< draft-ietf-ippm-ioam-data-06.txt   draft-ietf-ippm-ioam-data-07.txt >
ippm F. Brockners ippm F. Brockners
Internet-Draft S. Bhandari Internet-Draft S. Bhandari
Intended status: Standards Track C. Pignataro Intended status: Standards Track C. Pignataro
Expires: January 5, 2020 Cisco Expires: March 14, 2020 Cisco
H. Gredler H. Gredler
RtBrick Inc. RtBrick Inc.
J. Leddy J. Leddy
S. Youell S. Youell
JPMC JPMC
T. Mizrahi T. Mizrahi
Huawei Network.IO Innovation Lab Huawei Network.IO Innovation Lab
D. Mozes D. Mozes
P. Lapukhov P. Lapukhov
Facebook Facebook
R. Chang R. Chang
Barefoot Networks Barefoot Networks
D. Bernier D. Bernier
Bell Canada Bell Canada
J. Lemon J. Lemon
Broadcom Broadcom
July 04, 2019 September 11, 2019
Data Fields for In-situ OAM Data Fields for In-situ OAM
draft-ietf-ippm-ioam-data-06 draft-ietf-ippm-ioam-data-07
Abstract Abstract
In-situ Operations, Administration, and Maintenance (IOAM) records In-situ Operations, Administration, and Maintenance (IOAM) records
operational and telemetry information in the packet while the packet operational and telemetry information in the packet while the packet
traverses a path between two points in the network. This document traverses a path between two points in the network. This document
discusses the data fields and associated data types for in-situ OAM. discusses the data fields and associated data types for in-situ OAM.
In-situ OAM data fields can be embedded into a variety of transports In-situ OAM data fields can be embedded into a variety of transports
such as NSH, Segment Routing, Geneve, native IPv6 (via extension such as NSH, Segment Routing, Geneve, native IPv6 (via extension
header), or IPv4. In-situ OAM can be used to complement OAM header), or IPv4. In-situ OAM can be used to complement OAM
skipping to change at page 2, line 10 skipping to change at page 2, line 10
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 5, 2020. This Internet-Draft will expire on March 14, 2020.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 32 skipping to change at page 2, line 32
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Scope, Applicability, and Assumptions . . . . . . . . . . . . 4 3. Scope, Applicability, and Assumptions . . . . . . . . . . . . 4
4. IOAM Data Types and Formats . . . . . . . . . . . . . . . . . 5 4. IOAM Data-Fields, Types, Nodes . . . . . . . . . . . . . . . 5
4.1. IOAM Namespaces . . . . . . . . . . . . . . . . . . . . . 7 4.1. IOAM Data-Fields and Option-Types . . . . . . . . . . . . 5
4.2. IOAM Tracing Options . . . . . . . . . . . . . . . . . . 9 4.2. IOAM-Domains and types of IOAM Nodes . . . . . . . . . . 6
4.2.1. Pre-allocated and Incremental Trace Options . . . . . 11 4.3. IOAM-Namespaces . . . . . . . . . . . . . . . . . . . . . 7
4.2.2. IOAM node data fields and associated formats . . . . 15 4.4. IOAM Trace Option-Types . . . . . . . . . . . . . . . . . 9
4.2.3. Examples of IOAM node data . . . . . . . . . . . . . 21 4.4.1. Pre-allocated and Incremental Trace Option-Types . . 11
4.3. IOAM Proof of Transit Option . . . . . . . . . . . . . . 22 4.4.2. IOAM node data fields and associated formats . . . . 15
4.3.1. IOAM Proof of Transit Type 0 . . . . . . . . . . . . 24 4.4.3. Examples of IOAM node data . . . . . . . . . . . . . 21
4.4. IOAM Edge-to-Edge Option . . . . . . . . . . . . . . . . 25 4.5. IOAM Proof of Transit Option-Type . . . . . . . . . . . . 23
5. Timestamp Formats . . . . . . . . . . . . . . . . . . . . . . 27 4.5.1. IOAM Proof of Transit Type 0 . . . . . . . . . . . . 25
5.1. PTP Truncated Timestamp Format . . . . . . . . . . . . . 27 4.6. IOAM Edge-to-Edge Option-Type . . . . . . . . . . . . . . 26
5.2. NTP 64-bit Timestamp Format . . . . . . . . . . . . . . . 28 5. Timestamp Formats . . . . . . . . . . . . . . . . . . . . . . 28
5.3. POSIX-based Timestamp Format . . . . . . . . . . . . . . 29 5.1. PTP Truncated Timestamp Format . . . . . . . . . . . . . 28
6. IOAM Data Export . . . . . . . . . . . . . . . . . . . . . . 31 5.2. NTP 64-bit Timestamp Format . . . . . . . . . . . . . . . 29
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 31 5.3. POSIX-based Timestamp Format . . . . . . . . . . . . . . 30
6. IOAM Data Export . . . . . . . . . . . . . . . . . . . . . . 32
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 32
7.1. Creation of a new In-Situ OAM Protocol Parameters 7.1. Creation of a new In-Situ OAM Protocol Parameters
Registry (IOAM) Protocol Parameters IANA registry . . . . 31 Registry (IOAM) Protocol Parameters IANA registry . . . . 32
7.2. IOAM Type Registry . . . . . . . . . . . . . . . . . . . 32 7.2. IOAM Option-Type Registry . . . . . . . . . . . . . . . . 33
7.3. IOAM Trace Type Registry . . . . . . . . . . . . . . . . 32 7.3. IOAM Trace-Type Registry . . . . . . . . . . . . . . . . 33
7.4. IOAM Trace Flags Registry . . . . . . . . . . . . . . . . 33 7.4. IOAM Trace-Flags Registry . . . . . . . . . . . . . . . . 34
7.5. IOAM POT Type Registry . . . . . . . . . . . . . . . . . 33 7.5. IOAM POT-Type Registry . . . . . . . . . . . . . . . . . 34
7.6. IOAM POT Flags Registry . . . . . . . . . . . . . . . . . 33 7.6. IOAM POT-Flags Registry . . . . . . . . . . . . . . . . . 34
7.7. IOAM E2E Type Registry . . . . . . . . . . . . . . . . . 33 7.7. IOAM E2E-Type Registry . . . . . . . . . . . . . . . . . 35
7.8. IOAM Namespace-ID Registry . . . . . . . . . . . . . . . 34 7.8. IOAM Namespace-ID Registry . . . . . . . . . . . . . . . 35
8. Security Considerations . . . . . . . . . . . . . . . . . . . 34 8. Security Considerations . . . . . . . . . . . . . . . . . . . 35
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 35 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 36
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 36 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 37
10.1. Normative References . . . . . . . . . . . . . . . . . . 36 10.1. Normative References . . . . . . . . . . . . . . . . . . 37
10.2. Informative References . . . . . . . . . . . . . . . . . 36 10.2. Informative References . . . . . . . . . . . . . . . . . 37
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 38 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 39
1. Introduction 1. Introduction
This document defines data fields for "in-situ" Operations, This document defines data fields for "in-situ" Operations,
Administration, and Maintenance (IOAM). In-situ OAM records OAM Administration, and Maintenance (IOAM). In-situ OAM records OAM
information within the packet while the packet traverses a particular information within the packet while the packet traverses a particular
network domain. The term "in-situ" refers to the fact that the OAM network domain. The term "in-situ" refers to the fact that the OAM
data is added to the data packets rather than is being sent within data is added to the data packets rather than is being sent within
packets specifically dedicated to OAM. IOAM is to complement packets specifically dedicated to OAM. IOAM is to complement
mechanisms such as Ping or Traceroute, or more recent active probing mechanisms such as Ping or Traceroute, or more recent active probing
mechanisms as described in [I-D.lapukhov-dataplane-probe]. In terms mechanisms as described in [I-D.lapukhov-dataplane-probe]. In terms
of "active" or "passive" OAM, "in-situ" OAM can be considered a of "active" or "passive" OAM, "in-situ" OAM can be considered a
hybrid OAM type. While no extra packets are sent, IOAM adds hybrid OAM type. "In-situ" mechanisms do not require extra packets
information to the packets therefore cannot be considered passive. to be sent. IOAM adds information to the already available data
In terms of the classification given in [RFC7799] IOAM could be packets and therefore cannot be considered passive. In terms of the
portrayed as Hybrid Type 1. "In-situ" mechanisms do not require classification given in [RFC7799] IOAM could be portrayed as Hybrid
extra packets to be sent and hence don't change the packet traffic Type 1. IOAM mechanisms can be leveraged where mechanisms using e.g.
mix within the network. IOAM mechanisms can be leveraged where ICMP do not apply or do not offer the desired results, such as
mechanisms using e.g. ICMP do not apply or do not offer the desired proving that a certain traffic flow takes a pre-defined path, SLA
results, such as proving that a certain traffic flow takes a pre- verification for the live data traffic, detailed statistics on
defined path, SLA verification for the live data traffic, detailed traffic distribution paths in networks that distribute traffic across
statistics on traffic distribution paths in networks that distribute multiple paths, or scenarios in which probe traffic is potentially
traffic across multiple paths, or scenarios in which probe traffic is handled differently from regular data traffic by the network devices.
potentially handled differently from regular data traffic by the
network devices.
2. Conventions 2. Conventions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119]. document are to be interpreted as described in [RFC2119].
Abbreviations used in this document: Abbreviations used in this document:
E2E Edge to Edge E2E Edge to Edge
skipping to change at page 4, line 42 skipping to change at page 4, line 42
Geneve, IPv6, or IPv4. Specification details for these different Geneve, IPv6, or IPv4. Specification details for these different
transport protocols are outside the scope of this document. transport protocols are outside the scope of this document.
Deployment domain (or scope) of in-situ OAM deployment: IOAM is a Deployment domain (or scope) of in-situ OAM deployment: IOAM is a
network domain focused feature, with "network domain" being a set of network domain focused feature, with "network domain" being a set of
network devices or entities within a single administration. For network devices or entities within a single administration. For
example, a network domain can include an enterprise campus using example, a network domain can include an enterprise campus using
physical connections between devices or an overlay network using physical connections between devices or an overlay network using
virtual connections / tunnels for connectivity between said devices. virtual connections / tunnels for connectivity between said devices.
A network domain is defined by its perimeter or edge. Designers of A network domain is defined by its perimeter or edge. Designers of
carrier protocols for IOAM must specify mechanisms to ensure that protocol encapsulations for IOAM must specify mechanisms to ensure
IOAM data stays within an IOAM domain. In addition, the operator of that IOAM data stays within an IOAM domain. In addition, the
such a domain is expected to put provisions in place to ensure that operator of such a domain is expected to put provisions in place to
IOAM data does not leak beyond the edge of an IOAM domain, e.g. using ensure that IOAM data does not leak beyond the edge of an IOAM
for example packet filtering methods. The operator should consider domain, e.g. using for example packet filtering methods. The
potential operational impact of IOAM to mechanisms such as ECMP operator should consider the potential operational impact of IOAM to
processing (e.g. load-balancing schemes based on packet length could mechanisms such as ECMP processing (e.g. load-balancing schemes
be impacted by the increased packet size due to IOAM), path MTU (i.e. based on packet length could be impacted by the increased packet size
ensure that the MTU of all links within a domain is sufficiently due to IOAM), path MTU (i.e. ensure that the MTU of all links within
large to support the increased packet size due to IOAM) and ICMP a domain is sufficiently large to support the increased packet size
message handling (i.e. in case of a native IPv6 transport, IOAM due to IOAM) and ICMP message handling (i.e. in case of a native IPv6
support for ICMPv6 Echo Request/Reply could desired which would transport, IOAM support for ICMPv6 Echo Request/Reply could desired
translate into ICMPv6 extensions to enable IOAM data fields to be which would translate into ICMPv6 extensions to enable IOAM-Data-
copied from an Echo Request message to an Echo Reply message). Fields to be copied from an Echo Request message to an Echo Reply
message).
