| draft-ietf-6man-spring-srv6-oam-10.txt | draft-ietf-6man-spring-srv6-oam-11.txt | |||
|---|---|---|---|---|
| 6man Z. Ali | 6man Z. Ali | |||
| Internet-Draft C. Filsfils | Internet-Draft C. Filsfils | |||
| Intended status: Standards Track Cisco Systems | Intended status: Standards Track Cisco Systems | |||
| Expires: October 10, 2021 S. Matsushima | Expires: December 4, 2021 S. Matsushima | |||
| Softbank | Softbank | |||
| D. Voyer | D. Voyer | |||
| Bell Canada | Bell Canada | |||
| M. Chen | M. Chen | |||
| Huawei | Huawei | |||
| April 8, 2021 | June 2, 2021 | |||
| Operations, Administration, and Maintenance (OAM) in Segment Routing | Operations, Administration, and Maintenance (OAM) in Segment Routing | |||
| Networks with IPv6 Data plane (SRv6) | Networks with IPv6 Data plane (SRv6) | |||
| draft-ietf-6man-spring-srv6-oam-10 | draft-ietf-6man-spring-srv6-oam-11 | |||
| Abstract | Abstract | |||
| This document describes how the existing IPv6 mechanisms for ping and | This document describes how the existing IPv6 mechanisms for ping and | |||
| traceroute can be used in an SRv6 network. The document also | traceroute can be used in an SRv6 network. The document also | |||
| specifies the OAM flag in the Segment Routing Header (SRH) for | specifies the OAM flag in the Segment Routing Header (SRH) for | |||
| performing controllable and predictable flow sampling from segment | performing controllable and predictable flow sampling from segment | |||
| endpoints. In addition, the document describes how a centralized | endpoints. In addition, the document describes how a centralized | |||
| monitoring system performs a path continuity check between any nodes | monitoring system performs a path continuity check between any nodes | |||
| within an SRv6 domain. | within an SRv6 domain. | |||
| skipping to change at page 1, line 43 ¶ | skipping to change at page 1, line 43 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on October 10, 2021. | This Internet-Draft will expire on December 4, 2021. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2021 IETF Trust and the persons identified as the | Copyright (c) 2021 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 7, line 26 ¶ | skipping to change at page 7, line 26 ¶ | |||
| The processing node SHOULD rate-limit the number of packets punted to | The processing node SHOULD rate-limit the number of packets punted to | |||
| the OAM process to a configurable rate. This is to avoid hitting any | the OAM process to a configurable rate. This is to avoid hitting any | |||
| performance impact on the OAM and the telemetry collection processes. | performance impact on the OAM and the telemetry collection processes. | |||
| Failure in implementing the rate limit can lead to a denial-of- | Failure in implementing the rate limit can lead to a denial-of- | |||
| service attack, as detailed in Section 5. | service attack, as detailed in Section 5. | |||
| The OAM process MUST NOT process the copy of the packet or respond to | The OAM process MUST NOT process the copy of the packet or respond to | |||
| any upper-layer header (like ICMP, UDP, etc.) payload to prevent | any upper-layer header (like ICMP, UDP, etc.) payload to prevent | |||
| multiple evaluations of the datagram. | multiple evaluations of the datagram. | |||
| Specification of the OAM process or the external controller | The OAM process is expected to be located on the routing node | |||
| operations are beyond the scope of this document. How to correlate | processing the packet. Although the specification of the OAM process | |||
