Internet-Draft LSP Ping for IOAM Capabilities September 2024
Min & Mirsky Expires 26 March 2025 [Page]
Workgroup:
MPLS Working Group
Internet-Draft:
draft-xiao-mpls-lsp-ping-ioam-conf-state-04
Published:
Intended Status:
Standards Track
Expires:
Authors:
X. Min
ZTE Corp.
G. Mirsky
Ericsson

LSP Ping/Traceroute for Enabled In-situ OAM Capabilities

Abstract

This document describes the MPLS Node IOAM Information Query functionality, which uses the MPLS echo request/reply messages, allowing the IOAM encapsulating node to discover the enabled IOAM capabilities of each IOAM transit and decapsulating node.

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on 26 March 2025.

Table of Contents

1. Introduction

As specified in [RFC9359], the echo request/reply can be used by the In-situ OAM (IOAM) encapsulating node to discover the enabled IOAM capabilities at IOAM transit and decapsulating nodes.

[RFC8029] defines a probe message called "MPLS echo request", and a response message called "MPLS echo reply" for returning the result of the probe.

This document describes the MPLS Node IOAM Information Query functionality, which uses the MPLS echo request/reply messages, allowing the IOAM encapsulating node to discover the enabled IOAM capabilities of each IOAM transit and decapsulating node.

[RFC8029] specifies "ping" and "traceroute" modes. In "ping" mode, the ingress LSR sends a single MPLS echo request with the TTL in the outermost label set to 255. The MPLS echo request is intended to reach the end of the path and only the egress LSR is expected to respond with the MPLS echo reply. In "traceroute" mode, the ingress LSR transmits a sequence of MPLS echo requests with the TTL value being set in successive probe packets to 1, 2, and so on. Using TTL expiration as the exception mechanism, each LSR is expected to respond by transmitting an MPLS echo reply.

In an MPLS network, the ingress LSR may also act as the IOAM encapsulating node. In such a case, a transit LSR acts as the IOAM transit node, and the egress LSR acts as the IOAM decapsulating node. Usually, the trace option of IOAM data is needed, the IOAM encapsulating node requires to query the enabled IOAM capabilities of each IOAM transit and decapsulating node, then the "traceroute" mode can be used. In case that only the edge to edge option of IOAM data is needed, the IOAM encapsulating node requires to query the enabled IOAM Capabilities of only the IOAM decapsulating node, then the "ping" mode can be used.

The mechanism specified in this document applies to both point-to-point (P2P) MPLS LSP and point-to-multipoint (P2MP) MPLS LSP.

2. Conventions Used in This Document

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.

3. IOAM Capabilities Query TLV

The IOAM Capabilities Query TLV presented in Figure 1 is carried as a TLV of the MPLS Echo Request message:

 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|  IOAM Capa. Query Type (TBA1) |            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
.                                                               .
.                  List of IOAM Namespace-IDs                   .
.                                                               .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 1: IOAM Capabilities Query TLV

Type: Indicates the IOAM Capabilities Query TLV. The value is TBA1.

Length: The length of the TLV's Value field in octets.

The Value field is a List of IOAM Namespace-IDs, which is also called IOAM Capabilities Query Container Payload in Section 3.1 of [RFC9359].

3.1. Examples of the IOAM Capabilities Query

The format of an IOAM Capabilities Query can vary from deployment to deployment.

In a deployment where only the default Namespace-ID is used, the IOAM Capabilities Query is depicted as the following:

 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|  IOAM Capa. Query Type (TBA1) |            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|         Namespace-ID          |          Zero-padded          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 2: IOAM Capabilities Query of the Default IOAM Namespace

In a deployment where two Namespace-IDs (Namespace-ID1 and Namespace-ID2) are used, the IOAM Capabilities Query is depicted as the following:

 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|  IOAM Capa. Query Type (TBA1) |            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|         Namespace-ID1         |         Namespace-ID2         |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 3: IOAM Capabilities Query of the Two IOAM Namespaces

4. IOAM Capabilities Response TLV

The IOAM Capabilities Response TLV presented in Figure 4 is carried as a TLV of the MPLS Echo Reply message:

 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|IOAM Capa. Response Type (TBA2)|            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
.                                                               .
.               List of IOAM Capabilities Sub-TLVs              .
.                                                               .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 4: IOAM Capabilities Response TLV

Type: Indicates the IOAM Capabilities Response TLV. The value is TBA2.

Length: The length of the TLV's Value field in octets.

