[Docs] [txt|pdf|xml|html] [Tracker] [Email] [Nits]
Versions: 00
Internet Engineering Task Force R. Geib, Ed.
Internet-Draft Deutsche Telekom
Intended status: Best Current Practice 28 October 2020
Expires: 1 May 2021
An MPLS SR OAM option reducing the number of end-to-end path validations
draft-geib-spring-oam-opt-00
Abstract
MPLS traceroute implementations validate dataplane connectivity and
isolate faults by sending messages along every end-to-end Label
Switched Path (LSP) combination between a source and a destination
node. This requires a growing number of path validations in networks
with a high number of equal cost paths between origin and
destination. Segment Routing (SR) introduces MPLS topology awareness
combined with Source Routing. By this combination, SR can be used to
implement an MPLS traceroute option lowering the total number of LSP
validations as compared to commodity MPLS traceroute.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on 1 May 2021.
Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components
Geib Expires 1 May 2021 [Page 1]
Internet-Draft Reducing MPLS OAM messages by SR October 2020
extracted from this document must include Simplified BSD License text
as described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Requirements Language . . . . . . . . . . . . . . . . . . 5
2. MPLS OAM adding MPLS SR mechanisms . . . . . . . . . . . . . 5
2.1. Operation in an SR MPLS domain applying only IP-header
based ECMP . . . . . . . . . . . . . . . . . . . . . . . 6
2.2. Operation in an SR MPLS domain additionally using incoming
interface information for ECMP . . . . . . . . . . . . . 7
3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8
4. Security Considerations . . . . . . . . . . . . . . . . . . . 9
5. References . . . . . . . . . . . . . . . . . . . . . . . . . 9
5.1. Normative References . . . . . . . . . . . . . . . . . . 9
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 9
1. Introduction
Commodity MPLS isn't topology aware and it offers no standard source
routing methods. It is reasonable to validate connectivity and
locate faults of MPLS LSPs by detecting and testing all existing LSP
combinations between a source and a destination node. The source
node originates all MPLS echo requests and evaluates all MPLS echo
replies. Operational MPLS OAM implementations were present, when SR
MPLS entered standardisation. They continue to work reliably in many
cases. MPLS domains with a high number of equal cost paths between
source and destination nodes push the detection capabilities of
commodity MPLS OAM to the limit. So far, modes of MPLS OAM operation
adding Segment Routing functionality to deal with limitations of
commodity MPLS OAM have not been published within IETF.
This draft assumes readers to be aware of MPLS OAM functionality as
specified by RFC 8029 [RFC8029] and RFC 8287 [RFC8287]. The function
described in the following works for Shortest Path First Paths or
Label stacks based on MPLS Node-SID and MPLS Adj-SIDs (if the latter
are distributed by Interior Gateway Protocols).
Networks supporting a high number of equivalent cost paths between
source and destination nodes require a high number of completed MPLS
path validations. Consider a network with Multiple equal cost paths,
as shown in figure 1.
Geib Expires 1 May 2021 [Page 2]
Internet-Draft Reducing MPLS OAM messages by SR October 2020
+-R120-+
/ \
8 12
/ \
R110--8--R121--4--R130
/ \
4 numbers indicate 4
/ parallel links \
RS RD
\ symmetric to /
4...upper network ...4
Figure 1
Figure 1: Multiple equal cost path example network.
The total number of MPLS LSP combinations between nodes RS and RD is
multiplicative by the number of (equal cost, so to say) links per
hop. That results in a maximum of 4096=2*4*(8*12+8*4)*4 path
combinations which a commodity MPLS may try to validate. Assume RS
to start an MPLS traceroute to RD containing a Multipath Data Sub-TLV
requesting Multipath information for 32 IP-addresses. By Equal Cost
Multipath routing (ECMP, [RFC2991]) traffic of likely 16 of these IP-
addresses is forwarded via R110 as next hop (the other 16 addresses
are assumed to be forwarded along the symmetric and equal cost paths
in the lower half, which are omitted in the figure for brevity).
R110 can be expected to respond by an MPLS echo reply indicating
prefixes to address each of the 4 equal cost (sub-)paths between RS
and R110.
R110 is able to forward traffic addressed by these 16 IP addresses
via 16 equal cost paths. There's a fairly high probability that this
will not be possible, as some of R110's availble paths to forwards
traffic to RD will be receive traffic of two or even three IP
addresses, while others receive no traffic at all. The MPLS Echo
Reply sent to RS will indicate that. A commodity solution is, to
start an additional MPLS traceroute with 32 different IP-addresses.
