idnits 2.17.1 draft-ietf-mpls-inband-pm-encapsulation-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (1 July 2022) is 664 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-03) exists of draft-ietf-ippm-rfc8321bis-02 == Outdated reference: A later version (-11) exists of draft-ietf-ippm-ioam-direct-export-09 == Outdated reference: A later version (-04) exists of draft-ietf-mpls-sfl-control-02 == Outdated reference: A later version (-04) exists of draft-xzc-lsr-mpls-flc-frld-00 Summary: 0 errors (**), 0 flaws (~~), 5 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 MPLS Working Group W. Cheng 3 Internet-Draft China Mobile 4 Intended status: Standards Track X. Min, Ed. 5 Expires: 2 January 2023 ZTE Corp. 6 T. Zhou 7 Huawei 8 X. Dong 9 FiberHome 10 Y. Peleg 11 Broadcom 12 1 July 2022 14 Encapsulation For MPLS Performance Measurement with Alternate Marking 15 Method 16 draft-ietf-mpls-inband-pm-encapsulation-03 18 Abstract 20 This document defines the encapsulation for MPLS performance 21 measurement with alternate marking method, which performs flow-based 22 packet loss, delay, and jitter measurements on live traffic. 24 Status of This Memo 26 This Internet-Draft is submitted in full conformance with the 27 provisions of BCP 78 and BCP 79. 29 Internet-Drafts are working documents of the Internet Engineering 30 Task Force (IETF). Note that other groups may also distribute 31 working documents as Internet-Drafts. The list of current Internet- 32 Drafts is at https://datatracker.ietf.org/drafts/current/. 34 Internet-Drafts are draft documents valid for a maximum of six months 35 and may be updated, replaced, or obsoleted by other documents at any 36 time. It is inappropriate to use Internet-Drafts as reference 37 material or to cite them other than as "work in progress." 39 This Internet-Draft will expire on 2 January 2023. 41 Copyright Notice 43 Copyright (c) 2022 IETF Trust and the persons identified as the 44 document authors. All rights reserved. 46 This document is subject to BCP 78 and the IETF Trust's Legal 47 Provisions Relating to IETF Documents (https://trustee.ietf.org/ 48 license-info) in effect on the date of publication of this document. 49 Please review these documents carefully, as they describe your rights 50 and restrictions with respect to this document. Code Components 51 extracted from this document must include Revised BSD License text as 52 described in Section 4.e of the Trust Legal Provisions and are 53 provided without warranty as described in the Revised BSD License. 55 Table of Contents 57 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 58 1.1. Conventions Used in This Document . . . . . . . . . . . . 3 59 1.1.1. Abbreviations . . . . . . . . . . . . . . . . . . . . 3 60 1.1.2. Requirements Language . . . . . . . . . . . . . . . . 4 61 2. Flow-based PM Encapsulation in MPLS . . . . . . . . . . . . . 4 62 2.1. Examples for Applying Flow-ID Label in a label stack . . 5 63 3. Procedures of Encapsulation, Look-up and Decapsulation . . . 8 64 4. Procedures of Flow-ID allocation . . . . . . . . . . . . . . 9 65 5. FLC and FRLD Considerations . . . . . . . . . . . . . . . . . 10 66 6. Equal-Cost Multipath Considerations . . . . . . . . . . . . . 10 67 7. Security Considerations . . . . . . . . . . . . . . . . . . . 11 68 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 69 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 11 70 10. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 12 71 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 12 72 11.1. Normative References . . . . . . . . . . . . . . . . . . 12 73 11.2. Informative References . . . . . . . . . . . . . . . . . 