idnits 2.17.1 draft-ali-spring-ioam-srv6-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == The page length should not exceed 58 lines per page, but there was 1 longer page, the longest (page 8) being 62 lines Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (October 22, 2018) is 1984 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC4302' is mentioned on line 174, but not defined Summary: 0 errors (**), 0 flaws (~~), 3 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 SPRING Working Group Z. Ali 3 Internet-Draft R. Gandhi 4 Intended status: Standards Track C. Filsfils 5 Expires: April 25, 2019 F. Brockners 6 N. Nainar 7 C. Pignataro 8 Cisco Systems, Inc. 9 C. Li 10 M. Chen 11 Huawei 12 G. Dawra 13 LinkedIn 14 October 22, 2018 16 Segment Routing Header encapsulation for In-situ OAM Data 17 draft-ali-spring-ioam-srv6-00 19 Abstract 21 In-situ Operations, Administration, and Maintenance (IOAM) records 22 operational and telemetry information in the data packet while the 23 packet traverses a path between two points in the network. This 24 document defines how IOAM data fields are transported as part of the 25 Segment Routing with IPv6 data plane (SRv6) header. 27 Status of This Memo 29 This Internet-Draft is submitted in full conformance with the 30 provisions of BCP 78 and BCP 79. 32 Internet-Drafts are working documents of the Internet Engineering 33 Task Force (IETF). Note that other groups may also distribute 34 working documents as Internet-Drafts. The list of current Internet- 35 Drafts is at http://datatracker.ietf.org/drafts/current/. 37 Internet-Drafts are draft documents valid for a maximum of six months 38 and may be updated, replaced, or obsoleted by other documents at any 39 time. It is inappropriate to use Internet-Drafts as reference 40 material or to cite them other than as "work in progress." 42 Copyright Notice 44 Copyright (c) 2018 IETF Trust and the persons identified as the 45 document authors. All rights reserved. 47 This document is subject to BCP 78 and the IETF Trust's Legal 48 Provisions Relating to IETF Documents 49 (http://trustee.ietf.org/license-info) in effect on the date of 50 publication of this document. Please review these documents 51 carefully, as they describe your rights and restrictions with respect 52 to this document. Code Components extracted from this document must 53 include Simplified BSD License text as described in Section 4.e of 54 the Trust Legal Provisions and are provided without warranty as 55 described in the Simplified BSD License. 57 Table of Contents 59 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2 60 2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 3 61 2.1. Requirement Language . . . . . . . . . . . . . . . . . . . 3 62 2.2. Abbreviations . . . . . . . . . . . . . . . . . . . . . . 3 63 3. IOAM Data Field Encapsulation in SRH . . . . . . . . . . . . . 4 64 4. Procedure . . . . . . . . . . . . . . . . . . . . . . . . . . 5 65 4.1. Ingress Node . . . . . . . . . . . . . . . . . . . . . . . 5 66 4.2. SR Segment Endpoint Node . . . . . . . . . . . . . . . . . 5 67 4.3. Egress Node . . . . . . . . . . . . . . . . . . . . . . . 6 68 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 69 6. Security Considerations . . . . . . . . . . . . . . . . . . . 6 70 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 6 71 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 7 72 8.1. Normative References . . . . . . . . . . . . . . . . . . . 7 73 8.2. Informative References . . . . . . . . . . . . . . . . . . 7 74 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 8 76 1. Introduction 78 In-situ Operations, Administration, and Maintenance (IOAM) records 79 OAM information within the packet while the packet traverses a 80 particular network domain. The term "in-situ" refers to the fact 81 that the IOAM data fields are added to the data packets rather than 82 being sent within probe packets specifically dedicated to OAM. 84 This document defines how IOAM data fields are transported as part of 85 the Segment Routing with IPv6 data plane (SRv6) header 86 [I-D.6man-segment-routing-header]. 