Echo Request/Reply for Enabled In Situ OAM (IOAM) CapabilitiesZTE Corp.NanjingChina+86 25 88013062xiao.min2@zte.com.cnEricssonUnited States of Americagregimirsky@gmail.comChina TelecomBeijingChina+86 10 50902903leibo@chinatelecom.cn
tsv
ippm This document describes a generic format for use in echo
request/reply mechanisms, which can be used within an IOAM-Domain, allowing the
IOAM encapsulating node to discover the enabled IOAM capabilities of
each IOAM transit and IOAM decapsulating node. The generic format is
intended to be used with a variety of data planes such as IPv6, MPLS,
Service Function Chain (SFC), and Bit Index Explicit Replication
(BIER).Status of This Memo
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by
the Internet Engineering Steering Group (IESG). Further
information on Internet Standards is available in Section 2 of
RFC 7841.
Information about the current status of this document, any
errata, and how to provide feedback on it may be obtained at
.
Copyright Notice
Copyright (c) 2023 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
() in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this
document must include Revised BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Revised BSD License.
Table of Contents
. Introduction
. Conventions
. Requirements Language
. Abbreviations
. IOAM Capabilities Formats
. IOAM Capabilities Query Container
. IOAM Capabilities Response Container
. IOAM Pre-allocated Tracing Capabilities Object
. IOAM Incremental Tracing Capabilities Object
. IOAM Proof of Transit Capabilities Object
. IOAM Edge-to-Edge Capabilities Object
. IOAM DEX Capabilities Object
. IOAM End-of-Domain Object
. Operational Guide
. IANA Considerations
. IOAM SoP Capability Registry
. IOAM TSF Capability Registry
. Security Considerations
. References
. Normative References
. Informative References
Acknowledgements
Authors' Addresses
Introduction In situ Operations, Administration, and Maintenance (IOAM) () defines data fields that
record OAM information within the packet while the packet traverses a particular network domain, called an "IOAM-Domain". IOAM can complement
or replace other OAM mechanisms, such as ICMP or other types of probe packets. As specified in , within the IOAM-Domain, the IOAM data may be updated by network nodes that
the packet traverses. The device that adds an IOAM header to the packet is called an "IOAM encapsulating node". In contrast, the device
that removes an IOAM header is referred to as an "IOAM decapsulating node". Nodes within the domain that are aware of IOAM data and
that read, write, and/or process IOAM data are called "IOAM transit nodes". IOAM encapsulating or decapsulating nodes can also serve as IOAM
transit nodes at the same time. IOAM encapsulating or decapsulating nodes are also referred to as IOAM-Domain "edge devices", which can be
hosts or network devices. defines four IOAM option types, and introduces a new IOAM option
type called the "Direct Export (DEX) Option-Type", which is different from the other four IOAM option types defined in
regarding how to collect the operational and telemetry information defined in . As specified in , IOAM is focused on "limited domains" as defined in .
In a limited domain, a control entity that has control over every IOAM device may be deployed. If that's the case, the control entity can
provision both the explicit transport path and the IOAM header applied to the data packet at every IOAM encapsulating node. In a case when a control entity that has control over every IOAM
device is not deployed in the IOAM-Domain, the IOAM encapsulating node
needs to discover the enabled IOAM capabilities at the IOAM transit and
decapsulating nodes: for example, what types of IOAM tracing data can be
added or exported by the transit nodes along the transport path of the
data packet IOAM is applied to. The IOAM encapsulating node can then add
the correct IOAM header to the data packet according to the discovered
IOAM capabilities. Specifically, the IOAM encapsulating node first
identifies the types and lengths of IOAM options included in the IOAM
data fields according to the discovered IOAM capabilities. Then the IOAM
encapsulating node can add the IOAM header to the data packet based on
the identified types and lengths of IOAM options included in the IOAM
data fields. The IOAM encapsulating node may use NETCONF/YANG or IGP to
discover these IOAM capabilities. However, NETCONF/YANG or IGP has some
limitations:
When NETCONF/YANG is used in this scenario, each IOAM
encapsulating node (including the host when it takes the role of an
IOAM encapsulating node) needs to implement a NETCONF Client, and each
IOAM transit and IOAM decapsulating node (including the host when it
takes the role of an IOAM decapsulating node) needs to implement a
NETCONF Server, so complexity can be an issue. Furthermore, each IOAM
encapsulating node needs to establish a NETCONF Connection with each
IOAM transit and IOAM decapsulating node, so scalability can be an
issue.