This may help to then enable forwaring traffic along all of R110's
paths to RD via R120 and R121, respectively. With bad luck, R110
will forward only 14 or 15 addresses via R120. R120 forwards traffic
along 12 equal cost paths to RD. Then again, there's a fair chance
that more IP-addresses are required to forward at least one MPLS echo
request along all of them. Per new set of addresses, the MPLS Echo-
Request / Reply dialogue must be completed starting from RS to at
least all routers along the path to R120.
Geib Expires 1 May 2021 [Page 3]
Internet-Draft Reducing MPLS OAM messages by SR October 2020
R110 is able to forward traffic addressed by these 16 IP addresses
via 16 equal cost paths. There's a fairly high probability that some
of R110's availble paths to forward traffic to RD will receive
traffic of two or even three of these IP addresses, while other paths
receive no traffic at all. The MPLS Echo Reply returned to RS will
indicate that. A commodity solution is, to start an additional MPLS
traceroute to check the routes for 32 different IP-addresses. Note
that again traffic with 16 of these IP addresses is likely to be
routed to the omitted symmetric part of the example network. The
remaining additional 16 IP addresses forwarded to R110 however help
to then enable forwaring traffic along all of R110's paths to RD via
R120 and R121, respectively. With bad luck, R110 might forward only
14 or 15 addresses via R120. R120 forwards traffic along 12 equal
cost paths to RD. Then again, there's a fair chance that more IP-
addresses are required to forward at least one MPLS echo request
along all of them. For every additional new set of IP-addresses, the
MPLS Echo-Request / Reply dialogue must be completed starting from RS
to at least all routers along the path to R120. In the example,
roughly only a fourth of the addresses whose forwarding is validated
starting from node RS will be routed via R120. The ECMP "filters
away" 75% of the available addresses. If all 32 IP-addresses were
reaching R120, the probability of being unable to forward at least
one MPLS Echo request to each outgoing interface (or path,
respectively) to node RD was rather small.
The reason for completing all MPLS Echo Request / Reply dialogues
along the path between RS and R120 is figuring out, which IP
addresses are routed from R110 to R120 to be available at the latter
for forwarding traffic along paths to RD which can't be addressed
otherwise. RFC 8029 section 4.1 'Dealing with Equal-Cost Multipath
(ECMP)' concludes, that 'full coverage may not be possible'
[RFC8029].
Segment Routing (SR) allows node RS to forward MPLS Echo Request
packets with up to, e.g, 32 IP addresses to every node which RS
detects on a path to node RD. Doing so reduces the number of path
options to be checked to no more than the sum of the interfaces
belonging to one of the ECMP routes between nodes RS and RD. In the
case of the example network above, this sum is 2*(4+8+8+12+4+4)=80.
That means, that around 2% of the messages required with commodity
MPLS traceroute implementations are sufficient to validate all local
forwarding options (note that the calculations aren't exact, they
rather indicate orders of magnitude). The commodity MPLS OAM
implementations are neither broken nor not working. SR allows to add
a new method to the router local MPLS OAM implementations to reliably
validate also high numbers of ECMP routes. The method proposed
results reduces the number of MPLS Echo-Request / -Reply dialogues to
be stored and completed in that case.
Geib Expires 1 May 2021 [Page 4]
Internet-Draft Reducing MPLS OAM messages by SR October 2020
The functions specified by this document do not require changes in
the MPLS OAM protocol as specified by [RFC8029] and [RFC8287].
1.1. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
2. MPLS OAM adding MPLS SR mechanisms
MPLS Segment Routing (SR) provides each node of an MPLS SR domain
with this domain's MPLS Node-SID topology [RFC8402]. The SR source
routing feature allows to forward packets to each individual node
within a SR domain. Combining topology awareness and source routing
allows complete validation of all local router shortest path
forwarding options from an RS node to an RD node in a domain
supporting ECMP.
