rfc9197.original   rfc9197.txt 
ippm F. Brockners, Ed. Internet Engineering Task Force (IETF) F. Brockners, Ed.
Internet-Draft Cisco Request for Comments: 9197 Cisco
Intended status: Standards Track S. Bhandari, Ed. Category: Standards Track S. Bhandari, Ed.
Expires: June 16, 2022 Thoughtspot ISSN: 2070-1721 Thoughtspot
T. Mizrahi, Ed. T. Mizrahi, Ed.
Huawei Huawei
December 13, 2021 May 2022
Data Fields for In-situ OAM Data Fields for In Situ Operations, Administration, and Maintenance
draft-ietf-ippm-ioam-data-17 (IOAM)
Abstract Abstract
In-situ Operations, Administration, and Maintenance (IOAM) records In situ Operations, Administration, and Maintenance (IOAM) collects
operational and telemetry information in the packet while the packet operational and telemetry information in the packet while the packet
traverses a path in the network. This document discusses the data traverses a path between two points in the network. This document
fields and associated data types for in-situ OAM. In-situ OAM data discusses the data fields and associated data types for IOAM. IOAM-
fields can be encapsulated into a variety of protocols such as NSH, Data-Fields can be encapsulated into a variety of protocols, such as
Segment Routing, Geneve, or IPv6. In-situ OAM can be used to Network Service Header (NSH), Segment Routing, Generic Network
Virtualization Encapsulation (Geneve), or IPv6. IOAM can be used to
complement OAM mechanisms based on, e.g., ICMP or other types of complement OAM mechanisms based on, e.g., ICMP or other types of
probe packets. probe packets.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This is an Internet Standards Track document.
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months This document is a product of the Internet Engineering Task Force
and may be updated, replaced, or obsoleted by other documents at any (IETF). It represents the consensus of the IETF community. It has
time. It is inappropriate to use Internet-Drafts as reference received public review and has been approved for publication by the
material or to cite them other than as "work in progress." Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 7841.
This Internet-Draft will expire on June 16, 2022. Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
https://www.rfc-editor.org/info/rfc9197.
Copyright Notice Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the Copyright (c) 2022 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Revised BSD License text as described in Section 4.e of the
the Trust Legal Provisions and are provided without warranty as Trust Legal Provisions and are provided without warranty as described
described in the Simplified BSD License. in the Revised BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction
2. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Conventions
3. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 4 3. Scope, Applicability, and Assumptions
4. Scope, Applicability, and Assumptions . . . . . . . . . . . . 5 4. IOAM Data-Fields, Types, and Nodes
5. IOAM Data-Fields, Types, Nodes . . . . . . . . . . . . . . . 6 4.1. IOAM Data-Fields and Option-Types
5.1. IOAM Data-Fields and Option-Types . . . . . . . . . . . . 7 4.2. IOAM-Domains and Types of IOAM Nodes
5.2. IOAM-Domains and types of IOAM Nodes . . . . . . . . . . 7 4.3. IOAM-Namespaces
5.3. IOAM-Namespaces . . . . . . . . . . . . . . . . . . . . . 8 4.4. IOAM Trace Option-Types
5.4. IOAM Trace Option-Types . . . . . . . . . . . . . . . . . 11 4.4.1. Pre-allocated and Incremental Trace Option-Types
5.4.1. Pre-allocated and Incremental Trace Option-Types . . 13 4.4.2. IOAM Node Data Fields and Associated Formats
5.4.2. IOAM node data fields and associated formats . . . . 17 4.4.2.1. Hop_Lim and node_id Short
5.4.2.1. Hop_Lim and node_id short format . . . . . . . . 18 4.4.2.2. ingress_if_id and egress_if_id Short
5.4.2.2. ingress_if_id and egress_if_id . . . . . . . . . 19 4.4.2.3. Timestamp Seconds
5.4.2.3. timestamp seconds . . . . . . . . . . . . . . . . 19 4.4.2.4. Timestamp Fraction
5.4.2.4. timestamp fraction . . . . . . . . . . . . . . . 20 4.4.2.5. Transit Delay
5.4.2.5. transit delay . . . . . . . . . . . . . . . . . . 20 4.4.2.6. Namespace-Specific Data
5.4.2.6. namespace specific data . . . . . . . . . . . . . 20 4.4.2.7. Queue Depth
5.4.2.7. queue depth . . . . . . . . . . . . . . . . . . . 21 4.4.2.8. Checksum Complement
5.4.2.8. Checksum Complement . . . . . . . . . . . . . . . 21 4.4.2.9. Hop_Lim and node_id Wide
5.4.2.9. Hop_Lim and node_id wide . . . . . . . . . . . . 22 4.4.2.10. ingress_if_id and egress_if_id Wide
5.4.2.10. ingress_if_id and egress_if_id wide . . . . . . . 22 4.4.2.11. Namespace-Specific Data Wide
5.4.2.11. namespace specific data wide . . . . . . . . . . 22 4.4.2.12. Buffer Occupancy
5.4.2.12. buffer occupancy . . . . . . . . . . . . . . . . 23 4.4.2.13. Opaque State Snapshot
5.4.2.13. Opaque State Snapshot . . . . . . . . . . . . . . 23 4.4.3. Examples of IOAM Node Data
5.4.3. Examples of IOAM node data . . . . . . . . . . . . . 24 4.5. IOAM Proof of Transit Option-Type
5.5. IOAM Proof of Transit Option-Type . . . . . . . . . . . . 26 4.5.1. IOAM Proof of Transit Type 0
5.5.1. IOAM Proof of Transit Type 0 . . . . . . . . . . . . 28 4.6. IOAM Edge-to-Edge Option-Type
5.6. IOAM Edge-to-Edge Option-Type . . . . . . . . . . . . . . 28 5. Timestamp Formats
6. Timestamp Formats . . . . . . . . . . . . . . . . . . . . . . 31 5.1. PTP Truncated Timestamp Format
6.1. PTP Truncated Timestamp Format . . . . . . . . . . . . . 31 5.2. NTP 64-Bit Timestamp Format
6.2. NTP 64-bit Timestamp Format . . . . . . . . . . . . . . . 32 5.3. POSIX-Based Timestamp Format
6.3. POSIX-based Timestamp Format . . . . . . . . . . . . . . 33 6. IOAM Data Export
7. IOAM Data Export . . . . . . . . . . . . . . . . . . . . . . 34 7. IANA Considerations
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 35 7.1. IOAM Option-Type Registry
8.1. IOAM Option-Type Registry . . . . . . . . . . . . . . . . 35 7.2. IOAM Trace-Type Registry
8.2. IOAM Trace-Type Registry . . . . . . . . . . . . . . . . 36 7.3. IOAM Trace-Flags Registry
8.3. IOAM Trace-Flags Registry . . . . . . . . . . . . . . . . 37 7.4. IOAM POT-Type Registry
8.4. IOAM POT-Type Registry . . . . . . . . . . . . . . . . . 37 7.5. IOAM POT-Flags Registry
8.5. IOAM POT-Flags Registry . . . . . . . . . . . . . . . . . 38 7.6. IOAM E2E-Type Registry
8.6. IOAM E2E-Type Registry . . . . . . . . . . . . . . . . . 38 7.7. IOAM Namespace-ID Registry
8.7. IOAM Namespace-ID Registry . . . . . . . . . . . . . . . 39 8. Management and Deployment Considerations
9. Management and Deployment Considerations . . . . . . . . . . 40 9. Security Considerations
10. Security Considerations . . . . . . . . . . . . . . . . . . . 40 10. References
11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 43 10.1. Normative References
12. References . . . . . . . . . . . . . . . . . . . . . . . . . 43 10.2. Informative References
12.1. Normative References . . . . . . . . . . . . . . . . . . 43 Acknowledgements
12.2. Informative References . . . . . . . . . . . . . . . . . 44 Contributors
Contributors' Addresses . . . . . . . . . . . . . . . . . . . . . 45 Authors' Addresses
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 47
1. Introduction 1. Introduction
This document defines data fields for "in-situ" Operations, This document defines data fields for In situ Operations,
Administration, and Maintenance (IOAM). In-situ OAM records OAM Administration, and Maintenance (IOAM). IOAM records OAM information
information within the packet while the packet traverses a particular within the packet while the packet traverses a particular network
network domain. The term "in-situ" refers to the fact that the OAM domain. The term "in situ" refers to the fact that the OAM data is
data is added to the data packets rather than being sent within added to the data packets rather than being sent within packets
packets specifically dedicated to OAM. IOAM is to complement specifically dedicated to OAM. IOAM is used to complement
mechanisms such as Ping or Traceroute. In terms of "active" or mechanisms, such as Ping or Traceroute. In terms of "active" or
"passive" OAM, "in-situ" OAM can be considered a hybrid OAM type. "passive" OAM, IOAM can be considered a hybrid OAM type. "In situ"
"In-situ" mechanisms do not require extra packets to be sent. IOAM mechanisms do not require extra packets to be sent. IOAM adds
adds information to the already available data packets and therefore information to the already available data packets and therefore
cannot be considered passive. In terms of the classification given cannot be considered passive. In terms of the classification given
in [RFC7799], IOAM could be portrayed as Hybrid Type I. IOAM in [RFC7799], IOAM could be portrayed as Hybrid Type I. IOAM
mechanisms can be leveraged where mechanisms using, e.g., ICMP do not mechanisms can be leveraged where mechanisms using, e.g., ICMP do not
apply or do not offer the desired results, such as proving that a apply or do not offer the desired results, such as proving that a
certain traffic flow takes a pre-defined path, SLA verification for certain traffic flow takes a predefined path, Service Level Agreement
the data traffic, detailed statistics on traffic distribution paths (SLA) verification for the data traffic, detailed statistics on
in networks that distribute traffic across multiple paths, or traffic distribution paths in networks that distribute traffic across
scenarios in which probe traffic is potentially handled differently multiple paths, or scenarios in which probe traffic is potentially
from regular data traffic by the network devices. handled differently from regular data traffic by the network devices.
The term "in situ OAM" was originally motivated by the use of OAM The term "in situ OAM" was originally motivated by the use of OAM-
related mechanisms that add information into a packet. This document related mechanisms that add information into a packet. This document
uses IOAM as a term defining the IOAM technology. IOAM includes "in- uses IOAM as a term defining the IOAM technology. IOAM includes "in
situ" mechanisms, but also mechanisms that could trigger the creation situ" mechanisms but also mechanisms that could trigger the creation
of additional packets dedicated to OAM. of additional packets dedicated to OAM.
2. Contributors 2. Conventions
This document was the collective effort of several authors. The text
and content were contributed by the editors and the co-authors listed
below. The contact information of the co-authors appears at the end
of this document.
o Carlos Pignataro
o Mickey Spiegel
o Barak Gafni
o Jennifer Lemon
o Hannes Gredler
o John Leddy
o Stephen Youell
o David Mozes
o Petr Lapukhov
o Remy Chang
o Daniel Bernier
3. Conventions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP "OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
Abbreviations and definitions used in this document: Abbreviations and definitions used in this document:
E2E: Edge to Edge E2E: Edge to Edge
Geneve: Generic Network Virtualization Encapsulation [RFC8926] Geneve: Generic Network Virtualization Encapsulation [RFC8926]
IOAM: In-situ Operations, Administration, and Maintenance IOAM: In situ Operations, Administration, and Maintenance
MTU: Maximum Transmit Unit MTU: Maximum Transmission Unit
NSH: Network Service Header [RFC8300] NSH: Network Service Header [RFC8300]
OAM: Operations, Administration, and Maintenance OAM: Operations, Administration, and Maintenance
PMTU: Path MTU PMTU: Path MTU
POT: Proof of Transit POT: Proof of Transit
Short format: "Short format" refers to an IOAM-Data-Field which Short format: refers to an IOAM-Data-Field that comprises 4 octets
comprises 4 octets.
SID: Segment Identifier SID: Segment Identifier
SR: Segment Routing SR: Segment Routing
VXLAN-GPE: Virtual eXtensible Local Area Network, Generic Protocol VXLAN-GPE: Virtual eXtensible Local Area Network, Generic
Extension [I-D.ietf-nvo3-vxlan-gpe] Protocol Extension [NVO3-VXLAN-GPE]
Wide format: "Wide format" refers to an IOAM-Data-Field which Wide format: refers to an IOAM-Data-Field that comprises 8 octets
comprises 8 octets.
4. Scope, Applicability, and Assumptions 3. Scope, Applicability, and Assumptions
IOAM assumes a set of constraints as well as guiding principles and IOAM assumes a set of constraints as well as guiding principles and
concepts that go hand in hand with the definition of the IOAM data concepts that go hand in hand with the definition of the IOAM-Data-
fields. These constraints, guiding principles, and concepts are Fields. These constraints, guiding principles, and concepts are
described in this section. A discussion of how IOAM data fields and described in this section. A discussion of how IOAM-Data-Fields and
the associated concepts are applied to an IOAM deployment are out of the associated concepts are applied to an IOAM deployment are out of
scope for this document. Please refer to scope for this document. Please refer to [IPPM-IOAM-DEPLOYMENT] for
[I-D.ietf-ippm-ioam-deployment] for IOAM deployment considerations. IOAM deployment considerations.
Scope: This document defines the data fields and associated data Scope:
types for in-situ OAM. The in-situ OAM data fields can be This document defines the data fields and associated data types
encapsulated in a variety of protocols, including NSH, Segment for IOAM. The IOAM-Data-Fields can be encapsulated in a variety
Routing, Geneve, and IPv6. Specification details for these different of protocols, including NSH, Segment Routing, Geneve, and IPv6.
protocols are outside the scope of this document. It is expected Specification details for these different protocols are outside
that each such encapsulation would be specified by an RFC, jointly the scope of this document. It is expected that each such
designed by the working group that develops or maintains the encapsulation would be specified by an RFC and jointly designed by
encapsulation protocol and the IETF IPPM working group. the working group that develops or maintains the encapsulation
protocol and the IETF IP Performance Measurement (IPPM) Working
Group.
Deployment domain (or scope) of in-situ OAM deployment: IOAM is Domain (or scope) of in situ OAM deployment:
focused on "limited domains" as defined in [RFC8799]. For IOAM, a IOAM is focused on "limited domains", as defined in [RFC8799].
limited domain could for example be an enterprise campus using For IOAM, a limited domain could, for example, be an enterprise
physical connections between devices or an overlay network using campus using physical connections between devices or an overlay
virtual connections / tunnels for connectivity between said devices. network using virtual connections/tunnels for connectivity between
A limited domain which uses IOAM may constitute one or multiple said devices. A limited domain that uses IOAM may constitute one
"IOAM-domains", each disambiguated through separate namespace or multiple "IOAM-Domains", each disambiguated through separate
identifiers. An IOAM-domain is bounded by its perimeter or edge. namespace identifiers. An IOAM-Domain is bounded by its perimeter
IOAM-domains may overlap inside the limited domain. Designers of or edge. IOAM-Domains may overlap inside the limited domain.
protocol encapsulations for IOAM specify mechanisms to ensure that Designers of protocol encapsulations for IOAM specify mechanisms
IOAM data stays within an IOAM-domain. In addition, the operator of to ensure that IOAM data stays within an IOAM-Domain. In
such a domain is expected to put provisions in place to ensure that addition, the operator of such a domain is expected to put
IOAM data does not leak beyond the edge of an IOAM-domain using, for provisions in place to ensure that IOAM data does not leak beyond
example, packet filtering methods. The operator SHOULD consider the the edge of an IOAM-Domain using, for example, packet filtering
potential operational impact of IOAM to mechanisms such as ECMP methods. The operator SHOULD consider the potential operational
processing (e.g., load-balancing schemes based on packet length could impact of IOAM to mechanisms, such as ECMP processing (e.g., load-
be impacted by the increased packet size due to IOAM), path MTU balancing schemes based on packet length could be impacted by the
(i.e., ensure that the MTU of all links within a domain is increased packet size due to IOAM), PMTU (i.e., ensure that the
sufficiently large to support the increased packet size due to IOAM) MTU of all links within a domain is sufficiently large to support
and ICMP message handling (i.e., in case of IPv6, IOAM support for the increased packet size due to IOAM), and ICMP message handling
ICMPv6 Echo Request/Reply is desired which would translate into (i.e., in case of IPv6, IOAM support for ICMPv6 echo request/reply
ICMPv6 extensions to enable IOAM-Data-Fields to be copied from an is desired, which would translate into ICMPv6 extensions to enable
Echo Request message to an Echo Reply message). IOAM-Data-Fields to be copied from an echo request message to an
echo reply message).
IOAM control points: IOAM-Data-Fields are added to or removed from IOAM control points:
the user traffic by the devices which form the edge of a domain. IOAM-Data-Fields are added to or removed from the user traffic by
Devices which form an IOAM-Domain can add, update or remove IOAM- the devices that form the edge of a domain. Devices that form an
Data-Fields. Edge devices of an IOAM-Domain can be hosts or network IOAM-Domain can add, update, or remove IOAM-Data-Fields. Edge
devices. devices of an IOAM-Domain can be hosts or network devices.
Traffic-sets that IOAM is applied to: IOAM can be deployed on all or Traffic sets that IOAM is applied to:
only on subsets of the user traffic. Using IOAM on a selected set of IOAM can be deployed on all or only on subsets of the user
traffic (e.g., per interface, based on an access control list or flow traffic. Using IOAM on a selected set of traffic (e.g., per
specification defining a specific set of traffic, etc.) could be interface, based on an access control list or flow specification
useful in deployments where the cost of processing IOAM-Data-Fields defining a specific set of traffic, etc.) could be useful in
by encapsulating, transit, or decapsulating node(s) might be a deployments where the cost of processing IOAM-Data-Fields by
concern from a performance or operational perspective. Thus limiting encapsulating, transit, or decapsulating nodes might be a concern
the amount of traffic IOAM is applied to could be beneficial in some from a performance or operational perspective. Thus, limiting the
deployments. amount of traffic IOAM is applied to could be beneficial in some
deployments.
