- Benefits of In-band OAM for IPv6
- Information About In-band OAM for IPv6
- Configuring In-band OAM for IPv6
- Troubleshooting Tips
- Use Cases for In-band OAM for IPv6
- Additional References for In-band OAM for IPv6
- Feature Information for In-band OAM for IPv6
In-band OAM for IPv6
The In-band OAM for IPv6 feature supports "in-band" operation, administration, and maintenance (OAM) for IPv6 which enables you to define advanced options for recording OAM information in an IPv6 packet during its traversal through a particular network domain.
- Benefits of In-band OAM for IPv6
- Information About In-band OAM for IPv6
- Configuring In-band OAM for IPv6
- Troubleshooting Tips
- Use Cases for In-band OAM for IPv6
- Additional References for In-band OAM for IPv6
- Feature Information for In-band OAM for IPv6
Benefits of In-band OAM for IPv6
Benefits over Active OAM (out-of-band)
In-band OAM for IPv6 enables you to use "In-band" mechanisms which do not require extra packets to be sent and hence don't change the packet traffic mix within the network. Traceroute and ping for example use ICMP messages: New packets are injected to get tracing information. Those add to the number of messages in a network, which already might be highly loaded or suffering performance issues for a particular path or traffic type.
Packet scheduling algorithms, especially for balancing traffic across equal cost paths or links, often leverage information contained within the packet, such as protocol number, IP-address or MAC-address. Probe packets would thus either need to be sent from the exact same endpoints with the exact same parameters, or probe packets would need to be artificially constructed as "fake" packets and inserted along the path. Both approaches are often not feasible from an operational perspective, be it that access to the end-system is not feasible, or that the diversity of parameters and associated probe packets to be created is too large. An in-band mechanism is an alternative in those cases.
In-band mechanisms also don't suffer from implementations, where probe traffic is handled differently (and potentially forwarded differently) by a router than regular data traffic. Traditional ping and traceroute tools return the OAM results to the sender of the probe. It would be advantageous to separate the sending of an OAM probe from the receiving of the telemetry data. In this context, it is desired to not assume there is a bidirectional working path.
Overlay and Underlay Statistics
Different network deployments use tunneling mechanisms to create overlay or service-layer networks such as VXLAN-GPE, GRE, or LISP. Overlay networks do not offer the user of the overlay any insight into the underlay network. The path that a particular tunneled packet takes, or other operational details such as the per-hop delay/jitter in the underlay are not visible to the user of the overlay network, giving rise to diagnosis and debugging challenges in case of connectivity or performance issues. OAM tools like ping or traceroute can be used either at the overlay or at the underlay which means that the user of the overlay has typically no access to OAM in the underlay, unless specific operational procedures are put in place. With In-band OAM the operator of the underlay can offer details of the connectivity in the underlay to the user of the overlay. The operator of the egress tunnel router can choose to share the recorded information about the path with the user of the overlay.
Using coupled with mechanisms such as Segment Routing, overlay network and underlay network can be more tightly coupled. In these scenarios, the user of the overlay has detailed diagnostic information available in case of failure conditions. The user of the overlay can also use the path recording information as input to traffic steering or traffic engineering mechanisms, for example achieve path symmetry for the traffic between two endpoints.
SLA Verification
In-band OAM can help overlay-service users to verify if the negotiated SLAs for the real traffic are met by the underlay network provider. In-band OAM is different from solutions which rely on active probes to test an SLA and helps you to avoid wrong interpretations and cheating, which can happen if the probe traffic that is used to perform SLA-check is prioritized by the network provider of the underlay.
Analytics and Diagnostics
If you are a network planner or an operator, you can benefit from knowledge of the actual traffic distribution in your network. When deriving an overall network connectivity traffic matrix you typically need to correlate data gathered from each individual devices in the network. If the path of a packet is recorded while the packet is forwarded, the entire path that a packet took through the network is available to the egress system. This demands retrieving individual traffic statistics from every device in the network and correlate those statistics. You must also employ other mechanisms such as leveraging traffic engineering with null-bandwidth tunnels just to retrieve the appropriate statistics to generate the traffic matrix.
Using the individual path tracing options supported by In-band OAM for IPv6 feature, information is available at packet level granularity, rather than only at aggregate level, which is usually the case with IPFIX-style methods which employ flow-filters at the network elements. Data-center networks which use equal-cost multipath (ECMP) forwarding is an example where detailed statistics on flow distribution in the network are of high demand. If a network supports ECMP, one can create detailed statistics for the different paths packets take through the network at the egress system, without a need to correlate/aggregate statistics from every router in the system. When you use In-band OAM, transit devices are also off-loaded from the task of gathering packet statistics.
Proof of Transit
In-band OAM for IPv6 feature enables you to validate proof of transit. Several deployments use traffic engineering, policy routing, segment routing or Service Function Chaining (SFC) to steer packets through a specific set of nodes. In certain cases regulatory obligations or a compliance policy require to prove that all packets that are supposed to follow a specific path are indeed being forwarded across the exact set of nodes specified. If a packet flow is supposed to go through a series of service functions or network nodes, it has to be proven that all packets of the flow actually went through the service chain or collection of nodes specified by the policy. In case the packets of a flow weren't appropriately processed, a verification device would be required to identify the policy violation and take corresponding actions (e.g., drop or redirect the packet, send an alert etc.) corresponding to the policy. In today's deployments, the proof that a packet traversed a particular service chain is typically delivered in an indirect way.
Information About In-band OAM for IPv6
There are different mechanisms which add tracing information to the regular data traffic, also referred to as "in-band" or "passive OAM". In-band mechanisms can complement active, probe-based mechanisms such as ping or traceroute, which are considered as "out-of-band", because the messages are transported independently from regular data traffic. The In-band OAM for IPv6 feature enables you to add tracing information to your regular data traffic which can be used in getting different telemetry data about your network with minimal impact on network performance.
In-band OAM for IPv6 feature supports the following telemetry options:
Tracing
Proof of Transit
You can use In-band OAM data which is added to every packet for achieving or verifying Proof Of Transit. The OAM data is updated at every hop or every required node and is used to verify whether a packet traversed all required nodes. When the verifier receives each packet, it can validate whether the packet traversed the service chain correctly. The OAM data is used to verify whether a packet traversed the nodes it is supposed to traverse.
