INTERNET-DRAFT Samer
Internet Engineering Task Force (IETF) S. Salam
Intended Status: Informational Ali
Request for Comments: 9062 A. Sajassi
Category: Informational Cisco
Sam
ISSN: 2070-1721 S. Aldrin
Google
John E.
J. Drake
Juniper
Donald
D. Eastlake 3rd
Futurewei
Expires: October 14, 2021 April 15,
June 2021
EVPN Operations, Administration
Framework and Maintenance Requirements for Ethernet VPN (EVPN) Operations,
Administration, and Framework
draft-ietf-bess-evpn-oam-req-frmwk-10 Maintenance (OAM)
Abstract
This document specifies the requirements and reference framework for
Ethernet VPN (EVPN) Operations, Administration Administration, and Maintenance
(OAM). The requirements cover the OAM aspects of EVPN and PBB-EVPN (Provider Provider
Backbone Bridge EVPN). EVPN (PBB-EVPN). The framework defines the layered
OAM model encompassing the EVPN service layer, network layer,
underlying Packet Switched Network (PSN) transport layer, and link
layer but focuses on the service and network layers.
Status of this This Memo
This Internet-Draft document is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents not an Internet Standards Track specification; it is
published for informational purposes.
This document is a product of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum
(IETF). It represents the consensus of six months the IETF community. It has
received public review and may be updated, replaced, or obsoleted has been approved for publication by other the
Internet Engineering Steering Group (IESG). Not all documents at
approved by the IESG are candidates for any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list level of Internet
Standard; see Section 2 of RFC 7841.
Information about the current Internet-Drafts can be accessed at
https://www.ietf.org/1id-abstracts.html. The list status of Internet-Draft
Shadow Directories can this document, any errata,
and how to provide feedback on it may be accessed obtained at
https://www.ietf.org/shadow.html
INTERNET-DRAFT EVPN OAM Requirements/Framework
https://www.rfc-editor.org/info/rfc9062.
Copyright and License Notice
Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info)
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
INTERNET-DRAFT EVPN OAM Requirements/Framework
Table of Contents
1. Introduction............................................4
1.1 Introduction
1.1. Relationship to Other OAM Work.........................4
1.2 Work
1.2. Specification of Requirements..........................5
1.3 Terminology............................................5 Requirements
1.3. Terminology
2. EVPN OAM Framework......................................7
2.1 Framework
2.1. OAM Layering...........................................7
2.2 Layering
2.2. EVPN Service OAM.......................................8
2.3 OAM
2.3. EVPN Network OAM.......................................9
2.4 OAM
2.4. Transport OAM for EVPN................................10
2.5 EVPN
2.5. Link OAM..............................................11
2.6 OAM Inter-working.....................................11
2.6. OAM Interworking
3. EVPN OAM Requirements..................................12
3.1 Requirements
3.1. Fault Management Requirements.........................12
3.1.1 Requirements
3.1.1. Proactive Fault Management Functions................12
3.1.1.1 Functions
3.1.1.1. Fault Detection (Continuity Check)................12
3.1.1.2 Check)
3.1.1.2. Defect Indication.................................13
3.1.1.2.1 Indication
3.1.1.2.1. Forward Defect Indication.......................13
3.1.1.2.2 Indication (FDI)
3.1.1.2.2. Reverse Defect Indication (RDI).................14
3.1.2 (RDI)
3.1.2. On-Demand Fault Management Functions................14
3.1.2.1 Functions
3.1.2.1. Connectivity Verification.........................14
3.1.2.2 Verification
3.1.2.2. Fault Isolation...................................15
3.2 Isolation
3.2. Performance Management................................15
3.2.1 Management
3.2.1. Packet Loss.........................................16
3.2.2 Loss
3.2.2. Packet Delay and Jitter.............................16 Jitter
4. Security Considerations................................17 Considerations
5. IANA Considerations....................................17 Considerations
6. Acknowledgements.......................................17 References
6.1. Normative References......................................18 References
6.2. Informative References....................................19
INTERNET-DRAFT EVPN OAM Requirements/Framework References
Acknowledgements
Authors' Addresses
1. Introduction
This document specifies the requirements and defines a reference
framework for Ethernet VPN (EVPN) Operations, Administration Administration, and
Maintenance (OAM, [RFC6291]). (OAM) [RFC6291]. In this context, we use the term EVPN
OAM "EVPN
OAM" to loosely refer to the OAM functions required for and/or
applicable to [RFC7432] and [RFC7623].
EVPN is a Layer 2 VPN (L2VPN) solution for multipoint Ethernet
services,
services with advanced multi-homing capabilities, using multihoming capabilities that uses BGP for
distributing customer/client MAC Customer/Client Media Access Control (C-MAC) address
reachability information over the core MPLS/IP network.
