Abstract: The present technology provides a system and method for implementing targeted collection of in-situ Operation, Administration and Maintenance data from select nodes in a Segment Routing Domain. The selection is programmable and is implemented by setting an iOAM bit in the function arguments field of a Segment Identifier. In this way only the nodes associated with local Segment Identifiers (Function field of a Segment Identifier) with an iOAM argument bit are directed to generate iOAM data. The iOAM data generated by target nodes may be stored in TLV field of the segment routing header. The Segment Routing packet is then decapsulated at a Segment Routing egress node and the Header information with the collected iOAM data is sent to a controller entity for further processing, analysis and/or monitoring.

Abstract: In one embodiment, Ethernet Virtual Private Network (EVPN) is implemented using Internet Protocol Version 6 (IPv6) Segment Routing (SRv6) underlay network and SRv6-enhanced Border Gateway Protocol (BGP) signaling. A particular route associated with a particular Internet Protocol Version 6 (IPv6) Segment Routing (SRv6) Segment Identifier (SID) is advertised in a particular route advertisement message of a routing protocol (e.g., BGP). The SID includes encoding representing a particular Ethernet Virtual Private Network (EVPN) Layer 2 (L2) flooding Segment Routing end function of the particular router and a particular Ethernet Segment Identifier (ESI), with the particular SID including a routable prefix to the particular router. The particular router receives a particular packet including the particular SID; and in response, the particular router performs the particular EVPN end function on the particular packet.

Abstract: In one embodiment, a service chain data packet is instrumented as it is communicated among network nodes in a network providing service-level and/or networking operations visibility. The service chain data packet includes a particular header identifying a service group defining one or more service functions, and is a data packet and not a probe packet. A network node adds networking and/or service-layer operations data to the particular service chain data packet, such as, but not limited to, in the particular header. Such networking operations data includes a performance metric or attribute related to the transport of the particular service chain packet in the network. Such service-layer operations data includes a performance metric or attribute related to the service-level processing of the particular service chain data packet in the network.

Abstract: The present technology is directed to a system and method for implementing network resource partitioning and Quality of Service (QoS) separation through network slicing. Embodiments of the present invention describe scalable network slicing method based on defining Segment Routing Flexible Algorithm to represent a network slice and assigning a distinct QoS policy queue to each of the Flexible Algorithms configured on a network node. Therefore, scalable network slice based queuing is implemented wherein a single packet processing queue is assigned to each Flex-Algorithm based network slice. QoS policy queue may be implemented in a hierarchical fashion by differentiation between flow packets in a single QoS policy queue based on value of experimental bits in the header.

Abstract: In one embodiment, a segment routing and tunnel exchange provides packet forwarding efficiencies in a network, including providing an exchange between a segment routing domain and a packet tunnel domain. One application includes the segment routing and tunnel exchange interfacing segment routing packet forwarding (e.g., in a Evolved Packet Core (EPC) and/or 5-G user plane) and packet tunnel forwarding in access networks (e.g., replacing a portion of a tunnel between an access node and a user plane function for accessing a corresponding data network). In one embodiment, a network provides mobility services using a segment routing data plane that spans segment routing and tunnel exchange(s) and segment routing-enabled user plane functions. One embodiment uses the segment routing data plane without any modification to a (radio) access network (R)AN (e.g., Evolved NodeB, Next Generation NodeB) nor to user equipment (e.g., any end user device).

Abstract: Techniques and mechanisms for compressing the size of SIDs to be smaller than a complete IPv6 address (or “micro SIDs”), and scaling micro SIDs across a multi-domain environment using micro SID-domain-blocks. Segment routing over IPv6 (SRv6) uses 128-bit IPv6 addresses as SIDs for segment routing. According to this disclosure, multiple SRv6 SIDs may be expressed in a compact format such that a 128-bit IPv6 address, such as the destination address field of the IPv6 header, may store multiple micro SIDs. Further, SID-domain-blocks may be assigned to each domain in a multi-domain network such that micro SIDs may be expressed in the context of a given domain, rather than being shared in the global multi-domain network. In this way, lists of domain-specific SIDs may be fully expressed in the IPv6 destination address of the packet to scale micro SID into large, multi-domain networks.

