MPLS-TP OAM Primer
draft-sprecher-mpls-tp-oam-primer-00.txt

Abstract

This document provides basic information on the existing MPLS Operations, Administration, and Maintenance (OAM) toolset and analyzes these tools relative to the set of requirements for OAM for the Transport Profile of MPLS(MPLS-TP) as defined in [MPLS‑TP OAM Reqs] (Vigoureux, M., Betts, M., and D. Ward, “Requirements for OAM in MPLS Transport Networks,” April 2009.). On this basis the document tries to highlight features that need to be extended in order to deliver the higher-quality OAM required for transport applications.

Status of this Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at http://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work in progress.”

This Internet-Draft will expire on January 6, 2011.

Copyright Notice

Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved.

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.

This document may contain material from IETF Documents or IETF Contributions published or made publicly available before November 10, 2008. The person(s) controlling the copyright in some of this material may not have granted the IETF Trust the right to allow modifications of such material outside the IETF Standards Process. Without obtaining an adequate license from the person(s) controlling the copyright in such materials, this document may not be modified outside the IETF Standards Process, and derivative works of it may not be created outside the IETF Standards Process, except to format it for publication as an RFC or to translate it into languages other than English.

Table of Contents

1.  Introduction
    1.1.  Scope
    1.2.  Organization of the document
    1.3.  Acronyms
    1.4.  Contributing Authors
2.  Pre-existing OAM tools
    2.1.  LSP Ping
    2.2.  MPLS BFD
    2.3.  PW VCCV
    2.4.  IETF Performance Measurement
3.  MPLS-TP OAM Functionality
    3.1.  Basic OAM functionality
    3.2.  Fault detection functionality
        3.2.1.  Continuity Check and Connectivity Verification
        3.2.2.  Remote Defect Indication
        3.2.3.  Route Tracing
        3.2.4.  Alarm Reporting
        3.2.5.  Client Failure Indication
    3.3.  Performance Measurement Functionality
        3.3.1.  Packet Loss Measurement
        3.3.2.  Packet Delay Measurement
4.  Enhancing the existing toolset for MPLS-TP
    4.1.  Gap Analysis
        4.1.1.  OAM Infrastructure
    4.2.  BFD enhancements
    4.3.  LSP Ping enhancements
    4.4.  Performance Measurement enhancements
5.  IANA Considerations
6.  Security Considerations
7.  Acknowledgements
8.  Informative References
§  Authors' Addresses

1.  Introduction

1.1.  Scope

OAM (Operations, Administration, and Maintenance) plays a significant role in carrier networks, providing methods for fault management and performance monitoring in both the transport and the service layers in order to improve their ability to support services with guaranteed and strict Service Level Agreements (SLAs) while reducing their operational costs.

[MPLS‑TP Reqs] (Niven-Jenkins, B., Nadeau, T., and C. Pignataro, “Requirements for the Trasport Profile of MPLS,” April 2009.) in general, and [MPLS‑TP OAM Reqs] (Vigoureux, M., Betts, M., and D. Ward, “Requirements for OAM in MPLS Transport Networks,” April 2009.) in particular define a set of requirements for OAM functionality in MPLS-Transport Profile (MPLS-TP) for MPLS-TP Label Switched Paths (LSPs) (network infrastructure), Pseudowires (PWs) (services), and MPLS-TP Sections.

The purpose of this document is to evaluate whether existing OAM tools defined for MPLS can be used to meet the requirements, identify possible extensions to the tools to comply with the requirements. The existing tools that are evaluated include LSP Ping (defined in [LSP Ping] (Kompella, K. and G. Swallow, “Detecting Multi-Protocol Label Switched (MPLS) Data Plane Failures,” February 2006.)), MPLS Bi-directional Forwarding Detection (BFD) (defined in [BASE BFD] (Katz, D. and D. Ward, “Bidirectional Forwarding Detection,” February 2009.)), Virtual Circuit Connectivity Verification (VCCV) (defined in [PW VCCV] (Nadeau, T. and C. Pignataro, “Pseudowire Virtual Circuit Connectivity Verification (VCCV): A Control Channel for Pseudowires,” December 2007.) and [VCCV BFD] (Nadeau, T. and C. Pignataro, “Bidirectional Forwarding Detection (BFD) for the Pseudowire Virtual Circuit Connectivity Verification (VCCV),” February 2008.)), and IETF performance measurement tools defined in [RFC4656] (Shalunov, S., Teitelbaum, B., Karp, A., Boote, J., and M. Zekauskas, “A One-way Active Measurement Protocol,” September 2006.) and [RFC5357] (Hedayat, K., Krzanowski, R., Morton, A., Yum, K., and J. Babiarz, “A Two-Way Active Measurement Protocol,” Oct 2008.).

