Creating An SRv6 Policy
Creating An SRv6 Policy
Creating An SRv6 Policy
Prerequisites
• BGP sessions, BGP-LS peers, and BGP IPv6 family SR Policy peers have been established between NCE and NEs.
• Long GR has been configured on NEs by running the peer X:X:X:X:X:X:X:X graceful-restart static-timer 86400 command in the BGP IPv6
SR Policy view. This function aims to retain Policy entries on NEs for a longer period when NCE is faulty, upgraded, or under maintenance.
• SR Policy colors have been created on NCE. For details, see Managing SR Policy Colors.
• Devices are online, basic configurations have been completed, and NE data has been synchronized as described in Synchronizing NE
Configuration Data.
Service Process
The following figure shows SRv6 Policy creation in the entire service process.
Procedure
1. Open the Network Management app and choose Service > Create > SR Policy from the main menu.
2. Select the SRv6 Policy template, which has specified some tunnel parameters.
Parameter Description
Co-routed Whether the forward and reverse paths of the tunnel traverse the same links and nodes.
NOTE:
1 of 13 2/8/2024, 2:55 PM
Creating an SRv6 Policy https://172.20.14.48:31943/hedex/sematic/Single_ff_control_slice_en._...
Parameter Description
Static planning If Static planning is enabled, paths are specified by users (automatic path computation is not supported)
and:
1. Flex-Algo ID, Slice name, Candidate path delay difference, Packet loss rate, FEC BER, Bandwidth,
Priority, Affinity include-any (0x), Affinity exclude (0x), and Hop limit will be reset.
2. Co-routed can only be set to No. Path pattern can only be set to Multiple CPs + 1 segment. Path
computation mode can only be set to Strict. Path computation policy can only be set to None.
Inter-AS path computation and Real-time bandwidth can only be set to Disable. SID list reduction
can only be set to Default. Bandwidth mode can only be set to Original.
4. Candidate paths support only node constraints. Interface constraints will be automatically deleted, and
Path pattern will be reset and become unavailable.
5. In segments, the sink node is forbidden, the source node must be the first hop, and Interface Type
can only be Peer node. Hops that do not meet these requirements will be deleted.
Path pattern • 1 CP + multiple segments: There is only one candidate path, and this path has multiple segments
among which load is balanced in UCMP mode.
• Multiple CPs + 1 segment: There are two candidate paths protecting each other, and one segment can
be configured for each of them. The higher-preference candidate path is selected as the primary path.
(This is the conventional pattern.)
NOTE:
Southbound protocol • NETCONF+BGP: SRv6 Policy configurations are delivered through the CLI, and candidate path
information is delivered through BGP.
Flex-Algo ID Flex-Algo topology that the tunnel passes. Different IDs, which are integers between 128 and 255,
correspond to different Flex-Algo topologies. If no ID is set, the common topology will be used for path
computation.
Path computation mode Mode for computing paths in the Flex-Algo topology.
• Strict: In this mode, path computation in the Flex-Algo topology strictly follows the path computation
constraints and policy.
• Loose: Path computation covers only the boundary points of the Flex-Algo topology, and path
computation constraints cannot be configured. Therefore, paths within the Flex-Algo topology are still
computed by devices according to the default policy.
• None: Path computation will be conducted based on the global policy configured in the Network Path
Optimization app (Settings > Basic Settings > Global Path Computation Policy > Path computation
policy).
• Least TE metric: The path with the least accumulated link TE metrics will be selected during path
computation.
• Minimum delay: The path with the minimum accumulated delay will be selected during path
computation.
• Bandwidth balancing: The path with the smallest sum of reciprocals of remaining link bandwidths will
be selected during path computation.
2 of 13 2/8/2024, 2:55 PM
Creating an SRv6 Policy https://172.20.14.48:31943/hedex/sematic/Single_ff_control_slice_en._...
Parameter Description
• Maximum availability: The path with the maximum availability will be selected during path
computation.
• Least IGP cost: The path with the least accumulated IGP cost will be selected during path computation.
IGP cost is set on the device side. If it is not set, the default value takes effect.
Inter-AS path computation Whether to enable inter-AS path computation. If enabled, NCE computes tunnel paths across ASs, whether
the source and sink nodes of tunnels are in the same AS.
