MPLS Working Group X. Min Internet-Draft ZTE Corp. Intended status: Standards Track G. Mirsky Expires: 24 October 2023 Ericsson 22 April 2023 LSP Ping/Traceroute for Enabled In-situ OAM Capabilities draft-xiao-mpls-lsp-ping-ioam-conf-state-01 Abstract This document describes the MPLS Node IOAM Information Query functionality, which uses the MPLS echo request/reply messages, allowing the IOAM encapsulating node to discover the enabled IOAM capabilities of each IOAM transit and decapsulating node. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 24 October 2023. Copyright Notice Copyright (c) 2023 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License. Min & Mirsky Expires 24 October 2023 [Page 1] Internet-Draft LSP Ping for IOAM Capabilities April 2023 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Conventions Used in This Document . . . . . . . . . . . . . . 3 3. IOAM Capabilities Query TLV . . . . . . . . . . . . . . . . . 3 4. IOAM Capabilities Response TLV . . . . . . . . . . . . . . . 3 4.1. IOAM Capabilities Sub-TLVs . . . . . . . . . . . . . . . 4 4.2. Examples of IOAM Capabilities Response TLV . . . . . . . 5 5. Return Code Field Processing . . . . . . . . . . . . . . . . 7 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 6.1. TLV and Sub-TLV Allocation . . . . . . . . . . . . . . . 7 6.2. OAM Configuration Errors . . . . . . . . . . . . . . . . 8 7. Security Considerations . . . . . . . . . . . . . . . . . . . 9 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 9 9. Normative References . . . . . . . . . . . . . . . . . . . . 9 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 10 1. Introduction As specified in [RFC9359], echo request/reply can be used by the In- situ OAM (IOAM) encapsulating node to discover the enabled IOAM capabilities at IOAM transit and decapsulating nodes. [RFC8029] defines a probe message called "MPLS echo request", and a response message called "MPLS echo reply" for returning the result of the probe. This document describes the MPLS Node IOAM Information Query functionality, which uses the MPLS echo request/reply messages, allowing the IOAM encapsulating node to discover the enabled IOAM capabilities of each IOAM transit and decapsulating node. [RFC8029] specifies "ping" and "traceroute" modes. In "ping" mode, the ingress LSR sends a single MPLS echo request with the TTL in the outermost label set to 255. The MPLS echo request is intended to reach the end of the path and only the egress LSR is expected to respond with the MPLS echo reply. In "traceroute" mode, the ingress LSR transmits a sequence of MPLS echo requests with the TTL value being set in successive probe packets to 1, 2, and so on. Using TTL expiration as the exception mechanism, each LSR is expected to respond by transmitting an MPLS echo reply. In an MPLS network, the ingress LSR may also act as the IOAM encapsulating node. In such a case, a transit LSR acts as the IOAM transit node, and the egress LSR acts as the IOAM decapsulating node. Usually, the trace option of IOAM data is needed, the IOAM encapsulating node requires to query the enabled IOAM capabilities of each IOAM transit and decapsulating node, then the "traceroute" mode Min & Mirsky Expires 24 October 2023 [Page 2] Internet-Draft LSP Ping for IOAM Capabilities April 2023 can be used. In case that only the edge to edge option of IOAM data is needed, the IOAM encapsulating node requires to query the enabled IOAM Capabilities of only the IOAM decapsulating node, then the "ping" mode can be used. Note that in the current document only p2p MPLS LSP is taken into account, and p2mp MPLS LSP is for further study. 2. Conventions Used in This Document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. 3. IOAM Capabilities Query TLV The IOAM Capabilities Query TLV presented in Figure 1 is carried as a TLV of the MPLS Echo Request message: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IOAM Capa. Query Type (TBA1) | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ . IOAM Capabilities Query Container Payload . . as specified in . . Section 3.1 of RFC9359 . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 1: IOAM Capabilities Query TLV Type: Indicates the IOAM Capabilities Query TLV. The value is TBA1. Length: The length of the TLV's Value field in octets. The Value field is a List of IOAM Namespace-IDs, which is also called IOAM Capabilities Query Container Payload in Section 3.1 of [RFC9359]. 4. IOAM Capabilities Response TLV The IOAM Capabilities Response TLV presented in Figure 2 is carried as a TLV of the MPLS Echo Reply message: Min & Mirsky Expires 24 October 2023 [Page 3] Internet-Draft LSP Ping for IOAM Capabilities April 2023 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |IOAM Capa. Response Type (TBA2)| Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ . IOAM Capabilities Response Container Payload . . as specified in . . Section 3.2 of RFC9359 . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 2: IOAM Capabilities Response TLV Type: Indicates the IOAM Capabilities Response TLV. The value is TBA2. Length: The length of the TLV's Value field in octets. The Value field is a List of IOAM Capabilities Objects, which is also called IOAM Capabilities Response Container Payload in Section 3.2 of [RFC9359]. Each IOAM Capabilities Object is encoded in a sub-TLV format. 