Clarifying SRv6 SID List Processing
draft-ietf-6man-sidlist-clarification-03
| Document | Type | Active Internet-Draft (6man WG) | |
|---|---|---|---|
| Authors | Adrian Farrel , Suresh Krishnan | ||
| Last updated | 2026-05-20 (Latest revision 2026-05-19) | ||
| Replaces | draft-farrel-6man-sidlist-clarification | ||
| RFC stream | Internet Engineering Task Force (IETF) | ||
| Intended RFC status | Proposed Standard | ||
| Formats | |||
| Reviews |
INTDIR IETF Last Call Review due 2026-04-24
Incomplete
|
||
| Additional resources | Mailing list discussion | ||
| Stream | WG state | Submitted to IESG for Publication | |
| Document shepherd | Erik Kline | ||
| Shepherd write-up | Show Last changed 2026-04-06 | ||
| IESG | IESG state | IESG Evaluation | |
| Action Holder |
Éric Vyncke
26
|
||
| Consensus boilerplate | Yes | ||
| Telechat date |
On agenda of 2026-05-21 IESG telechat
Has a DISCUSS. Has enough positions to pass once DISCUSS positions are resolved. |
||
| Responsible AD | Éric Vyncke | ||
| Send notices to | ek.ietf@gmail.com | ||
| IANA | IANA review state | IANA OK - No Actions Needed |
draft-ietf-6man-sidlist-clarification-03
Network Working Group A. Farrel
Internet-Draft Old Dog Consulting
Updates: 8754 (if approved) S. Krishnan
Intended status: Standards Track Cisco Systems, Inc.
Expires: 20 November 2026 19 May 2026
Clarifying SRv6 SID List Processing
draft-ietf-6man-sidlist-clarification-03
Abstract
Segment Routing over IPv6 (SRv6) is the instantiation of Segment
Routing (SR) on the IPv6 data plane. Segments are indicated by
Segment Identifiers (SIDs). SRv6 utilizes the Segment Routing Header
(SRH), an IPv6 extension header, that includes a SID list indicating
the sequence of segments and any additional processing to be
performed.
This document updates RFC 8754 by clarifying the processing of SID
list entries. It does not change any elements of the SRv6
architecture.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on 20 November 2026.
Copyright Notice
Copyright (c) 2026 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Farrel & Krishnan Expires 20 November 2026 [Page 1]
Internet-Draft SID List Clarification May 2026
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components
extracted from this document must include Revised BSD License text as
described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Revised BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Clarification . . . . . . . . . . . . . . . . . . . . . . . . 2
3. Updates to RFC 8754 . . . . . . . . . . . . . . . . . . . . . 3
3.1. Segments Left in Section 2 of RFC 8754 . . . . . . . . . 3
3.2. Segment List in Section 2 of RFC 8754 . . . . . . . . . . 3
3.3. HMAC Processing in Section 2.1.2.1 of RFC 8754 . . . . . 6
3.4. ICMP Processing in Section 5.4 of RFC 8754 . . . . . . . 6
4. Operational Considerations . . . . . . . . . . . . . . . . . 6
5. Security Considerations . . . . . . . . . . . . . . . . . . . 7
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 7
Normative References . . . . . . . . . . . . . . . . . . . . . . 7
Informative References . . . . . . . . . . . . . . . . . . . . . 7
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8
1. Introduction
The Segment Routing (SR) architecture is specified in [RFC8402]. SR
forwards packets along a series of segments, and may perform
additional segment-specific processing on packets. Segments are
indicated by Segment Identifiers (SIDs).
The mechanisms to achieve Segment Routing for IPv6 (SRv6) include the
use of the Segment Routing Header (SRH) [RFC8754], an IPv6 extension
header that includes a SID list indicating the sequence of segments
and any additional processing to be performed.
This document updates [RFC8754] by clarifying the processing of SID
list entries. It does not change any elements of the SRv6
architecture.
2. Clarification
The SRH is processed per Section 4 of [RFC8754]. One objective of
that processing is to determine the value to place in the Destination
Address field of the IPv6 packet. To this end, the next entry in the
SID list in the SRH is processed and mapped to the value to place in
the Destination Address field.
