draft-ietf-ippm-stamp-02.txt   draft-ietf-ippm-stamp-03.txt 
Network Working Group G. Mirsky Network Working Group G. Mirsky
Internet-Draft ZTE Corp. Internet-Draft ZTE Corp.
Intended status: Standards Track G. Jun Intended status: Standards Track G. Jun
Expires: March 10, 2019 ZTE Corporation Expires: April 18, 2019 ZTE Corporation
H. Nydell H. Nydell
Accedian Networks Accedian Networks
R. Foote R. Foote
Nokia Nokia
September 6, 2018 October 15, 2018
Simple Two-way Active Measurement Protocol Simple Two-way Active Measurement Protocol
draft-ietf-ippm-stamp-02 draft-ietf-ippm-stamp-03
Abstract Abstract
This document describes a Simple Two-way Active Measurement Protocol This document describes a Simple Two-way Active Measurement Protocol
which enables measurement of both one-way and round-trip performance which enables measurement of both one-way and round-trip performance
metrics like delay, delay variation, and packet loss. metrics like delay, delay variation, and packet loss.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
skipping to change at page 1, line 37 skipping to change at page 1, line 37
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on March 10, 2019. This Internet-Draft will expire on April 18, 2019.
Copyright Notice Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 25 skipping to change at page 2, line 25
4. Theory of Operation . . . . . . . . . . . . . . . . . . . . . 4 4. Theory of Operation . . . . . . . . . . . . . . . . . . . . . 4
4.1. Session-Sender Behavior and Packet Format . . . . . . . . 4 4.1. Session-Sender Behavior and Packet Format . . . . . . . . 4
4.1.1. Session-Sender Packet Format in Unauthenticated Mode 4 4.1.1. Session-Sender Packet Format in Unauthenticated Mode 4
4.1.2. Session-Sender Packet Format in Authenticated and 4.1.2. Session-Sender Packet Format in Authenticated and
Encrypted Modes . . . . . . . . . . . . . . . . . . . 7 Encrypted Modes . . . . . . . . . . . . . . . . . . . 7
4.2. Session-Reflector Behavior and Packet Format . . . . . . 8 4.2. Session-Reflector Behavior and Packet Format . . . . . . 8
4.2.1. Session-Reflector Packet Format in Unauthenticated 4.2.1. Session-Reflector Packet Format in Unauthenticated
Mode . . . . . . . . . . . . . . . . . . . . . . . . 9 Mode . . . . . . . . . . . . . . . . . . . . . . . . 9
4.2.2. Session-Reflector Packet Format in Authenticated and 4.2.2. Session-Reflector Packet Format in Authenticated and
Encrypted Modes . . . . . . . . . . . . . . . . . . . 10 Encrypted Modes . . . . . . . . . . . . . . . . . . . 10
4.3. Interoperability with TWAMP Light . . . . . . . . . . . . 12 4.3. Authentication and Encryption Operations on STAMP Packets 12
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12 4.4. Interoperability with TWAMP Light . . . . . . . . . . . . 12
6. Security Considerations . . . . . . . . . . . . . . . . . . . 12 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13
7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 12 6. Security Considerations . . . . . . . . . . . . . . . . . . . 13
7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 13
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 13 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 13
8.1. Normative References . . . . . . . . . . . . . . . . . . 13 8.1. Normative References . . . . . . . . . . . . . . . . . . 13
8.2. Informative References . . . . . . . . . . . . . . . . . 14 8.2. Informative References . . . . . . . . . . . . . . . . . 14
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 14 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 14
1. Introduction 1. Introduction
Development and deployment of Two-Way Active Measurement Protocol Development and deployment of Two-Way Active Measurement Protocol
(TWAMP) [RFC5357] and its extensions, e.g., [RFC6038] that defined (TWAMP) [RFC5357] and its extensions, e.g., [RFC6038] that defined
features such as Reflect Octets and Symmetrical Size for TWAMP features such as Reflect Octets and Symmetrical Size for TWAMP