IOAM control points: IOAM data fields are added to or removed from IOAM control points: IOAM-Data-Fields are added to or removed from
the live user traffic by the devices which form the edge of a domain. the live user traffic by the devices which form the edge of a domain.
Devices within an IOAM domain can update and/or add IOAM data-fields. Devices which form an IOAM-Domain can add, update or remove IOAM-
Domain edge devices can be hosts or network devices. Data-Fields. Edge devices of an IOAM-Domain can be hosts or network
devices.
Traffic-sets that IOAM is applied to: IOAM can be deployed on all or Traffic-sets that IOAM is applied to: IOAM can be deployed on all or
only on subsets of the live user traffic. It SHOULD be possible to only on subsets of the live user traffic. It SHOULD be possible to
enable IOAM on a selected set of traffic (e.g., per interface, based enable IOAM on a selected set of traffic (e.g., per interface, based
on an access control list or flow specification defining a specific on an access control list or flow specification defining a specific
set of traffic, etc.) The selected set of traffic can also be all set of traffic, etc.) The selected set of traffic can also be all
traffic. traffic.
Encapsulation independence: Data formats for IOAM SHOULD be defined Encapsulation independence: Data formats for IOAM SHOULD be defined
in a transport-independent manner. IOAM applies to a variety of in a transport-independent manner. IOAM applies to a variety of
encapsulating protocols. A definition of how IOAM data fields are encapsulating protocols. A definition of how IOAM-Data-Fields are
carried by different transport protocols is outside the scope of this encapsulated into "parent" protocols, like NSH or IPv6 is outside the
document. scope of this document.
Layering: If several encapsulation protocols (e.g., in case of Layering: If several encapsulation protocols (e.g., in case of
tunneling) are stacked on top of each other, IOAM data-records could tunneling) are stacked on top of each other, IOAM-Data-Fields could
be present at every layer. The behavior follows the ships-in-the- be present at multiple layers. The behavior follows the ships-in-
night model, i.e. IOAM data in one layer is independent from IOAM the-night model, i.e. IOAM-Data-Fields in one layer are independent
data in another layer. Layering allows operators to instrument the from IOAM-Data-Fields in another layer. Layering allows operators to
protocol layer they want to measure. The different layers could, but instrument the protocol layer they want to measure. The different
do not have to share the same IOAM encapsulation and decapsulation. layers could, but do not have to share the same IOAM encapsulation
mechanisms.
IOAM implementation: The IOAM data-field definitions take the IOAM implementation: The definition of the IOAM-Data-Fields take the
specifics of devices with hardware data-plane and software data-plane specifics of devices with hardware data-plane and software data-plane
into account. into account.
4. IOAM Data Types and Formats 4. IOAM Data-Fields, Types, Nodes
This section defines IOAM data types and data fields and associated This section details IOAM-related nomenclature and describes data
data types required for IOAM. types such as IOAM-Data-Fields, IOAM-Types, IOAM-Namespaces as well
as the different types of IOAM nodes.
To accommodate the different uses of IOAM, IOAM data fields fall into 4.1. IOAM Data-Fields and Option-Types
different categories, as specified below. In IOAM these categories
are referred to as IOAM-Types. A common registry is maintained for
IOAM-Types, see Section 7.2 for details. Corresponding to these
IOAM-Types, different IOAM data fields are defined. IOAM data fields
can be encapsulated into a variety of protocols, such as NSH, Geneve,
IPv6, etc. The definition of how IOAM data fields are encapsulated
into other protocols is outside the scope of this document.
This document defines four IOAM-Types, as specified in this section: An IOAM-Data-Field is a set of bits with a defined format and
meaning, which can be stored at a certain place in a packet for the
purpose of IOAM.
o Pre-allocated Trace Option To accommodate the different uses of IOAM, IOAM-Data-Fields fall into
different categories. In IOAM these categories are referred to as
IOAM-Option-Types. A common registry is maintained for IOAM-Option-
Types, see Section 7.2 for details. Corresponding to these IOAM-
Option-Types, different IOAM-Data-Fields are defined. IOAM-Data-
Fields can be encapsulated into a variety of protocols, such as NSH,
Geneve, IPv6, etc. The definition of how IOAM-Data-Fields are
encapsulated into other protocols is outside the scope of this
document.
o Incremental Trace Option This document defines four IOAM-Option-Types:
o Proof of Transit (POT) Option o Pre-allocated Trace Option-Type
o Edge-to-Edge (E2E) Option o Incremental Trace Option-Type
IOAM is expected to be deployed in a specific domain rather than on o Proof of Transit (POT) Option-Type
the overall Internet. The part of the network which employs IOAM is
referred to as the "IOAM-domain". IOAM data is added to a packet o Edge-to-Edge (E2E) Option-Type
upon entering the IOAM-domain and is removed from the packet when
exiting the domain. Within the IOAM-domain, the IOAM data may be 4.2. IOAM-Domains and types of IOAM Nodes
updated by network nodes that the packet traverses. The device which
adds an IOAM data container to the packet to capture IOAM data is IOAM is expected to be deployed in a specific domain. The part of
called the "IOAM encapsulating node", whereas the device which the network which employs IOAM is referred to as the "IOAM-Domain".
removes the IOAM data container is referred to as the "IOAM One or more IOAM-Option-Types are added to a packet upon entering the
decapsulating node". Nodes within the domain which are aware of IOAM IOAM-Domain and are removed from the packet when exiting the domain.
data and read and/or write or process the IOAM data are called "IOAM Within the IOAM-Domain, the IOAM-Data-Fields MAY be updated by
transit nodes". IOAM nodes which add or remove the IOAM data fields network nodes that the packet traverses. An IOAM-Domain consists of
can also update the IOAM data fields at the same time. Or in other "IOAM encapsulating nodes", "IOAM decapsulating nodes" and "IOAM
words, IOAM encapsulating or decapsulating nodes can also serve as transit nodes". The role of a node (i.e. encapsulating, transit,
IOAM transit nodes at the same time. Note that not every node in an decapsulating) is defined within an IOAM-Namespace (see below). A
IOAM domain needs to be an IOAM transit node. For example, a node can have different roles in different IOAM-Namespaces.
deployment might require that packets traverse a set of firewalls.
A device which adds at least one IOAM-Option-Type to the packet is
called the "IOAM encapsulating node", whereas a device which removes
an IOAM-Option-Type is referred to as the "IOAM decapsulating node".
Nodes within the domain which are aware of IOAM data and read and/or
write or process the IOAM data are called "IOAM transit nodes". IOAM
nodes which add or remove the IOAM-Data-Fields can also update the
IOAM-Data-Fields at the same time. Or in other words, IOAM
encapsulating or decapsulating nodes can also serve as IOAM transit
nodes at the same time. Note that not every node in an IOAM domain
needs to be an IOAM transit node. For example, a deployment might
require that packets traverse a set of firewalls which support IOAM.
In that case, only the set of firewall nodes would be IOAM transit In that case, only the set of firewall nodes would be IOAM transit
nodes rather than all nodes. nodes rather than all nodes.
An IOAM encapsulating node incorporates one or more IOAM-Types (from An "IOAM encapsulating node" incorporates one or more IOAM-Option-
the list of four IOAM-Types above) into packets that IOAM is enabled Types (from the list of IOAM-Types, see Section 7.2) into packets
for. If IOAM is enabled for a selected subset of the traffic, the that IOAM is enabled for. If IOAM is enabled for a selected subset
encapsulating node is responsible for applying the IOAM functionality of the traffic, the IOAM encapsulating node is responsible for
to the selected subset. applying the IOAM functionality to the selected subset.
An IOAM transit node updates one or more of the IOAM data fields. If
both the pre-allocated and the incremental trace options are present
in the packet, each IOAM transit node will update at most one of
these options. A transit node cannot add new IOAM options to a
packet, and cannot change an IOAM Edge-to-Edge Option.
An IOAM decapsulating node removes all the IOAM-Types from packets. An "IOAM transit node" updates one or more of the IOAM-Data-Fields.
If both the Pre-allocated and the Incremental Trace Option-Types are
present in the packet, each IOAM transit node will update at most one
of these Option-Types. A transit node MUST NOT add new IOAM-Option-
Types to a packet, and MUST NOT change the IOAM-Data-Fields of an
IOAM Edge-to-Edge Option-Type.
The role of a node (i.e. encapsulating, transit, decapsulating) is An "IOAM decapsulating node" removes IOAM-Option-Type(s) from
defined within an IOAM namespace (see below). A node can have packets.
different roles in different IOAM namespaces.
4.1. IOAM Namespaces 4.3. IOAM-Namespaces
A subset or all of the IOAM option types and associated IOAM data A subset or all of the IOAM-Option-Types and their corresponding
fields can be associated to an IOAM namespace. Namespaces add IOAM-Data-Fields can be associated to an IOAM-Namespace. IOAM-
further context to IOAM option types and associated IOAM data fields. Namespaces add further context to IOAM-Option-Types and associated
Any IOAM namespace MUST interpret the IOAM option types and IOAM-Data-Fields. Any IOAM-Namespace MUST interpret the IOAM-Option-
associated IOAM data fields per the definition in this document. Types and associated IOAM-Data-Fields per the definition in this
Namespaces group nodes to support different deployment approaches of document. IOAM-Namespaces group nodes to support different
IOAM (see a few example use-cases below) as well as resolve issues deployment approaches of IOAM (see a few example use-cases below) as
which can occur due to IOAM data fields not being globally unique well as resolve issues which can occur due to IOAM-Data-Fields not
(e.g. IOAM node identifiers do not have to be globally unique). being globally unique (e.g. IOAM node identifiers do not have to be
IOAM data fields are defined within an IOAM namespace. globally unique). IOAM-Data-Fields significance is always within a
particular IOAM-Namespace.
An IOAM namespace is identified by a 16-bit namespace identifier An IOAM-Namespace is identified by a 16-bit namespace identifier
(Namespace-ID). Namespace identifiers MUST be present and populated (Namespace-ID). IOAM-Namespace identifiers MUST be present and
in all IOAM option headers. The Namespace-ID value is divided into populated in all IOAM-Option-Types. The Namespace-ID value is
two sub-ranges: divided into two sub-ranges:
o An operator-assigned range from 0x0001 to 0x7FFF o An operator-assigned range from 0x0001 to 0x7FFF
o An IANA-assigned range from 0x8000 to 0xFFFF o An IANA-assigned range from 0x8000 to 0xFFFF
The IANA-assigned range is intended to allow future extensions to The IANA-assigned range is intended to allow future extensions to
have new and interoperable IOAM functionality, while the operator- have new and interoperable IOAM functionality, while the operator-
assigned range is intended to be domain specific, and managed by the assigned range is intended to be domain specific, and managed by the
network operator. The Namespace-ID value of 0x0000 is default and network operator. The Namespace-ID value of 0x0000 is default and
known to all the nodes implementing IOAM. known to all the nodes implementing IOAM.
Namespace identifiers allow devices which are IOAM capable to Namespace identifiers allow devices which are IOAM capable to
determine: determine:
o whether IOAM option header(s) need to be processed by a device: If o whether IOAM-Option-Type(s) need to be processed by a device: If
the Namespace-ID contained in a packet does not match any the Namespace-ID contained in a packet does not match any
Namespace-ID the node is configured to operate on, then the node Namespace-ID the node is configured to operate on, then the node
MUST NOT change the contents of the IOAM data fields. MUST NOT change the contents of the IOAM-Data-Fields.
o which IOAM option headers need to be processed/updated in case o which IOAM-Option-Type needs to be processed/updated in case there
there are multiple IOAM option headers present in the packet. are multiple IOAM-Option-Types present in the packet. Multiple
Multiple option headers can be present in a packet in case of IOAM-Option-Types can be present in a packet in case of
overlapping IOAM domains or in case of a layered IOAM deployment. overlapping IOAM-Domains or in case of a layered IOAM deployment.
o whether IOAM option header(s) should be removed from the packet, o whether IOAM-Option-Type(s) should be removed from the packet,
e.g. at a domain edge or domain boundary. e.g. at a domain edge or domain boundary.
