A YANG Data Model for In Situ Operations, Administration, and Maintenance (IOAM) Integrity Protected Options

In Situ Operations, Administration, and Maintenance (IOAM) is an example of an on-path hybrid measurement method. IOAM defines a method for producing operational and telemetry information that may be exported using the in-band or out-of-band method. defines IOAM Options with integrity protection, also called Integrity Protected Options. This document defines a data model for the configuration of these Integirty Protected Options using the YANG data modeling language. This YANG data model supports four IOAM Integrity Protected Options, which are as follows:

Integrity Protected Incremental Trace-Option
Integrity Protected Pre-allocated Trace-Option
Integrity Protected Proof of Transit (POT) Option
Integrity Protected Edge-to-Edge (E2E) Option

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here.

Abbreviations used in this document:

OAM:: Operations, Administration, and Maintenance
IOAM:: In Situ OAM
POT:: Proof of Transit
E2E:: Edge to Edge

The following terms are defined in and are used in this specification:

augment
data model
data node

The terminology for describing YANG data models is found in .

Tree diagrams used in this document follow the notation defined in .

The IOAM Integrity model is organized as a list of profiles, as shown in the following figure. This document uses the "ietf-ioam" YANG module and augments its definition of a profile. The supported profiles are indicated by four defined features, i.e., "int-incremental-trace", "int-preallocated-trace", "int-proof-of-transit", and "int-edge-to-edge". The YANG data model in this document conforms to the Network Management Datastore Architecture (NMDA) defined in .

The "int-preallocated-tracing-profile" parameter contains the detailed information for the pre-allocated tracing data with integrity protection. This information is the same as for the Pre-allocated Tracing Profile; see , Sec. 3.2. This information also includes:

int-method:: indicates which Integrity Protection Method is used.

The "int-incremental-tracing-profile" parameter contains the detailed information for the incremental tracing data with integrity protection. This information is the same as for the Integrity Protected Pre-allocated Tracing Profile; see .

The "int-pot-profile" parameter is intended to contain the detailed information for the proof of transit data with integrity protection. This information is the same as for the Proof of Transit Profile; see , Sec. 3.5. This information also includes:

node-action:: the same semantic as provided in .
int-method:: the same semantic as provided in .

The "int-e2e-profile" parameter contains the detailed information for the edge-to-edge data with integrity protection. This information is the same as for the Edge-to-Edge Profile; see , Sec. 3.6. This information also includes:

int-method:: the same semantic as provided in .

