path: root/doc/rfc/rfc9433.txt

Internet Engineering Task Force (IETF)                S. Matsushima, Ed.
Request for Comments: 9433                                      SoftBank
Category: Informational                                      C. Filsfils
ISSN: 2070-1721                                                 M. Kohno
                                                       P. Camarillo, Ed.
                                                     Cisco Systems, Inc.
                                                                D. Voyer
                                                             Bell Canada
                                                               July 2023


          Segment Routing over IPv6 for the Mobile User Plane

Abstract

   This document discusses the applicability of Segment Routing over
   IPv6 (SRv6) to the user plane of mobile networks.  The network
   programming nature of SRv6 accomplishes mobile user-plane functions
   in a simple manner.  The statelessness of SRv6 and its ability to
   control both service layer path and underlying transport can be
   beneficial to the mobile user plane, providing flexibility, end-to-
   end network slicing, and Service Level Agreement (SLA) control for
   various applications.

   This document discusses how SRv6 could be used as the user plane of
   mobile networks.  This document also specifies the SRv6 Endpoint
   Behaviors required for mobility use cases.

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Not all documents
   approved by the IESG are candidates for any level of Internet
   Standard; see Section 2 of RFC 7841.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   https://www.rfc-editor.org/info/rfc9433.

Copyright Notice

   Copyright (c) 2023 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Revised BSD License text as described in Section 4.e of the
   Trust Legal Provisions and are provided without warranty as described
   in the Revised BSD License.

Table of Contents

   1.  Introduction
   2.  Conventions and Terminology
     2.1.  Terminology
     2.2.  Conventions
     2.3.  Predefined SRv6 Endpoint Behaviors
   3.  Motivation
   4.  3GPP Reference Architecture
   5.  User-Plane Modes
     5.1.  Traditional Mode
       5.1.1.  Packet Flow - Uplink
       5.1.2.  Packet Flow - Downlink
     5.2.  Enhanced Mode
       5.2.1.  Packet Flow - Uplink
       5.2.2.  Packet Flow - Downlink
       5.2.3.  Scalability
     5.3.  Enhanced Mode with Unchanged gNB GTP-U Behavior
       5.3.1.  Interworking with IPv6 GTP-U
       5.3.2.  Interworking with IPv4 GTP-U
       5.3.3.  Extensions to the Interworking Mechanisms
     5.4.  SRv6 Drop-In Interworking
   6.  SRv6 Segment Endpoint Mobility Behaviors
     6.1.  Args.Mob.Session
     6.2.  End.MAP
     6.3.  End.M.GTP6.D
     6.4.  End.M.GTP6.D.Di
     6.5.  End.M.GTP6.E
     6.6.  End.M.GTP4.E
     6.7.  H.M.GTP4.D
     6.8.  End.Limit
   7.  SRv6-Supported 3GPP PDU Session Types
   8.  Network Slicing Considerations
   9.  Control Plane Considerations
   10. Security Considerations
   11. IANA Considerations
   12. References
     12.1.  Normative References
     12.2.  Informative References
   Acknowledgements
   Contributors
   Authors' Addresses

1.  Introduction

   In mobile networks, mobility systems provide connectivity over a
   wireless link to stationary and non-stationary nodes.  The user plane
   establishes a tunnel between the mobile node and its anchor node over
   IP-based backhaul and core networks.

   This document specifies the applicability of SRv6 [RFC8754] [RFC8986]
   to mobile networks.

   Segment Routing (SR) [RFC8402] is a source-routing architecture: a
   node steers a packet through an ordered list of instructions called
   "segments".  A segment can represent any instruction, topological or
   service based.

   SRv6 applied to mobile networks enables a mobile architecture based
   on source routing, where operators can explicitly indicate a route
   for the packets to and from the mobile node.  The SRv6 Endpoint nodes
   serve as mobile user-plane anchors.

2.  Conventions and Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
   "OPTIONAL" in this document are to be interpreted as described in
   BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
   capitals, as shown here.

2.1.  Terminology

   CNF:  Cloud-native Network Function

   NFV:  Network Function Virtualization

   PDU:  Packet Data Unit

   PDU Session:  Context of a UE connected to a mobile network

   UE:  User Equipment

   gNB:  gNodeB [TS.23501]

   UPF:  User Plane Function

   VNF:  Virtual Network Function

   DN:  Data Network

   Uplink:  from the UE towards the DN

   Downlink:  from the DN towards the UE

   The following terms used within this document are defined in
   [RFC8402]: Segment Routing, SR domain, Segment ID (SID), SRv6, SRv6
   SID, Active Segment, SR Policy, and Binding SID (BSID).

   The following terms used within this document are defined in
   [RFC8754]: Segment Routing Header (SRH) and Reduced SRH.

   The following terms used within this document are defined in
   [RFC8986]: NH (next header), SL (the Segments Left field of the SRH),
   FIB (Forwarding Information Base), SA (Source Address), DA
   (Destination Address), and SRv6 Endpoint Behavior.

2.2.  Conventions

   An SR Policy is resolved to a SID list.  A SID list is represented as
   <S1, S2, S3> where S1 is the first SID to visit, S2 is the second SID
   to visit, and S3 is the last SID to visit along the SR path.

   (SA,DA) (S3, S2, S1; SL) represents an IPv6 packet where:

   *  Source Address is SA, Destination Address is DA, and next header
      is SRH

   *  SRH with SID list <S1, S2, S3> with Segments Left = SL

      Note the difference between the <> and () symbols. <S1, S2, S3>
      represents a SID list where S1 is the first SID and S3 is the last
      SID to traverse.  (S3, S2, S1; SL) represents the same SID list
      but encoded in the SRH format where the rightmost SID in the SRH
      is the first SID and the leftmost SID in the SRH is the last SID.
      When referring to an SR Policy in a high-level use case, it is
      simpler to use the <S1, S2, S3> notation.  When referring to an
      illustration of the detailed packet behavior, the (S3, S2, S1; SL)
      notation is more convenient.

   *  The payload of the packet is omitted.

   (SA1,DA1) (SA2, DA2) represents an IPv6 packet where:

   *  Source Address is SA1, Destination Address is DA1, and next header
      is IP.

   *  Source Address is SA2, and Destination Address is DA2.

   Throughout the document, the representation SRH[n] is used as a
   shorter representation of Segment List[n], as defined in [RFC8754].

   This document uses the following conventions throughout the different
   examples:

   *  gNB::1 is an IPv6 address (SID) assigned to the gNB.

   *  U1::1 is an IPv6 address (SID) assigned to UPF1.

   *  U2::1 is an IPv6 address (SID) assigned to UPF2.

   *  U2:: is the Locator of UPF2.

2.3.  Predefined SRv6 Endpoint Behaviors

   The following SRv6 Endpoint Behaviors are used throughout this
   document.  They are defined in [RFC8986].

   *  End.DT4: Decapsulation and Specific IPv4 Table Lookup

   *  End.DT6: Decapsulation and Specific IPv6 Table Lookup

   *  End.DT46: Decapsulation and Specific IP Table Lookup

   *  End.DX4: Decapsulation and IPv4 Cross-Connect

   *  End.DX6: Decapsulation and IPv6 Cross-Connect

   *  End.DX2: Decapsulation and L2 Cross-Connect

   *  End.T: Endpoint with specific IPv6 Table Lookup

   This document defines new SRv6 Endpoint Behaviors in Section 6.

3.  Motivation

   Mobile networks are becoming more challenging to operate.  On one
   hand, traffic is constantly growing, and latency requirements are
   tighter; on the other hand, there are new use cases like distributed
   NFV Infrastructure that are also challenging network operations.  On
   top of this, the number of devices connected is steadily growing,
   causing scalability problems in mobile entities as the state to
   maintain keeps increasing.

   The current architecture of mobile networks does not take into
   account the underlying transport.  The user plane is rigidly
   fragmented into radio access, core, and service networks that
   connected by tunneling according to user-plane roles such as access
   and anchor nodes.  These factors have made it difficult for the
   operator to optimize and operate the data path.