IOAM namespaces support several different uses: IOAM-Namespaces support several different uses:
o Namespaces can be used by an operator to distinguish different o IOAM-Namespaces can be used by an operator to distinguish
operational domains. Devices at domain edges can filter on different operational domains. Devices at domain edges can filter
Namespace-IDs to provide for proper IOAM domain isolation. on Namespace-IDs to provide for proper IOAM-Domain isolation.
o Namespaces provide additional context for IOAM data fields and o IOAM-Namespaces provide additional context for IOAM-Data-Fields
thus ensure that IOAM data is unique and can be interpreted and thus ensure that IOAM-Data-Fields are unique and can be
properly by management stations or network controllers. While, interpreted properly by management stations or network
for example, the IOAM node identifier (Node-ID) does not need to controllers. While, for example, the node identifier field
be unique in a deployment (e.g. an operator may wish to use (node_id, see below) does not need to be unique in a deployment
different Node-IDs for different IOAM layers, even within the same (e.g. an operator may wish to use different node identifiers for
device; or Node-IDs might not be unique for other organizational different IOAM layers, even within the same device; or node
reasons, such as after a merger of two formerly separated identifiers might not be unique for other organizational reasons,
organizations), the combination of Node-ID and Namespace-ID will such as after a merger of two formerly separated organizations),
always be unique. Similarly, namespaces can be used to define how the combination of node_id and Namespace-ID will always be unique.
certain IOAM data fields are interpreted: IOAM offers three Similarly, IOAM-Namespaces can be used to define how certain IOAM-
different timestamp format options. The Namespace-ID can be used Data-Fields are interpreted: IOAM offers three different timestamp
to determine the timestamp format. IOAM data fields (e.g. buffer format options. The Namespace-ID can be used to determine the
occupancy) which do not have a unit associated are to be timestamp format. IOAM-Data-Fields (e.g. buffer occupancy) which
interpreted within the context of a namespace. do not have a unit associated are to be interpreted within the
context of a IOAM-Namespace.
o Namespaces can be used to identify different sets of devices o IOAM-Namespaces can be used to identify different sets of devices
(e.g., different types of devices) in a deployment: If an operator (e.g., different types of devices) in a deployment: If an operator
desires to insert different IOAM data based on the device, the desires to insert different IOAM-Data-Fields based on the device,
devices could be grouped into multiple namespaces. This could be the devices could be grouped into multiple IOAM-Namespaces. This
due to the fact that the IOAM feature set differs between could be due to the fact that the IOAM feature set differs between
different sets of devices, or it could be for reasons of optimized different sets of devices, or it could be for reasons of optimized
space usage in the packet header. This could also stem from space usage in the packet header. It could also stem from
hardware or operational limitations on the size of the trace data hardware or operational limitations on the size of the trace data
that can be added and processed, preventing collection of a full that can be added and processed, preventing collection of a full
trace for a flow. trace for a flow.
* Assigning different Namespace-IDs to different sets of nodes or * Assigning different IOAM Namespace-IDs to different sets of
network partitions and using the Namespace-ID as a selector at nodes or network partitions and using the Namespace-ID as a
the IOAM encapsulating node, a full trace for a flow could be selector at the IOAM encapsulating node, a full trace for a
collected and constructed via partial traces in different flow could be collected and constructed via partial traces in
packets of the same flow. Example: An operator could choose to different packets of the same flow. Example: An operator could
group the devices of a domain into two namespaces, in a way choose to group the devices of a domain into two IOAM-
that at average, only every second hop would be recorded by any Namespaces, in a way that at average, only every second hop
device. To retrieve a full view of the deployment, the would be recorded by any device. To retrieve a full view of
captured IOAM data fields of the two namespaces need to be the deployment, the captured IOAM-Data-Fields of the two IOAM-
correlated. Namespaces need to be correlated.
* Assigning different Namespace-IDs to different sets of nodes or * Assigning different IOAM Namespace-IDs to different sets of
network partitions and using a separate IOAM header for each nodes or network partitions and using a separate instance of an
Namespace-ID, a full trace for a flow could be collected and IOAM-Option-Type for each Namespace-ID, a full trace for a flow
constructed via partial traces from each IOAM header in each of could be collected and constructed via partial traces from each
the packets in the flow. Example: An operator could choose to IOAM-Option-Type in each of the packets in the flow. Example:
group the devices of a domain into two namespaces, in a way An operator could choose to group the devices of a domain into
that each namespace is represented by one of two IOAM headers two IOAM-Namespaces, in a way that each IOAM-Namespace is
in the packet. Each node would record data only for the IOAM represented by one of two IOAM-Option-Types in the packet.
namespace that it belongs to, ignoring the other IOAM header Each node would record data only for the IOAM-Namespace that it
with a namespace to which it doesn't belong. To retrieve a belongs to, ignoring the other IOAM-Option-Type with a IOAM-
full view of the deployment, the captured IOAM data fields of Namespace to which it doesn't belong. To retrieve a full view
the two namespaces need to be correlated. of the deployment, the captured IOAM-Data-Fields of the two
IOAM-Namespaces need to be correlated.
4.2. IOAM Tracing Options 4.4. IOAM Trace Option-Types
"IOAM tracing data" is expected to be collected at every node that a "IOAM tracing data" is expected to be collected at every IOAM transit
packet traverses to ensure visibility into the entire path a packet node that a packet traverses to ensure visibility into the entire
takes within an IOAM domain, i.e., in a typical deployment all nodes path a packet takes within an IOAM-Domain. I.e., in a typical
in an in-situ OAM-domain would participate in IOAM and thus be IOAM deployment all nodes in an IOAM-Domain would participate in IOAM and
transit nodes, IOAM encapsulating or IOAM decapsulating nodes. If thus be IOAM transit nodes, IOAM encapsulating or IOAM decapsulating
not all nodes within a domain are IOAM capable, IOAM tracing nodes. If not all nodes within a domain are IOAM capable, IOAM
information (i.e., node data) will only be collected on those nodes tracing information (i.e., node data, see below) will only be
which are IOAM capable. Nodes which are not IOAM capable will collected on those nodes which are IOAM capable. Nodes which are not
forward the packet without any changes to the IOAM data fields. The IOAM capable will forward the packet without any changes to the IOAM-
maximum number of hops and the minimum path MTU of the IOAM domain is Data-Fields. The maximum number of hops and the minimum path MTU of
assumed to be known. the IOAM domain is assumed to be known.
To optimize hardware and software implementations tracing is defined To optimize hardware and software implementations IOAM tracing is
as two separate options. Any deployment MAY choose to configure and defined as two separate options. Any deployment MAY choose to
support one or both of the following options. An implementation of configure and support one or both of the following options.
the transport protocol that carries these in-situ OAM data MAY choose
to support only one of the options. In the event that both options
are utilized at the same time, the Incremental Trace Option MUST be
placed before the Pre-allocated Trace Option. Given that the
operator knows which equipment is deployed in a particular IOAM, the
operator will decide by means of configuration which type(s) of trace
options will be enabled for a particular domain.
Pre-allocated Trace Option: This trace option is defined as a Pre-allocated Trace-Option: This trace option is defined as a
container of node data fields with pre-allocated space for each container of node data fields (see below) with pre-allocated space
node to populate its information. This option is useful for for each node to populate its information. This option is useful
software implementations where it is efficient to allocate the for implementations where it is efficient to allocate the space
space once and index into the array to populate the data during once and index into the array to populate the data during transit
transit. The IOAM encapsulating node allocates the option header (e.g., software forwarders often fall into this class). The IOAM
and sets the fields in the option header. The in situ OAM encapsulating node allocates space for Pre-allocated Trace Option-
encapsulating node allocates an array which is used to store Type in the packet and sets corresponding fields in this IOAM-
operational data retrieved from every node while the packet Option-Type. The IOAM encapsulating node allocates an array which
traverses the domain. IOAM transit nodes update the content of is used to store operational data retrieved from every node while
the array, and possibly update the checksums of outer headers. A the packet traverses the domain. IOAM transit nodes update the
pointer which is part of the IOAM trace data points to the next content of the array, and possibly update the checksums of outer
empty slot in the array. An IOAM transit node that updates the headers. A pointer which is part of the IOAM trace data, points
content of the pre-allocated option also updates the value of the to the next empty slot in the array. An IOAM transit node that
pointer, which specifies where the next IOAM transit node fills in updates the content of the pre-allocated option also updates the
its data. value of the pointer, which specifies where the next IOAM transit
node fills in its data.The "node data list" array (see below) in
the packet is populated iteratively as the packet traverses the
network, starting with the last entry of the array, i.e., "node
data list [n]" is the first entry to be populated, "node data list
[n-1]" is the second one, etc.
Incremental Trace Option: This trace option is defined as a Incremental Trace-Option: This trace option is defined as a
container of node data fields where each node allocates and pushes container of node data fields where each node allocates and pushes
its node data immediately following the option header. This type its node data immediately following the option header. This type
of trace recording is useful for some of the hardware of trace recording is useful for some of the hardware
implementations as this eliminates the need for the transit implementations as it eliminates the need for the transit network
network elements to read the full array in the option and allows elements to read the full array in the option and allows for
for arbitrarily long packets as the MTU allows. The in-situ OAM arbitrarily long packets as the MTU allows. The IOAM
encapsulating node allocates the option header. The in-situ OAM encapsulating node allocates space for the Incremental Trace
encapsulating node based on operational state and configuration Option-Type. Based on operational state and configuration, the
sets the fields in the header that control what node data fields IOAM encapsulating node sets the fields in the Option-Type that
should be collected, and how large the node data list can grow. control what IOAM-Data-Fields should be collected and how large
The in-situ OAM transit nodes push their node data to the node the node data list can grow. IOAM transit nodes push their node
data list, decrease the remaining length available to subsequent data to the node data list, decrease the remaining length
nodes, and adjust the lengths and possibly checksums in outer available to subsequent nodes and adjust the lengths and possibly
headers. checksums in outer headers.
Every node data entry is to hold information for a particular IOAM A particular implementation of IOAM MAY choose to support only one of
transit node that is traversed by a packet. The in-situ OAM the two trace option types. In the event that both options are
decapsulating node removes the IOAM data and processes and/or exports utilized at the same time, the Incremental Trace-Option MUST be
the metadata. IOAM data uses its own name-space for information such placed before the Pre-allocated Trace-Option. Deployments which mix
as node identifier or interface identifier. This allows for a devices which either the Incremental Trace-Option or the Pre-
domain-specific definition and interpretation. For example: In one allocated Trace-Option could result in both Option-Types being
case an interface-id could point to a physical interface (e.g., to present in a packet. Given that the operator knows which equipment
understand which physical interface of an aggregated link is used is deployed in a particular IOAM, the operator will decide by means
when receiving or transmitting a packet) whereas in another case it of configuration which type(s) of trace options will be used for a
could refer to a logical interface (e.g., in case of tunnels). particular domain.
The following IOAM data is defined for IOAM tracing: Every node data entry holds information for a particular IOAM transit
node that is traversed by a packet. The IOAM decapsulating node
removes the IOAM-Option-Type(s) and processes and/or exports the
associated data. IOAM-Data-Fields are defined in the context of an
IOAM-Namespace. This allows for a namespace-specific definition and
interpretation. For example: In one case an interface-id could point
to a physical interface (e.g., to understand which physical interface
of an aggregated link is used when receiving or transmitting a
packet) whereas in another case it could refer to a logical interface
(e.g., in case of tunnels).
