idnits 2.17.1 draft-gandhi-mpls-ioam-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (July 12, 2021) is 1017 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-17) exists of draft-ietf-ippm-ioam-data-12 == Outdated reference: A later version (-11) exists of draft-ietf-ippm-ioam-direct-export-03 == Outdated reference: A later version (-10) exists of draft-ietf-ippm-ioam-flags-04 Summary: 0 errors (**), 0 flaws (~~), 4 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 MPLS Working Group R. Gandhi, Ed. 3 Internet-Draft Z. Ali 4 Intended status: Standards Track F. Brockners 5 Expires: January 13, 2022 Cisco Systems, Inc. 6 B. Wen 7 V. Kozak 8 Comcast 9 July 12, 2021 11 MPLS Data Plane Encapsulation for In-situ OAM Data 12 draft-gandhi-mpls-ioam-00 14 Abstract 16 In-situ Operations, Administration, and Maintenance (IOAM) records 17 operational and telemetry information in the data packet while the 18 packet traverses a path between two nodes in the network. This 19 document defines how IOAM data fields are transported with MPLS data 20 plane encapsulation using new Generic Associated Channel (G-ACh). 22 Status of This Memo 24 This Internet-Draft is submitted in full conformance with the 25 provisions of BCP 78 and BCP 79. 27 Internet-Drafts are working documents of the Internet Engineering 28 Task Force (IETF). Note that other groups may also distribute 29 working documents as Internet-Drafts. The list of current Internet- 30 Drafts is at https://datatracker.ietf.org/drafts/current/. 32 Internet-Drafts are draft documents valid for a maximum of six months 33 and may be updated, replaced, or obsoleted by other documents at any 34 time. It is inappropriate to use Internet-Drafts as reference 35 material or to cite them other than as "work in progress." 37 This Internet-Draft will expire on January 13, 2022. 39 Copyright Notice 41 Copyright (c) 2021 IETF Trust and the persons identified as the 42 document authors. All rights reserved. 44 This document is subject to BCP 78 and the IETF Trust's Legal 45 Provisions Relating to IETF Documents 46 (https://trustee.ietf.org/license-info) in effect on the date of 47 publication of this document. Please review these documents 48 carefully, as they describe your rights and restrictions with respect 49 to this document. Code Components extracted from this document must 50 include Simplified BSD License text as described in Section 4.e of 51 the Trust Legal Provisions and are provided without warranty as 52 described in the Simplified BSD License. 54 Table of Contents 56 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 57 2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 3 58 2.1. Requirement Language . . . . . . . . . . . . . . . . . . 3 59 2.2. Abbreviations . . . . . . . . . . . . . . . . . . . . . . 3 60 3. MPLS Extensions for IOAM Data Fields . . . . . . . . . . . . 3 61 3.1. IOAM Generic Associated Channel . . . . . . . . . . . . . 3 62 3.2. IOAM Indicator Labels . . . . . . . . . . . . . . . . . . 5 63 4. Edge-to-Edge IOAM . . . . . . . . . . . . . . . . . . . . . . 5 64 4.1. Edge-to-Edge IOAM Indicator Label . . . . . . . . . . . . 5 65 4.2. Procedure for Edge-to-Edge IOAM . . . . . . . . . . . . . 6 66 4.3. Edge-to-Edge IOAM Indicator Label Allocation . . . . . . 6 67 5. Hop-by-Hop IOAM . . . . . . . . . . . . . . . . . . . . . . . 7 68 5.1. Hop-by-Hop IOAM Indicator Label . . . . . . . . . . . . . 7 69 5.2. Procedure for Hop-by-Hop IOAM . . . . . . . . . . . . . . 7 70 5.3. Hop-by-Hop IOAM Indicator Label Allocation . . . . . . . 8 71 6. Considerations for IOAM Indicator Label . . . . . . . . . . . 8 72 6.1. Considerations for ECMP . . . . . . . . . . . . . . . . . 8 73 6.2. Node Capability . . . . . . . . . . . . . . . . . . . . . 9 74 6.3. Nested MPLS Encapsulation . . . . . . . . . . . . . . . . 9 75 7. MPLS Encapsulation with Control Word and Another G-ACh for 76 IOAM Data Fields . . . . . . . . . . . . . . . . . . . . . . 9 77 8. Security Considerations . . . . . . . . . . . . . . . . . . . 11 78 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 79 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 12 80 10.1. Normative References . . . . . . . . . . . . . . . . . . 