PBB-EVPN combines Provider Backbone Bridging (PBB) [802.1Q] [IEEE-802.1Q] with
EVPN in order to reduce the number of BGP MAC advertisement routes, routes;
provide client MAC address mobility using C-MAC (Client MAC
[RFC7623]) [RFC7623] aggregation
and B-MAC (Backbone Backbone MAC [RFC7623]) sub-
netting, (B-MAC) [RFC7623] sub-netting; confine the scope of
C-MAC learning to only active flows, flows; offer per site policies, per-site policies; and
avoid C-MAC address flushing on topology changes.
This document focuses on the fault management and performance
management aspects of EVPN OAM. It defines the layered OAM model
encompassing the EVPN service layer, network layer, underlying Packet
Switched Network (PSN) transport layer, and link layer but focuses on
the service and network layers.
1.1
1.1. Relationship to Other OAM Work
This document leverages concepts and draws upon elements defined
and/or and
/ or used in the following documents:
[RFC6136] specifies the requirements and a reference model for OAM as
it relates to L2VPN services, pseudowires pseudowires, and associated Packet
Switched Network (PSN) tunnels. This document focuses on VPLS Virtual
Private LAN Service (VPLS) and
VPWS Virtual Private Wire Service (VPWS)
solutions and services.
[RFC8029] defines mechanisms for detecting data plane failures in
MPLS LSPs, Label Switched Paths (LSPs), including procedures to check the
correct operation of the data plane, plane as well as mechanisms to verify
the data plane against the control plane.
[802.1Q]
[IEEE-802.1Q] specifies the Ethernet Connectivity Fault Management
(CFM) protocol, which defines the concepts of Maintenance Domains,
Maintenance Associations, Maintenance End Points, and Maintenance
Intermediate Points.
INTERNET-DRAFT EVPN OAM Requirements/Framework
[Y.1731] extends Connectivity Fault Management in the following
areas: it defines fault notification and alarm suppression functions
for Ethernet. It also Ethernet and specifies mechanisms for Ethernet performance
management, including loss, delay, jitter, and throughput
measurement.
1.2
1.2. Specification of Requirements
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
1.3
1.3. Terminology
This document uses the following terminology terminology, much of which is
defined in [RFC6136]:
CE Customer Edge device, e.g., device; for example, a host, router, or
switch.
CFM Connectivity Fault Management [802.1Q]. [IEEE-802.1Q]
DF Designated Forwarder [RFC7432]. [RFC7432]
Down MEP A MEP that originates traffic away from and terminates
traffic towards the core of the device in whose port it
is logically located.
EVI An EVPN instance spanning the Provider Edge (PE) devices
participating in that EVPN [RFC7432].
L2VPN Layer 2 VPN. VPN
LOC Loss of continuity
MA Maintenance Association is Association; a set of MEPs belonging to the
same Maintenance Domain (MD), (MD) established to verify the
integrity of a single service instance [802.1Q]. [IEEE-802.1Q].
MD Maintenance Domain, Domain; an OAM Domain that represents a
region over which OAM frames can operate unobstructed [802.1Q].
[IEEE-802.1Q].
MEP Maintenance End Point Point; it is responsible for origination
and termination of OAM frames for a given MA. A MEP is
logically located in a device's port [802.1Q]. [IEEE-802.1Q].
MIP Maintenance Intermediate Point Point; it is located between
peer MEPs and
INTERNET-DRAFT EVPN OAM Requirements/Framework can process and respond to certain OAM
frames but does not initiate them. A MIP is logically
located in a device's port
[802.1Q]. [IEEE-802.1Q].
MP2P Multipoint to Point. Point
NMS Network Management Station [RFC6632]. [RFC6632]
P Provider network interior (non-edge) node. node
P2MP Point to Multipoint. Multipoint
PBB Provider Backbone Bridge [RFC7623]. [RFC7623]
PE Provider network Edge device. network device
Up MEP A MEP that originates traffic towards and terminates
traffic from the core of the device in whose port it is
logically located.
VPN Virtual Private Network
INTERNET-DRAFT EVPN OAM Requirements/Framework
2. EVPN OAM Framework
2.1
2.1. OAM Layering
Multiple layers come into play for implementing an L2VPN service
using the EVPN family of solutions as listed below. The focus of
this document is the Service service and Network network layers.
-
* The Service Layer service layer runs end to end between the sites or Ethernet
Segments
segments that are being interconnected by the EVPN solution.
-
* The Network Layer network layer extends between the EVPN PE (Provider Edge)
nodes and is mostly transparent to the P (Provider (provider network
interior) nodes (except where Flow Entropy flow entropy comes into play). It
leverages MPLS for service (i.e., EVI) multiplexing and Split-Horizon split-
horizon functions.
-
* The Transport Layer transport layer is dictated by the networking technology of
the PSN. It may be either based on either MPLS LSPs or IP.
-
* The Link Layer link layer is dependent upon the physical technology used.
Ethernet is a popular choice for this layer, but other
alternatives are deployed (e.g., POS, DWDM Packet over SONET (POS), Dense
Wavelength Division Multiplexing (DWDM), etc.).
This layering extends to the set of OAM protocols that are involved
in the ongoing maintenance and diagnostics of EVPN networks.
