Segment Routing (SR) is a tunneling and traffic engineering technology that allows routers to steer traffic along an SR path that may differ from the normal shortest path. An SR path is divided into segments that connect points within the SR domain. Segments are represented by Segment Identifiers (SIDs) that can identify single hops or multiple hops. The SR header or MPLS label stack enumerates the segments in the path to forward packets. SR supports various segment types including adjacency, prefix, anycast, and binding segments. SR provides traffic engineering capabilities and flexibility in path selection within the domain.
This document summarizes a large European service provider's plans for deploying IPv6 across its various networks, including residential, L3 MPLS VPN, and public networks. It discusses challenges around operating multivendor networks with interdependent services. The service provider is taking a dual-stack approach, initially exposing only external-facing services to IPv6. Configuration details are provided for residential broadband network elements like Juniper E320/ERX routers, covering topics like interfaces, routing, subscriber addressing, DNS servers, accounting, and LNS configuration. The goal is a transparent rollout that maintains existing IPv4 customer experiences while introducing IPv6 connectivity.
The advent of Network Function Virtualization (NFV) is dramatically changing the way in which telecommunication networks are designed and operated. Traditional specialized physical appliances are replaced with software modules, called Virtual Network functions(VNFs), running on a virtualization infrastructure made up of general purpose servers. Examples of VNFs categories are NATs (Network Address Translation), firewalls, DPIs (Deep Packet Inspection), IDSs (Intrusion Detection System), load balancers, HTTP proxies. Service Function Chaining (SFC) denotes the process of forwarding packets through the sequence of VNFs. IPv6 Segment Routing (SRv6) is a source routing paradigm that allows to steer packets through an ordered list of VNFs in a simple and scalable manner. In this slides, we present the architecture of SFC using SRv6 for both cases of SRv6-aware and SRv6-unaware VNFs. We provide an open source implementation and easy replicable testbed for the presented work.
Segment routing allows a node to steer a packet through an ordered list of segments encoded in the packet header. Segments represent instructions like forwarding through specific nodes or along certain paths. By encoding the path in packets, segment routing can compute paths centrally and reduce network state.
This document provides an overview of segment routing and how it can enable SDN 2.0. Segment routing uses source routing by encoding a path as a segment list in packet headers. It provides a simple stateless forwarding model and enables edge intelligence with the ability for controllers to program segment lists. Use cases discussed include traffic engineering, fast reroute, and integration with SDN controllers using protocols like PCEP to establish segment routing paths without signaling in the core network.
The Segment Routing Architecture (IEEE Globecom 2015)nagendranainar
Segment routing is a source routing architecture that encodes the forwarding path for a packet as a list of segments in the packet header. Each segment represents an instruction for the packet, such as forwarding to a particular node or applying a service function. The network executes the encoded instructions without per-flow state to provide flexible, scalable, and simple traffic engineering, service chaining, and OAM capabilities.
IPv6 Routing Protocol for Low power and Lossy Networks (RPL) is a routing standard for low-power and lossy networks. It forms directed acyclic graphs to route packets between nodes. RPL uses control messages like DIO, DAO and DIS to construct and maintain upward and downward routes. It supports multipoint-to-point, point-to-multipoint and point-to-point traffic flows. RPL also defines a source routing header to support downward routes in non-storing mode and between RPL instances.
Slides supporting the "Computer Networking: Principles, Protocols and Practice" ebook. The slides can be freely reused to teach an undergraduate computer networking class using the open-source ebook.
MPLS WC 2014 Segment Routing TI-LFA Fast ReRouteBruno Decraene
This document discusses Topology Independent LFA (TI-LFA), a fast reroute technique that provides 100% node and link protection using Segment Routing. It begins by outlining requirements for fast reroute, then introduces TI-LFA which computes the post-convergence path and encodes it as a loop-free Segment Routing path. The document analyzes applicability on Orange network topologies and presents simulation results showing TI-LFA achieves low stack depth and path compression. It concludes that TI-LFA is a scalable solution that meets requirements by providing optimal fast reroute paths without side effects.
This document summarizes a large European service provider's plans for deploying IPv6 across its various networks, including residential, L3 MPLS VPN, and public networks. It discusses challenges around operating multivendor networks with interdependent services. The service provider is taking a dual-stack approach, initially exposing only external-facing services to IPv6. Configuration details are provided for residential broadband network elements like Juniper E320/ERX routers, covering topics like interfaces, routing, subscriber addressing, DNS servers, accounting, and LNS configuration. The goal is a transparent rollout that maintains existing IPv4 customer experiences while introducing IPv6 connectivity.
The advent of Network Function Virtualization (NFV) is dramatically changing the way in which telecommunication networks are designed and operated. Traditional specialized physical appliances are replaced with software modules, called Virtual Network functions(VNFs), running on a virtualization infrastructure made up of general purpose servers. Examples of VNFs categories are NATs (Network Address Translation), firewalls, DPIs (Deep Packet Inspection), IDSs (Intrusion Detection System), load balancers, HTTP proxies. Service Function Chaining (SFC) denotes the process of forwarding packets through the sequence of VNFs. IPv6 Segment Routing (SRv6) is a source routing paradigm that allows to steer packets through an ordered list of VNFs in a simple and scalable manner. In this slides, we present the architecture of SFC using SRv6 for both cases of SRv6-aware and SRv6-unaware VNFs. We provide an open source implementation and easy replicable testbed for the presented work.
Segment routing allows a node to steer a packet through an ordered list of segments encoded in the packet header. Segments represent instructions like forwarding through specific nodes or along certain paths. By encoding the path in packets, segment routing can compute paths centrally and reduce network state.
This document provides an overview of segment routing and how it can enable SDN 2.0. Segment routing uses source routing by encoding a path as a segment list in packet headers. It provides a simple stateless forwarding model and enables edge intelligence with the ability for controllers to program segment lists. Use cases discussed include traffic engineering, fast reroute, and integration with SDN controllers using protocols like PCEP to establish segment routing paths without signaling in the core network.