12 81 10.2. Informative References . . . . . . . . . . . . . . . . . 13 82 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 13 83 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 13 85 1. Introduction 87 In-situ Operations, Administration, and Maintenance (IOAM) records 88 operational and telemetry information within the packet while the 89 packet traverses a particular network domain. The term "in-situ" 90 refers to the fact that the IOAM data fields are added to the data 91 packets rather than being sent within the probe packets specifically 92 dedicated to OAM. The IOAM data fields are defined in 93 [I-D.ietf-ippm-ioam-data], and can be used for various use-cases for 94 OAM. The IOAM data fields are further updated in 95 [I-D.ietf-ippm-ioam-direct-export] for direct export use-cases and in 96 [I-D.ietf-ippm-ioam-flags] for Loopback and Active flags. 98 This document defines how IOAM data fields are transported with MPLS 99 data plane encapsulations using new Generic Associated Channel 100 (G-ACh). 102 2. Conventions 104 2.1. Requirement Language 106 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 107 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 108 document are to be interpreted as described in [RFC2119] [RFC8174] 109 when, and only when, they appear in all capitals, as shown here. 111 2.2. Abbreviations 113 Abbreviations used in this document: 115 ECMP Equal Cost Multi-Path 117 E2E Edge-To-Edge 119 G-ACh Generic Associated Channel 121 HbH Hop-by-Hop 123 IOAM In-situ Operations, Administration, and Maintenance 125 MPLS Multiprotocol Label Switching 127 OAM Operations, Administration, and Maintenance 129 POT Proof-of-Transit 131 PW PseudoWire 133 3. MPLS Extensions for IOAM Data Fields 135 3.1. IOAM Generic Associated Channel 137 The IOAM data fields are defined in [I-D.ietf-ippm-ioam-data]. The 138 IOAM data fields are carried in the MPLS header as shown in Figure 1. 139 More than one trace options can be present in the IOAM data fields. 140 G-ACh [RFC5586] provides a mechanism to transport OAM and other 141 control messages over MPLS data plane. The IOAM G-ACh header 142 [RFC5586] with new IOAM G-ACh type is added immediately after the 143 MPLS label stack in the MPLS header as shown in Figure 1, before the 144 IOAM data fields. The G-ACh label (GAL) [RFC5586] is not added in 145 the MPLS label stack. 147 This document updates the following paragraph in Section 2.1 of 148 [RFC5586]: "The G-ACh MUST NOT be used to transport user traffic" to 149 "The G-ACh MAY be used with user traffic". 151 0 1 2 3 152 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 153 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ 154 |0 0 0 1|Version| Reserved | IOAM G-ACh | | 155 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 156 | Reserved | Block Number | IOAM-OPT-Type |IOAM Length | | 157 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ I 158 | | O 159 | | A 160 ~ IOAM Option and Data Space ~ M 161 | | | 162 | | | 163 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ 164 | | 165 | | 166 | Payload + Padding | 167 | | 168 | | 169 | | 170 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 172 Figure 1: IOAM Generic Associated Channel with IOAM Data Fields 174 The IOAM data fields are encapsulated using the following fields in 175 the MPLS header: 177 IP Version Number 0001b: The first four octets are IP Version Field 178 part of a G-ACh header, as defined in [RFC5586]. 180 Version: The Version field is set to 0, as defined in [RFC4385]. 182 IOAM G-ACh: Generic Associated Channel (G-ACh) Type (value TBA3) for 183 IOAM [RFC5586]. 185 Reserved: Reserved Bits MUST be set to zero upon transmission and 186 ignored upon receipt. 188 Block Number: The Block Number can be used to aggregate the IOAM 189 data collected in data plane, e.g. compute measurement metrics for 190 each block of a flow. It is also used to correlate the IOAM data 191 on different nodes. 193 IOAM-OPT-Type: 8-bit field defining the IOAM Option type, as defined 194 in Section 8.1 of [I-D.ietf-ippm-ioam-data]. 196 IOAM Length: 8-bit unsigned integer. Length of IOAM in 4-octet 197 units, including IOAM header. 