Figure 1 below depicts the OAM layering, layering and shows which devices have
visibility into what OAM layer(s).
+---+ +---+
+--+ | | +---+ +---+ +---+ | | +--+
|CE|----|PE |----| P |----| P |----| P |----|PE |----|CE|
+--+ | | +---+ +---+ +---+ | | +--+
+---+ +---+
o-------o----------- Service OAM -----------o-------o
o----------- Network OAM -----------o
o--------o--------o--------o--------o Transport OAM
o----o o----o o----o o----o o----o o----o Link OAM
Figure 1: OAM Layering
Service OAM and Network OAM mechanisms only have visibility to the PE
(Provider Edge)
nodes but not the P (Provider interior) nodes. As such, they can be used to deduce
whether the fault is in the
INTERNET-DRAFT EVPN OAM Requirements/Framework customer's own network, the local CE-PE
segment, the PE-PE segment segment, or the remote CE-PE segment(s). EVPN
Transport OAM mechanisms can be used for fault isolation between the
PEs and P nodes.
Figure 2 below shows an example network where native Ethernet domains are
interconnected via EVPN using MPLS MPLS, and gives it shows the OAM mechanisms
that are applicable at each layer. The details of the layers are
described in the sections below.
+---+ +---+
+--+ | | +---+ +---+ +---+ | | +--+
|CE|----|PE |----| P |----| P |----| P |----|PE |----|CE|
+--+ | | +---+ +---+ +---+ | | +--+
+---+ +---+
o----o---------- CFM (Service OAM) ----------o----o
o-------- EVPN Network OAM ---------o
o--------o--------o--------o--------o MPLS OAM
o----o o----o o----o o----o o----o o----o [802.3] 802.3 OAM
[IEEE-802.3]
Figure 2: EVPN OAM Example
2.2
2.2. EVPN Service OAM
The EVPN Service OAM protocol depends on what service layer service-layer
technology is being interconnected by the EVPN solution. In the case
of [RFC7432] and [RFC7623], the service layer is Ethernet; hence, the
corresponding service Service OAM protocol is Ethernet Connectivity Fault
Management (CFM) [802.1Q]. CFM [IEEE-802.1Q].
EVPN service Service OAM is visible to the CEs and EVPN PEs, PEs but not to the P
nodes. This is because the PEs operate at the Ethernet MAC layer in
[RFC7432] [RFC7623] and [RFC7623], whereas the P nodes do not.
The EVPN PE MUST support MIP functions in the applicable service Service OAM
protocol, for example
protocol (for example, Ethernet CFM. CFM). The EVPN PE SHOULD support MEP
functions in the applicable service Service OAM protocol. This includes both
Up and Down MEP functions.
As shown in Figure 3, the MIP and MEP functions being referred to are
logically located within the device's port operating at the customer
level. (There could be MEPs/MIPs within PE ports facing the provider
network
network, but they would not be relevant to EVPN Service OAM as the
traffic passing through them will be encapsulated/tunneled encapsulated/tunneled, so any
customer level
customer-level OAM messages will just be treated as data.) Down MEP
INTERNET-DRAFT EVPN OAM Requirements/Framework
functions are away from the core of the device while up Up MEP functions
are towards the core of the device (towards the PE forwarding
mechanism in the case of a PE). OAM messages between the PE Up MEPs
shown are a type of EVPN Network OAM OAM, while such messages between the
CEs or from a PE to its local CE or to the remote CE are Service OAM.
OAMs.
+-------+ +----------------+ +----------------+ +-------+
|+-----+| |+--------------+| |+--------------+| |+-----+|
|| CE || || PE || ... || PE || || CE ||
|+--+--+| |+---+--------+-+| |+-+--------+---+| |+--+--+|
| | | | | | | | | | | | | |
|+--+--+| |+---+-----+ . | | . +-----+---+| |+--+--+|
|| MEP || || | Up ^| . | ... | . | Up ^| || || MEP ||
||DownV|| ||MIP|MEP | . | | . |MEP |MIP|| ||DownV||
|+--+--+| || |DownV| . | | . |DownV| || |+--+--+|
| | | |+---+-----+ | | | | +-----+---+| | | |
+---|---+ +----|--------|--+ +--|--------|----+ +---|---+
| | | | | |
+------------+ +--- ... ---+ +------------+
Figure 3: CFM Details
The EVPN PE MUST, by default, learn the MAC address of locally
attached CE MEPs by snooping on CFM frames and advertising them to
remote PEs as a MAC/IP Advertisement route. Some means to limit the
number of MAC addresses that a PE will learn SHOULD be implemented.
The EVPN PE SHOULD advertise any MEP/MIP local to the PE as a MAC/IP
Advertisement route. Since these are not subject to mobility, they
SHOULD be advertised with the static (sticky) bit set (see
Section 15.2 of [RFC7432]).