When IGP is used in this scenario, the IGP and IOAM-Domains don't
always have the same coverage. For example, when the IOAM
encapsulating node or the IOAM decapsulating node is a host, the
availability can be an issue. Furthermore, it might be too challenging
to reflect enabled IOAM capabilities at the IOAM transit and IOAM
decapsulating node if these are controlled by a local policy depending
on the identity of the IOAM encapsulating node.
This document specifies formats and objects that can be used in the extension of echo request/reply mechanisms used in IPv6 (including Segment
Routing over IPv6 (SRv6) data plane), MPLS (including Segment Routing over MPLS (SR-MPLS) data plane), Service Function Chain (SFC), and Bit Index Explicit Replication (BIER) environments, which can be
used within the IOAM-Domain, allowing the IOAM encapsulating node to discover the enabled IOAM capabilities of each IOAM transit and IOAM
decapsulating node. The following documents contain references to the echo request/reply mechanisms used in IPv6 (including SRv6), MPLS (including SR-MPLS), SFC,
and BIER environments:
""
""
""
""
""
""
""
It is expected that the specification of the instantiation of each of these extensions will be done in the form of an RFC jointly designed by
the working group that develops or maintains the echo request/reply protocol and the IETF IP Performance Measurement (IPPM) Working Group.In this document, note that the echo request/reply mechanism used in IPv6 does not mean ICMPv6 Echo Request/Reply but
does mean IPv6 Node Information Query/Reply .Fate sharing is a common requirement for all kinds of active OAM
packets, including echo requests. In this document, that means an echo
request is required to traverse the path of an IOAM data packet. This
requirement can be achieved by, e.g., applying the same explicit path or
ECMP processing to both echo request and IOAM data
packets. Specifically, the same ECMP processing can be applied to both
echo request and IOAM data packets, by populating the same value or values in any
ECMP affecting fields of the packets.ConventionsRequirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED",
"MAY", and "OPTIONAL" in this document are to be interpreted as
described in BCP 14
when, and only when, they appear in all capitals, as shown here.
Abbreviations
BIER:
Bit Index Explicit Replication
BGP:
Border Gateway Protocol
DEX:
Direct Export
ECMP:
Equal-Cost Multipath
E2E:
Edge to Edge
ICMP:
Internet Control Message Protocol
IGP:
Interior Gateway Protocol
IOAM:
In situ Operations, Administration, and Maintenance
LSP:
Label Switched Path
MPLS:
Multiprotocol Label Switching
MTU:
Maximum Transmission Unit
NETCONF:
Network Configuration Protocol
NTP:
Network Time Protocol
OAM:
Operations, Administration, and Maintenance
PCEP:
Path Computation Element Communication Protocol
POSIX:
Portable Operating System Interface
POT:
Proof of Transit
PTP:
Precision Time Protocol
SoP:
Size of POT
SR-MPLS:
Segment Routing over MPLS
SRv6:
Segment Routing over IPv6
SFC:
Service Function Chain
TTL:
Time to Live (this is also the Hop Limit field in the IPv6
header)
TSF:
TimeStamp Format
IOAM Capabilities FormatsIOAM Capabilities Query Container For echo requests, the IOAM Capabilities Query uses a container that has the following format: When this container is present in the echo request sent by an IOAM encapsulating node, the IOAM encapsulating node
requests that the receiving node reply with its enabled IOAM capabilities. If there is no IOAM capability to be reported by the receiving
node, then this container MUST be ignored by the receiving node. This means the receiving node MUST send an echo reply without IOAM
capabilities or no echo reply, in the light of whether the echo request includes containers other than the IOAM Capabilities Query Container.