NOTE:
To ensure that the tunnel is carried by the desired slice, you need to enable Path computation within
affinity-based slices in the Network Path Optimization app (Settings > Basic Settings > Global Path
Computation Policy).
On-demand slice name On-demand slice parameters depend on the following settings. After on-demand slice parameters are set,
other parameters (except Bandwidth) cannot be modified.
• Bandwidth is set to a multiple of 1000 if the unit is kbit/s or an integer if the unit is Mbit/s.
• Device: Devices allocate BSIDs and report them to the controller through BGP-LS.
• Controller: The controller allocates BSIDs and delivers them to devices through BGP.
You can search for NE names by keyword or right-click NEs in the topology view.
When creating a unidirectional tunnel, you can select an unmanaged NE IP address as the sink NE.
3 of 13 2/8/2024, 2:55 PM
Creating an SRv6 Policy https://172.20.14.48:31943/hedex/sematic/Single_ff_control_slice_en._...
Parameter Description
▪ Name: Click . In the dialog box that is displayed, select a color profile or click Create Color
to create a profile on the SR Policy Color Profile page.
NOTE:
• The color ID can range from 0 to 2147483646, because IDs in the range of 2147483647 to
4294967295 have been reserved for stitching scenarios. If you do not need stitching
functions and want to use IDs in this range, modify the configuration item
CONFIG_DYNAMIC_TUNNEL_CHECK_SRPOLICY_COLOR_ID_MAX.
• After the color profile is set, delay constraints can still be modified. Values in the color
profile will be reused if the delay constraints are cleared.
Candidate path delay Delay difference between the two candidate paths of the SR Policy.
difference (ms)
Packet loss rate Packet loss rate constraint for path computation. If it is not set, the maximum value will be used.
• If the unit is Quantity, you can multiply the quantity by 0.000003% to get the percentage. For
example, if the quantity is 1, the percentage is 0.000003%.
• If the unit is Percent but the value is not a multiple of 0.000003, the value will be rounded to a
multiple of 0.000003 for path computation. To learn the specific quantity that the percentage is
equivalent to, switch the unit to Quantity.
FEC BER Constraint on the FEC BER. If it is not set, the maximum value will be used. This function applies only to
OTN networking and will not take effect in other scenarios.
Bandwidth Tunnel bandwidth reserved to meet service requirements. If this parameter is not set, the tunnel
bandwidth equals the bandwidth of the physical channel.
NOTE:
If Bandwidth is not set, congestion and packet loss may occur when actual traffic exceeds the
remaining bandwidth of any tunnel path.
Priority Priority for the tunnel to obtain resources. The value range is from 0 to 7, with 0 being the highest
priority. Priority determines whether the tunnel can preempt resources from other tunnels.
MTU Maximum transmission unit. Packets longer than the MTU need to be fragmented. If the packets carry a
"no fragmentation" flag, they will be discarded.
4 of 13 2/8/2024, 2:55 PM
Creating an SRv6 Policy https://172.20.14.48:31943/hedex/sematic/Single_ff_control_slice_en._...
Parameter Description
BSID If Southbound protocol is NETCONF+BGP, you can set this parameter, which can also be modified,
deleted, or added after Deliver is clicked.
Policy name If Southbound protocol is NETCONF+BGP, the name set in this parameter will be delivered to devices.
BFD > BFD type Two types are supported: SBFD and Unaffiliated BFD. SBFD is selected by default, and Unaffiliated
BFD is available only when Southbound protocol is NETCONF+BGP. After selecting a type, you can
determine whether to enable SBFD or Unaffiliated BFD.
NOTE:
BFD > BFD backhaul mode This parameter is available only after SBFD or Unaffiliated BFD is selected and enabled. Its default
value is Backhaul to IP address. If Southbound protocol is NETCONF+BGP, Direction is Bidirectional,
Co-routed is Yes, and BSID allocated by is Controller, BFD backhaul mode can be set to Backhaul to
tunnel.
NOTE:
BFD > BFD local protection • If Southbound protocol is NETCONF+BGP, you can set BFD local protection, that is, topology-
independent loop-free alternate (TI-LFA) FRR. TI-LFA FRR offers link and node protection to SRv6
Policies. If a link or node fails, traffic is rapidly switched to the backup path, minimizing traffic loss.