Sequence Numbering
The In-band OAM for IPv6 feature supports traffic sequence numbering and analysis. You can select the traffic which should be analyzed using sequence numbering. A sequence number is inserted into the packet at the ingress edge of the domain and based on the sequence of numbers received at the egress edge of the domain, traffic loss/reorder/duplicate analysis is done. The ACL entries need to be specific to the flow if the analysis needs to be done on a per flow basis. The sequence number is inserted at the ingress edge router's option in the IPv6 HbyH extension header that matches each of the ACL line entry using the 'insert' option. The analysis is enabled using the 'analyze' option which retrieves the sequence numbers from the packets and analyses the traffic flow for lost/reordered/duplicate packets.
In-band OAM in a Network
-
Traffic Matrix: Derive the network traffic matrix which is the traffic for a given time interval between any two edge nodes of a given domain. Can be performed for all traffic or per QoS-class.
-
Flow Debugging: Discover which path(s) a particular set of traffic (identified by an n-tuple) takes in the network. Especially useful in case where the traffic is balanced across multiple paths, for example, link aggregation (LACP) and equal cost multi-pathing (ECMP).
-
Loss statistics per path: Retrieve loss statistics per flow and path in the network.
-
Path Heat Maps: Discover highly utilized links in the network.
-
Trend analysis on traffic patterns: Analyze the forwarding path for a specific set of traffic changes over time.
-
Network delay distribution: Show delay distribution across network by node or links. If enabled per application or a specific flow then the path taken with delay at each node is displayed.
-
Low-Power networks: Supports application level OAM information (e.g. battery charge level) into data traffic to avoid sending extra OAM traffic which results in an extra cost on the devices. Using the battery charge level as example, avoiding sending extra OAM packets just to communicate battery health can save battery on sensors.
-
Path Verification or Service Function Path Verification: Proof and verification of packets traversing check points in the network, where check points can be nodes in the network or service functions.
-
Geo-location Policy: Network policy implemented based on which path packets took. Example: Only if packets originated and stayed within the trading-floor department, access to specific applications or servers is granted.
Netflow Collector
The In-band OAM for IPv6 feature provides support for Flexible Net Flow (FNF). You can use In-band OAM for IPv6 feature to enable the FNF exporter on the router and can export In-band OAM data records to netflow collector.
A netflow template is a set of metadata that describes the data exported. This metadata helps the collector to derive the semantics of all fields received from exporter in data packet.
In-band OAM sends different sets of semantically grouped data and its relevant templates to netflow collector. Frequency of template export can be configured on the device. It is mandatory for the collector to receive the template along with data packet to understand the data field in data packets.
Netflow Collector Templates
This section provides information about different Netflow Collector Templates that can be used with In-band OAM for IPv6 feature:
Template: Node-Id - Node Name Mapping
The Node-Id - Node Name Mappings template is used to map node id to node name for visualization application integrated with the netflow collector.
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Field | Type | Offset | Size| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | iOAM my node-id | 38001 | 0 | 4 | | iOAM my node name | 38002 | 4 | 32 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-
Field: data to be exported
-
Type: ID of field used by collector to understand the meaning of field.
-
Offset: Position in netflow data packet
-
Size: Size of the field
Template: Sequence Numbering statistics
The Sequence Numbering statistics template is used to export statistics such as duplicate packets, reordered packets, lost packets as observed by an egress edge node in the In-band OAM domain.
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+--+-+-+-++-+ | Field | Type | Offset | Size | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-++-++ | ipv6 source address | 27 | 0 | 16 | | ipv6 destination address | 28 | 16 | 16 | | ipv6 source mask | 170 | 32 | 1 | | ipv6 destination mask | 169 | 33 | 1 | | iOAM my node-id | 38001 | 34 | 4 | | IOAM packet counter | 38005 | 38 | 4 | | IOAM lost packet counter | 38023 | 42 | 4 | | IOAM duplicate packet counter | 38024 | 46 | 4 | | IOAM reordered packet counter | 38025 | 50 | 4 | | IOAM highest PPC sequence number | 38026 | 54 | 4 | | IPv6 Protocol Field | 38028 | 58 | 2 | | start timestamp | 38003 | 62 | 4 | | end timestamp | 38004 | 66 | 4 | | transport source-port | 7 | 70 | 2 | | transport destination-port | 11 | 72 | 2 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Template: Aggregated Flow Statistics/Path-record
The Aggregated Flow Statistics/Path-record (tracing) template is used by In-band OAM to export path details taken by packets between source and destination. Path Map keeps the identification of node-id, ingress and egress interface.
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Field | Type | Offset | Size | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-++-+-++-+-+-+-+-+ | ipv6 source address | 27 | 0 | 16 | | ipv6 destination address | 28 | 16 | 16 | | iOAM my node-id | 38001 | 32 | 4 | | iOAM node1 id | 38032 | 36 | 4 | | iOAM node2 id | 38035 | 40 | 4 | | iOAM node3 id | 38038 | 44 | 4 | | iOAM node4 id | 38041 | 48 | 4 | | iOAM packet counter | 38005 | 52 | 4 | | iOAM byte count | 38006 | 56 | 4 | | start timestamp | 38003 | 60 | 4 | | end timestamp | 38004 | 64 | 4 | | transport source-port | 7 | 68 | 2 | | transport destination-port | 11 | 70 | 2 | | ipv6 protocol filed | 38028 | 72 | 2 | | iOAM number of nodes | 38031 | 74 | 2 | | iOAM Path Map | 38030 | 92 | 132 | | iOAM node1 in if id | 38033 | 76 | 2 | | iOAM node1 eif id | 38034 | 78 | 2 | | iOAM node2 in if id | 38036 | 80 | 2 | | iOAM node2 eif id | 38037 | 82 | 2 | | iOAM node3 in if id | 38039 | 84 | 2 | | iOAM node3 eif id | 38040 | 86 | 2 | | iOAM node4 in if id | 38042 | 88 | 2 | | iOAM node4 eif id | 38043 | 90 | 2 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-++-+-+-
Template: Service Chain Details
The Service Chain Details template provides proof of transit information.
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+ | Field | Type | Offset | Size | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-++-+-++-+-++-+ | iOAM my node-id | 38001 | 0 | 4 | | start timestamp | 38003 | 4 | 4 | | end timestamp | 38004 | 8 | 4 | | service chain id | 38045 | 12 | 4 | | success packet counter | 38046 | 16 | 4 | | failure packet counter | 38047 | 20 | 4 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-++-+
Restrictions for In-band OAM for IPv6
-
The In-band OAM for IPv6 profile configurations (ipv6 ioam profile) and service profile configurations (ipv6 ioam service-profile) are applied on per-interface basis. Multiple In-band OAM for IPv6 profiles or service profiles on the same interface is not supported.
