Label Switched Path (LSP) Ping/Traceroute for Segment Routing IGP Prefix and Adjacency SIDs with MPLS Data-planeCisco Systems, Inc.7200-12 Kit Creek RoadResearch Triangle ParkNC27709-4987USnaikumar@cisco.comCisco Systems, Inc.7200-11 Kit Creek RoadResearch Triangle ParkNC27709-4987UScpignata@cisco.comSouthend Technical Centerswallow.ietf@gmail.comBig Switch Networksnobo.akiya.dev@gmail.comIndividualsriganeshkini@gmail.comHuaweimach.chen@huawei.com
Internet
Network Work groupmplsA Segment Routing architecture leverages source routing and tunneling paradigms and
can be directly applied to use of a Multi Protocol Label Switching (MPLS) data plane. A node steers a packet through a
controlled set of instructions called segments, by prepending the packet with a Segment
Routing header. The segment assignment and forwarding semantic nature of
Segment Routing raises additional consideration for connectivity verification and
fault isolation for an LSP within a Segment Routing architecture. This document illustrates the problem and
defines extensions to perform LSP Ping and Traceroute for Segment Routing IGP Prefix and Adjacency SIDs with a MPLS data plane.
introduces and describes a
Segment Routing architecture
that leverages the source routing and tunneling paradigms. A node steers a packet through a
controlled set of instructions called segments, by prepending the packet with Segment Routing header. A
detailed definition of the Segment Routing architecture is available in
As described in
and
,
the Segment Routing architecture can be directly applied to an MPLS data plane, the Segment
identifier (Segment ID) will be of 20-bits size and the Segment Routing header is the label stack. "Detecting Multi-Protocol Label Switched (MPLS) Data Plane Failures"
defines a simple and efficient
mechanism to detect data plane failures in Label Switched Paths (LSP) by specifying
information to be carried in an MPLS "echo request" and "echo reply" for the purposes
of fault detection and isolation. Mechanisms for reliably sending the echo reply are defined.
The functionality defined in is modeled after the ping/traceroute
paradigm (ICMP echo request ) and is typically referred
to as LSP ping and LSP traceroute.
supports hierarchical and stitching LSPs.
Unlike LDP or RSVP which are the other
well-known MPLS control plane protocols, the basis of segment ID assignment in Segment Routing architecture
is not always on hop-by-hop basis. Depending on the type of segment ID, the assignment can be unique to
the node or within a domain.This nature of Segment Routing raises additional consideration for fault detection and
isolation in a Segment Routing network. This document illustrates the problem and
describes a mechanism to perform LSP Ping and Traceroute for Segment Routing IGP Prefix and Adjacency SIDs with a MPLS data plane.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL",
"SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY",
and "OPTIONAL" in this document are to be interpreted as
described in .
This document uses the terminologies defined in ,
, readers are expected to be familiar with it.
The following example describes the challenges with using the current MPLS OAM mechanisms on a Segment Routing network.
defines the MPLS OAM mechanisms that help with fault detection and
isolation for a MPLS data-plane path by the use of various Target FEC
Stack Sub-TLVs that are carried in MPLS Echo Request packets and used by the responder for
FEC validation. While it is obvious that new Sub-TLVs need to be assigned for Segment Routing, the
unique nature of the Segment Routing architecture raises the need for additional operational considerations for
path validation. This section discusses the challenges as below:
The forwarding semantic of Adjacency Segment ID is to pop the Segment ID and send the packet to
a specific neighbor over a specific link. A malfunctioning node may forward packets using
Adjacency Segment ID to an incorrect neighbor or over an incorrect link. The exposed Segment ID (of an
incorrectly forwarded Adjacency Segment ID) might still allow such packet to reach the
intended destination, although the intended strict traversal has been broken.Assume in above topology, R1 sends traffic with segment stack as {9124, 5008} so that the path taken
will be R1-R2-R4-R5-R7-R8. If the Adjacency Segment ID 9124 is misprogrammed in R2 to send the packet to R1 or R3, the packet may still be delivered to R8 (if the nodes are
configured with same SRGB) but is not via the expected path.
MPLS traceroute may help with detecting such a deviation in the above mentioned scenario. However, in a different example, it may not be
helpful. For example if R3, due to misprogramming, forwards a packet with Adjacency Segment ID 9236 via link L1, while it is expected
to be forwarded over Link L2.