199 IOAM Option and Data Space: IOAM option header and data is present 200 as defined by the IOAM-OPT-Type field, and is defined in Section 5 201 of [I-D.ietf-ippm-ioam-data]. 203 3.2. IOAM Indicator Labels 205 An IOAM Indicator Label is used to indicate the presence of the IOAM 206 data fields in the MPLS header. There are two IOAM types defined in 207 this document: Edge-to-Edge (E2E) and Hop-by-Hop (HbH) IOAM. If only 208 edge nodes need to process IOAM data then E2E IOAM Indicator Label is 209 used so that intermediate nodes can ignore it. If both edge and 210 intermediate nodes need to process IOAM data then HbH IOAM Indicator 211 Label is used. Different IOAM Indicator Labels allow to optimize the 212 IOAM processing on intermediate nodes by checking if IOAM data fields 213 need to be processed. 215 4. Edge-to-Edge IOAM 217 4.1. Edge-to-Edge IOAM Indicator Label 219 The E2E IOAM Indicator Label is used to indicate the presence of the 220 E2E IOAM data fields in the MPLS header as shown in Figure 2. 222 0 1 2 3 223 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 224 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 225 | Label(1) | TC |S| TTL | 226 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 227 . . 228 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 229 | Label(n) | TC |S| TTL | 230 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 231 | E2E IOAM Indicator Label | TC |1| TTL | 232 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 233 | Packet as shown in Figure 1 | 234 . . 235 +---------------------------------------------------------------+ 237 Figure 2: MPLS Encapsulation for E2E IOAM 239 The E2E IOAM data fields carry the Option-Type(s) that require 240 processing on the encapsulating and decapsulating nodes only. The 241 IOAM Option-Type carried can be IOAM Edge-to-Edge Option-Type 242 [I-D.ietf-ippm-ioam-data]. The E2E IOAM data fields SHOULD NOT carry 243 any IOAM Option-Type that require IOAM processing on the intermediate 244 nodes as it will not be processed by them. 246 4.2. Procedure for Edge-to-Edge IOAM 248 The E2E IOM procedure is summarized as following: 250 o The encapsulating node inserts the E2E IOAM Indicator Label and 251 one or more IOAM data fields in the MPLS header. 253 o The intermediate nodes do not process IOAM data fields. 255 o The decapsulating node "punts the timestamped copy" of the 256 received packet as is including the IOAM data fields when the node 257 recognizes the IOAM Indicator Label. The copy of the packet is 258 punted with receive timestamp to the slow path for IOAM data 259 fields processing. The receive timestamp is required by the 260 various E2E OAM use-cases, including streaming telemetry. Note 261 that it is not necessarily punted to the control-plane. 263 o The decapsulating node processes the IOAM data fields using the 264 procedures defined in [I-D.ietf-ippm-ioam-data]. An example of 265 IOAM processing is to export the data fields, send data fields via 266 streaming telemetry, etc. 268 o The decapsulating node also pops the IOAM Indicator Label and the 269 IOAM data fields from the received packet. The decapsulated 270 packet is forwarded downstream or terminated locally similar to 271 the regular data packets. 273 4.3. Edge-to-Edge IOAM Indicator Label Allocation 275 The E2E IOAM Indicator Label is used to indicate the presence of the 276 E2E IOAM data fields in the MPLS header. The E2E IOAM Indicator 277 Label can be allocated using one of the following three methods: 279 o Label assigned by IANA with value TBA1 from the Extended Special- 280 Purpose MPLS Values [RFC9017]. 282 o Label allocated by a Controller from the global table of the 283 decapsulating node. The Controller provisions the label on both 284 encapsulating and decapsulating nodes. 286 o Label allocated by the decapsulating node and signalled or 287 advertised in the network. The signaling and/or advertisement 288 extension for this is outside the scope of this document. 290 5. Hop-by-Hop IOAM 292 5.1. Hop-by-Hop IOAM Indicator Label 294 The HbH IOAM Indicator Label is used to indicate the presence of the 295 HbH IOAM data fields in the MPLS header as shown in Figure 3. 