-
The In-band OAM for IPv6 profiles and service profiles are linked with the ACL on a one-to-one basis. There is a one-to-one match between In-band OAM for IPv6 profile and its related service profile which is necessary for the In-band OAM for IPv6 configuration to work.
-
All generic ACL options are not supported, the supported ones are Source/Destination IP match and TCP/UDP Port match.
-
ECMP algorithm for the same destination, the path taken is different at any given time.
-
Flow export option with line rate traffic produces memory limitation.
-
The In-band OAM for IPv6 feature supports only IOS Proof of Transit with 32bit math calculation.
-
Reload with In-band OAM requires a reconfiguration of interface specific configurations.
Configuring In-band OAM for IPv6
Configuring In-band OAM for IPv6 Tracing (Single Path Verification)
Configuring Encap Node
1.
enable
2.
configure terminal
3.
ipv6 access-list
access-list-name
4.
permit host
source-ipv6-prefix / prefix-length
host
destination-ipv6-prefix / prefix-length
5.
exit
6.
ipv6 ioam profile
profile-name
7.
path-record match-flow
acl-name
encap/decap
8.
trace-type {N_IF_TS_APP |
N_IFS |
N_TS
|
N_APP |
N_TS_APP}
9.
trace-elts
number
10.
trace-tsp {0‐sec |
1‐milisec |
2‐microsec |
3‐nanosec}
11.
exit
12.
ipv6 ioam node-id
node-id
13.
ipv6 ioam
path‐record
14.
interface
gigabitethernet
card/spaslot/port.subinterface-number
15.
ipv6 ioam profile
profile-name
16.
exit
DETAILED STEPS
Configuring Intermediate Node
1.
enable
2.
configure terminal
3.
ipv6 ioam node-id
node-id
4.
ipv6 ioam path‐record
DETAILED STEPS
| Command or Action | Purpose | |||
|---|---|---|---|---|
| Step 1 |
enable
Example: Device> enable |
Enables privileged EXEC mode. | ||
| Step 2 | configure terminal
Example: Device# configure terminal |
Enters global configuration mode. | ||
| Step 3 | ipv6 ioam node-id
node-id
Example: Device(config)# ipv6 ioam node-id 2 |
Defines the node-id which will be sent in the In-band OAM data in the new E2E header.
| ||
| Step 4 | ipv6 ioam path‐record
Example: Device(config)# ipv6 ioam path-record |
Enables the In-band OAM process in a network node to start adding the node-data in the IPv6 traffic passing through the network node.
|
Configuring Decap Node
1.
enable
2.
configure terminal
3.
ipv6 access-list
access-list-name
4.
permit host
source-ipv6-prefix / prefix-length
host
destination-ipv6-prefix / prefix-length
5.
exit
6.
ipv6 ioam profile
profile-name
7.
path-record match-flow
acl-nameencap/decap
8.
exit
9.
ipv6 ioam node-id
node-id
10.
ipv6 ioam path‐record
11.
interface gigabitethernet
card/spaslot/port.subinterface-number
12.
ipv6 ioam profile
profile-name
13.
exit
14.
show ipv6 ioam
trace-profile
profile-name
DETAILED STEPS
| Command or Action | Purpose | |||
|---|---|---|---|---|
| Step 1 |
enable
Example: Device> enable |
Enables privileged EXEC mode. | ||
| Step 2 | configure terminal
Example: Device# configure terminal |
Enters global configuration mode. | ||
| Step 3 | ipv6 access-list
access-list-name
Example: Device(config)# ipv6 access-list acl_h1_h3 |
Defines an IPv6 access list. | ||
| Step 4 | permit host
source-ipv6-prefix / prefix-length
host
destination-ipv6-prefix / prefix-length
Example: Device(config-ipv6-acl)# permit host ::A:1:1:0:6 host ::A:1:1:0:17 |
Defines the source and destination IPv6 network to set permit conditions. | ||
| Step 5 | exit
Example: Device(config-ipv6-acl)# exit |
Exits IPv6 acl configuration mode and returns to global configuration mode. | ||
| Step 6 | ipv6 ioam profile
profile-name
Example: Device(config)# ipv6 ioam profile sc1 |
Defines IPv6 In-band OAM profile name. | ||
| Step 7 | path-record match-flow
acl-nameencap/decap
Example: Device(config-ioam-profile)# path-record match-flow acl_h1_h3 decap |
Enables path record option on decap node. | ||
| Step 8 | exit
Example: Device(config-ioam-profile)# exit |
Exits In-band OAM profile configuration mode and returns to global configuration mode. | ||
| Step 9 | ipv6 ioam node-id
node-id
Example: Device(config)# ipv6 ioam node-id 3 |
Defines the node-id which will be sent in the In-band OAM data in the new E2E header.
| ||
| Step 10 | ipv6 ioam path‐record
Example: Device(config)# ipv6 ioam path-record |
Enables the In-band OAM process in a network node to start adding the node-data in the IPv6 traffic passing through the network node.
| ||
| Step 11 | interface gigabitethernet
card/spaslot/port.subinterface-number
Example: Device(config)# int g0/3 |
Configures an interface and enters interface configuration mode. | ||
| Step 12 | ipv6 ioam profile
profile-name
Example: Device(config)# ipv6 ioam profile sc1 |
Defines IPv6 In-band OAM profile name. | ||
| Step 13 | exit
Example: Device(config)# exit |
Exits global configuration mode and returns to privileged EXEC mode. | ||
| Step 14 | show ipv6 ioam
trace-profile
profile-name
Example: Device(config)# show ipv6 ioam trace-profile sc1 Trace Record Information: Node 1: node id : 1, ingress if : 3, egress if : 4 Node 2: node id : 2, ingress if : 3, egress if : 4 Node 3: node id : 3, ingress if : 3, egress if : 5
|
Configuring In-band OAM for IPv6 Proof of Transit in a Small Network (Single Service Chain)
Configuring Encap Node
1.
enable
2.
configure terminal
3.
ipv6 access-list
access-list-name
4.
permit host
source-ipv6-prefix / prefix-length
host
destination-ipv6-prefix / prefix-length
5.
exit
6.
ipv6 ioam profile
profile-name
7.
service‐chaining
match‐flow
access-list-name {insert |
analyze}
8.
exit
9.
ipv6 ioam service-chaining
service-profile-name
10.
service-chain {insert |
analyze}
11.
prime-number
number
12.