IOAM tracing can collect the following types of information:
o Identification of the IOAM node. An IOAM node identifier can o Identification of the IOAM node. An IOAM node identifier can
match to a device identifier or a particular control point or match to a device identifier or a particular control point or
subsystem within a device. subsystem within a device.
o Identification of the interface that a packet was received on, o Identification of the interface that a packet was received on,
i.e. ingress interface. i.e. ingress interface.
o Identification of the interface that a packet was sent out on, o Identification of the interface that a packet was sent out on,
i.e. egress interface. i.e. egress interface.
o Time of day when the packet was processed by the node. Different o Time of day when the packet was processed by the node as well as
definitions of processing time are feasible and expected, though the transit delay. Different definitions of processing time are
it is important that all devices of an in-situ OAM domain follow feasible and expected, though it is important that all devices of
the same definition. an in-situ OAM domain follow the same definition.
o Generic data: Format-free information where syntax and semantic of o Generic data: Format-free information where syntax and semantic of
the information is defined by the operator in a specific the information is defined by the operator in a specific
deployment. For a specific deployment, all IOAM nodes should deployment. For a specific IOAM-Namespace, all IOAM nodes should
interpret the generic data the same way. Examples for generic interpret the generic data the same way. Examples for generic
IOAM data include geo-location information (location of the node IOAM data include geo-location information (location of the node
at the time the packet was processed), buffer queue fill level or at the time the packet was processed), buffer queue fill level or
cache fill level at the time the packet was processed, or even a cache fill level at the time the packet was processed, or even a
battery charge level. battery charge level.
o A mechanism to detect whether IOAM trace data was added at every o Information to detect whether IOAM trace data was added at every
hop or whether certain hops in the domain weren't in-situ OAM hop or whether certain hops in the domain weren't IOAM transit
transit nodes. nodes.
The "node data list" array in the packet is populated iteratively as
the packet traverses the network, starting with the last entry of the
array, i.e., "node data list [n]" is the first entry to be populated,
"node data list [n-1]" is the second one, etc.
4.2.1. Pre-allocated and Incremental Trace Options 4.4.1. Pre-allocated and Incremental Trace Option-Types
The in-situ OAM pre-allocated trace option and the in-situ OAM The IOAM Pre-allocated Trace-Option and the IOAM Incremental Trace-
incremental trace option have similar formats. Except where noted Option have similar formats. Except where noted below, the internal
below, the internal formats and fields of the two trace options are formats and fields of the two trace options are identical. Both
identical. Trace-Options consist of a fixed size "trace option header" and a
variable data space to store gathered data, the "node data list":
Pre-allocated and incremental trace option headers: Pre-allocated and incremental trace option headers:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Namespace-ID |NodeLen | Flags | RemainingLen| | Namespace-ID |NodeLen | Flags | RemainingLen|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IOAM-Trace-Type | Reserved | | IOAM-Trace-Type | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 12, line 37 skipping to change at page 12, line 37
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ p +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ p
| | a | | a
| node data list [n-1] | c | node data list [n-1] | c
| | e | | e
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| | | | | |
| node data list [n] | | | node data list [n] | |
| | | | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+
Namespace-ID: 16-bit identifier of an IOAM namespace. The Namespace-ID: 16-bit identifier of an IOAM-Namespace. The
Namespace-ID value of 0x0000 is defined as the default value and Namespace-ID value of 0x0000 is defined as the default value and
MUST be known to all the nodes implementing IOAM. For any other MUST be known to all the nodes implementing IOAM. For any other
Namespace-ID value that does not match any Namespace-ID the node Namespace-ID value that does not match any Namespace-ID the node
is configured to operate on, the node MUST NOT change the contents is configured to operate on, the node MUST NOT change the contents
of the IOAM data fields. of the IOAM-Data-Fields.
NodeLen: 5-bit unsigned integer. This field specifies the length of NodeLen: 5-bit unsigned integer. This field specifies the length of
data added by each node in multiples of 4-octets, excluding the data added by each node in multiples of 4-octets, excluding the
length of the "Opaque State Snapshot" field. length of the "Opaque State Snapshot" field.
If IOAM-Trace-Type bit 7 is not set, then NodeLen specifies the If IOAM-Trace-Type bit 22 is not set, then NodeLen specifies the
actual length added by each node. If IOAM-Trace-Type bit 7 is actual length added by each node. If IOAM-Trace-Type bit 22 is
set, then the actual length added by a node would be (NodeLen + set, then the actual length added by a node would be (NodeLen +
Opaque Data Length). Opaque Data Length).
For example, if 3 IOAM-Trace-Type bits are set and none of them For example, if 3 IOAM-Trace-Type bits are set and none of them
are wide, then NodeLen would be 3. If 3 IOAM-Trace-Type bits are are wide, then NodeLen would be 3. If 3 IOAM-Trace-Type bits are
set and 2 of them are wide, then NodeLen would be 5. set and 2 of them are wide, then NodeLen would be 5.
An IOAM encapsulating node must set NodeLen. An IOAM encapsulating node must set NodeLen.
A node receiving an IOAM Pre-allocated or Incremental Trace Option A node receiving an IOAM Pre-allocated or Incremental Trace-Option
may rely on the NodeLen value, or it may ignore the NodeLen value may rely on the NodeLen value, or it may ignore the NodeLen value
and calculate the node length from the IOAM-Trace-Type bits. and calculate the node length from the IOAM-Trace-Type bits (see
below).
Flags 4-bit field. Flags are allocated by IANA, as specified in Flags 4-bit field. Flags are allocated by IANA, as specified in
Section 7.4. The current document allocates a single flag as Section 7.4. This document allocates a single flag as follows:
follows:
Bit 0 "Overflow" (O-bit) (most significant bit). This bit is set Bit 0 "Overflow" (O-bit) (most significant bit). This bit is set
by the network element if there are not enough octets left to by the network element if there are not enough octets left to
record node data, no field is added and the overflow "O-bit" record node data, no field is added and the overflow "O-bit"
must be set to "1" in the header. This is useful for transit must be set to "1" in the IOAM-Trace-Option header. This is
nodes to ignore further processing of the option. useful for transit nodes to ignore further processing of the
option.
RemainingLen: 7-bit unsigned integer. This field specifies the data RemainingLen: 7-bit unsigned integer. This field specifies the data
space in multiples of 4-octets remaining for recording the node space in multiples of 4-octets remaining for recording the node
data, before the node data list is considered to have overflowed. data, before the node data list is considered to have overflowed.
When RemainingLen reaches 0, nodes are no longer allowed to add When RemainingLen reaches 0, nodes are no longer allowed to add
node data. Given that the sender knows the minimum path MTU, the node data. Given that the sender knows the minimum path MTU, the
sender MAY set the initial value of RemainingLen according to the sender MAY set the initial value of RemainingLen according to the
number of node data bytes allowed before exceeding the MTU. number of node data bytes allowed before exceeding the MTU.
Subsequent nodes can carry out a simple comparison between Subsequent nodes can carry out a simple comparison between
RemainingLen and NodeLen, along with the length of the "Opaque RemainingLen and NodeLen, along with the length of the "Opaque
State Snapshot" if applicable, to determine whether or not data State Snapshot" if applicable, to determine whether or not data
can be added by this node. When node data is added, the node MUST can be added by this node. When node data is added, the node MUST
decrease RemainingLen by the amount of data added. In the pre- decrease RemainingLen by the amount of data added. In the pre-
allocated trace option, this is used as an offset in data space to allocated trace option, RemainingLength is used to derive the
record the node data element. offset in data space to record the node data element.
Specifically, the recording of the node data element would start
from RemainingLen - NodeLen - sizeof(opaque snapshot) in 4 octet
units.
IOAM-Trace-Type: A 24-bit identifier which specifies which data IOAM-Trace-Type: A 24-bit identifier which specifies which data
types are used in this node data list. types are used in this node data list.
The IOAM-Trace-Type value is a bit field. The following bit The IOAM-Trace-Type value is a bit field. The following bits are
fields are defined in this document, with details on each field defined in this document, with details on each bit described in
described in the Section 4.2.2. The order of packing the data the Section 4.4.2. The order of packing the data fields in each
fields in each node data element follows the bit order of the node data element follows the bit order of the IOAM-Trace-Type
IOAM-Trace-Type field, as follows: field, as follows:
Bit 0 (Most significant bit) When set indicates presence of Bit 0 (Most significant bit) When set indicates presence of
Hop_Lim and node_id in the node data. Hop_Lim and node_id in the node data.
Bit 1 When set indicates presence of ingress_if_id and Bit 1 When set indicates presence of ingress_if_id and
egress_if_id (short format) in the node data. egress_if_id (short format) in the node data.
Bit 2 When set indicates presence of timestamp seconds in the Bit 2 When set indicates presence of timestamp seconds in the
node data. node data.
Bit 3 When set indicates presence of timestamp subseconds in Bit 3 When set indicates presence of timestamp subseconds in
the node data. the node data.
Bit 4 When set indicates presence of transit delay in the node Bit 4 When set indicates presence of transit delay in the node
data. data.
Bit 5 When set indicates presence of namespace specific data Bit 5 When set indicates presence of IOAM-Namespace specific
(short format) in the node data. data (short format) in the node data.
Bit 6 When set indicates presence of queue depth in the node Bit 6 When set indicates presence of queue depth in the node
data. data.
Bit 7 When set indicates presence of variable length Opaque Bit 7 When set indicates presence of the Checksum Complement
State Snapshot field. node data.
Bit 8 When set indicates presence of Hop_Lim and node_id in Bit 8 When set indicates presence of Hop_Lim and node_id in
wide format in the node data. wide format in the node data.
Bit 9 When set indicates presence of ingress_if_id and Bit 9 When set indicates presence of ingress_if_id and
egress_if_id in wide format in the node data. egress_if_id in wide format in the node data.
Bit 10 When set indicates presence of namespace specific data in Bit 10 When set indicates presence of IOAM-Namespace specific
wide format in the node data. data in wide format in the node data.
Bit 11 When set indicates presence of buffer occupancy in the Bit 11 When set indicates presence of buffer occupancy in the
node data. node data.
Bit 12-22 Undefined. An IOAM encapsulating node MUST set the Bit 12-21 Undefined. An IOAM encapsulating node MUST set the
value of each of these bits to 0. If an IOAM transit value of each of these bits to 0. If an IOAM transit
node receives a packet with one or more of these bits set node receives a packet with one or more of these bits set
to 1, it must either: to 1, it must either:
1. Add corresponding node data filled with the reserved 1. Add corresponding node data filled with the reserved
value 0xFFFFFFFF, after the node data fields for the value 0xFFFFFFFF, after the node data fields for the
IOAM-Trace-Type bits defined above, such that the IOAM-Trace-Type bits defined above, such that the
total node data added by this node in units of total node data added by this node in units of
4-octets is equal to NodeLen, or 4-octets is equal to NodeLen, or
2. Not add any node data fields to the packet, even for 2. Not add any node data fields to the packet, even for
the IOAM-Trace-Type bits defined above. the IOAM-Trace-Type bits defined above.
Bit 23 When set indicates presence of the Checksum Complement Bit 22 When set indicates presence of variable length Opaque
node data. State Snapshot field.
Section 4.2.2 describes the IOAM data types and their formats. Bit 23 Reserved: Must be set to zero upon transmission and
Within an in-situ OAM domain possible combinations of these bits ignored upon receipt.
making the IOAM-Trace-Type can be restricted by configuration
knobs. Section 4.4.2 describes the IOAM-Data-Types and their formats.
Within an IOAM-Domain possible combinations of these bits making
the IOAM-Trace-Type can be restricted by configuration knobs.
Reserved: 8-bits. Must be zero. Reserved: 8-bits. Must be zero.
