that information to forward to the next hop or segment. So the intermediate routers do not need to keep a record of traffic paths to forward traffic; instead, they just read the packet headers on the fly. In other words, SR is completely stateless and lightweight.
A stateless SR, thus, enables traffic engineering in a powerful yet simpler way. That is by configuring a path at the source router without a need for programming a path in the intermediate routers.
Further, SR does require a new protocol to be invented. It is an extension of existing protocols MPLS and IPv6, so it provides a very smooth transition from these transport protocols. These two flavors of SR are called SR-MPLS and SRv6, respectively.
You might be wondering, what modifications need to be done to MPLS and IPv6 for it to change to SR?
There is not a lot:
SR uses precisely the same data plane of MPLS but adds more Labels (20 bits), which now work as Segment identifier Labels (SID labels); these SIDs are like waypoints telling the intermediate router what the next segment to send the traffic to is. Each intermediate router reads the labels one by one and forwards based on
Additionally, from the control plane perspective, SR is simpler than MPLS as it eliminates the need for LDP or RSVP-TE for label distribution, removing protocol complexity.
SRv6, on the other hand, adds an extension header called SRH ( Segment routing header) to the current IPv6 packet. SRH includes IPv6 addresses ( 128 bits) that act as SID labels indicating to the downstream routers where to forward the packet.
Fig: SR-MPLS vs. SRv6
SRv6 detailed packet format
Let’s try to zoom into the SRv6 packet format to see what kind of bytes it has and what is the function of each byte ( as per RFC 8200 and RFC 8754
Let me start with the three most important ones Segment List, Segments Left, and Optional TLV; however, I will describe all other bytes so that you have a reference for them.
Fig: SRv6 packet format
Segment List[n]: 128-bit IPv6 addresses represent the nth segment in the Segment List. This stack of segment lists are IPv6 addresses ( also called SIDs) and tells a router the location where to forward a packet The last segment list, which is segment List(n) in this example, gives the IP address of the first segment where the packet should be forwarded, i.e., the packets are forwarded in a sequence from bottom to top.
Segments Left: Number of route segments remaining, i.e., number of intermediate nodes still remaining before the final destination. It starts with the maximum and decremented to 0 as it reaches the last segment. This will become more clear when I explain with an example below.
Optional TLV objects: ( Metadata, HMAC TLV, Padding TLV, etc.) can be used as the global argument for all the SIDs in the Segment List.
Next Header: Identifies the type of header which immediately follows the Routing header.
Hdr Ext Len: Length of the Routing header in 8-octet units, not including the first eight octets. SRH is one type of Routing header.
Routing Type: A particular Routing header variant. Type 4 indicates this Routing header is an SRH header.
Last Entry: contains the index (zero-based), in the Segment List, of the last element of the Segment List.
Flags: 8 bits of flags. All are Unused currently and for future use.
Tag: tag is like an ID of a packet or group of packets, e.g., packets sharing the same properties.
Network Programming with SRv6
One of the distinguishing features of SRv6 is the use of network programming, which goes far beyond routing.
Here the 128 bits of SID are further divided into locater, function, and Arguments ( Optional).
Locator: While originally 128 bits were used as SID. To optimize the usage of bits, bits were subdivided, so some bits were used for other functions. The “Locator” portion of the SID provides the ID for the segment the packet should be sent to.
Function: Function is a new and innovative feature in SRv6. The function provides SRv6 with network programming capabilities. Any instruction can be inserted here, and that function can be executed when the packet reaches the segment ( thanks to the locator). This is like programming a network thanks to the use of function bits. With the Function feature, many innovative features can be implemented in the network turning it into a programmable plane.
Argument: The optional Argument field can define additional information related to flow or service.
Fig: Network Programming in SRv6
How does SRv6 forward packets?
This section is, in our view, the best part of this guide, as it explains how SRv6 packet forwarding works. If you can understand this, you will understand the core concept of SRv6.
Let’s see how a packet travels in the SRv6 domain.
Fig: SRv6 packet forwarding
- The oval shows the SRv6 domain with all SRv6 routers. However, one of the routers in the middle-S2 does not support SRv6. As the payload enters the SRv6 domain, the S1 router adds two headers- an IPv6 header and an SR header-SRH. The SRH header shows the intended path the packet should travel, S1, S3, S4, and S5 ( IPv6 addresses of the nodes-SIDs), and they are stacked one above the other. S3 is the next SID and is always at the bottom of the stack. IPv6 header ( IP H) includes the IPv6 source address (SA) and IPv6 destination address (DA). The destination address matches the next SID. Segments left (SL) is set to 2 ( one less than the total number of segments)
- As traffic arrives at S2, the router is unaware of the segment routing ( the router does not support SRv6) but aware of IPv6. It can only look at the IPv6 DA and sends the traffic to S3 without changing the packet.
- When the traffic arrives at S3, it can look at the SR header, find SID S3 at the bottom of the stack, and match its own SID. At this stage, it reduces the SL value by 1 to make it SL=1, updates the DA in the IPv6 header to match the next SID in the list, which is S4 and sends it to the S4 router.
- S4 router processes the packet similarly to S3; reduces the SL by 1 to make it zero, updates the DA address to S5, and sends it out to the S5 router. When the S5 router receives the packet, it finds that SL=0 and the bottom SID (S5) match its own SID therefore, it removes the SRH and IPv6 headers from the packet and sends the payload out.
SRv6 Engine with P4 programmable switch by Lanner
Running SRv6 over the P4 programable switch (such as Intel Tofino), which has a stateless nature, brings many benefits, such as scalability.
An example of one such platform is Lanner’s HTCA Platform, which is an intelligent and innovative powerful edge platform with Intel Tofino P4 Programmable switch.
When combined with the partner’s NoviFlow’s NoviFabric, Lanner’s HTCA becomes a powerful SRv6 Engine for edge applications.
Edge needs to run several applications, including switching, routers, packet brokers, and RAN but also security services like DDoS, firewall, IDS, etc. NoviFabric can act as an SRv6 service proxy enabling powerful service chaining on edge VNFs even if they do not support SRv6, while Intel’s Tofino programmable switches can help by offloading some of the workloads from the CPU blades to the switch, thus offering a more scalable solution.
About Lanner white box solutions:
Lanner is one of the leading manufacturers of white box solutions for telecom applications like NFV, SDN, SD-WAN, Radio Access Networks (RAN), core, edge, orchestration, security, etc. Lanner operates in the US through its subsidiary Whitebox Solutions ( whiteboxsolution.com).