BGP SR Policy Extensions for Network Resource Partition
draft-ietf-idr-sr-policy-nrp-09
| Document | Type | Active Internet-Draft (idr WG) | |
|---|---|---|---|
| Authors | Jie Dong , Zhibo Hu, Ran Pang | ||
| Last updated | 2026-05-18 | ||
| Replaces | draft-dong-idr-sr-policy-nrp | ||
| RFC stream | Internet Engineering Task Force (IETF) | ||
| Intended RFC status | Proposed Standard | ||
| Formats | |||
| Reviews |
SECDIR Early review
(of
-06)
by Dave Thaler
Has issues
SECDIR Early Review due 2025-07-28
Incomplete
|
||
| Additional resources | Mailing list discussion | ||
| Stream | WG state | Submitted to IESG for Publication | |
| Document shepherd | Susan Hares | ||
| Shepherd write-up | Show Last changed 2026-03-25 | ||
| IESG | IESG state | AD Evaluation::AD Followup | |
| Action Holder | |||
| Consensus boilerplate | Yes | ||
| Telechat date | (None) | ||
| Responsible AD | Ketan Talaulikar | ||
| Send notices to | shares@ndzh.com |
draft-ietf-idr-sr-policy-nrp-09
IDR Working Group J. Dong
Internet-Draft Z. Hu
Intended status: Standards Track Huawei Technologies
Expires: 20 November 2026 R. Pang
China Unicom
19 May 2026
BGP SR Policy Extensions for Network Resource Partition
draft-ietf-idr-sr-policy-nrp-09
Abstract
Segment Routing (SR) Policy is a set of candidate paths, each
consisting of one or more segment lists and the associated
information. The header of a packet steered in an SR Policy is
augmented with an ordered list of segments associated with that SR
Policy. A Network Resource Partition (NRP) is a subset of network
resources allocated in the underlay network which can be used to
support one or a group of RFC 9543 network slice services.
In networks where there are multiple NRPs, an SR Policy may be
associated with a particular NRP. The association between SR Policy
and NRP needs to be specified, so that for service traffic which is
steered into the SR Policy, the header of the packets can be
augmented with the information associated with the NRP. An SR Policy
candidate path can be distributed using BGP SR Policy. This document
defines the extensions to BGP SR policy to specify the NRP which the
SR Policy candidate path is associated with.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on 20 November 2026.
Dong, et al. Expires 20 November 2026 [Page 1]
Internet-Draft BGP SR Policy for NRP May 2026
Copyright Notice
Copyright (c) 2026 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components
extracted from this document must include Revised BSD License text as
described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Revised BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3
2. NRP Identifier of SR Policy . . . . . . . . . . . . . . . . . 3
3. Procedures . . . . . . . . . . . . . . . . . . . . . . . . . 5
4. Error Handling . . . . . . . . . . . . . . . . . . . . . . . 5
5. Operational Considerations . . . . . . . . . . . . . . . . . 5
6. Security Considerations . . . . . . . . . . . . . . . . . . . 6
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6
8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 6
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 6
9.1. Normative References . . . . . . . . . . . . . . . . . . 6
9.2. Informative References . . . . . . . . . . . . . . . . . 7
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8
1. Introduction
The concept of Segment Routing (SR) policy is defined in [RFC9256].
An SR Policy is a set of candidate paths, each consisting of one or
more segment lists. The headend of an SR Policy may learn multiple
candidate paths for an SR Policy. The header of a packet steered in
an SR Policy is augmented with an ordered list of segments associated
with that SR Policy. The BGP extensions to distribute SR Policy
candidate paths are defined in [RFC9830].
[RFC9543] discusses the general framework, components, and interfaces
for requesting and operating network slices using IETF technologies.
It also introduces the concept of Network Resource Partition (NRP),
which is a subset of the resources and associated policies in the
underlay network. The network slices defined in [RFC9543] can be
realized by mapping one or more connectivity constructs to an NRP.
[RFC9732] describes the framework and the candidate component
technologies for providing NRP-based enhanced VPN services based on
Dong, et al. Expires 20 November 2026 [Page 2]
Internet-Draft BGP SR Policy for NRP May 2026
VPN and Traffic Engineering (TE) technologies. Enhanced VPN can be
used for the realization of network slice services defined in
[RFC9543].
As described in [I-D.ietf-teas-nrp-scalability], one scalable data
plane approach to support network slicing is to carry a dedicated NRP
selector ID in the data packet to identify the NRP the packet belongs
to, so that the packet can be processed and forwarded using the
subset of network resources allocated to the NRP.