   In the meantime, applications have shifted to use IPv6, and network
   operators have started adopting IPv6 as their IP transport.  SRv6,
   the IPv6 data plane instantiation of Segment Routing [RFC8402],
   integrates both the application data path and the underlying
   transport layer into a single protocol, allowing operators to
   optimize the network in a simplified manner and removing forwarding
   state from the network.  It is also suitable for virtualized
   environments, like VNF/CNF-to-VNF/CNF networking.  SRv6 has been
   deployed in dozens of networks [SRV6-DEPLOY-STAT].

   SRv6 defines the network programming concept [RFC8986].  Applied to
   mobility, SRv6 can provide the user-plane behaviors needed for
   mobility management.  SRv6 takes advantage of the underlying
   transport awareness and flexibility together with the ability to also
   include services to optimize the end-to-end mobile data plane.

   The use cases for SRv6 mobility are discussed in [SRV6-MOB-USECASES],
   and the architectural benefits are discussed in
   [SRV6-MOB-ARCH-DISCUSS].

4.  3GPP Reference Architecture

   This section presents the 3GPP reference architecture and possible
   deployment scenarios.

   Figure 1 shows a reference diagram from the 5G packet core
   architecture [TS.23501].

   The user plane described in this document does not depend on any
   specific architecture.  The 5G packet core architecture as shown is
   based on the 3GPP standards.

                                   +-----+
                                   | AMF |
                                  /+-----+
                                 /    | [N11]
                          [N2]  /  +-----+
                        +------/   | SMF |
                       /           +-----+
                      /              / \
                     /              /   \  [N4]
                    /              /     \                    ________
                   /              /       \                  /        \
   +--+      +-----+ [N3] +------+  [N9]  +------+  [N6]    /          \
   |UE|------| gNB |------| UPF1 |--------| UPF2 |--------- \    DN    /
   +--+      +-----+      +------+        +------+           \________/

                  Figure 1: 3GPP 5G Reference Architecture

   UE:  User Equipment

   gNB:  gNodeB with N3 interface towards packet core (and N2 for
      control plane)

   UPF1:  UPF with Interfaces N3 and N9 (and N4 for control plane)

   UPF2:  UPF with Interfaces N9 and N6 (and N4 for control plane)

   SMF:  Session Management Function

   AMF:  Access and Mobility Management Function

   DN:  Data Network, e.g., operator services and Internet access

   This reference diagram does not depict a UPF that is only connected
   to N9 interfaces, although the mechanisms defined in this document
   also work in such a case.

   Each session from a UE gets assigned to a UPF.  Sometimes multiple
   UPFs may be used, providing richer service functions.  A UE gets its
   IPv4 address, or IPv6 prefix, from the DHCP block of its UPF.  The
   UPF advertises that IP address block toward the Internet, ensuring
   that return traffic is routed to the right UPF.

5.  User-Plane Modes

   This section introduces an SRv6-based mobile user plane.  It presents
   two different "modes" that vary with respect to the use of SRv6.

   The first mode is the "Traditional mode", which inherits the current
   3GPP mobile architecture.  In this mode, the GTP-U protocol
   [TS.29281] is replaced by SRv6.  However, the N3, N9, and N6
   interfaces are still point-to-point interfaces with no intermediate
   waypoints as in the current mobile network architecture.

   The second mode is the "Enhanced mode".  This is an evolution from
   the "Traditional mode".  In this mode, the N3, N9, or N6 interfaces
   have intermediate waypoints (SIDs) that are used for traffic
   engineering or VNF purposes transparent to 3GPP functionalities.
   This results in optimal end-to-end policies across the mobile network
   with transport and services awareness.

   In both the Traditional and the Enhanced modes, this document assumes
   that the gNB as well as the UPFs are SR-aware (N3, N9, and
   potentially N6 interfaces are SRv6).

   In addition to those two modes, this document introduces three
   mechanisms for interworking with legacy access networks (those where
   the N3 interface is unmodified).  In this document, they are
   introduced as a variant to the Enhanced mode, but they are equally
   applicable to the Traditional mode.

   One of these mechanisms is designed to interwork with legacy gNBs
   using GTP-U/IPv4.  The second mechanism is designed to interwork with
   legacy gNBs using GTP-U/IPv6.  The third mechanism is another mode
   that allows deploying SRv6 when legacy gNBs and UPFs still run GTP-U.

   This document uses the SRv6 Endpoint Behaviors defined in [RFC8986]
   as well as the new SRv6 Endpoint Behaviors designed for the mobile
   user plane that are defined in Section 6 of this document.

5.1.  Traditional Mode

   In the Traditional mode, the existing mobile UPFs remain unchanged
   with the sole exception of the use of SRv6 as the data plane instead
   of GTP-U.  There is no impact to the rest of the mobile system.

   In existing 3GPP mobile networks, a PDU Session is mapped 1-for-1
   with a specific GTP-U tunnel (Tunnel Endpoint Identifier (TEID)).
   This 1-for-1 mapping is mirrored here to replace GTP-U encapsulation
   with the SRv6 encapsulation, while not changing anything else.  There
   will be a unique SRv6 SID associated with each PDU Session, and the
   SID list only contains a single SID.

   The Traditional mode minimizes the required changes to the mobile
   system; hence, it is a good starting point for forming common ground.

   The gNB/UPF control plane (N2/N4 interface) is unchanged;
   specifically, a single IPv6 address is provided to the gNB.  The same
   control plane signaling is used, and the gNB/UPF decides to use SRv6
   based on signaled GTP-U parameters per local policy.  The only
   information from the GTP-U parameters used for the SRv6 policy is the
   TEID, QFI (QoS Flow Identifier), and the IPv6 Destination Address.

   Our example topology is shown in Figure 2.  The gNB and the UPFs are
   SR-aware.  In the descriptions of the uplink and downlink packet
   flow, A is an IPv6 address of the UE, and Z is an IPv6 address
   reachable within the DN.  End.MAP, a new SRv6 Endpoint Behavior
   defined in Section 6.2, is used.

                                                              ________
                     SRv6           SRv6                     /        \
   +--+      +-----+ [N3] +------+  [N9]  +------+  [N6]    /          \
   |UE|------| gNB |------| UPF1 |--------| UPF2 |--------- \    DN    /
   +--+      +-----+      +------+        +------+           \________/
            SRv6 node     SRv6 node       SRv6 node

               Figure 2: Traditional Mode - Example Topology

5.1.1.  Packet Flow - Uplink

   The uplink packet flow is as follows:

         UE_out  : (A,Z)
         gNB_out : (gNB, U1::1) (A,Z)     -> H.Encaps.Red <U1::1>
         UPF1_out: (gNB, U2::1) (A,Z)     -> End.MAP
         UPF2_out: (A,Z)                  -> End.DT4 or End.DT6

   When the UE packet arrives at the gNB, the gNB performs an
   H.Encaps.Red operation.  Since there is only one SID, there is no
   need to push an SRH (reduced SRH). gNB only adds an outer IPv6 header
   with IPv6 DA U1::1. gNB obtains the SID U1::1 from the existing
   control plane (N2 interface).  U1::1 represents an anchoring SID
   specific for that session at UPF1.

   When the packet arrives at UPF1, the SID U1::1 is associated with the
   End.MAP SRv6 Endpoint Behavior.  End.MAP replaces U1::1 with U2::1,
   which belongs to the next UPF (U2).

   When the packet arrives at UPF2, the SID U2::1 corresponds to an
   End.DT4/End.DT6/End.DT46 SRv6 Endpoint Behavior.  UPF2 decapsulates
   the packet, performs a lookup in a specific table associated with
   that mobile network, and forwards the packet toward the DN.

5.1.2.  Packet Flow - Downlink

   The downlink packet flow is as follows:

       UPF2_in : (Z,A)
       UPF2_out: (U2::, U1::2) (Z,A)    -> H.Encaps.Red <U1::2>
       UPF1_out: (U2::, gNB::1) (Z,A)   -> End.MAP
       gNB_out : (Z,A)                  -> End.DX4, End.DX6, End.DX2

   When the packet arrives at the UPF2, the UPF2 maps that flow into a
   PDU Session.  This PDU Session is associated with the segment
   endpoint <U1::2>.  UPF2 performs an H.Encaps.Red operation,
   encapsulating the packet into a new IPv6 header with no SRH since
   there is only one SID.