88 The IOAM data fields carried are defined in 89 [I-D.ietf-ippm-ioam-data], and can be used for various use-cases 90 including Performance Measurement (PM) and Proof-of-Transit (PoT). 92 2. Conventions 94 2.1. Requirement Language 96 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 97 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 98 document are to be interpreted as described in [RFC2119] [RFC8174] 99 when, and only when, they appear in all capitals, as shown here. 101 2.2. Abbreviations 103 Abbreviations used in this document: 105 IOAM In-situ Operations, Administration, and Maintenance 107 OAM Operations, Administration, and Maintenance 109 PM Performance Measurement 111 PoT Proof-of-Transit 113 SR Segment Routing 115 SRH SRv6 Header 117 SRv6 Segment Routing with IPv6 Data plane 119 3. IOAM Data Field Encapsulation in SRH 121 The SRv6 encapsulation header (SRH) is defined in 122 [I-D.6man-segment-routing-header]. IOAM data fields are carried in 123 the SRH, using a single SRH TLV. The different IOAM data fields 124 defined in [I-D.ietf-ippm-ioam-data] are added as sub-TLVs. 126 0 1 2 3 127 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 128 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 129 | SRH-TLV-Type | LEN | RESERVED | 130 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ 131 | IOAM-Type | IOAM HDR LEN | RESERVED | | 132 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ I 133 ! | O 134 ! | A 135 ~ IOAM Option and Data Space ~ M 136 | | | 137 | | | 138 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ 139 | | 140 | | 141 | Payload + Padding (L2/L3/...) | 142 | | 144 | | 145 | | 146 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 148 Figure 1: IOAM data encapsulation in SRH 150 SRH-TLV-Type: IOAM TLV Type for SRH is defined as TBA1. 152 The fields related to the encapsulation of IOAM data fields in the 153 SRH are defined as follows: 155 IOAM-Type: 8-bit field defining the IOAM Option type, as defined in 156 Section 7.2 of [I-D.ietf-ippm-ioam-data]. 158 IOAM HDR LEN: 8-bit unsigned integer. Length of the IOAM HDR in 159 4-octet units. 161 RESERVED: 8-bit reserved field MUST be set to zero upon transmission 162 and ignored upon receipt. 164 IOAM Option and Data Space: IOAM option header and data is present 165 as defined by the IOAM-Type field, and is defined in Section 4 of 166 [I-D.ietf-ippm-ioam-data]. 168 The IOAM TLVs MAY change en route [I-D.ietf-ippm-ioam-data]. For the 169 IOAM TLVs carried in SRH that can change en route, the most 170 significant bit of the SRH-TLV-Type is set 171 [I-D.6man-segment-routing-header]. Furthermore, such IOAM TLV in SRH 172 is considered mutable for ICV computation, the Type Length, and 173 Variable Length Data is ignored for ICV Computation as defined in 174 [RFC4302]. 176 4. Procedure 178 This section summarizes the procedure for IOAM data encapsulation in 179 SRv6 SRH. The SR nodes implementing the IOAM functionality follows 180 the MTU and other considerations outlined in 181 [I-D.6man-extension-header-insertion]. 183 4.1. Ingress Node 185 The ingress node of an SR domain or an SR Policy 186 [I-D.spring-segment-routing-policy] may insert the IOAM TLV in the 187 SRH of the data packet. The ingress node may also insert the IOAM 188 data about the local information in the IOAM TLV in the SRH. When 189 IOAM data from the last node in the segment-list (Egress node) is 190 desired, the ingress uses an Ultimate Segment Pop (USP) SID at the 191 Egress node. 193 4.2. SR Segment Endpoint Node 195 The SR segment endpoint node is any node receiving an IPv6 packet 196 where the destination address of that packet is a local SID or a 197 local interface address. As part of the SR Header processing as 198 described in [I-D.6man-segment-routing-header] and 199 [I-D.spring-srv6-network-programming], the SR Segment Endpoint node 200 performs the following IOAM operations. The description borrows the 201 terminology used in [I-D.6man-segment-routing-header]. Specifically, 202 n refers to the number of segments encoded in the SRH, "Hdr Ext Len" 203 refers to the length of the SRH. The "SRH Header Len" is the length 204 of the SRH header, which is 8 octets 205 [I-D.6man-segment-routing-header]. 