Use of The IPv4 Reserved-flag for OAMJuniper NetworksBangalore56009KAIndiaaghule@juniper.netJuniper NetworksHerndon20171VirginiaUSArbonica@juniper.net
Internet Area
INTAREA Working GroupIPv4OAMThis document defines new IPv4 Operations and Management (OAM)
capabilities. In order to support these capabilities, this document
defines a new interpretation of the IPv4 Reserved-flag.This document defines new IPv4
Operations and Management (OAM) capabilities. In order to support these
capabilities, this document defines a new interpretation of the IPv4
Reserved-flag.The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only
when, they appear in all capitals, as shown here. depicts the IPv4 Flags field, as
defined in . It contains the following
fields:Bit 0: reserved, must be zeroBit 1: (DF) 0 = May Fragment, 1 = Don't Fragment.Bit 2: (MF) 0 = Last Fragment, 1 = More Fragments. depicts a redefinition of the IPv4
flags field. It contains the following fields:Bit 0: OAM 0 = No OAM Action, 1 = OAM ActionBit 1: (DF) 0 = May Fragment, 1 = Don't Fragment.Bit 2: (MF) 0 = Last Fragment, 1 = More Fragments.In the redefinition, the Reserved-flag is replaced by an OAM
flag.When a packet enters a provider network, the network ingress router
can subject the packet to policy. Policy includes match conditions and
actions. If the packet satisfies match conditions, the policy can
execute the following actions:Set the OAM-bitRecompute the IPv4 header checksumIf the ingress node sets the OAM bit, it MAYexecute any of
the OAM actions described in .When a network interior node receives a packet and its OAM bit is
set, it MAY execute any combination of the following OAM actions.ActionNotesLog the packetThe processing node creates a log entry. The log entry reflects
the time at which it was created. It also reflects the time at which
the packet arrived.Count the packetThe processing node increments a counter.Send an ICMP OAM messageThe processing node sends an ICMP OAM message to the packet's
source. The OAM message indicates the time at which the packet
arrived.Send telemetryThe processing node sends telemetry to a monitoring station.
Telemetry includes the packet and the time at which the packet
arrived.The action taken depends on local configuration. By default, no
action is takenWhen a network egress node receives a packet and the OAM bit is
set, it MAY execute any of the OAM actions described in . It SHOULD clear the OAM bit. If it clears the
OAM bit, it MUST recompute the IPv6 Header Checksum. depicts the ICMP OAM message. The ICMP
OAM message contains the following fields:Type - OAM. Value TBD by IANA.Code - MUST be set to (0) No Error.Checksum - See Reserved - MUST be set to 0 and MUST be ignored upon receipt.Length - Represents the length of the padded "original datagram"
field, measured in 32-bit words.Timestamp (seconds) - Represents the time at which the original
packet arrived in Network Time Protocol (NTP)
format.Timestamp (fraction) - Represents the time at which the original
packet arrived in NTP format.Original Datagram - As much of invoking packet as possible
without the ICMPv6 packet exceeding the minimum ICMP MTU (576
bytes). The original datagram MUST be zero padded to the nearest
32-bit boundary.ICMP OAM messages SHOULD be rate limited by the sender.The Timestamp fields SHOULD be as accurate as possible. They SHOULD
reflect the time at which the original packet arrived, not the time at
which the ICMPv6 OAM message was sent.IANA is requested to add an entry to the ICMP Type registry
(https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml#icmp-parameters-types).
The ICMP message name is OAM and its value is TBD by IANA.All OAM actions elicited by the OAM bit must be rate-limited, so that
they cannot be used as denial of service attack vectors.The authors wish to acknowledge Ross Callon for his contributions to
this document.