Encapsulation independence: The definition of IOAM-Data-Fields is Encapsulation independence:
independent from the protocols the IOAM-Data-Fields are encapsulated The definition of IOAM-Data-Fields is independent from the
into. IOAM-Data-Fields can be encapsulated into several protocols the IOAM-Data-Fields are encapsulated into. IOAM-Data-
encapsulating protocols. Fields can be encapsulated into several encapsulating protocols.
Layering: If several encapsulation protocols (e.g., in case of Layering:
tunneling) are stacked on top of each other, IOAM-Data-Fields could If several encapsulation protocols (e.g., in case of tunneling)
be present at multiple layers. The behavior follows the ships-in- are stacked on top of each other, IOAM-Data-Fields could be
the-night model, i.e., IOAM-Data-Fields in one layer are independent present at multiple layers. The behavior follows the "ships-in-
from IOAM-Data-Fields in another layer. Layering allows operators to the-night" model, i.e., IOAM-Data-Fields in one layer are
instrument the protocol layer they want to measure. The different independent from IOAM-Data-Fields in another layer. Layering
layers could, but do not have to, share the same IOAM encapsulation allows operators to instrument the protocol layer they want to
mechanisms. measure. The different layers could, but do not have to, share
the same IOAM encapsulation mechanisms.
IOAM implementation: The definition of the IOAM-Data-Fields take the IOAM implementation:
specifics of devices with hardware data planes and software data The definition of the IOAM-Data-Fields takes the specifics of
planes into account. devices with hardware data planes and software data planes into
account.
5. IOAM Data-Fields, Types, Nodes 4. IOAM Data-Fields, Types, and Nodes
This section details IOAM-related nomenclature and describes data This section details IOAM-related nomenclature and describes data
types such as IOAM-Data-Fields, IOAM-Types, IOAM-Namespaces as well types, such as IOAM-Data-Fields, IOAM-Types, IOAM-Namespaces, as well
as the different types of IOAM nodes. as the different types of IOAM nodes.
5.1. IOAM Data-Fields and Option-Types 4.1. IOAM Data-Fields and Option-Types
An IOAM-Data-Field is a set of bits with a defined format and An IOAM-Data-Field is a set of bits with a defined format and
meaning, which can be stored at a certain place in a packet for the meaning, which can be stored at a certain place in a packet for the
purpose of IOAM. purpose of IOAM.
To accommodate the different uses of IOAM, IOAM-Data-Fields fall into To accommodate the different uses of IOAM, IOAM-Data-Fields fall into
different categories. In IOAM, these categories are referred to as different categories. In IOAM, these categories are referred to as
IOAM-Option-Types. A common registry is maintained for IOAM-Option- "IOAM-Option-Types". A common registry is maintained for IOAM-
Types, see Section 8.1 for details. Corresponding to these IOAM- Option-Types (see Section 7.1 for details). Corresponding to these
Option-Types, different IOAM-Data-Fields are defined. IOAM-Option-Types, different IOAM-Data-Fields are defined.
This document defines four IOAM-Option-Types: This document defines four IOAM-Option-Types:
o Pre-allocated Trace Option-Type * Pre-allocated Trace Option-Type
o Incremental Trace Option-Type * Incremental Trace Option-Type
o Proof of Transit (POT) Option-Type * POT Option-Type
o Edge-to-Edge (E2E) Option-Type * E2E Option-Type
Future IOAM-Option-Types can be allocated by IANA, as described in Future IOAM-Option-Types can be allocated by IANA, as described in
Section 8.1. Section 7.1.
5.2. IOAM-Domains and types of IOAM Nodes 4.2. IOAM-Domains and Types of IOAM Nodes
Section 4 already mentioned that IOAM is expected to be deployed in a Section 3 already mentioned that IOAM is expected to be deployed in a
limited domain [RFC8799]. One or more IOAM-Option-Types are added to limited domain [RFC8799]. One or more IOAM-Option-Types are added to
a packet upon entering an IOAM-Domain and are removed from the packet a packet upon entering an IOAM-Domain and are removed from the packet
when exiting the domain. Within the IOAM-Domain, the IOAM-Data- when exiting the domain. Within the IOAM-Domain, the IOAM-Data-
Fields MAY be updated by network nodes that the packet traverses. An Fields MAY be updated by network nodes that the packet traverses. An
IOAM-Domain consists of "IOAM encapsulating nodes", "IOAM IOAM-Domain consists of "IOAM encapsulating nodes", "IOAM
decapsulating nodes" and "IOAM transit nodes". The role of a node decapsulating nodes", and "IOAM transit nodes". The role of a node
(i.e., encapsulating, transit, decapsulating) is defined within an (i.e., encapsulating, transit, and decapsulating) is defined within
IOAM-Namespace (see below). A node can have different roles in an IOAM-Namespace (see below). A node can have different roles in
different IOAM-Namespaces. different IOAM-Namespaces.
A device which adds at least one IOAM-Option-Type to the packet is A device that adds at least one IOAM-Option-Type to the packet is
called an "IOAM encapsulating node", whereas a device which removes called an "IOAM encapsulating node", whereas a device that removes an
an IOAM-Option-Type is referred to as an "IOAM decapsulating node". IOAM-Option-Type is referred to as an "IOAM decapsulating node".
Nodes within the domain which are aware of IOAM data and read and/or Nodes within the domain that are aware of IOAM data and read, write,
write and/or process IOAM data are called "IOAM transit nodes". IOAM and/or process IOAM data are called "IOAM transit nodes". IOAM nodes
nodes which add or remove the IOAM-Data-Fields can also update the that add or remove the IOAM-Data-Fields can also update the IOAM-
IOAM-Data-Fields at the same time. Or in other words, IOAM Data-Fields at the same time. Or, in other words, IOAM encapsulating
encapsulating or decapsulating nodes can also serve as IOAM transit or decapsulating nodes can also serve as IOAM transit nodes at the
nodes at the same time. Note that not every node in an IOAM-domain same time. Note that not every node in an IOAM-Domain needs to be an
needs to be an IOAM transit node. For example, a deployment might IOAM transit node. For example, a deployment might require that
require that packets traverse a set of firewalls which support IOAM. packets traverse a set of firewalls that support IOAM. In that case,
In that case, only the set of firewall nodes would be IOAM transit only the set of firewall nodes would be IOAM transit nodes, rather
nodes rather than all nodes. than all nodes.
An "IOAM encapsulating node" incorporates one or more IOAM-Option- An IOAM encapsulating node incorporates one or more IOAM-Option-Types
Types (from the list of IOAM-Types, see Section 8.1) into packets (from the list of IOAM-Types, see Section 7.1) into packets that IOAM
that IOAM is enabled for. If IOAM is enabled for a selected subset is enabled for. If IOAM is enabled for a selected subset of the
of the traffic, the IOAM encapsulating node is responsible for traffic, the IOAM encapsulating node is responsible for applying the
applying the IOAM functionality to the selected subset. IOAM functionality to the selected subset.
An "IOAM transit node" reads and/or writes and/or processes one or An IOAM transit node reads, writes, and/or processes one or more of
more of the IOAM-Data-Fields. If both the Pre-allocated and the the IOAM-Data-Fields. If both the Pre-allocated and the Incremental
Incremental Trace Option-Types are present in the packet, each IOAM Trace Option-Types are present in the packet, each IOAM transit node,
transit node based on configuration and available implementation of based on configuration and available implementation of IOAM, might
IOAM might populate IOAM trace data in either Pre-allocated or populate IOAM trace data in either a Pre-allocated or Incremental
Incremental Trace Option-Type but not both. Note that not populating Trace Option-Type but not both. Note that not populating any of the
any of the Trace Option-Types is also valid behavior for an IOAM Trace Option-Types is also valid behavior for an IOAM transit node.
transit node. A transit node MUST ignore IOAM-Option-Types that it A transit node MUST ignore IOAM-Option-Types that it does not
does not understand. A transit node MUST NOT add new IOAM-Option- understand. A transit node MUST NOT add new IOAM-Option-Types to a
Types to a packet, MUST NOT remove IOAM-Option-Types from a packet, packet, MUST NOT remove IOAM-Option-Types from a packet, and MUST NOT
and MUST NOT change the IOAM-Data-Fields of an IOAM Edge-to-Edge change the IOAM-Data-Fields of an IOAM Edge-to-Edge Option-Type.
Option-Type.
An "IOAM decapsulating node" removes IOAM-Option-Type(s) from An IOAM decapsulating node removes IOAM-Option-Type(s) from packets.
packets.
The role of an IOAM-encapsulating, IOAM-transit or IOAM-decapsulating The role of an IOAM encapsulating, IOAM transit, or IOAM
node is always performed within a specific IOAM-Namespace. This decapsulating node is always performed within a specific IOAM-
means that an IOAM node which is, e.g., an IOAM-decapsulating node Namespace. This means that an IOAM node that is, e.g., an IOAM
for IOAM-Namespace "A" but not for IOAM-Namespace "B" will only decapsulating node for IOAM-Namespace "A" but not for IOAM-Namespace
remove the IOAM-Option-Types for IOAM-Namespace "A" from the packet. "B" will only remove the IOAM-Option-Types for IOAM-Namespace "A"
Note that this applies even for IOAM-Option-Types that the node does from the packet. Note that this applies even for IOAM-Option-Types
not understand, for example an IOAM-Option-Type other than the four that the node does not understand, for example, an IOAM-Option-Type
described above, that is added in a future revision. other than the four described above, which is added in a future
revision.
IOAM-Namespaces allow for a namespace-specific definition and IOAM-Namespaces allow for a namespace-specific definition and
interpretation of IOAM-Data-Fields. An interface-id could for interpretation of IOAM-Data-Fields. An interface identifier could,
example point to a physical interface (e.g., to understand which for example, point to a physical interface (e.g., to understand which
physical interface of an aggregated link is used when receiving or physical interface of an aggregated link is used when receiving or
transmitting a packet) whereas in another case it could refer to a transmitting a packet), whereas, in another case, it could refer to a
logical interface (e.g., in case of tunnels). Please refer to logical interface (e.g., in case of tunnels). Please refer to
Section 5.3 for details on IOAM-Namespaces. Section 4.3 for details on IOAM-Namespaces.
5.3. IOAM-Namespaces 4.3. IOAM-Namespaces
IOAM-Namespaces add further context to IOAM-Option-Types and IOAM-Namespaces add further context to IOAM-Option-Types and
associated IOAM-Data-Fields. The IOAM-Option-Types and associated associated IOAM-Data-Fields. The IOAM-Option-Types and associated
IOAM-Data-Fields are interpreted as defined in this document, IOAM-Data-Fields are interpreted as defined in this document,
regardless of the value of the IOAM-Namespace. However, IOAM- regardless of the value of the IOAM-Namespace. However, IOAM-
Namespaces provide a way to group nodes to support different Namespaces provide a way to group nodes to support different
deployment approaches of IOAM (see a few example use-cases below). deployment approaches of IOAM (see a few example use cases below).
IOAM-Namespaces also help to resolve potential issues which can occur IOAM-Namespaces also help to resolve potential issues that can occur
due to IOAM-Data-Fields not being globally unique (e.g., IOAM node due to IOAM-Data-Fields not being globally unique (e.g., IOAM node
identifiers do not have to be globally unique). IOAM-Data-Fields identifiers do not have to be globally unique). The significance of
significance is always within a particular IOAM-Namespace. Given IOAM-Data-Fields is always within a particular IOAM-Namespace. Given
that IOAM-Data-Fields are always interpreted the context of a that IOAM-Data-Fields are always interpreted as the context of a
specific namespace, the namespace-id field always needs to be carried specific namespace, the Namespace-ID field always needs to be carried
along with the IOAM data-fields themselves. along with the IOAM data-fields themselves.
An IOAM-Namespace is identified by a 16-bit namespace identifier An IOAM-Namespace is identified by a 16-bit namespace identifier
(Namespace-ID). The IOAM-Namespace field is included in all the (Namespace-ID). The IOAM-Namespace field is included in all the
IOAM-Option-Types defined in this document, and MUST be included in IOAM-Option-Types defined in this document and MUST be included in
all future IOAM-Option-Types. The Namespace-ID value is divided into all future IOAM-Option-Types. The Namespace-ID value is divided into
two sub-ranges: two subranges:
o An operator-assigned range from 0x0001 to 0x7FFF * an operator-assigned range from 0x0001 to 0x7FFF and
o An IANA-assigned range from 0x8000 to 0xFFFF * an IANA-assigned range from 0x8000 to 0xFFFF.
The IANA-assigned range is intended to allow future extensions to The IANA-assigned range is intended to allow future extensions to
have new and interoperable IOAM functionality, while the operator- have new and interoperable IOAM functionality, while the operator-
assigned range is intended to be domain-specific, and managed by the assigned range is intended to be domain specific and managed by the
network operator. The Namespace-ID value of 0x0000 is the "Default- network operator. The Namespace-ID value of 0x0000 is the "Default-
Namespace-ID". The Default-Namespace-ID indicates that no specific Namespace-ID". The Default-Namespace-ID indicates that no specific
namespace is associated with the IOAM data fields in the packet. The namespace is associated with the IOAM-Data-Fields in the packet. The
Default-Namespace-ID MUST be supported by all nodes implementing Default-Namespace-ID MUST be supported by all nodes implementing
IOAM. A use-case for the Default-Namespace-ID are deployments which IOAM. A use case for the Default-Namespace-ID are deployments that
do not leverage specific namespaces for some or all of their packets do not leverage specific namespaces for some or all of their packets
that carry IOAM data fields. that carry IOAM-Data-Fields.
Namespace identifiers allow devices which are IOAM capable to Namespace identifiers allow devices that are IOAM capable to
determine: determine:
o whether IOAM-Option-Type(s) need to be processed by a device: If * whether one or more IOAM-Option-Types need to be processed by a
the Namespace-ID contained in a packet does not match any device. If the Namespace-ID contained in a packet does not match
Namespace-ID the node is configured to operate on, then the node any Namespace-ID the node is configured to operate on, then the
MUST NOT change the contents of the IOAM-Data-Fields. node MUST NOT change the contents of the IOAM-Data-Fields.
o which IOAM-Option-Type needs to be processed/updated in case there * which IOAM-Option-Type needs to be processed/updated in case there
are multiple IOAM-Option-Types present in the packet. Multiple are multiple IOAM-Option-Types present in the packet. Multiple
IOAM-Option-Types can be present in a packet in case of IOAM-Option-Types can be present in a packet in case of
overlapping IOAM-Domains or in case of a layered IOAM deployment. overlapping IOAM-Domains or in case of a layered IOAM deployment.
o whether IOAM-Option-Type(s) have to be removed from the packet, * whether one or more IOAM-Option-Types have to be removed from the
e.g., at a domain edge or domain boundary. packet, e.g., at a domain edge or domain boundary.
IOAM-Namespaces support several different uses: IOAM-Namespaces support several different uses:
o IOAM-Namespaces can be used by an operator to distinguish * IOAM-Namespaces can be used by an operator to distinguish
different IOAM-domains. Devices at edges of an IOAM-domain can different IOAM-Domains. Devices at edges of an IOAM-Domain can
filter on Namespace-IDs to provide for proper IOAM-domain filter on Namespace-IDs to provide for proper IOAM-Domain
isolation. isolation.
o IOAM-Namespaces provide additional context for IOAM-Data-Fields * IOAM-Namespaces provide additional context for IOAM-Data-Fields
and thus can be used to ensure that IOAM-Data-Fields are unique and, thus, can be used to ensure that IOAM-Data-Fields are unique
and are interpreted properly by management stations or network and are interpreted properly by management stations or network
controllers. The node identifier field (node_id, see below) does controllers. The node identifier field (node_id, see below) does
not need to be unique in a deployment. This could be the case if not need to be unique in a deployment. This could be the case if
an operator wishes to use different node identifiers for different an operator wishes to use different node identifiers for different
IOAM layers, even within the same device or node identifiers might IOAM layers, even within the same device, or node identifiers
not be unique for other organizational reasons, such as after a might not be unique for other organizational reasons, such as
merger of two formerly separated organizations. The Namespace-ID after a merger of two formerly separated organizations. The
can be used as a context identifier, such that the combination of Namespace-ID can be used as a context identifier, such that the
node_id and Namespace-ID will always be unique. combination of node_id and Namespace-ID will always be unique.
o Similarly, IOAM-Namespaces can be used to define how certain IOAM- * Similarly, IOAM-Namespaces can be used to define how certain IOAM-
Data-Fields are interpreted: IOAM offers three different timestamp Data-Fields are interpreted; IOAM offers three different timestamp
format options. The Namespace-ID can be used to determine the format options. The Namespace-ID can be used to determine the
timestamp format. IOAM-Data-Fields (e.g., buffer occupancy) which timestamp format. IOAM-Data-Fields (e.g., buffer occupancy) that
do not have a unit associated are to be interpreted within the do not have a unit associated are to be interpreted within the
context of a IOAM-Namespace. context of an IOAM-Namespace.
o IOAM-Namespaces can be used to identify different sets of devices * IOAM-Namespaces can be used to identify different sets of devices
(e.g., different types of devices) in a deployment: If an operator (e.g., different types of devices) in a deployment; if an operator
desires to insert different IOAM-Data-Fields based on the device, wants to insert different IOAM-Data-Fields based on the device,
the devices could be grouped into multiple IOAM-Namespaces. This the devices could be grouped into multiple IOAM-Namespaces. This
could be due to the fact that the IOAM feature set differs between could be due to the fact that the IOAM feature set differs between
different sets of devices, or it could be for reasons of optimized different sets of devices, or it could be for reasons of optimized
space usage in the packet header. It could also stem from space usage in the packet header. It could also stem from
hardware or operational limitations on the size of the trace data hardware or operational limitations on the size of the trace data
that can be added and processed, preventing collection of a full that can be added and processed, preventing collection of a full
trace for a flow. trace for a flow.
o By assigning different IOAM Namespace-IDs to different sets of * By assigning different IOAM Namespace-IDs to different sets of
nodes or network partitions and using a separate instance of an nodes or network partitions and using a separate instance of an
IOAM-Option-Type for each Namespace-ID, a full trace for a flow IOAM-Option-Type for each Namespace-ID, a full trace for a flow
could be collected and constructed via partial traces from each could be collected and constructed via partial traces from each
IOAM-Option-Type in each of the packets in the flow. Example: An IOAM-Option-Type in each of the packets in the flow. For example,
operator could choose to group the devices of a domain into two an operator could choose to group the devices of a domain into two
IOAM-Namespaces, in a way that each IOAM-Namespace is represented IOAM-Namespaces in a way that each IOAM-Namespace is represented
by one of two IOAM-Option-Types in the packet. Each node would by one of two IOAM-Option-Types in the packet. Each node would
record data only for the IOAM-Namespace that it belongs to, record data only for the IOAM-Namespace that it belongs to,
ignoring the other IOAM-Option-Type with a IOAM-Namespace to which ignoring the other IOAM-Option-Type with an IOAM-Namespace to
it doesn't belong. To retrieve a full view of the deployment, the which it doesn't belong. To retrieve a full view of the
captured IOAM-Data-Fields of the two IOAM-Namespaces need to be deployment, the captured IOAM-Data-Fields of the two IOAM-
correlated. Namespaces need to be correlated.