1.2.  Organization of the document

Section 2 provides an overview of the existing MPLS/IETF tools.

Section 3 highlights the requirements for enhanced OAM functionality for the transport environment.

Section 4 identifies the enhancements to the existing OAM tools that are needed to address the additional requirements.

1.3.  Acronyms

This draft uses the following acronyms:

1.4.  Contributing Authors

Yaakov Stein (Rad), Annamaria Fulignoli (Ericsson), Italo Busi (Alcatel Lucent)

2.  Pre-existing OAM tools

2.1.  LSP Ping

LSP Ping is a variation of ICMP Ping and traceroute [ICMP] (Postel, J., “Internet Control Message Protocol,” Sept 1981.) adapted to the needs of MPLS LSP. Forwarding, of the LSP Ping packets, is based upon the LSP Label and label stack, in order to guarantee that the echo messages are switched in-band (i.e. over the same data route) of the LSP. However, it should be noted that the messages are transmitted using IP/UDP encapsulation and IP addresses in the 127/8 (loopback) range. The use of the loopback range guarantees that the LSP Ping messages will be terminated, by a loss of connectivity or inability to continue on the path, without being transmitted beyond the LSP. For a bi-directional LSP (either associated or co-routed) the return message of the LSP Ping could be sent on the return LSP. For unidirectional LSPs and in some case for bi-directional LSPs, the return message may be sent using IP forwarding to the IP address of the LSP ingress node.

LSP Ping extends the basic ICMP Ping operation (of data-plane connectivity and continuity check) with functionality to verify data-plane vs. control-plane consistency for a Forwarding Equivalence Class (FEC) and also Maximum Transmission Unit (MTU) problems. The traceroute functionality may be used to isolate and localize the MPLS faults, using the Time-to-live (TTL) indicator to incrementally identify the sub-path of the LSP that is successfully traversed before the faulty link or node.

As mentioned above, LSP Ping requires the presence of the MPLS control plane when verifying the consistency of the data-plane against the control-plane. However, LSP Ping is not dependent on the MPLS control-plane for its operation, i.e. even though the propagation of the LSP label may be performed over the control-plane via the Label Distribution Protocol (LDP).

It should be noted that LSP Ping does support unique identification of the LSP within an addressing domain. The identification is checked using the full FEC identification. LSP Ping is easily extensible to include additional information needed to support new functionality, by use of Type-Length-Value (TLV) constructs.

LSP Ping can be activated both in on-demand and pro-active (asynchronous) modes, as defined in [MPLS‑TP OAM Reqs] (Vigoureux, M., Betts, M., and D. Ward, “Requirements for OAM in MPLS Transport Networks,” April 2009.).

[P2MP LSP Ping] (Nadeau, T. and A. Farrel, “Detecting Data Plane Failures in Point-to-Multipoint Multiprotocol Label Switching (MPLS) - Extensions to LSP Ping,” June 2008.) clarifies the applicability of LSP Ping to MPLS P2MP LSPs, and extends the techniques and mechanisms of LSP Ping to the MPLS P2MP environment.

[MPLS LSP Ping] (Bahadur, N. and K. Kompella, “Mechanism for performing LSP-Ping over MPLS tunnels,” June 2008.) extends LSP Ping to operate over MPLS tunnels or for a stitched LSP.

As pointed out above, TTL exhaust is the method used to terminate flows at intermediate LSRs. This is used as part of the traceroute of a path and to locate a problem that was discovered previously.

