SRv6 and IPFIX working togheter

Combining SRv6 and IPFIX netflow can be a successful strategy to create a monitoring and analytics tool for your network. Using a combination of both?you?can build a full view of the flow?as well as?of the SRv6 on top?which?is steering traffic.

The RFC 9487 defines the information elements for IP Flow Information Export (IPFIX) to support IPv6 Segment Routing (SRv6) deployments. Here are the highlighted records that you can use to monitor traffic flows and relevant information:

1. SRv6-specific Information Elements:

1. srIPv6SegmentEndpoint: This information element represents the SRv6 Segment Endpoint behavior. It indicates the IPv6 address of the SRv6 segment endpoint.
2. srIPv6SegmentRoutingHeader: This element represents the entire Segment Routing header of the IPv6 packet. It includes all the relevant fields of the SRH (Segment Routing Header), allowing you to extract detailed information about SRv6 paths.
3. srIPv6SegmentRoutingHeaderLastEntry: This element represents the last entry of the Segment Routing header in an IPv6 packet. It allows you to specifically access the last SRv6 SID (Segment ID) in the SRH.

2. Generic IPFIX Information Elements:

1. sourceIPv6Address and destinationIPv6Address: These standard IPFIX elements represent the source and destination IPv6 addresses of the traffic flows. They are crucial for identifying the endpoints involved in IPv6 traffic.
2. sourceTransportPort and destinationTransportPort: These elements represent the source and destination transport layer ports (e.g., TCP or UDP ports) in the traffic flows. They help in identifying the specific application or service using these ports.
3. packetDeltaCount and octetDeltaCount: These elements represent the packet count and byte count for each flow. They are essential for monitoring traffic volume and throughput.
4. flowStartMilliseconds and flowEndMilliseconds: These elements represent the start and end timestamps of the flow, measured in milliseconds. They help in tracking flow durations and analyzing temporal patterns in traffic.

By leveraging these IPFIX information elements, especially the SRv6-specific elements introduced in RFC 9487, you can effectively monitor IPv6 traffic flows in SRv6-enabled networks. This monitoring includes extracting SRv6-specific information such as Segment Endpoint addresses, Segment Routing headers, and path details, along with standard traffic flow metrics for comprehensive network visibility and analysis.

?