The Value field is a List of IOAM Capabilities Objects, which is also called IOAM Capabilities Response Container Payload in Section 3.2 of [RFC9359]. Each IOAM Capabilities Object is encoded in a sub-TLV format.

4.1. IOAM Capabilities Sub-TLVs

All IOAM Capabilities sub-TLVs (aka Objects) are encapsulated in an IOAM Capabilities Response TLV of an MPLS Echo Reply message.

Each IOAM Capabilities sub-TLV has the following format:

 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   IOAM Capa. Sub-type (TBA)   |            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
.                                                               .
.                IOAM Capabilities Object Payload               .
.                                                               .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 5: IOAM Capabilities Sub-TLV

Sub-type: Indicates the IOAM Capabilities sub-TLVs. The values are listed as the following:

   Value         Sub-type Name
   -----         -----------
   TBA3          IOAM Pre-allocated Tracing Capabilities Object
   TBA4          IOAM Incremental Tracing Capabilities Object
   TBA5          IOAM Proof of Transit Capabilities Object
   TBA6          IOAM Edge-to-Edge Capabilities Object
   TBA7          IOAM DEX Capabilities Object
   TBA8          IOAM End-of-Domain Object

Length: The length of the sub-TLV's Value field in octets.

The Value field is the IOAM Capabilities Object Payload, which is defined respectively in Section 3.2.1, Section 3.2.2, Section 3.2.3, Section 3.2.4, Section 3.2.5 and Section 3.2.6 of [RFC9359].

4.2. Examples of IOAM Capabilities Response TLV

The format of an IOAM Capabilities Response can vary from deployment to deployment.

In a deployment where only the default Namespace-ID is used, the IOAM Pre-allocated Tracing Capabilities and IOAM Proof of Transit Capabilities are enabled at an IOAM transit node, if that IOAM transit node received an MPLS echo request containing IOAM Capabilities Query TLV, then the IOAM Capabilities Response TLV contained in an MPLS echo reply is depicted as the following:

 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|IOAM Capa. Response Type (TBA2)|            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   IOAM Capa. Sub-type (TBA3)  |            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|               IOAM-Trace-Type                 |  Reserved   |W|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|         Namespace-ID          |          Ingress_MTU          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|  Ingress_if_id (short or wide format)         ......          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   IOAM Capa. Sub-type (TBA5)  |            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|         Namespace-ID          | IOAM-POT-Type |SoP| Reserved  |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 6: Example 1 of IOAM Capabilities Response TLV

In a deployment where two Namespace-IDs (Namespace-ID1 and Namespace-ID2) are used, for both Namespace-ID1 and Namespace-ID2 the IOAM Pre-allocated Tracing Capabilities and IOAM Proof of Transit Capabilities are enabled at an IOAM transit node, if that IOAM transit node received an MPLS echo request containing IOAM Capabilities Query TLV, then the IOAM Capabilities Response TLV contained in an MPLS echo reply is depicted as the following:

 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|IOAM Capa. Response Type (TBA2)|            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   IOAM Capa. Sub-type (TBA3)  |            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|               IOAM-Trace-Type                 |  Reserved   |W|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|         Namespace-ID1         |          Ingress_MTU          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|  Ingress_if_id (short or wide format)         ......          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   IOAM Capa. Sub-type (TBA5)  |            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|         Namespace-ID1         | IOAM-POT-Type |SoP| Reserved  |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   IOAM Capa. Sub-type (TBA3)  |            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|               IOAM-Trace-Type                 |  Reserved   |W|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|         Namespace-ID2         |          Ingress_MTU          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|  Ingress_if_id (short or wide format)         ......          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   IOAM Capa. Sub-type (TBA5)  |            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|         Namespace-ID2         | IOAM-POT-Type |SoP| Reserved  |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 7: Example 2 of IOAM Capabilities Response TLV

Note that multiple sub-TLVs with the same sub-type may be present in an IOAM Capabilities Response TLV, as long as the Namespace-IDs in these sub-TLVs are all different.