Some of the drawbacks identified with LSP Ping include - LSP Ping is considered to be computational intensive as pointed out in [MPLS BFD] (Aggarwal, R., Kompella, K., Nadeau, T., and G. Swallow, “BFD For MPLS LSPs,” June 2008.). The applicability for a pro-active mode of operation is analyzed in the sections below. Use of the loopback address range (to protect against leakage outside the LSP) assumes that all of the intermediate nodes support some IP functionality. Note that ECMP is not supported in MPLS-TP, therefore its implication on OAM capabilities is not analyzed in this document.

2.2.  MPLS BFD

BFD (Bidirectional Forwarding Detection) [BASE BFD] (Katz, D. and D. Ward, “Bidirectional Forwarding Detection,” February 2009.) is a mechanism that is defined for fast fault detection for point-to-point connections. BFD defines a simple packet that may be transmitted over any protocol, dependent on the application that is employing the mechanism. BFD is dependent upon creation of a session that is agreed upon by both ends of the link (which may be a single link, LSP, etc.) that is being checked. The session is assigned a separate identifier by each end of the path being monitored. This session identifier is by nature only unique within the context of node that assigned it. As part of the session creation, the end-points negotiate an agreed transmission rate for the BFD packets. BFD supports an echo function to check the continuity, and verify the reachability of the desired destination. BFD does not support neither a discovery mechanism nor a traceroute capability for fault localization, these must be provided by use of other mechanisms. The BFD packets support authentication between the routers being checked.

BFD can be used in pro-active (asynchronous) and on-demand modes, as defined in [MPLS‑TP OAM Reqs] (Vigoureux, M., Betts, M., and D. Ward, “Requirements for OAM in MPLS Transport Networks,” April 2009.), of operation.

[MPLS BFD] (Aggarwal, R., Kompella, K., Nadeau, T., and G. Swallow, “BFD For MPLS LSPs,” June 2008.) defines the use of BFD for P2P LSP end-points and is used to verify data-plane continuity. It uses a simple hello protocol which can be easily implemented in hardware. The end-points of the LSP exchange hello packets at negotiated regular intervals and an end-point is declared down when expected hello packets do not show up. Failures in each direction can be monitored independently using the same BFD session. The use of the BFD echo function and on-demand activation are outside the scope of the MPLS BFD specification.

The BFD session mechanism requires an additional (external) mechanism to bootstrap and bind the session to a particular LSP or FEC. LSP Ping is designated by [MPLS BFD] (Aggarwal, R., Kompella, K., Nadeau, T., and G. Swallow, “BFD For MPLS LSPs,” June 2008.) as the bootstrap mechanism for the BFD session in an MPLS environment. The implication is that the session establishment BFD messages for MPLS are transmitted using a IP/UDP encapsulation.

In order to be able to identify certain extreme cases of mis-connectivity, it is necessary that each managed connection have its own unique identifiers. BFD uses Discriminator values to identify the connection being verified, at both ends of the path. These discriminator values are set by each end-node to be unique only in the context of that node. This limited scope of uniqueness would not identify a misconnection of crossing paths that could assign the same discriminators to the different sessions.

2.3.  PW VCCV

[PW VCCV] (Nadeau, T. and C. Pignataro, “Pseudowire Virtual Circuit Connectivity Verification (VCCV): A Control Channel for Pseudowires,” December 2007.) provides end-to-end fault detection and diagnostics for PWs (regardless of the underlying tunneling technology). The VCCV switching function provides a control channel associated with each PW (based on the PW Associated Channel Header (ACH) which is defined in [PW ACH] (Bryant, S., Swallow, G., Martini, L., and D. McPherson, “Pseudowire Emulation Edge-to-Edge (PWE3) Control Word for Use over an MPLS PSN,” February 2006.)), and allows sending OAM packets in-band with PW data (using CC Type 1: In-band VCCV)

VCCV currently supports the following OAM mechanisms: ICMP Ping, LSP Ping, and BFD. ICMP and LSP Ping are IP encapsulated before being sent over the PW ACH. BFD for VCCV supports two modes of encapsulation - either IP/UDP encapsulated (with IP/UDP header) or PW-ACH encapsulated (with no IP/UDP header) and provides support to signal the AC status. The use of the VCCV control channel provides the context, based on the MPLS-PW label, required to bind and bootstrap the BFD session to a particular pseudo wire (FEC), eliminating the need to exchange Discriminator values.

