Path Computation Element Communication Protocol (PCEP) Extensions for SID verification for SR-MPLS ZTE Corporation
Nanjing China chen.ran@zte.com.cn
Cisco Systems
ssidor@cisco.com
ZTE Corporation
Nanjing China zhu.chun1@zte.com.cn
Cisco Systems
atokar@cisco.com
Ciena Corporation
mkoldych@ciena.com
Routing PCE Internet Draft This document defines extensions to the Path Computation Element Communication Protocol (PCEP) to support SID verification in Segment Routing MPLS (SR-MPLS) networks. Specifically, it introduces a flag in the SR-ERO subobject to indicate that the Path Computation Client (PCC) is explicitly requested to verify SID(s) by the Path Computation Element (PCE), and defines capability exchange mechanisms.
describes the "SID verification" bit usage and semantics for Segment Routing Policies. SID verification is performed when the headend is explicitly requested to verify SID(s) by the controller via the signaling protocol used. Implementations MAY provide a local configuration option to enable verification on a global, per-policy, or per candidate path basis. specifies extensions to the Path Computation Element Communication Protocol (PCEP) that allow a stateful PCE to compute and initiate Traffic-Engineering (TE) paths, as well as a Path Computation Client (PCC) to request a path subject to certain constraints and optimization criteria in SR networks. defines similar SID verification extensions for SRv6-ERO subobjects. This document specifies PCEP extensions to support the SID verification feature in SR-MPLS networks. It defines a Verification (V) flag in the SR-ERO subobject to enable the PCE to explicitly request SID verification from the PCC. Additionally, it introduces capability exchange mechanisms and detailed processing procedures for SID verification in both PCE-initiated and PCC-initiated LSP scenarios.
Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here.
Terminology This document uses the following terms defined in :
  • PCC: Path Computation Client
  • PCE: Path Computation Element
  • PCEP: Path Computation Element Communication Protocol
This document uses the following terms defined in :
  • ERO: Explicit Route Object
  • RRO: Record Route Object
  • SR-ERO: Segment Routing Explicit Route Object subobject
  • SR-RRO: Segment Routing Record Route Object subobject
  • SID: Segment Identifier
  • NAI: Network Access Identifier
This document uses the following terms defined in :
  • Segment Routing Policy: An ordered list of segments (SIDs) that define a source-routed path through a network
  • SID Verification: The procedure of verifying that a Segment Identifier can be correctly resolved and programmed at the headend
Section 4.3.1 in describes the SR-ERO subobject format to carry a Segment Identifier (SID) and/or Network Access Identifier (NAI) information. This document defines a new flag in the SR-ERO subobject Flags field to request SID verification. V (Verification) Flag (1 bit): When set to 1, the V-flag indicates that the PCE is explicitly requesting the PCC to verify the SID(s) associated with this SR-ERO subobject. The PCC MUST verify SID(s) according to the procedures defined in Section 5.1 of . When set to 0, the V-flag indicates that SID verification is not explicitly requested by the PCE (though local policy on the PCC MAY still trigger verification). The V-flag is applicable to both PCE-initiated LSPs (via PCUpd or PCInitiate messages) and PCC-initiated LSPs (via PCReq or PCRpt messages). The interpretation of the V-flag differs depending on direction:
  • When set by the PCE in PCUpd or PCInitiate messages: The V-flag is a request to the PCC to verify the specified SID(s).
  • When present in PCRpt messages sent by the PCC: The V-flag indicates that SID verification was requested (either via explicit PCE request or due to local policy). If the LSP is in the operational up state and the V-flag is set, this indicates that verification was completed successfully. If the LSP is not in the operational up state or if an LSP-ERROR-CODE is present indicating verification failure, the V-flag reflects that verification was requested but failed. The PCC SHOULD set the V-flag in PCRpt if it received a PCUpd/PCInitiate with V-flag set, or if it is performing verification based on local policy.
The SR-RRO subobject format is the same as the SR-ERO subobject, except it lacks the L-Flag, per . The V-flag has no meaning in the SR-RRO and is ignored on receipt at the PCE, consistent with the treatment of the V-flag in SRv6-RRO as specified in .
On receiving an SR-ERO subobject with the V-flag set to 1, a PCC MUST verify the SID(s) as described in Section 5.1 of . The verification procedure is performed during path setup and before the LSP is activated. If a PCC successfully verifies the SID(s) with the V-flag set in an SR-ERO subobject, it proceeds with LSP setup. The successful transition to operational up state indicates that verification was completed successfully. If a PCC determines that "Verification fails" for a SID with the V-flag set in an SR-ERO subobject, the PCC MUST report this error by including an LSP-ERROR-CODE TLV with error-value "SID Verification fails" (as defined in ) in the LSP object within a PCRpt message sent to the PCE. The LSP MUST NOT be activated when SID verification fails. For PCC-initiated LSPs, if a PCC is performing verification without explicit PCE request (due to local policy), and verification fails, the PCC SHOULD report the failure via LSP-ERROR-CODE to inform the PCE of the verification failure.
In order to ensure compatibility between PCE and PCC regarding SID verification support, PCEP speakers MUST advertise their support for the V-flag via capability exchange during session establishment.
The SR-PCE-CAPABILITY Sub-TLV is defined in Section 4.1.2 and is included in the PATH-SETUP-TYPE-CAPABILITY TLV. This document defines a new flag in the SR-PCE-CAPABILITY Sub-TLV Flags field:
  • V (SID Verification Capability) - bit TBD: If set to 1, a PCEP speaker indicates support for the V-flag in the SR-ERO subobject defined in for LSPs setup using Path Setup Type 1 (Segment Routing). This flag indicates that the PCEP speaker is capable of handling SID verification requests and responses. If this flag is set to 0, the other PCEP speaker MUST NOT set the V-flag in SR-ERO subobjects.
A PCE MUST NOT set the V-flag in PCUpd or PCInitiate messages unless it has received a PCOpen message from the PCC with the V flag set in the SR-PCE-CAPABILITY Sub-TLV. Similarly, a PCC MUST NOT include the V-flag in RRO subobjects of PCRpt messages unless it has advertised support via the V flag in its SR-PCE-CAPABILITY Sub-TLV. If a PCEP speaker receives a PCEP message with the V-flag set in an SR-ERO subobject, but the sender has not advertised support for the V-flag in its SR-PCE-CAPABILITY Sub-TLV, the receiver MUST send a PCErr message with Error-Type 19 (Invalid Operation) and Error-Value TBD (SID Verification capability not supported). The LSP MUST NOT be created or modified.
We would like to thank Dhruv Dhody and John Scudder for their useful comments and suggestions.
This document defines a new bit value in the sub-registry "SR-ERO Flag Field" in the "Path Computation Element Protocol (PCEP) Numbers" registry.
This document defines a new bit value in the sub-registry "SR-PCE-CAPABILITY Sub-TLV Flags Field" in the "Path Computation Element Protocol (PCEP) Numbers" registry.
This document defines a new Error-Value for Error-Type 19 (Invalid Operation) in the "PCEP-Error Object" registry.
The security considerations described in , , , and are applicable to this specification. No additional security measures are required.