Geneve encapsulation for In-situ OAM Data

In-situ OAM (IOAM) records OAM information within the packet while the packet traverses a particular network domain. The term "in-situ" refers to the fact that the IOAM data fields are added to the data packets rather than is being sent within packets specifically dedicated to OAM. This document defines how IOAM data fields are transported as part of the Geneve encapsulation. The IOAM data fields are defined in .

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in .

Abbreviations used in this document: In-situ Operations, Administration, and Maintenance Maximum Transmit Unit Operations, Administration, and Maintenance Proof of Transit Generic Network Virtualization Encapsulation

For encapsulating IOAM data fields into Geneve the different IOAM data fields are included in the Geneve header using tunnel options. IOAM data fields use a tunnel option class which includes the different types of IOAM data, including trace data, proof-of-transit data, and edge-to-edge data. In an administrative domain where IOAM is used, insertion of the IOAM tunnel option(s) in Geneve is enabled at the Geneve tunnel endpoints which also serve as IOAM encapsulating/decapsulating nodes by means of configuration. The Geneve header is defined in . IOAM specific fields for Geneve are defined in this document.

IOAM tracing data represents data that is inserted at nodes that a packet traverses. To allow for optimal implementations in both software as well as hardware forwarders, two different ways to encapsulate IOAM data are defined: "Pre-allocated" and "incremental". See for details on IOAM tracing and the pre-allocated and incremental IOAM trace options. The packet formats of the pre-allocated IOAM trace and incremental IOAM trace when encapsulated in Geneve are defined as below.

The IOAM Trace header consists of 8 octets, as illustrated in and . The first 4 octets are the Geneve Tunnel Option header . The next 4 octets are the trace option header; its format is defined in , and is described here for the sake of clarity.

The fields of the Geneve tunnel option are as follows: 16-bit unsigned integer that determines the IOAM option class. The value is from the IANA registry setup for Geneve option classes as defined in . 8-bit unsigned integer defining IOAM header type. Two values are defined here: IOAM_TRACE_Preallocated and IOAM_Trace_Incremental. Option control flags reserved for future use. MUST be zero on transmission and ignored on receipt. 5-bit unsigned integer. Length of the IOAM HDR in 4-octet units. The fields of the trace option header are as follows: 16-bit identifier of IOAM Trace Type as defined in IOAM-Trace-Types. 4-bit unsigned integer as defined in . 5-bit field as defined in . 7-bit unsigned integer as defined in . 7-bit unsigned integer as defined in . Variable-length field as defined in .

IOAM proof of transit (POT, see also ) offers a means to verify that a packet has traversed a defined set of nodes. IOAM POT data fields are encapsulated in Geneve as follows:

The first 4 octets of the IOAM POT are the Geneve tunnel option header (), which includes the following fields: 16-bit unsigned integer that determines the IOAM_POT option class.The value is from the IANA registry setup for Geneve option classes as defined in . 7-bit identifier of a particular POT variant that specifies the POT data that is to be included as defined in . 1-bit as defined in IOAM POT Option. Option control flags reserved for future use. MUST be zero on transmission and ignored on receipt. 5-bit unsigned integer. Length of the IOAM HDR in 4-octet units.

The rest of the fields in the POT option are as follows: 64-bit Per-packet random number. 64-bit Cumulative value that is updated by the Service Functions.

The IOAM edge-to-edge option is to carry data that is added by the IOAM encapsulating node and interpreted by the IOAM decapsulating node. IOAM specific fields to encapsulate IOAM Edge-to-Edge data fields are defined as follows:

The first 4 octets of the IOAM E2E option are the Geneve tunnel option header (), which includes the following fields: 16-bit unsigned integer that determines the IOAM_E2E option class.The value is from the IANA registry setup for Geneve option classes as defined in . 8-bit identifier of a particular E2E variant that specifies the E2E data that is included as defined in . Option control flags reserved for future use. MUST be zero on transmission and ignored on receipt. 5-bit unsigned integer. Length of the IOAM HDR in 4-octet units.

The rest of the E2E option consists of: Variable length field as defined in IOAM E2E Option.

This section is to support the working group discussion in selecting the most appropriate approach for encapsulating IOAM data fields in Geneve. An encapsulation of IOAM data fields in Geneve should be friendly to an implementation in both hardware as well as software forwarders and support a wide range of deployment cases, including large networks that desire to leverage multiple IOAM data fields at the same time. Hardware and software friendly implementation: Hardware forwarders benefit from an encapsulation that minimizes iterative look-ups of fields within the packet: Any operation which looks up the value of a field within the packet, based on which another lookup is performed, consumes additional gates and time in an implementation - both of which are desired to be kept to a minimum. This means that flat TLV structures are to be preferred over nested TLV structures. IOAM data fields are grouped into three option categories: Trace, proof-of-transit, and edge-to-edge. Each of these three options defines a TLV structure. A hardware-friendly encapsulation approach avoids grouping these three option categories into yet another TLV structure, but would rather carry the options as a serial sequence. Total length of the IOAM data fields: The total length of IOAM data can grow quite large in case multiple different IOAM data fields are used and large path-lengths need to be considered. If for example an operator would consider using the IOAM trace option and capture node-id, app_data, egress/ingress interface-id, timestamp seconds, timestamps nanoseconds at every hop, then a total of 20 octets would be added to the packet at every hop. In case this particular deployment would have a maximum path length of 15 hops in the IOAM domain, then a maximum of 300 octets of IOAM data were to be encapsulated in the packet. Concerns with the current encapsulation approach: Hardware support: Using Geneve tunnel options to encapsulate IOAM data fields leads to a nested TLV structure. Each IOAM data field option (trace, proof-of-transit, and edge-to-edge) represents a type, with the different IOAM data fields being TLVs within this the particular option type. Nested TLVs require iterative look-ups, a fact that creates potential challenges for implementations in hardware. It would be desirable to offer a way to encapsulate IOAM in a way that keeps TLV nesting to a minimum. Length: Geneve tunnel option length is a 5-bit field in the current specification resulting in a maximum option length of 128 (2^5 x 4) octets which constrains the use of IOAM to either small domains or a few IOAM data fields only. Support for large domains with a variety of IOAM data fields would be desirable.

IANA is requested to allocate a Geneve "option class" numbers for the following IOAM types:

The security considerations of Geneve are discussed in , and the security considerations of IOAM in general are discussed in . IOAM is considered a "per domain" feature, where one or several operators decide on leveraging and configuring IOAM according to their needs. Still, operators need to properly secure the IOAM domain to avoid malicious configuration and use, which could include injecting malicious IOAM packets into a domain.

The authors would like to thank Eric Vyncke, Nalini Elkins, Srihari Raghavan, Ranganathan T S, Karthik Babu Harichandra Babu, Akshaya Nadahalli, Stefano Previdi, Hemant Singh, Erik Nordmark, LJ Wobker, and Andrew Yourtchenko for the comments and advice.