The format of the following Segment ID sub-TLVs follows the philosophy of Target FEC Stack
TLV carrying FECs corresponding to each label in the label stack.
When operated with the procedures defined in , this allows LSP
ping/traceroute operations to function when Target FEC Stack TLV
contains more FECs than received label stack at responder nodes.Three new sub-TLVs are defined for Target FEC Stack TLVs (Type 1),
Reverse-Path Target FEC Stack TLV (Type 16) and Reply Path TLV (Type 21).
The format is as below:IPv4 Prefix
This field carries the IPv4 prefix to which the Segment
ID is assigned. In case of Anycast Segment ID, this field will
carry IPv4 Anycast address. If the prefix is shorter than 32 bits, trailing bits
SHOULD be set to zero.Prefix Length
The Prefix Length field is one octet, it gives the length of
the prefix in bits (values can be 1 - 32).Protocol
Set to 1, if the Responder MUST perform FEC validation using OSPF as IGP
protocol. Set to 2, if the Responder MUST perform Egress FEC validation using ISIS
as IGP protocol. Set to 0, if Responder can use any IGP protocol for Egress FEC validation.
The format is as below:IPv6 Prefix
This field carries the IPv6 prefix to which the Segment
ID is assigned. In case of Anycast Segment ID, this field will
carry IPv4 Anycast address. If the prefix is shorter than 128 bits, trailing
bits SHOULD be set to zero.Prefix Length
The Prefix Length field is one octet, it gives the length of
the prefix in bits (values can be 1 - 128).Protocol
Set to 1, if the Responder MUST perform FEC validation using OSPF as IGP
protocol. Set to 2, if the Responder MUST perform Egress FEC validation using ISIS
as IGP protocol. Set to 0, if Responder can use any IGP protocol for Egress FEC validation.
This Sub-TLV is applicable for any IGP-Adjacency defined in
Section 3.5 of . The format is as below:
Adj. Type (Adjacency Type)
Set to 1, when the Adjacency Segment is Parallel Adjacency as defined in
Section 3.4.1 of . Set to 4,
when the Adjacency segment is IPv4 based and is not a parallel adjacency. Set to
6, when the Adjacency segment is IPv6 based and is not a parallel adjacency.
Set to 0, when the Adjacency segment is over unnumbered interface.Protocol
Set to 1, if the Responder MUST perform FEC validation using OSPF as IGP
protocol. Set to 2, if the Responder MUST perform Egress FEC validation using ISIS
as IGP protocol. Set to 0, if Responder can use any IGP protocol for Egress FEC validation.
Local Interface ID
An identifier that is assigned by local LSR for a link on which Adjacency
Segment ID is bound. This field is set to local link address (IPv4 or IPv6).
Incase of unnumbered, a 32 bit link identifier as defined in ,
is used.
If the Adjacency Segment ID represents parallel adjacencies
(), this field MUST be set
to 4 bytes of zero.
Remote Interface ID
An identifier that is assigned by remote LSR for a link on which Adjacency
Segment ID is bound. This field is set to remote (downstream neighbor)
link address (IPv4 or IPv6).
In case of unnumbered, a 32 bit link identifier as defined in ,
is used.
If the Adjacency Segment ID represents parallel adjacencies
(), this field MUST be set
to 4 bytes of zero.Advertising Node Identifier
Specifies the advertising node identifier. When Protocol is set to 1,
then the 32 rightmost bits represent OSPF Router ID and if protocol is set to
2, this field carries 48 bit ISIS System ID.Receiving Node Identifier
Specifies the downstream node identifier. When Protocol is set to 1,
then the 32 rightmost bits represent OSPF Router ID and if protocol is set to
2, this field carries 48 bit ISIS System ID.In an echo reply, the Downstream Detailed Mapping TLV is used to
report for each interface over which a FEC could be forwarded. For
a FEC, there are multiple protocols that may be used to distribute
label mapping. The "Protocol" field of the Downstream Detailed Mapping TLV is
used to return the protocol that is used to distribute the
label carried in "Downstream Label" field. The following protocols are defined
in :
With segment routing, OSPF or ISIS can be used for label
distribution, this document adds two new protocols as follows:
This section describes aspects of LSP Ping and traceroute operations that require further considerations beyond .When LSP echo request packets are generated by an initiator, FECs carried in the Target FEC Stack TLV may need to differ to support a Segment Routing architecture. The following defines Target FEC Stack TLV construction mechanics by an initiator for Segment Routing scenarios.
