Internet DRAFT - draft-mirsky-rtgwg-oam-identify

draft-mirsky-rtgwg-oam-identify







RTGWG Working Group                                            G. Mirsky
Internet-Draft                                                 ZTE Corp.
Intended status: Informational                         February 26, 2020
Expires: August 29, 2020


 Identification of Overlay Operations, Administration, and Maintenance
                                 (OAM)
                   draft-mirsky-rtgwg-oam-identify-04

Abstract

   This document analyzes how the presence of Operations,
   Administration, and Maintenance (OAM) control command and/or special
   data is identified in some overlay networks and an impact on the
   choice of identification may have on OAM functionality.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on August 29, 2020.

Copyright Notice

   Copyright (c) 2020 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.



Mirsky                   Expires August 29, 2020                [Page 1]

Internet-Draft         Overlay OAM Identification          February 2020


Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Conventions used in this document . . . . . . . . . . . . . .   2
     2.1.  Terminology . . . . . . . . . . . . . . . . . . . . . . .   2
     2.2.  Keywords  . . . . . . . . . . . . . . . . . . . . . . . .   3
   3.  A Control Channel in an Overlay Network . . . . . . . . . . .   3
   4.  Overlay Network Encapsulations  . . . . . . . . . . . . . . .   4
     4.1.  Encapsulations with Meta-data . . . . . . . . . . . . . .   4
       4.1.1.  Available Solutions . . . . . . . . . . . . . . . . .   6
     4.2.  Fixed-size Encapsulations . . . . . . . . . . . . . . . .   6
     4.3.  Source Information Availability . . . . . . . . . . . . .   7
     4.4.  On-path OAM . . . . . . . . . . . . . . . . . . . . . . .   7
   5.  Conclusions . . . . . . . . . . . . . . . . . . . . . . . . .   8
   6.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   8
   7.  Security Considerations . . . . . . . . . . . . . . . . . . .   8
   8.  Acknowledgment  . . . . . . . . . . . . . . . . . . . . . . .   8
   9.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   8
     9.1.  Normative References  . . . . . . . . . . . . . . . . . .   9
     9.2.  Informational References  . . . . . . . . . . . . . . . .   9
   Author's Address  . . . . . . . . . . . . . . . . . . . . . . . .  11

1.  Introduction

   Operations, Administration, and Maintenance (OAM) protocols are used
   to detect, localize defects in the network, and monitor network
   performance.  Some OAM functions, e.g., failure detection, work in
   the network proactively, while others, e.g., defect localization,
   usually performed on-demand.  These tasks achieved by a combination
   of active, passive, and hybrid OAM methods, as defined in [RFC7799].

   This document analyzes how the presence of Operations,
   Administration, and Maintenance (OAM) control command and/or special
   data, i.e., OAM packet, is identified in some overlay networks, and
   an impact the choice of identification may have on OAM functionality
   of active and hybrid OAM methods for the respective overlay network
   encapsulation.

2.  Conventions used in this document

2.1.  Terminology

   AMM Alternate Marking method

   BIER Bit Indexed Explicit Replication

   DetNet Deterministic Networks




Mirsky                   Expires August 29, 2020                [Page 2]

Internet-Draft         Overlay OAM Identification          February 2020


   GUE Generic UDP Encapsulation

   HTS Hybrid Two-step

   NSH Network Service Header

   NVO3 Network Virtualization Overlays

   OAM Operations, Administration and Maintenance

   SFC Service Function Chaining

   TLV Type-Length-Value

   VXLAN-GPE Generic Protocol Extension for VXLAN

   ACH Associated Channed Header

   Underlay Network or Underlay Layer: The network that provides
   connectivity between the DetNet nodes.  MPLS network that provides
   LSP connectivity between DetNet nodes is an example of an underlay
   layer.

2.2.  Keywords

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
   "OPTIONAL" in this document are to be interpreted as described in BCP
   14 [RFC2119] [RFC8174] when, and only when, they appear in all
   capitals, as shown here.