The Segment Routing Architecture (IEEE Globecom 2015)nagendranainar
Segment routing is a source routing architecture that encodes the forwarding path for a packet as a list of segments in the packet header. Each segment represents an instruction for the packet, such as forwarding to a particular node or applying a service function. The network executes the encoded instructions without per-flow state to provide flexible, scalable, and simple traffic engineering, service chaining, and OAM capabilities.
IPv6 Routing Protocol for Low power and Lossy Networks (RPL) is a routing standard for low-power and lossy networks. It forms directed acyclic graphs to route packets between nodes. RPL uses control messages like DIO, DAO and DIS to construct and maintain upward and downward routes. It supports multipoint-to-point, point-to-multipoint and point-to-point traffic flows. RPL also defines a source routing header to support downward routes in non-storing mode and between RPL instances.
Slides supporting the "Computer Networking: Principles, Protocols and Practice" ebook. The slides can be freely reused to teach an undergraduate computer networking class using the open-source ebook.
MPLS WC 2014 Segment Routing TI-LFA Fast ReRouteBruno Decraene
This document discusses Topology Independent LFA (TI-LFA), a fast reroute technique that provides 100% node and link protection using Segment Routing. It begins by outlining requirements for fast reroute, then introduces TI-LFA which computes the post-convergence path and encodes it as a loop-free Segment Routing path. The document analyzes applicability on Orange network topologies and presents simulation results showing TI-LFA achieves low stack depth and path compression. It concludes that TI-LFA is a scalable solution that meets requirements by providing optimal fast reroute paths without side effects.
Segment Routing is a source routing architecture that embeds instructions, called segments, directly in the packet. This allows packets to be steered through specific paths in the network by prepending or stitching segment IDs. Segment Routing simplifies network operations by removing the need for signaling, label distribution, and per-flow state. Paths can either be computed distributively using IGP flooding of segment IDs, or explicitly programmed by a controller. This provides flexibility to engineers while keeping the forwarding plane stateless and simple.
1. The document discusses scaling networks using segment routing. It describes using a PCE server to collect topology and SID information via BGP-LS to compute paths on demand.
2. An NSO controller is used to configure services, and nodes can request path computations from the PCE server if they do not already have an LSP to reach another node.
3. Examples are given for intra-domain and inter-domain routing using SIDs, including assigning SRGB ranges to different domains. The PCE server can compute multi-domain paths with TE optimization across the different routing domains.
This document discusses advanced topics related to BGP routing protocols. It covers scaling iBGP to large networks using techniques like route reflectors and confederations. Route reflectors allow a network to be divided into clusters with designated routers reflecting routes between clusters, reducing the full iBGP mesh. This improves scaling by lowering configuration and resource overhead on each router. The document also examines how iBGP and the BGP decision process interact with the IGP to determine optimal routes and influence traffic flow.
RPL - Routing Protocol for Low Power and Lossy NetworksPradeep Kumar TS
RPL is a distance vector routing protocol designed for low power and lossy networks. It forms a Destination Oriented Directed Acyclic Graph (DODAG) topology with the root node at the top. Nodes in the RPL network are assigned a rank based on their position relative to the DODAG root, with downward routes following increasing ranks and upward routes following decreasing ranks. RPL uses DIO, DIS, DAO, DAO-ACK and CC control messages to construct and maintain the DODAG topology as well as advertise routes and ensure consistency.
Segment Routing for IPv6 provides a summary as follows:
1. Segment Routing allows IPv6 networks to benefit from traffic engineering and VPN capabilities by using a new Segment Routing Header (SRH) to encode a source routed path as a list of segments in the packet header.
2. The SRH contains the segment list, segments left index, and other fields to steer the packet through the segments. At each segment endpoint, the destination address is updated to the next segment.
3. Segment Routing leverages the existing IPv6 source routing model and provides security through the SRH, addressing concerns that led to deprecation of other routing headers. When deployed within a domain, it can validate
TechWiseTV Workshop: Segment Routing for the DatacenterRobb Boyd
(This was a Live Webinar on July 21, 2016 at 10:00 am Pacific Time / 1:00 pm Eastern Time)
Watch the Replay at: bit.ly/29Mw58Q
Catch the original TV episode or any other topics at www.techwisetv.com
Description:
Networks are moving toward simplification, increased operational efficiency, and programmability using technologies such as software-defined networking. Cisco continues to demonstrate innovation by introducing the concept of segment routing in the data center, making the network more intelligent and adaptive to the applications running on top of it. Segment routing delivers application-optimized network transport. Encoding the path information directly at the source (that is, either at the virtual switch or at the top of rack) and using per-app policies, segment routing puts control in the hands of the network operators by empowering them to create secure, adaptive, and optimal paths based on the requirements of the application itself.
Please join us in the session to learn how Cisco is helping organizations increase network efficiency by allocating resources on demand and optimizing the network to better support business-critical applications, all while preserving security.
Agenda
Topics to discuss include:
- Introducing segment routing
- Why the need for application-optimized transport
- Features and benefits of segment routing
- Differences between segment routing and MPLS transport
- Relevance of segment routing in the data center
- Use cases and applicability of segment routing
- Summary and conclusion
MPLS SDN 2016 - Microloop avoidance with segment routingStephane Litkowski
The document discusses micro-loops in networks and how segment routing can be used to avoid them. Micro-loops are a natural phenomenon in hop-by-hop routed networks caused by transient disagreements between routers during convergence. Segment routing allows building a temporary loop-free path using a two-stage convergence - first using a precomputed loop-free label stack, then switching to the standard path once convergence is complete. This approach could help address issues caused by micro-loops like broken fast reroute and traffic loss.
Slides for lecturing in Alpha Networks Inc.
Introduce the routing mechanism in Trellis, namely Segment Routing, from the upper side of application design
and ONOS core functions, to the lower side of fabric pipelines and flows on OFDPA.