Ping
Initiator MUST include FEC(s) corresponding to the destination segment.Initiator MAY include FECs corresponding to some or all of segments imposed in the label stack by the initiator to communicate the segments traversed.Traceroute
Initiator MUST initially include FECs corresponding to all of segments imposed in the label stack.When a received echo reply contains FEC Stack Change TLV with one or more of original segment(s) being popped, initiator MAY remove corresponding FEC(s) from Target FEC Stack TLV in the next (TTL+1) traceroute request as defined in Section 4.6 of .When a received echo reply does not contain FEC Stack Change TLV, initiator MUST NOT attempt to remove FEC(s) from Target FEC Stack TLV in the next (TTL+1) traceroute request. As defined in and
, Prefix SID can be advertised
as absolute value, index or as range. In any of these cases, Initiator MUST derive the
Prefix mapped to the Prefix SID and use it in IGP-Prefix Segment ID defined in Section
5.1 and 5.2.
defines a FEC Stack Change sub-TLV that a router must include when the FEC stack changes.The network node which advertised the Node Segment ID is responsible for generating a FEC Stack Change sub-TLV with pop operation type for Node Segment ID, regardless of whether penultimate hop popping (PHP) is enabled or not.The network node that is immediate downstream of the node which advertised the Adjacency Segment ID is responsible for generating FEC Stack Change sub-TLV for "POP" operation for Adjacency Segment ID.The forwarding semantic of Node Segment ID with PHP flag is equivalent to usage of implicit Null in MPLS protocols.
Adjacency Segment ID is also similar in a sense that it can be thought of as locally allocated
segment that has PHP enabled destined for next hop IGP adjacency node. Procedures described in
Section 4.4 of relies on Stack-D and Stack-R explicitly having Implicit Null value. It may simplify
implementations to reuse Implicit Null for Node Segment ID PHP and Adjacency Segment ID cases.This section modifies the procedure defined in Section 4.4.1 of .
Step 4 defined in Section 4.4.1 of is updated as below:
4a. Segment Routing IGP Prefix and Adjacency SID Validation:
If the Label-stack-depth is 0 and Target FEC Stack Sub-TLV at FEC-stack-depth is 34 (IPv4 IGP-Prefix Segment ID), {
Set Best return code to 10, "Mapping for this FEC is not the given label at stack-depth
<RSC>" if any below conditions fail:/* The responder LSR is to check if it is the egress of the IPv4 IGP-Prefix Segment ID described in the Target FEC Stack Sub-TLV, and if the FEC was advertised with the PHP bit set.*/Validate that Node Segment ID is advertised for IPv4 Prefix by IGP Protocol{
When protocol field in received IPv4 IGP-Prefix Segment ID Sub-TLV is 0, Use any locally enabled IGP protocol.When protocol field in received IPv4 IGP-Prefix Segment ID Sub-TLV is 1, Use OSPF as IGP protocol.When protocol field in received IPv4 IGP-Prefix Segment ID Sub-TLV is 2, Use ISIS as IGP protocol.When protocol field in received IPv4 IGP-Prefix Segment ID Sub-TLV is any other value, it MUST be treated as Protocol value of 0.
}Validate that Node Segment ID is advertised with No-PHP flag {
When Protocol is OSPF, NP-flag defined in Section 5 of MUST be set to 0.When Protocol is ISIS, P-Flag defined in Section 2.1 of MUST be set to 0.
} set FEC-Status to 1, and return.
}Else if the Label-stack-depth is greater than 0 and Target FEC Stack Sub-TLV at FEC-stack-depth is 34 (IPv4 IGP-Prefix Segment ID), {
Set Best return code to 10 if any below conditions fail:Validate that Node Segment ID is advertised for IPv4 Prefix by IGP Protocol {
When protocol field in received IPv4 IGP-Prefix Segment ID Sub-TLV is 0, Use any locally enabled IGP protocol.When protocol field in received IPv4 IGP-Prefix Segment ID Sub-TLV is 1, Use OSPF as IGP protocol.When protocol field in received IPv4 IGP-Prefix Segment ID Sub-TLV is 2, Use ISIS as IGP protocol.When protocol field in received IPv4 IGP-Prefix Segment ID Sub-TLV is any other value, it MUST be treated as Protocol value of 0.