A list of IOAM Namespace-IDs (one or more Namespace-IDs) MUST be included in this container in the echo request; if present, the Default-Namespace-ID
0x0000 MUST be placed at the beginning of the list of IOAM Namespace-IDs. The IOAM encapsulating node requests only the enabled IOAM capabilities
that match one of the Namespace-IDs. Inclusion of the Default-Namespace-ID 0x0000 elicits replies only for capabilities that are configured
with the Default-Namespace-ID 0x0000. The Namespace-ID has the same definition as what's specified in . The IOAM Capabilities Query Container has a container header that is used to identify the type and, optionally, the length of the container payload. The container payload (List of IOAM Namespace-IDs) is zero-padded to align with a 4-octet boundary. Since the Default-Namespace-ID 0x0000 is
mandated to appear first in the list, any other occurrences of 0x0000 MUST be disregarded. The length, structure, and definition of the IOAM Capabilities Query Container Header depend on the specific deployment environment.IOAM Capabilities Response Container For echo replies, the IOAM Capabilities Response uses a container that has the following format: When this container is present in the echo reply sent by an IOAM transit node or IOAM decapsulating node, the IOAM function
is enabled at this node, and this container contains the enabled IOAM capabilities of the sender. A list of IOAM capabilities objects (one
or more objects) that contains the enabled IOAM capabilities MUST be included in this container of the echo reply unless the sender encounters
an error (e.g., no matched Namespace-ID). The IOAM Capabilities Response Container has a container header that is used to identify the type and, optionally, the length of the container payload.
The container header MUST be defined such that it falls on a 4-octet boundary. The length, structure, and definition of the IOAM Capabilities Response Container Header depends on the specific deployment environment. Based on the IOAM data fields defined in and , six types of objects are defined in this document.
The same type of object MAY be present in the IOAM Capabilities Response Container more than once, only if listed with a different Namespace-ID. Similar to the container, each object has an object header that is used to identify the type and length of the object payload. The object
payload MUST be defined such that it falls on a 4-octet boundary. The length, structure, and definition of the object header depends on the specific deployment environment.IOAM Pre-allocated Tracing Capabilities Object When the IOAM Pre-allocated Tracing Capabilities Object is present in the IOAM Capabilities Response Container, the sending node is an IOAM transit node, and the IOAM
pre-allocated tracing function is enabled at this IOAM transit node.The IOAM-Trace-Type field has the same definition as what's specified in .The Reserved field MUST be zeroed on transmission and ignored on receipt.The W flag indicates whether Ingress_if_id is in short or wide format. The W-bit is set if the Ingress_if_id is in wide format.
The W-bit is clear if the Ingress_if_id is in short format.The Namespace-ID field has the same definition as what's specified in . It MUST
be one of the Namespace-IDs listed in the IOAM Capabilities Query Object of the echo request.The Ingress_MTU field has 16 bits and specifies the MTU (in octets) of the ingress interface from which the sending node received the echo
request.The Ingress_if_id field has 16 bits (in short format) or 32 bits (in
wide format) and specifies the identifier of the ingress interface
from which the sending node received the echo request. If the W-bit is
cleared, the Ingress_if_id field has 16 bits; then the 16
bits following the Ingress_if_id field are reserved for future use,
MUST be set to zero, and MUST be
ignored when non-zero.IOAM Incremental Tracing Capabilities ObjectWhen the IOAM Incremental Tracing Capabilities Object is present in the IOAM Capabilities Response
Container, the sending node is an IOAM transit node, and
the IOAM incremental tracing function is enabled at this IOAM
transit node.The IOAM-Trace-Type field has the same definition as what's specified in .The Reserved field MUST be zeroed on transmission and ignored on receipt.The W flag indicates whether Ingress_if_id is in short or wide format. The W-bit is set if the Ingress_if_id is in wide format.