In a deployment where only the default Namespace-ID is used, the IOAM Pre-allocated Tracing Capabilities, IOAM Proof of Transit Capabilities and IOAM Edge-to-Edge Capabilities are enabled at the IOAM decapsulating node, if that IOAM decapsulating node received an MPLS echo request containing IOAM Capabilities Query TLV, then the IOAM Capabilities Response TLV contained in an MPLS echo reply is depicted as the following:

 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|IOAM Capa. Response Type (TBA2)|            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   IOAM Capa. Sub-type (TBA3)  |            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|               IOAM-Trace-Type                 |  Reserved   |W|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|         Namespace-ID          |          Ingress_MTU          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|  Ingress_if_id (short or wide format)         ......          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   IOAM Capa. Sub-type (TBA5)  |            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|         Namespace-ID          | IOAM-POT-Type |SoP| Reserved  |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|   IOAM Capa. Sub-type (TBA6)  |            Length             |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|         Namespace-ID          |         IOAM-E2E-Type         |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|TSF|         Reserved          |           Reserved            |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 8: Example 3 of IOAM Capabilities Response TLV

5. Return Code Field Processing

The Return Code field in the MPLS echo reply MUST be set to (TBA9) No Matched Namespace-ID if any of the following conditions applies:

6. IANA Considerations

6.1. TLV and Sub-TLV Allocation

IANA maintains the "Multiprotocol Label Switching (MPLS) Label Switched Paths (LSPs) Ping Parameters" registry, and within that registry a sub-registry for TLVs and sub-TLVs.

IANA is requested to allocate a new IOAM Capabilities Query TLV (Type TBA1) and a new IOAM Capabilities Response TLV (Type TBA2) from the Standards Action range (0-16383), and sub-TLVs as follows from sub-registry presented in Table 1, called "Sub-TLVs for TLV Type TBA2".

Registration procedures for Sub-TLVs from ranges 0-16383 and 32768-49161 are by Standards Action. Ranges 16384-31739 and 49162-64507 are through RFC Required.

Table 1: IANA TLV Type Allocation
Type Sub-type Value Field Reference
TBA1 IOAM Capabilities Query This document
TBA2 IOAM Capabilities Response This document
TBA3 IOAM Pre-allocated Tracing Capabilities Object This document
TBA4 IOAM Incremental Tracing Capabilities Object This document
TBA5 IOAM Proof of Transit Capabilities Object This document
TBA6 IOAM Edge-to-Edge Capabilities Object This document
TBA7 IOAM DEX Capabilities Object This document
TBA8 IOAM End-of-Domain Object This document

6.2. Namespace-ID Error

IANA maintains the "Multiprotocol Label Switching (MPLS) Label Switched Paths (LSPs) Ping Parameters" registry, and within that registry a sub-registry "Return Codes".

IANA is requested to assign a new Return Code from the Standards Action range (0-191) as follows:

Table 2: IANA Return Code Allocation
Error Value Code Description Reference
TBA9 No Matched Namespace-ID This document

7. Security Considerations

Securiy issues discussed in [RFC8029] and [RFC9359] apply to this document.

This document recommends that the network operators establish policies that restrict access to MPLS Node IOAM Information Query functionality. In order to enforce these policies, nodes that support MPLS Node IOAM Information Query functionality SHOULD support the following configuration options:

While applying the MPLS Node IOAM Information Query to P2MP MPLS LSP, since a single MPLS echo request may trigger multiple echo replies, there are scaling concerns and some mitigation measures, e.g., containing the Echo Jitter TLV in the MPLS echo request, as being specified in [RFC6425], MAY be applied.

8. Acknowledgements

The authors would like to acknowledge Tarek Saad for his comments on the idea of using LSP Ping for MPLS IOAM Capabilities Discovery.

9. Normative References

[RFC2119]
Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, , <https://www.rfc-editor.org/info/rfc2119>.
[RFC6425]
Saxena, S., Ed., Swallow, G., Ali, Z., Farrel, A., Yasukawa, S., and T. Nadeau, "Detecting Data-Plane Failures in Point-to-Multipoint MPLS - Extensions to LSP Ping", RFC 6425, DOI 10.17487/RFC6425, , <https://www.rfc-editor.org/info/rfc6425>.
[RFC8029]
Kompella, K., Swallow, G., Pignataro, C., Ed., Kumar, N., Aldrin, S., and M. Chen, "Detecting Multiprotocol Label Switched (MPLS) Data-Plane Failures", RFC 8029, DOI 10.17487/RFC8029, , <https://www.rfc-editor.org/info/rfc8029>.
[RFC8174]
Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, , <https://www.rfc-editor.org/info/rfc8174>.
[RFC9359]
Min, X., Mirsky, G., and L. Bo, "Echo Request/Reply for Enabled In Situ OAM (IOAM) Capabilities", RFC 9359, DOI 10.17487/RFC9359, , <https://www.rfc-editor.org/info/rfc9359>.

Authors' Addresses

Xiao Min
ZTE Corp.
Nanjing
China
Greg Mirsky
Ericsson
United States of America