3.  A Control Channel in an Overlay Network

   There's a need for a general control channel between the endpoints of
   an overlay network for OAM protocols that can be used for fault
   detection, diagnostics, maintenance, and other functions.  Such a
   control tunnel is dedicated to carrying only control and management
   data between tunnel endpoints.  In other words, the control channel
   of an overlay network SHOULD NOT carry the client's data.  And the
   endpoint node SHOULD NOT forward a packet received over the control
   channel.  The identification of the control channel might be using
   different methods.  For example, Virtual Network Identifier might be
   used to identify the control channel in VXLAN and Geneve.








Mirsky                   Expires August 29, 2020                [Page 3]

Internet-Draft         Overlay OAM Identification          February 2020


4.  Overlay Network Encapsulations

   New overlay network encapsulations analyzed in two groups:

   o  encapsulations that support optional meta-data;

   o  fixed-size encapsulations.

4.1.  Encapsulations with Meta-data

   Number of the new encapsulation protocols (e.g., Geneve
   [I-D.ietf-nvo3-geneve], GUE [I-D.ietf-intarea-gue], and SFC NSH
   [RFC8300]) support use of Type-Length-Value (TLV) encoding to include
   optional information into the header.  The identification of OAM in
   these protocols is as the following:

      Geneve:

         O (1 bit): after the WGLC discussion, the interpretation of the
         O field has changed.  The O field now identifies a control
         packet.  This packet contains a control message.  Control
         messages are sent between tunnel endpoints.  Tunnel Endpoints
         MUST NOT forward the payload and transit devices MUST NOT
         attempt to interpret it.  Since these are infrequent control
         messages, it is RECOMMENDED that tunnel endpoints direct these
         packets to a high priority control queue (for example, to
         direct the packet to a general purpose CPU from a forwarding
         ASIC or to separate out control traffic on a NIC).  Transit
         devices MUST NOT alter forwarding behavior on the basis of this
         bit, such as ECMP link selection.

         [I-D.mmbb-nvo3-geneve-oam] defines the Geneve encapsulation for
         active OAM.  Initially, four options have been presented:

         +  with IP/UDP header demultiplexing active OAM protocols,
            e.g., Fault Management and Performance Monitoring, can be
            done using the destination UDP port number.

         +  demultiplex active OAM protocols by the value of the
            Protocol Type field in the Geneve header.

         +  with using MPLS Generic Associated Channel Label [RFC5586]
            and Associated Channel Header (ACH) [RFC4385].  Active OAM
            protocols are demultiplexed using the value of the Channel
            Type field.






Mirsky                   Expires August 29, 2020                [Page 4]

Internet-Draft         Overlay OAM Identification          February 2020


         +  using the new EtherType to identify Geneve OAM and the ACH.
            Active OAM protocols will be demultiplexed based on the
            Channel Type field's value.

      GUE:

         C-bit provides the separate namespace to carry formatted data
         that are implicitly addressed to the decapsulator to monitor or
         control the state or behavior of a tunnel.  The payload is
         interpreted as a control message with the type specified in the
         proto/ctype field.  The format and contents of the control
         message are indicated by the type and can be variable length.

      SFC NSH:

         O bit: Setting this bit indicates an OAM packet.

   Common between Geneve and NSH is the use of the dedicated flag to
   identify the OAM packet and, at the same time, the presence of the
   field that identifies the protocol of the payload that immediately
   follows after the encapsulation header.  [RFC8393] points out that if
   the value of that field interpreted as none, i.e., no payload follows
   the header, then OAM may be included in TLVs, thus creating an active
   OAM packet.  The problem with this mechanism to support active OAM
   methods may be a limitation of the size of data that can be included
   in a TLV.  For example, the maximum size of data in an NSH Meta-data
   Type 2, as defined in section 2.5.1 [RFC8300], is 512 octets.  The
   maximum length of data in Geneve Option, per section 3.5
   [I-D.ietf-nvo3-geneve], is 128 octets.  Thus, using one TLV as active
   OAM packet, would not allow creating test packets of larger size,
   which is useful when measuring packet loss and latency with synthetic
   traffic as part of the service activation procedure.

   [I-D.ietf-sfc-oam-framework] suggests that the O bit used to identify
   OAM packet and the Next Protocol field identifies the OAM function:

      While the presence of OAM marker in the overlay header (e.g., O
      bit in the NSH header) indicates it as OAM packet, it is not
      sufficient to signal for which OAM function the packet is
      intended.