12 74 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 14 76 1. Introduction 78 [I-D.ietf-ippm-rfc8321bis] describes a performance measurement 79 method, which can be used to measure packet loss, delay, and jitter 80 on live traffic. Since this method is based on marking consecutive 81 batches of packets, the method is often referred to as Alternate 82 Marking Method. [RFC8372] discusses the desired capabilities for 83 MPLS flow identification, in order to perform a better in-band 84 performance monitoring of user data packets. 86 This document defines the encapsulation for MPLS performance 87 measurement with alternate marking method, which performs flow-based 88 packet loss, delay, and jitter measurements on live traffic. The 89 encapsulation defined in this document supports monitoring at 90 intermediate nodes, as well as flow identification at both transport 91 and service layers. 93 This document employs a method, other than Synonymous Flow Label 94 (SFL), to accomplish MPLS flow identification. The method described 95 in this document is complementary to the SFL method [RFC8957] 96 [I-D.ietf-mpls-sfl-control], the former mainly aims at hop-by-hop 97 performance measurement, and the latter mainly aims at edge-to-edge 98 performance measurement. Different sets of flows may use different 99 methods. 101 The method described in this document is also complementary to the 102 In-situ OAM method [RFC9197] [I-D.ietf-ippm-ioam-direct-export], the 103 former doesn't introduce any new header whereas the latter introduces 104 a new In-situ OAM header, furthermore, the former requests the 105 network nodes to report the data used for performance measurement, 106 and the latter requests the network nodes to report the data used for 107 operational and telemetry information collection. One set of flows 108 may use both of the two methods concurrently. 110 1.1. Conventions Used in This Document 112 1.1.1. Abbreviations 114 ACL: Access Control List 116 bSPL: Base Special Purpose Label 118 ECMP: Equal-Cost Multipath 120 ELC: Entropy Label Capability 122 ERLD: Entropy Readable Label Depth 124 FLC: Flow-ID Label Capability 126 FLI: Flow-ID Label Indicator 128 FRLD: Flow-ID Readable Label Depth 130 LSP: Label Switched Path 132 MPLS: Multi-Protocol Label Switching 134 NMS: Network Management System 136 PHP: Penultimate Hop Popping 138 PM: Performance Measurement 140 PW: PseudoWire 142 SFL: Synonymous Flow Label 144 SID: Segment ID 145 SR: Segment Routing 147 TC: Traffic Class 149 TTL: Time to Live 151 VC: Virtual Channel 153 VPN: Virtual Private Network 155 1.1.2. Requirements Language 157 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 158 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 159 "OPTIONAL" in this document are to be interpreted as described in BCP 160 14 [RFC2119] [RFC8174] when, and only when, they appear in all 161 capitals, as shown here. 163 2. Flow-based PM Encapsulation in MPLS 165 Flow-based MPLS performance measurement encapsulation with alternate 166 marking method has the following format: 168 0 1 2 3 169 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 170 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 171 | Flow-ID Label Indicator (TBA1) | TC |S| TTL | 172 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 173 | Flow-ID Label |L|D|T|S| TTL | 174 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 176 Figure 1: Flow-based PM Encapsulation in MPLS 178 Flow-ID Label Indicator (FLI) is a Base Special Purpose Label (bSPL) 179 as defined in [RFC9017]. The FLI is defined in this document as 180 value TBA1. 182 Traffic Class (TC) and Time to Live (TTL) for the FLI SHOULD follow 183 the same field values of that label immediately preceding the FLI. 185 Flow-ID label is used as MPLS flow identification [RFC8372], its 186 value MUST be unique within the administrative domain. Flow-ID 187 values can be allocated by an external NMS/controller, based on 188 measurement object instance such as LSP or PW. There is a one-to-one 189 mapping between Flow-ID and flow. The specific method on how to 190 allocate the Flow-ID values is described in Section 4. 