2.3
2.3. EVPN Network OAM
EVPN Network OAM is visible to the PE nodes only. This OAM layer is
analogous to VCCV Virtual Circuit Connectivity Verification (VCCV)
[RFC5085] in the case of VPLS/VPWS. It provides mechanisms to check
the correct operation of the data plane, plane as well as a mechanism to
verify the data plane against the control plane. This includes the
ability to perform fault detection and diagnostics on:
-
* the MP2P tunnels used for the transport of unicast traffic between
PEs. EVPN allows for three different models of unicast label
assignment: label per EVI, label per <ESI, Ethernet Tag> Tag>, and
label per MAC address. In all three models, the label is bound to
an EVPN Unicast FEC. Forwarding Equivalence Class (FEC). EVPN Network
OAM MUST provide mechanisms to check the operation of the data
plane and verify that operation against the control plane view.
INTERNET-DRAFT EVPN OAM Requirements/Framework
-
* the MP2P tunnels used for aliasing unicast traffic destined to a
multi-homed
multihomed Ethernet Segment. segment. The three label assignment models,
discussed above, apply here as well. In all three models, the
label is bound to an EVPN Aliasing FEC. EVPN Network OAM MUST
provide mechanisms to check the operation of the data plane and
verify that operation against the control plane view.
-
* the multicast tunnels (either MP2P or P2MP) used for the transport
of broadcast, unknown unicast unicast, and multicast traffic between PEs.
In the case of ingress replication, a label is allocated per EVI
or per <EVI, Ethernet Tag> and is bound to an EVPN Multicast FEC.
In the case of LSM (Label Label Switched Multicast), and Multicast (LSM) and, more specifically
specifically, aggregate inclusive trees, again again, a label may be
allocated per EVI or per <EVI, Ethernet Tag> and is bound to the
tunnel FEC.
-
* the correct operation of the ESI Ethernet Segment Identifier (ESI)
split-horizon filtering function. In EVPN, a label is allocated
per multi-homed multihomed Ethernet Segment segment for the purpose of performing the
access split-horizon enforcement. The label is bound to an EVPN
Ethernet Segment.
- segment.
* the correct operation of the DF (Designated Designated Forwarder [RFC7432]) (DF) [RFC7432]
filtering function. EVPN Network OAM MUST provide mechanisms to
check the operation of the data plane and verify that operation
against the control plane view for the DF filtering function.
EVPN Network OAM mechanisms MUST provide in-band monitoring
capabilities. It is desirable, to the extent practical, for OAM test
messages to share fate with data messages. Details of how to achieve
this are beyond the scope of this document.
EVPN Network OAM SHOULD provide both proactive and on-demand
mechanisms of monitoring the data plane operation and data plane
conformance to the state of the control plane.
2.4
2.4. Transport OAM for EVPN
The transport Transport OAM protocol depends on the nature of the underlying
transport technology in the PSN. MPLS OAM mechanisms [RFC8029]
[RFC6425] as well as ICMP [RFC792] / [RFC0792] and ICMPv6 [RFC4443] are
applicable, depending on whether the PSN employs MPLS or IP
transport, respectively. Furthermore, BFD Bidirectional Forwarding
Detection (BFD) mechanisms per [RFC5880], [RFC5881],
[RFC5883] [RFC5883], and
[RFC5884] apply. Also, the BFD mechanisms pertaining to MPLS-TP LSPs
per [RFC6428] are applicable.
INTERNET-DRAFT EVPN OAM Requirements/Framework
2.5
2.5. Link OAM
Link OAM depends on the data link data-link technology being used between the
PE and P nodes. For example, if Ethernet links are employed, then
Ethernet Link OAM ([802.3] ([IEEE-802.3], Clause 57) may be used.
2.6
2.6. OAM Inter-working Interworking
When inter-working interworking two networking domains, such as native actual Ethernet and
EVPN to provide an end-to-end emulated service, there is a need to
identify the failure domain and location, even when a PE supports
both the Service OAM mechanisms and the EVPN Network OAM mechanisms.
In addition, scalability constraints may not allow the running of
proactive monitoring, such as Ethernet Continuity Check Messages (CCMs
[802.1Q]),
(CCMs) [IEEE-802.1Q], at a PE to detect the failure of an EVI across
the EVPN domain. Thus, the mapping of alarms generated upon failure
detection in one domain (e.g., native actual Ethernet or EVPN network
domain) to the other domain is needed. There are also cases where a
PE may not be able to process Service OAM messages received from a
remote PE over the PSN even when such messages are defined, as in the
Ethernet case, thereby necessitating support for fault notification
message mapping between the EVPN Network domain and the Service
domain.
OAM inter-working interworking is not limited though limited, though, to scenarios involving
disparate network domains. It is possible to perform OAM inter-
working
interworking across different layers in the same network domain. In
general, alarms generated within an OAM layer, as a result of
proactive fault detection mechanisms, may be injected into its client
layer
client-layer OAM mechanisms. This allows the client layer client-layer OAM to
trigger event-driven (i.e., asynchronous) fault notifications. For
example, alarms generated by the Link OAM mechanisms may be injected
into the Transport OAM layer, and alarms generated by the Transport
OAM mechanism may be injected into the Network OAM mechanism, and so
on.
