Internet-Draft | LSP Ping for IOAM Capabilities | September 2024 |
Min & Mirsky | Expires 26 March 2025 | [Page] |
This document describes the MPLS Node IOAM Information Query functionality, which uses the MPLS echo request/reply messages, allowing the IOAM encapsulating node to discover the enabled IOAM capabilities of each IOAM transit and decapsulating node.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 26 March 2025.¶
Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
As specified in [RFC9359], the echo request/reply can be used by the In-situ OAM (IOAM) encapsulating node to discover the enabled IOAM capabilities at IOAM transit and decapsulating nodes.¶
[RFC8029] defines a probe message called "MPLS echo request", and a response message called "MPLS echo reply" for returning the result of the probe.¶
This document describes the MPLS Node IOAM Information Query functionality, which uses the MPLS echo request/reply messages, allowing the IOAM encapsulating node to discover the enabled IOAM capabilities of each IOAM transit and decapsulating node.¶
[RFC8029] specifies "ping" and "traceroute" modes. In "ping" mode, the ingress LSR sends a single MPLS echo request with the TTL in the outermost label set to 255. The MPLS echo request is intended to reach the end of the path and only the egress LSR is expected to respond with the MPLS echo reply. In "traceroute" mode, the ingress LSR transmits a sequence of MPLS echo requests with the TTL value being set in successive probe packets to 1, 2, and so on. Using TTL expiration as the exception mechanism, each LSR is expected to respond by transmitting an MPLS echo reply.¶
In an MPLS network, the ingress LSR may also act as the IOAM encapsulating node. In such a case, a transit LSR acts as the IOAM transit node, and the egress LSR acts as the IOAM decapsulating node. Usually, the trace option of IOAM data is needed, the IOAM encapsulating node requires to query the enabled IOAM capabilities of each IOAM transit and decapsulating node, then the "traceroute" mode can be used. In case that only the edge to edge option of IOAM data is needed, the IOAM encapsulating node requires to query the enabled IOAM Capabilities of only the IOAM decapsulating node, then the "ping" mode can be used.¶
The mechanism specified in this document applies to both point-to-point (P2P) MPLS LSP and point-to-multipoint (P2MP) MPLS LSP.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
The IOAM Capabilities Query TLV presented in Figure 1 is carried as a TLV of the MPLS Echo Request message:¶
Type: Indicates the IOAM Capabilities Query TLV. The value is TBA1.¶
Length: The length of the TLV's Value field in octets.¶
The Value field is a List of IOAM Namespace-IDs, which is also called IOAM Capabilities Query Container Payload in Section 3.1 of [RFC9359].¶
The format of an IOAM Capabilities Query can vary from deployment to deployment.¶
In a deployment where only the default Namespace-ID is used, the IOAM Capabilities Query is depicted as the following:¶
In a deployment where two Namespace-IDs (Namespace-ID1 and Namespace-ID2) are used, the IOAM Capabilities Query is depicted as the following:¶
The IOAM Capabilities Response TLV presented in Figure 4 is carried as a TLV of the MPLS Echo Reply message:¶
Type: Indicates the IOAM Capabilities Response TLV. The value is TBA2.¶
Length: The length of the TLV's Value field in octets.¶
The Value field is a List of IOAM Capabilities Objects, which is also called IOAM Capabilities Response Container Payload in Section 3.2 of [RFC9359]. Each IOAM Capabilities Object is encoded in a sub-TLV format.¶
All IOAM Capabilities sub-TLVs (aka Objects) are encapsulated in an IOAM Capabilities Response TLV of an MPLS Echo Reply message.¶
Each IOAM Capabilities sub-TLV has the following format:¶
Sub-type: Indicates the IOAM Capabilities sub-TLVs. The values are listed as the following:¶
Value Sub-type Name ----- ----------- TBA3 IOAM Pre-allocated Tracing Capabilities Object TBA4 IOAM Incremental Tracing Capabilities Object TBA5 IOAM Proof of Transit Capabilities Object TBA6 IOAM Edge-to-Edge Capabilities Object TBA7 IOAM DEX Capabilities Object TBA8 IOAM End-of-Domain Object¶
Length: The length of the sub-TLV's Value field in octets.¶