192 Flow-ID label can be placed at either the bottom or the middle of the 193 MPLS label stack, and the Flow-ID label MAY appear multiple times in 194 a label stack. Section 2.1 of this document provides several 195 examples to illustrate how to apply Flow-ID label in a label stack. 196 TTL for the Flow-ID label MUST be zero to ensure that it is not used 197 inadvertently for forwarding. S bit for the Flow-ID Label depends on 198 whether the Flow-ID label is placed at the bottom of the MPLS label 199 stack. 201 Besides flow identification, a color-marking field is also necessary 202 for alternate marking method. To achieve the purpose of coloring the 203 MPLS traffic, as well as the distinction between hop-by-hop 204 measurement and edge-to-edge measurement, TC for the Flow-ID label is 205 defined as follows: 207 * L(oss) bit is used for coloring the MPLS packets for loss 208 measurement. 210 * D(elay) bit is used for coloring the MPLS packets for delay/jitter 211 measurement. 213 * T(ype) bit is used to indicate the measurement type. When T bit 214 is set to 1, it means edge-to-edge performance measurement. When 215 T bit is set to 0, it means hop-by-hop performance measurement. 217 2.1. Examples for Applying Flow-ID Label in a label stack 219 Three examples on different layout of Flow-ID label (4 octets) are 220 illustrated as follows: 222 (1) Layout of Flow-ID label when applied to MPLS transport. 224 +----------------------+ 225 | LSP | 226 | Label | 227 +----------------------+ 228 | Flow-ID Label | 229 | Indicator | <= bSPL 230 +----------------------+ 231 | Flow-ID | 232 | Label | 233 +----------------------+ 234 | Application | 235 | Label | 236 +----------------------+ <= Bottom of stack 237 | | 238 | Payload | 239 | | 240 +----------------------+ 242 Figure 2: Applying Flow-ID to MPLS transport 244 Note that here if penultimate hop popping (PHP) is in use, the PHP 245 LSR that recognizes the bSPL MAY choose not to pop the bSPL and the 246 following Flow-ID label, otherwise the egress LSR would be excluded 247 from the performance measurement. 249 Also note that in other examples of applying Flow-ID to MPLS 250 transport, one LSP label can be substituted by multiple SID labels in 251 the case of using SR Policy, and the combination of bSPL and Flow-ID 252 label can be placed between SID labels, as specified in Section 5. 254 (2) Layout of Flow-ID label when applied to MPLS service. 256 +----------------------+ 257 | LSP | 258 | Label | 259 +----------------------+ 260 | Application | 261 | Label | 262 +----------------------+ 263 | Flow-ID Label | 264 | Indicator | <= bSPL 265 +----------------------+ 266 | Flow-ID | 267 | Label | 268 +----------------------+ <= Bottom of stack 269 | | 270 | Payload | 271 | | 272 +----------------------+ 274 Figure 3: Applying Flow-ID to MPLS service 276 Note that here application label can be MPLS PW label, MPLS Ethernet 277 VPN label or MPLS IP VPN label, and it's also called VC label as 278 defined in [RFC4026]. 280 (3) Layout of Flow-ID label when applied to both MPLS transport and 281 MPLS service. 