EVPN OAM MUST support inter-working interworking between the Network OAM and
Service OAM mechanisms. EVPN OAM MAY support inter-working interworking among
other OAM layers.
INTERNET-DRAFT EVPN OAM Requirements/Framework
3. EVPN OAM Requirements
This section discusses the EVPN OAM requirements pertaining to Fault
Management fault
management and Performance Management.
3.1 performance management.
3.1. Fault Management Requirements
3.1.1
3.1.1. Proactive Fault Management Functions
The network operator configures proactive fault management functions
to run periodically without a time bound. periodically. Certain actions, for
example actions (for example, protection
switchover or alarm indication signaling, signaling) can be associated with
specific events, such as entering or clearing fault states.
3.1.1.1
3.1.1.1. Fault Detection (Continuity Check)
Proactive fault detection is performed by periodically monitoring the
reachability between service endpoints, end points, i.e., MEPs in a given MA,
through the exchange of Continuity Check Messages [802.1Q]. CCMs [IEEE-802.1Q]. The reachability between
any two arbitrary MEPs may be monitored for:
- in-band
* in-band, per-flow monitoring. This enables per flow per-flow monitoring
between MEPs. EVPN Network OAM MUST support fault detection with
per user
per-user flow granularity. EVPN Service OAM MAY support fault
detection with per user per-user flow granularity.
-
* a representative path. This enables a liveness check of the nodes
hosting the MEPs MEPs, assuming that the loss of continuity (LOC) to
the MEP is interpreted as a failure of the hosting node. This,
however, does not conclusively indicate liveness of the path(s)
taken by user data traffic. This enables node failure detection
but not path failure detection, detection through the use of a test flow.
EVPN Network OAM and Service OAM MUST support fault detection
using test flows.
-
* all paths. For MPLS/IP networks with ECMP, the monitoring of all
unicast paths between MEPs (on non-adjacent nodes) may not be
possible,
possible since the per-hop ECMP hashing behavior may yield
situations where it is impossible for a MEP to pick flow entropy
characteristics that result in exercising the exhaustive set of
ECMP paths. Monitoring The monitoring of all ECMP paths between MEPs (on non-
adjacent
non-adjacent nodes) is not a requirement for EVPN OAM.
INTERNET-DRAFT EVPN OAM Requirements/Framework
The fact that MPLS/IP networks do not enforce congruency between
unicast and multicast paths means that the proactive fault detection
mechanisms for EVPN networks MUST provide procedures to monitor the
unicast paths independently of the multicast paths. This applies to
EVPN Service OAM and Network OAM.
3.1.1.2
3.1.1.2. Defect Indication
Defect indications can be categorized into two types: forward and
reverse defect indications
reverse, as described below. EVPN Service OAM MUST support at least
one of these types of event-driven defect indication indications upon the
detection of a connectivity defect.
3.1.1.2.1
3.1.1.2.1. Forward Defect Indication
This (FDI)
FDI is used to signal a failure that is detected by a lower layer lower-layer OAM
mechanism. A server MEP (i.e., an actual or virtual MEP) transmits a Forward Defect Indication
forward defect indication in a direction that is away from the direction of
the failure (refer to Figure 4 below).
Failure
|
+-----+ +-----+ V +-----+ +-----+
| A |------| B |--XXX--| C |------| D |
+-----+ +-----+ +-----+ +-----+
<===========| |============>
Forward Forward
Defect Defect
Indication Indication
Figure 4: Forward Defect Indication
Forward defect indication may be used for alarm suppression and/or
for the purpose of inter-working interworking with other layer OAM protocols.
Alarm suppression is useful when a transport/network level transport-level or network-level
fault translates to multiple service service- or flow level flow-level faults. In such
a scenario, it is enough to alert a network management station (NMS)
of the single
transport/network level transport-level or network-level fault in lieu of
flooding that NMS with a multitude of Service or Flow granularity
alarms. EVPN PEs SHOULD support Forward Defect Indication forward defect indication in the
Service OAM mechanisms.
INTERNET-DRAFT EVPN OAM Requirements/Framework
3.1.1.2.2
3.1.1.2.2. Reverse Defect Indication (RDI)
RDI is used to signal that the advertising MEP has detected a loss of
continuity (LoC) LOC
defect. RDI is transmitted in the direction of the failure (refer to
Figure 5).
Failure
|
+-----+ +-----+ V +-----+ +-----+
| A |------| B |--XXX--| C |------| D |
+-----+ +-----+ +-----+ +-----+
|===========> <============|
Reverse Reverse
Defect Defect
Indication Indication
Figure 5: Reverse Defect Indication
RDI allows single-sided management, where the network operator can
examine the state of a single MEP and deduce the overall health of a
monitored service. EVPN PEs SHOULD support Reverse Defect Indication reverse defect indication
in the Service OAM mechanisms. This includes both the ability to
signal LoC a LOC defect to a remote MEP, MEP as well as the ability to
recognize RDI from a remote MEP. Note that, in a multipoint MA, RDI
is not a useful indicator of unidirectional fault. This is because
RDI carries no indication of the affected MEP(s) with which the
sender had detected a LoC LOC defect.