297 0 1 2 3 298 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 299 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 300 | Label(1) | TC |S| TTL | 301 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 302 . . 303 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 304 | Label(n) | TC |S| TTL | 305 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 306 | HbH IOAM Indicator Label | TC |1| TTL | 307 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 308 | Packet as shown in Figure 1 | 309 . . 310 +---------------------------------------------------------------+ 312 Figure 3: MPLS Encapsulation for HbH IOAM 314 The HbH IOAM data fields carry the Option-Type(s) that require 315 processing at the intermediate and/or encapsulating and decapsulating 316 nodes. The IOAM Option-Type carried can be IOAM Pre-allocated Trace 317 Option-Type, IOAM Incremental Trace Option-Type and IOAM Proof of 318 Transit (POT) Option-Type, as well as Edge-to-Edge Option-Type 319 [I-D.ietf-ippm-ioam-data]. 321 5.2. Procedure for Hop-by-Hop IOAM 323 The HbH IOAM procedure is summarized as following: 325 o The encapsulating node inserts the HbH IOAM Indicator Label and 326 one or more IOAM data fields in the MPLS header. 328 o The intermediate node enabled with HbH IOAM functions processes 329 the data packet including the IOAM data fields as defined in 330 [I-D.ietf-ippm-ioam-data] when the node recognizes the HbH IOAM 331 Indicator Label present in the MPLS header. The intermediate node 332 may 'punt the timestamped copy' of the received data packet 333 including the IOAM data fields as required by the IOAM data fields 334 processing. The copy of the packet is punted with receive 335 timestamp to the slow path for IOAM processing. 337 o The intermediate node forwards a copy of the processed data packet 338 downstream. 340 o The decapsulating node "punts the timestamped copy" of the 341 received data packet as is including the IOAM data fields when the 342 node recognizes the IOAM Indicator Label. The copy of the packet 343 is punted with receive timestamp to the slow path for IOAM data 344 fields processing. The receive timestamp is required by the 345 various E2E OAM use-cases, including streaming telemetry. Note 346 that it is not necessarily punted to the control-plane. 348 o The decapsulating node processes the IOAM data fields using the 349 procedures defined in [I-D.ietf-ippm-ioam-data]. An example of 350 IOAM processing is to export the data fields, send data fields via 351 streaming telemetry, etc. 353 o The decapsulating node also pops the IOAM Indicator Label and the 354 IOAM data fields from the received packet. The decapsulated 355 packet is forwarded downstream or terminated locally similar to 356 the regular data packets. 358 5.3. Hop-by-Hop IOAM Indicator Label Allocation 360 The HbH IOAM Indicator Label is used to indicate the presence of the 361 HbH IOAM data fields in the MPLS header. The HbH IOAM Indicator 362 Label can be allocated using one of the following three methods: 364 o Label assigned by IANA with value TBA2 from the Extended Special- 365 Purpose MPLS Values [RFC9017]. 367 o Label allocated by a Controller from the network-wide global 368 table. The Controller provisions the labels on all nodes 369 participating in IOAM functions along the data traffic path. 371 o Labels allocated by the intermediate and decapsulating nodes and 372 signalled or advertised in the network. The signaling and/or 373 advertisement extension for this is outside the scope of this 374 document. 376 6. Considerations for IOAM Indicator Label 378 6.1. Considerations for ECMP 380 The encapsulating node needs to make sure the IOAM data fields do not 381 start with a well-known IP Version Number (e.g. 0x4 for IPv4 and 0x6 382 for IPv6) as that can alter the hashing function for ECMP that uses 383 the IP header. This is achieved by using the IOAM G-ACh with IP 384 Version Number 0001b after the MPLS label stack [RFC5586]. 386 Note that the hashing function for ECMP that uses the labels from the 387 MPLS header may now include the IOAM Indicator Label. 