The W-bit is clear if the Ingress_if_id is in short format.The Namespace-ID field has the same definition as what's specified in . It MUST
be one of the Namespace-IDs listed in the IOAM Capabilities Query Object of the echo request.The Ingress_MTU field has 16 bits and specifies the MTU (in octets) of the ingress interface from which the sending node received the echo
request.The Ingress_if_id field has 16 bits (in short format) or 32 bits (in
wide format) and specifies the identifier of the ingress interface
from which the sending node received the echo request. If the W-bit
is cleared, the Ingress_if_id field has 16 bits; then the
16 bits following the Ingress_if_id field are reserved for future
use, MUST be set to zero, and MUST
be ignored when non-zero.IOAM Proof of Transit Capabilities Object When the IOAM Proof of Transit Capabilities Object is present in the IOAM Capabilities Response Container, the sending node is an IOAM transit node and the IOAM
Proof of Transit function is enabled at this IOAM transit node.The Namespace-ID field has the same definition as what's specified in . It MUST
be one of the Namespace-IDs listed in the IOAM Capabilities Query Object of the echo request. The IOAM-POT-Type field has the same definition as what's specified in .The SoP (Size of POT) field has two bits that indicate the size of "PktID"
and "Cumulative" data, which are specified in . This document defines SoP as follows:
0b00:
64-bit "PktID" and 64-bit "Cumulative" data
0b01~0b11:
reserved for future standardization
The Reserved field MUST be zeroed on transmission and ignored on receipt.IOAM Edge-to-Edge Capabilities Object When the IOAM Edge-to-Edge Capabilities Object is present in the IOAM Capabilities Response Container, the sending node is an IOAM decapsulating node and
IOAM edge-to-edge function is enabled at this IOAM decapsulating node.The Namespace-ID field has the same definition as what's specified in . It MUST
be one of the Namespace-IDs listed in the IOAM Capabilities Query Object of the echo request.The IOAM-E2E-Type field has the same definition as what's specified in .The TSF field specifies the timestamp format used by the sending node. Aligned with three possible timestamp formats specified in , this document defines TSF as follows:
0b00:
PTP truncated timestamp format
0b01:
NTP 64-bit timestamp format
0b10:
POSIX-based timestamp format
0b11:
Reserved for future standardization
The Reserved field MUST be zeroed on transmission and ignored on receipt.IOAM DEX Capabilities ObjectWhen the IOAM DEX Capabilities Object is present in the IOAM Capabilities Response Container, the sending node is an IOAM transit node and the IOAM
direct exporting function is enabled at this IOAM transit node.The IOAM-Trace-Type field has the same definition as what's specified in .The Namespace-ID field has the same definition as what's specified in . It MUST
be one of the Namespace-IDs listed in the IOAM Capabilities Query Object of the echo request.The Reserved field MUST be zeroed on transmission and ignored on receipt.IOAM End-of-Domain ObjectWhen the IOAM End-of-Domain Object is present in the IOAM Capabilities Response Container, the sending node is an IOAM decapsulating node.
Unless the IOAM Edge-to-Edge Capabilities Object is present, which also indicates that the sending node is an IOAM
decapsulating node, the IOAM End-of-Domain Object MUST be present in the IOAM Capabilities Response Container sent by an IOAM decapsulating node.
When the IOAM edge-to-edge function is enabled at the IOAM decapsulating node, including only the IOAM Edge-to-Edge Capabilities Object, not the IOAM End-of-Domain Object, is RECOMMENDED.The Namespace-ID field has the same definition as what's specified in . It MUST
be one of the Namespace-IDs listed in the IOAM Capabilities Query Container. Reserved field MUST be zeroed on transmission and ignored on receipt.Operational Guide Once the IOAM encapsulating node is triggered to discover the
enabled IOAM capabilities of each IOAM transit and IOAM decapsulating
node, the IOAM encapsulating node will send echo requests that include
the IOAM Capabilities Query Container as follows:
First, with TTL equal to 1 to reach the closest node (which may or
may not be an IOAM transit node).
Then, with TTL equal to 2 to reach the second-nearest node (which
also may or may not be an IOAM transit node).
Then, further increasing by 1 the TTL every time the IOAM
encapsulating node sends a new echo request, until the IOAM
encapsulating node receives an echo reply sent by the IOAM
decapsulating node (which contains the IOAM Capabilities Response
Container including the IOAM Edge-to-Edge Capabilities Object or the
IOAM End-of-Domain Object).