3.1.2
3.1.2. On-Demand Fault Management Functions
On-demand fault management functions are initiated manually by the
network operator and continue for a bounded time bound period. These
functions enable the operator to run diagnostics to investigate a
defect condition.
3.1.2.1
3.1.2.1. Connectivity Verification
EVPN Network OAM MUST support on-demand connectivity verification
mechanisms for unicast and multicast destinations. The connectivity
verification mechanisms SHOULD provide a means for specifying and
carrying the following in the messages:
- variable length
* variable-length payload/padding to test MTU (Maximum Transmission
Unit) related connectivity problems.
INTERNET-DRAFT EVPN OAM Requirements/Framework
- problems
related to the Maximum Transmission Unit (MTU).
* test frame formats as defined in Appendix C of [RFC2544] to detect
potential packet corruption.
EVPN Network OAM MUST support connectivity verification at per flow per-flow
granularity. This includes both user flows (to test a specific path
between PEs) as well as test flows (to test a representative path
between PEs).
EVPN Service OAM MUST support connectivity verification on test flows
and MAY support connectivity verification on user flows.
For multicast connectivity verification, EVPN Network OAM MUST
support reporting on:
-
* the DF filtering status of a specific port(s) or all the ports in
a given bridge-domain.
- bridge domain.
* the Split Horizon split-horizon filtering status of a specific port(s) or all
the ports in a given bridge-domain.
3.1.2.2 bridge domain.
3.1.2.2. Fault Isolation
EVPN OAM MUST support an on-demand fault localization function. This
involves the capability to narrow down the locality of a fault to a
particular port, link link, or node. The characteristic of forward/reverse forward/
reverse path asymmetry, asymmetry in MPLS/IP, MPLS/IP makes fault isolation a direction-
sensitive operation. That is, given two PEs A and B, localization of
continuity failures between them requires running fault isolation fault-isolation
procedures from PE A to PE B as well as from PE B to PE A.
EVPN Service OAM mechanisms only have visibility to the PEs but not
the MPLS or IP P nodes. As such, they can be used to deduce whether
the fault is in the customer's own network, the local CE-PE segment segment,
or a remote CE-PE segment(s). EVPN Network and Transport OAM
mechanisms can be used for fault isolation between the PEs and P
nodes.
3.2
3.2. Performance Management
Performance Management management functions can be performed both proactively
and on-demand. on demand. Proactive management involves a recurring function,
where the performance management probes are run continuously without
a trigger. We cover both proactive and on-demand functions in this
section.
INTERNET-DRAFT EVPN OAM Requirements/Framework
3.2.1
3.2.1. Packet Loss
EVPN Network OAM SHOULD provide mechanisms for measuring packet loss
for a given service, service -- for example example, [RFC7680] and [RFC6673].
Given that EVPN provides inherent support for multipoint-to-
multipoint connectivity, then packet loss cannot be accurately measured by
means of counting user data packets. This is because user packets
can be delivered to more PEs or more ports than are necessary (e.g.,
due to broadcast, un-pruned multicast unpruned multicast, or unknown unicast flooding).
As such, a statistical means of approximating the packet loss rate is
required. This can be achieved by sending "synthetic" OAM packets
that are counted only by those ports (MEPs) that are required to
receive them. This provides a statistical approximation of the
number of data frames lost, even with multipoint-to-multipoint
connectivity.
3.2.2
3.2.2. Packet Delay and Jitter
EVPN Service OAM SHOULD support measurement of one-way and two-way
packet delay and delay variation (jitter) across the EVPN network.
Measurement of one-way delay requires clock synchronization between
the probe source and target devices. Mechanisms for clock
synchronization are outside the scope of this document. Note that
Service OAM performance management mechanisms defined in [Y.1731] can
be used. See also [RFC7679], [RFC2681], and [RFC3393] [RFC3393].
EVPN Network OAM MAY support measurement of one-way and two-way
packet delay and delay variation (jitter) across the EVPN network.
INTERNET-DRAFT EVPN OAM Requirements/Framework
4. Security Considerations
EVPN OAM MUST prevent OAM packets from leaking outside of the EVPN
network or outside their corresponding Maintenance Domain. This can
be done for CFM, for example, by having MEPs implement a filtering
function based on the Maintenance Level associated with received OAM
packets.
EVPN OAM SHOULD provide mechanisms for implementation and optional
use to:
- Prevent denial of service
* prevent denial-of-service attacks caused by exploitation of the
OAM message channel (for example example, by forging messages to exceed a
maintenance end point's
Maintenance End Point's capacity to maintain state).
- Authenticate
* authenticate communicating endpoints end points (for example example, MEPs and
MIPs).
5. IANA Considerations
This document requires has no IANA actions.