The document discusses using Segment Routing (SR) for Traffic Engineering (TE) in networks currently using MPLS-TE. It describes how SR overcomes scalability issues in MPLS-TE by removing the need for per-flow state and tunnel signaling. The thesis work aims to enhance the SR-TE model to provide Quality of Service commitments by using a Path Computation Element (PCE) to compute paths based on network state and computing constraints. Maintaining accurate network state at the PCE is challenging due to the lack of signaling and reservation in SR.
IPv6 Segment Routing is a major IPv6 extension that provides a modern version of source routing that is currently being developed within the Internet Engineering Task Force (IETF). We propose the first open-source implementation of IPv6 Segment Routing in the Linux kernel. We first describe it in details and explain how it can be used on both endhosts and routers. We then evaluate and compare its performance with plain IPv6 packet forwarding in a lab environment. Our measurements indicate that the performance penalty of inserting IPv6 Segment Routing Headers or encapsulat- ing packets is limited to less than 15%. On the other hand, the optional HMAC security feature of IPv6 Segment Routing is costly in a pure software implementation. Since our implementation has been included in the official Linux 4.10 kernel, we expect that it will be extended by other researchers for new use cases.
Presented at ANRW'17 https://irtf.org/anrw/2017/program.html on behalf of David Lebrun
SDN traffic engineering provides a simpler and more optimal approach compared to traditional offline and on-device traffic engineering. It uses segment routing to encode paths, push-based telemetry for real-time traffic matrices, and an SDN controller running a traffic engineering application to optimize paths network-wide in a centralized manner. This approach alleviates congestion, uses as few tunnels as necessary, and easily adapts to failures or network changes.
Part 10 : Routing in IP networks and interdomain routing with BGPOlivier Bonaventure
This document discusses routing in IP networks and interdomain routing with BGP. It begins by covering intradomain routing protocols like RIP and OSPF, then discusses interdomain routing and the exterior gateway protocol BGP. BGP allows domains to exchange routing information and select paths between domains while applying each domain's routing policies.
1. The document discusses network and computing bandwidth demands increasing exponentially over the next decade, requiring network designs to double bandwidth every 18 months for networks and 24 months for computing.
2. It addresses challenges in network design from these increasing demands, such as needing larger routers, more routers to avoid overloading domains, and seamless services across different network segments.
3. The role of segment routing and traffic engineering is discussed for optimizing network capacity and meeting policies around high bandwidth paths, low latency paths, and avoiding congested network resources.
Segment routing is a technology that is gaining popularity as a way to simplify MPLS networks. It has the benefits of interfacing with software-defined networks and allows for source-based routing. It does this without keeping state in the core of the network and needless to use LDP and RSVP-TE.
The document discusses IPv6 and the transition from IPv4 to IPv6. It provides details about:
- The author who manages the IIT Kanpur campus network and internet services.
- Reasons for adopting IPv6 like shortage of IPv4 addresses and new features in IPv6.
- Elements of IPv6 including the 128-bit address format, address types and scopes, stateless and stateful address autoconfiguration, routing, and neighbor discovery.
- Transition mechanisms from IPv4 to IPv6 like dual stack, tunnels, and translation.
- Current status of IPv6 deployment and recommended steps for migration including checking IPv6 compliance and planning IPv6 addressing.
The document describes the Ad Hoc On-Demand Distance Vector (AODV) routing protocol. AODV is designed for mobile ad hoc networks and uses route discovery and maintenance to dynamically discover and maintain routes. It uses sequence numbers to determine freshness of routing information and broadcasts RREQ, RREP, RERR and HELLO messages for route discovery, maintenance and link status monitoring.
Traffic Engineering Using Segment Routing Cisco Canada
1) The document discusses using segment routing for traffic engineering. It provides an overview of segment routing technology, use cases, control and data plane operations, and how segment routing can be used for traffic engineering.
2) Key aspects covered include how segment routing works by encoding a path as an ordered list of segments, different types of segments (IGP prefixes, adjacencies, BGP), and how this allows for application-engineered end-to-end paths.
3) Traffic engineering with segment routing provides explicit routing, supports constraint-based routing without needing RSVP-TE, and uses existing IGP extensions to advertise link attributes.
This document provides an overview of segment routing concepts and the segment routing control plane. It discusses the different types of segments including adjacency segments, prefix segments, node segments, and anycast segments. It describes how segments are advertised using IS-IS or OSPF extensions and how the segment routing global block (SRGB) is used to assign unique labels. The document also covers how segments can be combined to steer traffic on arbitrary paths through the network.
Segment Routing is a new technology that encodes the forwarding path in packet headers. It uses IGP extensions for control plane signaling. IS-IS extensions include new TLVs and sub-TLVs to advertise prefix and adjacency SIDs that define the segments of a path. Prefix SIDs are advertised in reachability TLVs along with an optional prefix-SID sub-TLV. Adjacency SIDs are advertised in IS neighbor TLVs using the adjacency-SID sub-TLV.
Segment Routing is a source routing architecture that embeds instructions, called segments, directly in the packet. This allows packets to be steered through specific paths in the network by prepending or stitching segment IDs. Segment Routing simplifies network operations by removing the need for signaling, label distribution, and per-flow state. Paths can either be computed distributively using IGP flooding of segment IDs, or explicitly programmed by a controller. This provides flexibility to engineers while keeping the forwarding plane stateless and simple.
1. The document discusses scaling networks using segment routing. It describes using a PCE server to collect topology and SID information via BGP-LS to compute paths on demand.
2. An NSO controller is used to configure services, and nodes can request path computations from the PCE server if they do not already have an LSP to reach another node.
3. Examples are given for intra-domain and inter-domain routing using SIDs, including assigning SRGB ranges to different domains. The PCE server can compute multi-domain paths with TE optimization across the different routing domains.
This document discusses advanced topics related to BGP routing protocols. It covers scaling iBGP to large networks using techniques like route reflectors and confederations. Route reflectors allow a network to be divided into clusters with designated routers reflecting routes between clusters, reducing the full iBGP mesh. This improves scaling by lowering configuration and resource overhead on each router. The document also examines how iBGP and the BGP decision process interact with the IGP to determine optimal routes and influence traffic flow.