   Upon packet arrival on UPF1, the SID U1::2 is a local SID associated
   with the End.MAP SRv6 Endpoint Behavior.  It maps the SID to the next
   anchoring point and replaces U1::2 with gNB::1, which belongs to the
   next hop.

   Upon packet arrival on gNB, the SID gNB::1 corresponds to an End.DX4,
   End.DX6, or End.DX2 behavior (depending on the PDU Session Type).
   The gNB decapsulates the packet, removing the IPv6 header and all its
   extensions headers, and forwards the traffic toward the UE.

5.2.  Enhanced Mode

   Enhanced mode improves scalability, provides traffic engineering
   capabilities, and allows service programming [SR-SERV-PROG], thanks
   to the use of multiple SIDs in the SID list (instead of a direct
   connectivity in between UPFs with no intermediate waypoints as in
   Traditional mode).

   Thus, the main difference is that the SR Policy MAY include SIDs for
   traffic engineering and service programming in addition to the
   anchoring SIDs at UPFs.

   Additionally, in this mode, the operator may choose to aggregate
   several devices under the same SID list (e.g., stationary residential
   meters (water and energy) connected to the same cell) to improve
   scalability.

   The gNB/UPF control plane (N2/N4 interface) is unchanged;
   specifically, a single IPv6 address is provided to the gNB.  A local
   policy instructs the gNB to use SRv6.

   The gNB resolves the IP address received via the control plane into a
   SID list.  The resolution mechanism is out of the scope of this
   document.

   Note that the SIDs MAY use the argument Args.Mob.Session
   (Section 6.1) if required by the UPFs.

   Figure 3 shows an Enhanced mode topology.  The gNB and the UPF are
   SR-aware.  The figure shows two service segments, S1 and C1.  S1
   represents a VNF in the network, and C1 represents an intermediate
   router used for traffic engineering purposes to enforce a low-latency
   path in the network.  Note that neither S1 nor C1 are required to
   have an N4 interface.

                                    +----+  SRv6               _______
                    SRv6          --| C1 |--[N3]              /       \
   +--+    +-----+  [N3]         /  +----+  \  +------+ [N6] /         \
   |UE|----| gNB |--       SRv6 /    SRv6    --| UPF1 |------\   DN    /
   +--+    +-----+  \      [N3]/      TE       +------+       \_______/
          SRv6 node  \ +----+ /               SRv6 node
                      -| S1 |-
                       +----+
                      SRv6 node
                        VNF

                 Figure 3: Enhanced Mode - Example Topology

5.2.1.  Packet Flow - Uplink

   The uplink packet flow is as follows:

   UE_out  : (A,Z)
   gNB_out : (gNB, S1)(U1::1, C1; SL=2)(A,Z)->H.Encaps.Red<S1,C1,U1::1>
   S1_out  : (gNB, C1)(U1::1, C1; SL=1)(A,Z)
   C1_out  : (gNB, U1::1)(A,Z)              ->End with PSP
   UPF1_out: (A,Z)                          ->End.DT4,End.DT6,End.DT2U

   UE sends its packet (A,Z) on a specific bearer to its gNB.  gNB's
   control plane associates that session from the UE(A) with the IPv6
   address B.  gNB resolves B into a SID list <S1, C1, U1::1>.

   When gNB transmits the packet, it contains all the segments of the SR
   Policy.  The SR Policy includes segments for traffic engineering (C1)
   and for service programming (S1).

   Nodes S1 and C1 perform their related Endpoint functionality and
   forward the packet.  The "End with PSP" functionality refers to the
   Endpoint Behavior with Penultimate Segment Popping as defined in
   [RFC8986].

   When the packet arrives at UPF1, the active segment (U1::1) is an
   End.DT4/End.DT6/End.DT2U, which performs the decapsulation (removing
   the IPv6 header with all its extension headers) and forwards toward
   the DN.

5.2.2.  Packet Flow - Downlink

   The downlink packet flow is as follows:

   UPF1_in : (Z,A)                             ->UPF1 maps the flow w/
                                                 SID list <C1,S1, gNB>
   UPF1_out: (U1::1, C1)(gNB::1, S1; SL=2)(Z,A)->H.Encaps.Red
   C1_out  : (U1::1, S1)(gNB::1, S1; SL=1)(Z,A)
   S1_out  : (U1::1, gNB::1)(Z,A)              ->End with PSP
   gNB_out : (Z,A)                             ->End.DX4/End.DX6/End.DX2

   When the packet arrives at the UPF1, the UPF1 maps that particular
   flow into a UE PDU Session.  This UE PDU Session is associated with
   the policy <C1, S1, gNB>.  The UPF1 performs a H.Encaps.Red
   operation, encapsulating the packet into a new IPv6 header with its
   corresponding SRH.

   The nodes C1 and S1 perform their related Endpoint processing.

   Once the packet arrives at the gNB, the IPv6 DA corresponds to an
   End.DX4, End.DX6, or End.DX2 behavior at the gNB (depending on the
   underlying traffic).  The gNB decapsulates the packet, removing the
   IPv6 header, and forwards the traffic towards the UE.  The SID gNB::1
   is one example of a SID associated to this service.

   Note that there are several means to provide the UE session
   aggregation.  The decision about which one to use is a local decision
   made by the operator.  One option is to use Args.Mob.Session
   (Section 6.1).  Another option comprises the gNB performing an IP
   lookup on the inner packet by using the End.DT4, End.DT6, and
   End.DT2U behaviors.

5.2.3.  Scalability

   The Enhanced mode improves scalability since it allows the
   aggregation of several UEs under the same SID list.  For example, in
   the case of stationary residential meters that are connected to the
   same cell, all such devices can share the same SID list.  This
   improves scalability compared to Traditional mode (unique SID per UE)
   and compared to GTP-U (TEID per UE).

5.3.  Enhanced Mode with Unchanged gNB GTP-U Behavior

   This section describes two mechanisms for interworking with legacy
   gNBs that still use GTP-U: one for IPv4 and another for IPv6.

   In the interworking scenarios illustrated in Figure 4, the gNB does
   not support SRv6.  The gNB supports GTP-U encapsulation over IPv4 or
   IPv6.  To achieve interworking, an SR Gateway (SRGW) entity is added.
   The SRGW is a new entity that maps the GTP-U traffic into SRv6.  It
   is deployed at the boundary of the SR domain and performs the mapping
   functionality for inbound and outbound traffic.

   The SRGW is not an anchor point and maintains very little state.  For
   this reason, both IPv4 and IPv6 methods scale to millions of UEs.

                                                              _______
                     IP GTP-U        SRv6                    /       \
    +--+      +-----+ [N3] +------+  [N9]  +------+  [N6]   /         \
    |UE|------| gNB |------| SRGW |--------| UPF  |---------\   DN    /
    +--+      +-----+      +------+        +------+          \_______/
                          SR Gateway       SRv6 node

                Figure 4: Example Topology for Interworking

   Both of the mechanisms described in this section are applicable to
   the Traditional mode and the Enhanced mode.

5.3.1.  Interworking with IPv6 GTP-U

   In this interworking mode, the gNB at the N3 interface uses GTP-U
   over IPv6.

   Key points:

   *  The gNB is unchanged (control plane or user plane) and
      encapsulates into GTP-U (N3 interface is not modified).

   *  The 5G control plane towards the gNB (N2 interface) is unmodified,
      though multiple UPF addresses need to be used.  One IPv6 address
      (i.e., a BSID at the SRGW) is needed per <SLA, PDU Session Type>.
      The SRv6 SID is different depending on the required <SLA, PDU
      Session Type> combination.

   *  In the uplink, the SRGW removes the GTP-U header, finds the SID
      list related to the IPv6 DA, and adds SRH with the SID list.

   *  There is no state for the downlink at the SRGW.

   *  There is simple state in the uplink at the SRGW; using Enhanced
      mode results in fewer SR Policies on this node.  An SR Policy is
      shared across UEs as long as they belong to the same context
      (i.e., tenant).  A set of many different policies (i.e., different
      SLAs) increases the amount of state required.

   *  When a packet from the UE leaves the gNB, it is SR-routed.  This
      simplifies network slicing [RFC9350].