   At the same time, some of in-situ OAM proposals, e.g.,
   [I-D.ietf-sfc-ioam-nsh], suggest using TLV to communicate hybrid OAM
   commands and data.  The proposed resolution of using the combination
   of O bit and the Next Protocol field:






Mirsky                   Expires August 29, 2020                [Page 5]

Internet-Draft         Overlay OAM Identification          February 2020


      ... the O bit MUST NOT be set for regular customer traffic which
      also carries IOAM data and the O bit MUST be set for OAM packets
      which carry only IOAM data without any regular data payload.

   implies that the O bit only identifies the active OAM packet and not
   set when hybrid OAM methods used.

4.1.1.  Available Solutions

   One of the possible solutions for encapsulations with meta-data has
   been specified in [I-D.ietf-sfc-multi-layer-oam]:

   To identify the active OAM message the value on the Next Protocol
   field MUST be set to Active SFC OAM.  The rules of interpreting the
   values of O bit and the Next Protocol field are as follows:

   o  O bit set and the Next Protocol value is not one of identifying
      active or hybrid OAM protocol (per [RFC7799] definitions), e.g.,
      defined in this specification Active SFC OAM - a Fixed-Length
      Context Header or Variable-Length Context Header(s) contain OAM
      command or data and the type of payload determined by the Next
      Protocol field;

   o  O bit set and the Next Protocol value is one of identifying active
      or hybrid OAM protocol - the payload that immediately follows SFC
      NSH contains OAM command or data;

   o  O bit is clear - no OAM in a Fixed-Length Context Header or
      Variable-Length Context Header(s) and the payload determined by
      the value of the Next Protocol field;

   o  O bit is clear, and the Next Protocol value is one of identifying
      active or hybrid OAM protocol MUST be identified and reported as
      the erroneous combination.  An implementation MAY have control to
      enable processing of the OAM payload.

   From the above-listed rules follows the recommendation to avoid the
   combination of OAM in a Fixed-Length Context Header or Variable-
   Length Context Header(s) and in the payload immediately following the
   SFC NSH because there is no unambiguous way to identify such
   combination using the O bit and the Next Protocol field.

4.2.  Fixed-size Encapsulations

   Number of the new encapsulation protocols (e.g., VXLAN-GPE
   [I-D.ietf-nvo3-vxlan-gpe], BIER [RFC8296]) suse fixed-size header.
   The identification of OAM in these protocols is as the following:




Mirsky                   Expires August 29, 2020                [Page 6]

Internet-Draft         Overlay OAM Identification          February 2020


      VXLAN-GPE:

         OAM Flag Bit (O bit): The O bit is set to indicate that the
         packet is an OAM packet.

      BIER:

         OAM packet identified by the value of the Next Protocol field.
         IANA BIER Next Protocol Identifiers registry includes the
         identifier for OAM (5).

   The use of a combination of OAM Flag Bit and the Next Protocol field
   in VXLAN-GPE requires clarification of the header interpretation when
   the OAM Flag Bit is set, and the value of the Next Protocol field is
   one of defined in section 3.2 of [I-D.ietf-nvo3-vxlan-gpe].

   BIER encapsulation, defined in [RFC8296], identifies OAM message
   immediately following the BIER header by the value of the Next
   Protocol field.

4.3.  Source Information Availability

   Availability of the packet originator's source information is
   required for active two-way OAM, e.g., echo request/reply.  In cases
   when the underlay network is IPv4/IPv6 the source information will be
   derived from the underlay.  But when using MPLS underlay network
   encapsulation of an active OAM packet have to follow specific rules:

   o  if available, use Sender ID in the overlay domain (example BFIR ID
      in BIER [RFC8296];

   o  use IP/UDP encapsulation of an OAM packet in the overlay (similar
      to Section 4.3 [RFC8029]).

4.4.  On-path OAM

   In addition to active methods, OAM toolset may include methods that
   don't use specially constructed and injected in the network test
   packets.  [RFC7799] defines OAM methods that are neither entirely
   active nor passive but are a combination of both as hybrid methods.