The "ietf-ioam-integrity" module defined in this document imports the "ietf-ioam" module defined in . This document also references . WG List: Author: Tianran Zhou Author: Justin Iurman "; description "This YANG module specifies a vendor-independent data model for In Situ Operations, Administration, and Maintenance (IOAM) Integrity Protected Options. The key words 'MUST', 'MUST NOT', 'REQUIRED', 'SHALL', 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this document are to be interpreted as described in BCP 14 (RFC 2119) (RFC 8174) when, and only when, they appear in all capitals, as shown here. Copyright (c) 2025 IETF Trust and the persons identified as authors of the code. All rights reserved. Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Revised BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info). This version of this YANG module is part of RFC XXXX; see the RFC itself for full legal notices."; revision 2024-08-31 { description "Initial revision."; reference "RFC XXXX: A YANG Data Model for In Situ Operations, Administration, and Maintenance (IOAM) Integrity Protected Options"; } /* * FEATURES */ feature int-incremental-trace { description "This feature indicates that the Integrity Protected Incremental Trace-Option is supported."; reference "RFC YYYY: Integrity Protection of In Situ Operations, Administration, and Maintenance (IOAM) Data Fields"; } feature int-preallocated-trace { description "This feature indicates that the Integrity Protected Pre-allocated Trace-Option is supported."; reference "RFC YYYY: Integrity Protection of In Situ Operations, Administration, and Maintenance (IOAM) Data Fields"; } feature int-proof-of-transit { description "This feature indicates that the Integrity Protected Proof of Transit Option is supported."; reference "RFC YYYY: Integrity Protection of In Situ Operations, Administration, and Maintenance (IOAM) Data Fields"; } feature int-edge-to-edge { description "This feature indicates that the Integrity Protected Edge-to-Edge Option is supported."; reference "RFC YYYY: Integrity Protection of In Situ Operations, Administration, and Maintenance (IOAM) Data Fields"; } /* * IDENTITIES */ identity method { description "Base identity to represent the Integrity Protection Method."; } identity method-1 { base method; description "The Integrity Protection Method 1 uses AES-GMAC with a 12-byte Nonce and a 16-byte ICV."; reference "RFC YYYY: Integrity Protection of In Situ Operations, Administration, and Maintenance (IOAM) Data Fields"; } /* * TYPE DEFINITIONS */ typedef method-type { type identityref { base method; } description "It specifies the Integrity Protection Method."; } /* * DATA NODES */ augment "/ioam:ioam/ioam:profiles/ioam:profile" { description "This augmentation adds 4 profiles for the Integrity Protected Options."; container int-incremental-tracing-profile { if-feature "int-incremental-trace"; presence "Enables the Integrity Protected Incremental Trace-Option."; description "This container describes the profile for the Integrity Protected Incremental Trace-Option."; uses ioam:ioam-incremental-tracing-profile; leaf int-method { when "derived-from-or-self(../node-action, 'ioam:action-encapsulate')"; type method-type; default "method-1"; description "This object indicates the Integrity Protection Method for this profile."; } } container int-preallocated-tracing-profile { if-feature "int-preallocated-trace"; presence "Enables the Integrity Protected Pre-allocated Trace-Option."; description "This container describes the profile for the Integrity Protected Pre-allocated Trace-Option."; uses ioam:ioam-preallocated-tracing-profile; leaf int-method { when "derived-from-or-self(../node-action, 'ioam:action-encapsulate')"; type method-type; default "method-1"; description "This object indicates the Integrity Protection Method for this profile."; } } container int-pot-profile { if-feature "int-proof-of-transit"; presence "Enables the Integrity Protected Proof of Transit Option."; description "This container describes the profile for the Integrity Protected Proof of Transit Option."; leaf use-namespace { type ioam:ioam-namespace; default "ioam:default-namespace"; description "This object indicates the namespace used for the POT types."; } leaf pot-type { type ioam:ioam-pot-type; description "The type of a particular POT variant that specifies the POT data that is included."; } leaf node-action { type ioam:ioam-node-action; default "ioam:action-transit"; description "This object indicates the action the node needs to take, e.g., encapsulation."; } leaf int-method { when "derived-from-or-self(../node-action, 'ioam:action-encapsulate')"; type method-type; default "method-1"; description "This object indicates the Integrity Protection Method for this profile."; } } container int-e2e-profile { if-feature "int-edge-to-edge"; presence "Enables the Integrity Protected Edge-to-Edge Option."; description "This container describes the profile for the Integrity Protected Edge-to-Edge Option."; uses ioam:ioam-e2e-profile; leaf int-method { when "derived-from-or-self(../node-action, 'ioam:action-encapsulate')"; type method-type; default "method-1"; description "This object indicates the Integrity Protection Method for this profile."; } } } } ]]>

Security considerations listed in also apply here. This document does not introduce new security considerations.

RFC Ed.: In this section and in , please replace all occurrences of 'XXXX' with the actual RFC number. Also in , please replace all occurrences of 'YYYY' with the actual RFC number of (and remove this note). IANA is requested to assign a new URI from the "IETF XML Registry" . The following URI is suggested:

URI:: urn:ietf:params:xml:ns:yang:ietf-ioam-integrity
Registrant Contact:: The IESG.
XML:: N/A; the requested URI is an XML namespace.

This document also requests a new YANG module name in the "YANG Module Names" registry with the following suggestion:

Name:: ietf-ioam-integrity
Namespace:: urn:ietf:params:xml:ns:yang:ietf-ioam-integrity
Prefix:: ioam-int
Reference:: RFC XXXX

TBD