283 +----------------------+ 284 | LSP | 285 | Label | 286 +----------------------+ 287 | Flow-ID Label | 288 | Indicator | <= bSPL 289 +----------------------+ 290 | Flow-ID | 291 | Label | 292 +----------------------+ 293 | Application | 294 | Label | 295 +----------------------+ 296 | Flow-ID Label | 297 | Indicator | <= bSPL 298 +----------------------+ 299 | Flow-ID | 300 | Label | 301 +----------------------+ <= Bottom of stack 302 | | 303 | Payload | 304 | | 305 +----------------------+ 307 Figure 4: Applying Flow-ID to both MPLS transport and MPLS service 309 Note that for this example the two Flow-ID values appearing in a 310 label stack MUST be different, that is to say, Flow-ID label applied 311 to MPLS transport and Flow-ID label applied to MPLS service share the 312 same value space. Also note that the two Flow-ID label values are 313 independent from each other, e.g., two packets can belong to the same 314 VPN flow but different LSP flows, or two packets can belong to two 315 different VPN flows but the same LSP flow. 317 3. Procedures of Encapsulation, Look-up and Decapsulation 319 The procedures for Flow-ID label encapsulation, look-up and 320 decapsulation are summarized as follows: 322 * The ingress node inserts the Flow-ID Label Indicator and the Flow- 323 ID label into the MPLS label stack. At the same time, the ingress 324 node sets the Flow-ID value, two color-marking bits and the T bit, 325 as defined in this document. 327 * If the hop-by-hop measurement is applied, i.e., the T bit is set 328 to 0, then whether the transit node or the egress node is the 329 processing node. If the edge-to-edge measurement is applied, 330 i.e., the T bit is set to 1, then only the egress node is the 331 processing node. The processing node looks up the Flow-ID label 332 with the help of the Flow-ID Label Indicator, and exports the 333 collected data, such as the Flow-ID, block counters and 334 timestamps, to an external NMS/controller, referring to the 335 alternate marking method. Note that while looking up the Flow-ID 336 label, the transit node needs to perform some deep packet 337 inspection beyond the label (at the top of the label stack) used 338 to take forwarding decisions. 340 * The processing node may also pop the Flow-ID Label Indicator and 341 the Flow-ID label from the MPLS label stack. The egress node pops 342 the whole MPLS label stack, and this document doesn't introduce 343 any new process to the decapsulated packet. 345 4. Procedures of Flow-ID allocation 347 There are two ways of allocating Flow-ID, one way is to allocate 348 Flow-ID by manual trigger from the network operator, and the other 349 way is to allocate Flow-ID by automatic trigger from the ingress 350 node, details are as follows: 352 * In the case of manual trigger, the network operator would manually 353 input the characteristics (e.g. IP five tuples and IP DSCP) of 354 the measured flow, then the NMS/controller would generate one or 355 two Flow-IDs based on the input from the network operator, and 356 provision the ingress node with the characteristics of the 357 measured flow and the corresponding allocated Flow-ID(s). 359 * In the case of automatic trigger, the ingress node would identify 360 the flow entering the measured path, export the characteristics of 361 the identified flow to the NMS/controller by IPFIX [RFC7011], then 362 the NMS/controller would generate one or two Flow-IDs based on the 363 characteristics exported from the ingress node, and provision the 364 ingress node with the characteristics of the identified flow and 365 the corresponding allocated Flow-ID(s). 367 The policy pre-configured at the NMS/controller decides whether one 368 Flow-ID or two Flow-IDs would be generated. If the performance 369 measurement on MPLS service is enabled, then one Flow-ID applied to 370 MPLS service would be generated; If the performance measurement on 371 MPLS transport is enabled, then one Flow-ID applied to MPLS transport 372 would be generated; If both of them are enabled, then two Flow-IDs 373 respectively applied to MPLS service and MPLS transport would be 374 generated, in this case the transit node needs to look up both of the 375 two Flow-IDs by default, and that can be changed by configuration to, 376 e.g., look up only the Flow-ID applied to MPLS transport. 