VCCV consists of two components: (1) signaled component to communicate VCCV capabilities as part of VC label, and (2) switching component to cause the PW payload to be treated as a control packet.

VCCV is not directly dependent upon the presence of a control plane. The VCCV capability negotiation may be performed as part of the PW signaling when LDP is used. In case of manual configuration of the PW, it is the responsibility of the operator to set consistent options at both ends.

2.4.  IETF Performance Measurement

OWAMP (One-Way Active Measurement Protocol) [RFC4656] (Shalunov, S., Teitelbaum, B., Karp, A., Boote, J., and M. Zekauskas, “A One-way Active Measurement Protocol,” September 2006.) enables measurement of unidirectional characteristics of IP networks, such as packet loss and one-way delay. For its proper operation OWAMP requires accurate time of day setting at its end points.

TWAMP (Two-Way Active Measurement Protocol) [RFC5357] (Hedayat, K., Krzanowski, R., Morton, A., Yum, K., and J. Babiarz, “A Two-Way Active Measurement Protocol,” Oct 2008.) is a similar protocol that enables measurement of two-way (round trip) characteristics. TWAMP does not require accurate time of day, and, furthermore, allows the use of a simple session reflector, making it an attractive alternative to OWAMP.

Both OWAMP and TWAMP consist of inter-related control and test protocols, although "TWAMP Light" eliminates the need for the control protocol.

OWAMP and TWAMP control protocols run over TCP, while the test protocols run over UDP. The purpose of the control protocols is to initiate, start, and stop test sessions, and for OWAMP to fetch results. The test protocols introduce test packets (which contain sequence numbers and timestamps) along the IP path under test according to a schedule, and record statistics of packet arrival. Multiple sessions may be simultaneously defined, each with a session identifier, and defining the number of packets to be sent, the amount of padding to be added (and thus the packet size), the start time, and the send schedule (which can be either a constant time between test packets or exponentially distributed pseudo-random). Statistics recorded conform to the relevant IPPM RFCs.

OWAMP defines the following logical roles: Session-Sender, Session-Receiver, Server, Control-Client, and Fetch-Client. The Session-Sender originates test traffic that is received by the Session-receiver. The Server configures and manages the session, as well as returning the results. The Control-Client initiates requests for test sessions, triggers their start, and may trigger their termination. The Fetch-Client requests the results of a completed session. Multiple roles may be combined in a single host – for example, one host may play the roles of Control-Client, Fetch-Client, and Session-Sender, and a second playing the roles of Server and Session-Receiver.

In a typical OWAMP session the Control-Client establishes a TCP connection to port 861 of the Server, which responds with a server greeting message indicating supported security/integrity modes. The Control-Client responds with the chosen communications mode and the Server accepts the modes. The Control-Client then requests and fully describes a test session to which the Server responds with its acceptance and supporting information. More than one test session may be requested with additional messages. The Control-Client then starts a test session and the Server acknowledges. The Session-Sender then sends test packets with pseudorandom padding to the Session-Receiver until the session is complete or until the Control-Client stops the session. Once finished, the Fetch-Client sends a fetch request to the server, which responds with an acknowledgement and immediately thereafter the result data.

TWAMP defines the following logical roles: session-sender, session-reflector, server, and control-client. These are similar to the OWAMP roles, except that the Session-Reflector does not collect any packet information, and there is no need for a Fetch-Client.

In a typical TWAMP session the Control-Client establishes a TCP connection to port 862 of the Server, and mode is negotiated as in OWAMP. The Control-Client then requests sessions and starts them. The Session-Sender sends test packets with pseudorandom padding to the Session-Reflector which returns them with insertion of timestamps.