   One of the examples of the hybrid OAM methods, in-situ OAM, mentioned
   in Section 4.1.  Another example, Alternate Marking method (AMM)
   [RFC8321], enables on-path OAM functions, e.g., delay and loss
   measurements, using the data traffic.  Because AMM impact on the
   network can be minimized, measured metrics can be correlated to the
   network conditions experienced by the specific service.  Of all
   listed in Section 4, BIER allocated the field that may be used for



Mirsky                   Expires August 29, 2020                [Page 7]

Internet-Draft         Overlay OAM Identification          February 2020


   AMM, as discussed in [I-D.ietf-bier-pmmm-oam].  Applicability of AMM
   to other overlay protocols, i.e., SFC NSH discussed in
   [I-D.mirsky-sfc-pmamm], Geneve [I-D.fmm-nvo3-pm-alt-mark], and in
   IPv6 networks [I-D.fioccola-v6ops-ipv6-alt-mark], been actively
   discussed.

   Hybrid Two-step (HTS), defined in [I-D.mirsky-ippm-hybrid-two-step],
   provides on-path collection and transport of the telemetry
   information.  HTS enables accurate and consistent measurements by
   separating the measurement action from the transporting data while
   ensuring that the follow-up packet that carries the telemetry
   information does follow the data packet that had triggered the
   measurement.

5.  Conclusions

   OAM control commands and data may be present as part of the overlay
   encapsulation header or as a payload that follows the overlay network
   header.  The recommendations:

   o  OAM in the overlay header, if supported by the overlay network,
      identified by the dedicated flag.  Use of this method as active
      OAM is possible, but functionality is limited.

   o  OAM that follows the overlay header identified as payload type,
      e.g., by the value of the Next Protocol field.

6.  IANA Considerations

   This document does not propose any IANA consideration.  This section
   may be removed.

7.  Security Considerations

   This document lists the OAM requirements for a DetNet domain and does
   not raise any security concerns or issues in addition to ones common
   to networking.

8.  Acknowledgment

   TBD

9.  References








Mirsky                   Expires August 29, 2020                [Page 8]

Internet-Draft         Overlay OAM Identification          February 2020


9.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <https://www.rfc-editor.org/info/rfc2119>.

   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
              May 2017, <https://www.rfc-editor.org/info/rfc8174>.

9.2.  Informational References

   [I-D.fioccola-v6ops-ipv6-alt-mark]
              Fioccola, G., Velde, G., Cociglio, M., and P. Muley, "IPv6
              Performance Measurement with Alternate Marking Method",
              draft-fioccola-v6ops-ipv6-alt-mark-01 (work in progress),
              June 2018.

   [I-D.fmm-nvo3-pm-alt-mark]
              Fioccola, G., Mirsky, G., and T. Mizrahi, "Performance
              Measurement (PM) with Alternate Marking in Network
              Virtualization Overlays (NVO3)", draft-fmm-nvo3-pm-alt-
              mark-03 (work in progress), October 2018.

   [I-D.ietf-bier-pmmm-oam]
              Mirsky, G., Zheng, L., Chen, M., and G. Fioccola,
              "Performance Measurement (PM) with Marking Method in Bit
              Index Explicit Replication (BIER) Layer", draft-ietf-bier-
              pmmm-oam-07 (work in progress), January 2020.

   [I-D.ietf-intarea-gue]
              Herbert, T., Yong, L., and O. Zia, "Generic UDP
              Encapsulation", draft-ietf-intarea-gue-09 (work in
              progress), October 2019.

   [I-D.ietf-nvo3-geneve]
              Gross, J., Ganga, I., and T. Sridhar, "Geneve: Generic
              Network Virtualization Encapsulation", draft-ietf-
              nvo3-geneve-14 (work in progress), September 2019.

   [I-D.ietf-nvo3-vxlan-gpe]
              Maino, F., Kreeger, L., and U. Elzur, "Generic Protocol
              Extension for VXLAN", draft-ietf-nvo3-vxlan-gpe-09 (work
              in progress), December 2019.






Mirsky                   Expires August 29, 2020                [Page 9]

Internet-Draft         Overlay OAM Identification          February 2020


   [I-D.ietf-sfc-ioam-nsh]
              Brockners, F. and S. Bhandari, "Network Service Header
              (NSH) Encapsulation for In-situ OAM (IOAM) Data", draft-
              ietf-sfc-ioam-nsh-02 (work in progress), September 2019.

   [I-D.ietf-sfc-multi-layer-oam]
              Mirsky, G., Meng, W., Khasnabish, B., and C. Wang, "Active
              OAM for Service Function Chains in Networks", draft-ietf-
              sfc-multi-layer-oam-04 (work in progress), November 2019.