Suppose SR to be deployed in the case of the example network and
digits following the letter "R" to indicate the corresponding Node-
SIDs. Assume "mixed operation" of commodity MPLS OAM and the option
applying SR. RS starts a commodity MPLS Echo request to R110. After
having received an MPLS Echo reply from R110 indicating local paths
of R110 on which none of the packets with the remaing 16 IP addresses
will be forwarded, RS creates an MPLS Echo Request which transports
the original 32 IP addresses to R110. To do so, an additional top-
Segment is pushed carrying the R110 Node-SID, 110. The message below
that additional segment is coded as a standard RFC8287 MPLS Echo
request. Two things are special: the TTL of the MPLS header
containing the Node SID of RD is always set to 1. Further, a
seperate sequence number series needs to be started to distinguish
the starting point of this SR using MPLS OAM sequence. Coding space
for MPLS OAM Sender's Handle and Sequence Number offer sufficient
coding space [RFC8029]. If PHP is active, the R110 Node-SID is
implicitly present only on the link to a neighboring node. Still
packets with all 32 IP-destination addresses are forwarded to R110.
The chances to address all of the 16 ECMP paths of R110 to RD with
the originally configured 32 IP-addresses increase. The same method
is repeated for R120. Now the top Segment picked by node RS is the
Node-SID of R120, again with a separate Sender's Handle and Sequence
Number combination. Note, that the MPLS Echo request destined to
R120 doesn't require execution of MPLS OAM functions in R110. That
latter node simply forwards the packet to R120. Also R120 receives
32 IP-addresses (which is a significant increase as compared to
commodity MPLS OAM).
Geib Expires 1 May 2021 [Page 5]
Internet-Draft Reducing MPLS OAM messages by SR October 2020
As a result, the MPLS Echo reply tables maintained by RS likely
indicate ECMP several forwarding masks of the same IP address range
(discerned by the starting node receiving the MPLS Echo request with
top Segment TTL=1). For every path at an indermediate node, to which
the latter can't foward an MPLS Echo request due to the limited
number of available IP-addresses, a suitable SR top segement is added
for an additional next MPLS Echo request of node RS. This in the end
allows to circumvent the IP-address filtering effect caused by ECMP.
Being able to forward a "complete" set of IP addresses to any
interface along an end-to-end path is helpful in locating errors.
Different MPLS OAM addressing options also offer more possibilities
to test and unambiguosly locate a faultily sub-path.
2.1. Operation in an SR MPLS domain applying only IP-header based ECMP
The basic operation is to transport an MPLS Echo request from the
sender node sequentially to a next hop identified on any of the paths
to a destination node. This is done by applying standard SR
methodology, which here consists of pushing one additional Node-SID
on top of the Label-stack to be validated by the sender node. The
Node-SID is set to the value of the node, whose forwarding plane
information is requested by the MPLS Echo request. This is
illustrated by figure 2.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Node-SID of the node whose forwarding information is requested |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ Sender node MPLS Echo request +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 2
Figure 2: MPLS OAM Label Stack in the case of IP-header only based
ECMP.
The added Node-SID is only added to use standard MPLS forwarding.
The TTL of this added Node-SID set to the default value for traffic
injected by the sending router. The MPLS-TC may be set to a value
ensuring reliable transport up to the node, whose forwarding
information is requested by the sender node (be aware of MPLS-TC
treatment of the node popping this added Node-SID in that case).
Geib Expires 1 May 2021 [Page 6]
Internet-Draft Reducing MPLS OAM messages by SR October 2020
The TTL of the top Label of the sender node MPLS Echo request which
is contained below the added Node-SID initially is set to TTL=1.
Other TTL values can be picked if LSPs from the intermediate node
onwards to the destination node of that FEC are desired to be traced
or pinged by MPLS OAM messages.
Two modes of operation exist: either applying legacy MPLS OAM and
adding the described functionality as required or only applying the
option specified here. Note that the exact path from the sender node
to the intermediate node identified by the pushed Node-SID is only
known to the node originating and maintaining the MPLS traceroute
information, if only one path exists between that sender node and an
intermediate node.
If the method is added to commodity MPLS OAM functions, the
originatior IP-address of an MPLS Echo-reply indicating a lack of IP-
addresses to forward traffic along all ECMP egress interfaces at that
intermediate node can be used to derive the Node-SID to be pushed by
the MPLS Echo request sender node.