BFD local protection has the following options:
BFD > Detection multiplier If Southbound protocol is NETCONF+BGP, you can set the detection multiplier of BFD packets on the
primary candidate path. If this parameter is not manually set, it will be subject to global configurations
on devices.
BFD > Minimum Tx interval If Southbound protocol is NETCONF+BGP, you can set the minimum interval at which BFD packets are
(ms) transmitted on the primary candidate path. If this parameter is not manually set, it will be subject to
global configurations on devices.
BFD > Backup candidate path If Southbound protocol is NETCONF+BGP, you can set the detection multiplier of BFD packets on the
detection multiplier backup candidate path. If this parameter is not manually set, it will be subject to Detection multiplier.
BFD > Backup candidate path If Southbound protocol is NETCONF+BGP, you can set the minimum interval at which BFD packets are
minimum Tx interval (ms) transmitted on the backup candidate path. If this parameter is not manually set, it will be subject to
Minimum Tx interval (ms).
IFIT > Packet loss rate detection • Enable: enables in-situ flow information telemetry (IFIT) for packet loss detection if Southbound
protocol is NETCONF+BGP.
5 of 13 2/8/2024, 2:55 PM
Creating an SRv6 Policy https://172.20.14.48:31943/hedex/sematic/Single_ff_control_slice_en._...
Parameter Description
IFIT > Delay detection • Enable: enables IFIT-based delay detection if Southbound protocol is NETCONF+BGP and Packet
loss rate detection is enabled.
IFIT > Detection interval If Southbound protocol is NETCONF+BGP, set the IFIT detection interval in seconds.
(This function applies only to YANG NEs.)
HSB Whether to enable fast switchover. BFD can quickly detect segment faults. If all the segments of the
primary path are faulty, candidate path HSB switchover will be triggered to reduce impact on services.
This parameter is unavailable when Southbound protocol is BGP.
• Enable: fast switches services to the backup path if all the segments of the primary path are faulty.
Traffic statistics Whether to enable traffic statistics collection for the tunnel. If enabled, NCE monitors data traffic in the
tunnel. If Default is selected, the global configurations on devices will take effect.
Real-time bandwidth Whether to enable real-time bandwidth detection for the tunnel. If enabled, NCE adjusts the tunnel
bandwidth based on actual utilization.
USD Whether to perform ultimate segment decapsulation (USD), a SID behavior. USD SIDs are capable of
decapsulating IPv6 headers, segment routing headers (SRHs), and extension headers.
• Enable: Without carrying a public SID, public network traffic can enter an SRv6 Policy whose last
hop supports the USD capability.
G-SRv6 SRv6 nodes forward packets using SIDs. A complete SID is 128 bits long and therefore, more SIDs mean
higher packet overheads. G-SRv6 can split a complete SID into a common prefix and a compressed SID.
The common prefix is placed in a shared location, and the compressed SID — 16 or 32 bits — is
encapsulated into an SRH, greatly improving packet processing efficiency.
• Default: G-SRv6 set in the global path computation policy (in the Network Path Optimization app)
will prevail.
NOTE:
• G-SRv6 and SID list reduction are mutually exclusive. That is, they cannot be enabled at the
same time. If a non-default value is set for a tunnel, that value will prevail and related
settings in the global path computation policy will not take effect.
• To use G-SRv6, you need to configure compressible locators on involved devices and ensure
that the related RRs have been upgraded to V100R021C00 or later.
SID list reduction If enabled, NCE simulates the SR-BE forwarding paths on devices based on the "least cost" principle.
While ensuring that the SR-BE forwarding paths are consistent with SR Policy paths, it does not deliver
co-routed link SIDs, minimizing the number of SIDs. BFD backhaul mode and G-SRv6 are mutually
exclusive. That is, they cannot be enabled at the same time. If a non-default value is set for a tunnel,
that value will prevail and related settings in the global path computation policy will not take effect.
• Enable: NCE delivers node SIDs or hybrid node+link SID lists to NEs.
NOTICE:
6 of 13 2/8/2024, 2:55 PM
Creating an SRv6 Policy https://172.20.14.48:31943/hedex/sematic/Single_ff_control_slice_en._...