   *  In the uplink, the SRv6 BSID steers traffic into an SR Policy when
      it arrives at the SRGW.

   An example topology is shown in Figure 5.

   S1 and C1 are two service segments.  S1 represents a VNF in the
   network, and C1 represents a router configured for traffic
   engineering.

                                  +----+
                IPv6/GTP-U       -| S1 |-                            ___
   +--+  +-----+ [N3]           / +----+ \                          /
   |UE|--| gNB |-         SRv6 /   SRv6   \ +----+   +------+ [N6] /
   +--+  +-----+ \        [N9]/     VNF    -| C1 |---| UPF2 |------\  DN
           GTP-U  \ +------+ /              +----+   +------+       \___
                   -| SRGW |-                SRv6      SRv6
                    +------+                  TE
                   SR Gateway

       Figure 5: Enhanced Mode with Unchanged gNB IPv6/GTP-U Behavior

5.3.1.1.  Packet Flow - Uplink

   The uplink packet flow is as follows:

   UE_out  : (A,Z)
   gNB_out : (gNB, B)(GTP: TEID T)(A,Z)       -> Interface N3 unmodified
                                                 (IPv6/GTP)
   SRGW_out: (SRGW, S1)(U2::T, C1; SL=2)(A,Z) -> B is an End.M.GTP6.D
                                                 SID at the SRGW
   S1_out  : (SRGW, C1)(U2::T, C1; SL=1)(A,Z)
   C1_out  : (SRGW, U2::T)(A,Z)               -> End with PSP
   UPF2_out: (A,Z)                            -> End.DT4 or End.DT6

   The UE sends a packet destined to Z toward the gNB on a specific
   bearer for that session.  The gNB, which is unmodified, encapsulates
   the packet into IPv6, UDP, and GTP-U headers.  The IPv6 DA B and the
   GTP-U TEID T are the ones received in the N2 interface.

   The IPv6 address that was signaled over the N2 interface for that UE
   PDU Session, B, is now the IPv6 DA.  B is an SRv6 Binding SID at the
   SRGW.  Hence, the packet is routed to the SRGW.

   When the packet arrives at the SRGW, the SRGW identifies B as an
   End.M.GTP6.D Binding SID (see Section 6.3).  Hence, the SRGW removes
   the IPv6, UDP, and GTP-U headers and pushes an IPv6 header with its
   own SRH containing the SIDs bound to the SR Policy associated with
   this Binding SID.  There is at least one instance of the End.M.GTP6.D
   SID per PDU type.

   S1 and C1 perform their related Endpoint functionality and forward
   the packet.

   When the packet arrives at UPF2, the active segment is (U2::T), which
   is bound to End.DT4/6.  UPF2 then decapsulates (removing the outer
   IPv6 header with all its extension headers) and forwards the packet
   toward the DN.

5.3.1.2.  Packet Flow - Downlink

   The downlink packet flow is as follows:

   UPF2_in : (Z,A)                           -> UPF2 maps the flow with
                                                <C1, S1, SRGW::TEID,gNB>
   UPF2_out: (U2::1, C1)(gNB, SRGW::TEID, S1; SL=3)(Z,A) -> H.Encaps.Red
   C1_out  : (U2::1, S1)(gNB, SRGW::TEID, S1; SL=2)(Z,A)
   S1_out  : (U2::1, SRGW::TEID)(gNB, SRGW::TEID, S1, SL=1)(Z,A)
   SRGW_out: (SRGW, gNB)(GTP: TEID=T)(Z,A)   -> SRGW/96 is End.M.GTP6.E
   gNB_out : (Z,A)

   When a packet destined to A arrives at the UPF2, the UPF2 performs a
   lookup in the table associated to A and finds the SID list <C1, S1,
   SRGW::TEID, gNB>.  The UPF2 performs an H.Encaps.Red operation,
   encapsulating the packet into a new IPv6 header with its
   corresponding SRH.

   C1 and S1 perform their related Endpoint processing.

   Once the packet arrives at the SRGW, the SRGW identifies the active
   SID as an End.M.GTP6.E function.  The SRGW removes the IPv6 header
   and all its extensions headers.  The SRGW generates new IPv6, UDP,
   and GTP-U headers.  The new IPv6 DA is the gNB, which is the last SID
   in the received SRH.  The TEID in the generated GTP-U header is also
   an argument of the received End.M.GTP6.E SID.  The SRGW pushes the
   headers to the packet and forwards the packet toward the gNB.  There
   is one instance of the End.M.GTP6.E SID per PDU type.

   Once the packet arrives at the gNB, the packet is a regular IPv6/
   GTP-U packet.  The gNB looks for the specific radio bearer for that
   TEID and forwards it on the bearer.  This gNB behavior is not
   modified from current and previous generations.

5.3.1.3.  Scalability

   For downlink traffic, the SRGW is stateless.  All the state is in the
   SRH pushed by the UPF2.  The UPF2 must have the UE state since it is
   the UE's session anchor point.

   For uplink traffic, the state at the SRGW does not necessarily need
   to be unique per PDU Session; the SR Policy can be shared among UEs.
   This enables more scalable SRGW deployments compared to a solution
   holding millions of states, one or more per UE.

5.3.2.  Interworking with IPv4 GTP-U

   In this interworking mode, the gNB uses GTP over IPv4 in the N3
   interface.

   Key points:

   *  The gNB is unchanged and encapsulates packets into GTP-U (the N3
      interface is not modified).

   *  N2 signaling is not changed, though multiple UPF addresses need to
      be provided -- one for each PDU Session Type.

   *  In the uplink, traffic is classified by SRGW's classification
      engine and steered into an SR Policy.  The SRGW may be implemented
      in a UPF or as a separate entity.  How the classification engine
      rules are set up is outside the scope of this document, though one
      example is using BGP signaling from a Mobile User Plane (MUP)
      Controller [MUP-SR-ARCH].

   *  SRGW removes the GTP-U header, finds the SID list related to DA,
      and adds an SRH with the SID list.

   An example topology is shown in Figure 6.  In this mode, the gNB is
   an unmodified gNB using IPv4/GTP.  The UPFs are SR-aware.  As before,
   the SRGW maps the IPv4/GTP-U traffic to SRv6.

   S1 and C1 are two service segment endpoints.  S1 represents a VNF in
   the network, and C1 represents a router configured for traffic
   engineering.

                                  +----+
                IPv4/GTP-U       -| S1 |-                            ___
   +--+  +-----+ [N3]           / +----+ \                          /
   |UE|--| gNB |-         SRv6 /   SRv6   \ +----+   +------+ [N6] /
   +--+  +-----+ \        [N9]/     VNF    -| C1 |---| UPF2 |------\  DN
           GTP-U  \ +------+ /              +----+   +------+       \___
                   -| UPF1 |-                SRv6      SRv6
                    +------+                  TE
                   SR Gateway

       Figure 6: Enhanced Mode with Unchanged gNB IPv4/GTP-U Behavior

5.3.2.1.  Packet Flow - Uplink

   The uplink packet flow is as follows:

   gNB_out : (gNB, B)(GTP: TEID T)(A,Z)          -> Interface N3
                                                    unchanged IPv4/GTP
   SRGW_out: (SRGW, S1)(U2::1, C1; SL=2)(A,Z)    -> H.M.GTP4.D function
   S1_out  : (SRGW, C1)(U2::1, C1; SL=1)(A,Z)
   C1_out  : (SRGW, U2::1) (A,Z)                 -> PSP
   UPF2_out: (A,Z)                               -> End.DT4 or End.DT6

   The UE sends a packet destined to Z toward the gNB on a specific
   bearer for that session.  The gNB, which is unmodified, encapsulates
   the packet into a new IPv4, UDP, and GTP-U headers.  The IPv4 DA, B,
   and the GTP-UTEID are the ones received at the N2 interface.

   When the packet arrives at the SRGW for UPF1, the SRGW has a
   classification engine rule for incoming traffic from the gNB that
   steers the traffic into an SR Policy by using the function
   H.M.GTP4.D.  The SRGW removes the IPv4, UDP, and GTP headers and
   pushes an IPv6 header with its own SRH containing the SIDs related to
   the SR Policy associated with this traffic.  The SRGW forwards
   according to the new IPv6 DA.