6. Acknowledgements
The authors would like to thank the following for their review of
this work and valuable comments:
David Black, Martin Duke, Xiao Min, Gregory Mirsky,
Zaheduzzaman Sarker, Dave Schinazi, John Scudder, Melinda Shore,
Robert Wilton, Alexander Vainshtein, Stig Venaas, and Eric Vyncke.
INTERNET-DRAFT EVPN OAM Requirements/Framework References
6.1. Normative References
[RFC792]
[RFC0792] Postel, J., "Internet Control Message Protocol", STD 5,
RFC 792, DOI 10.17487/RFC0792, September 1981,
<https://www.rfc-editor.org/info/rfc792>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, <https://www.rfc-
editor.org/info/rfc2119>.
<https://www.rfc-editor.org/info/rfc2119>.
[RFC4443] Conta, A., Deering, S., and M. Gupta, Ed., "Internet
Control Message Protocol (ICMPv6) for the Internet
Protocol Version 6 (IPv6) Specification", STD 89,
RFC 4443, DOI 10.17487/RFC4443, March 2006, <https://www.rfc-
editor.org/info/rfc4443>.
<https://www.rfc-editor.org/info/rfc4443>.
[RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection
(BFD)", RFC 5880, DOI 10.17487/RFC5880, June 2010,
<https://www.rfc-editor.org/info/rfc5880>.
[RFC5881] Katz, D. and D. Ward, "Bidirectional Forwarding Detection
(BFD) for IPv4 and IPv6 (Single Hop)", RFC 5881,
DOI 10.17487/RFC5881, June 2010, <https://www.rfc-
editor.org/info/rfc5881>.
<https://www.rfc-editor.org/info/rfc5881>.
[RFC5883] Katz, D. and D. Ward, "Bidirectional Forwarding Detection
(BFD) for Multihop Paths", RFC 5883, DOI 10.17487/RFC5883,
June 2010, <https://www.rfc-editor.org/info/rfc5883>.
[RFC5884] Aggarwal, R., Kompella, K., Nadeau, T., and G. Swallow,
"Bidirectional Forwarding Detection (BFD) for MPLS Label
Switched Paths (LSPs)", RFC 5884, DOI 10.17487/RFC5884,
June 2010, <https://www.rfc-editor.org/info/rfc5884>.< <https://www.rfc-editor.org/info/rfc5884>.
[RFC6291] Andersson, L., van Helvoort, H., Bonica, R., Romascanu,
D., and S. Mansfield, "Guidelines for the Use of the "OAM"
Acronym in the IETF", BCP 161, RFC 6291,
DOI 10.17487/RFC6291, June 2011, <https://www.rfc-
editor.org/info/rfc6291>.
<https://www.rfc-editor.org/info/rfc6291>.
[RFC6425] Saxena, S., Ed., Swallow, G., Ali, Z., Farrel, A.,
Yasukawa, S., and T. Nadeau, "Detecting Data-Plane
Failures in Point-to-Multipoint MPLS - Extensions to LSP
Ping", RFC 6425, DOI 10.17487/RFC6425, November 2011,
<https://www.rfc-editor.org/info/rfc6425>.
[RFC6428] Allan, D., Ed., Swallow, G., Ed., and J. Drake, Ed.,
"Proactive Connectivity Verification, Continuity Check,
and Remote Defect Indication for the MPLS Transport
Profile",
INTERNET-DRAFT EVPN OAM Requirements/Framework RFC 6428, DOI 10.17487/RFC6428, November 2011,
<https://www.rfc-editor.org/info/rfc6428>.
[RFC7432] Sajassi, A., Ed., Aggarwal, R., Bitar, N., Isaac, A.,
Uttaro, J., Drake, J., and W. Henderickx, "BGP MPLS-Based
Ethernet VPN", RFC 7432, DOI 10.17487/RFC7432, February
2015, <https://www.rfc-editor.org/info/rfc7432>.
[RFC7623] Sajassi, A., Ed., Salam, S., Bitar, N., Isaac, A., and W.
Henderickx, "Provider Backbone Bridging Combined with
Ethernet VPN (PBB-EVPN)", RFC 7623, DOI 10.17487/RFC7623,
September 2015, <https://www.rfc-editor.org/info/rfc7623>.
[RFC8029] Kompella, K., Swallow, G., Pignataro, C., Ed., Kumar, N.,
Aldrin, S., and M. Chen, "Detecting Multiprotocol Label
Switched (MPLS) Data-Plane Failures", RFC 8029,
DOI 10.17487/RFC8029, March 2017, <https://www.rfc-
editor.org/info/rfc8029>.
<https://www.rfc-editor.org/info/rfc8029>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <http://www.rfc-editor.org/info/rfc8174> <https://www.rfc-editor.org/info/rfc8174>.
6.2. Informative References
[802.1Q]
[IEEE-802.1Q]
IEEE, "IEEE Standard for Local and metropolitan area
networks - Media Access Control (MAC) Bridges
networks--Bridges and Virtual
Bridge Local Area Bridged Networks", IEEE Std 802.1Q-2014, 2014.