skipping to change at page 2, line 50 skipping to change at page 3, line 4
exist, have been deployed and provide important operational exist, have been deployed and provide important operational
performance measurements. At the same time, there has been performance measurements. At the same time, there has been
noticeable interest in using a simpler mechanism for active noticeable interest in using a simpler mechanism for active
performance monitoring that can provide deterministic behavior and performance monitoring that can provide deterministic behavior and
inherit separation of control (vendor-specific configuration or inherit separation of control (vendor-specific configuration or
orchestration) and test functions. One of such is Performance orchestration) and test functions. One of such is Performance
Measurement from IP Edge to Customer Equipment using TWAMP Light from Measurement from IP Edge to Customer Equipment using TWAMP Light from
Broadband Forum ([BBF.TR-390]). This document defines active Broadband Forum ([BBF.TR-390]). This document defines active
performance measurement test protocol, Simple Two-way Active performance measurement test protocol, Simple Two-way Active
Measurement Protocol (STAMP), that enables measurement of both one- Measurement Protocol (STAMP), that enables measurement of both one-
way and round-trip performance metrics like delay, delay variation way and round-trip performance metrics like delay, delay variation,
and packet loss. and packet loss.
2. Conventions used in this document 2. Conventions used in this document
2.1. Terminology 2.1. Terminology
AES Advanced Encryption Standard
CBC Cipher Block Chaining
ECB Electronic Cookbook
KEK Key-encryption Key
STAMP - Simple Two-way Active Measurement Protocol STAMP - Simple Two-way Active Measurement Protocol
NTP - Network Time Protocol NTP - Network Time Protocol
PTP - Precision Time Protocol PTP - Precision Time Protocol
HMAC Hashed Message Authentication Code HMAC Hashed Message Authentication Code
OWAMP One-Way Active Measurement Protocol OWAMP One-Way Active Measurement Protocol
skipping to change at page 6, line 31 skipping to change at page 6, line 31
or set value of the Z field in accordance with the timestamp or set value of the Z field in accordance with the timestamp
format in use. This optional field is to enhance operations, but format in use. This optional field is to enhance operations, but
local configuration or defaults could be used in its place. local configuration or defaults could be used in its place.
o Must-be-Zero (MBZ) field in the session-sender unauthenticated o Must-be-Zero (MBZ) field in the session-sender unauthenticated
packet is 27 octets long. It MUST be all zeroed on the packet is 27 octets long. It MUST be all zeroed on the
transmission and ignored on receipt. transmission and ignored on receipt.
o Server Octets field is two octets long field. It MUST follow the o Server Octets field is two octets long field. It MUST follow the
27 octets long MBZ field. The Reflect Octets capability defined 27 octets long MBZ field. The Reflect Octets capability defined
in [RFC6038]. The value in the Server Octets field equals to the in [RFC6038]. The value in the Server Octets field equals the
number of octets the Session-Reflector is expected to copy back to number of octets the Session-Reflector is expected to copy back to
the Session-Sender starting with the Server Octets field. Thus the Session-Sender starting with the Server Octets field. Thus
the minimal non-zero value for the Server Octets field is two. the minimal non-zero value for the Server Octets field is two.
Therefore, the value of one is invalid. If none of Payload to be Therefore, the value of one is invalid. If none of Payload to be
copied, the value of the Server Octets field MUST be set to zero copied, the value of the Server Octets field MUST be set to zero
on transmit. on transmit.
o Remaining Packet Padding is an optional field of variable length. o Remaining Packet Padding is an optional field of variable length.
