Abstract: Various implementations disclosed herein enable malleable routing for data packets. For example, in various implementations, a method of routing a type of data packets is performed by a device. In some implementations, the device includes a non-transitory memory and one or more processors coupled with the non-transitory memory. In some implementations, the method includes determining a routing criterion to transmit a set of data packets across a network. In some implementations, the method includes identifying network nodes and communication links in the network that satisfy the routing criterion. In some implementations, the method includes determining a route for the set of data packets through the network nodes and the communication links that satisfy the routing criterion. In some implementations, the method includes configuring the network nodes that are on the route with configuration information that allows the set of data packets to propagate along the route.

Abstract: In one embodiment, an apparatus includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors. The one or more computer-readable non-transitory storage media include instructions that, when executed by the one or more processors, cause the apparatus to perform operations including receiving a first type-length-value (TLV) associated with a winning flexible algorithm definition (FAD) from a first element of a network. The operations also include determining a security level for the winning FAD based on the TLV. The operations further include determining a data transmission route through a plurality of elements of the network based on the security level for the winning FAD.

Abstract: Techniques and mechanisms for compressing the size of SIDs to be smaller than a complete IPv6 address (or “micro SIDs”), and scaling micro SIDs across a multi-domain environment using micro SID-domain-blocks. Segment routing over IPv6 (SRv6) uses 128-bit IPv6 addresses as SIDs for segment routing. According to this disclosure, multiple SRv6 SIDs may be expressed in a compact format such that a 128-bit IPv6 address, such as the destination address field of the IPv6 header, may store multiple micro SIDs. Further, SID-domain-blocks may be assigned to each domain in a multi-domain network such that micro SIDs may be expressed in the context of a given domain, rather than being shared in the global multi-domain network. In this way, lists of domain-specific SIDs may be fully expressed in the IPv6 destination address of the packet to scale micro SID into large, multi-domain networks.

Abstract: Mechanisms are provided for “direct mode” (in-band) performance loss measurement in computer networks where packet loss is measured directly in the data plane using techniques based on ECMP paths. Counters on each of an ingress node and an egress node are configured by a network controller to count traffic for indicators associated with different equal-cost multi-path (ECMP) paths through a network between ingress and egress nodes. Each indicator is toggled on or off during a measurement interval during which traffic is measured by the traffic counters on the ingress and egress nodes for each ECMP path. The traffic counters (measured in bytes/packets) from the ingress and egress nodes are sent via event driven telemetry to the network controller for performance loss measurement determination.

Abstract: A system and method are disclosed for using segment routing (SR) in native IP networks. The method involves receiving a packet. The packet is an IP packet and includes an IP header. The method also involves updating the packet. Updating the packet involves writing information, including a segment routing segment identifier, to the destination address of the packet.

Abstract: The present disclosure provides a packet tracing mechanism will be described that provides packet tracing information to a mobile network controller. In one aspect, a method includes receiving a data packet sent from a source node to a destination node; determining if the data packet is to be updated with packet tracing information; and upon determining that the data packet is to be updated, updating the packet tracing information of the data packet to include identification of the network device and an ingress timestamp of the data packet at the network device for a corresponding network controller to determining network routing policies.

Abstract: The present disclosure relates to methods and systems for inserting micro segments into a data packet. The methods may include the steps of receiving a packet with a destination address corresponding to a Micro Segment Identifier (uSID) carrier having one or more existing micro segments followed by one or more empty micro segment positions, receiving information relating to one or more new micro segments to be inserted into the uSID carrier, the one or more new micro segments associated with a new bit length, calculating a remaining bit length of the uSID carrier, the remaining bit length associated with the one or more empty micro segment positions in the uSID carrier, wherein, if the remaining bit length is greater than or equal to the new bit length, updating the uSID carrier by inserting the new micro segments, and forwarding the packet to destinations associated with the updated uSID carrier.