}set FEC-Status to 1, and return.
}Else if the Label-stack-depth is 0 and Target FEC Sub-TLV at FEC-stack-depth is 35 (IPv6 IGP-Prefix Segment ID), {
Set Best return code to 10 if any of the below conditions fail:/* The LSR needs to check if its being a tail-end for the LSP and have the prefix advertised with PHP bit set*/Validate that Node Segment ID is advertised for IPv6 Prefix by IGP Protocol {
When protocol field in received IPv6 IGP-Prefix Segment ID Sub-TLV is 0, Use any locally enabled IGP protocol.When protocol field in received IPv6 IGP-Prefix Segment ID Sub-TLV is 1, Use OSPF as IGP protocol.When protocol field in received IPv6 IGP-Prefix Segment ID Sub-TLV is 2, Use ISIS as IGP protocol.When protocol field in received IPv6 IGP-Prefix Segment ID Sub-TLV is any other value, it MUST be treated as Protocol value of 0.
}Validate that Node Segment ID is advertised with No-PHP flag. {
When Protocol is OSPF, NP-flag defined in Section 5 of MUST be set to 0.When Protocol is ISIS, P-Flag defined in Section 2.1 of MUST be set to 0.
}set FEC-Status to 1, and return.
}Else if the Label-stack-depth is greater than 0 and Target FEC Sub-TLV at FEC-stack-depth is 35 (IPv6 IGP-Prefix Segment ID), {
set Best return code to 10 if any below conditions fail:Validate that Node Segment ID is advertised for IPv4 Prefix by IGP Protocol {
When protocol field in received IPv6 IGP-Prefix Segment ID Sub-TLV is 0, Use any locally enabled IGP protocol.When protocol field in received IPv6 IGP-Prefix Segment ID Sub-TLV is 1, Use OSPF as IGP protocol.When protocol field in received IPv6 IGP-Prefix Segment ID Sub-TLV is 2, Use ISIS as IGP protocol.When protocol field in received IPv6 IGP-Prefix Segment ID Sub-TLV is any other value, it MUST be treated as Protocol value of 0.
}set FEC-Status to 1, and return.
}Else if the Target FEC sub-TLV at FEC-stack-depth is 36 (IGP-Adjacency Segment ID), {
set Best return code to TBD1 (Section 10.3) if any below conditions fail:When the Adj. Type is 1 (Parallel Adjacency):
Validate that Receiving Node Identifier is local IGP identifier.Validate that IGP-Adjacency Segment ID is advertised by Advertising Node Identifier of Protocol in local IGP database {
When protocol field in received IGP-Adjacency Segment ID Sub-TLV is 0, Use any locally enabled IGP protocol.When protocol field in received IGP-Adjacency Segment ID Sub-TLV is 1, Use OSPF as IGP protocol.When protocol field in received IGP-Adjacency Segment ID Sub-TLV is 2, Use ISIS as IGP protocol.When protocol field in received IGP-Adjacency Segment ID Sub-TLV is any other value, it MUST be treated as Protocol value of 0.
}When the Adj. Type is 4 or 6 (IGP Adjacency or LAN Adjacency):
Validate that Remote Interface ID matches the local identifier of the interface (Interface-I) on which the packet was received.Validate that Receiving Node Identifier is local IGP identifier.Validate that IGP-Adjacency Segment ID is advertised by Advertising Node Identifier of Protocol in local IGP database {
When protocol field in received IGP-Adjacency Segment ID Sub-TLV is 0, Use any locally enabled IGP protocol.When protocol field in received IGP-Adjacency Segment ID Sub-TLV is 1, Use OSPF as IGP protocol.When protocol field in received IGP-Adjacency Segment ID Sub-TLV is 2, Use ISIS as IGP protocol.When protocol field in received IGP-Adjacency Segment ID Sub-TLV is any other value, it MUST be treated as Protocol value of 0.