As a result, the echo requests sent by the
IOAM encapsulating node will reach all nodes one by one along the
transport path of IOAM data packet.Alternatively, if the IOAM
encapsulating node knows precisely all the IOAM transit and IOAM
decapsulating nodes beforehand, once the IOAM encapsulating node is
triggered to discover the enabled IOAM capabilities, it can send an echo
request to each IOAM transit and IOAM decapsulating node directly,
without TTL expiration. The IOAM encapsulating node may be triggered by the device administrator, the network management system, the network controller, or
data traffic. The specific triggering mechanisms are outside the scope of this document. Each IOAM transit and IOAM decapsulating node that receives an echo request containing the IOAM Capabilities Query Container will send an
echo reply to the IOAM encapsulating node. For the echo reply, there is an IOAM Capabilities Response Container containing one or more
Objects. The IOAM Capabilities Query Container of the echo request would be ignored by the receiving node unaware of IOAM. Note that the mechanism defined in this document applies to all
kinds of IOAM option types, whether the four types of IOAM options
defined in or the DEX type of IOAM option
defined in . Specifically, when applied to the
IOAM DEX option, the mechanism allows the IOAM encapsulating node to
discover which nodes along the transport path support IOAM direct
exporting and which trace data types are supported to be directly
exported at these nodes.IANA Considerations IANA has created a registry named "In Situ OAM (IOAM) Capabilities". This registry includes the following subregistries:
IOAM SoP Capability
IOAM TSF Capability
The subsequent subsections detail the registries herein contained. Considering the Containers/Objects defined in this document that would be carried in different types of Echo Request/Reply messages, such as
ICMPv6 or LSP Ping, it is intended that the registries for Container/Object Type would be requested in subsequent documents.IOAM SoP Capability Registry This registry defines four codepoints for the IOAM SoP Capability field for identifying the size of "PktID" and "Cumulative" data
as explained in . A new entry in this registry requires the following fields:
SoP (Size of POT): a 2-bit binary field as defined in .
Description: a terse description of the meaning of this SoP value.
The registry initially contains the following value:
SoP and Description
SoP
Description
0b00
64-bit "PktID" and 64-bit "Cumulative" data
0b01 - 0b11 are available for assignment via the IETF Review process as per .IOAM TSF Capability Registry This registry defines four codepoints for the IOAM TSF Capability field for identifying the timestamp format as explained in . A new entry in this registry requires the following fields:
TSF (TimeStamp Format): a 2-bit binary field as defined in .
Description: a terse description of the meaning of this TSF value.
The registry initially contains the following values:
TSF and Description
TSF
Description
0b00
PTP Truncated Timestamp Format
0b01
NTP 64-bit Timestamp Format
0b10
POSIX-based Timestamp Format
0b11 is available for assignment via the IETF Review process as per .Security Considerations Overall, the security needs for IOAM capabilities query mechanisms used in different environments are similar. To avoid potential Denial-of-Service (DoS) attacks, it is RECOMMENDED that implementations apply rate-limiting to
incoming echo requests and replies. To protect against unauthorized sources using echo request messages to obtain IOAM Capabilities information,
implementations MUST provide a means of checking the source addresses of echo request messages against an
access list before accepting the message. A deployment MUST ensure that border-filtering drops inbound echo requests with an IOAM Capabilities Container Header
from outside of the domain and that drops outbound echo requests or replies with IOAM Capabilities Headers leaving the domain. A deployment MUST support the configuration option to enable or disable the IOAM Capabilities Discovery feature defined
in this document. By default, the IOAM Capabilities Discovery feature MUST be disabled. The integrity protection on IOAM Capabilities information carried in echo reply messages can be achieved by the
underlying transport. For example, if the environment is an IPv6 network, the IP Authentication Header
or IP Encapsulating Security Payload Header can be used. The collected IOAM Capabilities information by queries may be considered confidential. An implementation can use