2.2. Operation in an SR MPLS domain additionally using incoming
interface information for ECMP
This option can only be applied, if the Segment Routing domain's Adj-
SID topology is known to the node originating MPLS Echo Request
messages. Configuring the the Interior Gateway Protocol to
distribute Adj-SIDs conveniently enables that. If ECMP is
additionally using the incoming interface of a packet for path
selection, an Adj-SID is added between the Node-SID and the MPLS Echo
request. As the idea is to determine the incoming interface of the
node, whose ECMP path choices are requested by MPLS OAM, the
additionaly pushed Node-SID here is that of the node preceding the
intermediate node, whose forwarding information is requested. The
Adj-SID is chosen to correspond to a specific incoming interface of
the intermediate node whose forwarding information is requested. As
the aim of that test is to ensure that every incoming to outgoing
interface path choice of the intermediate node can be addressed, the
topology information required to identify the upstream Adj-SID
corresponding to an incoming interface of the intermediate node is
assumed to be present and maintained in the originating node. This
additional MPLS to IP topology excerpt information results from prior
MPLS path validations of the same basic set of MPLS path validations
between the source node and the destination node (this is to express,
that no extra measurement effort is caused, as correlation of
available information is sufficient). The resulting label stack is
illustrated by figure 3.
Geib Expires 1 May 2021 [Page 7]
Internet-Draft Reducing MPLS OAM messages by SR October 2020
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Node-SID of node preceding the node whose fwd info is requested|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Adj-SID corresp. to inc-IF of node whose fwd info is requested |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
+ Sender node MPLS Echo request +
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 3
Figure 3: MPLS OAM Label Stack applying SR features if ECMP is
additionally based on incoming interfaces.
In the network example of figure 1, node RS picks the Node-SID of
R110 and an Adj-SID of R110 corresponding to a particular incoming
interface of R120, if the latter's ECMP path also depends on the
incoming interface, by which the MPLS Echo request was received.
Here, the full set of original IP-addresses can be forwarded
individually per incoming interface of the router whose MPLS
forwarding information is requested. In the example above, it is
node R120 (not node R110.) Monitoring incoming interface based ECMP
results in a higher number of MPLS OAM validations, no matter whether
commodity MPLS OAM is applied or the option specified here. The
overall sum of tests now is determinde by the sum of per node
incoming * outgoing paths ( or interfaces, respectively). If the
method specified here is applied in the case of the example network,
2*(4*8 + 4*8 + 8*12 + 8*4 + 12*4 + 4*4) = 512 MPLS Echo-Request /
Response validations are required. Note that this is still a
smaller number than the original 4096 path validations in the case of
comodity MPLS OAM required for a domain applying ECMP based on IP-
address information only. Note that the number of required MPLS OAM
path validations is increasing significantly, if ECMP forwarding is
in addition based on incoming interfaces and the product of a nodes
incoming * outgoing interfaces is high.
3. IANA Considerations
This memo includes no request to IANA.
Geib Expires 1 May 2021 [Page 8]
Internet-Draft Reducing MPLS OAM messages by SR October 2020
4. Security Considerations
This document does not introduce new functionality. It combines
Segment Routing functions with those of MPLS OAM. The related
security sections apply, see [RFC8029] and [RFC8402].
5. References
5.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
[RFC2991] Thaler, D. and C. Hopps, "Multipath Issues in Unicast and
Multicast Next-Hop Selection", RFC 2991,
DOI 10.17487/RFC2991, November 2000,
<https://www.rfc-editor.org/info/rfc2991>.
[RFC8029] Kompella, K., Swallow, G., Pignataro, C., Kumar Nainar,
N., Aldrin, S., and M. Chen, "Detecting Multiprotocol
Label Switched (MPLS) Data-Plane Failures", RFC 8029,
DOI 10.17487/RFC8029, March 2017,
<https://www.rfc-editor.org/info/rfc8029>.
[RFC8287] Kumar Nainar, N., Pignataro, C., Swallow, G., Akiya, N.,
Kini, S., and M. Chen, "Label Switched Path (LSP) Ping/
Traceroute for Segment Routing (SR) IGP-Prefix and IGP-
Adjacency Segment Identifiers (SIDs) with MPLS Data
Planes", RFC 8287, DOI 10.17487/RFC8287, December 2017,
<https://www.rfc-editor.org/info/rfc8287>.
[RFC8402] Filsfils, C., Previdi, S., Ginsberg, L., Decraene, B.,
Litkowski, S., and R. Shakir, "Segment Routing
Architecture", RFC 8402, DOI 10.17487/RFC8402, July 2018,
<https://www.rfc-editor.org/info/rfc8402>.
Author's Address
Ruediger Geib (editor)
Deutsche Telekom
Heinrich Hertz Str. 3-7
64295 Darmstadt
Germany
Phone: +49 6151 5812747
Email: Ruediger.Geib@telekom.de
Geib Expires 1 May 2021 [Page 9]
Html markup produced by rfcmarkup 1.129d, available from
https://tools.ietf.org/tools/rfcmarkup/