   S1 and C1 perform their related Endpoint functionality and forward
   the packet.

   When the packet arrives at UPF2, the active segment is (U2::1), which
   is bound to End.DT4/6, which performs the decapsulation (removing the
   outer IPv6 header with all its extension headers) and forwards toward
   the DN.

   Note that the interworking mechanisms for IPv4/GTP-U and IPv6/GTP-U
   differ.  This is due to the fact that IPv6/GTP-U can leverage the
   remote steering capabilities provided by the Segment Routing BSID.
   In IPv4, this construct is not available, and building a similar
   mechanism would require a significant address consumption.

5.3.2.2.  Packet Flow - Downlink

   The downlink packet flow is as follows:

   UPF2_in : (Z,A)                            -> UPF2 maps flow with SID
                                               <C1, S1,GW::SA:DA:TEID>
   UPF2_out: (U2::1, C1)(GW::SA:DA:TEID, S1; SL=2)(Z,A) ->H.Encaps.Red
   C1_out  : (U2::1, S1)(GW::SA:DA:TEID, S1; SL=1)(Z,A)
   S1_out  : (U2::1, GW::SA:DA:TEID)(Z,A)
   SRGW_out: (GW, gNB)(GTP: TEID=T)(Z,A)       -> End.M.GTP4.E
   gNB_out : (Z,A)

   When a packet destined to A arrives at the UPF2, the UPF2 performs a
   lookup in the table associated to A and finds the SID list <C1, S1,
   SRGW::SA:DA:TEID>.  The UPF2 performs an H.Encaps.Red operation,
   encapsulating the packet into a new IPv6 header with its
   corresponding SRH.

   The nodes C1 and S1 perform their related Endpoint processing.

   Once the packet arrives at the SRGW, the SRGW identifies the active
   SID as an End.M.GTP4.E function.  The SRGW removes the IPv6 header
   and all its extensions headers.  The SRGW generates IPv4, UDP, and
   GTP-U headers.  The IPv4 SA and DA are received as SID arguments.
   The TEID in the generated GTP-U header is the argument of the
   received End.M.GTP4.E SID.  The SRGW pushes the headers to the packet
   and forwards the packet toward the gNB.

   When the packet arrives at the gNB, the packet is a regular IPv4/
   GTP-U packet.  The gNB looks for the specific radio bearer for that
   TEID and forwards it on the bearer.  This gNB behavior is not
   modified from current and previous generations.

5.3.2.3.  Scalability

   For downlink traffic, the SRGW is stateless.  All the state is in the
   SRH pushed by the UPF2.  The UPF must have this UE-base state anyway
   (since it is its anchor point).

   For uplink traffic, the state at the SRGW is dedicated on a per-UE/
   session basis according to a classification engine.  There is state
   for steering the different sessions in the form of an SR Policy.
   However, SR Policies are shared among several UE/sessions.

5.3.3.  Extensions to the Interworking Mechanisms

   This section presents two mechanisms for interworking with gNBs and
   UPFs that do not support SRv6.  These mechanisms are used to support
   GTP-U over IPv4 and IPv6.

   Even though these methods are presented as an extension to the
   Enhanced mode, they are also applicable to the Traditional mode.

5.4.  SRv6 Drop-In Interworking

   This section introduces another mode useful for legacy gNB and UPFs
   that still operate with GTP-U.  This mode provides an SRv6-enabled
   user plane in between two GTP-U tunnel endpoints.

   This mode employs two SRGWs that map GTP-U traffic to SRv6 and vice
   versa.

   Unlike other interworking modes, in this mode, both of the mobility
   overlay endpoints use GTP-U.  Two SRGWs are deployed in either an N3
   or N9 interface to realize an intermediate SR Policy.

                               +----+
                              -| S1 |-
   +-----+                   / +----+ \
   | gNB |-            SRv6 /   SRv6   \ +----+   +--------+    +-----+
   +-----+  \              /     VNF    -| C1 |---| SRGW-B |----| UPF |
      GTP[N3]\ +--------+ /              +----+   +--------+    +-----+
              -| SRGW-A |-                SRv6   SR Gateway-B     GTP
               +--------+                  TE
              SR Gateway-A

              Figure 7: Example Topology for SRv6 Drop-In Mode

   The packet flow of Figure 7 is as follows:

   gNB_out : (gNB, U::1)(GTP: TEID T)(A,Z)
   GW-A_out: (GW-A, S1)(U::1, SGB::TEID, C1; SL=3)(A,Z)->U::1 is an
                                                         End.M.GTP6.D.Di
                                                         SID at SRGW-A
   S1_out  : (GW-A, C1)(U::1, SGB::TEID, C1; SL=2)(A,Z)
   C1_out  : (GW-A, SGB::TEID)(U::1, SGB::TEID, C1; SL=1)(A,Z)
   GW-B_out: (GW-B, U::1)(GTP: TEID T)(A,Z)            ->SGB::TEID is an
                                                         End.M.GTP6.E
                                                         SID at SRGW-B
   UPF_out : (A,Z)

   When a packet destined to Z is sent to the gNB, which is unmodified
   (control plane and user plane remain GTP-U), gNB performs
   encapsulation into new IP, UDP, and GTP-U headers.  The IPv6 DA,
   U::1, and GTP-U TEID are the ones received at the N2 interface.

   The IPv6 address that was signaled over the N2 interface for that PDU
   Session, U::1, is now the IPv6 DA.  U::1 is an SRv6 Binding SID at
   SRGW-A.  Hence, the packet is routed to the SRGW.

   When the packet arrives at SRGW-A, the SRGW identifies U::1 as an
   End.M.GTP6.D.Di Binding SID (see Section 6.4).  Hence, the SRGW
   removes the IPv6, UDP, and GTP-U headers and pushes an IPv6 header
   with its own SRH containing the SIDs bound to the SR Policy
   associated with this Binding SID.  There is one instance of the
   End.M.GTP6.D.Di SID per PDU type.

   S1 and C1 perform their related Endpoint functionality and forward
   the packet.

   Once the packet arrives at SRGW-B, the SRGW identifies the active SID
   as an End.M.GTP6.E function.  The SRGW removes the IPv6 header and
   all its extensions headers.  The SRGW generates new IPv6, UDP, and
   GTP headers.  The new IPv6 DA is U::1, which is the last SID in the
   received SRH.  The TEID in the generated GTP-U header is an argument
   of the received End.M.GTP6.E SID.  The SRGW pushes the headers to the
   packet and forwards the packet toward UPF.  There is one instance of
   the End.M.GTP6.E SID per PDU type.

   Once the packet arrives at UPF, the packet is a regular IPv6/GTP
   packet.  The UPF looks for the specific rule for that TEID to forward
   the packet.  This UPF behavior is not modified from current and
   previous generations.

6.  SRv6 Segment Endpoint Mobility Behaviors

   This section introduces new SRv6 Endpoint Behaviors for the mobile
   user plane.  The behaviors described in this document are compatible
   with the NEXT and REPLACE flavors defined in [SRV6-SRH-COMPRESSION].

6.1.  Args.Mob.Session

   Args.Mob.Session provides per-session information for charging,
   buffering, or other purposes required by some mobile nodes.  The
   Args.Mob.Session argument format is used in combination with the
   End.Map, End.DT4/End.DT6/End.DT46, and End.DX4/End.DX6/End.DX2
   behaviors.  Note that proposed format is applicable for 5G networks,
   while similar formats could be used for legacy networks.

      0                   1                   2                   3
      0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     |   QFI     |R|U|                PDU Session ID                 |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     |PDU Sess(cont')|
     +-+-+-+-+-+-+-+-+

                     Figure 8: Args.Mob.Session Format

   QFI:  QoS Flow Identifier [TS.38415].

   R:  Reflective QoS Indication [TS.23501].  This parameter indicates
      the activation of reflective QoS towards the UE for the
      transferred packet.  Reflective QoS enables the UE to map uplink
      user-plane traffic to QoS flows without SMF-provided QoS rules.

   U:  Unused and for future use.  MUST be 0 on transmission and ignored
      on receipt.