RPL - Routing Protocol for Low Power and Lossy NetworksPradeep Kumar TS
RPL is a distance vector routing protocol designed for low power and lossy networks. It forms a Destination Oriented Directed Acyclic Graph (DODAG) topology with the root node at the top. Nodes in the RPL network are assigned a rank based on their position relative to the DODAG root, with downward routes following increasing ranks and upward routes following decreasing ranks. RPL uses DIO, DIS, DAO, DAO-ACK and CC control messages to construct and maintain the DODAG topology as well as advertise routes and ensure consistency.
Segment Routing for IPv6 provides a summary as follows:
1. Segment Routing allows IPv6 networks to benefit from traffic engineering and VPN capabilities by using a new Segment Routing Header (SRH) to encode a source routed path as a list of segments in the packet header.
2. The SRH contains the segment list, segments left index, and other fields to steer the packet through the segments. At each segment endpoint, the destination address is updated to the next segment.
3. Segment Routing leverages the existing IPv6 source routing model and provides security through the SRH, addressing concerns that led to deprecation of other routing headers. When deployed within a domain, it can validate
TechWiseTV Workshop: Segment Routing for the DatacenterRobb Boyd
(This was a Live Webinar on July 21, 2016 at 10:00 am Pacific Time / 1:00 pm Eastern Time)
Watch the Replay at: bit.ly/29Mw58Q
Catch the original TV episode or any other topics at www.techwisetv.com
Description:
Networks are moving toward simplification, increased operational efficiency, and programmability using technologies such as software-defined networking. Cisco continues to demonstrate innovation by introducing the concept of segment routing in the data center, making the network more intelligent and adaptive to the applications running on top of it. Segment routing delivers application-optimized network transport. Encoding the path information directly at the source (that is, either at the virtual switch or at the top of rack) and using per-app policies, segment routing puts control in the hands of the network operators by empowering them to create secure, adaptive, and optimal paths based on the requirements of the application itself.
Please join us in the session to learn how Cisco is helping organizations increase network efficiency by allocating resources on demand and optimizing the network to better support business-critical applications, all while preserving security.
Agenda
Topics to discuss include:
- Introducing segment routing
- Why the need for application-optimized transport
- Features and benefits of segment routing
- Differences between segment routing and MPLS transport
- Relevance of segment routing in the data center
- Use cases and applicability of segment routing
- Summary and conclusion
MPLS SDN 2016 - Microloop avoidance with segment routingStephane Litkowski
The document discusses micro-loops in networks and how segment routing can be used to avoid them. Micro-loops are a natural phenomenon in hop-by-hop routed networks caused by transient disagreements between routers during convergence. Segment routing allows building a temporary loop-free path using a two-stage convergence - first using a precomputed loop-free label stack, then switching to the standard path once convergence is complete. This approach could help address issues caused by micro-loops like broken fast reroute and traffic loss.
Slides for lecturing in Alpha Networks Inc.
Introduce the routing mechanism in Trellis, namely Segment Routing, from the upper side of application design
and ONOS core functions, to the lower side of fabric pipelines and flows on OFDPA.
The document discusses using Segment Routing (SR) for Traffic Engineering (TE) in networks currently using MPLS-TE. It describes how SR overcomes scalability issues in MPLS-TE by removing the need for per-flow state and tunnel signaling. The thesis work aims to enhance the SR-TE model to provide Quality of Service commitments by using a Path Computation Element (PCE) to compute paths based on network state and computing constraints. Maintaining accurate network state at the PCE is challenging due to the lack of signaling and reservation in SR.
IPv6 Segment Routing is a major IPv6 extension that provides a modern version of source routing that is currently being developed within the Internet Engineering Task Force (IETF). We propose the first open-source implementation of IPv6 Segment Routing in the Linux kernel. We first describe it in details and explain how it can be used on both endhosts and routers. We then evaluate and compare its performance with plain IPv6 packet forwarding in a lab environment. Our measurements indicate that the performance penalty of inserting IPv6 Segment Routing Headers or encapsulat- ing packets is limited to less than 15%. On the other hand, the optional HMAC security feature of IPv6 Segment Routing is costly in a pure software implementation. Since our implementation has been included in the official Linux 4.10 kernel, we expect that it will be extended by other researchers for new use cases.
Presented at ANRW'17 https://irtf.org/anrw/2017/program.html on behalf of David Lebrun
SDN traffic engineering provides a simpler and more optimal approach compared to traditional offline and on-device traffic engineering. It uses segment routing to encode paths, push-based telemetry for real-time traffic matrices, and an SDN controller running a traffic engineering application to optimize paths network-wide in a centralized manner. This approach alleviates congestion, uses as few tunnels as necessary, and easily adapts to failures or network changes.
Part 10 : Routing in IP networks and interdomain routing with BGPOlivier Bonaventure
This document discusses routing in IP networks and interdomain routing with BGP. It begins by covering intradomain routing protocols like RIP and OSPF, then discusses interdomain routing and the exterior gateway protocol BGP. BGP allows domains to exchange routing information and select paths between domains while applying each domain's routing policies.
1. The document discusses network and computing bandwidth demands increasing exponentially over the next decade, requiring network designs to double bandwidth every 18 months for networks and 24 months for computing.
2. It addresses challenges in network design from these increasing demands, such as needing larger routers, more routers to avoid overloading domains, and seamless services across different network segments.
3. The role of segment routing and traffic engineering is discussed for optimizing network capacity and meeting policies around high bandwidth paths, low latency paths, and avoiding congested network resources.
Segment routing is a technology that is gaining popularity as a way to simplify MPLS networks. It has the benefits of interfacing with software-defined networks and allows for source-based routing. It does this without keeping state in the core of the network and needless to use LDP and RSVP-TE.
The document discusses IPv6 and the transition from IPv4 to IPv6. It provides details about:
- The author who manages the IIT Kanpur campus network and internet services.
- Reasons for adopting IPv6 like shortage of IPv4 addresses and new features in IPv6.