secret-key
hexadecimal-value
13.
lpc
hexadecimal-value
14.
polynomial2
hexadecimal-value
15.
bits-in-random
integer-value
16.
exit
17.
ipv6 ioam node-id
node-id
18.
ipv6 ioam
path‐record
19.
interface
gigabitethernet
card/spaslot/port.subinterface-number
20.
ipv6 ioam profile
profile-name
21.
ipv6 ioam
service-profile
service-profile-name
22.
exit
DETAILED STEPS
| Command or Action | Purpose | |||
|---|---|---|---|---|
| Step 1 |
enable
Example: Device> enable |
Enables privileged EXEC mode. | ||
| Step 2 | configure terminal
Example: Device# configure terminal |
Enters global configuration mode. | ||
| Step 3 | ipv6 access-list
access-list-name
Example: Device(config)# ipv6 access-list acl_h1_h3 |
Defines an IPv6 access list. | ||
| Step 4 | permit host
source-ipv6-prefix / prefix-length
host
destination-ipv6-prefix / prefix-length
Example: Device(config-ipv6-acl)# permit host ::A:1:1:0:6 host ::A:1:1:0:17 |
Defines the source and destination IPv6 network to set permit conditions. | ||
| Step 5 | exit
Example: Device(config-ipv6-acl)# exit |
Exits IPv6 acl configuration mode and returns to global configuration mode. | ||
| Step 6 | ipv6 ioam profile
profile-name
Example: Device(config-ioam-profile)# ipv6 ioam profile sc1 |
Defines IPv6 In-band OAM profile name. | ||
| Step 7 | service‐chaining
match‐flow
access-list-name {insert |
analyze}
Example: Device(config-ioam-profile)# service-chaining match-flow acl_h1_h3 insert |
selects the acl and traffic for service chain validation.
| ||
| Step 8 | exit
Example: Device(config-ioam-profile)# exit |
Exits In-band OAM profile configuration mode and returns to global configuration mode. | ||
| Step 9 | ipv6 ioam service-chaining
service-profile-name
Example: Device(config)# ipv6 ioam service-chaining sf1 |
Speicifies the IPv6 In-band OAM service chaining profile name. | ||
| Step 10 | service-chain {insert |
analyze}
Example: Device(config-ioam-service-chaining)# service-chain insert |
Specifies whether the given node is encap or decap node.
| ||
| Step 11 | prime-number
number
Example: Device(config-ioam-service-chaining)# prime-number 61819 |
Specifies the prime number required to calculate the share key. The range is 1-2147483647.
| ||
| Step 12 | secret-key
hexadecimal-value
Example: Device(config-ioam-service-chaining)# secret-key 2878 |
Specifies the secret key that is shared among service chain nodes. The range is 0-FFFFFFFF. | ||
| Step 13 | lpc
hexadecimal-value
Example: Device(config-ioam-service-chaining)# lpc 6ddfd460 |
Specifies the value for lag range basis polynomial factor for constant. The range is 0-FFFFFFFF. | ||
| Step 14 | polynomial2
hexadecimal-value
Example: Device(config-ioam-service-chaining)# polynomial2 43259140 |
Specifies the value for polynomial pre computed split share. The range is 0-FFFFFFFF. | ||
| Step 15 | bits-in-random
integer-value
Example: Device(config-ioam-service-chaining)# bits-in-random 31 |
Specifies random number size. The range is 1-31. | ||
| Step 16 | exit
Example: Device(config-ioam-service-chaining)# exit |
Exits In-band OAM service chaining configuration mode and returns to global configuration mode. | ||
| Step 17 | ipv6 ioam node-id
node-id
Example: Device(config)# ipv6 ioam node-id 1 |
Defines the node-id which will be sent in the In-band OAM data in the new E2E header.
| ||
| Step 18 | ipv6 ioam
path‐record
Example: Device(config)# ipv6 ioam path-record |
Enables the In-band OAM process in a network node to start adding the node-data in the IPv6 traffic passing through the network node.
| ||
| Step 19 | interface
gigabitethernet
card/spaslot/port.subinterface-number
Example: Device(config)# int g0/2 |
Configures an interface and enters interface configuration mode. | ||
| Step 20 | ipv6 ioam profile
profile-name
Example: Device(config)# ipv6 ioam profile sc1 |
Defines IPv6 In-band OAM profile name. | ||
| Step 21 | ipv6 ioam
service-profile
service-profile-name
Example: Device(config-ioam-profile)# ipv6 ioam service-profile sf1 |
Defines IPv6 In-band OAM service profile name. | ||
| Step 22 | exit
Example: Device(config)# exit |
Exits interface configuration mode and returns to global configuration mode. |
Configuring Intermediate Node
1.
enable
2.
configure terminal
3.
ipv6 ioam service-chaining
service-profile-name
4.
lpc
hexadecimal-value
5.
prime-number
number
6.
secret-key
hexadecimal-value
7.
polynomial2
hexadecimal-value
8.
bits-in-random
integer-value
9.
exit
10.
ipv6 ioam node-id
node-id
11.
ipv6 ioam path‐record
12.
interface gigabitethernet
card/spaslot/port.subinterface-number
13.
ipv6 ioam
service-profile
service-profile-name
14.
exit
15.
interface
gigabitethernet
card/spaslot/port.subinterface-number
16.
ipv6 ioam
service-profile
service-profile-name
17.
exit
DETAILED STEPS
| Command or Action | Purpose | |||
|---|---|---|---|---|
| Step 1 |
enable
Example: Device> enable |
Enables privileged EXEC mode. | ||
| Step 2 | configure terminal
Example: Device# configure terminal |
Enters global configuration mode. | ||
| Step 3 | ipv6 ioam service-chaining
service-profile-name
Example: Device(config)# ipv6 ioam service-chaining sf1 |
Speicifies the IPv6 In-band OAM service chaining profile name. | ||
| Step 4 | lpc
hexadecimal-value
Example: Device(config-ioam-service-chaining)# lpc 1 |
Specifies the value for lag range basis polynomial factor for constant. The range is 0-FFFFFFFF. | ||
| Step 5 | prime-number
number
Example: Device(config-ioam-service-chaining)# prime-number 61819 |
Specifies the prime number required to calculate the share key. The range is 1-2147483647.