5.4. IOAM Trace Option-Types 4.4. IOAM Trace Option-Types
In a typical deployment, all nodes in an IOAM-Domain would In a typical deployment, all nodes in an IOAM-Domain would
participate in IOAM and thus be IOAM transit nodes, IOAM participate in IOAM; thus, they would be IOAM transit nodes, IOAM
encapsulating or IOAM decapsulating nodes. If not all nodes within a encapsulating nodes, or IOAM decapsulating nodes. If not all nodes
domain support IOAM functionality as defined in this document, IOAM within a domain support IOAM functionality as defined in this
tracing information (i.e., node data, see below) can only be document, IOAM tracing information (i.e., node data, see below) can
collected on those nodes which support IOAM functionality as defined only be collected on those nodes that support IOAM functionality as
in this document. Nodes which do not support IOAM functionality as defined in this document. Nodes that do not support IOAM
defined in this document will forward the packet without any changes functionality as defined in this document will forward the packet
to the IOAM-Data-Fields. The maximum number of hops and the minimum without any changes to the IOAM-Data-Fields. The maximum number of
path MTU of the IOAM-domain is assumed to be known. An overflow hops and the minimum PMTU of the IOAM-Domain is assumed to be known.
indicator (O-bit) is defined as one of the ways to deal with An overflow indicator (O-bit) is defined as one of the ways to deal
situations where the PMTU was underestimated, i.e., where the number with situations where the PMTU was underestimated, i.e., where the
of hops which are IOAM capable exceeds the available space in the number of hops that are IOAM capable exceeds the available space in
packet. the packet.
To optimize hardware and software implementations, IOAM tracing is To optimize hardware and software implementations, IOAM tracing is
defined as two separate options. A deployment can choose to defined as two separate options. A deployment can choose to
configure and support one or both of the following options. configure and support one or both of the following options.
Pre-allocated Trace-Option: This trace option is defined as a Pre-allocated Trace-Option:
container of node data fields (see below) with pre-allocated space This trace option is defined as a container of node data fields
for each node to populate its information. This option is useful (see below) with pre-allocated space for each node to populate its
for implementations where it is efficient to allocate the space information. This option is useful for implementations where it
once and index into the array to populate the data during transit is efficient to allocate the space once and index into the array
(e.g., software forwarders often fall into this class). The IOAM to populate the data during transit (e.g., software forwarders
encapsulating node allocates space for Pre-allocated Trace Option- often fall into this class). The IOAM encapsulating node
Type in the packet and sets corresponding fields in this IOAM- allocates space for the Pre-allocated Trace Option-Type in the
Option-Type. The IOAM encapsulating node allocates an array which packet and sets corresponding fields in this IOAM-Option-Type.
is used to store operational data retrieved from every node while The IOAM encapsulating node allocates an array that is used to
the packet traverses the domain. IOAM transit nodes update the store operational data retrieved from every node while the packet
content of the array, and possibly update the checksums of outer traverses the domain. IOAM transit nodes update the content of
headers. A pointer which is part of the IOAM trace data, points the array and possibly update the checksums of outer headers. A
to the next empty slot in the array. An IOAM transit node that pointer that is part of the IOAM trace data points to the next
updates the content of the pre-allocated option also updates the empty slot in the array. An IOAM transit node that updates the
value of the pointer, which specifies where the next IOAM transit content of the Pre-allocated Trace-Option also updates the value
node fills in its data. The "node data list" array (see below) in of the pointer, which specifies where the next IOAM transit node
the packet is populated iteratively as the packet traverses the fills in its data. The "node data list" array (see below) in the
packet is populated iteratively as the packet traverses the
network, starting with the last entry of the array, i.e., "node network, starting with the last entry of the array, i.e., "node
data list [n]" is the first entry to be populated, "node data list data list [n]" is the first entry to be populated, "node data list
[n-1]" is the second one, etc. [n-1]" is the second one, etc.
Incremental Trace-Option: This trace option is defined as a Incremental Trace-Option:
container of node data fields where each node allocates and pushes This trace option is defined as a container of node data fields,
its node data immediately following the option header. This type where each node allocates and pushes its node data immediately
of trace recording is useful for some of the hardware following the option header. This type of trace recording is
implementations as it eliminates the need for the transit network useful for some of the hardware implementations, as it eliminates
elements to read the full array in the option and allows for the need for the transit network elements to read the full array
arbitrarily long packets as the MTU allows. The IOAM in the option and allows for as arbitrarily long packets as the
encapsulating node allocates space for the Incremental Trace MTU allows. The IOAM encapsulating node allocates space for the
Option-Type. Based on operational state and configuration, the Incremental Trace Option-Type. Based on the operational state and
IOAM encapsulating node sets the fields in the Option-Type that configuration, the IOAM encapsulating node sets the fields in the
control what IOAM-Data-Fields have to be collected and how large Option-Type that control what IOAM-Data-Fields have to be
the node data list can grow. IOAM transit nodes push their node collected and how large the node data list can grow. IOAM transit
data to the node data list subject to any protocol constraints of nodes push their node data to the node data list subject to any
the encapsulating layer. They then decrease the remaining length protocol constraints of the encapsulating layer. They then
available to subsequent nodes and adjust the lengths and possibly decrease the remaining length available to subsequent nodes and
checksums in outer headers. adjust the lengths and possibly checksums in outer headers.
IOAM encapsulating nodes and IOAM decapsulating nodes which support IOAM encapsulating nodes and IOAM decapsulating nodes that support
tracing MUST support both Trace-Option-Types. For IOAM transit nodes tracing MUST support both Trace Option-Types. For IOAM transit
it is sufficient to support one of the Trace-Option-Types. In the nodes, it is sufficient to support one of the Trace Option-Types. In
event that both options are utilized in a deployment at the same the event that both options are utilized in a deployment at the same
time, the Incremental Trace-Option MUST be placed before the Pre- time, the Incremental Trace-Option MUST be placed before the Pre-
allocated Trace-Option. Deployments which mix devices with either allocated Trace-Option. Deployments that mix devices with either the
the Incremental Trace-Option or the Pre-allocated Trace-Option could Incremental Trace-Option or the Pre-allocated Trace-Option could
result in both Option-Types being present in a packet. Given that result in both Option-Types being present in a packet. Given that
the operator knows which equipment is deployed in a particular IOAM- the operator knows which equipment is deployed in a particular IOAM-
domain, the operator will decide by means of configuration which Domain, the operator will decide by means of configuration which
type(s) of trace options will be used for a particular domain. type(s) of trace options will be used for a particular domain.
Every node data entry holds information for a particular IOAM transit Every node data entry holds information for a particular IOAM transit
node that is traversed by a packet. The IOAM decapsulating node node that is traversed by a packet. The IOAM decapsulating node
removes the IOAM-Option-Type(s) and processes and/or exports the removes the IOAM-Option-Types and processes and/or exports the
associated data. Like all IOAM-Data-Fields, the IOAM-Data-Fields of associated data. Like all IOAM-Data-Fields, the IOAM-Data-Fields of
the IOAM-Trace-Option-Types are defined in the context of an IOAM- the IOAM Trace Option-Types are defined in the context of an IOAM-
Namespace. Namespace.
IOAM tracing can collect the following types of information: IOAM tracing can collect the following types of information:
o Identification of the IOAM node. An IOAM node identifier can * Identification of the IOAM node. An IOAM node identifier can
match to a device identifier or a particular control point or match to a device identifier or a particular control point or
subsystem within a device. subsystem within a device.
o Identification of the interface that a packet was received on, * Identification of the interface that a packet was received on,
i.e., ingress interface. i.e., ingress interface.
o Identification of the interface that a packet was sent out on, * Identification of the interface that a packet was sent out on,
i.e., egress interface. i.e., egress interface.
o Time of day when the packet was processed by the node as well as * Time of day when the packet was processed by the node, as well as
the transit delay. Different definitions of processing time are the transit delay. Different definitions of processing time are
feasible and expected, though it is important that all devices of feasible and expected, though it is important that all devices of
an IOAM-domain follow the same definition. an IOAM-Domain follow the same definition.
o Generic data: Format-free information where syntax and semantic of * Generic data, i.e., format-free information where syntax and
the information is defined by the operator in a specific semantics of the information is defined by the operator in a
deployment. For a specific IOAM-Namespace, all IOAM nodes have to specific deployment. For a specific IOAM-Namespace, all IOAM
interpret the generic data the same way. Examples for generic nodes have to interpret the generic data the same way. Examples
IOAM data include geo-location information (location of the node for generic IOAM data include geolocation information (location of
at the time the packet was processed), buffer queue fill level or the node at the time the packet was processed), buffer queue fill
cache fill level at the time the packet was processed, or even a level or cache fill level at the time the packet was processed, or
battery charge level. even a battery-charge level.
o Information to detect whether IOAM trace data was added at every * Information to detect whether IOAM trace data was added at every
hop or whether certain hops in the domain weren't IOAM transit hop or whether certain hops in the domain weren't IOAM transit
nodes. nodes.
It should be noted that the semantics of some of the node data fields It should be noted that the semantics of some of the node data fields
that are defined below, such as the queue depth and buffer occupancy, that are defined below, such as the queue depth and buffer occupancy,
are implementation specific. This approach is intended to allow IOAM are implementation specific. This approach is intended to allow IOAM
nodes with various different architectures. nodes with various different architectures.
5.4.1. Pre-allocated and Incremental Trace Option-Types 4.4.1. Pre-allocated and Incremental Trace Option-Types
The IOAM Pre-allocated Trace-Option and the IOAM Incremental Trace- The IOAM Pre-allocated Trace-Option and the IOAM Incremental Trace-
Option have similar formats. Except where noted below, the internal Option have similar formats. Except where noted below, the internal
formats and fields of the two trace options are identical. Both formats and fields of the two trace options are identical. Both
Trace-Options consist of a fixed size "trace option header" and a trace options consist of a fixed-size "trace option header" and a
variable data space to store gathered data, the "node data list". An variable data space to store gathered data, i.e., the "node data
IOAM transit node (that is not an IOAM encapsulating node or IOAM list". An IOAM transit node (that is, not an IOAM encapsulating node
decapsulating node) MUST NOT modify any of the fields in the fixed or IOAM decapsulating node) MUST NOT modify any of the fields in the
size "trace option header", other than "flags" and "RemainingLen", fixed-size "trace option header", other than Flags" and
i.e., an IOAM transit node MUST NOT modify the Namespace-ID, NodeLen, "RemainingLen", i.e., an IOAM transit node MUST NOT modify the
IOAM-Trace-Type, or Reserved fields. Namespace-ID, NodeLen, IOAM Trace-Type, or Reserved fields.
Pre-allocated and incremental trace option headers: The Pre-allocated and Incremental Trace-Option headers:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Namespace-ID |NodeLen | Flags | RemainingLen| | Namespace-ID |NodeLen | Flags | RemainingLen|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IOAM-Trace-Type | Reserved | | IOAM Trace-Type | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The trace option data MUST be 4-octet aligned: The trace option data MUST be alligned by 4 octets:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+
| | | | | |
| node data list [0] | | | node data list [0] | |
| | | | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ D +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ D
| | a | | a
| node data list [1] | t | node data list [1] | t
| | a | | a
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
skipping to change at page 14, line 37 skipping to change at line 613
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ p +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ p
| | a | | a
| node data list [n-1] | c | node data list [n-1] | c
| | e | | e
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| | | | | |
| node data list [n] | | | node data list [n] | |
| | | | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+
Namespace-ID: 16-bit identifier of an IOAM-Namespace. The Namespace-ID:
Namespace-ID value of 0x0000 is defined as the "Default-Namespace- 16-bit identifier of an IOAM-Namespace. The Namespace-ID value of
ID" (see Section 5.3) and MUST be known to all the nodes 0x0000 is defined as the "Default-Namespace-ID" (see Section 4.3)
implementing IOAM. For any other Namespace-ID value that does not and MUST be known to all the nodes implementing IOAM. For any
match any Namespace-ID the node is configured to operate on, the other Namespace-ID value that does not match any Namespace-ID the
node MUST NOT change the contents of the IOAM-Data-Fields. node is configured to operate on, the node MUST NOT change the
contents of the IOAM-Data-Fields.
NodeLen: 5-bit unsigned integer. This field specifies the length of NodeLen:
data added by each node in multiples of 4-octets, excluding the 5-bit unsigned integer. This field specifies the length of data
length of the "Opaque State Snapshot" field. added by each node in multiples of 4 octets, excluding the length
of the "Opaque State Snapshot" field.
If IOAM-Trace-Type bit 22 is not set, then NodeLen specifies the If IOAM Trace-Type Bit 22 is not set, then NodeLen specifies the
actual length added by each node. If IOAM-Trace-Type bit 22 is actual length added by each node. If IOAM Trace-Type Bit 22 is
set, then the actual length added by a node would be (NodeLen + set, then the actual length added by a node would be (NodeLen +
length of the "Opaque State Snapshot" field) in 4 octet units. length of the "Opaque State Snapshot" field) in 4-octet units.
For example, if 3 IOAM-Trace-Type bits are set and none of them For example, if 3 IOAM Trace-Type bits are set and none of them
are in wide format, then NodeLen would be 3. If 3 IOAM-Trace-Type are in wide format, then NodeLen would be 3. If 3 IOAM Trace-Type
bits are set and 2 of them are wide, then NodeLen would be 5. bits are set and 2 of them are wide, then NodeLen would be 5.
An IOAM encapsulating node MUST set NodeLen. An IOAM encapsulating node MUST set NodeLen.
A node receiving an IOAM Pre-allocated or Incremental Trace-Option A node receiving an IOAM Pre-allocated or Incremental Trace-Option
relies on the NodeLen value. relies on the NodeLen value.
Flags 4-bit field. Flags are allocated by IANA, as specified in Flags:
Section 8.3. This document allocates a single flag as follows: 4-bit field. Flags are allocated by IANA, as specified in
Section 7.3. This document allocates a single flag as follows:
Bit 0 "Overflow" (O-bit) (most significant bit). In case a Bit 0:
network element is supposed to add node data to a packet, but "Overflow" (O-bit) (most significant bit). In case a network
detects that there are not enough octets left to record the element is supposed to add node data to a packet but detects
node data, the network element MUST NOT add any fields and MUST that there are not enough octets left to record the node data,
set the overflow "O-bit" to "1" in the IOAM-Trace-Option the network element MUST NOT add any fields and MUST set the
header. This is useful for transit nodes to ignore further overflow "O-bit" to "1" in the IOAM Trace-Option header. This
processing of the option. is useful for transit nodes to ignore further processing of the
option.
RemainingLen: 7-bit unsigned integer. This field specifies the data RemainingLen:
space in multiples of 4-octets remaining for recording the node 7-bit unsigned integer. This field specifies the data space in
data, before the node data list is considered to have overflowed. multiples of 4 octets remaining for recording the node data before
The sender MUST assign the initial value of the RemainingLen the node data list is considered to have overflowed. The sender
field. The sender MAY calculate the value of the RemainingLen MUST assign the initial value of the RemainingLen field. The
field by computing the number of node data bytes allowed before sender MAY calculate the value of the RemainingLen field by
exceeding the path MTU (PMTU), given that the PMTU is known to the computing the number of node data bytes allowed before exceeding
sender. Subsequent nodes can carry out a simple comparison the PMTU, given that the PMTU is known to the sender. Subsequent
between RemainingLen and NodeLen, along with the length of the nodes can carry out a simple comparison between RemainingLen and
"Opaque State Snapshot" if applicable, to determine whether or not NodeLen, along with the length of the "Opaque State Snapshot", if
data can be added by this node. When node data is added, the node applicable, to determine whether or not data can be added by this
MUST decrease RemainingLen by the amount of data added. In the node. When node data is added, the node MUST decrease
pre-allocated trace option, RemainingLen is used to derive the RemainingLen by the amount of data added. In the Pre-allocated
offset in data space to record the node data element. Trace-Option, RemainingLen is used to derive the offset in data
Specifically, the recording of the node data element would start space to record the node data element. Specifically, the
from RemainingLen - NodeLen - sizeof(opaque snapshot) in 4 octet recording of the node data element would start from RemainingLen -
units. If RemainingLen in a pre-allocated trace option exceeds NodeLen - size of (opaque snapshot) in 4-octet units. If
the length of the option, as specified in the lower layer header RemainingLen in a Pre-allocated Trace-Option exceeds the length of
(which is not within the scope of this document), then the node the option, as specified in the lower-layer header (which is not
MUST NOT add any fields. within the scope of this document), then the node MUST NOT add any
fields.