| the data collected from different nodes at an external controller is | or the external controller operations are beyond the scope of this | |||
| also outside the scope of the document. Section 3 illustrates use of | document, the OAM process SHOULD NOT be topologically distant from | |||
| the O-flag for implementing a hybrid OAM mechanism, where the | the routing node, as this is likely to create significant security | |||
| "hybrid" classification is based on RFC7799 [RFC7799]. | and congestion issues. How to correlate the data collected from | |||
| different nodes at an external controller is also outside the scope | ||||
| of the document. Section 3 illustrates use of the O-flag for | ||||
| implementing a hybrid OAM mechanism, where the "hybrid" | ||||
| classification is based on RFC7799 [RFC7799]. | ||||
| 2.2. OAM Operations | 2.2. OAM Operations | |||
| IPv6 OAM operations can be performed for any SRv6 SID whose behavior | IPv6 OAM operations can be performed for any SRv6 SID whose behavior | |||
| allows Upper Layer Header processing for an applicable OAM payload | allows Upper Layer Header processing for an applicable OAM payload | |||
| (e.g., ICMP, UDP). | (e.g., ICMP, UDP). | |||
| Ping to an SRv6 SID is used to verify that the SID is reachable and | Ping to an SRv6 SID is used to verify that the SID is reachable and | |||
| is locally programmed at the target node. Traceroute to a SID is | is locally programmed at the target node. Traceroute to a SID is | |||
| used for hop-by-hop fault localization as well as path tracing to a | used for hop-by-hop fault localization as well as path tracing to a | |||
| skipping to change at page 16, line 25 ¶ | skipping to change at page 16, line 25 ¶ | |||
| o When node N3, which is a classic IPv6 node, receives the packet P1 | o When node N3, which is a classic IPv6 node, receives the packet P1 | |||
| , it performs the standard IPv6 processing. Specifically, it | , it performs the standard IPv6 processing. Specifically, it | |||
| forwards the packet P1 based on DA 2001:db8:B:4:C52:: in the IPv6 | forwards the packet P1 based on DA 2001:db8:B:4:C52:: in the IPv6 | |||
| header. | header. | |||
| o When node N4 receives the packet P1 (2001:db8:A:1::, | o When node N4 receives the packet P1 (2001:db8:A:1::, | |||
| 2001:db8:B:4:C52::) (2001:db8:B:7:DT999::, 2001:db8:B:4:C52::, | 2001:db8:B:4:C52::) (2001:db8:B:7:DT999::, 2001:db8:B:4:C52::, | |||
| 2001:db8:B:2:C31::; SL=1; O-flag=1; NH=IPv4)(IPv4 | 2001:db8:B:2:C31::; SL=1; O-flag=1; NH=IPv4)(IPv4 | |||
| header)(payload), it processes the O-flag. As part of processing | header)(payload), it processes the O-flag. As part of processing | |||
| the O-flag, it sends a timestamped copy of the packet to a local | the O-flag, it sends a timestamped copy of the packet to a local | |||
| OAM process. The local OAM process sends a full or partial copy | OAM process. Based on a local configuration, the local OAM | |||
| of the packet P1 to the controller N100. The OAM process includes | process sends a full or partial copy of the packet P1 to the | |||
| the recorded timestamp, additional OAM information like incoming | controller N100. The OAM process includes the recorded timestamp, | |||
| and outgoing interface, etc. along with any applicable metadata. | additional OAM information like incoming and outgoing interface, | |||
| Node N4 performs the standard SRv6 SID and SRH processing on the | etc. along with any applicable metadata. Node N4 performs the | |||