| ||
| Step 6 | secret-key
hexadecimal-value
Example: Device(config-ioam-service-chaining)# secret-key 8435 |
Specifies the secret key that is shared among service chain nodes. The range is 0-FFFFFFFF. | ||
| Step 7 | polynomial2
hexadecimal-value
Example: Device(config-ioam-service-chaining)# polynomial2 64b857ac |
Specifies the value for polynomial pre computed split share. The range is 0-FFFFFFFF. | ||
| Step 8 | bits-in-random
integer-value
Example: Device(config-ioam-service-chaining)# bits-in-random 31 |
Specifies random number size. The range is 1-31. | ||
| Step 9 | exit
Example: Device(config-ioam-service-chaining)# exit |
Exits In-band OAM service chaining configuration mode and returns to global configuration mode. | ||
| Step 10 | ipv6 ioam node-id
node-id
Example: Device(config)# ipv6 ioam node-id 2 |
Defines the node-id which will be sent in the In-band OAM data in the new E2E header.
| ||
| Step 11 | ipv6 ioam path‐record
Example: Device(config)# ipv6 ioam path-record |
Enables the In-band OAM process in a network node to start adding the node-data in the IPv6 traffic passing through the network node.
| ||
| Step 12 | interface gigabitethernet
card/spaslot/port.subinterface-number
Example: Device(config)# int g0/1 |
Configures an interface and enters interface configuration mode. | ||
| Step 13 | ipv6 ioam
service-profile
service-profile-name
Example: Device(config-if)# ipv6 ioam service-profile sf1 |
Defines IPv6 In-band OAM service profile name. | ||
| Step 14 | exit
Example: Device(config)# exit |
Exits interface configuration mode and returns to global configuration mode. | ||
| Step 15 | interface
gigabitethernet
card/spaslot/port.subinterface-number
Example: Device(config)# int g0/2 |
Configures an interface and enters interface configuration mode. | ||
| Step 16 | ipv6 ioam
service-profile
service-profile-name
Example: Device(config-if)# ipv6 ioam service-profile sf1 |
Defines IPv6 In-band OAM service profile name. | ||
| Step 17 | exit
Example: Device(config)# exit |
Exits interface configuration mode and returns to global configuration mode. |
Configuring Decap Node
1.
enable
2.
configure terminal
3.
ipv6 access-list
access-list-name
4.
permit host
source-ipv6-prefix / prefix-length
host
destination-ipv6-prefix / prefix-length
5.
exit
6.
ipv6 ioam profile
profile-name
7.
service‐chaining
match‐flow
access-list-name {insert |
analyze}
8.
exit
9.
ipv6 ioam service-chaining
service-profile-name
10.
service-chain {insert |
analyze}
11.
lpc
hexadecimal-value
12.
verifier-key
key-value
13.
polynomial2
hexadecimal-value
14.
prime-number
number
15.
secret-key
hexadecimal-value
16.
bits-in-random
integer-value
17.
exit
18.
ipv6 ioam node-id
node-id
19.
ipv6 ioam
path‐record
20.
interface
gigabitethernet
card/spaslot/port.subinterface-number
21.
ipv6 ioam
service-profile
service-profile-name
22.
exit
23.
interface
gigabitethernet
card/spaslot/port.subinterface-number
24.
ipv6 ioam
service-profile
service-profile-name
25.
exit
26.
show ipv6 ioam
service-profile
service-profile-name
DETAILED STEPS
| Command or Action | Purpose | |||
|---|---|---|---|---|
| Step 1 |
enable
Example: Device> enable |
Enables privileged EXEC mode. | ||
| Step 2 | configure terminal
Example: Device# configure terminal |
Enters global configuration mode. | ||
| Step 3 | ipv6 access-list
access-list-name
Example: Device(config)# ipv6 access-list acl_h1_h3 |
Defines an IPv6 access list. | ||
| Step 4 | permit host
source-ipv6-prefix / prefix-length
host
destination-ipv6-prefix / prefix-length
Example: Device(config-ipv6-acl)# permit host ::A:1:1:0:6 host ::A:1:1:0:17 |
Defines the source and destination IPv6 network to set permit conditions. | ||
| Step 5 | exit
Example: Device(config-ipv6-acl)# exit |
Exits IPv6 acl configuration mode and returns to global configuration mode. | ||
| Step 6 | ipv6 ioam profile
profile-name
Example: Device(config-ioam-profile)# ipv6 ioam profile sc1 |
Defines IPv6 In-band OAM profile name. | ||
| Step 7 | service‐chaining
match‐flow
access-list-name {insert |
analyze}
Example: Device(config-ioam-profile)# service-chaining match-flow acl_h1_h3 analyze |
Selects the ACL and traffic for service chain validation. | ||
| Step 8 | exit
Example: Device(config-ioam-profile)# exit |
Exits In-band OAM profile configuration mode and returns to global configuration mode. | ||
| Step 9 | ipv6 ioam service-chaining
service-profile-name
Example: Device(config)# ipv6 ioam service-chaining sf1 |
Specifies the IPv6 In-band OAM service chaining profile name. | ||
| Step 10 | service-chain {insert |
analyze}
Example: Device(config-ioam-service-chaining)# service-chain insert |
Specifies whether the given node is encap or decap node.
| ||
| Step 11 | lpc
hexadecimal-value
Example: Device(config-ioam-service-chaining)# lpc 3 |
Specifies the value for lag range basis polynomial factor for constant. The range is 0-FFFFFFFF. | ||
| Step 12 | verifier-key
key-value
Example: Device(config-ioam-service-chaining)# verifier-key 42520 |
Specifies a key for service chain verifier. | ||
| Step 13 | polynomial2
hexadecimal-value
Example: Device(config-ioam-service-chaining)# polynomial2 2192c95c |
Specifies the value for polynomial pre computed split share. The range is 0-FFFFFFFF. | ||
| Step 14 | prime-number
number
Example: Device(config-ioam-service-chaining)# prime-number 61819 |
Specifies the prime number required to calculate the share key. The range is 1-2147483647.
| ||
| Step 15 | secret-key
hexadecimal-value
Example: Device(config-ioam-service-chaining)# secret-key BE29 |
Specifies the secret key that is shared among service chain nodes. The range is 0-FFFFFFFF. | ||
| Step 16 | bits-in-random
integer-value
Example: Device(config-ioam-service-chaining)# bits-in-random 31 |
Specifies random number size. The range is 1-31. | ||
| Step 17 | exit
Example: Device(config)# exit |
Exits configuration mode and returns to global configuration mode. | ||
| Step 18 | ipv6 ioam node-id
node-id
Example: Device(config)# ipv6 ioam node-id 3 |
Defines the node-id which will be sent in the In-band OAM data in the new E2E header.