IOAM-Trace-Type: A 24-bit identifier which specifies which data IOAM Trace-Type:
types are used in this node data list. 24-bit identifier that specifies which data types are used in this
node data list.
The IOAM-Trace-Type value is a bit field. The following bits are The IOAM Trace-Type value is a bit field. The following bits are
defined in this document, with details on each bit described in defined in this document, with details on each bit described in
the Section 5.4.2. The order of packing the data fields in each Section 4.4.2. The order of packing the data fields in each node
node data element follows the bit order of the IOAM-Trace-Type data element follows the bit order of the IOAM Trace-Type field as
field, as follows: follows:
Bit 0 (Most significant bit) When set, indicates presence of Bit 0 Most significant bit. When set, indicates the presence
Hop_Lim and node_id (short format) in the node data. of Hop_Lim and node_id (short format) in the node data.
Bit 1 When set, indicates presence of ingress_if_id and Bit 1 When set, indicates the presence of ingress_if_id and
egress_if_id (short format) in the node data. egress_if_id (short format) in the node data.
Bit 2 When set, indicates presence of timestamp seconds in the Bit 2 When set, indicates the presence of timestamp seconds in
node data. the node data.
Bit 3 When set, indicates presence of timestamp fraction in the Bit 3 When set, indicates the presence of timestamp fraction
node data. in the node data.
Bit 4 When set, indicates presence of transit delay in the node Bit 4 When set, indicates the presence of transit delay in the
data. node data.
Bit 5 When set, indicates presence of IOAM-Namespace specific Bit 5 When set, indicates the presence of IOAM-Namespace-
data (short format) in the node data. specific data in short format in the node data.
Bit 6 When set, indicates presence of queue depth in the node Bit 6 When set, indicates the presence of queue depth in the
data. node data.
Bit 7 When set, indicates presence of the Checksum Complement Bit 7 When set, indicates the presence of the Checksum
node data. Complement node data.
Bit 8 When set, indicates presence of Hop_Lim and node_id in Bit 8 When set, indicates the presence of Hop_Lim and node_id
wide format in the node data. in wide format in the node data.
Bit 9 When set, indicates presence of ingress_if_id and Bit 9 When set, indicates the presence of ingress_if_id and
egress_if_id in wide format in the node data. egress_if_id in wide format in the node data.
Bit 10 When set, indicates presence of IOAM-Namespace specific Bit 10 When set, indicates the presence of IOAM-Namespace-
data in wide format in the node data. specific data in wide format in the node data.
Bit 11 When set, indicates presence of buffer occupancy in the Bit 11 When set, indicates the presence of buffer occupancy in
node data. the node data.
Bit 12-21 Undefined. These values are available for future Bits 12-21 Undefined. These values are available for future
assignment in the IOAM Trace-Type Registry (Section 8.2). assignment in the IOAM Trace-Type Registry
Every future node data field corresponding to one of (Section 7.2). Every future node data field
these bits MUST be 4-octets long. An IOAM encapsulating corresponding to one of these bits MUST be 4 octets
node MUST set the value of each undefined bit to 0. If long. An IOAM encapsulating node MUST set the value of
an IOAM transit node receives a packet with one or more each undefined bit to 0. If an IOAM transit node
of these bits set to 1, it MUST either: receives a packet with one or more of these bits set to
1, it MUST either:
1. Add corresponding node data filled with the reserved 1. add corresponding node data filled with the reserved
value 0xFFFFFFFF, after the node data fields for the value 0xFFFFFFFF after the node data fields for the
IOAM-Trace-Type bits defined above, such that the IOAM Trace-Type bits defined above, such that the
total node data added by this node in units of total node data added by this node in units of 4
4-octets is equal to NodeLen, or octets is equal to NodeLen or
2. Not add any node data fields to the packet, even for 2. not add any node data fields to the packet, even for
the IOAM-Trace-Type bits defined above. the IOAM Trace-Type bits defined above.
Bit 22 When set, indicates presence of variable length Opaque Bit 22 When set, indicates the presence of the variable-length
State Snapshot field. Opaque State Snapshot field.
Bit 23 Reserved: MUST be set to zero upon transmission and Bit 23 Reserved; MUST be set to zero upon transmission and be
ignored upon receipt. This bit is reserved to allow for ignored upon receipt. This bit is reserved to allow for
future extensions of the IOAM-Trace-Type bit field. future extensions of the IOAM Trace-Type bit field.
Section 5.4.2 describes the IOAM-Data-Types and their formats. Section 4.4.2 describes the IOAM-Data-Types and their formats.
Within an IOAM-Domain possible combinations of these bits making Within an IOAM-Domain, possible combinations of these bits making
the IOAM-Trace-Type can be restricted by configuration knobs. the IOAM Trace-Type can be restricted by configuration knobs.
Reserved: 8-bits. An IOAM encapsulating node MUST set the value to Reserved:
zero upon transmission. IOAM transit nodes MUST ignore the 8 bits. An IOAM encapsulating node MUST set the value to zero
received value. upon transmission. IOAM transit nodes MUST ignore the received
value.
Node data List [n]: Variable-length field. This is a list of node Node data List [n]:
data elements where the content of each node data element is Variable-length field. This is a list of node data elements where
determined by the IOAM-Trace-Type. The order of packing the data the content of each node data element is determined by the IOAM
fields in each node data element follows the bit order of the Trace-Type. The order of packing the data fields in each node
IOAM-Trace-Type field. Each node MUST prepend its node data data element follows the bit order of the IOAM Trace-Type field.
element in front of the node data elements that it received, such Each node MUST prepend its node data element in front of the node
that the transmitted node data list begins with this node's data data elements that it received, such that the transmitted node
element as the first populated element in the list. The last node data list begins with this node's data element as the first
data element in this list is the node data of the first IOAM populated element in the list. The last node data element in this
capable node in the path. Populating the node data list in this list is the node data of the first IOAM-capable node in the path.
way ensures that the order of node data list is the same for Populating the node data list in this way ensures that the order
incremental and pre-allocated trace options. In the pre-allocated of the node data list is the same for Incremental and Pre-
trace option, the index contained in RemainingLen identifies the allocated Trace-Options. In the Pre-allocated Trace-Option, the
offset for current active node data to be populated. index contained in RemainingLen identifies the offset for current
active node data to be populated.
5.4.2. IOAM node data fields and associated formats 4.4.2. IOAM Node Data Fields and Associated Formats
All the IOAM-Data-Fields MUST be 4-octet aligned. If a node which is All the IOAM-Data-Fields MUST be aligned by 4 octets. If a node that
supposed to update an IOAM-Data-Field is not capable of populating is supposed to update an IOAM-Data-Field is not capable of populating
the value of a field set in the IOAM-Trace-Type, the field value MUST the value of a field set in the IOAM Trace-Type, the field value MUST
be set to 0xFFFFFFFF for 4-octet fields or 0xFFFFFFFFFFFFFFFF for be set to 0xFFFFFFFF for 4-octet fields or 0xFFFFFFFFFFFFFFFF for
8-octet fields, indicating that the value is not populated, except 8-octet fields, indicating that the value is not populated, except
when explicitly specified in the field description below. when explicitly specified in the field description below.
Some IOAM-Data-Fields defined below, such as interface identifiers or Some IOAM-Data-Fields defined below, such as interface identifiers or
IOAM-Namespace specific data, are defined in both "short format" as IOAM-Namespace-specific data, are defined in both "short format" and
well as "wide format". The use of "short format" or "wide format" is "wide format". The use of "short format" or "wide format" is not
not mutually exclusive. A deployment could choose to leverage both. mutually exclusive. A deployment could choose to leverage both. For
For example, ingress_if_id_(short format) could be an identifier for example, ingress_if_id_(short format) could be an identifier for the
the physical interface, whereas ingress_if_id_(wide format) could be physical interface, whereas ingress_if_id_(wide format) could be an
an identifier for a logical sub-interface of that physical interface. identifier for a logical sub-interface of that physical interface.
Data fields and associated data types for each of the IOAM-Data- Data fields and associated data types for each of the IOAM-Data-
Fields are specified in the following sections. The definition of Fields are specified in the following sections. The definition of
IOAM-Data-Fields focuses on the syntax of the data-fields and avoids IOAM-Data-Fields focuses on the syntax of the data fields and avoids
specifying the semantics where feasible. This is why no units are specifying the semantics where feasible. This is why no units are
defined for data-fields like e.g., "buffer occupancy" or "queue defined for data fields, e.g., like "buffer occupancy" or "queue
depth". With this approach, nodes can supply the information in depth". With this approach, nodes can supply the information in
their native format and are not required to perform unit or format their original format and are not required to perform unit or format
conversions. Systems that further process IOAM information, like conversions. Systems that further process IOAM information, e.g.,
e.g., a network management system are assumed to also handle unit like a network management system, are assumed to also handle unit
conversions as part of their IOAM data-fields processing. The conversions as part of their IOAM-Data-Fields processing. The
combination of a particular data-field and the namespace-id provides combination of a particular data field and the Namespace-ID provides
for the context to interpret the provided data appropriately. for the context to interpret the provided data appropriately.
5.4.2.1. Hop_Lim and node_id short format 4.4.2.1. Hop_Lim and node_id Short
The "Hop_Lim and node_id short format" field is a 4-octet field that The "Hop_Lim and node_id short" field is a 4-octet field that is
is defined as follows: defined as follows:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Hop_Lim | node_id | | Hop_Lim | node_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Hop_Lim: 1-octet unsigned integer. It is set to the Hop Limit value Hop_Lim:
in the packet at egress from the node that records this data. Hop 1-octet unsigned integer. It is set to the Hop Limit value in the
Limit information is used to identify the location of the node in packet at egress from the node that records this data. Hop Limit
the communication path. This is copied from the lower layer, information is used to identify the location of the node in the
e.g., TTL value in IPv4 header or hop limit field from IPv6 header communication path. This is copied from the lower layer, e.g.,
of the packet when the packet is ready for transmission. The TTL value in IPv4 header or Hop Limit field from IPv6 header of
semantics of the Hop_Lim field depend on the lower layer protocol the packet when the packet is ready for transmission. The
that IOAM is encapsulated into, and therefore its specific semantics of the Hop_Lim field depend on the lower-layer protocol
semantics are outside the scope of this memo. The value of this that IOAM is encapsulated into; therefore, its specific semantics
field MUST be set to 0xff when the lower level does not have a are outside the scope of this memo. The value of this field MUST
TTL/Hop limit equivalent field. be set to 0xff when the lower level does not have a field
equivalent to TTL / Hop Limit.
node_id: 3-octet unsigned integer. Node identifier field to node_id:
uniquely identify a node within the IOAM-Namespace and associated 3-octet unsigned integer. A node identifier field to uniquely
IOAM-Domain. The procedure to allocate, manage and map the identify a node within the IOAM-Namespace and associated IOAM-
node_ids is beyond the scope of this document. See Domain. The procedure to allocate, manage, and map the node_ids
[I-D.ietf-ippm-ioam-deployment] for a discussion of deployment is beyond the scope of this document. See [IPPM-IOAM-DEPLOYMENT]
related aspects of the node_id. for a discussion of deployment-related aspects of the node_id.
5.4.2.2. ingress_if_id and egress_if_id 4.4.2.2. ingress_if_id and egress_if_id Short
The "ingress_if_id and egress_if_id" field is a 4-octet field that is The "ingress_if_id and egress_if_id" field is a 4-octet field that is
defined as follows: defined as follows:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ingress_if_id | egress_if_id | | ingress_if_id | egress_if_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
ingress_if_id: 2-octet unsigned integer. Interface identifier to ingress_if_id:
record the ingress interface the packet was received on. 2-octet unsigned integer. An interface identifier to record the
ingress interface the packet was received on.
egress_if_id: 2-octet unsigned integer. Interface identifier to egress_if_id:
record the egress interface the packet is forwarded out of. 2-octet unsigned integer. An interface identifier to record the
egress interface the packet is forwarded out of.
Note that due to the fact that IOAM uses its own IOAM-Namespaces for Note that due to the fact that IOAM uses its own IOAM-Namespaces for
IOAM-Data-Fields, data fields like interface identifiers can be used IOAM-Data-Fields, data fields, like interface identifiers, can be
in a flexible way to represent system resources that are associated used in a flexible way to represent system resources that are
with ingressing or egressing packets, i.e., ingress_if_id could associated with ingressing or egressing packets, i.e., ingress_if_id
represent a physical interface, a virtual or logical interface, or could represent a physical interface, a virtual or logical interface,
even a queue. or even a queue.
5.4.2.3. timestamp seconds 4.4.2.3. Timestamp Seconds
The "timestamp seconds" field is a 4-octet unsigned integer field. The "timestamp seconds" field is a 4-octet unsigned integer field.
It contains the absolute timestamp in seconds that specifies the time It contains the absolute timestamp in seconds that specifies the time
at which the packet was received by the node. This field has three at which the packet was received by the node. This field has three
possible formats; based on either PTP (see e.g., [RFC8877]), NTP possible formats, based on either the Precision Time Protocol (PTP)
[RFC5905], or POSIX [POSIX]. The three timestamp formats are (see e.g., [RFC8877]), NTP [RFC5905], or POSIX [POSIX]. The three
specified in Section 6. In all three cases, the Timestamp Seconds timestamp formats are specified in Section 5. In all three cases,
field contains the 32 most significant bits of the timestamp format the timestamp seconds field contains the 32 most significant bits of
that is specified in Section 6. If a node is not capable of the timestamp format that is specified in Section 5. If a node is
populating this field, it assigns the value 0xFFFFFFFF. Note that not capable of populating this field, it assigns the value
this is a legitimate value that is valid for 1 second in 0xFFFFFFFF. Note that this is a legitimate value that is valid for 1
approximately 136 years; the analyzer has to correlate several second in approximately 136 years; the analyzer has to correlate
packets or compare the timestamp value to its own time-of-day in several packets or compare the timestamp value to its own time of day
order to detect the error indication. in order to detect the error indication.
5.4.2.4. timestamp fraction 4.4.2.4. Timestamp Fraction
The "timestamp fraction" field is a 4-octet unsigned integer field. The "timestamp fraction" field is a 4-octet unsigned integer field.
Fraction specifies the fractional portion of the number of seconds Fraction specifies the fractional portion of the number of seconds
since the NTP epoch [RFC8877]. The field specifies the time at which since the NTP epoch [RFC8877]. The field specifies the time at which
the packet was received by the node. This field has three possible the packet was received by the node. This field has three possible
formats; based on either PTP (see e.g., [RFC8877]), NTP [RFC5905], or formats, based on either PTP (see e.g., [RFC8877]), NTP [RFC5905], or
POSIX [POSIX]. The three timestamp formats are specified in POSIX [POSIX]. The three timestamp formats are specified in
Section 6. In all three cases, the Timestamp fraction field contains Section 5. In all three cases, the timestamp fraction field contains
the 32 least significant bits of the timestamp format that is the 32 least significant bits of the timestamp format that is
specified in Section 6. If a node is not capable of populating this specified in Section 5. If a node is not capable of populating this
field, it assigns the value 0xFFFFFFFF. Note that this is a field, it assigns the value 0xFFFFFFFF. Note that this is a
legitimate value in the NTP format, valid for approximately 233 legitimate value in the NTP format, valid for approximately 233
picoseconds in every second. If the NTP format is used the analyzer picoseconds in every second. If the NTP format is used, the analyzer
has to correlate several packets in order to detect the error has to correlate several packets in order to detect the error
indication. indication.
5.4.2.5. transit delay 4.4.2.5. Transit Delay
The "transit delay" field is a 4-octet unsigned integer in the range The "transit delay" field is a 4-octet unsigned integer in the range
0 to 2^31-1. It is the time in nanoseconds the packet spent in the 0 to 2^31-1. It is the time in nanoseconds the packet spent in the
transit node. This can serve as an indication of the queuing delay transit node. This can serve as an indication of the queuing delay
at the node. If the transit delay exceeds 2^31-1 nanoseconds then at the node. If the transit delay exceeds 2^31-1 nanoseconds, then
the top bit 'O' is set to indicate overflow and value set to the top bit 'O' is set to indicate overflow and value set to
0x80000000. When this field is part of the data field but a node 0x80000000. When this field is part of the data field but a node
populating the field is not able to fill it, the field position in populating the field is not able to fill it, the field position in
the field MUST be filled with value 0xFFFFFFFF to mean not populated. the field MUST be filled with value 0xFFFFFFFF to mean not populated.
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|O| transit delay | |O| transit delay |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
5.4.2.6. namespace specific data 4.4.2.6. Namespace-Specific Data
The "namespace specific data" field is a 4-octet field which can be The "namespace-specific data" field is a 4-octet field that can be
used by the node to add IOAM-Namespace specific data. This used by the node to add IOAM-Namespace-specific data. This
represents a "free-format" 4-octet bit field with its semantics represents a "free-format" 4-octet bit field with its semantics
defined in the context of a specific IOAM-Namespace. defined in the context of a specific IOAM-Namespace.