| original packet P1. Specifically, it executes the END.X behavior | standard SRv6 SID and SRH processing on the original packet P1. | |||
| (2001:db8:B:4:C52::) and forwards the packet P1 (2001:db8:A:1::, | Specifically, it executes the END.X behavior (2001:db8:B:4:C52::) | |||
| 2001:db8:B:7:DT999::) (2001:db8:B:7:DT999::, 2001:db8:B:4:C52::, | and forwards the packet P1 (2001:db8:A:1::, 2001:db8:B:7:DT999::) | |||
| 2001:db8:B:2:C31::; SL=0; O-flag=1; NH=IPv4)(IPv4 header)(payload) | (2001:db8:B:7:DT999::, 2001:db8:B:4:C52::, 2001:db8:B:2:C31::; | |||
| over link 10 towards Node N5. | SL=0; O-flag=1; NH=IPv4)(IPv4 header)(payload) over link 10 | |||
| towards Node N5. | ||||
| o When node N5, which is a classic IPv6 node, receives the packet | o When node N5, which is a classic IPv6 node, receives the packet | |||
| P1, it performs the standard IPv6 processing. Specifically, it | P1, it performs the standard IPv6 processing. Specifically, it | |||
| forwards the packet based on DA 2001:db8:B:7:DT999:: in the IPv6 | forwards the packet based on DA 2001:db8:B:7:DT999:: in the IPv6 | |||
| header. | header. | |||
| o When node N7 receives the packet P1 (2001:db8:A:1::, | o When node N7 receives the packet P1 (2001:db8:A:1::, | |||
| 2001:db8:B:7:DT999::) (2001:db8:B:7:DT999::, 2001:db8:B:4:C52::, | 2001:db8:B:7:DT999::) (2001:db8:B:7:DT999::, 2001:db8:B:4:C52::, | |||
| 2001:db8:B:2:C31::; SL=0; O-flag=1; NH=IPv4)(IPv4 | 2001:db8:B:2:C31::; SL=0; O-flag=1; NH=IPv4)(IPv4 | |||
| header)(payload), it processes the O-flag. As part of processing | header)(payload), it processes the O-flag. As part of processing | |||
| skipping to change at page 19, line 14 ¶ | skipping to change at page 19, line 14 ¶ | |||
| rate limiting in section 2.1.1 is not susceptible to that denial-of- | rate limiting in section 2.1.1 is not susceptible to that denial-of- | |||
| service attack. Additionally, SRH Flags are protected by the HMAC | service attack. Additionally, SRH Flags are protected by the HMAC | |||
| TLV, as described in Section 2.1.2.1 of [RFC8754]. | TLV, as described in Section 2.1.2.1 of [RFC8754]. | |||
| This document does not impose any additional security challenges to | This document does not impose any additional security challenges to | |||
| be considered beyond security threats described in [RFC4884], | be considered beyond security threats described in [RFC4884], | |||
| [RFC4443], [RFC0792], and [RFC8754]. | [RFC4443], [RFC0792], and [RFC8754]. | |||
| 6. IANA Considerations | 6. IANA Considerations | |||
| This document requests that IANA allocate the following registrations | This document requests that IANA allocate the following registration | |||
| in the "Segment Routing Header Flags" sub-registry for the "Internet | in the "Segment Routing Header Flags" sub-registry for the "Internet | |||
| Protocol Version 6 (IPv6) Parameters" registry maintained by IANA: | Protocol Version 6 (IPv6) Parameters" registry maintained by IANA: | |||
| +-------+------------------------------+---------------+ | +-------+------------------------------+---------------+ | |||
| | Bit | Description | Reference | | | Bit | Description | Reference | | |||
| +=======+==============================+===============+ | +=======+==============================+===============+ | |||
| | 2 | O-flag | This document | | | 2 | O-flag | This document | | |||
| +-------+------------------------------+---------------+ | +-------+------------------------------+---------------+ | |||