Abstract: Techniques for in-situ passive performance measurement are described. In one embodiment, a method includes receiving a data packet at a first network element, determining whether measurement information is to be collected for the data packet, providing one or more measurement fields for the data packet based on a determination that measurement information is to be collected for the data packet in which at least one measurement field identifies a measurement type, and forwarding the data packet to a second network element. The method further includes determining, by the second network element, the measurement type for the data packet, and performing one or more actions based on the measurement type.

Abstract: In one embodiment, a method includes determining a secure path through a first plurality of network nodes within a network and determining an alternate secure path through a second plurality of network nodes within the network. The method also includes routing network traffic through the first plurality of network nodes of the secure path and detecting a failure in the secure path using single-hop BFD authentication. The method further includes rerouting the network traffic through the second plurality of network nodes of the alternate secure path.

Abstract: Various systems and methods for using strict path forwarding. For example, one method involves receiving an advertisement at a node. The advertisement includes a segment identifier (SID). In response to receiving the advertisement, the node determines whether the SID is a strict SID or not. If the SID is a strict SID, the node generates information, such as forwarding information that indicates how to forward packets along a strict shortest path corresponding to the strict SID.

Abstract: Techniques are described for utilizing entropy labels of a Multiprotocol Label Switching (MPLS) label stack for performing monitoring operations (e.g., telemetry, performance measurement, OAM, etc.) without altering the MPLS label stack and/or packet path (e.g., ECMP path). The techniques may include determining, by a node of a network, to perform a monitoring operation associated with traffic that is to be sent along a path through the network. In some examples, the node may receive a packet that is to be sent along the path and encapsulate the packet with an MPLS header. The MPLS header may include an entropy label, entropy label indicator, or other label that is capable of carrying a flag indicating the monitoring operation to be performed. The flag may be carried in a TTL field or traffic class field of the label such that the MPLS label stack is not altered to trigger the monitoring operation.

Abstract: In one embodiment, a segment routing and tunnel exchange provides packet forwarding efficiencies in a network, including providing an exchange between a segment routing domain and a packet tunnel domain. One application includes the segment routing and tunnel exchange interfacing segment routing packet forwarding (e.g., in a Evolved Packet Core (EPC) and/or 5-G user plane) and packet tunnel forwarding in access networks (e.g., replacing a portion of a tunnel between an access node and a user plane function for accessing a corresponding data network). In one embodiment, a network provides mobility services using a segment routing data plane that spans segment routing and tunnel exchange(s) and segment routing-enabled user plane functions. One embodiment uses the segment routing data plane without any modification to a (radio) access network (R)AN (e.g., Evolved NodeB, Next Generation NodeB) nor to user equipment (e.g., any end user device).

Abstract: In one embodiment, a method includes receiving a packet comprising a destination address in a destination address field of the packet, where the destination address including at least a first global identifier and a second global identifier, determining that the first global identifier corresponds to the first network apparatus, determining that a local identifier in the destination address is associated with the first global identifier, identifying one or more instructions associated with the local identifier, performing one or more functions instructed by the one or more instructions, updating the destination address in the destination field of the packet to an updated destination address, determining a forwarding rule associated with the packet, and forwarding the packet with the updated destination address based on the forwarding rule.

Abstract: Disclosed are systems, apparatuses, methods, and computer-readable media to implement circuit-style network with co-routed bidirectional network paths. A method includes receiving a request for a circuit policy between a source node and a destination node, the circuit policy defining a co-routed bidirectional policy between the source node and the destination node; requesting a path compute service to identify a path between the source node and the destination node that satisfies the circuit policy through a first network; receiving a path identifying a first set of network nodes that satisfy the circuit policy; configuring each node in the first set of network nodes within the first network with the circuit policy; and establishing a connection using the path that satisfies the circuit policy between the source node and the destination node.