Abstract: The present disclosure relates to methods and systems for inserting micro segments into a data packet. The methods may include the steps of receiving a packet with a destination address corresponding to a Micro Segment Identifier (uSID) carrier having one or more existing micro segments followed by one or more empty micro segment positions, receiving information relating to one or more new micro segments to be inserted into the uSID carrier, the one or more new micro segments associated with a new bit length, calculating a remaining bit length of the uSID carrier, the remaining bit length associated with the one or more empty micro segment positions in the uSID carrier, wherein, if the remaining bit length is greater than or equal to the new bit length, updating the uSID carrier by inserting the new micro segments, and forwarding the packet to destinations associated with the updated uSID carrier.

Abstract: Techniques and mechanisms for compressing the size of SIDs to be smaller than a complete IPv6 address (or “micro SIDs”), and scaling micro SIDs across a multi-domain environment using micro SID-domain-blocks. Segment routing over IPv6 (SRv6) uses 128-bit IPv6 addresses as SIDs for segment routing. According to this disclosure, multiple SRv6 SIDs may be expressed in a compact format such that a 128-bit IPv6 address, such as the destination address field of the IPv6 header, may store multiple micro SIDs. Further, SID-domain-blocks may be assigned to each domain in a multi-domain network such that micro SIDs may be expressed in the context of a given domain, rather than being shared in the global multi-domain network. In this way, lists of domain-specific SIDs may be fully expressed in the IPv6 destination address of the packet to scale micro SID into large, multi-domain networks.

Abstract: In one embodiment, a network comprises a first forwarding domain using a first data plane forwarding protocol and a second forwarding domain using a second data plane forwarding protocol different than the first data forwarding plane forwarding protocol. The first forwarding domain includes a first path node and a particular border node. The second forwarding domain includes a second path node and the particular border node. The particular border node performs Segment Routing or other protocol interworking between the different data plane forwarding domains, such as for transporting packets through a different forwarding domain or translating a packet to use a different data forwarding protocol. These forwarding domains typically include Segment Routing (SR) and SR-Multiprotocol Label Switching (SR-MPLS). Paths through the network are determined by a Path Computation Engine and/or based on route advertisements such associated with Binding Segment Identifiers (BSIDs) (e.g.

Abstract: In one embodiment, an apparatus includes one or more processors and one or more computer-readable non-transitory storage media coupled to the one or more processors. The one or more computer-readable non-transitory storage media include instructions that, when executed by the one or more processors, cause the apparatus to perform operations including receiving a first type-length-value (TLV) associated with a winning flexible algorithm definition (FAD) from a first element of a network. The operations also include determining a security level for the winning FAD based on the TLV. The operations further include determining a data transmission route through a plurality of elements of the network based on the security level for the winning FAD.

Abstract: The present technology pertains to a group-based network policy using Segment Routing over an IPv6 dataplane (SRv6). After a source application sends a packet, an ingress node can receive the packet, and if the source node is capable, it can identify an application policy and apply it. The ingress node indicates that the policy has been applied by including policy bits in the packet encapsulation. When the packet is received by the egress node, it can determine whether the policy was already applied, and if so, the packet is forward to the destination application. If the egress node determines that the policy has not be applied the destination application can apply the policy. Both the ingress node and egress nodes can learn of source application groups, destination application groups, and applicable policies through communication with aspects of the segment routing fabric.

Abstract: Various implementations disclosed herein enable malleable routing for data packets. For example, in various implementations, a method of routing a type of data packets is performed by a device. In some implementations, the device includes a non-transitory memory and one or more processors coupled with the non-transitory memory. In some implementations, the method includes determining a routing criterion to transmit a set of data packets across a network. In some implementations, the method includes identifying network nodes and communication links in the network that satisfy the routing criterion. In some implementations, the method includes determining a route for the set of data packets through the network nodes and the communication links that satisfy the routing criterion. In some implementations, the method includes configuring the network nodes that are on the route with configuration information that allows the set of data packets to propagate along the route.