   PDU Session ID:  Identifier of PDU Session.  The GTP-U equivalent is
      TEID.

   Args.Mob.Session is required in case one SID aggregates multiple PDU
   Sessions.  Since the SRv6 SID is likely NOT to be instantiated per
   PDU Session, Args.Mob.Session helps the UPF to perform the behaviors
   that require granularity per QFI and/or per PDU Session.

   Note that the encoding of user-plane messages (e.g., Echo Request,
   Echo Reply, Error Indication, and End Marker) is out of the scope of
   this document.  [SRV6-UP-MSG-ENCODING] defines one possible encoding
   method.

6.2.  End.MAP

   End.MAP (Endpoint Behavior with SID mapping) is used in several
   scenarios.  Particularly in mobility, End.MAP is used by the
   intermediate UPFs.

   When node N receives a packet whose IPv6 DA is D and D is a local
   End.MAP SID, N does the following:

   S01. If (IPv6 Hop Limit <= 1) {
   S02.    Send an ICMP Time Exceeded message to the Source Address with
              Code 0 (Hop limit exceeded in transit),
              interrupt packet processing, and discard the packet.
   S03. }
   S04. Decrement IPv6 Hop Limit by 1
   S05. Update the IPv6 DA with the new mapped SID
   S06. Submit the packet to the egress IPv6 FIB lookup for
           transmission to the new destination

   Note: The SRH is not modified (neither the SID nor the SL value).

6.3.  End.M.GTP6.D

   End.M.GTP6.D (Endpoint Behavior with IPv6/GTP-U decapsulation into SR
   Policy) is used in the interworking scenario for the uplink towards
   SRGW from the legacy gNB using IPv6/GTP.  Any SID instance of this
   behavior is associated with an SR Policy B and an IPv6 Source Address
   S.

   When the SR Gateway node N receives a packet destined to D, and D is
   a local End.M.GTP6.D SID, N does the following:

   S01. When an SRH is processed {
   S02.   If (Segments Left != 0) {
   S03.      Send an ICMP Parameter Problem to the Source Address with
                Code 0 (Erroneous header field encountered) and
                Pointer set to the Segments Left field,
                interrupt packet processing, and discard the packet.
   S04.   }
   S05.   Proceed to process the next header in the packet
   S06. }

   When processing the Upper-Layer header of a packet matching a FIB
   entry locally instantiated as an End.M.GTP6.D SID, N does the
   following:

   S01. If (Next Header (NH) == UDP & UDP_Dest_port == GTP) {
   S02.    Copy the GTP-U TEID and QFI to buffer memory
   S03.    Pop the IPv6, UDP, and GTP-U headers
   S04.    Push a new IPv6 header with its own SRH containing B
   S05.    Set the outer IPv6 SA to S
   S06.    Set the outer IPv6 DA to the first SID of B
   S07.    Set the outer Payload Length, Traffic Class, Flow Label,
              Hop Limit, and Next Header (NH) fields
   S08.    Write in the SRH[0] the Args.Mob.Session based on
              the information in buffer memory
   S09.    Submit the packet to the egress IPv6 FIB lookup for
              transmission to the new destination
   S10. } Else {
   S11.    Process as per [RFC8986], Section 4.1.1
   S12. }

   Notes:

   *  In line S07, the NH is set based on the SID parameter.  There is
      one instantiation of the End.M.GTP6.D SID per PDU Session Type;
      hence, the NH is already known in advance.  In addition, for the
      IPv4v6 PDU Session Type, the router inspects the first nibble of
      the PDU to know the NH value.

   *  The last segment SHOULD be followed by an Args.Mob.Session
      argument space, which is used to provide the session identifiers,
      as shown in line S08.

6.4.  End.M.GTP6.D.Di

   End.M.GTP6.D.Di (Endpoint Behavior with IPv6/GTP-U decapsulation into
   SR Policy for Drop-in Mode) is used in the SRv6 drop-in interworking
   scenario described in Section 5.4.  The difference between
   End.M.GTP6.D as another variant of the IPv6/GTP decapsulation
   function is that the original IPv6 DA of the GTP-U packet is
   preserved as the last SID in SRH.

   Any SID instance of this behavior is associated with an SR Policy B
   and an IPv6 Source Address S.

   When the SR Gateway node N receives a packet destined to D, and D is
   a local End.M.GTP6.D.Di SID, N does the following:

   S01. When an SRH is processed {
   S02.   If (Segments Left != 0) {
   S03.      Send an ICMP Parameter Problem to the Source Address with
                Code 0 (Erroneous header field encountered) and
                Pointer set to the Segments Left field,
                interrupt packet processing, and discard the packet.
   S04.   }
   S05.   Proceed to process the next header in the packet
   S06. }

   When processing the Upper-Layer header of a packet matching a FIB
   entry locally instantiated as an End.M.GTP6.Di SID, N does the
   following:

   S01. If (Next Header = UDP & UDP_Dest_port = GTP) {
   S02.    Copy D to buffer memory
   S03.    Pop the IPv6, UDP, and GTP-U headers
   S04.    Push a new IPv6 header with its own SRH containing B
   S05.    Set the outer IPv6 SA to S
   S06.    Set the outer IPv6 DA to the first SID of B
   S07.    Set the outer Payload Length, Traffic Class, Flow Label,
              Hop Limit, and Next Header fields
   S08.    Prepend D to the SRH (as SRH[0]) and set SL accordingly
   S09.    Submit the packet to the egress IPv6 FIB lookup for
              transmission to the new destination
   S10. } Else {
   S11.    Process as per [RFC8986], Section 4.1.1
   S12. }

   Notes:

   *  In line S07, the NH is set based on the SID parameter.  There is
      one instantiation of the End.M.GTP6.Di SID per PDU Session Type;
      hence, the NH is already known in advance.  In addition, for the
      IPv4v6 PDU Session Type, the router inspects the first nibble of
      the PDU to know the NH value.

   *  S SHOULD be an End.M.GTP6.E SID instantiated at the SR Gateway.

6.5.  End.M.GTP6.E

   End.M.GTP6.E (Endpoint Behavior with encapsulation for IPv6/GTP-U
   tunnel" behavior) is used among others in the interworking scenario
   for the downlink toward the legacy gNB using IPv6/GTP.

   The prefix of End.M.GTP6.E SID MUST be followed by the
   Args.Mob.Session argument space, which is used to provide the session
   identifiers.

   When the SR Gateway node N receives a packet destined to D, and D is
   a local End.M.GTP6.E SID, N does the following:

   S01. When an SRH is processed {
   S02.   If (Segments Left != 1) {
   S03.      Send an ICMP Parameter Problem to the Source Address with
                Code 0 (Erroneous header field encountered) and
                Pointer set to the Segments Left field,
                interrupt packet processing, and discard the packet.
   S04.   }
   S05.   Proceed to process the next header in the packet
   S06. }

   When processing the Upper-Layer header of a packet matching a FIB
   entry locally instantiated as an End.M.GTP6.E SID, N does the
   following:

   S01.    Copy SRH[0] and D to buffer memory
   S02.    Pop the IPv6 header and all its extension headers
   S03.    Push a new IPv6 header with a UDP/GTP-U header
   S04.    Set the outer IPv6 SA to S
   S05.    Set the outer IPv6 DA from buffer memory
   S06.    Set the outer Payload Length, Traffic Class, Flow Label,
              Hop Limit, and Next Header fields
   S07.    Set the GTP-U TEID (from buffer memory)
   S08.    Submit the packet to the egress IPv6 FIB lookup for
              transmission to the new destination

   Notes:

   *  An End.M.GTP6.E SID MUST always be the penultimate SID.  The TEID
      is extracted from the argument space of the current SID.

   *  The source address S SHOULD be an End.M.GTP6.D SID instantiated at
      the egress SR Gateway.

6.6.  End.M.GTP4.E

   End.M.GTP4.E (Endpoint Behavior with encapsulation for IPv4/GTP-U
   tunnel) is used in the downlink when doing interworking with legacy
   gNB using IPv4/GTP.