The Value field is the IOAM Capabilities Object Payload, which is defined respectively in Section 3.2.1, Section 3.2.2, Section 3.2.3, Section 3.2.4, Section 3.2.5 and Section 3.2.6 of [RFC9359].¶
The format of an IOAM Capabilities Response can vary from deployment to deployment.¶
In a deployment where only the default Namespace-ID is used, the IOAM Pre-allocated Tracing Capabilities and IOAM Proof of Transit Capabilities are enabled at an IOAM transit node, if that IOAM transit node received an MPLS echo request containing IOAM Capabilities Query TLV, then the IOAM Capabilities Response TLV contained in an MPLS echo reply is depicted as the following:¶
In a deployment where two Namespace-IDs (Namespace-ID1 and Namespace-ID2) are used, for both Namespace-ID1 and Namespace-ID2 the IOAM Pre-allocated Tracing Capabilities and IOAM Proof of Transit Capabilities are enabled at an IOAM transit node, if that IOAM transit node received an MPLS echo request containing IOAM Capabilities Query TLV, then the IOAM Capabilities Response TLV contained in an MPLS echo reply is depicted as the following:¶
Note that multiple sub-TLVs with the same sub-type may be present in an IOAM Capabilities Response TLV, as long as the Namespace-IDs in these sub-TLVs are all different.¶
In a deployment where only the default Namespace-ID is used, the IOAM Pre-allocated Tracing Capabilities, IOAM Proof of Transit Capabilities and IOAM Edge-to-Edge Capabilities are enabled at the IOAM decapsulating node, if that IOAM decapsulating node received an MPLS echo request containing IOAM Capabilities Query TLV, then the IOAM Capabilities Response TLV contained in an MPLS echo reply is depicted as the following:¶
The Return Code field in the MPLS echo reply MUST be set to (TBA9) No Matched Namespace-ID if any of the following conditions applies:¶
IANA maintains the "Multiprotocol Label Switching (MPLS) Label Switched Paths (LSPs) Ping Parameters" registry, and within that registry a sub-registry for TLVs and sub-TLVs.¶
IANA is requested to allocate a new IOAM Capabilities Query TLV (Type TBA1) and a new IOAM Capabilities Response TLV (Type TBA2) from the Standards Action range (0-16383), and sub-TLVs as follows from sub-registry presented in Table 1, called "Sub-TLVs for TLV Type TBA2".¶
Registration procedures for Sub-TLVs from ranges 0-16383 and 32768-49161 are by Standards Action. Ranges 16384-31739 and 49162-64507 are through RFC Required.¶
Type | Sub-type | Value Field | Reference |
---|---|---|---|
TBA1 | IOAM Capabilities Query | This document | |
TBA2 | IOAM Capabilities Response | This document | |
TBA3 | IOAM Pre-allocated Tracing Capabilities Object | This document | |
TBA4 | IOAM Incremental Tracing Capabilities Object | This document | |
TBA5 | IOAM Proof of Transit Capabilities Object | This document | |
TBA6 | IOAM Edge-to-Edge Capabilities Object | This document | |
TBA7 | IOAM DEX Capabilities Object | This document | |
TBA8 | IOAM End-of-Domain Object | This document |
IANA maintains the "Multiprotocol Label Switching (MPLS) Label Switched Paths (LSPs) Ping Parameters" registry, and within that registry a sub-registry "Return Codes".¶
IANA is requested to assign a new Return Code from the Standards Action range (0-191) as follows:¶
Error Value Code | Description | Reference |
---|---|---|
TBA9 | No Matched Namespace-ID | This document |
Securiy issues discussed in [RFC8029] and [RFC9359] apply to this document.¶
This document recommends that the network operators establish policies that restrict access to MPLS Node IOAM Information Query functionality. In order to enforce these policies, nodes that support MPLS Node IOAM Information Query functionality SHOULD support the following configuration options:¶
Enable/disable MPLS Node IOAM Information Query functionality. By default, MPLS Node IOAM Information Query functionality is disabled.¶
Define enabled Namespace-IDs. By default, all Namespace-IDs except the default one (i.e., Namespace-ID 0x0000) are disabled.¶
While applying the MPLS Node IOAM Information Query to P2MP MPLS LSP, since a single MPLS echo request may trigger multiple echo replies, there are scaling concerns and some mitigation measures, e.g., containing the Echo Jitter TLV in the MPLS echo request, as being specified in [RFC6425], MAY be applied.¶
The authors would like to acknowledge Tarek Saad for his comments on the idea of using LSP Ping for MPLS IOAM Capabilities Discovery.¶