| Internet-Draft | Framework for IBBM | March 2022 |
| Ding | Expires 5 September 2022 | [Page] |
This document provides a definition of Internet Basic Behavior Measurement(IBBM) based on the Internet architecture and describes in detail the specifications to be followed for the metrics and measurement activities under IBBM, which are given in the form of elements. The main purpose of this document is to standardize the accurate meaning and expression of metrics obtained based on Internet behavioral measurement activities, to improve the worth of the measurement results.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 5 September 2022.¶
Copyright (c) 2022 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
This document constructs an extensible framework to regulate the metrics and measurement activities in the field of Internet Basic Behavior Measurement, to support comprehensive, effective, and standardized management and monitoring of the Internet. More specific intentions are reflected in the following aspects:¶
The following list gives definitions that need to be clarified in the development of this framework.¶
The meaning and manifestation of results of Internet Basic Behavior measurements (hereinafter referred to as "Metric").¶
Describing the elements of basic Internet behavior metrics is the main purpose of this document, and the relevant content will be given in Sections 4-7.¶
A series of operations performed to measure specific Internet Basic Behavior Metrics (hereinafter referred to as "Measurement Activity"). The Internet Basic Behavior Measurement Activity consists of two phases:¶
(i) Acquisition of Internet Basic Behavior Measurement Source Data. It refers to obtaining traffic and operating data from the Internet, including original or time-stamped packet (header) sequences, flow records, flow tables, routing tables and MIBs, etc., hereinafter referred to as "Measurement Source Data";¶
(ii)Modeling analysis. Modeling analysis is the mapping from Measurement Source Data objects to Metric instances. The scheme used to do this mapping is called the "Analysis Model".¶
Because a Metric instance could be obtained from different types of Measurement Source Data and by different Analysis Models, the details of methods of obtaining Measurement Source Data and modeling analysis will not be discussed in this document. Other elements of Measurement Activities will be detailedly described in Section 8. The description and requirements of measurement activities can ensure the operability of Metrics and the storability of measurement results.¶
Metrics MUST be useful for the safe operation and management of the Internet.¶
This document does not provide any Metric but provides a framework for defining and describing what a Metric SHOULD be like. Metrics MAY be developed individually or in groups by the proposers as specifications conforming to this framework (hereinafter referred to as "Metric Specification"). In each Metric Specification, the following items SHOULD be explained:¶
As the measurement is oriented to Internet Basic Behavior, Metrics SHOULD have clear behavior Subjects. Subjects SHOULD have clear meanings in the Internet architecture and can work continuously and stably in the long term. Based on the existing Internet architecture, this document divides all Subjects into two categories: the basic protocols and the network components that support the operation of the Internet. The details are given below.¶
The basic protocols that MAY be used as the Metric subjects include:¶
Routing protocols¶
All interdomain routing protocols and intradomain routing protocols with RFC standards that are used on the Internet, including BGP, etc.¶
Network-layer protocols¶
IP and ICMP.¶
Transport-layer protocols¶
TCP, UDP, and other RFC-specified transport-layer protocols that can be carried by IP packets.¶
DNS protocol¶
It SHOULD be further noted that all link-layer protocols and all application-layer protocols that do not belong to the above protocols SHOULD NOT be regarded as the subjects of Internet Basic Behavior Metrics because they could be easily changed and replaced.¶
The network components that MAY be used as Metric subjects include the following categories:¶
Device¶
Including Network Device and End System Device;¶
Link¶
Channels that connect devices;¶
Network¶
Collections of devices and links that can communicate with each other using private IP addresses;¶
Service¶
Application-oriented software system that runs over the Internet;¶
AS¶
Groups of routers, links, and networks with the same AS number under the control of one administrator.¶
To formally represent subjects, this section provides each subject a unique name for identification and description.¶
Basic protocols are abbreviated by the protocols' names, such as TCP, UDP, IP, ICMP, BGP, DNS, etc.¶
The network components are represented by the subjects' names or abbreviations:¶
To facilitate management and use, Metrics could be separated into several topics by semantics, including routing measurement, topology measurement, performance measurement, domain name resolution measurement, traffic measurement, and other measurement topics. The scope of Metric Topics MAY be expanded as needed. The meanings and scope of the existing topics are described as follows:¶
Metrics oriented to routing information, routing protocols, and routers' attributes that are running on the Internet fall within this topic.¶
Metrics oriented to connectivity between devices, networks, and ASes on the Internet fall within this topic.¶
This topic includes three typical directions:¶
Metrics that measure the performance of IP networks in the actual operation of the Internet during data transmission are IP Performance Metrics.¶
Metrics that measure the individual performance of devices on the Internet in operation and data transmission are network device performance Metrics.¶