OWAMP and TWAMP test traffic is designed with security in mind. Test packets are hard to detect because they are simply UDP streams between negotiated port numbers, with potentially nothing static in the packets. OWAMP and TWAMP also include optional authentication and encryption for both control and test packets.

3.  MPLS-TP OAM Functionality

The following sections discuss the required OAM functionality as required by [MPLS‑TP OAM Reqs] (Vigoureux, M., Betts, M., and D. Ward, “Requirements for OAM in MPLS Transport Networks,” April 2009.).

3.1.  Basic OAM functionality

[MPLS‑TP OAM Reqs] (Vigoureux, M., Betts, M., and D. Ward, “Requirements for OAM in MPLS Transport Networks,” April 2009.) includes a set of basic requirements for all OAM tools to be used for MPLS-TP transport paths. This includes the following:

• [MPLS‑TP OAM Reqs] (Vigoureux, M., Betts, M., and D. Ward, “Requirements for OAM in MPLS Transport Networks,” April 2009.) requires that the MPLS-TP OAM must be able to support both an IP based and non-IP based environment. If the network is IP based, i.e. IP routing and forwarding are available, then the MPLS-TP OAM toolset should rely on the IP routing and forwarding capabilities. On the other hand, in environments where IP functionality is not available, the OAM tools must still be able to operate without dependence on IP forwarding and routing.
• [MPLS‑TP OAM Reqs] (Vigoureux, M., Betts, M., and D. Ward, “Requirements for OAM in MPLS Transport Networks,” April 2009.) requires that all OAM protocols support identification information, at least in the form of IP addressing structure and be extensible to support additional identification schemes.
• It is also required that OAM packets and the user traffic are congruent (i.e. OAM packets are transmitted in-band) and there is a need to differentiate OAM packets from user-plane ones. Inherent in this requirement is the principle that MPLS-TP OAM be independent of any existing control-plane, although it should not preclude use of the control-plane functionality.

In addition, the requirements for specific OAM functions will be highlighted in the following sub-sections.

3.2.  Fault detection functionality

MPLS supports tools that provide basic fault detection functionality for different forms of paths, as outlined in section 2 of this document. These tools provide the basic functionality for an MPLS environment. The transport environment requires certain additional functionality that is outlined in the following subsections.

3.2.1.  Continuity Check and Connectivity Verification

Continuity Check and Connectivity Verification (CC-V) are OAM operations generally used in tandem, and compliment each other. These functions are generally run proactively, but may also be used on-demand, either due to bandwidth considerations or for diagnoses of a specific condition. Proactively [MPLS‑TP OAM Reqs] (Vigoureux, M., Betts, M., and D. Ward, “Requirements for OAM in MPLS Transport Networks,” April 2009.) states that the function should allow the MEPs to monitor the liveness and connectivity of a transport path. In on-demand mode, this function should support monitoring between the MEPs and, in addition, between a MEP and MIP.

The [MPLS‑TP OAM Frwk] (Busi, I. and B. Niven-Jenkins, “MPLS-TP OAM Framework and Overview,” March 2009.) highlights the need for the CC-V messages to include unique identification of the MEG that is being monitored and the MEP that originated the message. The function, both proactively and in on-demand mode, need to be transmitted at regular rates pre-configured by the operator.

3.2.2.  Remote Defect Indication

Remote Defect Indication (RDI) is used proactively by a path end-point to report to its peer end-point that a defect is detected on a bi-directional connection between them. [MPLS‑TP OAM Reqs] (Vigoureux, M., Betts, M., and D. Ward, “Requirements for OAM in MPLS Transport Networks,” April 2009.) points out that this function may be applied to a unidirectional LSP only if there a return path exists. [MPLS‑TP OAM Frwk] (Busi, I. and B. Niven-Jenkins, “MPLS-TP OAM Framework and Overview,” March 2009.) points out that this function is associated with the proactive CC-V function.

3.2.3.  Route Tracing

[MPLS‑TP OAM Reqs] (Vigoureux, M., Betts, M., and D. Ward, “Requirements for OAM in MPLS Transport Networks,” April 2009.) defines that there is a need for functionality that would allow a path end-point to identify the intermediate and end-points of the path. This function would be used in on-demand mode. Normally, this path will be used for bidirectional PW, LSP, and sections, however, unidirectional paths may be supported only if a return path exists.