secure underlying transport of echo requests or replies to provide privacy protection. For example, if the environment is
an IPv6 network, confidentiality can be achieved by using the IP Encapsulating Security Payload Header . An implementation can also directly secure the data carried in echo requests and replies if needed, the specific
mechanism on how to secure the data is beyond the scope of this document. An implementation can also check whether the fields in received echo
requests and replies strictly conform to the specifications, e.g.,
whether the list of IOAM Namespace-IDs includes duplicate entries and
whether the received Namespace-ID is an operator-assigned or
IANA-assigned one, once a check fails, an exception event indicating the
checked field should be reported to the management. Except for what's described above, the security issues discussed in provide good guidance on
implementation of this specification.ReferencesNormative ReferencesKey words for use in RFCs to Indicate Requirement LevelsIn many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.Guidelines for Writing an IANA Considerations Section in RFCsMany protocols make use of points of extensibility that use constants to identify various protocol parameters. To ensure that the values in these fields do not have conflicting uses and to promote interoperability, their allocations are often coordinated by a central record keeper. For IETF protocols, that role is filled by the Internet Assigned Numbers Authority (IANA).To make assignments in a given registry prudently, guidance describing the conditions under which new values should be assigned, as well as when and how modifications to existing values can be made, is needed. This document defines a framework for the documentation of these guidelines by specification authors, in order to assure that the provided guidance for the IANA Considerations is clear and addresses the various issues that are likely in the operation of a registry.This is the third edition of this document; it obsoletes RFC 5226.Ambiguity of Uppercase vs Lowercase in RFC 2119 Key WordsRFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.Data Fields for In Situ Operations, Administration, and Maintenance (IOAM)In situ Operations, Administration, and Maintenance (IOAM) collects operational and telemetry information in the packet while the packet traverses a path between two points in the network. This document discusses the data fields and associated data types for IOAM. IOAM-Data-Fields can be encapsulated into a variety of protocols, such as Network Service Header (NSH), Segment Routing, Generic Network Virtualization Encapsulation (Geneve), or IPv6. IOAM can be used to complement OAM mechanisms based on, e.g., ICMP or other types of probe packets.In Situ Operations, Administration, and Maintenance (IOAM) Direct ExportingIn situ Operations, Administration, and Maintenance (IOAM) is used for recording and collecting operational and telemetry information. Specifically, IOAM allows telemetry data to be pushed into data packets while they traverse the network. This document introduces a new IOAM option type (denoted IOAM-Option-Type) called the "IOAM Direct Export (DEX) Option-Type". This Option-Type is used as a trigger for IOAM data to be directly exported or locally aggregated without being pushed into in-flight data packets. The exporting method and format are outside the scope of this document.Informative ReferencesBIER Ping and TraceCisco Systems, Inc.Cisco Systems, Inc.Big Switch NetworksIndividual ContributorHuawei TechnologiesEricsson Bit Index Explicit Replication (BIER) is an architecture that
provides optimal multicast forwarding through a "BIER domain" without
requiring intermediate routers to maintain any multicast related per-
flow state. BIER also does not require any explicit tree-building
protocol for its operation. A multicast data packet enters a BIER
domain at a "Bit-Forwarding Ingress Router" (BFIR), and leaves the
BIER domain at one or more "Bit-Forwarding Egress Routers" (BFERs).
The BFIR router adds a BIER header to the packet. The BIER header
contains a bit-string in which each bit represents exactly one BFER
to forward the packet to. The set of BFERs to which the multicast
packet needs to be forwarded is expressed by setting the bits that
correspond to those routers in the BIER header.
This document describes the mechanism and basic BIER OAM packet
format that can be used to perform failure detection and isolation on
the BIER data plane.