| ||
| Step 19 | ipv6 ioam
path‐record
Example: Device(config)# ipv6 ioam path-record |
Enables the In-band OAM process in a network node to start adding the node-data in the IPv6 traffic passing through the network node.
| ||
| Step 20 | interface
gigabitethernet
card/spaslot/port.subinterface-number
Example: Device(config)# int g0/1 |
Configures an interface and enters interface configuration mode. | ||
| Step 21 | ipv6 ioam
service-profile
service-profile-name
Example: Device(config-if)# ipv6 ioam service-profile sf1 |
Assigns the IPv6 In-band OAM service profile to the interface. | ||
| Step 22 | exit
Example: Device(config)# exit |
Exits interface configuration mode and returns to global configuration mode. | ||
| Step 23 | interface
gigabitethernet
card/spaslot/port.subinterface-number
Example: Device(config)# int g0/2 |
Configures an interface and enters interface configuration mode. | ||
| Step 24 | ipv6 ioam
service-profile
service-profile-name
Example: Device(config-if)# ipv6 ioam service-profile sf1 |
Assigns the IPv6 In-band OAM service profile to the interface. | ||
| Step 25 | exit
Example: Device(config)# exit |
Exits interface configuration mode and returns to global configuration mode. | ||
| Step 26 | show ipv6 ioam
service-profile
service-profile-name
Example: Device(config)# show ipv6 ioam service-profile sf1
Service Function Chaining Statistics:
SFC Validation Success count : 5
SFC Validation Failure count : 0
|
Configuring In-band OAM for IPv6 Sequence Numbering
Configuring Encap Node
1.
enable
2.
configure terminal
3.
ipv6 access-list
access-list-name
4.
permit host
source-ipv6-prefix / prefix-length
host
destination-ipv6-prefix / prefix-length
5.
exit
6.
ipv6 ioam profile
profile-name
7.
ppc match‐flow
access-list-name {insert |
analyze}
8.
exit
9.
ipv6 ioam node-id
node-id
10.
ipv6 ioam path‐record
11.
interface gigabitethernet
card/spaslot/port.subinterface-number
12.
ipv6 ioam profile
profile-name
13.
exit
DETAILED STEPS
| Command or Action | Purpose | |||
|---|---|---|---|---|
| Step 1 |
enable
Example: Device> enable |
Enables privileged EXEC mode. | ||
| Step 2 | configure terminal
Example: Device# configure terminal |
Enters global configuration mode. | ||
| Step 3 | ipv6 access-list
access-list-name
Example: Device(config)# ipv6 access-list acl_h1_h3 |
Defines an IPv6 access list. | ||
| Step 4 | permit host
source-ipv6-prefix / prefix-length
host
destination-ipv6-prefix / prefix-length
Example: Device(config-ipv6-acl)# permit host ::A:1:1:0:6 host ::A:1:1:0:17 |
Defines the source and destination IPv6 network to set permit conditions. | ||
| Step 5 | exit
Example: Device(config-ipv6-acl)# exit |
Exits IPv6 ACL configuration mode and returns to global configuration mode. | ||
| Step 6 | ipv6 ioam profile
profile-name
Example: Device(config)# ipv6 ioam profile sc1 |
Defines IPv6 In-band OAM profile name. | ||
| Step 7 | ppc match‐flow
access-list-name {insert |
analyze}
Example: Device(config-ioam-profile)# ppc match-flow acl_h1_h3 insert |
Inserts path packet counter relevant details in E2E header that matches each of the ACL line entry.
| ||
| Step 8 | exit
Example: Device(config-ioam-profile)# exit |
Exits IPv6 ACL configuration mode and returns to global configuration mode. | ||
| Step 9 | ipv6 ioam node-id
node-id
Example: Device(config)# ipv6 ioam node-id 3 |
Defines the node-id which will be sent in the In-band OAM data in the new E2E header.
| ||
| Step 10 | ipv6 ioam path‐record
Example: Device(config)# ipv6 ioam path-record |
Enables the In-band OAM process in a network node to start adding the node-data in the IPv6 traffic passing through the network node.
| ||
| Step 11 | interface gigabitethernet
card/spaslot/port.subinterface-number
Example: Device(config)# int g0/2 |
Configures an interface and enters interface configuration mode. | ||
| Step 12 | ipv6 ioam profile
profile-name
Example: Device(config)# ipv6 ioam profile sc1 |
Defines IPv6 In-band OAM profile name. | ||
| Step 13 | exit
Example: Device(config)# exit |
Exits global configuration mode and returns to privileged EXEC mode. |
Configuring Decap Node
1.
enable
2.
configure terminal
3.
ipv6 access-list
access-list-name
4.
permit host
source-ipv6-prefix / prefix-length
host
destination-ipv6-prefix / prefix-length
5.
exit
6.
ipv6 ioam profile
profile-name
7.
ppc match‐flow
access-list-name {insert |
analyze}
8.
collect ppc
9.
exit
10.
ipv6 ioam node-id
node-id
11.
ipv6 ioam path‐record
12.
interface gigabitethernet
card/spaslot/port.subinterface-number
13.
ipv6 ioam profile
profile-name
14.
exit
15.
show ipv6 ioam
path-packet-counter
DETAILED STEPS
| Command or Action | Purpose | |||
|---|---|---|---|---|
| Step 1 |
enable
Example: Device> enable |
Enables privileged EXEC mode. | ||
| Step 2 | configure terminal
Example: Device# configure terminal |
Enters global configuration mode. | ||
| Step 3 | ipv6 access-list
access-list-name
Example: Device(config)# ipv6 access-list acl_h1_h3 |
Defines an IPv6 access list. | ||
| Step 4 | permit host
source-ipv6-prefix / prefix-length
host
destination-ipv6-prefix / prefix-length
Example: Device(config-ipv6-acl)# permit host ::A:1:1:0:6 host ::A:1:1:0:17 |
Defines the source and destination IPv6 network to set permit conditions. | ||
| Step 5 | exit
Example: Device(config-ipv6-acl)# exit |
Exits IPv6 ACL configuration mode and returns to global configuration mode. | ||
| Step 6 | ipv6 ioam profile
profile-name
Example: Device(config)# ipv6 ioam profile sc1 |
Defines IPv6 In-band OAM profile name. | ||
| Step 7 | ppc match‐flow
access-list-name {insert |
analyze}
Example: Device(config-ioam-profile)# ppc match-flow acl_h1_h3 analyze |
Retrieves path packet counter keys and performs validation. | ||
| Step 8 | collect ppc
Example: Device(config-ioam-profile)# collect ppc |
Collects path packet counter information for configured access-list in In-band OAM profile. | ||
| Step 9 | exit
Example: Device(config-ioam-profile)# exit |
Exits IPv6 ACL configuration mode and returns to global configuration mode. | ||
| Step 10 | ipv6 ioam node-id
node-id
Example: Device(config)# ipv6 ioam node-id 3 |
Defines the node-id which will be sent in the In-band OAM data in the new E2E header.
