| Internet-Draft | MNA for In Situ OAM and Direct Export | June 2024 |
| Gandhi, et al. | Expires 28 December 2024 | [Page] |
In Situ Operations, Administration, and Maintenance (IOAM) is used for recording and collecting operational and telemetry information while the packet traverses a path between two points in the network. This document defines MPLS Network Actions for transporting IOAM data fields as well as direct exporting them.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 28 December 2024.¶
Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
In Situ Operations, Administration, and Maintenance (IOAM) is used for recording and collecting operational and telemetry information while the packet traverses a path between two points in the network. The term "in-situ" refers to the fact that the IOAM data fields are added to the data packets rather than being sent within the probe packets specifically dedicated to OAM. The IOAM data fields are defined in [RFC9197]. The IOAM data fields are further updated in [RFC9326] for Direct Export (DEX) use-cases.¶
[I-D.ietf-mpls-mna-hdr] defines mechanisms for carrying MNA Sub-Stack (MNAS) above the Bottom of the label stack (BOS) and [I-D.jags-mpls-ps-mna-hdr] defines mechanisms for carrying Post-Stack Network Actions in MPLS packets after the Bottom of the label stack. [I-D.ietf-mpls-mna-usecases] describes various MNA use cases including IOAM and IOAM DEX. This document defines MPLS Network Actions using MNA solutions for In-Stack and Post-Stack for transporting IOAM data fields as well as direct exporting them.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
This document assumes that the reader is familiar with the terminology defined in [RFC9197], [RFC9326], [I-D.ietf-mpls-mna-hdr], and [I-D.jags-mpls-ps-mna-hdr].¶
Abbreviations used in this document:¶
Direct Export¶
Equal Cost Multi-Path¶
Hop-By-Hop¶
Ingress-To-Egress (I2E), Hop-By-Hop (HBH) or Select Scope¶
In Situ Operations, Administration, and Maintenance¶
MPLS Network Action¶
Network Action Indicator¶
Network Action Sub-Stack Length¶
Operations, Administration, and Maintenance¶
Proof-of-Transit¶
Post-Stack Header¶
The IOAM and IOAM DEX Option-Types and data fields are carried in Ancillary Data for the IOAM and IOAM DEX MPLS Network Actions, respectively. In this document, the MPLS Network Actions for IOAM and IOAM DEX Option-Types are defined using Post-Stack Data (PSD) instead of In-Stack Data (ISD) due to the following reasons:¶
o Adding and updating IOAM data fields such as timestamp (e.g., 32-bit) and sequence number (e.g., 32-bit) as ISD in the label field of an LSE can alter ECMP behavior of packets in a traffic flow when labels on the label stack are used for ECMP hashing.¶
o In case of DEX, IOAM data fields added by encapsulation node are typically used as metadata for direct export on intermediate nodes. Not all IOAM data fields added by encapsulation node (e.g. sequence number, timestamp, flow identifier, etc.) need to be in-stack (or within RLD) for direct export.¶
o IOAM data fields format (32-bit) does not fit well into the 32-bit LSE due to S bit required in LSE (e.g., in 31-bit Format D).¶
The Post-Stack Network Action encoding contains IOAM Post-Stack Network Action Opcode, length in number of 4-octet units, and IOAM Option-Type with IOAM data fields in ancillary data as shown in Figure 1. The IOAM data fields MUST follow the definitions corresponding to their IOAM-Option-Types (e.g., see Section 4.4 of [RFC9197] and Section 3 of [RFC9326]).¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Label | TC |1| TTL | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ |N N N N|Version| PS-HDR-LEN | TYPE = POST-STACK-HDR-MNA = 1 |PSH +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-|<-+ |PS-NA-OPCODE |R|U| PS-NAL |R|R| BLOCK-NUMBER|IOAM-OPT-TYPE| | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ I | | O | | A ~ IOAM Option and Data Space [RFC9197] [RFC9326] ~ M | | | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ . . . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ |PS-NA-OPCODE |R|U| PS-NAL |R|R| BLOCK-NUMBER|IOAM-OPT-TYPE| | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ I | | O | | A ~ IOAM Option and Data Space [RFC9197] [RFC9326] ~ M | | | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ | | | | ~ Optional Payload + Padding ~ | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The Post-Stack Header (PSH) is added with the following fields as defined in [I-D.jags-mpls-ps-mna-hdr].¶
