I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors.  Document editors and WG chairs should treat these comments just like any other comments. 

This document presents BGP constructs that may be used to implement certain types of network segmentation.

This document describes how sequencing information can be encoded in the IP header to be used to support the addition of Packet Replication, Elimination, and Ordering Functions (PREOF) to Deterministic Networking (DetNet )IP. The PREOF service protection method relies on copies of the same packet being sent over multiple maximally disjoint paths and uses sequencing information to elimination duplicates. PREOF has already been implemented for MPLS, and the IP solution is derived from that.  This document descibes how to derive the needed sequencing information from the IP header.  In particular it describes what information MUST and MAY be included in the header fields so that the sequence information may be derived.

I agree with the draft’s security considerations section, which says that no new security considerations are introduced.  The procedure is based on a similar solution for MPLS, and so the MPLS security considerations apply.     

A nit:

1. A possible implementation of POF function
should be
A possible implementation of the POF function