4.1. IOAM Capabilities Sub-TLVs All IOAM Capabilities sub-TLVs (aka Objects) are encapsulated in an IOAM Capabilities Response TLV of an MPLS Echo Reply message. Each IOAM Capabilities sub-TLV has the following format: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IOAM Capa. Sub-type (TBA) | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ . IOAM Capabilities Object Payload . . as specified in . . Section 3.2.x of RFC9359 . +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 3: IOAM Capabilities Sub-TLV Sub-type: Indicates the IOAM Capabilities sub-TLVs. The values are listed as the following: Min & Mirsky Expires 24 October 2023 [Page 4] Internet-Draft LSP Ping for IOAM Capabilities April 2023 Value Sub-type Name ----- ----------- TBA3 IOAM Pre-allocated Tracing Capabilities Object TBA4 IOAM Incremental Tracing Capabilities Object TBA5 IOAM Proof of Transit Capabilities Object TBA6 IOAM Edge-to-Edge Capabilities Object TBA7 IOAM DEX Capabilities Object TBA8 IOAM End-of-Domain Object Length: The length of the sub-TLV's Value field in octets. The Value field is the IOAM Capabilities Object Payload, which is defined respectively in Section 3.2.1, Section 3.2.2, Section 3.2.3, Section 3.2.4, Section 3.2.5 and Section 3.2.6 of [RFC9359]. 4.2. Examples of IOAM Capabilities Response TLV In a deployment where only the default Namespace-ID is used, the IOAM Pre-allocated Tracing Capabilities and IOAM Proof of Transit Capabilities are enabled at an IOAM transit node, if that IOAM transit node received an MPLS echo request containing IOAM Capabilities Query TLV, then the IOAM Capabilities Response TLV contained in an MPLS echo reply is depicted as the following: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |IOAM Capa. Response Type (TBA2)| Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IOAM Capa. Sub-type (TBA3) | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IOAM-Trace-Type | Reserved |W| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Namespace-ID | Ingress_MTU | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Ingress_if_id (short or wide format) ...... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IOAM Capa. Sub-type (TBA5) | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Namespace-ID | IOAM-POT-Type |SoP| Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 4: Example 1 of IOAM Capabilities Response TLV In a deployment where two Namespace-IDs (Namespace-ID1 and Namespace- ID2) are used, for both Namespace-ID1 and Namespace-ID2 the IOAM Pre- allocated Tracing Capabilities and IOAM Proof of Transit Capabilities are enabled at an IOAM transit node, if that IOAM transit node Min & Mirsky Expires 24 October 2023 [Page 5] Internet-Draft LSP Ping for IOAM Capabilities April 2023 received an MPLS echo request containing IOAM Capabilities Query TLV, then the IOAM Capabilities Response TLV contained in an MPLS echo reply is depicted as the following: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |IOAM Capa. Response Type (TBA2)| Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IOAM Capa. Sub-type (TBA3) | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IOAM-Trace-Type | Reserved |W| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Namespace-ID1 | Ingress_MTU | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Ingress_if_id (short or wide format) ...... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IOAM Capa. Sub-type (TBA5) | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Namespace-ID1 | IOAM-POT-Type |SoP| Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IOAM Capa. Sub-type (TBA3) | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IOAM-Trace-Type | Reserved |W| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Namespace-ID2 | Ingress_MTU | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Ingress_if_id (short or wide format) ...... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IOAM Capa. Sub-type (TBA5) | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Namespace-ID2 | IOAM-POT-Type |SoP| Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 5: Example 2 of IOAM Capabilities Response TLV Note that multiple sub-TLVs with the same sub-type may be present in an IOAM Capabilities Response TLV, as long as the Namespace-IDs in these sub-TLVs are all different. In a deployment where only the default Namespace-ID is used, the IOAM Pre-allocated Tracing Capabilities, IOAM Proof of Transit Capabilities and IOAM Edge-to-Edge Capabilities are enabled at the IOAM decapsulating node, if that IOAM decapsulating node received an MPLS echo request containing IOAM Capabilities Query TLV, then the IOAM Capabilities Response TLV contained in an MPLS echo reply is depicted as the following: Min & Mirsky Expires 24 October 2023 [Page 6] Internet-Draft LSP Ping for IOAM Capabilities April 2023 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |IOAM Capa. Response Type (TBA2)| Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IOAM Capa. Sub-type (TBA3) | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IOAM-Trace-Type | Reserved |W| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Namespace-ID | Ingress_MTU | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Ingress_if_id (short or wide format) ...... