| Internet-Draft | In-situ OAM for MPLS Data plane | October 2022 |
| Gandhi, et al. | Expires 6 April 2023 | [Page] |
In-situ Operations, Administration, and Maintenance (IOAM) is used for recording and collecting operational and telemetry information while the packet traverses a path between two points in the network. This document defines how IOAM data fields are transported with MPLS data plane encapsulation using MPLS Network Action (MNA).¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 6 April 2023.¶
Copyright (c) 2022 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
In-situ Operations, Administration, and Maintenance (IOAM) is used for recording and collecting operational and telemetry information while the packet traverses a path between two points in the network. The term "in-situ" refers to the fact that the IOAM data fields are added to the data packets rather than being sent within the probe packets specifically dedicated to OAM. The IOAM data fields are defined in [RFC9197]. The IOAM data fields are further updated in [I-D.ietf-ippm-ioam-direct-export] for direct export use-cases.¶
This document defines how IOAM data fields are transported with MPLS data plane encapsulations using MPLS Network Action (MNA) [I-D.ietf-mpls-mna-fwk].¶
Note: This document uses MNA encoding defined in Individual Internet Drafts as examples. The MNA encoding will be updated to align with the MNA solutions in the WG adopted Internet Drafts.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
The MPLS Network Action (MNA) terminology defined in [I-D.ietf-mpls-mna-fwk] are used in this document.¶
Abbreviations used in this document:¶
Post-Stack Network Action Presence Indicator¶
Equal Cost Multi-Path¶
Edge-To-Edge¶
Hop-By-Hop¶
Hop-By-Hop Post-Stack Network Action Processing Indicator¶
In-situ Operations, Administration, and Maintenance¶
Multiprotocol Label Switching¶
MPLS Network Action¶
Operations, Administration, and Maintenance¶
Proof-of-Transit¶
The IOAM extension headers containing different IOAM-Data-Fields are added in the MPLS packet as shown in Figure 1. The IOAM-Data-Fields MUST follow the definitions corresponding to the IOAM-Option-Types (e.g., see Section 4.4 of [RFC9197] and Section 3 of [I-D.ietf-ippm-ioam-direct-export]).¶
An IOAM extension header uses Extension Header (EH) defined in [I-D.song-mpls-extension-header].¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ |1ST-NIB| EH-CN | EH-TOTAL-LEN |ORG-UL-PROTOCOL|NEXT-HDR = IOAM| CH +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ |NEXT-HDR = IOAM| IOAM-HDR-LEN |R|IOAM-OPT-TYPE| BLOCK-NUMBER | EH +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ | | I | | O ~ IOAM Option and Data Space [RFC9197] ~ A | [draft-ietf-ippm-ioam-direct-export] | M | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ . . . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ | NEXT-HDR | IOAM-HDR-LEN |R|IOAM-OPT-TYPE| BLOCK-NUMBER | EH +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ | | I | | O ~ IOAM Option and Data Space [RFC9197] ~ A | [draft-ietf-ippm-ioam-direct-export] | M | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ | | | | ~ Optional Payload + Padding ~ | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The 4-Octet Common Header CH) is added with the following fields in the MPLS header as defined in [I-D.song-mpls-extension-header]:¶
IOAM-Data-Fields are added in EHs containing the following fields:¶
A Post-Stack Network Action Presence Indicator MUST be added to indicate the presence of the IOAM-Data-Fields in the MPLS header. If both edge and intermediate nodes need to process IOAM data then both the Post-Stack Network Action Presence Indicator and the HBH Network Action Processing Indicator MUST be added. The HBH Network Action Processing Indicator allows to optimize the IOAM processing on the intermediate nodes and avoids the need to parse all IOAM-Data-Fields.¶
A flag called PNI (Post-Stack Network Action Presence Indicator) in the TTL field defined in [I-D.jags-mpls-mna-hdr] is used in this document to indicate the presence of IOAM Post-Stack Network Action and Ancillary Data.¶
A flag called HPI (Hop-By-Hop Post-Stack Network Action Processing Indicator) in the TTL field defined in [I-D.jags-mpls-mna-hdr] is used to indicate that HBH processing is required for the Post-Stack Network Action and the associated Ancillary Data.¶
The MNA Label used in this document is a Base Special Purpose Label (bSPL value TBA1 to be assigned by IANA), and is defined as Network Action Sub-Stack Indicator (NASI) in [I-D.jags-mpls-mna-hdr].¶