In networks where there are multiple NRPs, an SR Policy may be
associated with a particular NRP. [I-D.ietf-spring-sr-policy-nrp]
describes the association of candidate paths with NRPs under the SR
Policy architecture. This document defines the extensions to BGP to
specify the control plane NRP ID [I-D.ietf-teas-ns-ip-mpls] that is
associated with an SR Policy candidate path. The control plane NRP
ID is linked to the NRP identifier used in data plane (denoted as NRP
Selector ID).
1.1. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
2. NRP Identifier of SR Policy
In order to specify the NRP the candidate path of SR policy is
associated with, a new sub-TLV called "NRP ID" sub-TLV is defined in
the BGP Tunnel Encapsulation Attribute [RFC9012]. The NRP ID sub-TLV
can be carried in the BGP Tunnel Encapsulation Attribute with the
tunnel type set to SR Policy. The use of the NRP ID sub-TLV in other
tunnel types is outside the scope of this document.
The NRP sub-TLV has the following format:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Flags | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| NRP ID (4 octets) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 1. NRP ID Sub-TLV
where:
Dong, et al. Expires 20 November 2026 [Page 3]
Internet-Draft BGP SR Policy for NRP May 2026
* Type: 123 (assigned by IANA)
* Length: 6 octets.
* Flags: 1-octet flag field. None is defined at this stage. The
flags MUST be set to zero on transmission and MUST be ignored on
receipt.
* Reserved: 1 octet of reserved bits. It MUST be set to zero on
transmission and MUST be ignored on receipt.
* NRP ID: A 32-bit domain significant identifier which is used to
identify an NRP in the control plane [I-D.ietf-teas-ns-ip-mpls].
The values of 0 and 0xFFFFFFFF are reserved.
The encoding structure of BGP SR Policy with the NRP ID sub-TLV is
expressed as below:
SR Policy SAFI NLRI: <Distinguisher, Policy-Color, Endpoint>
Attributes:
Tunnel Encaps Attribute (23)
Tunnel Type: SR Policy (15)
Binding SID
SRv6 Binding SID
Preference
Priority
Policy Name
Policy Candidate Path Name
Explicit NULL Label Policy (ENLP)
NRP ID
Segment List
Weight
Segment
Segment
...
...
Figure 2. SR Policy Encoding with NRP ID sub-TLV
The NRP ID sub-TLV is optional and MUST NOT appear more than once for
one SR Policy candidate path.
Dong, et al. Expires 20 November 2026 [Page 4]
Internet-Draft BGP SR Policy for NRP May 2026
3. Procedures
When a candidate path of SR Policy is instantiated within an NRP, and
a network-wide data plane NRP Selector ID is used for identifying the
resources of the NRP, the originating node of SR Policy MUST include
the NRP ID sub-TLV in the BGP Tunnel Encapsulation Attribute of the
BGP SR Policy. The setting of other fields and attributes in BGP SR
Policy follows the mechanism as defined in [RFC9830].
On reception of an SR Policy NLRI with NRP ID sub-TLV in the BGP
Tunnel Encapsulation Attribute , a BGP speaker determines if it is
valid and usable according to the rules defined in Section 4.2 of
[RFC9830].
The selected best routes of the SR Policy SAFI is passed on to the SR
Policy Module (SRPM) for further processing as described in
Section 4.2.2 of [RFC9830].
Although the proposed mechanism allows different candidate paths in
one SR policy to be associated with different NRPs, in normal network
scenarios it is considered that the association between an SR Policy
and NRP is consistent, in such case all candidate paths of one SR
policy SHOULD be associated with the same NRP.
4. Error Handling
The error handling of the BGP Update messages for BGP SR Policy SAFI
with the NRP extensions defined in this document follows the
procedures in section 5 of [RFC9830].
The NRP ID sub-TLV is considered malformed if its format does not
match the above description. If the NRP ID sub-TLV appears more than
once, or its format is considered malformed, the associated BGP SR
Policy NLRI is considered malformed and the "treat-as-withdraw"
strategy of [RFC7606] MUST be applied.
5. Operational Considerations
The mechanism specified in this document adds additional information
to the signaling of SR Policy candidate paths in BGP. As the number
of NRP increases, the number of SR Policies may also increase. When
SR Policies are associated with different NRPs, the amount of control
plane information exchanged between the network controller and the
headend nodes for provisioning SR Policy would increase. However,
since the SR Policy candidate paths distributed using BGP are only
installed by the corresponding headend nodes, the impacts to the BGP
control plane are considered acceptable.
Dong, et al. Expires 20 November 2026 [Page 5]
Internet-Draft BGP SR Policy for NRP May 2026
6. Security Considerations
The security considerations of BGP [RFC4271] and BGP SR Policy
[RFC9830] apply to this document.