Abstract: In one embodiment, a Segment Routing network node provides processing and network efficiencies in protecting Internet Protocol version 6 (IPv6) Segment Routing (SRv6) packets and functions using Security Segment Identifiers, which are included in Segment Lists of a Segment Routing Header of a SRv6 packet. The Security Segment Identifier provides, inter alia, origin authentication, integrity of information in one or more headers of the packet, and/or anti-replay protection. In one embodiment, a Security Segment Identifier includes a value determined based on a secured portion of the packet. A typically secured portion includes the Source and Destination Addresses, one or more Segment Identifiers in a Segment List and the Segments Left value. In one embodiment, the Destination Address and/or a Segment Identifier in the Segment List includes and an anti-replay value (e.g., sequence number or portion thereof) which is also in the secured portion of the packet.

Abstract: The present disclosure provides a packet tracing mechanism will be described that provides packet tracing information to a mobile network controller. In one aspect, a method includes receiving a data packet sent from a source node to a destination node; determining if the data packet is to be updated with packet tracing information; and upon determining that the data packet is to be updated, updating the packet tracing information of the data packet to include identification of the network device and an ingress timestamp of the data packet at the network device for a corresponding network controller to determining network routing policies.

Abstract: Network interworking with no cross-domain state may be provided. First, an edge node may receive a packet from an intermediate node in a first domain. The edge node may be between the first domain and a second domain. Next, the edge node may pop, in response to a first Service Identifier (SID) in the packet, headers corresponding to the first domain from the packet. The edge node may then push, in response to the first SID, a label stack corresponding to the second domain onto the packet. The first SID may include data corresponding to the label stack. Then the edge node may route the packet to the second domain destine to an end node in the second domain.

Abstract: In one embodiment, a method, by a network apparatus of a first domain network, includes receiving one or more packets from an access network, determining a classification for the packets based on the accounting information, selecting, based on the determined classification, a policy configuration from a plurality of policy configurations for processing the packets, encapsulating the packets with one or more segment identifiers in accordance with the selected policy configuration, and sending the encapsulated packets to a network slice or a second network slice in a second domain network based on the one or more segment identifiers.

Abstract: Techniques for in-situ passive performance measurement are described. In one embodiment, a method includes receiving a data packet at a first network element, determining whether measurement information is to be collected for the data packet, providing one or more measurement fields for the data packet based on a determination that measurement information is to be collected for the data packet in which at least one measurement field identifies a measurement type, and forwarding the data packet to a second network element. The method further includes determining, by the second network element, the measurement type for the data packet, and performing one or more actions based on the measurement type.

Abstract: Techniques and mechanisms for compressing the size of SIDs to be smaller than a complete IPv6 address (or “micro SIDs”), and scaling micro SIDs across a multi-domain environment using micro SID-domain-blocks. Segment routing over IPv6 (SRv6) uses 128-bit IPv6 addresses as SIDs for segment routing. According to this disclosure, multiple SRv6 SIDs may be expressed in a compact format such that a 128-bit IPv6 address, such as the destination address field of the IPv6 header, may store multiple micro SIDs. Further, SID-domain-blocks may be assigned to each domain in a multi-domain network such that micro SIDs may be expressed in the context of a given domain, rather than being shared in the global multi-domain network. In this way, lists of domain-specific SIDs may be fully expressed in the IPv6 destination address of the packet to scale micro SID into large, multi-domain networks.

Abstract: Aspects described herein include a method for use with a software-defined network controller, as well as an associated computer program product and system. The method comprises assigning a segment identifier to an endpoint node within a destination domain of a plurality of domains. Adjacent domains of the plurality of domains are connected via a respective set of two or more domain border routers. The method further comprises assigning a respective segment identifier to each domain. Each domain border router advertises the segment identifiers of the respective two adjacent domains. The method further comprises, responsive to a request from a headend node within a source domain of the plurality of domains, computing a path from the headend node to the endpoint node. The path includes (i) the segment identifiers of any domains between the headend node and the endpoint node, and (ii) the segment identifier of the endpoint node.