389 When entropy label [RFC6790] is used for hashing function for ECMP, 390 the procedure defined in this document does not alter the hashing 391 function. 393 6.2. Node Capability 395 The decapsulating node that has to pop the IOAM Indicator Label, data 396 fields, and perform the IOAM function may not be capable of 397 supporting it. The encapsulating node needs to know if the 398 decapsulating node can support the IOAM function. The signaling 399 extension for this capability exchange is outside the scope of this 400 document. 402 The intermediate node that is not capable of supporting the IOAM 403 functions defined in this document, can simply skip the IOAM 404 processing of the MPLS header. 406 6.3. Nested MPLS Encapsulation 408 The data packets with IOAM data fields carry only one IOAM Indicator 409 Label in the MPLS header. Any intermediate node that adds additional 410 MPLS encapsulation in the MPLS header may further update the IOAM 411 data fields in the header without inserting another IOAM Indicator 412 Label. When a packet is received with a HbH IOAM Indicator Label, 413 the nested MPLS encapsulating node can add a HbH and/or E2E IOAM 414 Option-Type. However, when a packet is received with an E2E IOAM 415 Indicator Label, the nested MPLS encapsulating node SHOULD NOT add a 416 HbH IOAM Option-Type, as intermediate nodes will not process it. 418 7. MPLS Encapsulation with Control Word and Another G-ACh for IOAM Data 419 Fields 421 The IOAM data fields, including IOAM G-ACh header are added in the 422 MPLS encapsulation immediately after the MPLS header. Any Control 423 Word [RFC4385] or another G-ACh [RFC5586] MUST be added after the 424 IOAM data fields in the packet as shown in the Figure 4 and Figure 5, 425 respectively. This allows the intermediate nodes to easily access 426 the HbH IOAM data fields located immediately after the MPLS header. 427 The decapsulating node can remove the MPLS encapsulation including 428 the IOAM data fields and then process the Control Word or another 429 G-ACh following it. The subsequent G-ACh is located through the use 430 of the "IOAM Length" field in the IOAM header. 432 0 1 2 3 433 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 434 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 435 | IOAM Indicator Label | TC |1| TTL | 436 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ 437 |0 0 0 1|Version| Reserved | IOAM G-ACh | | 438 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 439 | Reserved | Block Number | IOAM-OPT-Type |IOAM Length | | 440 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ I 441 | | O 442 | | A 443 ~ IOAM Option and Data Space ~ M 444 | | | 445 | | | 446 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ 447 |0 0 0 0| Specified by PW Encapsulation [RFC4385] | 448 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 449 | | 450 | | 451 ~ Payload + Padding ~ 452 | | 453 | | 454 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 456 Figure 4: Example MPLS Encapsulation with Generic PW Control Word 457 with IOAM 459 0 1 2 3 460 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 461 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 462 | IOAM Indicator Label | TC |1| TTL | 463 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ 464 |0 0 0 1|Version| Reserved | IOAM G-ACh | | 465 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | 466 | Reserved | Block Number | IOAM-OPT-Type |IOAM Length | | 467 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ I 468 | | O 469 | | A 470 ~ IOAM Option and Data Space ~ M 471 | | | 472 | | | 473 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ 474 |0 0 0 1|Version| Reserved | Channel Type | 475 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 476 | | 477 | | 478 ~ Payload + Padding ~ 479 | | 480 | | 481 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 483 Figure 5: Example MPLS Encapsulation with Another G-ACh with IOAM 485 8. Security Considerations 487 The security considerations of IOAM in general are discussed in 488 [I-D.ietf-ippm-ioam-data]. 