Network Work group | N. Kumar, Ed. |
Internet-Draft | C. Pignataro, Ed. |
Intended status: Standards Track | Cisco |
Expires: March 25, 2018 | G. Swallow |
Southend Technical Center | |
N. Akiya | |
Big Switch Networks | |
S. Kini | |
Individual | |
M. Chen | |
Huawei | |
September 21, 2017 |
Label Switched Path (LSP) Ping/Traceroute for Segment Routing IGP Prefix and Adjacency SIDs with MPLS Data-plane
draft-ietf-mpls-spring-lsp-ping-09
A Segment Routing architecture leverages source routing and tunneling paradigms and can be directly applied to use of a Multi Protocol Label Switching (MPLS) data plane. A node steers a packet through a controlled set of instructions called segments, by prepending the packet with a Segment Routing header.
The segment assignment and forwarding semantic nature of Segment Routing raises additional consideration for connectivity verification and fault isolation for an LSP within a Segment Routing architecture. This document illustrates the problem and defines extensions to perform LSP Ping and Traceroute for a Segment Routing network with a MPLS data plane.
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."
This Internet-Draft will expire on March 25, 2018.
Copyright (c) 2017 IETF Trust and the persons identified as the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
[I-D.ietf-spring-segment-routing] introduces and describes a Segment Routing architecture that leverages the source routing and tunneling paradigms. A node steers a packet through a controlled set of instructions called segments, by prepending the packet with Segment Routing header. A detailed definition of the Segment Routing architecture is available in [I-D.ietf-spring-segment-routing]
As described in [I-D.ietf-spring-segment-routing] and [I-D.ietf-spring-segment-routing-mpls], the Segment Routing architecture can be directly applied to an MPLS data plane, the Segment identifier (Segment ID) will be of 20-bits size and the Segment Routing header is the label stack.
"Detecting Multi-Protocol Label Switched (MPLS) Data Plane Failures" [RFC8029] defines a simple and efficient mechanism to detect data plane failures in Label Switched Paths (LSP) by specifying information to be carried in an MPLS "echo request" and "echo reply" for the purposes of fault detection and isolation. Mechanisms for reliably sending the echo reply are defined. The functionality defined in [RFC8029] is modeled after the ping/traceroute paradigm (ICMP echo request [RFC0792]) and is typically referred to as LSP ping and LSP traceroute. [RFC8029] supports hierarchical and stitching LSPs.
Unlike LDP or RSVP which are the other well-known MPLS control plane protocols, the basis of segment ID assignment in Segment Routing architecture is not always on hop-by-hop basis. Depending on the type of segment ID, the assignment can be unique to the node or within a domain.
This nature of Segment Routing raises additional consideration for fault detection and isolation in a Segment Routing network. This document illustrates the problem and describes a mechanism to perform LSP Ping and Traceroute on a Segment Routing network with a MPLS data plane.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].
This document uses the terminologies defined in [I-D.ietf-spring-segment-routing], [RFC8029], readers are expected to be familiar with it.
The following example describes the challenges with using the current MPLS OAM mechanisms on a Segment Routing network.
[RFC8029] defines the MPLS OAM mechanisms that help with fault detection and isolation for a MPLS data-plane path by the use of various Target FEC Stack Sub-TLVs that are carried in MPLS Echo Request packets and used by the responder for FEC validation. While it is obvious that new Sub-TLVs need to be assigned for Segment Routing, the unique nature of the Segment Routing architecture raises the need for additional operational considerations for path validation. This section discusses the challenges as below:
L1 +--------+ | L2 | R3-------R6 / \ / \ R1----R2 R7----R8 \ / \ / R4-------R5 Figure 1: Segment Routing network The Node Segment IDs for R1, R2, R3, R4, R5, R6, R7 and R8 are 5001, 5002, 5003, 5004, 5005, 5006, 5007, 5008 respectively. 9136 --> Adjacency Segment ID from R3 to R6 over link L1. 9236 --> Adjacency Segment ID from R3 to R6 over link L2. 9124 --> Adjacency segment ID from R2 to R4. 9123 --> Adjacency Segment ID from R2 to R3.