An IOAM data fields is added in the Post-Stack Network Action containing the following fields:¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | MNA Label (bSPL value TBA5) | TC |S| TTL | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Opcode | Data (Format B) |R|IHS|S|U| NASL | NAL | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Opcode | Data (Format C) |S|U| Data | NAL | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ . . . . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Packet as shown in Figure 1 | . . +---------------------------------------------------------------+
The MNA Label is a Base Special Purpose Label (bSPL value TBA5) to be allocated in [I-D.ietf-mpls-mna-hdr].¶
The IHS scope field defined in [I-D.ietf-mpls-mna-hdr] is used to indicate that I2E or HBH or Select processing is required for the Network Action and Ancillary Data.¶
If both edge and intermediate nodes need to process the IOAM data fields then IHS scope MUST be set to "HBH, value 0x1". If only edge nodes need to process the IOAM data fields then IHS scope MUST be set to "I2E, value 0x0". The HBH scope allows to skip the IOAM data processing on the intermediate nodes i.e., avoids the need to parse all IOAM data fields to detect the HBH option type.¶
The U Flag for Unknown Action Handling is specified in [I-D.ietf-mpls-mna-hdr].¶
The Network Action Sub-Stack Length (NASL) is set as specified in [I-D.ietf-mpls-mna-hdr].¶
Opcode (7 bits) value is TBA1 (for In-Stack Network Action with PSD for IOAM) carrying IOAM Option-Type(s) defined in [RFC9197]. Opcode value is TBA2 (for In-Stack Network Action with PSD for IOAM DEX) carrying the IOAM DEX Option-Type defined in [RFC9326]. The In-Stack IOAM and IOAM DEX Network Actions can be carried in Format B or Format C LSE.¶
A packet may carry more than one In-Stack Network Actions with PSD for IOAM and IOAM DEX in an MNA Sub-Stack (for example, for different IOAM Option-Types). There may be a different In-Stack Network Actions (other than for the IOAM) in an MNA Sub-Stack.¶
Data (10 bits, next to the Opcode field) in LSE contains the offset for PSD for this In-Stack Network Action in 4-octets units after BOS LSE to the start of the Post-Stack Network Action Opcode. Due to the Post-Stack Header, minimum value for the offset is 1 (i.e, 4-octets).¶
Additional IOM data fields may be added in the In-Stack NAS addtional data LSE Format D as required by the network action.¶
Length of Network Action (NAL) is set to 0 if no additional LSE Format D is added for the network action.¶
Corresponding Post-Stack Header defined in Figure 1 MUST BE added for each MNA Sub-Stack added in the label stack.¶
The I2E IOAM data fields carry the IOAM Option-Type(s) that require processing on the encapsulating and decapsulating nodes only.¶
The IOAM Option-Type carried can be IOAM Edge-To-Edge Option-Type (value 3) defined in [RFC9197] as well as DEX Option-Type (value 4) defined in [RFC9326]. The I2E IOAM data fields SHOULD NOT carry any IOAM Option-Type that require IOAM processing on the intermediate nodes as it will not be processed by them when IHS scope is set to "I2E, value 0x0".¶
The I2E IOAM and IOAM Direct Export Network Action procedure is summarized as following:¶
The HBH IOAM data fields carry the Option-Type(s) that require processing at the intermediate and/or encapsulating and decapsulating nodes.¶
The IOAM Option-Type carried can be IOAM Pre-allocated Trace Option-Type (value 0), IOAM Incremental Trace Option-Type (value 1) and IOAM Proof of Transit (POT) Option-Type (value 2), and Edge-To-Edge Option-Type (value 3) defined in [RFC9197] as well as DEX Option-Type (value 4) defined in [RFC9326].¶
Editor's note: IPv6 option is not supported for HBH IOAM Incremental Trace Option-Type (value 1). Similarly, MPLS network action is also not supported for HBH IOAM Incremental Trace Option-Type (value 1).¶
The Hop-By-Hop IOAM and IOAM Direct Export Network Action procedure is summarized as following:¶