| 7. Acknowledgements | 7. Acknowledgements | |||
| skipping to change at page 21, line 11 ¶ | skipping to change at page 21, line 11 ¶ | |||
| Email: faisal.ietf@gmail.com | Email: faisal.ietf@gmail.com | |||
| 9. References | 9. References | |||
| 9.1. Normative References | 9.1. Normative References | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <https://www.rfc-editor.org/info/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
| [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | ||||
| 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | ||||
| May 2017, <https://www.rfc-editor.org/info/rfc8174>. | ||||
| [RFC8754] Filsfils, C., Ed., Dukes, D., Ed., Previdi, S., Leddy, J., | [RFC8754] Filsfils, C., Ed., Dukes, D., Ed., Previdi, S., Leddy, J., | |||
| Matsushima, S., and D. Voyer, "IPv6 Segment Routing Header | Matsushima, S., and D. Voyer, "IPv6 Segment Routing Header | |||
| (SRH)", RFC 8754, DOI 10.17487/RFC8754, March 2020, | (SRH)", RFC 8754, DOI 10.17487/RFC8754, March 2020, | |||
| <https://www.rfc-editor.org/info/rfc8754>. | <https://www.rfc-editor.org/info/rfc8754>. | |||
| [RFC8986] Filsfils, C., Ed., Camarillo, P., Ed., Leddy, J., Voyer, | ||||
| D., Matsushima, S., and Z. Li, "Segment Routing over IPv6 | ||||
| (SRv6) Network Programming", RFC 8986, | ||||
| DOI 10.17487/RFC8986, February 2021, | ||||
| <https://www.rfc-editor.org/info/rfc8986>. | ||||
| 9.2. Informative References | 9.2. Informative References | |||
| [I-D.gandhi-spring-stamp-srpm] | [I-D.gandhi-spring-stamp-srpm] | |||
| Gandhi, R., Filsfils, C., Voyer, D., Chen, M., and B. | Gandhi, R., Filsfils, C., Voyer, D., Chen, M., Janssens, | |||
| Janssens, "Performance Measurement Using Simple TWAMP | B., and R. Foote, "Performance Measurement Using Simple | |||
| (STAMP) for Segment Routing Networks", draft-gandhi- | TWAMP (STAMP) for Segment Routing Networks", draft-gandhi- | |||
| spring-stamp-srpm-04 (work in progress), January 2021. | spring-stamp-srpm-06 (work in progress), April 2021. | |||
| [I-D.ietf-ippm-ioam-data] | [I-D.ietf-ippm-ioam-data] | |||
| Brockners, F., Bhandari, S., and T. Mizrahi, "Data Fields | Brockners, F., Bhandari, S., and T. Mizrahi, "Data Fields | |||
| for In-situ OAM", draft-ietf-ippm-ioam-data-11 (work in | for In-situ OAM", draft-ietf-ippm-ioam-data-11 (work in | |||
| progress), November 2020. | progress), November 2020. | |||
| [I-D.matsushima-spring-srv6-deployment-status] | [I-D.matsushima-spring-srv6-deployment-status] | |||
| Matsushima, S., Filsfils, C., Ali, Z., Li, Z., and K. | Matsushima, S., Filsfils, C., Ali, Z., Li, Z., and K. | |||
| Rajaraman, "SRv6 Implementation and Deployment Status", | Rajaraman, "SRv6 Implementation and Deployment Status", | |||
| draft-matsushima-spring-srv6-deployment-status-10 (work in | draft-matsushima-spring-srv6-deployment-status-11 (work in | |||
| progress), December 2020. | progress), February 2021. | |||
| [RFC0792] Postel, J., "Internet Control Message Protocol", STD 5, | [RFC0792] Postel, J., "Internet Control Message Protocol", STD 5, | |||
| RFC 792, DOI 10.17487/RFC0792, September 1981, | RFC 792, DOI 10.17487/RFC0792, September 1981, | |||
| <https://www.rfc-editor.org/info/rfc792>. | <https://www.rfc-editor.org/info/rfc792>. | |||
| [RFC2328] Moy, J., "OSPF Version 2", STD 54, RFC 2328, | [RFC2328] Moy, J., "OSPF Version 2", STD 54, RFC 2328, | |||
| DOI 10.17487/RFC2328, April 1998, | DOI 10.17487/RFC2328, April 1998, | |||
| <https://www.rfc-editor.org/info/rfc2328>. | <https://www.rfc-editor.org/info/rfc2328>. | |||