The forwarding semantic of Adjacency Segment ID is to pop the Segment ID and send the packet to a specific neighbor over a specific link. A malfunctioning node may forward packets using Adjacency Segment ID to an incorrect neighbor or over an incorrect link. The exposed Segment ID (of an incorrectly forwarded Adjacency Segment ID) might still allow such packet to reach the intended destination, although the intended strict traversal has been broken.
Assume in above topology, R1 sends traffic with segment stack as {9124, 5008} so that the path taken will be R1-R2-R4-R5-R7-R8. If the Adjacency Segment ID 9124 is misprogrammed in R2 to send the packet to R1 or R3, the packet may still be delivered to R8 (if the nodes are configured with same SRGB) but is not via the expected path.
MPLS traceroute may help with detecting such a deviation in the above mentioned scenario. However, in a different example, it may not be helpful. For example if R3, due to misprogramming, forwards a packet with Adjacency Segment ID 9236 via link L1, while it is expected to be forwarded over Link L2.
The format of the following Segment ID sub-TLVs follows the philosophy of Target FEC Stack TLV carrying FECs corresponding to each label in the label stack. When operated with the procedures defined in [RFC8029], this allows LSP ping/traceroute operations to function when Target FEC Stack TLV contains more FECs than received label stack at responder nodes.
Three new sub-TLVs are defined for Target FEC Stack TLVs (Type 1), Reverse-Path Target FEC Stack TLV (Type 16) and Reply Path TLV (Type 21).
sub-Type Value Field -------- --------------- 34 IPv4 IGP-Prefix Segment ID 35 IPv6 IGP-Prefix Segment ID 36 IGP-Adjacency Segment ID
The format is as below:
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IPv4 Prefix | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Prefix Length | Protocol | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
IPv4 Prefix
Prefix Length
Protocol
The format is as below:
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | IPv6 Prefix | | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Prefix Length | Protocol | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
IPv6 Prefix
Prefix Length
Protocol
This Sub-TLV is applicable for any IGP-Adjacency defined in Section 3.5 of [I-D.ietf-spring-segment-routing]. The format is as below:
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Adj. Type | Protocol | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Local Interface ID (4 or 16 octets) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Remote Interface ID (4 or 16 octets) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ~ ~ | Advertising Node Identifier (4 or 6 octets) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ~ ~ | Receiving Node Identifier (4 or 6 octets) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Adj. Type (Adjacency Type)
Protocol
Local Interface ID
Remote Interface ID
Advertising Node Identifier
Receiving Node Identifier
In an echo reply, the Downstream Detailed Mapping TLV [RFC8029] is used to report for each interface over which a FEC could be forwarded. For a FEC, there are multiple protocols that may be used to distribute label mapping. The "Protocol" field of the Downstream Detailed Mapping TLV is used to return the protocol that is used to distribute the label carried in "Downstream Label" field. The following protocols are defined in [RFC8029]:
Protocol # Signaling Protocol ---------- ------------------ 0 Unknown 1 Static 2 BGP 3 LDP 4 RSVP-TE
With segment routing, OSPF or ISIS can be used for label distribution, this document adds two new protocols as follows:
Protocol # Signaling Protocol ---------- ------------------ 5 OSPF 6 ISIS
This section describes aspects of LSP Ping and traceroute operations that require further considerations beyond [RFC8029].
When LSP echo request packets are generated by an initiator, FECs carried in the Target FEC Stack TLV may need to differ to support a Segment Routing architecture. The following defines Target FEC Stack TLV construction mechanics by an initiator for Segment Routing scenarios.
As defined in [I-D.ietf-ospf-segment-routing-extensions] and [I-D.ietf-isis-segment-routing-extensions], Prefix SID can be advertised as absolute value, index or as range. In any of these cases, Initiator MUST derive the Prefix mapped to the Prefix SID and use it in IGP-Prefix Segment ID defined in Section 5.1 and 5.2.
[RFC8029] defines a FEC Stack Change sub-TLV that a router must include when the FEC stack changes.