Farrel & Krishnan Expires 20 November 2026 [Page 2]
Internet-Draft SID List Clarification May 2026
The value placed in the 128-bit Destination Address field of an IPv6
packet header needs to be a routable IPv6 address since that is
required for forwarding the packet.
Note that entries in the SID list do not need to be fully-formed IPv6
addresses that are copied direct to the Destination Address field of
the IPv6 packet. The mapping from SID list entry to Destination
Address could be a direct copy (the SID list contains a list of IPv6
addresses) or could involve a more complex function.
An example of such a function is shown in [RFC9800] where a REPLACE-
CSID compressed SID is expanded to be placed in the Destination
Address field. Note that [RFC9800] makes a formal "update" of
[RFC8754] to all this mapping function - such an update would not
have been needed if this document had already existed.
3. Updates to RFC 8754
3.1. Segments Left in Section 2 of RFC 8754
The definition of the Segments Left field of the SRH is presented as:
| Segments Left: Defined in [RFC8200], Section 4.4.
This is clarified by Erratum Report EID 7102 [Err7102]. This
clarification is included in this update for completeness. The new
text reads:
| Segments Left: Defined in [RFC8200], Section 4.4. Specifically,
| for the SRH, the number of unprocessed 128-bit entries in the
| Segment List.
3.2. Segment List in Section 2 of RFC 8754
The figure in Section 2 of [RFC8754] reads:
Farrel & Krishnan Expires 20 November 2026 [Page 3]
Internet-Draft SID List Clarification May 2026
|
| 0 1 2 3
| 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | Next Header | Hdr Ext Len | Routing Type | Segments Left |
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | Last Entry | Flags | Tag |
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | |
| | Segment List[0] (128-bit IPv6 address) |
| | |
| | |
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | |
| | |
| ...
| | |
| | |
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | |
| | Segment List[n] (128-bit IPv6 address) |
| | |
| | |
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| // //
| // Optional Type Length Value objects (variable) //
| // //
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
This is updated as follows to clarify that the entries in the Segment
List are 128-bit entries, but not necessarily IPv6 addresses.
Farrel & Krishnan Expires 20 November 2026 [Page 4]
Internet-Draft SID List Clarification May 2026
|
| 0 1 2 3
| 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | Next Header | Hdr Ext Len | Routing Type | Segments Left |
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | Last Entry | Flags | Tag |
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | |
| | Segment List[0] (128-bit entry mapped to IPv6 addresses) |
| | |
| | |
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | |
| | |
| ...
| | |
| | |
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | |
| | Segment List[n] (128-bit entry mapped to IPv6 addresses) |
| | |
| | |
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| // //
| // Optional Type Length Value objects (variable) //
| // //
| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
The text in [RFC8754] reads:
| Segment List[0..n]: 128-bit IPv6 addresses representing the nth
| segment in the Segment List. The Segment List is encoded
| starting from the last segment of the SR Policy. That is, the
| first element of the Segment List (Segment List[0]) contains
| the last segment of the SR Policy, the second element contains
| the penultimate segment of the SR Policy, and so on.
This is updated as follows to clarify that the entries in the Segment
List are 128-bit entries, but not necessarily IPv6 addresses.
| Segment List[0..n]: 128-bit entries representing the nth segment
| in the Segment List. The Segment List is encoded starting from
| the last segment of the SR Policy. That is, the first element
| of the Segment List (Segment List[0]) contains the last segment
| of the SR Policy, the second element contains the penultimate
| segment of the SR Policy, and so on.
Farrel & Krishnan Expires 20 November 2026 [Page 5]
Internet-Draft SID List Clarification May 2026
3.3. HMAC Processing in Section 2.1.2.1 of RFC 8754
In describing the Hashed Message Authentication Code (HMAC)
processing, the text in [RFC8754] says that HMAC verification checks
that the destination address of the packet matches that indicated by
the next entry in the Segment List.
| * HMAC Segments Left is less than or equal to Last Entry, and the
| destination address is equal to Segment List[Segments Left].
This is updated to allow a non-direct mapping from Segment List entry
to destination address as follows:
| * HMAC Segments Left is less than or equal to Last Entry, and the
| destination address is equal to the address created by mapping
| from Segment List[Segments Left].