| [RFC4443] Conta, A., Deering, S., and M. Gupta, Ed., "Internet | [RFC4443] Conta, A., Deering, S., and M. Gupta, Ed., "Internet | |||
| skipping to change at page 22, line 44 ¶ | skipping to change at page 23, line 5 ¶ | |||
| [RFC7799] Morton, A., "Active and Passive Metrics and Methods (with | [RFC7799] Morton, A., "Active and Passive Metrics and Methods (with | |||
| Hybrid Types In-Between)", RFC 7799, DOI 10.17487/RFC7799, | Hybrid Types In-Between)", RFC 7799, DOI 10.17487/RFC7799, | |||
| May 2016, <https://www.rfc-editor.org/info/rfc7799>. | May 2016, <https://www.rfc-editor.org/info/rfc7799>. | |||
| [RFC7880] Pignataro, C., Ward, D., Akiya, N., Bhatia, M., and S. | [RFC7880] Pignataro, C., Ward, D., Akiya, N., Bhatia, M., and S. | |||
| Pallagatti, "Seamless Bidirectional Forwarding Detection | Pallagatti, "Seamless Bidirectional Forwarding Detection | |||
| (S-BFD)", RFC 7880, DOI 10.17487/RFC7880, July 2016, | (S-BFD)", RFC 7880, DOI 10.17487/RFC7880, July 2016, | |||
| <https://www.rfc-editor.org/info/rfc7880>. | <https://www.rfc-editor.org/info/rfc7880>. | |||
| [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | ||||
| 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | ||||
| May 2017, <https://www.rfc-editor.org/info/rfc8174>. | ||||
| [RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L., | [RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L., | |||
| Decraene, B., Litkowski, S., and R. Shakir, "Segment | Decraene, B., Litkowski, S., and R. Shakir, "Segment | |||
| Routing Architecture", RFC 8402, DOI 10.17487/RFC8402, | Routing Architecture", RFC 8402, DOI 10.17487/RFC8402, | |||
| July 2018, <https://www.rfc-editor.org/info/rfc8402>. | July 2018, <https://www.rfc-editor.org/info/rfc8402>. | |||
| [RFC8403] Geib, R., Ed., Filsfils, C., Pignataro, C., Ed., and N. | [RFC8403] Geib, R., Ed., Filsfils, C., Pignataro, C., Ed., and N. | |||
| Kumar, "A Scalable and Topology-Aware MPLS Data-Plane | Kumar, "A Scalable and Topology-Aware MPLS Data-Plane | |||
| Monitoring System", RFC 8403, DOI 10.17487/RFC8403, July | Monitoring System", RFC 8403, DOI 10.17487/RFC8403, July | |||
| 2018, <https://www.rfc-editor.org/info/rfc8403>. | 2018, <https://www.rfc-editor.org/info/rfc8403>. | |||
| [RFC8571] Ginsberg, L., Ed., Previdi, S., Wu, Q., Tantsura, J., and | [RFC8571] Ginsberg, L., Ed., Previdi, S., Wu, Q., Tantsura, J., and | |||
| C. Filsfils, "BGP - Link State (BGP-LS) Advertisement of | C. Filsfils, "BGP - Link State (BGP-LS) Advertisement of | |||
| IGP Traffic Engineering Performance Metric Extensions", | IGP Traffic Engineering Performance Metric Extensions", | |||
| RFC 8571, DOI 10.17487/RFC8571, March 2019, | RFC 8571, DOI 10.17487/RFC8571, March 2019, | |||
| <https://www.rfc-editor.org/info/rfc8571>. | <https://www.rfc-editor.org/info/rfc8571>. | |||
| [RFC8986] Filsfils, C., Ed., Camarillo, P., Ed., Leddy, J., Voyer, | ||||
| D., Matsushima, S., and Z. Li, "Segment Routing over IPv6 | ||||
| (SRv6) Network Programming", RFC 8986, | ||||
| DOI 10.17487/RFC8986, February 2021, | ||||
| <https://www.rfc-editor.org/info/rfc8986>. | ||||
| Authors' Addresses | Authors' Addresses | |||
| Zafar Ali | Zafar Ali | |||
| Cisco Systems | Cisco Systems | |||
| Email: zali@cisco.com | Email: zali@cisco.com | |||
| Clarence Filsfils | Clarence Filsfils | |||
| Cisco Systems | Cisco Systems | |||
| End of changes. 13 change blocks. | ||||
| 37 lines changed or deleted | 42 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||