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| namespace specific data | | namespace-specific data |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
5.4.2.7. queue depth 4.4.2.7. Queue Depth
The "queue depth" field is a 4-octet unsigned integer field. This The "queue depth" field is a 4-octet unsigned integer field. This
field indicates the current length of the egress interface queue of field indicates the current length of the egress interface queue of
the interface from where the packet is forwarded out. The queue the interface from where the packet is forwarded out. The queue
depth is expressed as the current amount of memory buffers used by depth is expressed as the current amount of memory buffers used by
the queue (a packet could consume one or more memory buffers, the queue (a packet could consume one or more memory buffers,
depending on its size). depending on its size).
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| queue depth | | queue depth |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
5.4.2.8. Checksum Complement 4.4.2.8. Checksum Complement
The "Checksum Complement" field is a 4-octet node data which contains The "Checksum Complement" field is a 4-octet node data that contains
a 4-octet Checksum Complement field. The Checksum Complement is the Checksum Complement value. The Checksum Complement is useful
useful when IOAM is transported over encapsulations that make use of when IOAM is transported over encapsulations that make use of a UDP
a UDP transport, such as VXLAN-GPE or Geneve. Without the Checksum transport, such as VXLAN-GPE or Geneve. Without the Checksum
Complement, nodes adding IOAM node data update the UDP Checksum field Complement, nodes adding IOAM node data update the UDP Checksum field
following the recommendation of the encapsulation protocols. When following the recommendation of the encapsulation protocols. When
the Checksum Complement is present, an IOAM encapsulating node or the Checksum Complement is present, an IOAM encapsulating node or
IOAM transit node adding node data MUST carry out one of the IOAM transit node adding node data MUST carry out one of the
following two alternatives in order to maintain the correctness of following two alternatives in order to maintain the correctness of
the UDP Checksum value: the UDP Checksum value:
1. Recompute the UDP Checksum field. 1. recompute the UDP Checksum field or
2. Use the Checksum Complement to make a checksum-neutral update in 2. use the Checksum Complement to make a checksum-neutral update in
the UDP payload; the Checksum Complement is assigned a value that the UDP payload; the Checksum Complement is assigned a value that
complements the rest of the node data fields that were added by complements the rest of the node data fields that were added by
the current node, causing the existing UDP Checksum field to the current node, causing the existing UDP Checksum field to
remain correct. remain correct.
IOAM decapsulating nodes MUST recompute the UDP Checksum field, since IOAM decapsulating nodes MUST recompute the UDP Checksum field, since
they do not know whether previous hops modified the UDP Checksum they do not know whether previous hops modified the UDP Checksum
field or the Checksum Complement field. field or the Checksum Complement field.
Checksum Complement fields are used in a similar manner in [RFC7820] Checksum Complement fields are used in a similar manner in [RFC7820]
and [RFC7821]. and [RFC7821].
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Checksum Complement | | Checksum Complement |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
5.4.2.9. Hop_Lim and node_id wide 4.4.2.9. Hop_Lim and node_id Wide
The "Hop_Lim and node_id wide" field is an 8-octet field defined as The "Hop_Lim and node_id wide" field is an 8-octet field defined as
follows: follows:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Hop_Lim | node_id ~ | Hop_Lim | node_id ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~ node_id (contd) | ~ node_id (contd) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Hop_Lim: 1-octet unsigned integer. See Section 5.4.2.1 for the Hop_Lim:
definition of the field. 1-octet unsigned integer. See Section 4.4.2.1 for the definition
of the field.
node_id: 7-octet unsigned integer. Node identifier field to node_id:
7-octet unsigned integer. It is a node identifier field to
uniquely identify a node within the IOAM-Namespace and associated uniquely identify a node within the IOAM-Namespace and associated
IOAM-Domain. The procedure to allocate, manage and map the IOAM-Domain. The procedure to allocate, manage, and map the
node_ids is beyond the scope of this document. node_ids is beyond the scope of this document.
5.4.2.10. ingress_if_id and egress_if_id wide 4.4.2.10. ingress_if_id and egress_if_id Wide
The "ingress_if_id and egress_if_id wide" field is an 8-octet field The "ingress_if_id and egress_if_id wide" field is an 8-octet field,
which is defined as follows: which is defined as follows:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ingress_if_id | | ingress_if_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| egress_if_id | | egress_if_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
ingress_if_id: 4-octet unsigned integer. Interface identifier to ingress_if_id:
record the ingress interface the packet was received on. 4-octet unsigned integer. It is an interface identifier to record
the ingress interface the packet was received on.
egress_if_id: 4-octet unsigned integer. Interface identifier to egress_if_id:
record the egress interface the packet is forwarded out of. 4-octet unsigned integer. It is an interface identifier to record
the egress interface the packet is forwarded out of.
5.4.2.11. namespace specific data wide 4.4.2.11. Namespace-Specific Data Wide
The "namespace specific data wide" field is an 8-octet field which The "namespace-specific data wide" field is an 8-octet field that can
can be used by the node to add IOAM-Namespace specific data. This be used by the node to add IOAM-Namespace-specific data. This
represents a "free-format" 8-octet bit field with its semantics represents a "free-format" 8-octet bit field with its semantics
defined in the context of a specific IOAM-Namespace. defined in the context of a specific IOAM-Namespace.
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| namespace specific data ~ | namespace-specific data ~
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
~ namespace specific data (contd) | ~ namespace-specific data (contd) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
5.4.2.12. buffer occupancy 4.4.2.12. Buffer Occupancy
The "buffer occupancy" field is a 4-octet unsigned integer field. The "buffer occupancy" field is a 4-octet unsigned integer field.
This field indicates the current status of the occupancy of the This field indicates the current status of the occupancy of the
common buffer pool used by a set of queues. The units of this field common buffer pool used by a set of queues. The units of this field
are implementation specific. Hence, the units are interpreted within are implementation specific. Hence, the units are interpreted within
the context of an IOAM-Namespace and/or node-id if used. The authors the context of an IOAM-Namespace and/or node identifier if used. The
acknowledge that in some operational cases there is a need for the authors acknowledge that, in some operational cases, there is a need
units to be consistent across a packet path through the network, for the units to be consistent across a packet path through the
hence it is recommended for implementations to use standard units network; hence, it is recommended for implementations to use standard
such as Bytes. units, such as bytes.
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| buffer occupancy | | buffer occupancy |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
5.4.2.13. Opaque State Snapshot 4.4.2.13. Opaque State Snapshot
The "Opaque State Snapshot" is a variable length field and follows The "Opaque State Snapshot" field is a variable-length field and
the fixed length IOAM-Data-Fields defined above. It allows the follows the fixed-length IOAM-Data-Fields defined above. It allows
network element to store an arbitrary state in the node data field, the network element to store an arbitrary state in the node data
without a pre-defined schema. The schema is to be defined within the field without a predefined schema. The schema is to be defined
context of an IOAM-Namespace. The schema needs to be made known to within the context of an IOAM-Namespace. The schema needs to be made
the analyzer by some out-of-band mechanism. The specification of known to the analyzer by some out-of-band mechanism. The
this mechanism is beyond the scope of this document. A 24-bit specification of this mechanism is beyond the scope of this document.
"Schema Id" field, interpreted within the context of an IOAM- A 24-bit "Schema ID" field, interpreted within the context of an
Namespace, indicates which particular schema is used, and has to be IOAM-Namespace, indicates which particular schema is used and has to
configured on the network element by the operator. be configured on the network element by the operator.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Length | Schema ID | | Length | Schema ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
| | | |
| Opaque data | | Opaque data |
~ ~ ~ ~
. . . .
. . . .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Length: 1-octet unsigned integer. It is the length in multiples of Length:
4-octets of the Opaque data field that follows Schema Id. 1-octet unsigned integer. It is the length in multiples of 4
octets of the Opaque data field that follows Schema ID.
Schema ID: 3-octet unsigned integer identifying the schema of Opaque Schema ID:
data. 3-octet unsigned integer identifying the schema of Opaque data.
Opaque data: Variable length field. This field is interpreted as Opaque data:
specified by the schema identified by the Schema ID. Variable-length field. This field is interpreted as specified by
the schema identified by the Schema ID.
When this field is part of the data field but a node populating the When this field is part of the data field, but a node populating the
field has no opaque state data to report, the Length MUST be set to 0 field has no opaque state data to report, the Length MUST be set to 0
and the Schema ID MUST be set to 0xFFFFFF to mean no schema. and the Schema ID MUST be set to 0xFFFFFF to mean no schema.
5.4.3. Examples of IOAM node data 4.4.3. Examples of IOAM Node Data
The format used for the entries in a packet's "node data list" array The format used for the entries in a packet's "node data list" array
can vary from packet to packet and deployment to deployment". Some can vary from packet to packet and deployment to deployment. Some
deployments might only be interested in recording the node deployments might only be interested in recording the node
identifiers, whereas others might be interested in recording node identifiers, whereas others might be interested in recording node
identifiers and timestamps. This section provides example entries of identifiers and timestamps. This section provides example entries of
the "node data list". the "node data list" array.
0xD40000: IOAM-Trace-Type is 0xD40000 (0b110101000000000000000000) 0xD40000: If the IOAM Trace-Type is 0xD40000
then the format of node data is: (0b110101000000000000000000), then the format of node data is:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Hop_Lim | node_id | | Hop_Lim | node_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ingress_if_id | egress_if_id | | ingress_if_id | egress_if_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| timestamp fraction | | timestamp fraction |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| namespace specific data | | namespace-specific data |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
0xC00000: IOAM-Trace-Type is 0xC00000 (0b110000000000000000000000) 0xC00000: If the IOAM Trace-Type is 0xC00000
then the format is: (0b110000000000000000000000), then the format is:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Hop_Lim | node_id | | Hop_Lim | node_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ingress_if_id | egress_if_id | | ingress_if_id | egress_if_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
0x900000: IOAM-Trace-Type is 0x900000 (0b100100000000000000000000) 0x900000: If the IOAM Trace-Type is 0x900000
then the format is: (0b100100000000000000000000), then the format is:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Hop_Lim | node_id | | Hop_Lim | node_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| timestamp fraction | | timestamp fraction |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
0x840000: IOAM-Trace-Type is 0x840000 (0b100001000000000000000000) 0x840000: If the IOAM Trace-Type is 0x840000
then the format is: (0b100001000000000000000000), then the format is:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Hop_Lim | node_id | | Hop_Lim | node_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| namespace specific data | | namespace-specific data |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
0x940000: IOAM-Trace-Type is 0x940000 (0b100101000000000000000000) 0x940000: If the IOAM Trace-Type is 0x940000
then the format is: (0b100101000000000000000000), then the format is:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Hop_Lim | node_id | | Hop_Lim | node_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| timestamp fraction | | timestamp fraction |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| namespace specific data | | namespace-specific data |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
0x308002: IOAM-Trace-Type is 0x308002 (0b001100001000000000000010) 0x308002: If the IOAM Trace-Type is 0x308002
then the format is: (0b001100001000000000000010), then the format is:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| timestamp seconds | | timestamp seconds |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| timestamp fraction | | timestamp fraction |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Hop_Lim | node_id | | Hop_Lim | node_id |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| node_id(contd) | | node_id(contd) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Length | Schema Id | | Length | Schema ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | |
| | | |
| Opaque data | | Opaque data |
~ ~ ~ ~
. . . .
. . . .
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
5.5. IOAM Proof of Transit Option-Type 4.5. IOAM Proof of Transit Option-Type
IOAM Proof of Transit Option-Type is used to support path or service The IOAM Proof of Transit Option-Type is used to support path or
function chain [RFC7665] verification use cases, i.e., prove that service function chain [RFC7665] verification use cases, i.e., prove
traffic transited a defined path. While details on how the IOAM data that traffic transited a defined path. While the details on how the
for the Proof-of-transit option is processed at IOAM encapsulating, IOAM data for the Proof of Transit Option-Type is processed at IOAM
decapsulating and transit nodes are outside the scope of the encapsulating, decapsulating, and transit nodes are outside the scope
document, proof of transit approaches share the need to uniquely of the document, Proof of Transit approaches share the need to
identify a packet as well as iteratively operate on a set of uniquely identify a packet, as well as iteratively operate on a set
information that is handed from node to node. Correspondingly, two of information that is handed from node to node. Correspondingly,
pieces of information are added as IOAM-Data-Fields to the packet: two pieces of information are added as IOAM-Data-Fields to the
packet:
o PktID: Unique identifier for the packet. PktID:
unique identifier for the packet
o Cumulative: Information which is handed from node to node and Cumulative:
updated by every node according to a verification algorithm. information that is handed from node to node and updated by every
node according to a verification algorithm
The IOAM Proof-of-Transit Option-Type consist of a fixed size "IOAM The IOAM Proof of Transit Option-Type consist of a fixed-size "IOAM
proof of transit option header" and "IOAM proof of transit option Proof of Transit Option header" and "IOAM Proof of Transit Option
data fields": data fields":
IOAM proof of transit option header: IOAM Proof of Transit Option header:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Namespace-ID |IOAM POT Type | IOAM POT flags| | Namespace-ID |IOAM POT-Type | IOAM POT flags|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
IOAM proof of transit Option-Type IOAM-Data-Fields MUST be IOAM Proof of Transit Option-Type IOAM-Data-Fields MUST be aligned by
4-octet aligned: 4 octets:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| POT Option data field determined by IOAM-POT-Type | | POT Option data field determined by IOAM POT-Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Namespace-ID: 16-bit identifier of an IOAM-Namespace. The Namespace-ID:
Namespace-ID value of 0x0000 is defined as the "Default-Namespace- 16-bit identifier of an IOAM-Namespace. The Namespace-ID value of
ID" (see Section 5.3) and MUST be known to all the nodes 0x0000 is defined as the "Default-Namespace-ID" (see Section 4.3)
implementing IOAM. For any other Namespace-ID value that does not and MUST be known to all the nodes implementing IOAM. For any
match any Namespace-ID the node is configured to operate on, the other Namespace-ID value that does not match any Namespace-ID the
node MUST NOT change the contents of the IOAM-Data-Fields. node is configured to operate on, the node MUST NOT change the
contents of the IOAM-Data-Fields.
IOAM POT Type: 8-bit identifier of a particular POT variant that IOAM POT-Type:
specifies the POT data that is included. This document defines 8-bit identifier of a particular POT variant that specifies the
POT Type 0: POT data that is included. This document defines IOAM POT-Type 0:
0: POT data is a 16 Octet field to carry data associated to POT 0: POT data is a 16-octet field to carry data associated to POT
procedures. procedures.
If a node receives an IOAM POT Type value that it does not If a node receives an IOAM POT-Type value that it does not
understand, the node MUST NOT change, add to, or remove the understand, the node MUST NOT change, add to, or remove the
contents of the OAM-Data-Fields. contents of the IOAM-Data-Fields.
IOAM POT flags: 8-bit. This document does not define any flags. IOAM POT flags:
Bits 0-7 These bits are available for assignment, see Section 8.5. 8 bits. This document does not define any flags. Bits 0-7 are
Bits which have not been assigned MUST be set to zero upon available for assignment (see Section 7.5). Bits that have not
transmission and ignored upon receipt. been assigned MUST be set to zero upon transmission and be ignored
upon receipt.
POT Option data: Variable-length field. The type of which is POT Option data:
determined by the IOAM-POT-Type. Variable-length field. The type of which is determined by the
IOAM POT-Type.
5.5.1. IOAM Proof of Transit Type 0 4.5.1. IOAM Proof of Transit Type 0
IOAM proof of transit option of IOAM POT Type 0: IOAM Proof of Transit Option of IOAM POT-Type 0:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Namespace-ID |IOAM POT Type=0|R R R R R R R R| | Namespace-ID |IOAM POT-Type=0|R R R R R R R R|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+
| PktID | | | PktID | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ P +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ P
| PktID (contd) | O | PktID (contd) | O
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ T +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ T
| Cumulative | | | Cumulative | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
| Cumulative (contd) | | | Cumulative (contd) | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+<-+
Namespace-ID: 16-bit identifier of an IOAM-Namespace (see Namespace-ID:
Section 5.5 above). 16-bit identifier of an IOAM-Namespace (see Section 4.3 above).
IOAM POT Type: 8-bit identifier of a particular POT variant that IOAM POT-Type:
specifies the POT data that is included (see Section 5.5 above). 8-bit identifier of a particular POT variant that specifies the
For this case here, IOAM POT Type is set to the value 0. POT data that is included (see Section 4.5 above). For this case
here, IOAM POT-Type is set to the value 0.
Bit 0-7: Undefined (see Section 5.5 above). Bit 0-7:
Undefined (see Section 4.5 above).
PktID: 64-bit packet identifier. PktID:
64-bit packet identifier.
Cumulative: 64-bit Cumulative that is updated at specific nodes by Cumulative:
processing per packet PktID field and configured parameters. 64-bit Cumulative that is updated at specific nodes by processing
per packet PktID field and configured parameters.
Note: Larger or smaller sizes of "PktID" and "Cumulative" data are | Note: Larger or smaller sizes of "PktID" and "Cumulative" data
feasible and could be required for certain deployments, e.g., in case | are feasible and could be required for certain deployments,
of space constraints in the encapsulation protocols used. Future | e.g., in case of space constraints in the encapsulation
documents could introduce different sizes of data for "proof of | protocols used. Future documents could introduce different
transit". | sizes of data for "Proof of Transit".
5.6. IOAM Edge-to-Edge Option-Type 4.6. IOAM Edge-to-Edge Option-Type
The IOAM Edge-to-Edge Option-Type is to carry data that is added by The IOAM Edge-to-Edge Option-Type carries data that is added by the
the IOAM encapsulating node and interpreted by IOAM decapsulating IOAM encapsulating node and interpreted by the IOAM decapsulating
node. The IOAM transit nodes MAY process the data but MUST NOT node. The IOAM transit nodes MAY process the data but MUST NOT
modify it. modify it.