The Post-Stack Network Action Presence Indicator is set to "1" to indicate the presence of the IOAM-Data-Fields in the MPLS header as shown in Figure 2.¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Label | TC |S| TTL | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | MNA Label (bSPL value TBA1) | TC |S| TTL | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | TC |S| PNI=1, HPI=0 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Packet as shown in Figure 1 | . . +---------------------------------------------------------------+
The E2E IOAM-Data-Fields carry the Option-Type(s) that require processing on the encapsulating and decapsulating nodes only. The IOAM Option-Type carried can be IOAM Edge-to-Edge Option-Type (value 3) [RFC9197] as well as Direct Export (DEX) Option-Type (value 4, to be assigned by IANA) defined in [I-D.ietf-ippm-ioam-direct-export]. The E2E IOAM-Data-Fields SHOULD NOT carry any IOAM Option-Type that require IOAM processing on the intermediate nodes as it will not be processed by them since HPI flag is not set.¶
The E2E IOM Network Action procedure is summarized as following:¶
The Post-Stack Network Action Presence Indicator (TTL Flag PNI) along with Hop-By-Hop Processing Indicator (TTL Flag HPI) are set to "1" to indicate the presence of the HBH IOAM-Data-Fields in the MPLS header as shown in Figure 3.¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Label | TC |S| TTL | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | MNA Label (bSPL value TBA1) | TC |S| TTL | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | TC |S| PNI=1, HPI=1 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Packet as shown in Figure 1 | . . +---------------------------------------------------------------+
The HBH IOAM-Data-Fields carry the Option-Type(s) that require processing at the intermediate and/or encapsulating and decapsulating nodes. The IOAM Option-Type carried can be IOAM Pre-allocated Trace Option-Type (value 0), IOAM Incremental Trace Option-Type (value 1) and IOAM Proof of Transit (POT) Option-Type (value 2), and Edge-to-Edge Option-Type (value 3) defined in [RFC9197] as well as Direct Export (DEX) Option-Type (value 4, to be assigned by IANA) defined in [I-D.ietf-ippm-ioam-direct-export].¶
The Hop-By-Hop IOAM Network Action procedure is summarized as following:¶
Both HBH and E2E IOAM EHs may be added in an MPLS header. In this case the HBH IOAM EHs MUST be added after the BOS and before the E2E IOAM EHs. When an intermediate node encounters the first E2E IOAM EH, it will stop processing of the E2E EH.¶
The encapsulating node needs to make sure the IOAM-Data-Fields do not start with a well-known IP Version Number (e.g. 0x4 for IPv4 and 0x6 for IPv6) as that can alter the hashing function for ECMP that uses the IP header. This is achieved by using the Common Header (CH) with a different IP Version Number (value TBA4) after the MPLS label stack.¶
The decapsulating node that has to remove the IOAM-Data-Fields and perform the IOAM function may not be capable of supporting it. The encapsulating node needs to know if the decapsulating node can support the IOAM function. The signaling extension for this capability exchange is outside the scope of this document.¶
The intermediate node that is not capable of supporting the IOAM functions defined in this document, can simply skip the IOAM processing.¶
The node that does not recognize the MNA Label received at the top of the label stack will drop the packet.¶
When a packet is received with MPLS Encapsulated IOAM Network Action, the nested MPLS encapsulating node that supports a different IOAM Network Action, the node MUST add a new MNA Label (with Sub-Stack) with the supported IOAM Network Action as part of the new MPLS encapsulation.¶
The security considerations of IOAM in general are discussed in [RFC9197] and apply to the procedure defined in this document.¶
IOAM is considered a "per domain" feature, where one or several operators decide on configuring IOAM according to their needs. IOAM is intended for deployment in limited domains [RFC8799]. As such, it assumes that a node involved in IOAM operation has previously verified the integrity of the path. Still, operators need to properly secure the IOAM domain to avoid malicious configuration and use, which could include injecting malicious IOAM packets into the domain.¶
The encoding of Next-Header uses the same value registry for IPv4/ IPv6 protocol numbers. The value TBA2 for IOAM as Next Header shall be assigned by IANA from the "Protocol Numbers" registry (https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml).¶
The authors would like to thank Patrick Khordoc, Sagar Soni, Shwetha Bhandari, Clarence Filsfils, and Vengada Prasad Govindan for the discussions on IOAM. The authors would also like to thank Tarek Saad, Loa Andersson, Greg Mirsky, Stewart Bryant, Xiao Min, and Cheng Li for providing many useful comments. The authors would also like to thank Mach Chen, Andrew Malis, Matthew Bocci, and Nick Delregno for the MPLS-RT reviews.¶