- Elements of IPv6 including the 128-bit address format, address types and scopes, stateless and stateful address autoconfiguration, routing, and neighbor discovery.
- Transition mechanisms from IPv4 to IPv6 like dual stack, tunnels, and translation.
- Current status of IPv6 deployment and recommended steps for migration including checking IPv6 compliance and planning IPv6 addressing.
The document describes the Ad Hoc On-Demand Distance Vector (AODV) routing protocol. AODV is designed for mobile ad hoc networks and uses route discovery and maintenance to dynamically discover and maintain routes. It uses sequence numbers to determine freshness of routing information and broadcasts RREQ, RREP, RERR and HELLO messages for route discovery, maintenance and link status monitoring.
Traffic Engineering Using Segment Routing Cisco Canada
1) The document discusses using segment routing for traffic engineering. It provides an overview of segment routing technology, use cases, control and data plane operations, and how segment routing can be used for traffic engineering.
2) Key aspects covered include how segment routing works by encoding a path as an ordered list of segments, different types of segments (IGP prefixes, adjacencies, BGP), and how this allows for application-engineered end-to-end paths.
3) Traffic engineering with segment routing provides explicit routing, supports constraint-based routing without needing RSVP-TE, and uses existing IGP extensions to advertise link attributes.
This document provides an overview of segment routing concepts and the segment routing control plane. It discusses the different types of segments including adjacency segments, prefix segments, node segments, and anycast segments. It describes how segments are advertised using IS-IS or OSPF extensions and how the segment routing global block (SRGB) is used to assign unique labels. The document also covers how segments can be combined to steer traffic on arbitrary paths through the network.
Segment Routing is a new technology that encodes the forwarding path in packet headers. It uses IGP extensions for control plane signaling. IS-IS extensions include new TLVs and sub-TLVs to advertise prefix and adjacency SIDs that define the segments of a path. Prefix SIDs are advertised in reachability TLVs along with an optional prefix-SID sub-TLV. Adjacency SIDs are advertised in IS neighbor TLVs using the adjacency-SID sub-TLV.
This presentation discusses Segment Routing over IPv6 (SRv6) and the Network Programming Model. It provides an overview of what SRv6 is, how it works, and how the Network Programming Model can be used for applications like VPNs, SD-WANs, and service function chaining. The presentation also covers SRv6 standardization efforts, open source implementations, and areas of ongoing research.
MPLS enables packets to be forwarded based on labels rather than IP addresses. PE routers add labels to incoming packets and remove labels from outgoing packets. P routers swap or pop labels to forward packets. MPLS with L3 VPN allows private networks in different locations to communicate securely over a shared infrastructure by associating routes with virtual routing instances (VRFs) and advertising them using BGP. An example configuration shows VRF and BGP configuration, along with commands to view MPLS label bindings and packet forwarding information.
Presentation given at MPLS+SDN+NFVWORLD 2019 in Paris that shows how network architects can leverage the support for IPv6 Segment that is included in the Linux kernel to develop new end-to-end services that use IPv6 Segment Routing on clients, routers and servers.
Moved to https://speakerdeck.com/ebiken/zebra-srv6-cli-on-linux-dataplane-enog-number-49
Introduction to SRv6, Linux SRv6 implementation and how to add SRv6 CLI to Zebra 2.0 Open Source Network Operation Stack.
Presented at ENOG (Echigo NOG) #49.
This session provides an overview of the Next Generation Network Architecture with Segment Routing technology that helps Service Providers to simplify the network. You will get an understanding of the basic concepts behind the technology and its wide applicability ranging from simple transport for MPLS services, disjoint routing, traffic engineering and its benefits in the context of software defined networking. Previous knowledge of IP routing and MPLS is beneficial to understand Segment Routing.
Segment Routing over IPv6 (SRv6) is an architecture based on the source routing paradigm that seeks the right balance between distributed (network-wide) intelligence and centralized (controller-based) programmability. Using SRv6, network devices have complete control over the forwarding paths and the network functions to be applied to packets, by combining simple network instructions. Moreover, applications can become SRv6 aware and gain control over the network-wide forwarding and processing of packets. SRv6 technology has been implemented in hardware by different vendors (e.g. CISCO, Huawei, Barefoot), in software (e.g. Linux kernel networking) and in software with I/O acceleration (e.g. FD.io Vector Packet Processing using DPDK). Several large scale deployments of SRv6 have been rolled out in 2019 (including Softbank, Iliad, ChinaTelecom, China Unicom), see https://tools.ietf.org/html/draft-matsushima-spring-srv6-deployment-status. This tutorial will provide a quick introduction to SRv6 architecture and protocols and will illustrate the design and implementation of SRv6 services with hands-on examples. The hands-on part will be based on the open-source SRv6 ecosystem developed in the ROSE project: https://netgroup.github.io/rose/
The document provides an overview of IPv6 including:
- Why IPv6 was created due to IPv4 address exhaustion and other limitations
- Key aspects of the IPv6 protocol such as larger 128-bit addresses, simplified fixed-length header, and extension headers
- Main IPv6 address types including global unicast, link-local, unique local, and multicast addresses
- Protocols that support IPv6 including Neighbor Discovery Protocol (NDP), ICMPv6, and DHCPv6
- Methods for transitioning from IPv4 to IPv6 including dual stack and tunneling technologies.
The document discusses routing protocols in IP networks and interdomain routing. It provides an overview of IPv6 neighbor discovery, routing protocols RIP and OSPF, and interdomain routing with BGP. Key concepts covered include how routers discover each other on the local link, distance vector and link-state routing, using areas in OSPF, and the path vector exchange in BGP to choose optimal routes between autonomous systems.
This 3-day routing workshop covers key routing concepts including IP routing, routing protocols, IPv6 addressing, and hands-on exercises. Participants will learn about interior routing protocols like OSPF, exterior routing protocols like BGP, routing attributes, path selection, and scaling techniques. Hands-on labs will provide experience with router configuration, OSPF, iBGP, eBGP, route reflectors, and Internet exchange policies. The goal is to give attendees a solid foundation in routing fundamentals and operations.