The security considerations of SR Policy [RFC9256] and SR Policy NRP
extensions [I-D.ietf-spring-sr-policy-nrp] apply to this document.
7. IANA Considerations
IANA has assigned the sub-TLV type as defined in Section 2 from "BGP
Tunnel Encapsulation Attribute sub-TLVs" registry in the "Border
Gateway Protocol (BGP) Tunnel Encapsulation" registry group.
Value Description Reference
----------------------------------------------------
123 NRP ID This document
8. Acknowledgments
The authors would like to thank Guoqi Xu, Lei Bao, Haibo Wang,
Shunwan Zhuang and Susan Hares for their review and discussion of
this document.
9. References
9.1. Normative References
[I-D.ietf-teas-ns-ip-mpls]
Saad, T., Beeram, V. P., Dong, J., Halpern, J. M., and S.
Peng, "Realizing Network Slices in IP/MPLS Networks", Work
in Progress, Internet-Draft, draft-ietf-teas-ns-ip-mpls-
07, 28 February 2026,
<https://datatracker.ietf.org/doc/html/draft-ietf-teas-ns-
ip-mpls-07>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
[RFC4271] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A
Border Gateway Protocol 4 (BGP-4)", RFC 4271,
DOI 10.17487/RFC4271, January 2006,
<https://www.rfc-editor.org/info/rfc4271>.
Dong, et al. Expires 20 November 2026 [Page 6]
Internet-Draft BGP SR Policy for NRP May 2026
[RFC7606] Chen, E., Ed., Scudder, J., Ed., Mohapatra, P., and K.
Patel, "Revised Error Handling for BGP UPDATE Messages",
RFC 7606, DOI 10.17487/RFC7606, August 2015,
<https://www.rfc-editor.org/info/rfc7606>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC9012] Patel, K., Van de Velde, G., Sangli, S., and J. Scudder,
"The BGP Tunnel Encapsulation Attribute", RFC 9012,
DOI 10.17487/RFC9012, April 2021,
<https://www.rfc-editor.org/info/rfc9012>.
[RFC9256] Filsfils, C., Talaulikar, K., Ed., Voyer, D., Bogdanov,
A., and P. Mattes, "Segment Routing Policy Architecture",
RFC 9256, DOI 10.17487/RFC9256, July 2022,
<https://www.rfc-editor.org/info/rfc9256>.
[RFC9543] Farrel, A., Ed., Drake, J., Ed., Rokui, R., Homma, S.,
Makhijani, K., Contreras, L., and J. Tantsura, "A
Framework for Network Slices in Networks Built from IETF
Technologies", RFC 9543, DOI 10.17487/RFC9543, March 2024,
<https://www.rfc-editor.org/info/rfc9543>.
[RFC9830] Previdi, S., Filsfils, C., Talaulikar, K., Ed., Mattes,
P., and D. Jain, "Advertising Segment Routing Policies in
BGP", RFC 9830, DOI 10.17487/RFC9830, September 2025,
<https://www.rfc-editor.org/info/rfc9830>.
9.2. Informative References
[I-D.ietf-spring-sr-policy-nrp]
Yue, Chen, R., Dong, J., Lin, C., and J. Wenying, "Segment
Routing Policy Extension for Network Resource Partition",
Work in Progress, Internet-Draft, draft-ietf-spring-sr-
policy-nrp-00, 3 March 2026,
<https://datatracker.ietf.org/doc/html/draft-ietf-spring-
sr-policy-nrp-00>.
[I-D.ietf-teas-nrp-scalability]
Dong, J., Li, Z., Gong, L., Yang, G., and G. S. Mishra,
"Scalability Considerations for Network Resource
Partition", Work in Progress, Internet-Draft, draft-ietf-
teas-nrp-scalability-09, 11 February 2026,
<https://datatracker.ietf.org/doc/html/draft-ietf-teas-
nrp-scalability-09>.
Dong, et al. Expires 20 November 2026 [Page 7]
Internet-Draft BGP SR Policy for NRP May 2026
[RFC9732] Dong, J., Bryant, S., Li, Z., Miyasaka, T., and Y. Lee, "A
Framework for NRP-Based Enhanced Virtual Private
Networks", RFC 9732, DOI 10.17487/RFC9732, March 2025,
<https://www.rfc-editor.org/info/rfc9732>.
Authors' Addresses
Jie Dong
Huawei Technologies
Email: jie.dong@huawei.com
Zhibo Hu
Huawei Technologies
Email: huzhibo@huawei.com
Ran Pang
China Unicom
Email: pangran@chinaunicom.cn
Dong, et al. Expires 20 November 2026 [Page 8]