   When the SR Gateway node N receives a packet destined to S, and S is
   a local End.M.GTP4.E SID, N does the following:

   S01. When an SRH is processed {
   S02.   If (Segments Left != 0) {
   S03.      Send an ICMP Parameter Problem to the Source Address with
                Code 0 (Erroneous header field encountered) and
                Pointer set to the Segments Left field,
                interrupt packet processing, and discard the packet.
   S04.   }
   S05.   Proceed to process the next header in the packet
   S06. }

   When processing the Upper-Layer header of a packet matching a FIB
   entry locally instantiated as an End.M.GTP4.E SID, N does the
   following:

   S01.    Store the IPv6 DA and SA in buffer memory
   S02.    Pop the IPv6 header and all its extension headers
   S03.    Push a new IPv4 header with a UDP/GTP-U header
   S04.    Set the outer IPv4 SA and DA (from buffer memory)
   S05.    Set the outer Total Length, DSCP, Time To Live, and
              Next Header fields
   S06.    Set the GTP-U TEID (from buffer memory)
   S07.    Submit the packet to the egress IPv4 FIB lookup for
              transmission to the new destination

   Notes:

   *  The End.M.GTP4.E SID in S has the following format:

        0                                                         127
        +-----------------------+-------+----------------+---------+
        |  SRGW-IPv6-LOC-FUNC   |IPv4DA |Args.Mob.Session|0 Padded |
        +-----------------------+-------+----------------+---------+
               128-a-b-c            a            b           c

                     Figure 9: End.M.GTP4.E SID Encoding

   *  The IPv6 Source Address has the following format:

        0                                                         127
        +----------------------+--------+--------------------------+
        |  Source UPF Prefix   |IPv4 SA | any bit pattern(ignored) |
        +----------------------+--------+--------------------------+
                 128-a-b            a                  b

                 Figure 10: IPv6 SA Encoding for End.M.GTP4.E

6.7.  H.M.GTP4.D

   H.M.GTP4.D (SR Policy Headend with tunnel decapsulation and map to an
   SRv6 policy) is used in the direction from the legacy IPv4 user plane
   to the SRv6 user-plane network.

   When the SR Gateway node N receives a packet destined to a SRGW-
   IPv4-Prefix, N does the following:

   S01. IF Payload == UDP/GTP-U THEN
   S02.    Pop the outer IPv4 header and UDP/GTP-U headers
   S03.    Copy IPv4 DA and TEID to form SID B
   S04.    Copy IPv4 SA to form IPv6 SA B'
   S05.    Encapsulate the packet into a new IPv6 header
   S06.    Set the IPv6 DA = B
   S07.    Forward along the shortest path to B
   S08. ELSE
   S09.    Drop the packet

   The SID B has the following format:

       0                                                         127
       +-----------------------+-------+----------------+---------+
       |Destination UPF Prefix |IPv4DA |Args.Mob.Session|0 Padded |
       +-----------------------+-------+----------------+---------+
              128-a-b-c            a            b           c

                     Figure 11: H.M.GTP4.D SID Encoding

   The SID B MAY be an SRv6 Binding SID instantiated at the first UPF
   (U1) to bind an SR Policy [RFC9256].

6.8.  End.Limit

   The mobile user plane requires a rate-limit feature.  For this
   purpose, this document defines a new behavior, called "End.Limit".
   The "End.Limit" behavior encodes in its arguments the rate-limiting
   parameter that should be applied to this packet.  Multiple flows of
   packets should have the same group identifier in the SID when those
   flows are in the same AMBR (Aggregate Maximum Bit Rate) group.  The
   encoding format of the rate-limit segment SID is as follows:

              +----------------------+----------+-----------+
              | LOC+FUNC rate-limit  | group-id | limit-rate|
              +----------------------+----------+-----------+
                    128-i-j                i          j

        Figure 12: End.Limit: Rate-Limiting Behavior Argument Format

   If the limit-rate bits are set to zero, the node should not do rate
   limiting unless static configuration or control plane sets the limit
   rate associated to the SID.

7.  SRv6-Supported 3GPP PDU Session Types

   The 3GPP [TS.23501] defines the following PDU Session Types:

   *  IPv4

   *  IPv6

   *  IPv4v6

   *  Ethernet

   *  Unstructured

   SRv6 supports the 3GPP PDU Session Types without any protocol
   overhead by using the corresponding SRv6 behaviors:

   *  End.DX4 and End.DT4 for IPv4 PDU Sessions

   *  End.DX6, End.DT6, and End.T for IPv6 PDU Sessions

   *  End.DT46 for IPv4v6 PDU Sessions

   *  End.DX2 for L2 and Unstructured PDU Sessions

8.  Network Slicing Considerations

   A mobile network may be required to implement "network slices", which
   logically separate network resources within the same SR domain.

   [RFC9256] describes a solution to build basic network slices with SR.
   Depending on the requirements, these slices can be further refined by
   adopting the mechanisms from:

   *  IGP Flex-Algo [RFC9350]

   *  Inter-Domain policies [RFC9087]

   Furthermore, these can be combined with ODN/AS (On-Demand Next Hop /
   Automated Steering) [RFC9256] for automated slice provisioning and
   traffic steering.

   Further details on how these tools can be used to create end-to-end
   network slices are documented in [NETWORK-SLICE].

9.  Control Plane Considerations

   This document focuses on user-plane behavior and its independence
   from the control plane.  While the SRv6 mobile user-plane behaviors
   may be utilized in emerging architectures (for example, those
   described in [MFA] and [MUP-SR-ARCH]), this document does not impose
   any change to the existent mobility control plane.

   Section 11 allocates SRv6 Endpoint Behavior codepoints for the new
   behaviors defined in this document.

10.  Security Considerations

   The security considerations for Segment Routing are discussed in
   [RFC8402].  More specifically, for SRv6, the security considerations
   and the mechanisms for securing an SR domain are discussed in
   [RFC8754].  Together, they describe the required security mechanisms
   that allow establishment of an SR domain of trust to operate
   SRv6-based services for internal traffic while preventing any
   external traffic from accessing or exploiting the SRv6-based
   services.

   The technology described in this document is applied to a mobile
   network that is within the SR domain.  It's important to note the
   resemblance between the SR domain and the 3GPP Packet Core Domain.

   This document introduces new SRv6 Endpoint Behaviors.  Those
   behaviors operate on control plane information, including information
   within the received SRH payload on which the behaviors operate.
   Altering the behaviors requires that an attacker alter the SR domain
   as defined in [RFC8754].  Those behaviors do not need any special
   security consideration given that they are deployed within that SR
   domain.

11.  IANA Considerations

   The following values have been allocated in the "SRv6 Endpoint
   Behaviors" [RFC8986] subregistry within the top-level "Segment
   Routing Parameters" registry:

      +=======+========+===================+===========+============+
      | Value |  Hex   | Endpoint Behavior | Reference |   Change   |
      |       |        |                   |           | Controller |
      +=======+========+===================+===========+============+
      | 40    | 0x0028 |      End.MAP      |  RFC 9433 |    IETF    |
      +-------+--------+-------------------+-----------+------------+
      | 41    | 0x0029 |     End.Limit     |  RFC 9433 |    IETF    |
      +-------+--------+-------------------+-----------+------------+
      | 69    | 0x0045 |    End.M.GTP6.D   |  RFC 9433 |    IETF    |
      +-------+--------+-------------------+-----------+------------+
      | 70    | 0x0046 |   End.M.GTP6.Di   |  RFC 9433 |    IETF    |
      +-------+--------+-------------------+-----------+------------+
      | 71    | 0x0047 |    End.M.GTP6.E   |  RFC 9433 |    IETF    |
      +-------+--------+-------------------+-----------+------------+
      | 72    | 0x0048 |    End.M.GTP4.E   |  RFC 9433 |    IETF    |
      +-------+--------+-------------------+-----------+------------+

          Table 1: SRv6 Mobile User-Plane Endpoint Behavior Types

12.  References

12.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <https://www.rfc-editor.org/info/rfc2119>.

   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
              May 2017, <https://www.rfc-editor.org/info/rfc8174>.

   [RFC8402]  Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L.,
              Decraene, B., Litkowski, S., and R. Shakir, "Segment
              Routing Architecture", RFC 8402, DOI 10.17487/RFC8402,
              July 2018, <https://www.rfc-editor.org/info/rfc8402>.