   [I-D.ietf-sfc-oam-framework]
              Aldrin, S., Pignataro, C., Kumar, N., Krishnan, R., and A.
              Ghanwani, "Service Function Chaining (SFC) Operations,
              Administration and Maintenance (OAM) Framework", draft-
              ietf-sfc-oam-framework-11 (work in progress), September
              2019.

   [I-D.mirsky-ippm-hybrid-two-step]
              Mirsky, G., Lingqiang, W., and G. Zhui, "Hybrid Two-Step
              Performance Measurement Method", draft-mirsky-ippm-hybrid-
              two-step-04 (work in progress), October 2019.

   [I-D.mirsky-sfc-pmamm]
              Mirsky, G., Fioccola, G., and T. Mizrahi, "Performance
              Measurement (PM) with Alternate Marking Method in Service
              Function Chaining (SFC) Domain", draft-mirsky-sfc-pmamm-09
              (work in progress), December 2019.

   [I-D.mmbb-nvo3-geneve-oam]
              Mirsky, G., Xiao, M., Boutros, S., and D. Black, "OAM for
              use in GENEVE", draft-mmbb-nvo3-geneve-oam-01 (work in
              progress), January 2020.

   [RFC4385]  Bryant, S., Swallow, G., Martini, L., and D. McPherson,
              "Pseudowire Emulation Edge-to-Edge (PWE3) Control Word for
              Use over an MPLS PSN", RFC 4385, DOI 10.17487/RFC4385,
              February 2006, <https://www.rfc-editor.org/info/rfc4385>.

   [RFC5586]  Bocci, M., Ed., Vigoureux, M., Ed., and S. Bryant, Ed.,
              "MPLS Generic Associated Channel", RFC 5586,
              DOI 10.17487/RFC5586, June 2009,
              <https://www.rfc-editor.org/info/rfc5586>.

   [RFC7799]  Morton, A., "Active and Passive Metrics and Methods (with
              Hybrid Types In-Between)", RFC 7799, DOI 10.17487/RFC7799,
              May 2016, <https://www.rfc-editor.org/info/rfc7799>.





Mirsky                   Expires August 29, 2020               [Page 10]

Internet-Draft         Overlay OAM Identification          February 2020


   [RFC8029]  Kompella, K., Swallow, G., Pignataro, C., Ed., Kumar, N.,
              Aldrin, S., and M. Chen, "Detecting Multiprotocol Label
              Switched (MPLS) Data-Plane Failures", RFC 8029,
              DOI 10.17487/RFC8029, March 2017,
              <https://www.rfc-editor.org/info/rfc8029>.

   [RFC8296]  Wijnands, IJ., Ed., Rosen, E., Ed., Dolganow, A.,
              Tantsura, J., Aldrin, S., and I. Meilik, "Encapsulation
              for Bit Index Explicit Replication (BIER) in MPLS and Non-
              MPLS Networks", RFC 8296, DOI 10.17487/RFC8296, January
              2018, <https://www.rfc-editor.org/info/rfc8296>.

   [RFC8300]  Quinn, P., Ed., Elzur, U., Ed., and C. Pignataro, Ed.,
              "Network Service Header (NSH)", RFC 8300,
              DOI 10.17487/RFC8300, January 2018,
              <https://www.rfc-editor.org/info/rfc8300>.

   [RFC8321]  Fioccola, G., Ed., Capello, A., Cociglio, M., Castaldelli,
              L., Chen, M., Zheng, L., Mirsky, G., and T. Mizrahi,
              "Alternate-Marking Method for Passive and Hybrid
              Performance Monitoring", RFC 8321, DOI 10.17487/RFC8321,
              January 2018, <https://www.rfc-editor.org/info/rfc8321>.

   [RFC8393]  Farrel, A. and J. Drake, "Operating the Network Service
              Header (NSH) with Next Protocol "None"", RFC 8393,
              DOI 10.17487/RFC8393, May 2018,
              <https://www.rfc-editor.org/info/rfc8393>.

Author's Address

   Greg Mirsky
   ZTE Corp.

   Email: gregimirsky@gmail.com

















Mirsky                   Expires August 29, 2020               [Page 11]