Parameter Description
▪ NCE simulates only the least-cost forwarding paths on devices. It cannot simulate paths
based on other path computation policies. This may result in the forwarding paths
being inconsistent with the computed path, leading to traffic congestion.
▪ If devices do not support forwarding based on node SIDs, services may be interrupted.
• Default: SID list reduction set in the global path computation policy (in the Network Path
Optimization app) will prevail.
Cross-IGP SID list reduction If SID list reduction is enabled, Cross-IGP SID list reduction is available but disabled by default.
Enabling Cross-IGP SID list reduction yields better SID list reduction effect. Assuming that IGP domains
import specific routes from each other and each node can see specific routes in other domains, NCE
considers the entire network as an IGP domain and simulates the forwarding paths on devices based on
the "least cost" principle. While ensuring that the SR-BE forwarding paths are consistent with SR Policy
paths, it does not deliver co-routed link SIDs, minimizing the number of SIDs.
NOTICE:
When enabling Cross-IGP SID list reduction, pay attention to the following:
• In cross-IGP domain scenarios, it is more difficult for NCE to simulate forwarding paths on
devices, and the forwarding paths will be less consistent with the path computed by NCE.
• In addition, IGP domains must mutually reference routes. Otherwise, traffic may be
unreachable, leading to service interruption.
Forwarding without local Whether to forward data without local protection. By default, it is disabled, that is, data is forwarded
protection under local protection. Local protection (TI-LFA protection) offers link and node protection to SRv6
Policies.
• Enable: forwards data without local protection. It is available when Southbound protocol is
NETCONF+BGP. (Only YANG NEs support this function.)
Encapsulation mode If Southbound protocol is NETCONF+BGP, Encapsulation mode can be set to None, insert, encaps,
or insert-encaps. The default value is None. (This function applies only to YANG NEs.)
• None: The tunnel path can change after path computation based on the latest topology, and
switchback is not required.
• Soft pinning: The tunnel path can change, but switchback is required.
NOTE:
If Soft pinning is selected, you need to enable Pinned path switchback computation.
Otherwise, switchback may fail during rerouting. (Specifically, open the Network Path
Optimization app, choose Settings > Basic Settings > Global Path Computation Policy
from the main menu, enable Pinned path switchback computation, and set Pinned path
switchback computation time as appropriate to service needs.)
Bandwidth mode Bandwidth usage policy of the backup path in the multi-candidate path scenario.
• Original: The primary and backup paths occupy the same bandwidth. The bandwidth of the backup
path is not shared with other tunnels.
• Dynamic: The primary and backup paths occupy the same bandwidth. The bandwidth of the
backup path is shared with lower-priority tunnels.
7 of 13 2/8/2024, 2:55 PM
Creating an SRv6 Policy https://172.20.14.48:31943/hedex/sematic/Single_ff_control_slice_en._...
• If Path pattern is 1 CP + multiple segments, only one candidate path is allowed but you can configure multiple segments for it.
If the template has preconfigured a candidate path, you can click the blue number in the Preference column to view or
modify the candidate path.
Parameter Description
Preference Preference of the candidate path. The greater the value, the higher the preference. The
candidate path with the highest preference is selected as the primary path.
Affinity include-any (0x) Links can participate in path computation if their administrative groups contain any of these
affinity bits.
Affinity exclude (0x) Links will be excluded from path computation if their administrative groups contain any of
these affinity bits.
Hop limit Maximum number of hops allowed during computation. The value is an integer from 1 to 32.
Link availability (%) Link availability of the candidate path. Links with lower availability will be excluded from
candidate path computation. Link availability is the ratio of up time to down time.
b. Set Add segments. Automatically means that segments are automatically allocated.
In Automatically mode, segments and their weights are automatically allocated by NCE. If traffic congestion occurs, NCE
first adjusts the weights of existing segments. If the adjustment cannot meet bandwidth requirements, NCE will split
segments.
Parameter Description
Prefer disjoint segments Whether to prefer disjoint segments during computation. The default value is No.
Balance load between parallel links Whether to balance load between parallel links. The default value is No. This parameter
can be set when Path computation policy is Least TE metric or Least IGP cost and
Prefer disjoint segments is No.