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IOAM Capa. Sub-type (TBA5) | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Namespace-ID | IOAM-POT-Type |SoP| Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IOAM Capa. Sub-type (TBA6) | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Namespace-ID | IOAM-E2E-Type | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |TSF| Reserved | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 6: Example 3 of IOAM Capabilities Response TLV 5. Return Code Field Processing The Return Code field in the MPLS echo reply MUST be set to (TBA9) No Matched Namespace-ID if any of the following conditions apply: * The IOAM Capabilities Query TLV does not include any Namespace-ID. * None of the contained list of IOAM Namespace-IDs is recognized. * None of the contained list of IOAM Namespace-IDs is enabled. 6. IANA Considerations 6.1. TLV and Sub-TLV Allocation IANA maintains the "Multiprotocol Label Switching (MPLS) Label Switched Paths (LSPs) Ping Parameters" registry, and within that registry a sub-registry for TLVs and sub-TLVs. Min & Mirsky Expires 24 October 2023 [Page 7] Internet-Draft LSP Ping for IOAM Capabilities April 2023 IANA is requested to allocate a new IOAM Capabilities Query TLV (Type TBA1) and a new IOAM Capabilities Response TLV (Type TBA2) from the Standards Action range (0-16383), and sub-TLVs as follows from sub- registry presented in Table 1, called "Sub-TLVs for TLV Type TBA2". Registration procedures for Sub-TLVs from ranges 0-16383 and 32768-49161 are by Standards Action. Ranges 16384-31739 and 49162-64507 are through RFC Required. +======+==========+============================+===============+ | Type | Sub-type | Value Field | Reference | +======+==========+============================+===============+ | TBA1 | | IOAM Capabilities Query | This document | +------+----------+----------------------------+---------------+ | TBA2 | | IOAM Capabilities Response | This document | +------+----------+----------------------------+---------------+ | | TBA3 | IOAM Pre-allocated Tracing | This document | | | | Capabilities Object | | +------+----------+----------------------------+---------------+ | | TBA4 | IOAM Incremental Tracing | This document | | | | Capabilities Object | | +------+----------+----------------------------+---------------+ | | TBA5 | IOAM Proof of Transit | This document | | | | Capabilities Object | | +------+----------+----------------------------+---------------+ | | TBA6 | IOAM Edge-to-Edge | This document | | | | Capabilities Object | | +------+----------+----------------------------+---------------+ | | TBA7 | IOAM DEX Capabilities | This document | | | | Object | | +------+----------+----------------------------+---------------+ | | TBA8 | IOAM End-of-Domain Object | This document | +------+----------+----------------------------+---------------+ Table 1: IANA TLV Type Allocation 6.2. OAM Configuration Errors IANA maintains the "Multiprotocol Label Switching (MPLS) Label Switched Paths (LSPs) Ping Parameters" registry, and within that registry a sub-registry "Return Codes". IANA is requested to assign a new Return Code from the Standards Action range (0-191) as follows: Min & Mirsky Expires 24 October 2023 [Page 8] Internet-Draft LSP Ping for IOAM Capabilities April 2023 +==================+=========================+===============+ | Error Value Code | Description | Reference | +==================+=========================+===============+ | TBA9 | No Matched Namespace-ID | This document | +------------------+-------------------------+---------------+ Table 2: IANA Return Code Allocation 7. Security Considerations Securiy issues discussed in [RFC8029] and [RFC9359] apply to this document. This document recommends that the network operators establish policies that restrict access to MPLS Node IOAM Information Query functionality. In order to enforce these policies, nodes that support MPLS Node IOAM Information Query functionality SHOULD support the following configuration options: * Enable/disable MPLS Node IOAM Information Query functionality. By default, MPLS Node IOAM Information Query functionality is disabled. * Define enabled Namespace-IDs. By default, all Namespace-IDs except the default one (i.e., Namespace-ID 0x0000) are disabled. 8. Acknowledgements To be added. 9. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC8029] Kompella, K., Swallow, G., Pignataro, C., Ed., Kumar, N., Aldrin, S., and M. Chen, "Detecting Multiprotocol Label Switched (MPLS) Data-Plane Failures", RFC 8029, DOI 10.17487/RFC8029, March 2017, . [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, . Min & Mirsky Expires 24 October 2023 [Page 9] Internet-Draft LSP Ping for IOAM Capabilities April 2023 [RFC9359] Min, X., Mirsky, G., and L. Bo, "Echo Request/Reply for Enabled In Situ OAM (IOAM) Capabilities", RFC 9359, DOI 10.17487/RFC9359, April 2023, . Authors' Addresses Xiao Min ZTE Corp. Nanjing China Phone: +86 25 88013062 Email: xiao.min2@zte.com.cn Greg Mirsky Ericsson United States of America Email: gregimirsky@gmail.com Min & Mirsky Expires 24 October 2023 [Page 10]