Node data List [n]: Variable-length field. The type of which is Node data List [n]: Variable-length field. The type of which is
determined by the IOAM-Trace-Type bit representing the n-th node determined by the IOAM-Trace-Type bit representing the n-th node
data in the node data list. The node data list is encoded data in the node data list. The node data list is encoded
starting from the last node data of the path. The first element starting from the last node data of the path. The first element
of the node data list (node data list [0]) contains the last node of the node data list (node data list [0]) contains the last node
of the path while the last node data of the node data list (node of the path while the last node data of the node data list (node
data list[n]) contains the first node data of the path traced. data list[n]) contains the first node data of the path traced.
Populating the node data list in this way ensures that the order Populating the node data list in this way ensures that the order
of node data list is the same for incremental and pre-allocated of node data list is the same for incremental and pre-allocated
trace options. In the pre-allocated trace option, the index trace options. In the pre-allocated trace option, the index
contained in RemainingLen identifies the offset for current active contained in RemainingLen identifies the offset for current active
node data to be populated. node data to be populated.
4.2.2. IOAM node data fields and associated formats 4.4.2. IOAM node data fields and associated formats
All the data fields MUST be 4-octet aligned. If a node which is All the IOAM-Data-Fields MUST be 4-octet aligned. If a node which is
supposed to update an IOAM data field is not capable of populating supposed to update an IOAM-Data-Field is not capable of populating
the value of a field set in the IOAM-Trace-Type, the field value MUST the value of a field set in the IOAM-Trace-Type, the field value MUST
be set to 0xFFFFFFFF for 4-octet fields or 0xFFFFFFFFFFFFFFFF for be set to 0xFFFFFFFF for 4-octet fields or 0xFFFFFFFFFFFFFFFF for
8-octet fields, indicating that the value is not populated, except 8-octet fields, indicating that the value is not populated, except
when explicitly specified in the field description below. when explicitly specified in the field description below.
Data field and associated data type for each of the data field is Some IOAM-Data-Fields defined below, such as interface identifiers or
shown below: IOAM-Namespace specific data, are defined in both "short format" as
well as "wide format". Their use is not exclusive. A deployment
could choose to leverage both. For example, ingress_if_id_(short
format) could be an identifier for the physical interface, whereas
ingress_if_id_(wide format) could be an identifier for a logical sub-
interface of that physical interface.
Data field and associated data type for each of the IOAM-Data-Fields
is shown below:
Hop_Lim and node_id: 4-octet field defined as follows: Hop_Lim and node_id: 4-octet field defined as follows:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Hop_Lim | node_id | | Hop_Lim | node_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Hop_Lim: 1-octet unsigned integer. It is set to the Hop Limit Hop_Lim: 1-octet unsigned integer. It is set to the Hop Limit
value in the packet at the node that records this data. Hop value in the packet at the node that records this data. Hop
Limit information is used to identify the location of the node Limit information is used to identify the location of the node
in the communication path. This is copied from the lower in the communication path. This is copied from the lower
layer, e.g., TTL value in IPv4 header or hop limit field from layer, e.g., TTL value in IPv4 header or hop limit field from
IPv6 header of the packet when the packet is ready for IPv6 header of the packet when the packet is ready for
transmission. The semantics of the Hop_Lim field depend on the transmission. The semantics of the Hop_Lim field depend on the
lower layer protocol that IOAM is encapsulated over, and lower layer protocol that IOAM is encapsulated over, and
therefore its specific semantics are outside the scope of this therefore its specific semantics are outside the scope of this
memo. memo.
node_id: 3-octet unsigned integer. Node identifier field to node_id: 3-octet unsigned integer. Node identifier field to
uniquely identify a node within in-situ OAM domain. The uniquely identify a node within the IOAM-Namespace and
procedure to allocate, manage and map the node_ids is beyond associated IOAM-Domain. The procedure to allocate, manage and
the scope of this document. map the node_ids is beyond the scope of this document.
ingress_if_id and egress_if_id: 4-octet field defined as follows: ingress_if_id and egress_if_id: 4-octet field defined as follows:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ingress_if_id | egress_if_id | | ingress_if_id | egress_if_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
ingress_if_id: 2-octet unsigned integer. Interface identifier to ingress_if_id: 2-octet unsigned integer. Interface identifier to
record the ingress interface the packet was received on. record the ingress interface the packet was received on.
egress_if_id: 2-octet unsigned integer. Interface identifier to egress_if_id: 2-octet unsigned integer. Interface identifier to
record the egress interface the packet is forwarded out of. record the egress interface the packet is forwarded out of.
Note that due to the fact that IOAM uses its own namespaces for Note that due to the fact that IOAM uses its own IOAM-Namespaces
IOAM data fields, data fields like interface identifiers can be for IOAM-Data-Fields, data fields like interface identifiers can
used in a flexible way to represent system resources that are be used in a flexible way to represent system resources that are
associated with ingressing or egressing packets, i.e. an IOAM associated with ingressing or egressing packets, i.e.
interface ID could represent a physical interface, a virtual or ingress_if_id could represent a physical interface, a virtual or
logical interface, or even a queue. logical interface, or even a queue.
timestamp seconds: 4-octet unsigned integer. Absolute timestamp in timestamp seconds: 4-octet unsigned integer. Absolute timestamp in
seconds that specifies the time at which the packet was received seconds that specifies the time at which the packet was received
by the node. This field has three possible formats; based on by the node. This field has three possible formats; based on
either PTP [IEEE1588v2], NTP [RFC5905], or POSIX [POSIX]. The either PTP [IEEE1588v2], NTP [RFC5905], or POSIX [POSIX]. The
three timestamp formats are specified in Section 5. In all three three timestamp formats are specified in Section 5. In all three
cases, the Timestamp Seconds field contains the 32 most cases, the Timestamp Seconds field contains the 32 most
significant bits of the timestamp format that is specified in significant bits of the timestamp format that is specified in
Section 5. If a node is not capable of populating this field, it Section 5. If a node is not capable of populating this field, it
skipping to change at page 17, line 34 skipping to change at page 17, line 45
populating the field is not able to fill it, the field position in populating the field is not able to fill it, the field position in
the field must be filled with value 0xFFFFFFFF to mean not the field must be filled with value 0xFFFFFFFF to mean not
populated. populated.
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|O| transit delay | |O| transit delay |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
namespace specific data: 4-octet field which can be used by the node namespace specific data: 4-octet field which can be used by the node
to add namespace specific data. This represents a "free-format" to add IOAM-Namespace specific data. This represents a "free-
4-octet bit field with its semantics defined in the context of a format" 4-octet bit field with its semantics defined in the
specific namespace. context of a specific IOAM-Namespace.
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| namespace specific data | | namespace specific data |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
queue depth: 4-octet unsigned integer field. This field indicates queue depth: 4-octet unsigned integer field. This field indicates
the current length of the egress interface queue of the interface the current length of the egress interface queue of the interface
from where the packet is forwarded out. The queue depth is from where the packet is forwarded out. The queue depth is
expressed as the current number of memory buffers used by the expressed as the current number of memory buffers used by the
queue (a packet may consume one or more memory buffers, depending queue (a packet may consume one or more memory buffers, depending
on its size). on its size).
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| queue depth | | queue depth |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Opaque State Snapshot: Variable length field. It allows the network
element to store an arbitrary state in the node data field,
without a pre-defined schema. The schema is to be defined within
the context of a namespace. The schema needs to be made known to
the analyzer by some out-of-band mechanism. The specification of
this mechanism is beyond the scope of this document. A 24-bit
"Schema Id" field, interpreted within the context of a namespace,
indicates which particular schema is used, and should be
configured on the network element by the operator.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Length | Schema ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
| |
| Opaque data |
~ ~
. .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Length: 1-octet unsigned integer. It is the length in multiples
of 4-octets of the Opaque data field that follows Schema Id.
Schema ID: 3-octet unsigned integer identifying the schema of
Opaque data.
Opaque data: Variable length field. This field is interpreted as
specified by the schema identified by the Schema ID.
When this field is part of the data field but a node populating
the field has no opaque state data to report, the Length must be
set to 0 and the Schema ID must be set to 0xFFFFFF to mean no
schema.
Hop_Lim and node_id wide: 8-octet field defined as follows: Hop_Lim and node_id wide: 8-octet field defined as follows:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Hop_Lim | node_id ~ | Hop_Lim | node_id ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~ node_id (contd) | ~ node_id (contd) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Hop_Lim: 1-octet unsigned integer. It is set to the Hop Limit Hop_Lim: 1-octet unsigned integer. It is set to the Hop Limit
value in the packet at the node that records this data. Hop value in the packet at the node that records this data. Hop
Limit information is used to identify the location of the node Limit information is used to identify the location of the node
in the communication path. This is copied from the lower layer in the communication path. This is copied from the lower layer
for e.g. TTL value in IPv4 header or hop limit field from IPv6 for e.g. TTL value in IPv4 header or hop limit field from IPv6
header of the packet. The semantics of the Hop_Lim field header of the packet. The semantics of the Hop_Lim field
depend on the lower layer protocol that IOAM is encapsulated depend on the lower layer protocol that IOAM is encapsulated
over, and therefore its specific semantics are outside the over, and therefore its specific semantics are outside the
scope of this memo. scope of this memo.
node_id: 7-octet unsigned integer. Node identifier field to node_id: 7-octet unsigned integer. Node identifier field to
uniquely identify a node within in-situ OAM domain. The uniquely identify a node within the IOAM-Namespace and
procedure to allocate, manage and map the node_ids is beyond associated IOAM-Domain. The procedure to allocate, manage and
the scope of this document. map the node_ids is beyond the scope of this document.
ingress_if_id and egress_if_id wide: 8-octet field defined as ingress_if_id and egress_if_id wide: 8-octet field defined as
follows: follows:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ingress_if_id | | ingress_if_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| egress_if_id | | egress_if_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
ingress_if_id: 4-octet unsigned integer. Interface identifier to ingress_if_id: 4-octet unsigned integer. Interface identifier to
record the ingress interface the packet was received on. record the ingress interface the packet was received on.
egress_if_id: 4-octet unsigned integer. Interface identifier to egress_if_id: 4-octet unsigned integer. Interface identifier to
record the egress interface the packet is forwarded out of. record the egress interface the packet is forwarded out of.
namespace specific data wide: 8-octet field which can be used by the namespace specific data wide: 8-octet field which can be used by the
node to add namespace specific data. This represents a "free- node to add IOAM-Namespace specific data. This represents a
format" 8-octet bit field with its semantics defined in the "free-format" 8-octet bit field with its semantics defined in the
context of a specific namespace. context of a specific IOAM-Namespace.
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| namespace specific data ~ | namespace specific data ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~ namespace specific data (contd) | ~ namespace specific data (contd) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
buffer occupancy: 4-octet unsigned integer field. This field buffer occupancy: 4-octet unsigned integer field. This field
indicates the current status of the occupancy of the common buffer indicates the current status of the occupancy of the common buffer
pool used by a set of queues. The units of this field depend on pool used by a set of queues. The units of this field depend on
the equipment type and deployment and has to be interpreted within the equipment type and deployment and has to be interpreted within
the context of a namespace and/or node-id if used. the context of an IOAM-Namespace and/or node-id if used.
