Protocol Extension Requirements of Generalized IPv6 Tunnel

IPv6 provides extension header mechanism for additional functions. There are emerging features based on the extension headers, such as SRv6, Slicing, Alternate Marking, IOAM, DetNet and APN. GIP6 defines the generalized IPv6 tunnel to unify the IP tunnels to support the new features. However, when deploying GIP6 in existing networks, network devices have different capabilities of IPv6 extension header processing, which has much effect on the deployment of these features, even causes the packet loss. In order to solve the issues, the capabilities of IPv6 extension header process can be advertised among network devices and reported from network devices to the controller. Based on these IPv6 capability information, the new features can be deployed properly. This document analyses the issues found during the deployment of the above new features using IPv6 extension headers and the protocol extension requirements for IPv6 capability advertisement are defined.

APN: Application-aware Networking IPv4: Internet Protocol version 4 IPv6: Internet Protocol version 6 IOAM: In-situ Operations, Administration, and Maintenance SRv6: Segment Routing over IPv6

1) Protocol Scalability Currently many new features are emerging and the corresponding encapsulations over the IPv6 are defined: - defines IPv6 encapsulation for SRv6 network programming. - defines IPv6 encapsulation for Alternate Marking. - defines IPv6 encapsulation for IOAM. - defines the IPv6 encapsulation used to determine resource isolation. - defines the IPv6 encapsulation for implementing bounded latency. - defines the IPv6 encapsulation of an APN. There features uses the IPv6 extension headers including HbH (Hop-by-Hop Options Header), DoH (Destination Options Header) and SRH (Segment Routing Header). In the process of deployment of these new features, because network devices have different capabilities of IPv6 extension header processing, the following issues are identified: - Some legacy network devices can only process IPv6 extension header (Hop-by-Hop Options Header) on slow path, which has negative impact on the routing jobs on the control plane. So in existing networks, packet with IPv6 extension headers are usually blocked by ACL. This will cause the packet loss on these network devices if the packet encapsulated with GIP6 tunnel and the HbH is used for the new features. - Network devices can only support some of the extension headers used for the new features. If the packet encapsulated with GIP6 tunnel and specific types of IPv6 extension headers used cannot be supported by these network devices, new features cannot be guaranteed along the path. - Network devices can only process limited number of options in an IPv6 extension header (including HbH and DoH). So when multiple options coexists to support different new features in the IPv6 extension header of the GIP6 tunnel, those devices may drop the packet. 2) Gaps of new scenarios a. Loss of End-to-End information: Users such as enterprises or hospitals may have demand for data sharing and circulation, but these data often involve sensitive information. Therefore, it is necessary to use a network identification technology to classify and identify the sensitivity level of data, and this ID can be encapsulated into IPv6 header. Therefore, the circulation scope of sensitive data can be controlled and a credible network path can be ensured throughout the entire process. Besides, when the data reaches the receiver, the receiver can also determine whether the data is credible and whether it can be received based on the ID. In this scenario, there are two situations: - Data transmission between cross city user. In this situation, the tunnel encapsulation methods may be different in different metropolitan area networks, and the methods for metropolitan area networks and backbone networks may also differ. 2. User data entering the cloud. Clouds are generally connected to backbone networks, the methods for metropolitan area networks and backbone networks may be different. - User data entering the cloud. Clouds are generally connected to backbone networks, the methods for metropolitan area networks and backbone networks may be different. The differentiated tunnel encapsulation methods may result in the loss of the encapsulated ID on the packet. For example, when packets enter MPLS tunnels from IPv6 domain, information encapsulated in IPv6 header is lost. As a result, the credibility and controllability of data circulation service cannot be guaranteed. b. Limited header space (TBD)

To solve the above issues, there are requirements for protocol extensions to advertise the capability of IPv6 extension header processing so as to identify the unavailable nodes and facilitate the deployment of new features successfully.

There are two different ways. One is to advertise the capability among network devices. So that a network device can find the right next hop with IPv6 extension header processing capabilities. In this case, IGP or BGP-SPF extensions are required for the information distribution. The other way is to report the IPv6 capabilities from network nodes to a controller. So that the network controller can calculate the right path comprised with available nodes. In this case, BGP-LS or NETCONF/YANG are considered for the extensions.

A path may be across multiple network domains. The ingress node of the GIP6 tunnel need to know if all the nodes along the path can process the IPv6 extension headers properly. In this case, the capability of IPv6 extension header processing need to be distributed among multiple domains. BGP can be extended to advertise the IPv6 capability information from the egress node to the ingress node. If there is a controller collecting IPv6 capability information from multiple domains, PCEP or BGP can be extended and used by the controller to deliver information to the ingress node about the right path along which network nodes can process the IPv6 extension header properly.

Network devices need to advertise its capability information about what IPv6 extension header can be supported. These capabilities may include: Supporting Hop by Hop options header (HbH) or not. Fast path or slow path processing of HbH. Supporting Segment Routing Header (SRH) or not. Supporting Destination Options header (DoH) or not. Capabilities about coexistence of multiple extension headers, for example, the combination of HbH and Authentication Header (AH). The maximum length of each IPv6 extension header The maximum total length of IPv6 extension headers

Network devices need to advertise its capability information about process options in the IPv6 extension headers. These capabilities may include: The maximum number of options supported in the HbH The maximum number of options supported in the DoH Supporting SRH TLV or not and the maximum number of TLVs supported in the SRH The maximum number of segments in the SRH

In addition to the common capabilities described above, network devices may support some specific features only. These capabilities may include: Slicing: the NRP option can be supported or not. If support, the NRP option can be placed in HbH and/or DoH. Alternate Marking: the Alternate Marking option can be supported or not. If support, the Alternate Marking option can be placed in HbH and/or DoH. IOAM: the IOAM option can be supported or not. If support, the IOAM option can be placed in HbH and/or DoH. APN: the APN option can be supported or not. If support, the APN option can be placed in HbH, DoH and/or SRH TLV. DetNet: the BLI option can be supported or not. If support, the BLI option can be placed in HbH and/or DoH.

This document makes no request of IANA.

TBD