The number of octets in the Remaining Packet Padding field is the The number of octets in the Remaining Packet Padding field is the
value of the Server Octets field less the length of the Server value of the Server Octets field less the length of the Server
skipping to change at page 8, line 7 skipping to change at page 8, line 7
| HMAC (16 octets) | | HMAC (16 octets) |
| | | |
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 4: STAMP Session-Sender test packet format in authenticated or Figure 4: STAMP Session-Sender test packet format in authenticated or
encrypted modes encrypted modes
The field definitions are the same as the unauthenticated mode, The field definitions are the same as the unauthenticated mode,
listed in Section 4.1.1. Also, Comp.MBZ field is variable length listed in Section 4.1.1. Also, Comp.MBZ field is variable length
filed to align the packet on 16 octets boundary. Also, the packet field to align the packet on 16 octets boundary. Also, the packet
includes a key-hashed message authentication code (HMAC) ([RFC2104]) includes a key-hashed message authentication code (HMAC) ([RFC2104])
hash at the end of the PDU. hash at the end of the PDU.
The STAMP Session-Sender-packet format (Figure 4) is the same in The STAMP Session-Sender-packet format (Figure 4) is the same in
authenticated and encrypted modes. The encryption and authentication authenticated and encrypted modes. The encryption and authentication
operations are, however, different and protect the data as follows: operations are, however, different and protect the data as follows:
in the authenticated mode the Sequence Number is protected while in the authenticated mode the Sequence Number is protected while
the Timestamp and the Error Estimate are sent in clear text; the Timestamp and the Error Estimate are sent in clear text;
skipping to change at page 8, line 45 skipping to change at page 8, line 45
o Stateless - STAMP Session-Reflector does not maintain test state o Stateless - STAMP Session-Reflector does not maintain test state
and will reflect the received sequence number without and will reflect the received sequence number without
modification. As a result, only round-trip packet loss can be modification. As a result, only round-trip packet loss can be
calculated while the reflector is operating in stateless mode. calculated while the reflector is operating in stateless mode.
o Stateful - STAMP Session-Reflector maintains test state thus o Stateful - STAMP Session-Reflector maintains test state thus
enabling the ability to determine forward loss, gaps recognized in enabling the ability to determine forward loss, gaps recognized in
the received sequence number. As a result, both near-end the received sequence number. As a result, both near-end
(forward) and far-end (backward) packet loss can be computed. (forward) and far-end (backward) packet loss can be computed.
This implies that the STAMP Session-Reflector MUST keep a state That implies that the STAMP Session-Reflector MUST keep a state
for each accepted STAMP-test session, uniquely identifying STAMP- for each accepted STAMP-test session, uniquely identifying STAMP-
test packets to one such session instance, and enabling adding a test packets to one such session instance, and enabling adding a
sequence number in the test reply that is individually incremented sequence number in the test reply that is individually incremented
on a per-session basis. on a per-session basis.
4.2.1. Session-Reflector Packet Format in Unauthenticated Mode 4.2.1. Session-Reflector Packet Format in Unauthenticated Mode
For unauthenticated mode: For unauthenticated mode:
0 1 2 3 0 1 2 3
skipping to change at page 10, line 20 skipping to change at page 10, line 20
long. The format of these fields, NTP or PTPv2, indicated by the long. The format of these fields, NTP or PTPv2, indicated by the
Z flag of the Error Estimate field as described in Section 4.1. Z flag of the Error Estimate field as described in Section 4.1.
o Error Estimate has the same size and interpretation as described o Error Estimate has the same size and interpretation as described
in Section 4.1. in Section 4.1.
o Session-Sender Sequence Number, Session-Sender Timestamp, and o Session-Sender Sequence Number, Session-Sender Timestamp, and
Session-Sender Error Estimate are copies of the corresponding Session-Sender Error Estimate are copies of the corresponding
fields in the STAMP test packet sent by the Session-Sender. fields in the STAMP test packet sent by the Session-Sender.
o Ses(sion)-Sender TTL is one octet long field, and its value is the o Session-Sender TTL is one octet long field, and its value is the
copy of the TTL field from the received STAMP test packet. copy of the TTL field from the received STAMP test packet.
o Packet Padding (reflected) is optional variable length field. The o Packet Padding (reflected) is an optional variable length field.