490 IOAM is considered a "per domain" feature, where one or several 491 operators decide on leveraging and configuring IOAM according to 492 their needs. Still, operators need to properly secure the IOAM 493 domain to avoid malicious configuration and use, which could include 494 injecting malicious IOAM packets into a domain. 496 Routers that support G-ACh are subject to the same security 497 considerations as defined in [RFC4385] and [RFC5586]. 499 9. IANA Considerations 501 IANA maintains the "Special-Purpose Multiprotocol Label Switching 502 (MPLS) Label Values" registry (see ). IANA is requested to 504 allocate IOAM Indicator Label value from the "Extended Special- 505 Purpose MPLS Label Values" registry: 507 +--------+--------------------------+---------------+ 508 | Value | Description | Reference | 509 +--------+--------------------------+---------------+ 510 | TBA1 | E2E IOAM Indicator Label | This document | 511 +--------+--------------------------+---------------+ 512 | TBA2 | HbH IOAM Indicator Label | This document | 513 +--------+--------------------------+---------------+ 515 Table 1: IOAM Indicator Label Values 517 IANA maintains G-ACh Type Registry (see 518 ). IANA is requested to allocate a value for IOAM 520 G-ACh Type from "MPLS Generalized Associated Channel (G-ACh) Types 521 (including Pseudowire Associated Channel Types)" registry. 523 +-------+-----------------+---------------+ 524 | Value | Description | Reference | 525 +-------+-----------------+---------------+ 526 | TBA3 | IOAM G-ACh Type | This document | 527 +-------+-----------------+---------------+ 529 Table 2: IOAM G-ACh Type 531 10. References 533 10.1. Normative References 535 [I-D.ietf-ippm-ioam-data] 536 Brockners, F., Bhandari, S., and T. Mizrahi, "Data Fields 537 for In-situ OAM", draft-ietf-ippm-ioam-data-12 (work in 538 progress), February 2021. 540 [I-D.ietf-ippm-ioam-direct-export] 541 Song, H., Gafni, B., Zhou, T., Li, Z., Brockners, F., 542 Bhandari, S., Sivakolundu, R., and T. Mizrahi, "In-situ 543 OAM Direct Exporting", draft-ietf-ippm-ioam-direct- 544 export-03 (work in progress), February 2021. 546 [I-D.ietf-ippm-ioam-flags] 547 Mizrahi, T., Brockners, F., Bhandari, S., Sivakolundu, R., 548 Pignataro, C., Kfir, A., Gafni, B., Spiegel, M., and J. 549 Lemon, "In-situ OAM Flags", draft-ietf-ippm-ioam-flags-04 550 (work in progress), February 2021. 552 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 553 Requirement Levels", BCP 14, RFC 2119, 554 DOI 10.17487/RFC2119, March 1997, 555 . 557 [RFC4385] Bryant, S., Swallow, G., Martini, L., and D. McPherson, 558 "Pseudowire Emulation Edge-to-Edge (PWE3) Control Word for 559 Use over an MPLS PSN", RFC 4385, DOI 10.17487/RFC4385, 560 February 2006, . 562 [RFC5586] Bocci, M., Ed., Vigoureux, M., Ed., and S. Bryant, Ed., 563 "MPLS Generic Associated Channel", RFC 5586, 564 DOI 10.17487/RFC5586, June 2009, 565 . 567 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 568 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 569 May 2017, . 571 10.2. Informative References 573 [RFC6790] Kompella, K., Drake, J., Amante, S., Henderickx, W., and 574 L. Yong, "The Use of Entropy Labels in MPLS Forwarding", 575 RFC 6790, DOI 10.17487/RFC6790, November 2012, 576 . 578 [RFC9017] Andersson, L., Kompella, K., and A. Farrel, "Special- 579 Purpose Label Terminology", RFC 9017, 580 DOI 10.17487/RFC9017, April 2021, 581 . 583 Acknowledgements 585 The authors would like to thank Patrick Khordoc, Sagar Soni, Shwetha 586 Bhandari, Clarence Filsfils, and Vengada Prasad Govindan for the 587 discussions on IOAM. The authors would also like to thank Tarek 588 Saad, Loa Andersson, Greg Mirsky, Stewart Bryant, Xiao Min, and Cheng 589 Li for providing many useful comments. The authors would also like 590 to thank Mach Chen, Andrew Malis, Matthew Bocci, and Nick Delregno 591 for the MPLS-RT reviews. 593 Authors' Addresses 595 Rakesh Gandhi (editor) 596 Cisco Systems, Inc. 597 Canada 599 Email: rgandhi@cisco.com 600 Zafar Ali 601 Cisco Systems, Inc. 603 Email: zali@cisco.com 605 Frank Brockners 606 Cisco Systems, Inc. 607 Hansaallee 249, 3rd Floor 608 DUESSELDORF, NORDRHEIN-WESTFALEN 40549 609 Germany 611 Email: fbrockne@cisco.com 613 Bin Wen 614 Comcast 616 Email: Bin_Wen@cable.comcast.com 618 Voitek Kozak 619 Comcast 621 Email: Voitek_Kozak@comcast.com