The IOAM Edge-to-Edge Option-Type consist of a fixed size "IOAM Edge- The IOAM Edge-to-Edge Option-Type consist of a fixed-size "IOAM Edge-
to-Edge Option-Type header" and "IOAM Edge-to-Edge Option-Type data to-Edge Option-Type header" and "IOAM Edge-to-Edge Option-Type data
fields": fields":
IOAM Edge-to-Edge Option-Type header: IOAM Edge-to-Edge Option-Type header:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Namespace-ID | IOAM-E2E-Type | | Namespace-ID | IOAM E2E-Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
IOAM Edge-to-Edge Option-Type IOAM-Data-Fields MUST The IOAM Edge-to-Edge Option-Type IOAM-Data-Fields MUST be aligned by
be 4-octet aligned: 4 octets:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| E2E Option data field determined by IOAM-E2E-Type | | E2E Option data field determined by IOAM-E2E-Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Namespace-ID: 16-bit identifier of an IOAM-Namespace. The Namespace-ID:
Namespace-ID value of 0x0000 is defined as the "Default-Namespace- 16-bit identifier of an IOAM-Namespace. The Namespace-ID value of
ID" (see Section 5.3) and MUST be known to all the nodes 0x0000 is defined as the "Default-Namespace-ID" (see Section 4.3)
implementing IOAM. For any other Namespace-ID value that does not and MUST be known to all the nodes implementing IOAM. For any
match any Namespace-ID the node is configured to operate on, then other Namespace-ID value that does not match any Namespace-ID the
the node MUST NOT change the contents of the IOAM-Data-Fields. node is configured to operate on, the node MUST NOT change the
contents of the IOAM-Data-Fields.
IOAM-E2E-Type: A 16-bit identifier which specifies which data types IOAM-E2E-Type:
are used in the E2E option data. The IOAM-E2E-Type value is a bit 16-bit identifier that specifies which data types are used in the
field. The order of packing the E2E option data field elements E2E Option data. The IOAM-E2E-Type value is a bit field. The
follows the bit order of the IOAM-E2E-Type field, as follows: order of packing the E2E Option data field elements follows the
bit order of the IOAM E2E-Type field as follows:
Bit 0 (Most significant bit) When set indicates presence of a Bit 0 Most significant bit. When set, it indicates the
64-bit sequence number added to a specific "packet group" presence of a 64-bit sequence number added to a specific
which is used to detect packet loss, packet reordering, "packet group" that is used to detect packet loss, packet
or packet duplication within the group. The "packet reordering, or packet duplication within the group. The
group" is deployment dependent and defined at the IOAM "packet group" is deployment dependent and defined at the
encapsulating node, e.g., by n-tuple based classification IOAM encapsulating node, e.g., by n-tuple-based
of packets. When this bit is set, "Bit 1" (for 32-bit classification of packets. When this bit is set, "Bit 1"
sequence number, see below) MUST be zero. (for a 32-bit sequence number, see below) MUST be zero.
Bit 1 When set indicates presence of a 32-bit sequence number Bit 1 When set, it indicates the presence of a 32-bit sequence
added to a specific "packet group" which is used to number added to a specific "packet group" that is used to
detect packet loss, packet reordering, or packet detect packet loss, packet reordering, or packet
duplication within that group. The "packet group" is duplication within that group. The "packet group" is
deployment dependent and defined at the IOAM deployment dependent and defined at the IOAM
encapsulating node, e.g., by n-tuple based classification encapsulating node, e.g., by n-tuple-based classification
of packets. When this bit is set, "Bit 0" (for 64-bit of packets. When this bit is set, "Bit 0" (for a 64-bit
sequence number, see above) MUST be zero. sequence number, see above) MUST be zero.
Bit 2 When set indicates presence of timestamp seconds, Bit 2 When set, it indicates the presence of timestamp seconds,
representing the time at which the packet entered the representing the time at which the packet entered the
IOAM-domain. Within the IOAM encapsulating node, the IOAM-Domain. Within the IOAM encapsulating node, the
time that the timestamp is retrieved can depend on the time that the timestamp is retrieved can depend on the
implementation. Some possibilities are: 1) the time at implementation. Some possibilities are 1) the time at
which the packet was received by the node, 2) the time at which the packet was received by the node, 2) the time at
which the packet was transmitted by the node, 3) when a which the packet was transmitted by the node, or 3) when
tunnel encapsulation is used, the point at which the a tunnel encapsulation is used, the point at which the
packet is encapsulated into the tunnel. Each packet is encapsulated into the tunnel. Each
implementation has to document when the E2E timestamp implementation has to document when the E2E timestamp
that is going to be put in the packet is retrieved. This that is going to be put in the packet is retrieved. This
4-octet field has three possible formats; based on either 4-octet field has three possible formats, based on either
PTP (see e.g., [RFC8877]), NTP [RFC5905], or POSIX PTP (see e.g., [RFC8877]), NTP [RFC5905], or POSIX
[POSIX]. The three timestamp formats are specified in [POSIX]. The three timestamp formats are specified in
Section 6. In all three cases, the Timestamp Seconds Section 5. In all three cases, the timestamp seconds
field contains the 32 most significant bits of the field contains the 32 most significant bits of the
timestamp format that is specified in Section 6. If a timestamp format that is specified in Section 5. If a
node is not capable of populating this field, it assigns node is not capable of populating this field, it assigns
the value 0xFFFFFFFF. Note that this is a legitimate the value 0xFFFFFFFF. Note that this is a legitimate
value that is valid for 1 second in approximately 136 value that is valid for 1 second in approximately 136
years; the analyzer has to correlate several packets or years; the analyzer has to correlate several packets or
compare the timestamp value to its own time-of-day in compare the timestamp value to its own time of day in
order to detect the error indication. order to detect the error indication.
Bit 3 When set indicates presence of timestamp fraction, Bit 3 When set, it indicates the presence of timestamp
representing the time at which the packet entered the fraction, representing the time at which the packet
IOAM-domain. This 4-octet field has three possible entered the IOAM-Domain. This 4-octet field has three
formats; based on either PTP (see e.g., [RFC8877]), NTP possible formats, based on either PTP (see e.g.,
[RFC5905], or POSIX [POSIX]. The three timestamp formats [RFC8877]), NTP [RFC5905], or POSIX [POSIX]. The three
are specified in Section 6. In all three cases, the timestamp formats are specified in Section 5. In all
Timestamp fraction field contains the 32 least three cases, the timestamp fraction field contains the 32
significant bits of the timestamp format that is least significant bits of the timestamp format that is
specified in Section 6. If a node is not capable of specified in Section 5. If a node is not capable of
populating this field, it assigns the value 0xFFFFFFFF. populating this field, it assigns the value 0xFFFFFFFF.
Note that this is a legitimate value in the NTP format, Note that this is a legitimate value in the NTP format,
valid for approximately 233 picoseconds in every second. valid for approximately 233 picoseconds in every second.
If the NTP format is used the analyzer has to correlate If the NTP format is used, the analyzer has to correlate
several packets in order to detect the error indication. several packets in order to detect the error indication.
Bit 4-15 Undefined. An IOAM encapsulating node MUST set the value Bit 4-15 Undefined. An IOAM encapsulating node MUST set the
of these bits to zero upon transmission and ignore upon value of these bits to zero upon transmission and ignore
receipt. them upon receipt.
E2E Option data: Variable-length field. The type of which is E2E Option data:
determined by the IOAM-E2E-Type. Variable-length field. The type of which is determined by the
IOAM E2E-Type.
6. Timestamp Formats 5. Timestamp Formats
The IOAM-Data-Fields include a timestamp field which is represented The IOAM-Data-Fields include a timestamp field that is represented in
in one of three possible timestamp formats. It is assumed that the one of three possible timestamp formats. It is assumed that the
management plane is responsible for determining which timestamp management plane is responsible for determining which timestamp
format is used. format is used.
6.1. PTP Truncated Timestamp Format 5.1. PTP Truncated Timestamp Format
The Precision Time Protocol (PTP) uses an 80-bit timestamp format. The Precision Time Protocol (PTP) uses an 80-bit timestamp format.
The truncated timestamp format is a 64-bit field, which is the 64 The truncated timestamp format is a 64-bit field, which is the 64
least significant bits of the 80-bit PTP timestamp. The PTP least significant bits of the 80-bit PTP timestamp. The PTP
truncated format is specified in Section 4.3 of [RFC8877], and the truncated format is specified in Section 4.3 of [RFC8877], and the
details are presented below for the sake of completeness. details are presented below for the sake of completeness.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Seconds | | Seconds |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Nanoseconds | | Nanoseconds |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 1: PTP Truncated Timestamp Format
Timestamp field format: Timestamp field format:
Seconds: Specifies the integer portion of the number of seconds
since the PTP epoch
Seconds: specifies the integer portion of the number of seconds Size: 32 bits
since the PTP epoch.
+ Size: 32 bits.
+ Units: seconds. Units: seconds
Nanoseconds: specifies the fractional portion of the number of Nanoseconds: Specifies the fractional portion of the number of
seconds since the PTP epoch. seconds since the PTP epoch
+ Size: 32 bits. Size: 32 bits
+ Units: nanoseconds. The value of this field is in the range 0 Units: nanoseconds. The value of this field is in the range 0
to (10^9)-1. to (10^9)-1.
Epoch: Epoch:
PTP epoch. For details, see e.g., [RFC8877].
PTP epoch. For details see e.g., [RFC8877].
Resolution: Resolution:
The resolution is 1 nanosecond. The resolution is 1 nanosecond.
Wraparound: Wraparound:
This time format wraps around every 2^32 seconds, which is roughly This time format wraps around every 2^32 seconds, which is roughly
136 years. The next wraparound will occur in the year 2106. 136 years. The next wraparound will occur in the year 2106.
Synchronization Aspects: Synchronization Aspects:
It is assumed that the nodes that run this protocol are
synchronized among themselves. Nodes MAY be synchronized to a
global reference time. Note that if PTP is used for
synchronization, the timestamp MAY be derived from the PTP-
synchronized clock, allowing the timestamp to be measured with
respect to the clock of a PTP Grandmaster clock.
It is assumed that nodes that run this protocol are synchronized 5.2. NTP 64-Bit Timestamp Format
among themselves. Nodes MAY be synchronized to a global reference
time. Note that if PTP is used for synchronization, the timestamp
MAY be derived from the PTP-synchronized clock, allowing the
timestamp to be measured with respect to the clock of an PTP
Grandmaster clock.
6.2. NTP 64-bit Timestamp Format
The Network Time Protocol (NTP) [RFC5905] timestamp format is 64 bits The Network Time Protocol (NTP) [RFC5905] timestamp format is 64 bits
long. This specification uses the NTP timestamp format that is long. This specification uses the NTP timestamp format that is
specified in Section 4.2.1 of [RFC8877], and the details are specified in Section 4.2.1 of [RFC8877], and the details are
presented below for the sake of completeness. presented below for the sake of completeness.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Seconds | | Seconds |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Fraction | | Fraction |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 2: NTP [RFC5905] 64-bit Timestamp Format
Timestamp field format: Timestamp field format:
Seconds: specifies the integer portion of the number of seconds
since the NTP epoch
Seconds: specifies the integer portion of the number of seconds Size: 32 bits
since the NTP epoch.
+ Size: 32 bits.
+ Units: seconds. Units: seconds
Fraction: specifies the fractional portion of the number of Fraction: specifies the fractional portion of the number of
seconds since the NTP epoch. seconds since the NTP epoch
+ Size: 32 bits. Size: 32 bits
+ Units: the unit is 2^(-32) seconds, which is roughly equal to Units: the unit is 2^(-32) seconds, which is roughly equal to
233 picoseconds. 233 picoseconds.
Epoch: Epoch:
NTP epoch. For details, see [RFC5905].
NTP Epoch. For details see [RFC5905].
Resolution: Resolution:
The resolution is 2^(-32) seconds. The resolution is 2^(-32) seconds.
Wraparound: Wraparound:
This time format wraps around every 2^32 seconds, which is roughly This time format wraps around every 2^32 seconds, which is roughly
136 years. The next wraparound will occur in the year 2036. 136 years. The next wraparound will occur in the year 2036.
Synchronization Aspects: Synchronization Aspects:
Nodes that use this timestamp format will typically be Nodes that use this timestamp format will typically be
synchronized to UTC using NTP [RFC5905]. Thus, the timestamp MAY synchronized to UTC using NTP [RFC5905]. Thus, the timestamp MAY
be derived from the NTP-synchronized clock, allowing the timestamp be derived from the NTP-synchronized clock, allowing the timestamp
to be measured with respect to the clock of an NTP server. to be measured with respect to the clock of an NTP server.
6.3. POSIX-based Timestamp Format 5.3. POSIX-Based Timestamp Format
This timestamp format is based on the POSIX time format [POSIX]. The This timestamp format is based on the POSIX time format [POSIX]. The
detailed specification of the timestamp format used in this document detailed specification of the timestamp format used in this document
is presented below. is presented below.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Seconds | | Seconds |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Microseconds | | Microseconds |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 3: POSIX-based Timestamp Format
Timestamp field format: Timestamp field format:
Seconds: specifies the integer portion of the number of seconds
since the POSIX epoch
Seconds: specifies the integer portion of the number of seconds Size: 32 bits
since the POSIX epoch.
+ Size: 32 bits.
+ Units: seconds. Units: seconds
Microseconds: specifies the fractional portion of the number of Microseconds: specifies the fractional portion of the number of
seconds since the POSIX epoch. seconds since the POSIX epoch
+ Size: 32 bits. Size: 32 bits
+ Units: the unit is microseconds. The value of this field is in Units: the unit is microseconds. The value of this field is
the range 0 to (10^6)-1. in the range 0 to (10^6)-1.
Epoch: Epoch:
POSIX epoch. For details, see [POSIX], Appendix A.4.16.
POSIX epoch. For details, see [POSIX], appendix A.4.16.
Resolution: Resolution:
The resolution is 1 microsecond. The resolution is 1 microsecond.
Wraparound: Wraparound:
This time format wraps around every 2^32 seconds, which is roughly This time format wraps around every 2^32 seconds, which is roughly
136 years. The next wraparound will occur in the year 2106. 136 years. The next wraparound will occur in the year 2106.
Synchronization Aspects: Synchronization Aspects:
It is assumed that nodes that use this timestamp format run the It is assumed that nodes that use this timestamp format run the
Linux operating system, and hence use the POSIX time. In some Linux operating system and hence use the POSIX time. In some
cases nodes MAY be synchronized to UTC using a synchronization cases, nodes MAY be synchronized to UTC using a synchronization
mechanism that is outside the scope of this document, such as NTP mechanism that is outside the scope of this document, such as NTP
[RFC5905]. Thus, the timestamp MAY be derived from the NTP- [RFC5905]. Thus, the timestamp MAY be derived from the NTP-
synchronized clock, allowing the timestamp to be measured with synchronized clock, allowing the timestamp to be measured with
respect to the clock of an NTP server. respect to the clock of an NTP server.
7. IOAM Data Export 6. IOAM Data Export
IOAM nodes collect information for packets traversing a domain that IOAM nodes collect information for packets traversing a domain that
supports IOAM. IOAM decapsulating nodes as well as IOAM transit supports IOAM. IOAM decapsulating nodes, as well as IOAM transit
nodes can choose to retrieve IOAM information from the packet, nodes, can choose to retrieve IOAM information from the packet,
process the information further and export the information using process the information further, and export the information using
e.g., IPFIX. The mechanisms and associated data formats for e.g., IP Flow Information Export (IPFIX). The mechanisms and
exporting IOAM data is outside the scope of this document. associated data formats for exporting IOAM data are outside the scope
of this document.
A way to perform raw data export of IOAM data using IPFIX is A way to perform raw data export of IOAM data using IPFIX is
discussed in [I-D.spiegel-ippm-ioam-rawexport]. discussed in [IPPM-IOAM-RAWEXPORT].
8. IANA Considerations
This document requests the following IANA Actions. 7. IANA Considerations
IANA is requested to define a registry group named "In-Situ OAM IANA has defined a registry group named "In Situ OAM (IOAM)".
(IOAM) Protocol Parameters".
This group will include the following registries: This group includes the following registries:
IOAM Option-Type IOAM Option-Type
IOAM Trace-Type IOAM Trace-Type
IOAM Trace-Flags IOAM Trace-Flags
IOAM POT-Type IOAM POT-Type
IOAM POT-Flags IOAM POT-Flags
IOAM E2E-Type IOAM E2E-Type
IOAM Namespace-ID IOAM Namespace-ID
The subsequent sub-sections detail the registries herein contained. The subsequent subsections detail the registries therein contained.
8.1. IOAM Option-Type Registry 7.1. IOAM Option-Type Registry
This registry defines 128 code points for the IOAM Option-Type field This registry defines 128 code points for the IOAM Option-Type field
for identifying IOAM Option-Types as explained in Section 5. The for identifying IOAM-Option-Types, as explained in Section 4. The
following code points are defined in this draft: following code points are defined in this document:
0 IOAM Pre-allocated Trace Option-Type 0: IOAM Pre-allocated Trace Option-Type
1 IOAM Incremental Trace Option-Type 1: IOAM Incremental Trace Option-Type
2 IOAM POT Option-Type 2: IOAM POT Option-Type
3 IOAM E2E Option-Type 3: IOAM E2E Option-Type
4 - 127 are available for assignment via "IETF Review" process as per Code points 4-127 are available for assignment via the "IETF Review"
[RFC8126]. process, as per [RFC8126].