The network node which advertised the Node Segment ID is responsible for generating a FEC Stack Change sub-TLV with pop operation type for Node Segment ID, regardless of whether penultimate hop popping (PHP) is enabled or not.
The network node that is immediate downstream of the node which advertised the Adjacency Segment ID is responsible for generating FEC Stack Change sub-TLV for "POP" operation for Adjacency Segment ID.
The forwarding semantic of Node Segment ID with PHP flag is equivalent to usage of implicit Null in MPLS protocols. Adjacency Segment ID is also similar in a sense that it can be thought of as locally allocated segment that has PHP enabled destined for next hop IGP adjacency node. Procedures described in Section 4.4 of [RFC8029] relies on Stack-D and Stack-R explicitly having Implicit Null value. It may simplify implementations to reuse Implicit Null for Node Segment ID PHP and Adjacency Segment ID cases.
This section modifies the procedure defined in Section 4.4.1 of [RFC8029]. Step 4 defined in Section 4.4.1 of [RFC8029] is updated as below:
4. If the label mapping for FEC is Implicit Null, set FEC-status to 2 and proceed to step 5. Otherwise, if the label mapping for FEC is Label-L, proceed to step 5. Otherwise, set FEC-return-code to 10 ("Mapping for this FEC is not the given label at stack- depth"), set FEC-status to 1, and return.
}
}
}
}
}
}
}
}
}
}
}
}
}
LSP Traceroute operation can properly traverse every hop of Segment Routing network for the Uniform Model as described in [RFC3443]. If one or more LSRs employ a Short Pipe Model, as described in [RFC3443], then LSP Traceroute may not be able to properly traverse every hop of Segment Routing network due to the absence of TTL copy operation when the outer label is popped. The Short Pipe is one of the most commonly used models. The following TTL manipulation technique MAY be used when the Short Pipe model is used.
When tracing a LSP according to the procedures in [RFC8029] the TTL is incremented by one in order to trace the path sequentially along the LSP. However when a source routed LSP has to be traced there are as many TTLs as there are labels in the stack. The LSR that initiates the traceroute SHOULD start by setting the TTL to 1 for the tunnel in the LSP's label stack it wants to start the tracing from, the TTL of all outer labels in the stack to the max value, and the TTL of all the inner labels in the stack to zero. Thus a typical start to the traceroute would have a TTL of 1 for the outermost label and all the inner labels would have TTL 0. If the FEC Stack TLV is included it should contain only those for the inner stacked tunnels. The Return Code/Subcode and FEC Stack Change TLV should be used to diagnose the tunnel as described in [RFC8029]. When the tracing of a tunnel in the stack is complete, then the next tunnel in the stack should be traced. The end of a tunnel can be detected from the "Return Code" when it indicates that the responding LSR is an egress for the stack at depth 1. Thus the traceroute procedures in [RFC8029] can be recursively applied to traceroute a source routed LSP.
[I-D.ietf-spring-segment-routing-ldp-interop] describes how Segment Routing operates in a network where SR-capable and non-SR-capable nodes coexist. In such networks, there may not be any FEC mapping in the responder, when the Initiator is SR-capable, while the responder is not (or vice-versa). But this is not different from RSVP and LDP interop scenarios. When LSP Ping is triggered, the responder will set the FEC-return-code to Return 4, "Replying router has no mapping for the FEC at stack-depth".
Similarly when a SR-capable node assigns Adj-SID for a non-SR-capable node, LSP traceroute may fail as the non-SR-capable node is not aware of "IGP Adjacency Segment ID" sub-TLV and may not reply with FEC Stack change. This may result in any further downstream nodes to reply back with Return-code as 4, "Replying router has no mapping for the FEC at stack-depth".
IANA is requested to assign three new Sub-TLVs from "Sub-TLVs for TLV Types 1, 16 and 21" sub-registry from the "Multi-Protocol Label Switching (MPLS) Label Switched Paths (LSPs) Ping Parameters" [IANA-MPLS-LSP-PING] registry.