3.2.4.  Alarm Reporting

Alarm Reporting is a function used by an intermediate point of a path, that becomes aware of a fault on the path, to report to the end-points of the path. [MPLS‑TP OAM Frwk] (Busi, I. and B. Niven-Jenkins, “MPLS-TP OAM Framework and Overview,” March 2009.) states that this may occur as a result of a defect condition discovered at a server sub-layer. This generates an Alarm Indication Signal (AIS) that continues until the fault is cleared. The consequent action of this function is detailed in [MPLS‑TP OAM Frwk] (Busi, I. and B. Niven-Jenkins, “MPLS-TP OAM Framework and Overview,” March 2009.).

3.2.5.  Client Failure Indication

Client Failure Indication (CFI) is defined in [MPLS‑TP OAM Reqs] (Vigoureux, M., Betts, M., and D. Ward, “Requirements for OAM in MPLS Transport Networks,” April 2009.) to allow the propagation information from one edge of the network to the other. The information concerns a defect to a client, in the case that the client does not support alarm notification.

3.3.  Performance Measurement Functionality

The current performance measurement tools defined in the IETF, outlined in Section 2 of this document, do not directly address MPLS paths. In addition, when extending MPLS to address the needs of the transport community there is a need to support enhanced performance measurement functionality, as detailed in the following sub-sections.

3.3.1.  Packet Loss Measurement

Packet Loss Measurement is a function that is used to verify the quality of the service. This function indicates the ratio of packets that are not delivered out of all packets that are transmitted by the path source.

There are two possible ways of determining this measurement –

• Using OAM packets, it is possible to compute the statistics based on a series of OAM packets. This, however, has the disadvantage of being artificial, and may not be representative since part of the packet loss may be dependent upon packet sizes.
• Sending delimiting messages for the start and end of a measurement period during which the source and sink of the path count the packets transmitted and received. After the end delimiter, the ratio would be calculated by the path OAM entity.

3.3.2.  Packet Delay Measurement

Packet Delay Measurement is a function that is used to measure one-way or two-way delay of a packet transmission between a pair of the end-points of a path (PW, LSP, or Section). Where:

• One-way packet delay is the time elapsed from the start of transmission of the first bit of the packet by a source node until the reception of the last bit of that packet by the destination node.
• Two-way packet delay is the time elapsed from the start of transmission of the first bit of the packet by a source node until the reception of the last bit of the loop-backed packet by the same source node, when the loopback is performed at the packet's destination node.

Similarly to the packet loss measurement this could be performed in one of two ways –

• Using OAM packets – checking delay (either one-way or two-way) in transmission of OAM packets. May not fully reflect delay of larger packets, however, gives feedback on general service level.
• Using delimited periods of transmission – may be too intrusive on the client traffic.

4.  Enhancing the existing toolset for MPLS-TP

4.1.  Gap Analysis

4.1.1.  OAM Infrastructure

Creating these extensions/mechanisms would fulfill the following architectural requirements, mentioned above:

• Independence of IP forwarding and routing, when needed.
• OAM packets should be transmitted in-band.
• Support a single OAM technology for LSP, PW, and Sections.

In addition, the following additional requirements can be satisfied:

• Provide the ability to carry other types of communications (e.g., APS, Management Control Channel (MCC), Signaling Control Channel (SCC)), by defining new types of communication channels for PWs, Sections, and LSPs.
• The design of the OAM mechanisms for MPLS-TP MUST allow the ability to support vendor specific and experimental OAM functions.

4.2.  BFD enhancements

4.3.  LSP Ping enhancements

4.4.  Performance Measurement enhancements

5.  IANA Considerations

This document makes no request of IANA.

Note to RFC Editor: this section may be removed on publication as an RFC.

6.  Security Considerations

This document does not by itself raise any particular security considerations.

7.  Acknowledgements

The authors wish to acknowledge the encouragement of the MPLS WG chairs and the area directors in directing this work.

8. Informative References

Authors' Addresses