What Is Segment Routing? A Deep Dive into SRv6 Architecture, Programming, and TE Policies

What Is Segment Routing (SR)?

Segment Routing (SR) is a routing paradigm where the source node defines the packet’s path by encoding an ordered list of segments into the packet header; intermediate nodes simply forward based on this list, simplifying the network and improving scalability.

Inheritance and Innovation Over MPLS

MPLS has been widely deployed in WANs using protocols such as LDP and RSVP‑TE to provide VPN isolation and traffic‑engineering capabilities. SR inherits the benefits of LDP and RSVP‑TE while eliminating RSVP’s complex signaling and LDP’s heavy reliance on IGPs. SR does not compute paths itself; it only forwards packets whose segment list has been pre‑stacked at the ingress node, enabling explicit path control without maintaining extensive tunnel state.

SRv6: Combining SR with IPv6

SRv6 (SR + IPv6) implements SR on the IPv6 data plane. It removes the need for LDP and RSVP‑TE control planes by using IPv6 addresses as labels, unifying control and data planes and greatly simplifying operations. SRv6 inherits SR‑MPLS’s advantages and adds virtually unlimited label space, global uniqueness, and any‑to‑any reachability.

SRv6 Packet Structure and Network Programming

SRv6 adds a Segment Routing Header (SRH) as a new IPv6 extension header. The SRH contains a Segments Left pointer, a Segment List of IPv6 addresses, and a Function field that can embed arbitrary instructions, turning the network into a programmable platform.

The SID (Segment Identifier) is a 128‑bit IPv6 address composed of three parts:

Locator : identifies a network node and is advertised via IGP within the SRv6 domain.

Function : encodes the forwarding action, similar to an opcode in a CPU.

Arguments : optional parameters that may carry flow or service information.

Node Roles in an SRv6 Network

Three node types exist:

Source Node : generates SRv6 packets and inserts the Segment List.

Transit Node : forwards packets as ordinary IPv6 nodes when the destination address does not match a local SID.

Segment Endpoint Node : recognizes a local SID, processes the SRH, and executes the associated function.

Common Endpoint Instructions

Each SID can be bound to an instruction that tells the node how to handle the packet. Typical instructions include:

End : basic termination; copies the next SID to the IPv6 destination address and forwards.

End.X : forwards out a specified egress interface.

End.DT4 : decapsulates the packet and forwards it using an IPv4 routing table (VPNv4 scenario).

End.DT6 : similar to End.DT4 but uses an IPv6 routing table (VPNv6 scenario).

SRv6 BE vs. SRv6 TE Policy

SRv6 Best‑Effort (BE) uses a single SID to guide packet forwarding. SRv6 Traffic‑Engineering (TE) Policy combines multiple SIDs to constrain the path, satisfying TE requirements. BE can be deployed by configuring policies on forwarding devices only, while TE Policy typically requires a controller to program the network.

SRv6 TE Policy Model Hierarchy

A TE Policy is defined by a three‑tuple <headend, color, endpoint>. The color represents a set of constraints; in many cases <color, endpoint> suffices as the key. Under a policy, multiple candidate paths (primary/backup) may exist, each containing one or more segment lists that can be load‑balanced (ECMP/UCMP). A segment list is an ordered sequence of SIDs.

SRv6 BE Packet Forwarding Process

When host A sends traffic to host B, the packet is encapsulated with an outer IPv6 header (source = A’s loopback, destination = VPN SID). Each hop (PE1 → P → PE3) forwards the packet based on the IPv6 destination address, eventually reaching the endpoint where the VPN SID is resolved, the outer IPv6 header is stripped, and the original payload is forwarded.

SRv6 TE Policy Packet Forwarding Process

For TE, the ingress PE1 adds an SRH containing a list of SIDs (e.g., END.DT4 followed by tunnel SIDs). The outer IPv6 destination is set to the active SID. Each hop processes the current SID, decrements Segments Left , updates the IPv6 destination to the next SID, and forwards. When the final END.DT4 SID is reached, the SRH is removed and the packet is delivered to the VPN instance.

Conclusion

Segment Routing supports both MPLS and IPv6 data planes. SR‑MPLS uses MPLS labels as SIDs, while SRv6 uses IPv6 addresses, offering unlimited label space, global uniqueness, and any‑to‑any connectivity. These properties make SRv6 a leading technology for next‑generation IP networks and a hot topic in both research and deployment.