}set FEC-Status to 1, and return.
}LSP Traceroute operation can properly traverse every hop of Segment
Routing network for the Uniform Model as described in . If one or
more LSRs employ a Short Pipe Model, as described in , then LSP
Traceroute may not be able to properly traverse every hop of Segment
Routing network due to the absence of TTL copy operation when the outer label
is popped. The Short Pipe is one of the most commonly used models. The following TTL manipulation technique MAY
be used when the Short Pipe model is used.
When tracing a LSP according to the procedures in the TTL
is incremented by one in order to trace the path sequentially along
the LSP. However when a source routed LSP has to be traced there are
as many TTLs as there are labels in the stack. The LSR that
initiates the traceroute SHOULD start by setting the TTL to 1 for the
tunnel in the LSP's label stack it wants to start the tracing from,
the TTL of all outer labels in the stack to the max value, and the
TTL of all the inner labels in the stack to zero. Thus a typical
start to the traceroute would have a TTL of 1 for the outermost label
and all the inner labels would have TTL 0. If the FEC Stack TLV is
included it should contain only those for the inner stacked tunnels.
The Return Code/Subcode and FEC Stack Change TLV should be
used to diagnose the tunnel as described in . When the
tracing of a tunnel in the stack is complete, then the next tunnel in
the stack should be traced. The end of a tunnel can be detected from
the "Return Code" when it indicates that the responding LSR is an
egress for the stack at depth 1. Thus the traceroute procedures in
can be recursively applied to traceroute a source routed
LSP.
describes how
Segment Routing operates in a network where SR-capable and non-SR-capable nodes
coexist. In such networks, there may not be any FEC mapping in the responder,
when the Initiator is SR-capable, while the responder is not (or vice-versa). But this is
not different from RSVP and LDP interop scenarios. When LSP Ping is triggered, the responder
will set the FEC-return-code to Return 4, "Replying router has no mapping for the FEC at
stack-depth".
Similarly when a SR-capable node assigns Adj-SID for a non-SR-capable node, LSP traceroute may
fail as the non-SR-capable node is not aware of "IGP Adjacency Segment ID" sub-TLV and
may not reply with FEC Stack change. This may result in any further downstream nodes
to reply back with Return-code as 4, "Replying router has no mapping for the FEC at
stack-depth".
IANA is requested to assign three new Sub-TLVs from "Sub-TLVs for TLV Types 1,
16 and 21" sub-registry from the "Multi-Protocol Label Switching (MPLS) Label
Switched Paths (LSPs) Ping Parameters"
registry.
IANA is requested to create a new "Protocol" registry under the
"Multi-Protocol Label Switching (MPLS) Label Switched Paths (LSPs)
Ping Parameters" registry. Code points in the range of 0-250
will be assigned by Standards Action. The range of 251-254 are
reserved for experimental use and will not be assigned. The
initial entries into the registry will be:
IANA is requested to assign a new Return Code from the "Multi-Protocol Label
Switching (MPLS) Label Switched Paths (LSPs) Ping Parameters" in "Return Codes"
Sub-registry.
Note to the RFC Editor (please remove before publication): IANA has
made early allocation for sub-type 34, 35 and 35. The early
allocation expires 2017-09-15.
This document defines additional MPLS LSP Ping Sub-TLVs and follows the mechanisms defined
in . All the security considerations defined in
will be applicable for this document, and in addition,
they do not impose any additional security challenges to be considered. The authors would like to thank Stefano Previdi, Les Ginsberg,
Balaji Rajagopalan, Harish Sitaraman, Curtis Villamizar, Pranjal Dutta,
Lizhong Jin, Tom Petch, Victor Ji and Mustapha Aissaoui, Tony Przygienda,
Alexander Vainshtein and Deborah Brungard for their review and comments. The authors wold like to thank Loa Andersson for his comments and
recommendation to merge drafts.The following are key contributors to this document:
Hannes Gredler, RtBrick, Inc.Tarek Saad, Cisco Systems, Inc.Siva Sivabalan, Cisco Systems, Inc.Balaji Rajagopalan, Juniper NetworksFaisal Iqbal, Cisco Systems, Inc.Multi-Protocol Label Switching (MPLS) Label Switched Paths (LSPs) Ping ParametersIANA