length of the Packet Padding (reflected) field MUST be equal to The length of the Packet Padding (reflected) field MUST be equal
the value of the Server Octets field (Figure 2). If the value is to the value of the Server Octets field (Figure 2). If the value
non-zero, the Session-Reflector copies octets starting with the is non-zero, the Session-Reflector copies octets starting with the
Server Octets field. Server Octets field.
o Comp.MBZ is variable length field used to achieve alignment on a o Comp.MBZ is variable length field used to achieve alignment on a
word boundary. Thus the length of Comp.MBZ field may be only 0, word boundary. Thus the length of Comp.MBZ field may be only 0,
1, 2 or 3 octets. The value of the field MUST be zeroed on 1, 2 or 3 octets. The value of the field MUST be zeroed on
transmission and ignored on receipt. transmission and ignored on receipt.
4.2.2. Session-Reflector Packet Format in Authenticated and Encrypted 4.2.2. Session-Reflector Packet Format in Authenticated and Encrypted
Modes Modes
skipping to change at page 11, line 47 skipping to change at page 11, line 47
| HMAC (16 octets) | | HMAC (16 octets) |
| | | |
| | | |
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 6: STAMP Session-Reflector test packet format in authenticated Figure 6: STAMP Session-Reflector test packet format in authenticated
or encrypted modes or encrypted modes
The field definitions are the same as the unauthenticated mode, The field definitions are the same as the unauthenticated mode,
listed in Section 4.2.1, and includes a key-hashed message listed in Section 4.2.1. Additionally, the packet MAY include
authentication code (HMAC) ([RFC2104]) hash at the end of the PDU. Comp.MBZ field is variable length field to align the packet on 16
octets boundary. Also, STAMP Session-Reflector test packet format in
authenticated or encrypted modes includes a key (HMAC) ([RFC2104])
hash at the end of the PDU.
4.3. Interoperability with TWAMP Light 4.3. Authentication and Encryption Operations on STAMP Packets
One of the important requirements to STAMP is the ability to STAMP uses a two-pronged approach to protect the confidentiality and
integrity of the measurement information. In authenticated and
encrypted modes each STAMP message is being authenticated by adding
Hashed Message Authentication Code (HMAC). STAMP uses HMAC-SHA1
truncated to 128 bits; hence the length of the HMAC field is 16
octets. HMAC uses its own key. Mechanism to distribute the HMAC key
is outside the scope of this specification. One example is to use an
orchestrator to configure HMAC key based on STAMP YANG data model
[I-D.ietf-ippm-stamp-yang]. HMAC MUST be verified as early as
possible to avoid using or propagating corrupted data.
In the authenticated mode only the first 16 octets block of the STAMP
test packet (Figure 6 and Figure 6) is encrypted using AES Electronic
Codebook (ECB) mode. In the encrypted mode, the whole STAMP test
packet excluding the HMAC field is encrypted. STAMP using AES-CBC
(Cipher Block Chaining) mode. Distribution and management of AES key
are outside the scope of this specification.
4.4. Interoperability with TWAMP Light
One of the essential requirements to STAMP is the ability to
interwork with TWAMP Light device. There are two possible interwork with TWAMP Light device. There are two possible
combinations for such use case: combinations for such use case:
o STAMP Session-Sender with TWAMP Light Session-Reflector; o STAMP Session-Sender with TWAMP Light Session-Reflector;
o TWAMP Light Session-Sender with STAMP Session-Reflector. o TWAMP Light Session-Sender with STAMP Session-Reflector.