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| buffer occupancy | | buffer occupancy |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Checksum Complement: 4-octet node data which contains a two-octet Checksum Complement: 4-octet node data which contains a 4-octet
Checksum Complement field, and a 2-octet reserved field. The Checksum Complement field. The Checksum Complement is useful when
Checksum Complement is useful when IOAM is transported over IOAM is transported over encapsulations that make use of a UDP
encapsulations that make use of a UDP transport, such as VXLAN-GPE transport, such as VXLAN-GPE or Geneve. Without the Checksum
or Geneve. Without the Checksum Complement, nodes adding IOAM Complement, nodes adding IOAM node data must update the UDP
node data must update the UDP Checksum field. When the Checksum Checksum field. When the Checksum Complement is present, an IOAM
Complement is present, an IOAM encapsulating node or IOAM transit encapsulating node or IOAM transit node adding node data MUST
node adding node data MUST carry out one of the following two carry out one of the following two alternatives in order to
alternatives in order to maintain the correctness of the UDP maintain the correctness of the UDP Checksum value:
Checksum value:
1. Recompute the UDP Checksum field. 1. Recompute the UDP Checksum field.
2. Use the Checksum Complement to make a checksum-neutral update 2. Use the Checksum Complement to make a checksum-neutral update
in the UDP payload; the Checksum Complement is assigned a in the UDP payload; the Checksum Complement is assigned a
value that complements the rest of the node data fields that value that complements the rest of the node data fields that
were added by the current node, causing the existing UDP were added by the current node, causing the existing UDP
Checksum field to remain correct. Checksum field to remain correct.
IOAM decapsulating nodes MUST recompute the UDP Checksum field, IOAM decapsulating nodes MUST recompute the UDP Checksum field,
since they do not know whether previous hops modified the UDP since they do not know whether previous hops modified the UDP
Checksum field or the Checksum Complement field. Checksum field or the Checksum Complement field.
Checksum Complement fields are used in a similar manner in Checksum Complement fields are used in a similar manner in
[RFC7820] and [RFC7821]. [RFC7820] and [RFC7821].
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Checksum Complement | Reserved | | Checksum Complement |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
4.2.3. Examples of IOAM node data Opaque State Snapshot: Opaque State Snapshot is a variable length
field and immediately follows the fixed length IOAM-Data-Fields
defined above. It allows the network element to store an
arbitrary state in the node data field, without a pre-defined
schema. The schema is to be defined within the context of an
IOAM-Namespace. The schema needs to be made known to the analyzer
by some out-of-band mechanism. The specification of this
mechanism is beyond the scope of this document. A 24-bit "Schema
Id" field, interpreted within the context of an IOAM-Namespace,
indicates which particular schema is used, and should be
configured on the network element by the operator.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Length | Schema ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
| |
| Opaque data |
~ ~
. .
. .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Length: 1-octet unsigned integer. It is the length in multiples
of 4-octets of the Opaque data field that follows Schema Id.
Schema ID: 3-octet unsigned integer identifying the schema of
Opaque data.
Opaque data: Variable length field. This field is interpreted as
specified by the schema identified by the Schema ID.
When this field is part of the data field but a node populating
the field has no opaque state data to report, the Length must be
set to 0 and the Schema ID must be set to 0xFFFFFF to mean no
schema.
4.4.3. Examples of IOAM node data
An entry in the "node data list" array can have different formats, An entry in the "node data list" array can have different formats,
following the needs of the deployment. Some deployments might only following the needs of the deployment. Some deployments might only
be interested in recording the node identifiers, whereas others might be interested in recording the node identifiers, whereas others might
be interested in recording node identifier and timestamp. The be interested in recording node identifier and timestamp. The
section defines different types that an entry in "node data list" can section provides example entries of the "node data list".
take.
0xD40000: IOAM-Trace-Type is 0xD40000 then the format of node data 0xD40000: IOAM-Trace-Type is 0xD40000 (0b110101000000000000000000)
is: then the format of node data is:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Hop_Lim | node_id | | Hop_Lim | node_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ingress_if_id | egress_if_id | | ingress_if_id | egress_if_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| timestamp subseconds | | timestamp subseconds |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| namespace specific data | | namespace specific data |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
0xC00000: IOAM-Trace-Type is 0xC00000 then the format is: 0xC00000: IOAM-Trace-Type is 0xC00000 (0b110000000000000000000000)
then the format is:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Hop_Lim | node_id | | Hop_Lim | node_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ingress_if_id | egress_if_id | | ingress_if_id | egress_if_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
0x900000: IOAM-Trace-Type is 0x900000 then the format is: 0x900000: IOAM-Trace-Type is 0x900000 (0b100100000000000000000000)
then the format is:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Hop_Lim | node_id | | Hop_Lim | node_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| timestamp subseconds | | timestamp subseconds |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
0x840000: IOAM-Trace-Type is 0x840000 then the format is: 0x840000: IOAM-Trace-Type is 0x840000 (0b100001000000000000000000)
then the format is:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Hop_Lim | node_id | | Hop_Lim | node_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| namespace specific data | | namespace specific data |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
0x940000: IOAM-Trace-Type is 0x940000 then the format is: 0x940000: IOAM-Trace-Type is 0x940000 (0b100101000000000000000000)
then the format is:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Hop_Lim | node_id | | Hop_Lim | node_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| timestamp subseconds | | timestamp subseconds |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| namespace specific data | | namespace specific data |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
0x318000: IOAM-Trace-Type is 0x318000 then the format is: 0x308002: IOAM-Trace-Type is 0x308002 (0b001100001000000000000010)
then the format is:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| timestamp seconds | | timestamp seconds |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| timestamp subseconds | | timestamp subseconds |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Hop_Lim | node_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| node_id(contd) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Length | Schema Id | | Length | Schema Id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
| | | |
| Opaque data | | Opaque data |
~ ~ ~ ~
. . . .
. . . .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Hop_Lim | node_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| node_id(contd) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
4.3. IOAM Proof of Transit Option 4.5. IOAM Proof of Transit Option-Type
IOAM Proof of Transit data is to support the path or service function IOAM Proof of Transit Option-Type is to support path or service
chain [RFC7665] verification use cases. Proof-of-transit uses function chain [RFC7665] verification use cases. Proof-of-transit
methods like nested hashing or nested encryption of the IOAM data or uses methods like nested hashing or nested encryption of the IOAM
mechanisms such as Shamir's Secret Sharing Schema (SSSS). While data or mechanisms such as Shamir's Secret Sharing Schema (SSSS).
details on how the IOAM data for the proof of transit option is While details on how the IOAM data for the proof of transit option is
processed at IOAM encapsulating, decapsulating and transit nodes are processed at IOAM encapsulating, decapsulating and transit nodes are
outside the scope of the document, all of these approaches share the outside the scope of the document, all of these approaches share the
need to uniquely identify a packet as well as iteratively operate on need to uniquely identify a packet as well as iteratively operate on
a set of information that is handed from node to node. a set of information that is handed from node to node.
Correspondingly, two pieces of information are added as IOAM data to Correspondingly, two pieces of information are added as IOAM-Data-
the packet: Fields to the packet:
o Random: Unique identifier for the packet (e.g., 64-bits allow for o Random: Unique identifier for the packet (e.g., 64-bits allow for
the unique identification of 2^64 packets). the unique identification of 2^64 packets).
o Cumulative: Information which is handed from node to node and o Cumulative: Information which is handed from node to node and
updated by every node according to a verification algorithm. updated by every node according to a verification algorithm.
The IOAM Proof of Transit Option-Type consist of a fixed size "IOAM
proof of transit option header" and "IOAM proof of transit option
data fields":
IOAM proof of transit option header: IOAM proof of transit option header:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Namespace-ID |IOAM POT Type | IOAM POT flags| | Namespace-ID |IOAM POT Type | IOAM POT flags|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
IOAM proof of transit option data MUST be 4-octet aligned.: IOAM proof of transit Option-Type IOAM-Data-Fields MUST be
4-octet aligned:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| POT Option data field determined by IOAM-POT-Type | | POT Option data field determined by IOAM-POT-Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Namespace-ID: 16-bit identifier of an IOAM namespace. The Namespace-ID: 16-bit identifier of an IOAM-Namespace. The
Namespace-ID value of 0x0000 is defined as the default value and Namespace-ID value of 0x0000 is defined as the default value and
MUST be known to all the nodes implementing IOAM. For any other MUST be known to all the nodes implementing IOAM. For any other
Namespace-ID value that does not match any Namespace-ID the node Namespace-ID value that does not match any Namespace-ID the node
is configured to operate on, the node MUST NOT change the contents is configured to operate on, the node MUST NOT change the contents
of the IOAM data fields. of the IOAM-Data-Fields.
IOAM POT Type: 8-bit identifier of a particular POT variant that IOAM POT Type: 8-bit identifier of a particular POT variant that
specifies the POT data that is included. This document defines specifies the POT data that is included. This document defines
POT Type 0: POT Type 0:
0: POT data is a 16 Octet field as described below. 0: POT data is a 16 Octet field as described below.
IOAM POT flags: 8-bit. Following flags are defined: IOAM POT flags: 8-bit. Following flags are defined:
Bit 0 "Profile-to-use" (P-bit) (most significant bit). For IOAM Bit 0 "Profile-to-use" (P-bit) (most significant bit). For IOAM
POT types that use a maximum of two profiles to drive POT types that use a maximum of two profiles to drive
computation, indicates which POT-profile is used. The two computation, indicates which POT-profile is used. The two
profiles are numbered 0, 1. profiles are numbered 0, 1.
Bit 1-7 Reserved: Must be set to zero upon transmission and Bit 1-7 Reserved: Must be set to zero upon transmission and
ignored upon receipt. ignored upon receipt.
POT Option data: Variable-length field. The type of which is POT Option data: Variable-length field. The type of which is
determined by the IOAM-POT-Type. determined by the IOAM-POT-Type.
4.3.1. IOAM Proof of Transit Type 0 4.5.1. IOAM Proof of Transit Type 0
IOAM proof of transit option of IOAM POT Type 0: IOAM proof of transit option of IOAM POT Type 0:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Namespace-ID |IOAM POT Type=0|P|R R R R R R R| | Namespace-ID |IOAM POT Type=0|P|R R R R R R R|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+
| Random | | | Random | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ P +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ P
| Random(contd) | O | Random(contd) | O
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ T +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ T
| Cumulative | | | Cumulative | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| Cumulative (contd) | | | Cumulative (contd) | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+
Namespace-ID: 16-bit identifier of an IOAM namespace. The Namespace-ID: 16-bit identifier of an IOAM-Namespace. The
Namespace-ID value of 0x0000 is defined as the default value and Namespace-ID value of 0x0000 is defined as the default value and
MUST be known to all the nodes implementing IOAM. For any other MUST be known to all the nodes implementing IOAM. For any other
Namespace-ID value that does not match any Namespace-ID the node Namespace-ID value that does not match any Namespace-ID the node
is configured to operate on, the node MUST NOT change the contents is configured to operate on, the node MUST NOT change the contents
of the IOAM data fields. of the IOAM-Data-Fields.
IOAM POT Type: 8-bit identifier of a particular POT variant that IOAM POT Type: 8-bit identifier of a particular POT variant that
specifies the POT data that is included. This section defines the specifies the POT data that is included. This section defines the
POT data when the IOAM POT Type is set to the value 0. POT data when the IOAM POT Type is set to the value 0.
P bit: 1-bit. "Profile-to-use" (P-bit) (most significant bit). P bit: 1-bit. "Profile-to-use" (P-bit) (most significant bit).
Indicates which POT-profile is used to generate the Cumulative. Indicates which POT-profile is used to generate the Cumulative.
Any node participating in POT will have a maximum of 2 profiles Any node participating in POT will have a maximum of 2 profiles
configured that drive the computation of cumulative. The two configured that drive the computation of cumulative. The two
profiles are numbered 0, 1. This bit conveys whether profile 0 or profiles are numbered 0, 1. This bit conveys whether profile 0 or
skipping to change at page 25, line 20 skipping to change at page 26, line 11
Cumulative: 64-bit Cumulative that is updated at specific nodes by Cumulative: 64-bit Cumulative that is updated at specific nodes by
processing per packet Random number field and configured processing per packet Random number field and configured
parameters. parameters.