378 Whether using manual trigger or automatic trigger, the NMS/controller 379 MUST guarantee every generated Flow-ID is unique within the 380 administrative domain. 382 5. FLC and FRLD Considerations 384 Analogous to the Entropy Label Capability (ELC) defined in Section 5 385 of [RFC6790] and the Entropy Readable Label Depth (ERLD) defined in 386 Section 4 of [RFC8662], the Flow-ID Label Capability (FLC) and the 387 Flow-ID Readable Label Depth (FRLD) are defined in this document. 388 Both FLC and FRLD have the similar semantics with ELC and ERLD to a 389 router, except that the Flow-ID is used in its flow identification 390 function while the Entropy is used in its load-balancing function. 392 The ingress node MUST insert each Flow-ID label at an appropriate 393 depth, which ensures the node to which the Flow-ID label is exposed 394 has the FLC. The ingress node SHOULD insert each Flow-ID label 395 within an appropriate FRLD, which is the minimum FRLD of all on-path 396 nodes that need to read and use the Flow-ID label in question. How 397 the ingress node knows the FLC and FRLD of all on-path nodes is 398 outside the scope of this document, whereas 399 [I-D.xzc-lsr-mpls-flc-frld] provides a method to achieve that. 401 When SR paths are used as transport, the label stack grows as the 402 number of on-path segments increases, if the number of on-path 403 segments is high, that may become a challenge for the Flow-ID label 404 to be placed within an appropriate FRLD. In order to overcome this 405 potential challenge, an implementation MAY provide flexibility to the 406 ingress node to place Flow-ID label between SID labels, i.e., 407 multiple identical Flow-ID labels at different depths MAY be 408 interleaved with SID labels, when that happens a sophisticated 409 network planning may be needed and it's beyond the scope of this 410 document. 412 6. Equal-Cost Multipath Considerations 414 Analogous to what's described in Section 5 of [RFC8957], under 415 conditions of Equal-Cost Multipath (ECMP), the introduction of Flow- 416 ID label may lead to the same problem as caused by SFL, and the two 417 solutions proposed for SFL would also apply here. 419 7. Security Considerations 421 This document introduces the performance measurement domain that is 422 the scope of a Flow-ID label. The Flow-ID Label Indicator and Flow- 423 ID label MUST NOT be signaled and distributed outside one performance 424 measurement domain. Improper configuration so that the Flow-ID label 425 being passed from one domain to another would likely result in 426 potential Flow-ID conflicts. 428 To prevent packets carrying Flow-ID label from leaking from one 429 domain to another, the domain boundary nodes SHOULD deploy some 430 policies (e.g., ACL) to filter out the packets. Specifically, in the 431 sending edge, the domain boundary node SHOULD filter out the packets 432 that carry the Flow-ID Label Indicator and are sent to other domain; 433 in the receiving edge, the domain boundary node SHOULD drop the 434 packets that carry the Flow-ID Label Indicator and are from other 435 domains. 437 8. IANA Considerations 439 In the Special-Purpose MPLS Label Values registry, a new Base 440 Special-Purpose MPLS Label Value for Flow-ID Label Indicator is 441 requested from IANA as follows: 443 +======================+===============+============+===========+ 444 | Base Special-Purpose | Description | Semantics | Reference | 445 | MPLS Label Value | | Definition | | 446 +======================+===============+============+===========+ 447 | TBA1 (12 is | Flow-ID Label | Section 2 | This | 448 | recommended) | Indicator | | Document | 449 +----------------------+---------------+------------+-----------+ 451 Table 1: New Base Special-Purpose MPLS Label Value for Flow- 452 ID Label Indicator 454 9. Acknowledgements 456 The authors would like to acknowledge Loa Andersson, Tarek Saad, 457 Stewart Bryant, Rakesh Gandhi, Greg Mirsky, Aihua Liu, Shuangping 458 Zhan and Ming Ke for their careful review and very helpful comments. 