[802.3] 802.1Q-
2014, DOI 10.1109/IEEESTD.2014.6991462, December 2014,
<https://doi.org/10.1109/IEEESTD.2014.6991462>.
[IEEE-802.3]
IEEE, "IEEE Standard for Ethernet", IEEE Std 802.3-2015,
2015. 802.3-2018,
DOI 10.1109/IEEESTD.2018.8457469, August 2018,
<https://doi.org/10.1109/IEEESTD.2018.8457469>.
[RFC2544] Bradner, S. and J. McQuaid, "Benchmarking Methodology for
Network Interconnect Devices", RFC 2544,
DOI 10.17487/RFC2544, March 1999, <https://www.rfc-
editor.org/info/rfc2544>.
<https://www.rfc-editor.org/info/rfc2544>.
[RFC2681] Almes, G., Kalidindi, S., and M. Zekauskas, "A Round-trip
Delay Metric for IPPM", RFC 2681, DOI 10.17487/RFC2681,
September 1999, <https://www.rfc-editor.org/info/rfc2681>.
[RFC3393] Demichelis, C. and P. Chimento, "IP Packet Delay Variation
Metric for IP Performance Metrics (IPPM)", RFC 3393,
DOI 10.17487/RFC3393, November 2002, <https://www.rfc-
editor.org/info/rfc3393>.
<https://www.rfc-editor.org/info/rfc3393>.
[RFC5085] Nadeau, T., Ed., Ed. and C. Pignataro, Ed., "Pseudowire Virtual
Circuit Connectivity Verification (VCCV): A Control
Channel
INTERNET-DRAFT EVPN OAM Requirements/Framework for Pseudowires", RFC 5085, DOI 10.17487/RFC5085,
December 2007, <https://www.rfc-editor.org/info/rfc5085>.
[RFC6136] Sajassi, A., Ed., Ed. and D. Mohan, Ed., "Layer 2 Virtual
Private Network (L2VPN) Operations, Administration, and
Maintenance (OAM) Requirements and Framework", RFC 6136,
DOI 10.17487/RFC6136, March 2011, <https://www.rfc-
editor.org/info/rfc6136>.
<https://www.rfc-editor.org/info/rfc6136>.
[RFC6632] Ersue, M., Ed., Ed. and B. Claise, "An Overview of the IETF
Network Management Standards", RFC 6632,
DOI 10.17487/RFC6632, June 2012, <https://www.rfc-
editor.org/info/rfc6632>.
<https://www.rfc-editor.org/info/rfc6632>.
[RFC6673] Morton, A., "Round-Trip Packet Loss Metrics", RFC 6673,
DOI 10.17487/RFC6673, August 2012, <https://www.rfc-
editor.org/info/rfc6673>.
<https://www.rfc-editor.org/info/rfc6673>.
[RFC7679] Almes, G., Kalidindi, S., Zekauskas, M., and A. Morton,
Ed., "A One-Way Delay Metric for IP Performance Metrics
(IPPM)", STD 81, RFC 7679, DOI 10.17487/RFC7679, January
2016, <https://www.rfc-editor.org/info/rfc7679>.
[RFC7680] Almes, G., Kalidindi, S., Zekauskas, M., and A. Morton,
Ed., "A One-Way Loss Metric for IP Performance Metrics
(IPPM)", STD 82, RFC 7680, DOI 10.17487/RFC7680, January
2016, <https://www.rfc-editor.org/info/rfc7680>.
[Y.1731] "ITU-T Recommendation Y.1731 (02/08) - OAM ITU-T, "Operation, administration and maintenance (OAM)
functions and mechanisms for Ethernet based Ethernet-based networks", February 2008.
INTERNET-DRAFT EVPN OAM Requirements/Framework
ITU-T Recommendation G.8013/Y.1731, August 2015.
Acknowledgements
The authors would like to thank the following for their review of
this work and their valuable comments: David Black, Martin Duke, Xiao
Min, Gregory Mirsky, Zaheduzzaman Sarker, Dave Schinazi, John
Scudder, Melinda Shore, Robert Wilton, Alexander Vainshtein, Stig
Venaas, and Éric Vyncke.
Authors' Addresses
Samer Salam
Cisco
Email: ssalam@cisco.com
Ali Sajassi
Cisco
170 West Tasman Drive
San Jose, CA 95134, USA 95134
United States of America
Email: sajassi@cisco.com
Sam Aldrin
Google, Inc.
1600 Amphitheatre Parkway
Mountain View, CA 94043 USA
United States of America
Email: aldrin.ietf@gmail.com
John E. Drake
Juniper Networks
1194 N. Mathilda Ave.
Sunnyvale, CA 94089, USA 94089
United States of America
Email: jdrake@juniper.net
Donald E. Eastlake, Eastlake 3rd
Futurewei Technologies
2386 Panoramic Circle
Apopka, FL 32703 USA
Tel:
United States of America
Phone: +1-508-333-2270
Email: d3e3e3@gmail.com