New registration requests MUST use the following template: New registration requests MUST use the following template:
Name: Name of the newly registered Option-Type. Name: name of the newly registered Option-Type
Code point: Desired value of the requested code point. Code point: desired value of the requested code point
Description: Brief description of the newly registered Option-Type. Description: brief description of the newly registered Option-Type
Reference: Reference to the document that defines the new Option- Reference: reference to the document that defines the new Option-
Type. Type
The evaluation of a new registration request MUST also include The evaluation of a new registration request MUST also include
checking whether the new IOAM Option-Type includes an IOAM-Namespace checking whether the new IOAM-Option-Type includes an IOAM-Namespace
field and that the IOAM-Namespace field is the first field in the field and that the IOAM-Namespace field is the first field in the
newly defined header of the new Option-Type. newly defined header of the new Option-Type.
8.2. IOAM Trace-Type Registry 7.2. IOAM Trace-Type Registry
This registry defines code point for each bit in the 24-bit IOAM- This registry defines code points for each bit in the 24-bit IOAM
Trace-Type field for Pre-allocated Trace-Option-Type and Incremental Trace-Type field for the Pre-allocated Trace Option-Type and
Trace-Option-Type defined in Section 5.4. The meaning of Bits 0 - 11 Incremental Trace Option-Type defined in Section 4.4. Bits 0-11 are
is defined in this document in Paragraph 5 of Section 5.4.1: defined in this document in Paragraph 5 of Section 4.4.1:
Bit 0 hop_Lim and node_id in short format Bit 0: hop_Lim and node_id in short format
Bit 1 ingress_if_id and egress_if_id in short format Bit 1: ingress_if_id and egress_if_id in short format
Bit 2 timestamp seconds Bit 2: timestamp seconds
Bit 3 timestamp fraction Bit 3: timestamp fraction
Bit 4 transit delay Bit 4: transit delay
Bit 5 namespace specific data in short format Bit 5: namespace-specific data in short format
Bit 6 queue depth Bit 6: queue depth
Bit 7 checksum complement Bit 7: checksum complement
Bit 8 hop_Lim and node_id in wide format Bit 8: hop_Lim and node_id in wide format
Bit 9 ingress_if_id and egress_if_id in wide format Bit 9: ingress_if_id and egress_if_id in wide format
Bit 10 namespace specific data in wide format Bit 10: namespace-specific data in wide format
Bit 11 buffer occupancy Bit 11: buffer occupancy
Bit 22 variable length Opaque State Snapshot Bit 22: variable-length Opaque State Snapshot
Bit 23 reserved Bit 23: reserved
The meaning for Bits 12 - 21 are available for assignment via "IETF
Review" process as per [RFC8126]. Bits 12-21 are available for assignment via the "IETF Review"
process, as per [RFC8126].
New registration requests MUST use the following template: New registration requests MUST use the following template:
Bit: Desired bit to be allocated in the 24-bit IOAM Trace-Option- Bit: desired bit to be allocated in the 24-bit IOAM Trace Option-
Type field for Pre-allocated Trace-Option-Type and Incremental Type field for the Pre-allocated Trace Option-Type and Incremental
Trace-Option-Type. Trace Option-Type
Description: Brief description of the newly registered bit. Description: brief description of the newly registered bit
Reference: Reference to the document that defines the new bit. Reference: reference to the document that defines the new bit
8.3. IOAM Trace-Flags Registry 7.3. IOAM Trace-Flags Registry
This registry defines code points for each bit in the 4 bit flags for This registry defines code points for each bit in the 4-bit flags for
the Pre-allocated trace option and for the Incremental trace option the Pre-allocated Trace-Option and Incremental Trace-Option defined
defined in Section 5.4. The meaning of Bit 0 (the most significant in Section 4.4. The meaning of Bit 0 (the most significant bit) for
bit) for trace flags is defined in this document in Paragraph 3 of trace flags is defined in this document in Paragraph 3 of
Section 5.4.1: Section 4.4.1:
Bit 0 "Overflow" (O-bit) Bit 0: "Overflow" (O-bit)
Bit 1 - 3 are available for assignment via "IETF Review" process as Bits 1-3 are available for assignment via the "IETF Review" process,
per [RFC8126]. as per [RFC8126].
New registration requests MUST use the following template: New registration requests MUST use the following template:
Bit: Desired bit to be allocated in the 8 bit flags field of the Bit: desired bit to be allocated in the 8-bit flags field of the
Pre-allocated Trace-Option-Type and for the Incremental Trace- Pre-allocated Trace Option-Type and Incremental Trace Option-Type
Option-Type.
Description: Brief description of the newly registered bit. Description: brief description of the newly registered bit
Reference: Reference to the document that defines the new bit. Reference: reference to the document that defines the new bit
8.4. IOAM POT-Type Registry 7.4. IOAM POT-Type Registry
This registry defines 256 code points to define IOAM POT Type for This registry defines 256 code points to define the IOAM POT-Type for
IOAM proof of transit option Section 5.5. The code point value 0 is the IOAM Proof of Transit Option (Section 4.5). The code point value
defined in this document: 0 is defined in this document:
0: 16 Octet POT data 0: 16-Octet POT data
1 - 255 are available for assignment via "IETF Review" process as per Code points 1-255 are available for assignment via the "IETF Review"
[RFC8126]. process, as per [RFC8126].
New registration requests MUST use the following template: New registration requests MUST use the following template:
Name: Name of the newly registered POT-Type. Name: name of the newly registered POT-Type
Code point: Desired value of the requested code point. Code point: desired value of the requested code point
Description: Brief description of the newly registered POT-Type. Description: brief description of the newly registered POT-Type
Reference: Reference to the document that defines the new POT-Type. Reference: reference to the document that defines the new POT-Type
8.5. IOAM POT-Flags Registry 7.5. IOAM POT-Flags Registry
This registry defines code points for each bit in the 8 bit flags for This registry defines code points for each bit in the 8-bit flags for
IOAM POT Option-Type defined in Section 5.5. the IOAM POT Option-Type defined in Section 4.5.
The meaning for Bits 0 - 7 are available for assignment via "IETF Bits 0-7 are available for assignment via the "IETF Review" process,
Review" process as per [RFC8126]. as per [RFC8126].
New registration requests MUST use the following template: New registration requests MUST use the following template:
Bit: Desired bit to be allocated in the 8 bit flags field of the Bit: desired bit to be allocated in the 8-bit flags field of the
IOAM POT Option-Type. IOAM POT Option-Type
Description: Brief description of the newly registered bit. Description: brief description of the newly registered bit
Reference: Reference to the document that defines the new bit. Reference: reference to the document that defines the new bit
8.6. IOAM E2E-Type Registry 7.6. IOAM E2E-Type Registry
This registry defines code points for each bit in the 16 bit IOAM- This registry defines code points for each bit in the 16-bit IOAM
E2E-Type field for IOAM E2E option Section 5.6. The meaning of Bit 0 E2E-Type field for the IOAM E2E Option (Section 4.6). Bits 0-3 are
- 3 are defined in this document: defined in this document:
Bit 0 64-bit sequence number Bit 0: 64-bit sequence number
Bit 1 32-bit sequence number Bit 1: 32-bit sequence number
Bit 2 timestamp seconds Bit 2: timestamp seconds
Bit 3 timestamp fraction Bit 3: timestamp fraction
The meaning of Bits 4 - 15 are available for assignment via "IETF Bits 4-15 are available for assignment via the "IETF Review" process,
Review" process as per [RFC8126]. as per [RFC8126].
New registration requests MUST use the following template: New registration requests MUST use the following template:
Bit: Desired bit to be allocated in the 16 bit IOAM-E2E-Type field. Bit: desired bit to be allocated in the 16-bit IOAM E2E-Type field
Description: Brief description of the newly registered bit. Description: brief description of the newly registered bit
Reference: Reference to the document that defines the new bit. Reference: reference to the document that defines the new bit
8.7. IOAM Namespace-ID Registry 7.7. IOAM Namespace-ID Registry
IANA is requested to set up an "IOAM Namespace-ID Registry", IANA has set up the "IOAM Namespace-ID" registry that contains 16-bit
containing 16-bit values and following the template for requests values and follows the template for requests shown below. The
shown below. The meaning of 0x0000 is defined in this document. meaning of 0x0000 is defined in this document. IANA has reserved the
IANA is requested to reserve the values 0x0001 to 0x7FFF for private values 0x0001 to 0x7FFF for private use (managed by operators), as
use (managed by operators), as specified in Section 5.3 of the specified in Section 4.3 of this document. Registry entries for the
current document. Registry entries for the values 0x8000 to 0xFFFF values 0x8000 to 0xFFFF are to be assigned via the "Expert Review"
are to be assigned via the "Expert Review" policy defined in policy, as per [RFC8126].
[RFC8126].
Upon receiving a new allocation request, a designated expert will Upon receiving a new allocation request, a designated expert will
perform the following: perform the following:
o Review whether the request is complete, i.e., the registration * Review whether the request is complete, i.e., the registration
template has been filled in. The expert will send incomplete template has been filled in. The expert will send incomplete
requests back to the requestor. requests back to the requester.
o Check whether the request is neither a duplicate of nor * Check whether the request is neither a duplicate of nor
conflicting with either an already existing allocation or a conflicting with either an already existing allocation or a
pending allocation. In case of duplicates or conflicts, the pending allocation. In case of duplicates or conflicts, the
expert will ask the requestor to update the allocation request expert will ask the requester to update the allocation request
accordingly. accordingly.
o Solicit feedback from relevant working groups and communities to * Solicit feedback from relevant working groups and communities to
ensure that the new allocation request has been properly reviewed ensure that the new allocation request has been properly reviewed
and that rough consensus on the request exists. At a minimum, the and that rough consensus on the request exists. At a minimum, the
expert will solicit feedback from the IPPM working group in the expert will solicit feedback from the IPPM Working Group by
IETF by posting the request to the ippm@ietf.org mailing list. posting the request to the ippm@ietf.org mailing list. The expert
The expert will allow for a 3-week review period on the mailing will allow for a 3-week review period on the mailing lists. If
lists. If the feedback received from the relevant working groups the feedback received from the relevant working groups and
and communities within the review period indicates rough consensus communities within the review period indicates rough consensus on
on the request, the expert will approve the request and ask IANA the request, the expert will approve the request and ask IANA to
for allocating the new Namespace-ID. In case the expert senses a allocate the new Namespace-ID. In case the expert senses a lack
lack of consensus from the feedback received, the expert will ask of consensus from the feedback received, the expert will ask the
the requestor to engage with the corresponding working groups and requester to engage with the corresponding working groups and
communities to further review and refine the request. communities to further review and refine the request.
It is intended that any allocation will be accompanied by a published It is intended that any allocation will be accompanied by a published
RFC. In order to allow for the allocation of code points prior to RFC. In order to allow for the allocation of code points prior to
the RFC being approved for publication, the designated expert can the RFC being approved for publication, the designated expert can
approve allocations once it seems clear that an RFC will be approve allocations once it seems clear that an RFC will be
published. published.
0x0000: default namespace (known to all IOAM nodes) 0x0000: default namespace (known to all IOAM nodes)
0x0001 - 0x7FFF: reserved for private use 0x0001 - 0x7FFF: reserved for private use
0x8000 - 0xFFFF: unassigned 0x8000 - 0xFFFF: unassigned
New registration requests MUST use the following template: New registration requests MUST use the following template:
Name: Name of the newly registered Namespace-ID. Name: name of the newly registered Namespace-ID
Code point: Desired value of the requested Namespace-ID. Code point: desired value of the requested Namespace-ID
Description: Brief description of the newly registered Namespace-ID. Description: brief description of the newly registered Namespace-ID
Reference: Reference to the document that defines the new Namespace- Reference: reference to the document that defines the new Namespace-
ID. ID
Status of the registration: Status can be either "permanent" or Status of the registration: Status can be either "permanent" or
"provisional". Namespace-ID registrations following a successful "provisional". Namespace-ID registrations following a successful
expert review will have the status "provisional". Once the RFC, expert review will have the status "provisional". Once the RFC
which defines the new Namespace-ID is published, the status is that defines the new Namespace-ID is published, the status is
changed to "permanent". changed to "permanent".
9. Management and Deployment Considerations 8. Management and Deployment Considerations
This document defines the structure and use of IOAM data fields. This document defines the structure and use of IOAM-Data-Fields.
This document does not define the encapsulation of IOAM data fields This document does not define the encapsulation of IOAM-Data-Fields
into different protocols. Management and deployment aspects for IOAM into different protocols. Management and deployment aspects for IOAM
have to be considered within the context of the protocol IOAM data have to be considered within the context of the protocol IOAM-Data-
fields are encapsulated into and as such, are out of scope for this Fields are encapsulated into and, as such, are out of scope for this
document. For a discussion of IOAM deployment, please also refer to document. For a discussion of IOAM deployment, please also refer to
[I-D.ietf-ippm-ioam-deployment], which outlines a framework for IOAM [IPPM-IOAM-DEPLOYMENT], which outlines a framework for IOAM
deployment and provides best current practices. deployment and provides best current practices.
10. Security Considerations 9. Security Considerations
As discussed in [RFC7276], a successful attack on an OAM protocol in As discussed in [RFC7276], a successful attack on an OAM protocol in
general, and specifically on IOAM, can prevent the detection of general, and specifically on IOAM, can prevent the detection of
failures or anomalies, or create a false illusion of nonexistent failures or anomalies or create a false illusion of nonexistent ones.
ones. In particular, these threats are applicable by compromising In particular, these threats are applicable by compromising the
the integrity of IOAM data, either by maliciously modifying IOAM integrity of IOAM data, either by maliciously modifying IOAM options
options in transit, or by injecting packets with maliciously in transit or by injecting packets with maliciously generated IOAM
generated IOAM options. All nodes in the path of a IOAM carrying options. All nodes in the path of an IOAM-carrying packet can
packet can perform such an attack. perform such an attack.
The Proof of Transit Option-Type (see Section 5.5) is used for The Proof of Transit Option-Type (see Section 4.5) is used for
verifying the path of data packets, i.e., proving that packets verifying the path of data packets, i.e., proving that packets
transited through a defined set of nodes. transited through a defined set of nodes.
In case an attacker gains access to several nodes in a network and In case an attacker gains access to several nodes in a network and
would be able to change the system software of these nodes, IOAM data would be able to change the system software of these nodes, IOAM-
fields could be misused and repurposed for a use different from what Data-Fields could be misused and repurposed for a use different from
is specified in this document. One type of misuse is the what is specified in this document. One type of misuse is the
implementation of a covert channel between network nodes. implementation of a covert channel between network nodes.
From a confidentiality perspective, although IOAM options are not From a confidentiality perspective, although IOAM options are not
expected to contain user data, they can be used for network expected to contain user data, they can be used for network
reconnaissance, allowing attackers to collect information about reconnaissance, allowing attackers to collect information about
network paths, performance, queue states, buffer occupancy and other network paths, performance, queue states, buffer occupancy, etc.
information. Moreover, if IOAM data leaks from the IOAM-domain it Moreover, if IOAM data leaks from the IOAM-Domain, it could enable
could enable reconnaissance beyond the scope of the IOAM-domain. One reconnaissance beyond the scope of the IOAM-Domain. One possible
possible application of such reconnaissance is to gauge the application of such reconnaissance is to gauge the effectiveness of
effectiveness of an ongoing attack, e.g., if buffers and queues are an ongoing attack, e.g., if buffers and queues are overflowing.
overflowing.
IOAM can be used as a means for implementing Denial of Service (DoS) IOAM can be used as a means for implementing Denial-of-Service (DoS)
attacks, or for amplifying them. For example, a malicious attacker attacks or for amplifying them. For example, a malicious attacker
can add an IOAM header to packets in order to consume the resources can add an IOAM header to packets in order to consume the resources
of network devices that take part in IOAM or entities that receive, of network devices that take part in IOAM or entities that receive,
collect or analyze the IOAM data. Another example is a packet length collect, or analyze the IOAM data. Another example is a packet
attack, in which an attacker pushes headers associated with IOAM length attack in which an attacker pushes headers associated with
Option-Types into data packets, causing these packets to be increased IOAM-Option-Types into data packets, causing these packets to be
beyond the MTU size, resulting in fragmentation or in packet drops. increased beyond the MTU size, resulting in fragmentation or in
In case POT is used, an attacker could corrupt the POT data fields in packet drops. In case POT is used, an attacker could corrupt the POT
the packet, resulting in a verification failure of the POT data, even data fields in the packet, resulting in a verification failure of the
if the packet followed the correct path. POT data, even if the packet followed the correct path.
Since IOAM options can include timestamps, if network devices use Since IOAM options can include timestamps, if network devices use
synchronization protocols then any attack on the time protocol synchronization protocols, then any attack on the time protocol
[RFC7384] can compromise the integrity of the timestamp-related data [RFC7384] can compromise the integrity of the timestamp-related data
fields. fields.
At the management plane, attacks can be set up by misconfiguring or At the management plane, attacks can be set up by misconfiguring or
by maliciously configuring IOAM-enabled nodes in a way that enables by maliciously configuring IOAM-enabled nodes in a way that enables
other attacks. IOAM configuration should only managed by authorized other attacks. IOAM configuration should only be managed by
processes or users. authorized processes or users.
IETF protocols require features to ensure their security. While IOAM IETF protocols require features to ensure their security. While
data fields don't represent a protocol by themselves, the IOAM data IOAM-Data-Fields don't represent a protocol by themselves, the IOAM-
fields add to the protocol that the IOAM data fields are encapsulated Data-Fields add to the protocol that the IOAM-Data-Fields are
into. Any specification that defines how IOAM data fields carried in encapsulated into. Any specification that defines how IOAM-Data-
an encapsulating protocol MUST provide for a mechanism for Fields carried in an encapsulating protocol MUST provide for a
cryptographic integrity protection of the IOAM data fields. mechanism for cryptographic integrity protection of the IOAM-Data-
Cryptographic integrity protection could be either achieved through a Fields. Cryptographic integrity protection could be achieved through
mechanism of the encapsulating protocol or it could incorporate the a mechanism of the encapsulating protocol, or it could incorporate
mechanisms specified in [I-D.ietf-ippm-ioam-data-integrity]. the mechanisms specified in [IPPM-IOAM-DATA-INTEGRITY].