Work in ProgressActive OAM for Service Function Chaining (SFC)EricssonZTE CorporationChina MobileIndividual contributorIndividual contributorVerizon Inc.Work in ProgressIP Authentication HeaderThis document describes an updated version of the IP Authentication Header (AH), which is designed to provide authentication services in IPv4 and IPv6. This document obsoletes RFC 2402 (November 1998). [STANDARDS-TRACK]IP Encapsulating Security Payload (ESP)This document describes an updated version of the Encapsulating Security Payload (ESP) protocol, which is designed to provide a mix of security services in IPv4 and IPv6. ESP is used to provide confidentiality, data origin authentication, connectionless integrity, an anti-replay service (a form of partial sequence integrity), and limited traffic flow confidentiality. This document obsoletes RFC 2406 (November 1998). [STANDARDS-TRACK]Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) SpecificationThis document describes the format of a set of control messages used in ICMPv6 (Internet Control Message Protocol). ICMPv6 is the Internet Control Message Protocol for Internet Protocol version 6 (IPv6). [STANDARDS-TRACK]IPv6 Node Information QueriesThis document describes a protocol for asking an IPv6 node to supply certain network information, such as its hostname or fully-qualified domain name. IPv6 implementation experience has shown that direct queries for a hostname are useful, and a direct query mechanism for other information has been found useful in serverless environments and for debugging. This memo defines an Experimental Protocol for the Internet community.Extended ICMP to Support Multi-Part MessagesThis document redefines selected ICMP messages to support multi-part operation. A multi-part ICMP message carries all of the information that ICMP messages carried previously, as well as additional information that applications may require.Multi-part messages are supported by an ICMP extension structure. The extension structure is situated at the end of the ICMP message. It includes an extension header followed by one or more extension objects. Each extension object contains an object header and object payload. All object headers share a common format.This document further redefines the above mentioned ICMP messages by specifying a length attribute. All of the currently defined ICMP messages to which an extension structure can be appended include an "original datagram" field. The "original datagram" field contains the initial octets of the datagram that elicited the ICMP error message. Although the original datagram field is of variable length, the ICMP message does not include a field that specifies its length. Therefore, in order to facilitate message parsing, this document allocates eight previously reserved bits to reflect the length of the "original datagram" field.The proposed modifications change the requirements for ICMP compliance. The impact of these changes on compliant implementations is discussed, and new requirements for future implementations are presented.This memo updates RFC 792 and RFC 4443. [STANDARDS-TRACK]Detecting Multiprotocol Label Switched (MPLS) Data-Plane FailuresThis document describes a simple and efficient mechanism to detect data-plane failures in Multiprotocol Label Switching (MPLS) Label Switched Paths (LSPs). It defines a probe message called an "MPLS echo request" and a response message called an "MPLS echo reply" for returning the result of the probe. The MPLS echo request is intended to contain sufficient information to check correct operation of the data plane and to verify the data plane against the control plane, thereby localizing faults.This document obsoletes RFCs 4379, 6424, 6829, and 7537, and updates RFC 1122.PROBE: A Utility for Probing InterfacesThis document describes a network diagnostic tool called PROBE. PROBE is similar to PING in that it can be used to query the status of a probed interface, but it differs from PING in that it does not require bidirectional connectivity between the probing and probed interfaces. Instead, PROBE requires bidirectional connectivity between the probing interface and a proxy interface. The proxy interface can reside on the same node as the probed interface, or it can reside on a node to which the probed interface is directly connected. This document updates RFC 4884.Limited Domains and Internet ProtocolsThere is a noticeable trend towards network behaviors and semantics that are specific to a particular set of requirements applied within a limited region of the Internet. Policies, default parameters, the options supported, the style of network management, and security requirements may vary between such limited regions. This document reviews examples of such limited domains (also known as controlled environments), notes emerging solutions, and includes a related taxonomy. It then briefly discusses the standardization of protocols for limited domains. Finally, it shows the need for a precise definition of "limited domain membership" and for mechanisms to allow nodes to join a domain securely and to find other members, including boundary nodes.This document is the product of the research of the authors. It has been produced through discussions and consultation within the IETF but is not the product of IETF consensus.Acknowledgements The authors would like to acknowledge , , , , , , , , , , , , , , , , , , , and for their careful review and helpful comments. The authors appreciate the f2f discussion with on this document. The authors would like to acknowledge and for their good suggestion
and guidance.Authors' AddressesZTE Corp.NanjingChina+86 25 88013062xiao.min2@zte.com.cnEricssonUnited States of Americagregimirsky@gmail.comChina TelecomBeijingChina+86 10 50902903leibo@chinatelecom.cn