207 The SR Segment Endpoint node compares the "Hdr Ext Len" of the SRH 208 with the length of the "segment-list" in the SRH. Specifically, if 209 the SRH.Hdr_Ext_Len > n*16 + 8, the node looks for the presence of 210 the IOAM TLV in the SRH. If an IOAM TLV is present in the SRH and is 211 supported by the Segment Endpoint Node, the SR segment endpoint node 212 MAY modify the IOAM TLV in SRH with local IOAM data as per IOAM draft 213 [I-D.ietf-ippm-ioam-data]. 215 4.3. Egress Node 217 The Egress node is the last node in the segment-list of the SRH. When 218 IOAM data from the Egress node is desired, a USP SID advertised by 219 the Egress node is used. 221 The processing of IOAM TLV at the Egress node is similar to the 222 processing of IOAM TLV at the SR Segment Endpoint Node. The only 223 difference is that the Egress node also performs the functionality 224 required by the Egress node in an IOAM domain. E.g., the Egress node 225 may telemeter the IOAM data to a controller. 227 5. IANA Considerations 229 IANA is requested to allocate SRH TLV Type for IOAM TLV data fields 230 under registry name "Segment Routing Header TLVs" requested by %[I- 231 D.6man-segment-routing-header]. 233 +--------------+--------------------------+---------------+ 235 | SRH TLV Type | Description | Reference | 236 +--------------+--------------------------+---------------+ 237 | TBA1 | TLV for IOAM Data Fields | This document | 238 +--------------+--------------------------+---------------+ 240 6. Security Considerations 242 The security considerations of SRv6 are discussed in 243 [I-D.spring-srv6-network-programming] and 244 [I-D.6man-segment-routing-header], and the security considerations of 245 IOAM in general are discussed in [I-D.ietf-ippm-ioam-data]. 247 IOAM is considered a "per domain" feature, where one or several 248 operators decide on leveraging and configuring IOAM according to 249 their needs. Still, operators need to properly secure the IOAM 250 domain to avoid malicious configuration and use, which could include 251 injecting malicious IOAM packets into a domain. 253 7. Acknowledgements 255 The authors would like to thank Shwetha Bhandari and Vengada Prasad 256 Govindan for the discussions on IOAM. 258 8. References 260 8.1. Normative References 262 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 263 Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/ 264 RFC2119, March 1997. 266 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 267 2119 Key Words", RFC 8174, May 2017. 269 [I-D.spring-srv6-network-programming] Filsfils, C. et al. "SRv6 270 Network Programming", 271 draft-filsfils-spring-srv6-network-programming, work in 272 progress. 274 [I-D.6man-segment-routing-header] Previdi, S., Filsfils, C. et al, 275 "IPv6 Segment Routing Header (SRH)", 276 draft-ietf-6man-segment-routing-header, work in progress. 278 [I-D.ietf-ippm-ioam-data] Brockners, F., Bhandari, S., Pignataro, 279 C., Gredler, H., Leddy, J., Youell, S., Mizrahi, T., 280 Mozes, D., Lapukhov, P., Chang, R., and Bernier, D., "Data 281 Fields for In-situ OAM", draft-ietf-ippm-ioam-data, work 282 in progress. 284 [I-D.spring-segment-routing-policy] Filsfils, C., et al., "Segment 285 Routing Policy Architecture", 286 draft-ietf-spring-segment-routing-policy, work in 287 progress. 289 8.2. Informative References 291 [I-D.6man-extension-header-insertion] D. Voyer, et al., "Insertion 292 of IPv6 Segment Routing Headers in a Controlled Domain", 293 draft-voyer-6man-extension-header-insertion, work in 294 progress. 296 Authors' Addresses 298 Zafar Ali 299 Cisco Systems, Inc. 301 Email: zali@cisco.com 303 Rakesh Gandhi 304 Cisco Systems, Inc. 305 Canada 307 Email: rgandhi@cisco.com 309 Clarence Filsfils 310 Cisco Systems, Inc. 311 Belgium 313 Email: cf@cisco.com 315 Frank Brockners 316 Cisco Systems, Inc. 317 Germany 319 Email: fbrockne@cisco.com 321 Nagendra Kumar Nainar 322 Cisco Systems, Inc. 324 Email: naikumar@cisco.com 326 Carlos Pignataro 327 Cisco Systems, Inc. 329 Email: cpignata@cisco.com 331 Cheng Li 332 Huawei 334 Email: chengli13@huawei.com 336 Mach(Guoyi) Chen 337 Huawei 339 Email: mach.chen@huawei.com 341 Gaurav Dawra 342 LinkedIn 344 Email: gdawra.ietf@gmail.com