| ||
| Step 11 | ipv6 ioam path‐record
Example: Device(config)# ipv6 ioam path-record |
Enables the In-band OAM process in a network node to start adding the node-data in the IPv6 traffic passing through the network node.
| ||
| Step 12 | interface gigabitethernet
card/spaslot/port.subinterface-number
Example: Device(config)# int g0/3 |
Configures an interface and enters interface configuration mode. | ||
| Step 13 | ipv6 ioam profile
profile-name
Example: Device(config)# ipv6 ioam profile sc1 |
Defines IPv6 In-band OAM profile name. | ||
| Step 14 | exit
Example: Device(config)# exit |
Exits global configuration mode and returns to privileged EXEC mode. | ||
| Step 15 | show ipv6 ioam
path-packet-counter
Example: Device(config)# Profile sc1: Path Packet Counter Enabled:
PPC analyze ACL : acl_h1_h1, refcount 1
1 permit ipv6 ::a:1:1:0:17/128 ::a:1:1:0:1f/128
Rx statistics:
Total Rx Packets 5 lost packets 0
Reordered packets 0 duplicate packets 0
Highest Seq Recvd 5
|
Enabling Netflow Collection/Export
For using the flexible netflow (FNF) module on the router, you should configure the destination address/protocol/port of the netflow collector where we would like to send/export the collected In-band OAM data.
1.
enable
2.
configure terminal
3.
flow exporter
flow-exporter-name
4.
destination {destination IPv4 address /
hostname |
destination IPv6 address / hostname}
5.
transport
udp
port-value
6.
exit
7.
ipv6 ioam fnf-exporter
flow-exporter-name
8.
ipv6 ioam collect traffic-statistics
9.
ipv6 ioam collect service-chaining match-flow
IPv6
access-list-name
10.
ipv6 ioam collect flow-debug-summary match-flow
IPv6
access-list-name
11.
ipv6 ioam collect ppc
12.
exit
DETAILED STEPS
| Command or Action | Purpose | |
|---|---|---|
| Step 1 |
enable
Example: Device> enable |
Enables privileged EXEC mode. |
| Step 2 | configure terminal
Example: Device# configure terminal |
Enters global configuration mode. |
| Step 3 | flow exporter
flow-exporter-name
Example: Device(config)# flow exporter ioam-exp |
Specifies flow exporter name. |
| Step 4 | destination {destination IPv4 address /
hostname |
destination IPv6 address / hostname}
Example: Device(config-flow-exporter)# destination 172.16.1.254 |
Specifies the source and destination IPv6 network to set permit conditions. |
| Step 5 | transport
udp
port-value
Example: Device(config-flow-exporter)# transport udp 2100 |
Specifies the transport protocol value. The range is 1-65535. |
| Step 6 | exit
Example: Device(config-flow-exporter)# exit |
Exits flow exporter configuration mode and returns to global configuration mode. |
| Step 7 | ipv6 ioam fnf-exporter
flow-exporter-name
Example: Device(config)# ipv6 ioam fnf-exporter ioam-exp |
Enable In-band OAM for IPv6 process to use the configured fnf exporter for sending all the collected data to netflow exporter. |
| Step 8 | ipv6 ioam collect traffic-statistics
Example: Device(config)# ipv6 ioam collect traffic-statistics |
Enables the In-band OAM process to start collecting the traffic statistics and periodically export/sent the same using FNF. |
| Step 9 | ipv6 ioam collect service-chaining match-flow
IPv6
access-list-name
Example: Device(config)# ipv6 ioam collect service-chaining match-flow acl_h1_h3 |
Specifies IPv6 access list name for match flow. |
| Step 10 | ipv6 ioam collect flow-debug-summary match-flow
IPv6
access-list-name
Example: Device(config)# ipv6 ioam collect flow-debug-summary match-flow acl_h1_h3 |
Enables the collection of path-record between source and destination based on the configured access-list. The collected path-records can be exported to netflow collector. |
| Step 11 | ipv6 ioam collect ppc
Example: Device(config)# ipv6 ioam collect ppc |
Collects path packet counter information for configured access-list in the In-band OAM profile. |
| Step 12 | exit
Example: Device(config)# exit |
Exits global configuration mode and returns to privileged EXEC configuration mode. |
Troubleshooting Tips
-
debug ipv6 ioam api- Enables the API level debugging for CLI related changes.
-
debug ipv6 ioam error- Enables the error debugs for troubleshooting any unexpected behavior.
-
debug ipv6 ioam event- Enables In-band OAM event debugging which can be used for enabling netflow update events debugging.
-
debug ipv6 ioam packet- Enables packet level debugging. 
Note
Enabling packet level debugging will dump part of every packet. It is recommended that this debug be used when the traffic load is less.
-
debug ipv6 ioam ppc- Enables debugs related to sequence numbering.
Use Cases for In-band OAM for IPv6
In-band OAM for IPv6 - Single Service Chain/Single Path Verification
You can use In-band OAM for IPv6 for service chain networks with multiple hosts and encap and decap nodes.
The figure below illustrates an In-band OAM for IPv6 Single Service Chain/Single Path Verification topology with two In-band OAM for IPv6 hosts, an encap node, a decap node and an intermediate node.