This document summarizes several network layer protocols and concepts:
- It describes protocols like IPv4, IPv6, DHCP, ICMP, Mobile IP, NAT, routing, multicast routing, AS, DVR, RIP, LSR, OSPF, DVMRP, PIM, BGP and their functions and characteristics.
- It also explains related concepts such as unicast and multicast routing, autonomous systems, and BGP autonomous system relationships.
This document provides an overview of IPv6 including its history, addressing formats, integration strategies with IPv4, application development considerations, and troubleshooting tips. IPv6 was developed to address the limited address space of IPv4 and enable new features. It uses a 128-bit address space compared to 32-bits in IPv4. Popular transition technologies like dual-stack, 6to4 tunnels, and Teredo tunnels are discussed for integrating IPv6 into existing IPv4 networks. Application developers need to support both address families using new socket functions and data structures.
The document discusses performance measurements of MPLS traffic engineering and QoS. It provides background on traditional IP routing and its disadvantages, and explains the need for MPLS to address issues like traffic engineering, QoS, and scalability. Key MPLS concepts covered include FEC, LER, LSR, LSP, labels, label switching, label stacking, LIB tables, and the forwarding process. Traditional IP routing is compared to MPLS forwarding.
The document discusses SRv6 (Segment Routing IPv6) network programming and deployment use cases. It provides an overview of SRv6, including how it encodes the network path in packet headers, its scalability benefits, and support across industry. Specific functions of SRv6 LocalSIDs are explained, along with examples of fast reroute protection, traffic engineering, VPN overlays, and centralized vs distributed control planes. SRv6 is proposed as a simplification that can eliminate protocols for various use cases.
This document provides an overview of wide area networks (WANs) and common WAN technologies. It defines WAN terminology like customer premises equipment and demarcation. It describes different WAN connection types and protocols like HDLC, PPP, Frame Relay and VPNs. PPP is examined in detail, including its components, establishment process and authentication methods. Frame Relay is also covered in depth, discussing its encapsulation, DLCI addressing, subinterfaces, mapping and monitoring. Troubleshooting tips are provided for common Frame Relay issues. Finally, an introduction to VPN technologies is given for remote access, site-to-site and extranet deployments.
EIGRP and OSPF are routing protocols. EIGRP uses the DUAL algorithm and metric to select fast, loop-free routes. It supports multiple network layers and rapid convergence. OSPF is an open standard link-state protocol that provides a common network view and calculates the shortest path. It can route between autonomous systems and uses link state updates and SPF algorithm. Configuring OSPF involves assigning networks to areas and defining the routing process. Verification includes checking neighbors, routes, and topology tables.
EIGRP and OSPF are routing protocols. EIGRP uses the DUAL algorithm and metric to select fast, loop-free routes. It supports multiple network layers and rapid convergence. OSPF is an open standard link-state protocol that provides a common network view and calculates the shortest path. It can route between autonomous systems and uses link state updates and SPF algorithm. Configuring OSPF involves assigning networks to areas and defining the routing process. Verification includes checking neighbors, routes, and topology tables.
- Open Shortest Path First (OSPF) is a link-state routing protocol that can be used for both small and large networks. It uses areas and hierarchical network design to reduce routing overhead and improve performance as the network scales.
- OSPF establishes neighbor relationships to exchange routing information. It elects a Designated Router and Backup Designated Router to optimize this exchange on multi-access networks. Link-state databases are synchronized between neighbors to calculate the shortest paths.
- Basic OSPF configuration involves enabling OSPF on interfaces and networks, setting authentication, and adjusting metrics and timers. Loopback interfaces ensure router IDs remain stable. Verification commands display neighbor relationships and routing tables.
This document discusses various techniques for IPv6 transition and coexistence with IPv4, including:
- Dual-stack which allows simultaneous support of both IPv4 and IPv6.
- Tunnels which encapsulate IPv6 packets in IPv4 packets to provide IPv6 connectivity through IPv4 networks.
- Translation techniques like NAT64 which allow communication between IPv4-only and IPv6-only nodes.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
“An Outlook of the Ongoing and Future Relationship between Blockchain Technologies and Process-aware Information Systems.” Invited talk at the joint workshop on Blockchain for Information Systems (BC4IS) and Blockchain for Trusted Data Sharing (B4TDS), co-located with with the 36th International Conference on Advanced Information Systems Engineering (CAiSE), 3 June 2024, Limassol, Cyprus.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Speck&Tech
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
20 Comprehensive Checklist of Designing and Developing a WebsitePixlogix Infotech
Dive into the world of Website Designing and Developing with Pixlogix! Looking to create a stunning online presence? Look no further! Our comprehensive checklist covers everything you need to know to craft a website that stands out. From user-friendly design to seamless functionality, we've got you covered. Don't miss out on this invaluable resource! Check out our checklist now at Pixlogix and start your journey towards a captivating online presence today.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
2. AKA: SPRING
• IETF Standardization
– Source Packet Routing In Networking
(SPRING) WG
– ISIS, OSPF, IDR and MPLS WGs
3. What is SR?
• A tunneling technology
– Encapsulates a packet within a header
– Forwards packet based upon encapsulating header
• A Traffic Engineering (TE) technology
– Allows a router to steer traffic along an SR path
– Path can be different from the least cost path
• Maybe more?
