Understanding SRv6 BE in Networking
Traditional MPLS (Multiprotocol Label Switching) relies on control plane protocols like LDP (Label Distribution Protocol) and RSVP-TE. SRv6 BE (Segment Routing over IPv6 Best Effort) simplifies this by utilizing only one service SID (Segment Identifier) for guiding packet forwarding in best-effort mode on an IP network. Unlike traditional MPLS, SRv6 BE packets don’t use SRHS (Segment Routing Header Stack) for encapsulation, making them compatible with common IPv6 devices.
In SRv6 BE, the service SID in the destination address directs packet forwarding along the shortest path to the parent node where the SID is generated. This allows common IPv6 devices to process SRv6 BE packets seamlessly. SRv6 BE packet encapsulation differs from regular IPv6 packets as it utilizes a service SID rather than a host or subnet destination address.
In L3VPN (Layer 3 Virtual Private Network) over SRv6 BE scenarios, a single SRv6 service SID combines the functions of both MPLS labels used in traditional MPLS. For example, a service SID like 2001:DB8:3::C100 can integrate routing and MPLS capabilities, where the locator (2001:DB8:3::/64) directs packets to the corresponding PE, and the function opcode C100 identifies services, such as a VPN instance.
Implementation of SRv6 BE
SRv6 BE can carry various traditional services, and its implementation can be illustrated using an EVPN L3VPNV4 over SRv6 BE scenario:
In the route advertisement phase, the locator route 2001:DB8:3::/64 is advertised using an IGP from PE2 to PE1, which installs the route in its IPv6 routing table.
After configuring a VPN End.DT4 SID (2001:DB8:3:C100) on PE2, a local SID entry is generated.
PE2 converts the VPN IPv4 route from CE2 into an EVPN IP prefix route, advertising it to PE1 with the SRv6 VPN SID 2001:DB8:3:C100.
PE1 receives the EVPN route, leaks it to the IPv4 routing table of the corresponding VPN instance, and advertises it to CE1.
In the data forwarding phase:
CE1 sends a common IPv4 packet to PE1.
PE1, after finding the matching IPv4 prefix in the VPN instance’s routing table, encapsulates the packet with an IPv6 header, using the SRv6 VPN SID 2001:DB8:3:C100 as the destination address.
The packet is forwarded through the network based on the SRv6 SID, reaching PE2 and the corresponding VPN instance.
SRv6 BE Reliability Design
For reliability, TI-LFA FRR (Topology-Independent Loop-Free Alternate Fast Reroute) can be used to provide protection for transit nodes on SRv6 BE paths in an IGP domain. This design ensures robustness against failures at different points in the network, utilizing link detection, ECMP (Equal-Cost Multipath), IP FRR (Fast Reroute), and VPN-specific mechanisms where necessary.
SRv6 BE Vs. SRv6 TE policy
| Dimension | SRv6 BE | SRv6 TE policy |
| Configuration | Simple. | Complex. |
| Path computation | Based on the IGP cost. | Based on TE constraints. |
| SRH | Typically, SRHS are not carried during forwarding. They are carried only when traffic is forwarded over a repair path in TI-LFA FRR protection scenarios. | SRHS are carried. |
| Path programming | Not supported. The lack of SRHS prevents path information from being carried. | Supported. |
| Whether a controller is required | Not required. IGP path computation eliminates the need for a controller. | Required if SRv6 TE Policies are dynamically delivered. Although SRV6 TE Policies can be manually configured, eliminating the need for a controller, the configuration is complex. Using a controller to dynamically deliver SRV6 TE Policies is therefore recommended to meet service requirements more quickly and achieve service-driven networks. |
| Protection technology | TI-LFA FRR (50 ms). | TI-LFA FRR (50 ms). |
| Application scenario | Applies to scenarios where services do not have strict SLA requirements and no path needs to be specified for traffic. | Applies to scenarios where services have strict SLA requirements. For example, traffic needs to be switched to another path if network congestion occurs or needs to be redirected to a specified destination for anti-DoS cleaning. |
Conclusion
In conclusion, SRv6 BE simplifies MPLS-based networking, providing a more efficient and compatible solution for IP networks while offering reliability through advanced protection mechanisms.