Abstract: The present technology provides a system and method for implementing targeted collection of in-situ Operation, Administration and Maintenance data from select nodes in a Segment Routing Domain. The selection is programmable and is implemented by setting an iOAM bit in the function arguments field of a Segment Identifier. In this way only the nodes associated with local Segment Identifiers (Function field of a Segment Identifier) with an iOAM argument bit are directed to generate iOAM data. The iOAM data generated by target nodes may be stored in TLV field of the segment routing header. The Segment Routing packet is then decapsulated at a Segment Routing egress node and the Header information with the collected iOAM data is sent to a controller entity for further processing, analysis and/or monitoring.

Abstract: Disclosed are systems, apparatuses, methods, and computer-readable media to measure performance of distinct paths of a network. A method includes determining a collection of hashes of a network based on a network probe event, each hash in the collection of hashes corresponding to a distinct path from a first edge device to a second edge device through the network; transmitting a collection of probes from the first edge device in the network, wherein each probe in the collection of probes is assigned a hash selected from the collection of hashes; receiving probes from the collection of probes at the second edge device; and determining a network performance of each distinct path through the network.

Abstract: In one embodiment, a service chain data packet is instrumented as it is communicated among network nodes in a network providing service-level and/or networking operations visibility. The service chain data packet includes a particular header identifying a service group defining one or more service functions, and is a data packet and not a probe packet. A network node adds networking and/or service-layer operations data to the particular service chain data packet, such as, but not limited to, in the particular header. Such networking operations data includes a performance metric or attribute related to the transport of the particular service chain packet in the network. Such service-layer operations data includes a performance metric or attribute related to the service-level processing of the particular service chain data packet in the network.

Abstract: Techniques for in-situ passive performance measurement are described. In one embodiment, a method includes receiving a data packet at a first network element, determining whether measurement information is to be collected for the data packet, providing one or more measurement fields for the data packet based on a determination that measurement information is to be collected for the data packet in which at least one measurement field identifies a measurement type, and forwarding the data packet to a second network element. The method further includes determining, by the second network element, the measurement type for the data packet, and performing one or more actions based on the measurement type.

Abstract: The present technology is directed to signaling unreachability of a network device, more specifically, a prefix of the network device in network that utilizes route summarization. A pulse trigger agent can detect an unreachability of at least one Provider Edge (PE) device in a network domain of a network and determine that a route summarization is being used within the network where the unreachability of the at least one PE device is hidden by the route summarization. A pulse distribution agent can transmit a failure message informing other PE devices of the unreachability of the at least one PE device.

Abstract: In one embodiment, a method includes identifying, by a network component, a first segment identifier (SID) within a SID list. The first SID includes a first SID block and a first micro SID (uSID). The method also includes initializing, by the network component, a packing list of a uSID carrier with the first uSID of the first SID and initializing, by the network component, a packing block of the uSID carrier with the first SID block of the first SID. The method further includes initializing, by the network component, a remaining packing capacity of the packing list with a carrier capacity of the first SID and initializing, by the network component, an empty compressed SID list.

Abstract: The present technology pertains to a group-based network policy using Segment Routing over an IPv6 dataplane (SRv6). After a source application sends a packet, an ingress node can receive the packet, and if the source node is capable, it can identify an application policy and apply it. The ingress node indicates that the policy has been applied by including policy bits in the packet encapsulation. When the packet is received by the egress node, it can determine whether the policy was already applied, and if so, the packet is forward to the destination application. If the egress node determines that the policy has not be applied the destination application can apply the policy. Both the ingress node and egress nodes can learn of source application groups, destination application groups, and applicable policies through communication with aspects of the segment routing fabric.