– Innovative new applications to be discovered
4. Terminology
• An SR domain is a collection of SR capable
devices
– Roles: Ingress, transit, egress
– May be mixed with non-SR-capable transit devices
• An SR Path
– Connects an SR ingress to an SR egress
– Can be different from the least cost path
– Contains one or more SR Segments
5. More Terminology
• An SR Segment
– Connects two points within the SR domain
– Can traverse one or more router hops
– Is represented by a Segment Identifier (SID)
• A Segment Identifier (SID)
– Identifies the path fragment that the packet follows
– Can have node-local or domain-wide (a.k.a., global)
significance
8. Traditional TE Approaches
• Encode path information in the packet
– Packet header enumerates every hop in the path
– No path information stored in the network
– Example: IPv4 with Strict Source Routing Option
• Store path information in the network
– Packet header contains exactly one path identifier
– No further path information is encoded in the packet
– Example: RSVP-signaled MPLS
9. Hybrid TE Approach
• Path is divided into segments
– Segment contains one or more router hops
• Packet header enumerates each segment in the path
– But it does not necessarily enumerate every node
• Network contains enough state to forward the packet
through multi-node segments
• Examples
– IPv4 Loose Source Routing Option
– IPv6 Routing Extension Header
– Segment Routing
10. The SR TE Approach
• SR defines multiple segment types
– Some types traverse one router hop
– Some types traverse multiple router hops
• SR header enumerates each segment in the
path
– But not necessarily each node
• Network contains enough information to route a
packet through a multi-hop segment
11. Basic Segment Types
• Adjacency (single router hop)
– Represents an IGP adjacency
• Prefix (one or more hops)
– Represents IGP least cost path to a prefix
• Anycast (one or more hops)
– Represents IGP least cost path to a non-unique prefix
• Binding
– Represents a tunnel (e.g., RSVP-signaled LSP)
12. Additional Segment Types
• Additional segment types are being proposed
– Support new SR applications
• In this tutorial, we will focus on prefix and
adjacency segments
• Gentle introduction to anycast and binding
segments
13. SR Encapsulation
• MPLS
– SR header is an MPLS label stack
– Each label in the stack represents a segment
• IPv6
– SR Header is an IPv6 header with a Segment Routing
Extension Header (SRH)
– SRH contains a list of IPv6 addresses
– Each IPv6 address represents a segment
15. Local Labels
• Some SIDs have node-local significance
– Nodes automatically allocate local SIDs from a free
pool
– Nodes map local SIDs to local labels
– No need for domain-wide co-ordination
– Example: SIDs representing adjacency segments
16. R1-R4: Adjacency Segments
R1 R2 R3
R7
R4
R5 R6
R1 IGP advertisement
Local label:81, link to R2
Local label:82, link to R4
R2 IGP advertisement
Local label:81, link to R1
Local label:82, link to R3
Local label:83, link to R5
R3 IGP advertisement
Local label:81, link to R2
Local label:82, link to R6
Local label:83, link to R7
R7 IGP advertisement
Local label:81, link to R3
Local label:82, link to R6
R4 IGP advertisement
Local label:81, link to R1
Local label:82, link to R5
R5 IGP advertisement
Local label:81, link to R2
Local label:82, link to R4
Local label:83, link to R6
R6 IGP advertisement
Local label:81, link to R3
Local label:82, link to R5
Local label:83, link to R7
82
82
82
pay
load
83
82
82
82
pay
load
82
82
pay
load
pay
load
82
pay
load
82
83
82
82
82
pay
load
17. Global Labels
• Some SIDs have domain-wide significance
– Domain-wide coordination required
– SIDs are allocated in a manner similar to that used for
private IP (RFC 1918) addresses
– Example: SIDs representing prefix segments
• Each node reserves an SR Global Block (SRGB)
– SID is an offset into this block
– Global label equals SRGB base plus SID
22. Modes
• Canonical modes
– Source node includes a routing extension header between the
IPv6 header and payload
– SR ingress router encapsulates payload in an IPv6 header that
includes a routing extension header
• Non-canonical mode
– SR ingress inserts a routing extension header between the IPv6
header and payload
• In all cases, the routing extension header represents the
SR Path
23. Segment Routing Header (SRH) : (1 of 6)
Source
2001:db8:0:1::1
SRv6 Ingress
2001:db8:0:1::2
SRv6 Egress
2001:db8:0:1::4
SRv6 Router
2001:db8:0:1::3
Destination
2001:db8:0:1::5
255
Destination Address
Source Address
Hop Limit
Next HDR
Payload Length
DSCP Flow Label
Ver
IPv6
HEADER
TCP Header
40
2001:db8:0:1::5
2001:db8:0:1::1
TCP
SR
Domain
24. Source
2001:db8:0:1::1
SRv6 Ingress
2001:db8:0:1::2
SRv6 Egress
2001:db8:0:1::4
SRv6 Router
2001:db8:0:1::3
Destination
2001:db8:0:1::5
255
Destination Address
Source Address
Hop Limit
Next HDR
Payload Length
DSCP Flow Label
Ver
IPv6
HEADER
Segment
Routing
Extension
Header
Payload
(TCP/IPv6)
HDR Type
56
Length
TCP
Next HDR
4
Seg Left
Flags
Last Entry
Segment 0
Tag
Segment 1
Segment 2
2001:db8:0:1::4
2001:db8:0:1::3
2001:db8:0:1::2
136
2001:db8:0:1::3
SRH
1
2
2001:db8:0:1::2
Source Address
2001:db8:0:1::1
Destination Address
2001:db8:0:1::5
Ver DSCP Flow Label
Payload Length
40
Hop Limit
255
Next HDR
TCP
TCP Headed and Payload
SR
Domain
Segment Routing Header (SRH) : (2 of 6)
25. Source
2001:db8:0:1::1
SRv6 Ingress
2001:db8:0:1::2
SRv6 Egress
2001:db8:0:1::4
SRv6 Router
2001:db8:0:1::3
Destination
2001:db8:0:1::5
254
Destination Address
Source Address
Hop Limit
Next HDR
Payload Length
DSCP Flow Label
Ver
IPv6
HEADER
Segment
Routing
Extension
Header
Payload
(TCP/IPv6)