The following In-band OAM for IPv6 Single Service Chain/Single Path Verification configuration consists of three hosts, an encap node, a decap node, and an intermediate node:
enable configure terminal ipv6 access-list acl_h1_h3 permit host ::A:1:1:0:6host ::A:1:1:0:17 exit ipv6 ioam profile sc1 service-chaining match-flow acl_h1_h3 insert path-record match-flow acl_h1_h3 encap ppc match-flow acl_h1_h3 insert trace-type N_IF_TS_APP trace-elts 3 trace-tsp 2 exit ipv6 ioam service-chaining sf1 service-chain insert prime-number 61819 secret-key 2878 lpc 6ddfd460 polynomial2 43259140 bits-in-random 31 exit ipv6 ioam node-id 1 ipv6 ioam path-record int g0/2 ipv6 ioam profile sc1 ipv6 ioam service-profile sf1 end
enable configure terminal ipv6 ioam service-chaining sf1 lpc 1 prime-number 6ddfd463 secret-key f258fe6 polynomial2 64b857ac bits-in-random 31 exit ipv6 ioam node-id 2 ipv6 ioam path-record int g0/1 ipv6 ioam service-profile sf1 exit int g0/2 ipv6 ioam service-profile sf1
enable
configure terminal
ipv6 access-list acl_h1_h3
permit host ::A:1:1:0:6 host ::A:1:1:0:17
exit
ipv6 ioam profile sc1
service-chaining match-flow acl_h1_h3 analyze
path-record match-flow acl_h1_h3 decap
ppc match-flow acl_h1_h3 analyze
collect ppc
exit
ipv6 ioam service-chaining sf1
service-chain analyze
lpc 3
verifier-key de0598
polynomial2 2192c95c
prime-number 6ddfd463
secret-key 4371091d
bits-in-random 31
exit
ipv6 ioam node-id 3
ipv6 ioam path-record
int g0/1
ipv6 ioam service-profile sf1
exit
int g0/3
ipv6 ioam profile sc1
ipv6 ioam service-profile sf1
exit
In-band OAM for IPv6 - Multiple Service Chain/Multiple Path Verification
You can use In-band OAM for IPv6 for Multiple Service Chain/Multiple Path Verification with multiple In-band OAM for IPv6 domains and different intermediate nodes.
The figure below illustrates In-band OAM for IPv6 Multiple Service Chain/Multiple Path Verification deployment having two In-band OAM for IPv6 domains.
The following In-band OAM for IPv6 Multiple Service Chain/Multiple Path Verification configuration consists of three hosts, an encap node, a decap node, and two intermediate nodes forming the upper node (domain 1) and lower node (domain 2):
enable configure terminal ipv6 access-list acl_h1_h3 permit host ::A:1:1:0:6 host ::A:1:1:0:17 exit ipv6 ioam profile sc1 service-chaining match-flow acl_h1_h3 insert path-record match-flow acl_h1_h3 encap ppc match-flow acl_h1_h3 insert trace-type N_IF_TS_APP trace-elts 3 trace-tsp 2 exit ipv6 ioam service-chaining sf1 service-chain insert prime-number 6ddfd463 secret-key 23939b16 lpc 6ddfd460 polynomial2 43259140 bits-in-random 31 exit ipv6 access-list acl_h1_h6 permit host ::A:1:1:0:6 host ::A:1:1:0:1F exit ipv6 ioam profile sc2 service-chaining match-flow acl_h1_h6 insert path-record match-flow acl_h1_h6 encap ppc match-flow acl_h1_h6 insert trace-type N_IF_TS_APP trace-elts 3 trace-tsp 2 exit ipv6 ioam service-chaining sf2 service-chain insert prime-number7f13d66d secret-key 28bacfd2 lpc 3 polynomial2 21a17f97 bits-in-random 31 exit ipv6 ioam node-id 1 ipv6 ioam path-record int g0/2 ipv6 ioam profile sc1 ipv6 ioam service-profile sf1 exit int g0/3 ipv6 ioam profile sc2 ipv6 ioam service-profile sf2
enable conf t ipv6 ioam service-chaining sf1 lpc 1 prime-number 6ddfd463 secret-key f258fe6 polynomial2 64b857ac bits-in-random 31 exit ipv6 ioam node-id 2 ipv6 ioam path-record int g0/1 ipv6 ioam service-profile sf1 exit int g0/2 ipv6 ioam service-profile sf1
enable conf t ipv6 access-list acl_h1_h3 permit host ::A:1:1:0:6 host ::A:1:1:0:17 exit ipv6 ioam profile sc1 service-chaining match-flow acl_h1_h3 analyze path-record match-flow acl_h1_h3 decap ppc match-flow acl_h1_h3 analyze collect ppc exit ipv6 ioam service-chaining sf1 service-chain analyze lpc 3 verifier-key de0598 polynomial2 2192c95c prime-number 6ddfd463 secret-key 4371091d bits-in-random 31 exit ipv6 access-list acl_h1_h6 permit host ::A:1:1:0:6 host ::A:1:1:0:1F exit ipv6 ioam profile sc2 service-chaining match-flow acl_h1_h6 analyze path-record match-flow acl_h1_h6 decap ppc match-flow acl_h1_h6 analyze collect ppc exit ipv6 ioam service-chaining sf2 service-chain analyze lpc 7f13d66a verifier-key 1c53f3e5 polynomial2 3af0f2c0 prime-number 7f13d66d secret-key 4def63a1 bits-in-random 31 exit ipv6 ioam node-id 3 ipv6 ioam path-record int g0/1 ipv6 ioam service-profile sf1 exit int g0/2 ipv6 ioam service-profile sf2 exit int g0/3 ipv6 ioam profile sc1 ipv6 ioam service-profile sf1 exitexit int g0/4 ipv6 ioam profile sc2 ipv6 ioam service-profile sf2 end
enable conf t ipv6 ioam service-chaining sf2 lpc 1 prime-number 7f13d66d secret-key ddd8e5 polynomial2 4bee597b bits-in-random 31 exit ipv6 ioam node-id 4 ipv6 ioam path-record int g0/1 ipv6 ioam service-profile sf2 exit int g0/2 ipv6 ioam service-profile sf2
Additional References for In-band OAM for IPv6
Related Documents
|
Related Topic |
Document Title |
|---|---|
|
Cisco IOS commands |
Standards and RFCs
|
Standard/RFC |
Title |
|---|---|
|
Requirements for In-band OAM |
draft-brockners-inband-oam-requirements-01 |
|
Proof of Transit |
draft-brockners-proof-of-transit-01 |
|
Data Formats for In-band OAM |
draft-brockners-inband-oam-data-01 |
|
Encapsulations for In-band OAM Data |
draft-brockners-inband-oam-transport-01 |
Technical Assistance
|
Description |
Link |
|---|---|
|
The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password. |
Feature Information for In-band OAM for IPv6
The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.|
Feature Name |
Releases |
Feature Configuration Information |
|---|---|---|
|
In-band OAM for IPv6 |
15.6(3)M |
The In-band OAM for IPv6 feature supports "in-band" operation, administration, and maintenance (iOAM) for IPv6 which provides advanced options for recording OAM information in an IPv6 packet during its traversal through a particular network domain. The following commands were introduced: ipv6 ioam profile,service-chaining match-flow. |
Feedback