Note: Larger or smaller sizes of "Random" and "Cumulative" data are Note: Larger or smaller sizes of "Random" and "Cumulative" data are
feasible and could be required for certain deployments (e.g. in case feasible and could be required for certain deployments (e.g. in case
of space constraints in the transport protocol used). Future of space constraints in the transport protocol used). Future
versions of this document will address different sizes of data for versions of this document will address different sizes of data for
"proof of transit". "proof of transit".
4.4. IOAM Edge-to-Edge Option 4.6. IOAM Edge-to-Edge Option-Type
The IOAM edge-to-edge option is to carry data that is added by the The IOAM Edge-to-Edge Option-Type is to carry data that is added by
IOAM encapsulating node and interpreted by IOAM decapsulating node. the IOAM encapsulating node and interpreted by IOAM decapsulating
The IOAM transit nodes MAY process the data without modifying it. node. The IOAM transit nodes MAY process the data but MUST NOT
modify it.
IOAM edge-to-edge option header: The IOAM Edge-to-Edge Option-Type consist of a fixed size "IOAM Edge-
to-Edge Option-Type header" and "IOAM Edge-to-Edge Option-Type data
fields":
0 1 2 3 IOAM Edge-to-Edge Option-Type header:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Namespace-ID | IOAM-E2E-Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
IOAM edge-to-edge option data MUST be 4-octet aligned: 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Namespace-ID | IOAM-E2E-Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
0 1 2 3 IOAM Edge-to-Edge Option-Type IOAM-Data-Fields MUST
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 be 4-octet aligned:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| E2E Option data field determined by IOAM-E2E-Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Namespace-ID: 16-bit identifier of an IOAM namespace. The 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| E2E Option data field determined by IOAM-E2E-Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Namespace-ID: 16-bit identifier of an IOAM-Namespace. The
Namespace-ID value of 0x0000 is defined as the default value and Namespace-ID value of 0x0000 is defined as the default value and
MUST be known to all the nodes implementing IOAM. For any other MUST be known to all the nodes implementing IOAM. For any other
Namespace-ID value that does not match any Namespace-ID the node Namespace-ID value that does not match any Namespace-ID the node
is configured to operate on, then the node MUST NOT change the is configured to operate on, then the node MUST NOT change the
contents of the IOAM data fields. contents of the IOAM-Data-Fields.
IOAM-E2E-Type: A 16-bit identifier which specifies which data types IOAM-E2E-Type: A 16-bit identifier which specifies which data types
are used in the E2E option data. The IOAM-E2E-Type value is a bit are used in the E2E option data. The IOAM-E2E-Type value is a bit
field. The order of packing the E2E option data field elements field. The order of packing the E2E option data field elements
follows the bit order of the IOAM-E2E-Type field, as follows: follows the bit order of the IOAM-E2E-Type field, as follows:
Bit 0 (Most significant bit) When set indicates presence of a Bit 0 (Most significant bit) When set indicates presence of a
64-bit sequence number added to a specific "packet group" 64-bit sequence number added to a specific "packet group"
which is used to detect packet loss, packet reordering, which is used to detect packet loss, packet reordering,
or packet duplication within the group. The "packet or packet duplication within the group. The "packet
skipping to change at page 27, line 14 skipping to change at page 28, line 10
Bit 4-15 Undefined. An IOAM encapsulating node Must set the value Bit 4-15 Undefined. An IOAM encapsulating node Must set the value
of these bits to zero upon transmission and ignore upon of these bits to zero upon transmission and ignore upon
receipt. receipt.
E2E Option data: Variable-length field. The type of which is E2E Option data: Variable-length field. The type of which is
determined by the IOAM-E2E-Type. determined by the IOAM-E2E-Type.
5. Timestamp Formats 5. Timestamp Formats
The IOAM data fields include a timestamp field which is represented The IOAM-Data-Fields include a timestamp field which is represented
in one of three possible timestamp formats. It is assumed that the in one of three possible timestamp formats. It is assumed that the
management plane is responsible for determining which timestamp management plane is responsible for determining which timestamp
format is used. format is used.
5.1. PTP Truncated Timestamp Format 5.1. PTP Truncated Timestamp Format
The Precision Time Protocol (PTP) [IEEE1588v2] uses an 80-bit The Precision Time Protocol (PTP) [IEEE1588v2] uses an 80-bit
timestamp format. The truncated timestamp format is a 64-bit field, timestamp format. The truncated timestamp format is a 64-bit field,
which is the 64 least significant bits of the 80-bit PTP timestamp. which is the 64 least significant bits of the 80-bit PTP timestamp.
The PTP truncated format is specified in Section 4.3 of The PTP truncated format is specified in Section 4.3 of
skipping to change at page 31, line 34 skipping to change at page 32, line 34
7. IANA Considerations 7. IANA Considerations
This document requests the following IANA Actions. This document requests the following IANA Actions.
7.1. Creation of a new In-Situ OAM Protocol Parameters Registry (IOAM) 7.1. Creation of a new In-Situ OAM Protocol Parameters Registry (IOAM)
Protocol Parameters IANA registry Protocol Parameters IANA registry
IANA is requested to create a new protocol registry for "In-Situ OAM IANA is requested to create a new protocol registry for "In-Situ OAM
(IOAM) Protocol Parameters". This is the common registry that will (IOAM) Protocol Parameters". This is the common registry that will
include registrations for all IOAM namespaces. Each Registry, whose include registrations for all IOAM-Namespaces. Each Registry, whose
names are listed below: names are listed below:
IOAM Type IOAM Option-Type
IOAM Trace Type IOAM Trace-Type
IOAM Trace flags IOAM Trace-Flags
IOAM POT Type IOAM POT-Type
IOAM POT flags IOAM POT-Flags
IOAM E2E Type IOAM E2E-Type
IOAM Namespace-ID IOAM Namespace-ID
will contain the current set of possibilities defined in this will contain the current set of possibilities defined in this
document. New registries in this name space are created via RFC document. New registries in this name space are created via RFC
Required process as per [RFC8126]. Required process as per [RFC8126].
The subsequent sub-sections detail the registries herein contained. The subsequent sub-sections detail the registries herein contained.
7.2. IOAM Type Registry 7.2. IOAM Option-Type Registry
This registry defines 128 code points for the IOAM-Type field for This registry defines 128 code points for the IOAM Option-Type field
identifying IOAM options as explained in Section 4. The following for identifying IOAM Option-Types as explained in Section 4. The
code points are defined in this draft: following code points are defined in this draft:
0 IOAM Pre-allocated Trace Option Type 0 IOAM Pre-allocated Trace Option-Type
1 IOAM Incremental Trace Option Type 1 IOAM Incremental Trace Option-Type
2 IOAM POT Option Type 2 IOAM POT Option-Type
3 IOAM E2E Option Type 3 IOAM E2E Option-Type
4 - 127 are available for assignment via RFC Required process as per 4 - 127 are available for assignment via RFC Required process as per
[RFC8126]. [RFC8126].
7.3. IOAM Trace Type Registry 7.3. IOAM Trace-Type Registry
This registry defines code point for each bit in the 24-bit IOAM- This registry defines code point for each bit in the 24-bit IOAM-
Trace-Type field for Pre-allocated trace option and Incremental trace Trace-Type field for Pre-allocated trace option and Incremental trace
option defined in Section 4.2. The meaning of Bits 0 - 11 for trace option defined in Section 4.4. The meaning of Bits 0 - 11 for trace
type are defined in this document in Paragraph 5 of Section 4.2.1: type are defined in this document in Paragraph 5 of Section 4.4.1:
Bit 0 hop_Lim and node_id in short format Bit 0 hop_Lim and node_id in short format
Bit 1 ingress_if_id and egress_if_id in short format Bit 1 ingress_if_id and egress_if_id in short format
Bit 2 timestamp seconds Bit 2 timestamp seconds
Bit 3 timestamp subseconds Bit 3 timestamp subseconds
Bit 4 transit delay Bit 4 transit delay
Bit 5 namespace specific data in short format Bit 5 namespace specific data in short format
Bit 6 queue depth Bit 6 queue depth
Bit 7 variable length Opaque State Snapshot Bit 7 checksum complement
Bit 8 hop_Lim and node_id in wide format Bit 8 hop_Lim and node_id in wide format
Bit 9 ingress_if_id and egress_if_id in wide format Bit 9 ingress_if_id and egress_if_id in wide format
Bit 10 namespace specific data in wide format Bit 10 namespace specific data in wide format
Bit 11 buffer occupancy Bit 11 buffer occupancy
Bit 23 checksum complement Bit 22 variable length Opaque State Snapshot
The meaning for Bits 12 - 22 are available for assignment via RFC Bit 23 reserved
The meaning for Bits 12 - 21 are available for assignment via RFC
Required process as per [RFC8126]. Required process as per [RFC8126].
7.4. IOAM Trace Flags Registry 7.4. IOAM Trace-Flags Registry
This registry defines code points for each bit in the 4 bit flags for This registry defines code points for each bit in the 4 bit flags for
the Pre-allocated trace option and for the Incremental trace option the Pre-allocated trace option and for the Incremental trace option
defined in Section 4.2. The meaning of Bit 0 (the most significant defined in Section 4.4. The meaning of Bit 0 (the most significant
bit) for trace flags is defined in this document in Paragraph 3 of bit) for trace flags is defined in this document in Paragraph 3 of
Section 4.2.1: Section 4.4.1:
Bit 0 "Overflow" (O-bit) Bit 0 "Overflow" (O-bit)
7.5. IOAM POT Type Registry 7.5. IOAM POT-Type Registry
This registry defines 256 code points to define IOAM POT Type for This registry defines 256 code points to define IOAM POT Type for
IOAM proof of transit option Section 4.3. The code point value 0 is IOAM proof of transit option Section 4.5. The code point value 0 is
defined in this document: defined in this document:
0: 16 Octet POT data 0: 16 Octet POT data
1 - 255 are available for assignment via RFC Required process as per 1 - 255 are available for assignment via RFC Required process as per
[RFC8126]. [RFC8126].
7.6. IOAM POT Flags Registry 7.6. IOAM POT-Flags Registry
This registry defines code points for each bit in the 8 bit flags for This registry defines code points for each bit in the 8 bit flags for
IOAM POT option defined in Section 4.3. The meaning of Bit 0 for IOAM POT option defined in Section 4.5. The meaning of Bit 0 for
IOAM POT flags is defined in this document in Section 4.3: IOAM POT flags is defined in this document in Section 4.5:
Bit 0 "Profile-to-use" (P-bit) Bit 0 "Profile-to-use" (P-bit)
The meaning for Bits 1 - 7 are available for assignment via RFC The meaning for Bits 1 - 7 are available for assignment via RFC
Required process as per [RFC8126]. Required process as per [RFC8126].
7.7. IOAM E2E Type Registry 7.7. IOAM E2E-Type Registry
This registry defines code points for each bit in the 16 bit IOAM- This registry defines code points for each bit in the 16 bit IOAM-
E2E-Type field for IOAM E2E option Section 4.4. The meaning of Bit 0 E2E-Type field for IOAM E2E option Section 4.6. The meaning of Bit 0
- 3 are defined in this document: - 3 are defined in this document:
Bit 0 64-bit sequence number Bit 0 64-bit sequence number
Bit 1 32-bit sequence number Bit 1 32-bit sequence number
Bit 2 timestamp seconds Bit 2 timestamp seconds
Bit 3 timestamp subseconds Bit 3 timestamp subseconds
The meaning of Bits 4 - 15 are available for assignment via RFC The meaning of Bits 4 - 15 are available for assignment via RFC
Required process as per [RFC8126]. Required process as per [RFC8126].