▪ Yes: preferentially balances traffic to the parallel links along the optimal path
without considering whether segments are disjoint.
▪ No: computes segments based on the path computation policy, Initial segments,
and Maximum segments. One of the segments must be disjoint.
c. If Add segments is set to Manually, click next to Segments to add segment constraints.
Parameter Description
8 of 13 2/8/2024, 2:55 PM
Creating an SRv6 Policy https://172.20.14.48:31943/hedex/sematic/Single_ff_control_slice_en._...
Parameter Description
Weight Weight of the segment. By default, this parameter is left blank, meaning that weights
are automatically allocated by NCE. If you want to manually set it, enter a weight for
each segment.
SID (available only when Static SID of the segment, which is a 128-bit IPv6 address.
planning is enabled)
Path Selection Mode Mode in which the tunnel traverses the interface.
▪ Strict: strict matching. That is, the specified node must be adjacent, and the tunnel
must traverse the specified interface.
▪ Loose: loose matching. That is, the specified node does not have to be adjacent,
but the tunnel must traverse the specified interface, if any.
▪ Exclude: The tunnel must not traverse the specified node or interface.
Interface Type Type of interface constraints. By default, this parameter is left blank. This parameter is
non-editable when Path Selection Mode is Exclude.
When Static planning is disabled, the options are as follows:
▪ Peer node: In the inter-AS scenario that has multiple ASs unmanaged by NCE,
select one of the ASs as the next hop of the segment.
NOTE:
BGP Peer ID BGP ID of the next hop. Set this parameter when Interface Type is Peer node.
• If Path pattern is Multiple CPs + 1 segment, a maximum of two candidate paths are allowed and one segment can be configured for
each of them.
9 of 13 2/8/2024, 2:55 PM
Creating an SRv6 Policy https://172.20.14.48:31943/hedex/sematic/Single_ff_control_slice_en._...
Parameter Description
Preference Preference of the candidate path. The greater the value, the higher the preference. The
candidate path with the highest preference is selected as the primary path.
Affinity include-any (0x) Links can participate in path computation if their administrative groups contain any of these
affinity bits.
Affinity exclude (0x) Links will be excluded from path computation if their administrative groups contain any of
these affinity bits.
Hop limit Maximum number of hops allowed during computation. The value is an integer from 1 to 32.
Link availability (%) Link availability of the candidate path. Links with lower availability will be excluded from
candidate path computation. Link availability is the ratio of up time to down time.
Choose one from multiple If enabled, 1–4 segments must be created, each with explicit path constraints. Among the paths
explicit paths computed based on the explicit paths, NCE selects the optimal one to deliver. This function is
available only for the highest-precedence candidate path.
b. Click next to Segments and set the segment name and constraints.
10 of 13 2/8/2024, 2:55 PM
Creating an SRv6 Policy https://172.20.14.48:31943/hedex/sematic/Single_ff_control_slice_en._...
7. (Optional) Click Compute Path. When the computed paths appear in the topology view, select the desired path and click OK.
• If Path computation policy has been set to None, path computation results are offered for each policy. If Path computation
policy has been set to a specific policy, path computation results are offered only for the selected policy.
• If path computation results are offered for multiple policies but you select none of them, tunnel paths will be selected based on
the global policy configured in the Network Path Optimization app (Settings > Basic Settings > Global Path Computation
Policy > Path computation policy).
• You can select the desired path from the Route drop-down list.
11 of 13 2/8/2024, 2:55 PM
Creating an SRv6 Policy https://172.20.14.48:31943/hedex/sematic/Single_ff_control_slice_en._...
Follow-up Procedure
• Managing tunnels
▪ Status monitoring on the tunnel management page (Service > View > SR Policy): Click to refresh Running Status. For normal
tunnels, Running Status is Up.
2. In the 360-degree view, click Operation and choose Diagnose. On the Diagnosis page, select the tunnel and click Start Test to
test its connectivity.
12 of 13 2/8/2024, 2:55 PM
Creating an SRv6 Policy https://172.20.14.48:31943/hedex/sematic/Single_ff_control_slice_en._...
For details about how to create a routing policy template, see Creating Route Policy Templates.
13 of 13 2/8/2024, 2:55 PM