In the former case, Session-Sender MAY not be aware that its Session- In the former case, Session-Sender MAY not be aware that its Session-
Reflector does not support STAMP. For example, TWAMP Light Session- Reflector does not support STAMP. For example, TWAMP Light Session-
Reflector may not support the use of UDP port 862 as defined in Reflector may not support the use of UDP port 862 as defined in
[I-D.ietf-ippm-port-twamp-test]. But because STAMP Session-Sender [I-D.ietf-ippm-port-twamp-test]. Thus STAMP Session-Sender MUST be
MUST be able to send test packets to destination UDP port number from able to send test packets to destination UDP port number from the
the Dynamic and/or Private Ports range 49152-65535, test management Dynamic and/or Private Ports range 49152-65535, test management
system should find port number that both devices can use. And if any system should find port number that both devices can use. And if any
of TLV-based STAMP extensions are used, the TWAMP Light Session- of TLV-based STAMP extensions are used, the TWAMP Light Session-
Reflector will view them as Packet Padding field. The Session-Sender Reflector will view them as Packet Padding field. The Session-Sender
SHOULD use the default format for its timestamps - NTP. And it MAY SHOULD use the default format for its timestamps - NTP. And it MAY
use PTPv2 timestamp format. use PTPv2 timestamp format.
In the latter scenario, the test management system should set STAMP In the latter scenario, the test management system should set STAMP
Session-Reflector to use UDP port number from the Dynamic and/or Session-Reflector to use UDP port number from the Dynamic and/or
Private Ports range. As for Packet Padding field that the TWAMP Private Ports range. As for Packet Padding field that the TWAMP
Light Session-Sender includes in its transmitted packet, the STAMP Light Session-Sender includes in its transmitted packet, the STAMP
skipping to change at page 13, line 15 skipping to change at page 13, line 34
8. References 8. References
8.1. Normative References 8.1. Normative References
[BBF.TR-390] [BBF.TR-390]
"Performance Measurement from IP Edge to Customer "Performance Measurement from IP Edge to Customer
Equipment using TWAMP Light", BBF TR-390, May 2017. Equipment using TWAMP Light", BBF TR-390, May 2017.
[I-D.ietf-ippm-port-twamp-test] [I-D.ietf-ippm-port-twamp-test]
Morton, A. and G. Mirsky, "OWAMP and TWAMP Well-Known Port Morton, A. and G. Mirsky, "OWAMP and TWAMP Well-Known Port
Assignments", draft-ietf-ippm-port-twamp-test-01 (work in Assignments", draft-ietf-ippm-port-twamp-test-02 (work in
progress), March 2018. progress), October 2018.
[IEEE.1588.2008] [IEEE.1588.2008]
"Standard for a Precision Clock Synchronization Protocol "Standard for a Precision Clock Synchronization Protocol
for Networked Measurement and Control Systems", for Networked Measurement and Control Systems",
IEEE Standard 1588, March 2008. IEEE Standard 1588, March 2008.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
skipping to change at page 14, line 12 skipping to change at page 14, line 31
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>. May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8186] Mirsky, G. and I. Meilik, "Support of the IEEE 1588 [RFC8186] Mirsky, G. and I. Meilik, "Support of the IEEE 1588
Timestamp Format in a Two-Way Active Measurement Protocol Timestamp Format in a Two-Way Active Measurement Protocol
(TWAMP)", RFC 8186, DOI 10.17487/RFC8186, June 2017, (TWAMP)", RFC 8186, DOI 10.17487/RFC8186, June 2017,
<https://www.rfc-editor.org/info/rfc8186>. <https://www.rfc-editor.org/info/rfc8186>.
8.2. Informative References 8.2. Informative References
[I-D.ietf-ippm-stamp-yang]
Mirsky, G., Xiao, M., and W. Luo, "Simple Two-way Active
Measurement Protocol (STAMP) Data Model", draft-ietf-ippm-
stamp-yang-02 (work in progress), September 2018.
[RFC2104] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed- [RFC2104] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed-
Hashing for Message Authentication", RFC 2104, Hashing for Message Authentication", RFC 2104,
DOI 10.17487/RFC2104, February 1997, DOI 10.17487/RFC2104, February 1997,
<https://www.rfc-editor.org/info/rfc2104>. <https://www.rfc-editor.org/info/rfc2104>.
Authors' Addresses Authors' Addresses
Greg Mirsky Greg Mirsky
ZTE Corp. ZTE Corp.
 End of changes. 18 change blocks. 
26 lines changed or deleted 63 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/