The current document does not define a specific IOAM encapsulation. The current document does not define a specific IOAM encapsulation.
It has to be noted that some IOAM encapsulation types can introduce It has to be noted that some IOAM encapsulation types can introduce
specific security considerations. A specification that defines an specific security considerations. A specification that defines an
IOAM encapsulation is expected to address the respective IOAM encapsulation is expected to address the respective
encapsulation-specific security considerations. encapsulation-specific security considerations.
Notably, IOAM is expected to be deployed in limited domains, thus Notably, IOAM is expected to be deployed in limited domains, thus
confining the potential attack vectors to within the limited domain. confining the potential attack vectors to within the limited domain.
A limited administrative domain provides the operator with the means A limited administrative domain provides the operator with the means
to select, monitor, and control the access of all the network to select, monitor, and control the access of all the network
devices, making these devices trusted by the operator. Indeed, in devices, making these devices trusted by the operator. Indeed, in
order to limit the scope of threats mentioned above to within the order to limit the scope of threats mentioned above to within the
current limited domain the network operator is expected to enforce current limited domain, the network operator is expected to enforce
policies that prevent IOAM traffic from leaking outside of the IOAM policies that prevent IOAM traffic from leaking outside of the IOAM-
domain, and prevent IOAM data from outside the domain to be processed Domain and prevent IOAM data from outside the domain to be processed
and used within the domain. and used within the domain.
This document does not define the data contents of custom fields like This document does not define the data contents of custom fields,
"Opaque State Snapshot" and "namespace specific data" IOAM data like "Opaque State Snapshot" and "namespace-specific data" IOAM-Data-
fields. These custom data fields will have security considerations Fields. These custom data fields will have security considerations
corresponding to their defined data contents that need to be corresponding to their defined data contents that need to be
described where those formats are defined. described where those formats are defined.
IOAM deployments which leverage both IOAM Trace Option-Types, i.e., IOAM deployments that leverage both IOAM Trace Option-Types, i.e.,
the Pre-allocated Trace Option-Type and Incremental Trace Option-Type the Pre-allocated Trace Option-Type and Incremental Trace Option-
can suffer from incomplete visibility if the information gathered via Type, can suffer from incomplete visibility if the information
the two Trace Option-Types is not correlated and aggregated gathered via the two Trace Option-Types is not correlated and
appropriately. If IOAM transit nodes leverage the IOAM data fields aggregated appropriately. If IOAM transit nodes leverage the IOAM-
in the packet for further actions or insights, then IOAM transit Data-Fields in the packet for further actions or insights, then IOAM
nodes which only support one IOAM Trace Option-Type in an IOAM transit nodes that only support one IOAM Trace Option-Type in an IOAM
deployment which leverages both Trace Option-Types, have limited deployment that leverages both Trace Option-Types have limited
visibility and thus can draw inappropriate conclusions or take wrong visibility and thus can draw inappropriate conclusions or take wrong
actions. actions.
The security considerations of a system that deploys IOAM, much like The security considerations of a system that deploys IOAM, much like
any system, has to be reviewed on a per-deployment-scenario basis, any system, has to be reviewed on a per-deployment-scenario basis
based on a systems-specific threat analysis, which can lead to based on a systems-specific threat analysis, which can lead to
specific security solutions that are beyond the scope of the current specific security solutions that are beyond the scope of the current
document. Specifically, in an IOAM deployment that is not confined document. Specifically, in an IOAM deployment that is not confined
to a single LAN, but spans multiple inter-connected sites (for to a single LAN but spans multiple inter-connected sites (for
example, using an overlay network), the inter-site links can be example, using an overlay network), the inter-site links can be
secured (e.g., by IPsec) in order to avoid external threats. secured (e.g., by IPsec) in order to avoid external threats.
IOAM deployment considerations, including approaches to mitigate the IOAM deployment considerations, including approaches to mitigate the
above discussed threads and potential attacks are outside the scope above discussed threads and potential attacks, are outside the scope
of this document. IOAM deployment considerations are discussed in of this document. IOAM deployment considerations are discussed in
[I-D.ietf-ippm-ioam-deployment]. [IPPM-IOAM-DEPLOYMENT].
11. Acknowledgements
The authors would like to thank Eric Vyncke, Nalini Elkins, Srihari
Raghavan, Ranganathan T S, Karthik Babu Harichandra Babu, Akshaya
Nadahalli, LJ Wobker, Erik Nordmark, Vengada Prasad Govindan, Andrew
Yourtchenko, Aviv Kfir, Tianran Zhou, Zhenbin (Robin) and Greg Mirsky
for the comments and advice.
This document leverages and builds on top of several concepts
described in [I-D.kitamura-ipv6-record-route]. The authors would
like to acknowledge the work done by the author Hiroshi Kitamura and
people involved in writing it.
The authors would like to gracefully acknowledge useful review and
insightful comments received from Joe Clarke, Al Morton, Tom Herbert,
Carlos Bernardos, Haoyu Song, Mickey Spiegel, Roman Danyliw, Benjamin
Kaduk, Murray S. Kucherawy, Ian Swett, Martin Duke, Francesca
Palombini, Lars Eggert, Alvaro Retana, Erik Kline, Robert Wilton,
Zaheduzzaman Sarker, Dan Romascanu and Barak Gafni.
12. References 10. References
12.1. Normative References 10.1. Normative References
[POSIX] Institute of Electrical and Electronics Engineers, "IEEE [POSIX] IEEE, "IEEE/Open Group 1003.1-2017 - IEEE Standard for
Std 1003.1-2017 (Revision of IEEE Std 1003.1-2017) - IEEE Information Technology--Portable Operating System
Standard for Information Technology - Portable Operating Interface (POSIX(TM)) Base Specifications, Issue 7", IEEE
System Interface (POSIX(TM) Base Specifications, Issue Std 1003.1-2017, January 2018,
7)", IEEE Std 1003.1-2017, 2017, <https://standards.ieee.org/ieee/1003.1/7101/>.
<https://standards.ieee.org/findstds/
standard/1003.1-2017.html>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC5905] Mills, D., Martin, J., Ed., Burbank, J., and W. Kasch, [RFC5905] Mills, D., Martin, J., Ed., Burbank, J., and W. Kasch,
"Network Time Protocol Version 4: Protocol and Algorithms "Network Time Protocol Version 4: Protocol and Algorithms
Specification", RFC 5905, DOI 10.17487/RFC5905, June 2010, Specification", RFC 5905, DOI 10.17487/RFC5905, June 2010,
<https://www.rfc-editor.org/info/rfc5905>. <https://www.rfc-editor.org/info/rfc5905>.
[RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for
Writing an IANA Considerations Section in RFCs", BCP 26, Writing an IANA Considerations Section in RFCs", BCP 26,
RFC 8126, DOI 10.17487/RFC8126, June 2017, RFC 8126, DOI 10.17487/RFC8126, June 2017,
<https://www.rfc-editor.org/info/rfc8126>. <https://www.rfc-editor.org/info/rfc8126>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>. May 2017, <https://www.rfc-editor.org/info/rfc8174>.
12.2. Informative References 10.2. Informative References
[I-D.ietf-ippm-ioam-data-integrity] [IPPM-IOAM-DATA-INTEGRITY]
Brockners, F., Bhandari, S., and T. Mizrahi, "Integrity of Brockners, F., Bhandari, S., Mizrahi, T., and J. Iurman,
In-situ OAM Data Fields", draft-ietf-ippm-ioam-data- "Integrity of In-situ OAM Data Fields", Work in Progress,
integrity-00 (work in progress), October 2021. Internet-Draft, draft-ietf-ippm-ioam-data-integrity-01, 2
March 2022, <https://datatracker.ietf.org/doc/html/draft-
ietf-ippm-ioam-data-integrity-01>.
[I-D.ietf-ippm-ioam-deployment] [IPPM-IOAM-DEPLOYMENT]
Brockners, F., Bhandari, S., Bernier, D., and T. Mizrahi, Brockners, F., Bhandari, S., Bernier, D., and T. Mizrahi,
"In-situ OAM Deployment", draft-ietf-ippm-ioam- "In-situ OAM Deployment", Work in Progress, Internet-
deployment-00 (work in progress), October 2021. Draft, draft-ietf-ippm-ioam-deployment-01, 11 April 2022,
<https://datatracker.ietf.org/doc/html/draft-ietf-ippm-
[I-D.ietf-nvo3-vxlan-gpe] ioam-deployment-01>.
(Editor), F. M., (editor), L. K., and U. E. (editor),
"Generic Protocol Extension for VXLAN (VXLAN-GPE)", draft-
ietf-nvo3-vxlan-gpe-12 (work in progress), September 2021.
[I-D.kitamura-ipv6-record-route]
Kitamura, H., "Record Route for IPv6 (PR6) Hop-by-Hop
Option Extension", draft-kitamura-ipv6-record-route-00
(work in progress), November 2000.
[I-D.spiegel-ippm-ioam-rawexport] [IPPM-IOAM-RAWEXPORT]
Spiegel, M., Brockners, F., Bhandari, S., and R. Spiegel, M., Brockners, F., Bhandari, S., and R.
Sivakolundu, "In-situ OAM raw data export with IPFIX", Sivakolundu, "In-situ OAM raw data export with IPFIX",
draft-spiegel-ippm-ioam-rawexport-05 (work in progress), Work in Progress, Internet-Draft, draft-spiegel-ippm-ioam-
July 2021. rawexport-06, 21 February 2022,
<https://datatracker.ietf.org/doc/html/draft-spiegel-ippm-
ioam-rawexport-06>.
[IPV6-RECORD-ROUTE]
Kitamura, H., "Record Route for IPv6 (RR6) Hop-by-Hop
Option Extension", Work in Progress, Internet-Draft,
draft-kitamura-ipv6-record-route-00, 17 November 2000,
<https://datatracker.ietf.org/doc/html/draft-kitamura-
ipv6-record-route-00>.
[NVO3-VXLAN-GPE]
Maino, F., Ed., Kreeger, L., Ed., and U. Elzur, Ed.,
"Generic Protocol Extension for VXLAN (VXLAN-GPE)", Work
in Progress, Internet-Draft, draft-ietf-nvo3-vxlan-gpe-12,
22 September 2021, <https://datatracker.ietf.org/doc/html/
draft-ietf-nvo3-vxlan-gpe-12>.
[RFC7276] Mizrahi, T., Sprecher, N., Bellagamba, E., and Y. [RFC7276] Mizrahi, T., Sprecher, N., Bellagamba, E., and Y.
Weingarten, "An Overview of Operations, Administration, Weingarten, "An Overview of Operations, Administration,
and Maintenance (OAM) Tools", RFC 7276, and Maintenance (OAM) Tools", RFC 7276,
DOI 10.17487/RFC7276, June 2014, DOI 10.17487/RFC7276, June 2014,
<https://www.rfc-editor.org/info/rfc7276>. <https://www.rfc-editor.org/info/rfc7276>.
[RFC7384] Mizrahi, T., "Security Requirements of Time Protocols in [RFC7384] Mizrahi, T., "Security Requirements of Time Protocols in
Packet Switched Networks", RFC 7384, DOI 10.17487/RFC7384, Packet Switched Networks", RFC 7384, DOI 10.17487/RFC7384,
October 2014, <https://www.rfc-editor.org/info/rfc7384>. October 2014, <https://www.rfc-editor.org/info/rfc7384>.
skipping to change at page 45, line 38 skipping to change at line 2041
[RFC8877] Mizrahi, T., Fabini, J., and A. Morton, "Guidelines for [RFC8877] Mizrahi, T., Fabini, J., and A. Morton, "Guidelines for
Defining Packet Timestamps", RFC 8877, Defining Packet Timestamps", RFC 8877,
DOI 10.17487/RFC8877, September 2020, DOI 10.17487/RFC8877, September 2020,
<https://www.rfc-editor.org/info/rfc8877>. <https://www.rfc-editor.org/info/rfc8877>.
[RFC8926] Gross, J., Ed., Ganga, I., Ed., and T. Sridhar, Ed., [RFC8926] Gross, J., Ed., Ganga, I., Ed., and T. Sridhar, Ed.,
"Geneve: Generic Network Virtualization Encapsulation", "Geneve: Generic Network Virtualization Encapsulation",
RFC 8926, DOI 10.17487/RFC8926, November 2020, RFC 8926, DOI 10.17487/RFC8926, November 2020,
<https://www.rfc-editor.org/info/rfc8926>. <https://www.rfc-editor.org/info/rfc8926>.
Contributors' Addresses Acknowledgements
Carlos Pignataro
Cisco Systems, Inc.
7200-11 Kit Creek Road
Research Triangle Park, NC 27709
United States
Email: cpignata@cisco.com
Mickey Spiegel
Barefoot Networks, an Intel company
4750 Patrick Henry Drive
Santa Clara, CA 95054
US
Email: mickey.spiegel@intel.com
Barak Gafni
Nvidia
350 Oakmead Parkway, Suite 100
Sunnyvale, CA 94085
U.S.A.
Email: gbarak@nvidia.com The authors would like to thank Éric Vyncke, Nalini Elkins, Srihari
Raghavan, Ranganathan T S, Karthik Babu Harichandra Babu, Akshaya
Nadahalli, LJ Wobker, Erik Nordmark, Vengada Prasad Govindan, Andrew
Yourtchenko, Aviv Kfir, Tianran Zhou, Zhenbin (Robin), and Greg
Mirsky for the comments and advice.
Jennifer Lemon This document leverages and builds on top of several concepts
Broadcom described in [IPV6-RECORD-ROUTE]. The authors would like to
270 Innovation Drive acknowledge the work done by the author Hiroshi Kitamura and people
San Jose, CA 95134 involved in writing it.
US
Email: jennifer.lemon@broadcom.com The authors would like to gracefully acknowledge useful review and
insightful comments received from Joe Clarke, Al Morton, Tom Herbert,
Carlos J. Bernardos, Haoyu Song, Mickey Spiegel, Roman Danyliw,
Benjamin Kaduk, Murray S. Kucherawy, Ian Swett, Martin Duke,
Francesca Palombini, Lars Eggert, Alvaro Retana, Erik Kline, Robert
Wilton, Zaheduzzaman Sarker, Dan Romascanu, and Barak Gafni.
Hannes Gredler Contributors
RtBrick Inc.
Email: hannes@rtbrick.com This document was the collective effort of several authors. The text
and content were contributed by the editors and the coauthors listed
below.
John Leddy Carlos Pignataro
United States Cisco Systems, Inc.
Research Triangle Park
7200-11 Kit Creek Road
NC 27709
United States of America
Email: cpignata@cisco.com
Email: john@leddy.net Mickey Spiegel
Barefoot Networks, an Intel company
101 Innovation Drive
San Jose, CA 95134-1941
United States of America
Email: mickey.spiegel@intel.com
Stephen Youell Barak Gafni
JP Morgan Chase Nvidia
25 Bank Street Suite 100
London E14 5JP 350 Oakmead Parkway
United Kingdom Sunnyvale, CA 94085
United States of America
Email: gbarak@nvidia.com
Email: stephen.youell@jpmorgan.com Jennifer Lemon
Broadcom
270 Innovation Drive
San Jose, CA 95134
United States of America
Email: jennifer.lemon@broadcom.com
David Mozes Hannes Gredler
RtBrick Inc.
Email: hannes@rtbrick.com
Email: mosesster@gmail.com John Leddy
Petr Lapukhov United States of America
Facebook Email: john@leddy.net
1 Hacker Way
Menlo Park, CA 94025
US
Email: petr@fb.com Stephen Youell
JP Morgan Chase
25 Bank Street
London
E14 5JP
United Kingdom
Email: stephen.youell@jpmorgan.com
Remy Chang David Mozes
Barefoot Networks Email: mosesster@gmail.com
4750 Patrick Henry Drive
Santa Clara, CA 95054
US
Email: remy@barefootnetworks.com Petr Lapukhov
Facebook
1 Hacker Way
Menlo Park, CA 94025
United States of America
Email: petr@fb.com
Daniel Bernier Remy Chang
Bell Canada Barefoot Networks, an Intel company
Canada 101 Innovation Drive
San Jose, CA 95134-1941
United States of America
Email: remy.chang@intel.com
Email: daniel.bernier@bell.ca Daniel Bernier
Bell Canada
Canada
Email: daniel.bernier@bell.ca
Authors' Addresses Authors' Addresses
Frank Brockners (editor) Frank Brockners (editor)
Cisco Systems, Inc. Cisco Systems, Inc.
Hansaallee 249, 3rd Floor 3rd Floor
DUESSELDORF, NORDRHEIN-WESTFALEN 40549 Nordhein-Westfalen
Hansaallee 249
40549 Duesseldorf
Germany Germany
Email: fbrockne@cisco.com Email: fbrockne@cisco.com
Shwetha Bhandari (editor) Shwetha Bhandari (editor)
Thoughtspot Thoughtspot
3rd Floor, Indiqube Orion, 24th Main Rd, Garden Layout, HSR Layout 3rd Floor
Bangalore, KARNATAKA 560 102 Indiqube Orion
Garden Layout
HSR Layout
24th Main Rd
Bangalore 560 102
Karnataka
India India
Email: shwetha.bhandari@thoughtspot.com Email: shwetha.bhandari@thoughtspot.com
Tal Mizrahi (editor) Tal Mizrahi (editor)
Huawei Huawei
8-2 Matam 8-2 Matam
Haifa 3190501 Haifa 3190501
Israel Israel
Email: tal.mizrahi.phd@gmail.com Email: tal.mizrahi.phd@gmail.com
 End of changes. 426 change blocks. 
1213 lines changed or deleted 1203 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/