460 The authors would like to acknowledge Italo Busi and Chandrasekar 461 Ramachandran for their insightful MPLS-RT review and very helpful 462 comments. 464 10. Contributors 466 Minxue Wang 467 China Mobile 468 Email: wangminxue@chinamobile.com 470 Wen Ye 471 China Mobile 472 Email: yewen@chinamobile.com 474 11. References 476 11.1. Normative References 478 [I-D.ietf-ippm-rfc8321bis] 479 Fioccola, G., Cociglio, M., Mirsky, G., Mizrahi, T., and 480 T. Zhou, "Alternate-Marking Method", Work in Progress, 481 Internet-Draft, draft-ietf-ippm-rfc8321bis-02, 7 June 482 2022, . 485 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 486 Requirement Levels", BCP 14, RFC 2119, 487 DOI 10.17487/RFC2119, March 1997, 488 . 490 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 491 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 492 May 2017, . 494 11.2. Informative References 496 [I-D.ietf-ippm-ioam-direct-export] 497 Song, H., Gafni, B., Brockners, F., Bhandari, S., and T. 498 Mizrahi, "In-situ OAM Direct Exporting", Work in Progress, 499 Internet-Draft, draft-ietf-ippm-ioam-direct-export-09, 15 500 June 2022, . 503 [I-D.ietf-mpls-sfl-control] 504 Bryant, S., Swallow, G., and S. Sivabalan, "A Simple 505 Control Protocol for MPLS SFLs", Work in Progress, 506 Internet-Draft, draft-ietf-mpls-sfl-control-02, 21 January 507 2022, . 510 [I-D.xzc-lsr-mpls-flc-frld] 511 Min, X., Zhang, Z., and W. Cheng, "Signaling Flow-ID Label 512 Capability and Flow-ID Readable Label Depth", Work in 513 Progress, Internet-Draft, draft-xzc-lsr-mpls-flc-frld-00, 514 15 February 2022, . 517 [RFC4026] Andersson, L. and T. Madsen, "Provider Provisioned Virtual 518 Private Network (VPN) Terminology", RFC 4026, 519 DOI 10.17487/RFC4026, March 2005, 520 . 522 [RFC6790] Kompella, K., Drake, J., Amante, S., Henderickx, W., and 523 L. Yong, "The Use of Entropy Labels in MPLS Forwarding", 524 RFC 6790, DOI 10.17487/RFC6790, November 2012, 525 . 527 [RFC7011] Claise, B., Ed., Trammell, B., Ed., and P. Aitken, 528 "Specification of the IP Flow Information Export (IPFIX) 529 Protocol for the Exchange of Flow Information", STD 77, 530 RFC 7011, DOI 10.17487/RFC7011, September 2013, 531 . 533 [RFC8372] Bryant, S., Pignataro, C., Chen, M., Li, Z., and G. 534 Mirsky, "MPLS Flow Identification Considerations", 535 RFC 8372, DOI 10.17487/RFC8372, May 2018, 536 . 538 [RFC8662] Kini, S., Kompella, K., Sivabalan, S., Litkowski, S., 539 Shakir, R., and J. Tantsura, "Entropy Label for Source 540 Packet Routing in Networking (SPRING) Tunnels", RFC 8662, 541 DOI 10.17487/RFC8662, December 2019, 542 . 544 [RFC8957] Bryant, S., Chen, M., Swallow, G., Sivabalan, S., and G. 545 Mirsky, "Synonymous Flow Label Framework", RFC 8957, 546 DOI 10.17487/RFC8957, January 2021, 547 . 549 [RFC9017] Andersson, L., Kompella, K., and A. Farrel, "Special- 550 Purpose Label Terminology", RFC 9017, 551 DOI 10.17487/RFC9017, April 2021, 552 . 554 [RFC9197] Brockners, F., Ed., Bhandari, S., Ed., and T. Mizrahi, 555 Ed., "Data Fields for In Situ Operations, Administration, 556 and Maintenance (IOAM)", RFC 9197, DOI 10.17487/RFC9197, 557 May 2022, . 559 Authors' Addresses 561 Weiqiang Cheng 562 China Mobile 563 Beijing 564 China 565 Email: chengweiqiang@chinamobile.com 567 Xiao Min (editor) 568 ZTE Corp. 569 Nanjing 570 China 571 Email: xiao.min2@zte.com.cn 573 Tianran Zhou 574 Huawei 575 Beijing 576 China 577 Email: zhoutianran@huawei.com 579 Ximing Dong 580 FiberHome 581 Wuhan 582 China 583 Email: dxm@fiberhome.com 585 Yoav Peleg 586 Broadcom 587 United States of America 588 Email: yoav.peleg@broadcom.com