HDR Type
56
Length
TCP
Next HDR
4
Seg Left
Flags
Last Entry
Segment 0
Tag
Segment 1
Segment 2
2001:db8:0:1::4
2001:db8:0:1::3
2001:db8:0:1::2
136
2001:db8:0:1::3
SRH
1
2
2001:db8:0:1::2
Source Address
2001:db8:0:1::1
Destination Address
2001:db8:0:1::5
Ver DSCP Flow Label
Payload Length
40
Hop Limit
255
Next HDR
TCP
TCP Headed and Payload
SR
Domain
Segment Routing Header (SRH) : (3 of 6)
26. Source
2001:db8:0:1::1
SRv6 Ingress
2001:db8:0:1::2
SRv6 Egress
2001:db8:0:1::4
SRv6 Router
2001:db8:0:1::3
Destination
2001:db8:0:1::5
253
Destination Address
Source Address
Hop Limit
Next HDR
Payload Length
DSCP Flow Label
Ver
IPv6
HEADER
Segment
Routing
Extension
Header
Payload
(TCP/IPv6)
HDR Type
56
Length
TCP
Next HDR
4
Seg Left
Flags
Last Entry
Segment 0
Tag
Segment 1
Segment 2
2001:db8:0:1::4
2001:db8:0:1::3
2001:db8:0:1::2
136
2001:db8:0:1::4
SRH
0
2
2001:db8:0:1::2
Source Address
2001:db8:0:1::1
Destination Address
2001:db8:0:1::5
Ver DSCP Flow Label
Payload Length
40
Hop Limit
255
Next HDR
TCP
TCP Headed and Payload
SR
Domain
Segment Routing Header (SRH) : (4 of 6)
27. Source
2001:db8:0:1::1
SRv6 Ingress
2001:db8:0:1::2
SRv6 Egress
2001:db8:0:1::4
SRv6 Router
2001:db8:0:1::3
Destination
2001:db8:0:1::5
252
Destination Address
Source Address
Hop Limit
Next HDR
Payload Length
DSCP Flow Label
Ver
IPv6
HEADER
Segment
Routing
Extension
Header
Payload
(TCP/IPv6)
HDR Type
56
Length
TCP
Next HDR
4
Seg Left
Flags
Last Entry
Segment 0
Tag
Segment 1
Segment 2
2001:db8:0:1::4
2001:db8:0:1::3
2001:db8:0:1::2
136
2001:db8:0:1::4
SRH
0
2
2001:db8:0:1::2
Source Address
2001:db8:0:1::1
Destination Address
2001:db8:0:1::5
Ver DSCP Flow Label
Payload Length
40
Hop Limit
255
Next HDR
TCP
TCP Headed and Payload
SR
Domain
Segment Routing Header (SRH) : (5 of 6)
28. Source
2001:db8:0:1::1
SRv6 Ingress
2001:db8:0:1::2
SRv6 Egress
2001:db8:0:1::4
SRv6 Router
2001:db8:0:1::3
Destination
2001:db8:0:1::5
254
Destination Address
Source Address
Hop Limit
Next HDR
Payload Length
DSCP Flow Label
Ver
IPv6
HEADER
TCP Header
40
2001:db8:0:1::5
2001:db8:0:1::1
TCP
SR
Domain
Segment Routing Header (SRH) : (6 of 6)
30. Multiple Points of Presence
• An Anycast SID identifies a set of nodes via a non-unique prefix
• Choice is made as an IGP shortest path first
• May use ECMP
• Helps survive failures and allows load ballancing
• Set of nodes are usually geographically close
Final segment
to destination
First segment to
any of three nodes
Second segment to
any of three nodes
31. Identifying SR Paths or Tunnels
• Binding SIDs are SIDs that are bound to (i.e., identify) other SR paths or
tunnels
• This allows an SR path to include another SR path or a tunnel by reference
• If the Binding SID identifies another SR path then the SR forwarding operation
is:
– Step beyond the Binding SID (decrement “Segments Left” or pop label)
– Insert additional labels for the identified SR path
• If the Binding SID identifies a tunnel then the forwarding operation is:
– Step beyond the Binding SID (decrement “Segments Left” or pop label)
– Encapsulate the packet and send it down the tunnel
• Useful for scaling the SID stack at the packet ingress
• Useful for traversing legacy networks
33. Path Computation
• Performed on SR ingress router or on central
controller
• Trivial computations
– Single segment
– Multiple statically configured segments
• Non-trivial computations
– Constraint-based Shortest Path First (CSPF)
34. CSPF
• Assign attributes to each segment
– Example: color, bandwidth, SRLG
• Assign requirements to each path
– Example: Traverse only blue segments
• Find shortest path using only segments that fulfill
requirements
• Link State Data Base (LSDB) provides information
required by CSPF
• Advanced computation may be aware of other paths
– Path diversity for protection
35. FIB Creation (MPLS)
• On each node, for each global SID
– Create a FIB entry that swaps the label (if required)
and forwards through the IGP shortest path
• On each node, for each local SID
– Create a FIB entry that pops a label and forwards
through the correct link
• LSDB provides information required for FIB
creation
36. SR IGPs
• LSDB provides information required for CSPF
computation
• LSDB provides information required to create SR
FIB entries
• ISIS and OSPF have been enhanced to flood
SR information throughout the IGP domain
• SR requires an IGP and little else!
37. SR Convergence After Failures
• Failure occurs between segment endpoints
– For a prefix segment, the SR path restores as quickly
as IGP converges
– TI-LFA may decrease IGP restoration time
• Failure occurs at segment endpoint
– Head-end restoration strategies available
– FRR solutions under consideration
• Anycast SIDs offer failure mitigation
39. Benefits
• Central control has global view of reserved
bandwidth
– Not available at any other point in the network
• Facilitates analytics driven policy
– Controller receives telemetry
– Based on telemetry, controller alters policy
40. Risk
• Concentrated point of failure / congestion
• Potential performance bottle neck
• Risks mitigated by redundant controllers
– May require some form of synchronization
41. Controller Protocol Options
• Controller acquires LSDB
– Controller participates (passively) in IGP
– BGP-LS exports LSDB to controller
• Controller sends segment list to ingress router
– PCEP
– BGP
• Controller imposes policy at ingress router
– What traffic to place on a SR path
– Flowspec additions to PCEP or BGP
43. Conclusion
• SR moves state from the network to the packet
– Simplifies protocols
• Some problems remain to be addressed
– OAM, Fast Reroute
• Operational experience required