Both HBH and I2E Scope IOAM may be required in an MPLS packet. In this case, the Post-Stack Network action with HBH IOAM data fields MUST be added after the BOS and before the Post-Stack Network Action with I2E IOAM data fields. This way, the RLD for the intermediate nodes is minimized.¶
The procedure for carrying the IOAM Network Actions for Select Scope is the same as HBH Scope IOAM Network Actions except the IHS scope is set to "Select, value 0x2". In this case, the Post-Stack Network action for Select node with IOAM data fields MUST be added after the BOS and before the Post-Stack Network Action with I2E IOAM data fields. This way, the RLD for the Select nodes is minimized.¶
The encapsulating node needs to make sure the IOAM data fields do not start with a well-known IP Version Number (e.g. 0x4 for IPv4 and 0x6 for IPv6) as that can alter the hashing function for ECMP that uses the IP header. This is achieved by using the first nibble NNNN in the Post-Stack Header with a different value (value TBA6) after the label stack as defined in [I-D.jags-mpls-ps-mna-hdr].¶
The decapsulating node that has to remove the IOAM data fields and perform the IOAM function may not be capable of supporting it. The encapsulating node needs to know if the decapsulating node can support the IOAM function. The signaling extension for this capability exchange is outside the scope of this document.¶
The intermediate node that is not capable of supporting the IOAM functions defined in this document, can simply skip the IOAM processing.¶
The node that does not recognize the MNA Label received at the top of the label stack will drop the packet.¶
When a packet is received with MPLS Encapsulated Network Action for IOAM, the nested MPLS encapsulating node that needs to add different Network Action for IOAM, the node MUST add a new MNA Sub-Stack with the Network Action for IOAM as part of the new MPLS encapsulation.¶
The encapsulating node needs to make sure that the IOAM data fields in Post-Stack Network Action are added within the Readable Label Depth (RLD) of the downstream MNA capable nodes in order for them to be able to process the IOAM.¶
The security considerations of IOAM and IOAM DEX in general are discussed in [RFC9197] and [RFC9326]) and apply to the procedure defined in this document.¶
The usage of MPLS extensions defined in this document for IOAM is intended for deployment in a single network administrative domain. As such, it assumes that the operator enabling the IOAM operation has previously verified the integrity of the path. Still, operators need to properly secure the IOAM in the domain to avoid malicious configuration and use, which could include injecting malicious IOAM packets into the domain.¶
The IOM and IOAM DEX Network Action Opcodes from In-Stack Network Action Opcode registry (to be created by in [I-D.ietf-mpls-mna-hdr]) are defined in this document as follows.¶
| Opcode | Description | Reference |
|---|---|---|
| TBA1 | In-Stack Network Action with PSD for IOAM | This document |
| TBA2 | In-Stack Network Action with PSD for IOAM Direct Export | This document |
The IOM and IOAM DEX Network Action Opcodes from Post-Stack Network Action Opcode registry (to be created by in [I-D.jags-mpls-ps-mna-hdr]) are defined in this document as follows.¶
Editor's Note: Post-Stack Network Action Opcode value TBA3 can be the same value as In-Stack Network Action Opcode value TBA1 and opcode TBA4 can be the same value as opcode TBA2 to avoid creating a mapping table.¶
| Value | Description | Reference |
|---|---|---|
| TBA3 | Post-Stack Network Action for IOAM | This document |
| TBA4 | Post-Stack Network Action for IOAM Direct Export | This document |
The authors would like to thank Patrick Khordoc, Sagar Soni, Shwetha Bhandari, Clarence Filsfils, and Vengada Prasad Govindan for the discussions on IOAM. The authors would also like to thank Tarek Saad, Loa Andersson, Greg Mirsky, Stewart Bryant, Xiao Min, Jaganbabu Rajamanickam, and Cheng Li for providing many useful comments. The authors would also like to thank Mach Chen, Andrew Malis, Matthew Bocci, and Nick Delregno for the MPLS-RT reviews of the early version of this document.¶
The following people have substantially contributed to this document:¶
Zafar Ali Cisco Systems, Inc. Email: zali@cisco.com Voitek Kozak Comcast Email: Voitek_Kozak@comcast.com Loa Andersson Huawei Technologies Email: loa@pi.nu¶