Sub-Type Sub-TLV Name Reference -------- ----------------- ------------ 34 IPv4 IGP-Prefix Segment ID Section 5.1 of this document 35 IPv6 IGP-Prefix Segment ID Section 5.2 of this document 36 IGP-Adjacency Segment ID Section 5.3 of this document
IANA is requested to create a new "Protocol" registry under the "Multi-Protocol Label Switching (MPLS) Label Switched Paths (LSPs) Ping Parameters" registry. Code points in the range of 0-250 will be assigned by Standards Action. The range of 251-254 are reserved for experimental use and will not be assigned. The initial entries into the registry will be:
Value Meaning Reference ---------- ---------------- ------------ 0 Unknown Section 3.4.1.2 of RFC8029 1 Static Section 3.4.1.2 of RFC8029 2 BGP Section 3.4.1.2 of RFC8029 3 LDP Section 3.4.1.2 of RFC8029 4 RSVP-TE Section 3.4.1.2 of RFC8029 5 OSPF Section 6 of this document 6 ISIS Section 6 of this document 7-250 Unassigned 251-254 Experimental use This document 255 Reserved This document
IANA is requested to assign a new Return Code from the "Multi-Protocol Label Switching (MPLS) Label Switched Paths (LSPs) Ping Parameters" in "Return Codes" Sub-registry.
Value Meaning Reference ---------- ----------------- ------------ TBD1 Mapping for this FEC is not associated Section 7.4 of with the incoming interface this document
Note to the RFC Editor (please remove before publication): IANA has made early allocation for sub-type 34, 35 and 35. The early allocation expires 2017-09-15.
This document defines additional MPLS LSP Ping Sub-TLVs and follows the mechanisms defined in [RFC8029]. All the security considerations defined in [RFC8029] will be applicable for this document, and in addition, they do not impose any additional security challenges to be considered.
The authors would like to thank Stefano Previdi, Les Ginsberg, Balaji Rajagopalan, Harish Sitaraman, Curtis Villamizar, Pranjal Dutta, Lizhong Jin, Tom Petch, Victor Ji and Mustapha Aissaoui, Tony Przygienda, Alexander Vainshtein and Deborah Brungard for their review and comments.
The authors wold like to thank Loa Andersson for his comments and recommendation to merge drafts.
The following are key contributors to this document:
[I-D.ietf-isis-segment-routing-extensions] | Previdi, S., Filsfils, C., Bashandy, A., Gredler, H., Litkowski, S., Decraene, B. and j. jefftant@gmail.com, "IS-IS Extensions for Segment Routing", Internet-Draft draft-ietf-isis-segment-routing-extensions-13, June 2017. |
[I-D.ietf-ospf-ospfv3-segment-routing-extensions] | Psenak, P., Previdi, S., Filsfils, C., Gredler, H., Shakir, R., Henderickx, W. and J. Tantsura, "OSPFv3 Extensions for Segment Routing", Internet-Draft draft-ietf-ospf-ospfv3-segment-routing-extensions-10, September 2017. |
[I-D.ietf-ospf-segment-routing-extensions] | Psenak, P., Previdi, S., Filsfils, C., Gredler, H., Shakir, R., Henderickx, W. and J. Tantsura, "OSPF Extensions for Segment Routing", Internet-Draft draft-ietf-ospf-segment-routing-extensions-19, August 2017. |
[I-D.ietf-spring-segment-routing-ldp-interop] | Filsfils, C., Previdi, S., Bashandy, A., Decraene, B. and S. Litkowski, "Segment Routing interworking with LDP", Internet-Draft draft-ietf-spring-segment-routing-ldp-interop-08, June 2017. |
[I-D.ietf-spring-segment-routing-mpls] | Filsfils, C., Previdi, S., Bashandy, A., Decraene, B., Litkowski, S. and R. Shakir, "Segment Routing with MPLS data plane", Internet-Draft draft-ietf-spring-segment-routing-mpls-10, June 2017. |
[IANA-MPLS-LSP-PING] | IANA, "Multi-Protocol Label Switching (MPLS) Label Switched Paths (LSPs) Ping Parameters" |
[RFC0792] | Postel, J., "Internet Control Message Protocol", STD 5, RFC 792, DOI 10.17487/RFC0792, September 1981. |