Further, in describing the concatenation of information to generate
the text field input to the HMAC computation, this section says:
| * SRH: All addresses in the Segment List (variable octets)
This is updated as follows to indicate that Segment List entries are
not necessarily IPv6 addresses.
| * SRH: All entries in the Segment List (variable octets)
3.4. ICMP Processing in Section 5.4 of RFC 8754
The method for deriving the destination address of the invoking
packet in [RFC8754] reads as:
| * The SID at Segment List[0] may be used as the destination
| address of the invoking packet.
To allow for the 0th entry in the Segment List to be mapped rather
than copied to a destination address, this is updated to:
| * The SID at Segment List[0] may be mapped to derive the
| destination address of the invoking packet.
4. Operational Considerations
This document does not change any elements of the SR architecture
and, as such, it makes no change to the operational procedures or
management tools of SR.
Farrel & Krishnan Expires 20 November 2026 [Page 6]
Internet-Draft SID List Clarification May 2026
In clarifying the nature of SID list processing, this document also
clarifies the nature of SID list entries. Operational and management
tools that examine the SID list in a packet need to be aware of the
nature of those entries in order to offer maximal clarity to the
users of those tools.
5. Security Considerations
This document makes no changes to the security properties of SRv6.
See [I-D.ietf-spring-srv6-security], [RFC8402], and [RFC8754] for
more discussion of SRv6 security.
Note that describing the SID list entries as being mapped to the
destination address of a packet enables potential additional security
mechanisms, such as encrypting the SID list.
6. IANA Considerations
This document makes no requests for IANA action.
Acknowledgments
Thanks to Eric Vyncke and Erik Kline for inspiring the authors to
write this document. Thanks to Bob Hinden, Mohamed Boucadair, Joel
Halpern, Yao Liu, Bruno Decraene, Brian Carpenter, Russ Housley,
Peter Yee, Yingzhen Qu, Deb Cooley, and Mike Bishop for their reviews
and comments that improved this document.
Normative References
[RFC8200] Deering, S. and R. Hinden, "Internet Protocol, Version 6
(IPv6) Specification", STD 86, RFC 8200,
DOI 10.17487/RFC8200, July 2017,
<https://www.rfc-editor.org/info/rfc8200>.
[RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L.,
Decraene, B., Litkowski, S., and R. Shakir, "Segment
Routing Architecture", RFC 8402, DOI 10.17487/RFC8402,
July 2018, <https://www.rfc-editor.org/info/rfc8402>.
[RFC8754] Filsfils, C., Ed., Dukes, D., Ed., Previdi, S., Leddy, J.,
Matsushima, S., and D. Voyer, "IPv6 Segment Routing Header
(SRH)", RFC 8754, DOI 10.17487/RFC8754, March 2020,
<https://www.rfc-editor.org/info/rfc8754>.
Informative References
Farrel & Krishnan Expires 20 November 2026 [Page 7]
Internet-Draft SID List Clarification May 2026
[Err7102] RFC Series Editor, "RFC Errata, Erratum ID 7102, RFC
8754", 2022, <https://www.rfc-editor.org/errata/eid7102>.
[I-D.ietf-spring-srv6-security]
Buraglio, N., Mizrahi, T., tongtian124, Contreras, L. M.,
and F. Gont, "Segment Routing IPv6 Security
Considerations", Work in Progress, Internet-Draft, draft-
ietf-spring-srv6-security-14, 13 April 2026,
<https://datatracker.ietf.org/doc/html/draft-ietf-spring-
srv6-security-14>.
[RFC9800] Cheng, W., Ed., Filsfils, C., Li, Z., Decraene, B., and F.
Clad, Ed., "Compressed SRv6 Segment List Encoding",
RFC 9800, DOI 10.17487/RFC9800, June 2025,
<https://www.rfc-editor.org/info/rfc9800>.
Authors' Addresses
Adrian Farrel
Old Dog Consulting
United Kingdom
Email: adrian@olddog.co.uk
Suresh Krishnan
Cisco Systems, Inc.
United States of America
Email: suresh.krishnan@gmail.com
Farrel & Krishnan Expires 20 November 2026 [Page 8]