7.8. IOAM Namespace-ID Registry 7.8. IOAM Namespace-ID Registry
IANA is requested to set up an "IOAM Namespace-ID Registry", IANA is requested to set up an "IOAM Namespace-ID Registry",
containing 16-bit values. The meaning of Bit 0 is defined in this containing 16-bit values. The meaning of Bit 0 is defined in this
document. IANA is requested to reserve the values 0x0001 to 0x7FFF document. IANA is requested to reserve the values 0x0001 to 0x7FFF
for private use (managed by operators), as specified in Section 4.1 for private use (managed by operators), as specified in Section 4.3
of the current document. Registry entries for the values 0x8000 to of the current document. Registry entries for the values 0x8000 to
0xFFFF are to be assigned via the "Expert Review" policy defined in 0xFFFF are to be assigned via the "Expert Review" policy defined in
[RFC8126]. [RFC8126].
0: default namespace (known to all IOAM nodes) 0: default namespace (known to all IOAM nodes)
0x0001 - 0x7FFF: reserved for private use 0x0001 - 0x7FFF: reserved for private use
0x8000 - 0xFFFF: unassigned 0x8000 - 0xFFFF: unassigned
8. Security Considerations 8. Security Considerations
As discussed in [RFC7276], a successful attack on an OAM protocol in As discussed in [RFC7276], a successful attack on an OAM protocol in
general, and specifically on IOAM, can prevent the detection of general, and specifically on IOAM, can prevent the detection of
failures or anomalies, or create a false illusion of nonexistent failures or anomalies, or create a false illusion of nonexistent
ones. ones.
The Proof of Transit option (Section Section 4.3) is used for The Proof of Transit Option-Type (Section Section 4.5) is used for
verifying the path of data packets. The security considerations of verifying the path of data packets. The security considerations of
POT are further discussed in [I-D.brockners-proof-of-transit]. POT are further discussed in [I-D.ietf-sfc-proof-of-transit].
The data elements of IOAM can be used for network reconnaissance, The data elements of IOAM can be used for network reconnaissance,
allowing attackers to collect information about network paths, allowing attackers to collect information about network paths,
performance, queue states, buffer occupancy and other information. performance, queue states, buffer occupancy and other information.
Note that in case IOAM is used in "immediate export" mode (reference Note that in case IOAM is used in "immediate export" mode (reference
to be added in a future revision), the IOAM related trace information to be added in a future revision), the IOAM related trace information
would not be available in the customer data packets, but would would not be available in the customer data packets, but would
trigger export of packet related IOAM information at every node. trigger export of packet related IOAM information at every node.
IOAM data export and securing IOAM data export is outside the scope IOAM data export and securing IOAM data export is outside the scope
of this document. of this document.
IOAM can be used as a means for implementing Denial of Service (DoS) IOAM can be used as a means for implementing Denial of Service (DoS)
attacks, or for amplifying them. For example, a malicious attacker attacks, or for amplifying them. For example, a malicious attacker
can add an IOAM header to packets in order to consume the resources can add an IOAM header to packets in order to consume the resources
of network devices that take part in IOAM or collectors that analyze of network devices that take part in IOAM or collectors that analyze
the IOAM data. Another example is a packet length attack, in which the IOAM data. Another example is a packet length attack, in which
an attacker pushes IOAM headers into data packets, causing these an attacker pushes headers associated with IOAM Option-Types into
packets to be increased beyond the MTU size, resulting in data packets, causing these packets to be increased beyond the MTU
fragmentation or in packet drops. size, resulting in fragmentation or in packet drops.
Since IOAM options may include timestamps, if network devices use Since IOAM options may include timestamps, if network devices use
synchronization protocols then any attack on the time protocol synchronization protocols then any attack on the time protocol
[RFC7384] can compromise the integrity of the timestamp-related data [RFC7384] can compromise the integrity of the timestamp-related data
fields. fields.
At the management plane, attacks may be implemented by misconfiguring At the management plane, attacks may be implemented by misconfiguring
or by maliciously configuring IOAM-enabled nodes in a way that or by maliciously configuring IOAM-enabled nodes in a way that
enables other attacks. Thus, IOAM configuration should be secured in enables other attacks. Thus, IOAM configuration should be secured in
a way that authenticates authorized users and verifies the integrity a way that authenticates authorized users and verifies the integrity
skipping to change at page 35, line 40 skipping to change at page 36, line 45
domain, and prevent IOAM data from outside the domain to be processed domain, and prevent IOAM data from outside the domain to be processed
and used within the domain. Note that the Immediate Export mode and used within the domain. Note that the Immediate Export mode
(reference to be added in a future revision) can mitigate the (reference to be added in a future revision) can mitigate the
potential threat of IOAM data leaking through data packets. potential threat of IOAM data leaking through data packets.
9. Acknowledgements 9. Acknowledgements
The authors would like to thank Eric Vyncke, Nalini Elkins, Srihari The authors would like to thank Eric Vyncke, Nalini Elkins, Srihari
Raghavan, Ranganathan T S, Karthik Babu Harichandra Babu, Akshaya Raghavan, Ranganathan T S, Karthik Babu Harichandra Babu, Akshaya
Nadahalli, LJ Wobker, Erik Nordmark, Vengada Prasad Govindan, Andrew Nadahalli, LJ Wobker, Erik Nordmark, Vengada Prasad Govindan, Andrew
Yourtchenko, Aviv Kfir, Tianran Zhou, Haoyu song and Robin Yourtchenko, Aviv Kfir, Tianran Zhou and Zhenbin (Robin) for the
<lizhenbin@huawei.com> for the comments and advice. comments and advice.
This document leverages and builds on top of several concepts This document leverages and builds on top of several concepts
described in [I-D.kitamura-ipv6-record-route]. The authors would described in [I-D.kitamura-ipv6-record-route]. The authors would
like to acknowledge the work done by the author Hiroshi Kitamura and like to acknowledge the work done by the author Hiroshi Kitamura and
people involved in writing it. people involved in writing it.
The authors would like to gracefully acknowledge useful review and The authors would like to gracefully acknowledge useful review and
insightful comments received from Joe Clarke, Al Morton, and Mickey insightful comments received from Joe Clarke, Al Morton, Tom Herbet,
Spiegel. Haoyu song, and Mickey Spiegel.
The authors would like to acknowledge the contribution of "Immediate The authors would like to acknowledge the contribution of "Immediate
export" of IOAM trace by Barak Gafni. export" of IOAM trace by Barak Gafni.
10. References 10. References
10.1. Normative References 10.1. Normative References
[IEEE1588v2] [IEEE1588v2]
Institute of Electrical and Electronics Engineers, "IEEE Institute of Electrical and Electronics Engineers, "IEEE
skipping to change at page 36, line 44 skipping to change at page 37, line 48
Specification", RFC 5905, DOI 10.17487/RFC5905, June 2010, Specification", RFC 5905, DOI 10.17487/RFC5905, June 2010,
<https://www.rfc-editor.org/info/rfc5905>. <https://www.rfc-editor.org/info/rfc5905>.
[RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for
Writing an IANA Considerations Section in RFCs", BCP 26, Writing an IANA Considerations Section in RFCs", BCP 26,
RFC 8126, DOI 10.17487/RFC8126, June 2017, RFC 8126, DOI 10.17487/RFC8126, June 2017,
<https://www.rfc-editor.org/info/rfc8126>. <https://www.rfc-editor.org/info/rfc8126>.
10.2. Informative References 10.2. Informative References
[I-D.brockners-proof-of-transit]
Brockners, F., Bhandari, S., Dara, S., Pignataro, C.,
Leddy, J., Youell, S., Mozes, D., and T. Mizrahi, "Proof
of Transit", draft-brockners-proof-of-transit-05 (work in
progress), May 2018.
[I-D.ietf-ntp-packet-timestamps] [I-D.ietf-ntp-packet-timestamps]
Mizrahi, T., Fabini, J., and A. Morton, "Guidelines for Mizrahi, T., Fabini, J., and A. Morton, "Guidelines for
Defining Packet Timestamps", draft-ietf-ntp-packet- Defining Packet Timestamps", draft-ietf-ntp-packet-
timestamps-06 (work in progress), February 2019. timestamps-07 (work in progress), August 2019.
[I-D.ietf-nvo3-geneve] [I-D.ietf-nvo3-geneve]
Gross, J., Ganga, I., and T. Sridhar, "Geneve: Generic Gross, J., Ganga, I., and T. Sridhar, "Geneve: Generic
Network Virtualization Encapsulation", draft-ietf- Network Virtualization Encapsulation", draft-ietf-
nvo3-geneve-13 (work in progress), March 2019. nvo3-geneve-13 (work in progress), March 2019.
[I-D.ietf-nvo3-vxlan-gpe] [I-D.ietf-nvo3-vxlan-gpe]
Maino, F., Kreeger, L., and U. Elzur, "Generic Protocol Maino, F., Kreeger, L., and U. Elzur, "Generic Protocol
Extension for VXLAN", draft-ietf-nvo3-vxlan-gpe-07 (work Extension for VXLAN", draft-ietf-nvo3-vxlan-gpe-07 (work
in progress), April 2019. in progress), April 2019.
[I-D.ietf-sfc-proof-of-transit]
Brockners, F., Bhandari, S., Dara, S., Pignataro, C.,
Leddy, J., Youell, S., Mozes, D., Mizrahi, T., Aguado, A.,
and D. Lopez, "Proof of Transit", draft-ietf-sfc-proof-of-
transit-02 (work in progress), March 2019.
[I-D.kitamura-ipv6-record-route] [I-D.kitamura-ipv6-record-route]
Kitamura, H., "Record Route for IPv6 (PR6) Hop-by-Hop Kitamura, H., "Record Route for IPv6 (PR6) Hop-by-Hop
Option Extension", draft-kitamura-ipv6-record-route-00 Option Extension", draft-kitamura-ipv6-record-route-00
(work in progress), November 2000. (work in progress), November 2000.
[I-D.lapukhov-dataplane-probe] [I-D.lapukhov-dataplane-probe]
Lapukhov, P. and r. remy@barefootnetworks.com, "Data-plane Lapukhov, P. and r. remy@barefootnetworks.com, "Data-plane
probe for in-band telemetry collection", draft-lapukhov- probe for in-band telemetry collection", draft-lapukhov-
dataplane-probe-01 (work in progress), June 2016. dataplane-probe-01 (work in progress), June 2016.
[I-D.spiegel-ippm-ioam-rawexport] [I-D.spiegel-ippm-ioam-rawexport]
Spiegel, M., Brockners, F., Bhandari, S., and R. Spiegel, M., Brockners, F., Bhandari, S., and R.
Sivakolundu, "In-situ OAM raw data export with IPFIX", Sivakolundu, "In-situ OAM raw data export with IPFIX",
draft-spiegel-ippm-ioam-rawexport-01 (work in progress), draft-spiegel-ippm-ioam-rawexport-02 (work in progress),
October 2018. July 2019.
[RFC7276] Mizrahi, T., Sprecher, N., Bellagamba, E., and Y. [RFC7276] Mizrahi, T., Sprecher, N., Bellagamba, E., and Y.
Weingarten, "An Overview of Operations, Administration, Weingarten, "An Overview of Operations, Administration,
and Maintenance (OAM) Tools", RFC 7276, and Maintenance (OAM) Tools", RFC 7276,
DOI 10.17487/RFC7276, June 2014, DOI 10.17487/RFC7276, June 2014,
<https://www.rfc-editor.org/info/rfc7276>. <https://www.rfc-editor.org/info/rfc7276>.
[RFC7384] Mizrahi, T., "Security Requirements of Time Protocols in [RFC7384] Mizrahi, T., "Security Requirements of Time Protocols in
Packet Switched Networks", RFC 7384, DOI 10.17487/RFC7384, Packet Switched Networks", RFC 7384, DOI 10.17487/RFC7384,
October 2014, <https://www.rfc-editor.org/info/rfc7384>. October 2014, <https://www.rfc-editor.org/info/rfc7384>.
 End of changes. 149 change blocks. 
469 lines changed or deleted 525 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/