   [RFC8754]  Filsfils, C., Ed., Dukes, D., Ed., Previdi, S., Leddy, J.,
              Matsushima, S., and D. Voyer, "IPv6 Segment Routing Header
              (SRH)", RFC 8754, DOI 10.17487/RFC8754, March 2020,
              <https://www.rfc-editor.org/info/rfc8754>.

   [RFC8986]  Filsfils, C., Ed., Camarillo, P., Ed., Leddy, J., Voyer,
              D., Matsushima, S., and Z. Li, "Segment Routing over IPv6
              (SRv6) Network Programming", RFC 8986,
              DOI 10.17487/RFC8986, February 2021,
              <https://www.rfc-editor.org/info/rfc8986>.

   [RFC9256]  Filsfils, C., Talaulikar, K., Ed., Voyer, D., Bogdanov,
              A., and P. Mattes, "Segment Routing Policy Architecture",
              RFC 9256, DOI 10.17487/RFC9256, July 2022,
              <https://www.rfc-editor.org/info/rfc9256>.

   [TS.23501] 3GPP, "System architecture for the 5G System (5GS)",
              Version 17.9.0, 3GPP TS 23.501, June 2023.

12.2.  Informative References

   [MFA]      Gundavelli, S., Liebsch, M., and S. Matsushima, "Mobility-
              aware Floating Anchor (MFA)", Work in Progress, Internet-
              Draft, draft-gundavelli-dmm-mfa-01, 19 September 2018,
              <https://datatracker.ietf.org/doc/html/draft-gundavelli-
              dmm-mfa-01>.

   [MUP-SR-ARCH]
              Matsushima, S., Horiba, K., Khan, A., Kawakami, Y.,
              Murakami, T., Patel, K., Kohno, M., Kamata, T., Camarillo,
              P., Horn, J., Voyer, D., Zadok, S., Meilik, I., Agrawal,
              A., and K. Perumal, "Mobile User Plane Architecture using
              Segment Routing for Distributed Mobility Management", Work
              in Progress, Internet-Draft, draft-mhkk-dmm-srv6mup-
              architecture-05, 13 March 2023,
              <https://datatracker.ietf.org/doc/html/draft-mhkk-dmm-
              srv6mup-architecture-05>.

   [NETWORK-SLICE]
              Ali, Z., Filsfils, C., Camarillo, P., Voyer, D.,
              Matsushima, S., Rokui, R., Dhamija, A., and P. Maheshwari,
              "Building blocks for Network Slice Realization in Segment
              Routing Network", Work in Progress, Internet-Draft, draft-
              ali-teas-spring-ns-building-blocks-03, 7 September 2022,
              <https://datatracker.ietf.org/doc/html/draft-ali-teas-
              spring-ns-building-blocks-03>.

   [RFC9087]  Filsfils, C., Ed., Previdi, S., Dawra, G., Ed., Aries, E.,
              and D. Afanasiev, "Segment Routing Centralized BGP Egress
              Peer Engineering", RFC 9087, DOI 10.17487/RFC9087, August
              2021, <https://www.rfc-editor.org/info/rfc9087>.

   [RFC9350]  Psenak, P., Ed., Hegde, S., Filsfils, C., Talaulikar, K.,
              and A. Gulko, "IGP Flexible Algorithm", RFC 9350,
              DOI 10.17487/RFC9350, February 2023,
              <https://www.rfc-editor.org/info/rfc9350>.

   [SR-SERV-PROG]
              Clad, F., Ed., Xu, X., Ed., Filsfils, C., Bernier, D., Li,
              C., Decraene, B., Ma, S., Yadlapalli, C., Henderickx, W.,
              and S. Salsano, "Service Programming with Segment
              Routing", Work in Progress, Internet-Draft, draft-ietf-
              spring-sr-service-programming-07, 15 February 2023,
              <https://datatracker.ietf.org/doc/html/draft-ietf-spring-
              sr-service-programming-07>.

   [SRV6-DEPLOY-STAT]
              Matsushima, S., Filsfils, C., Ali, Z., Li, Z., Rajaraman,
              K., and A. Dhamija, "SRv6 Implementation and Deployment
              Status", Work in Progress, Internet-Draft, draft-
              matsushima-spring-srv6-deployment-status-15, 5 April 2022,
              <https://datatracker.ietf.org/doc/html/draft-matsushima-
              spring-srv6-deployment-status-15>.

   [SRV6-MOB-ARCH-DISCUSS]
              Kohno, M., Clad, F., Camarillo, P., and Z. Ali,
              "Architecture Discussion on SRv6 Mobile User plane", Work
              in Progress, Internet-Draft, draft-kohno-dmm-srv6mob-arch-
              06, 9 March 2023, <https://datatracker.ietf.org/doc/html/
              draft-kohno-dmm-srv6mob-arch-06>.

   [SRV6-MOB-USECASES]
              Camarillo, P., Ed., Filsfils, C., Elmalky, H., Ed.,
              Matsushima, S., Voyer, D., Cui, A., and B. Peirens, "SRv6
              Mobility Use-Cases", Work in Progress, Internet-Draft,
              draft-camarilloelmalky-springdmm-srv6-mob-usecases-02, 15
              August 2019, <https://datatracker.ietf.org/doc/html/draft-
              camarilloelmalky-springdmm-srv6-mob-usecases-02>.

   [SRV6-SRH-COMPRESSION]
              Cheng, W., Ed., Filsfils, C., Li, Z., Decraene, B., and F.
              Clad, Ed., "Compressed SRv6 Segment List Encoding in SRH",
              Work in Progress, Internet-Draft, draft-ietf-spring-srv6-
              srh-compression-05, 20 June 2023,
              <https://datatracker.ietf.org/doc/html/draft-ietf-spring-
              srv6-srh-compression-05>.

   [SRV6-UP-MSG-ENCODING]
              Murakami, T., Matsushima, S., Ebisawa, K., Camarillo, P.,
              and R. Shekhar, "User Plane Message Encoding", Work in
              Progress, Internet-Draft, draft-murakami-dmm-user-plane-
              message-encoding-05, 5 March 2022,
              <https://datatracker.ietf.org/doc/html/draft-murakami-dmm-
              user-plane-message-encoding-05>.

   [TS.29281] 3GPP, "General Packet Radio System (GPRS) Tunnelling
              Protocol User Plane (GTPv1-U)", Version 17.4.0, 3GPP
              TS 29.281, September 2022.

   [TS.38415] 3GPP, "PDU session user plane protocol", Version 17.0.0,
              3GPP TS 38.415, April 2022.

Acknowledgements

   The authors would like to thank Daisuke Yokota, Bart Peirens,
   Ryokichi Onishi, Kentaro Ebisawa, Peter Bosch, Darren Dukes, Francois
   Clad, Sri Gundavelli, Sridhar Bhaskaran, Arashmid Akhavain, Ravi
   Shekhar, Aeneas Dodd-Noble, Carlos Jesus Bernardos, Dirk von Hugo,
   and Jeffrey Zhang for their useful comments of this work.

Contributors

   Kentaro Ebisawa
   Toyota Motor Corporation
   Japan
   Email: ebisawa@toyota-tokyo.tech


   Tetsuya Murakami
   Arrcus, Inc.
   United States of America
   Email: tetsuya.ietf@gmail.com


   Charles E. Perkins
   Lupin Lodge
   United States of America
   Email: charliep@computer.org


   Jakub Horn
   Cisco Systems, Inc.
   United States of America
   Email: jakuhorn@cisco.com


Authors' Addresses

   Satoru Matsushima (editor)
   SoftBank
   Japan
   Email: satoru.matsushima@g.softbank.co.jp


   Clarence Filsfils
   Cisco Systems, Inc.
   Belgium
   Email: cf@cisco.com


   Miya Kohno
   Cisco Systems, Inc.
   Japan
   Email: mkohno@cisco.com


   Pablo Camarillo Garvia (editor)
   Cisco Systems, Inc.
   Spain
   Email: pcamaril@cisco.com


   Daniel Voyer
   Bell Canada
   Canada
   Email: daniel.voyer@bell.ca