Metrics of the time required by the server software running on the Internet to complete specific service tasks are service performance Metrics.¶
Metrics of service attributes and capabilities for DNS servers on the Internet fall within this topic.¶
Traffic refers to the sequence of IP packets obtained from the running network without active injection of test traffic. The specification of the process of acquiring, compressing, and storing traffic is outside the scope of this document. Metrics based on traffic acquisition fall within the topic of traffic measurement. In principle, all Metrics under this topic SHOULD only be obtained based on passive measurement methods, however, some special metrics, such as DNS response time for resolving IP addresses, end-to-end packet loss, etc., may also be obtained based on traffic, but they are not part of the topic of traffic measurement.¶
Metric entities are elements of the Internet architecture that can carry the results of measurements. Measurement Activities MAY be carried out for different entity objects under the fixed entity types. Standardizing the description of metric entities facilitates the storage, use, and fusion of measurement results.¶
Any metric entity that carries the Internet Basic Behavior Measurement is a stable and uniquely identifiable existence on the Internet. Metric Entities include but are not limited to the following seven categories:¶
End System (EndSystemClass)¶
Devices that have reachable routing IP addresses on the Internet and are connected to the network as end hosts, such as servers, clients, IoT devices, etc. When used as entity objects that carry Metrics, they SHALL be classified into this metric entity class and are directly identified by IP addresses.¶
IP Prefix (IPPrefixClass)¶
The network parts of the IP addresses when using CIDR, which are identified in the form of "IP address/prefix-length".¶
Connection Point (ConnPointClass)¶
The endpoints of transport layer connections on the Internet, which are identified in the form of "IP address: port". The value of port is an integer falling in 0..65535, which indicates the "port" field in TCP and UDP header.¶
Network Device (NetDeviceClass)¶
Devices used to forward IP packets on the Internet, including routers, switches, and access devices. We use a structure with 8 fields to identify a network device - vendor identification, vendor type, AS number, equipment type, longitude, latitude, MAC, and spare information. We suggest using the vendor number (OID) in the MIB to represent the producer identification, and the equipment type SHOULD be one of Router | Switch | AccessPoint | Others. For routers and switches, MAC and spare information are optional. If the first six fields cannot distinguish two devices, the optional fields could be used to support this distinction. For AP devices, longitude, latitude, and spare information are optional.¶
Autonomous System (ASClass)¶
As described in Section 4.2, we suggest identifying autonomous systems by the corresponding AS numbers.¶
Link (LinkClass)¶
A link refers to a single link-layer connection between two network devices or between an end system and a network device. A link is identified by an IP address pair.¶
Path (PathClass)¶
A path is a sequence of links that connect end to end. It is identified by the sequence of IP addresses.¶
This section provides a JSON-based description of the seven entity types defined in the previous section.¶
The data types used in the description include:¶
In the following JSON-based description, "(data type | entity type)" denotes the value of this data type or entity type, "[data type | entity type]" denotes an array of this data type or entity type. Refer to 6.2.1 for data type description and 6.1 for entity type description.¶
End System¶
"EndSystemClass": {
"IP": (inetAddress)
}
¶
IP Prefix¶
"IPPrefixClass":{
"Prefix":(inetAddress),
"Prefix Length": (prefixLength)
}
¶
Connection Point¶
"ConnPointClass":{
"IP": (inetAddress),
"Port": (unsignedShort)
}
¶
Network Device¶
"NetDeviceClass":{
"Vendor ID": (unsignedInt),
"#Vender ID":"0 indicates unknown",
"Vender Type": (string),
"#Vender Type":""" indicates unknown",
"ASN": (unsignedInt),
"#ASN":"0 indicates unknown"
"Type":
"Router"|"Switch"|"AccessPoint"|"Others",
"Longitude": (float),
"#Longitude":"0.0 indicates unknown",
"Latitude": (float),
"#Latitude":"0.0 indicates unknown",
"MAC": (string),
"#MAC":""" indicates unknown"
"Spare Information": (unsignedInt),
"#Spare Information":"0 indicates unknown"
}
¶
Autonomous System¶
"ASClass":{
"ASN":(unsignedInt)
}
¶
Link¶
"LinkClass":{
"IPa": (inetAddress),"
"IPb" :(inetAddress),
"Direction": (bool),
"#Direction":
" "ture/false" indicates that IPa to
IPb is bidirectional/unidirectional"
}
¶
Path¶
"PathClass": {
"Links": [inetAddress],
"#Links":"A series of IP Address, such as [ip1,ip2,ip3,...]",
"Direction":(bool),
"#Direction":"0 indicates unidirectional(ip1->ip2->ip3->...),
1 indicates bidirectional"
}
¶
When a new entity type of Internet Basic Behavior metrics is added, its name, description, and formal description SHOULD be given in the above form at the same time.¶
Metric Specifications under the framework MUST clarify the following elements:¶
Name¶
"Name" is the identifier of a Metric that MUST be unique in the context of all relevant Internet Basic Behavior Measurement fields. It is suggested to use English words connected with "_" that reflect the core semantics of the metric. If the topic to which the Metric belongs has special naming requirements for the Metrics under the subject's independent framework, the naming of this Metric SHOULD comply with its requirements.¶
Representation¶
"Representation" describes the data structure of the quantitative results of a metric. It includes the types of number, string, network address, set and undirected graph, etc. It is RECOMMEDED that the proposer of the metric SHOULD describe them in JSON.¶
Topic¶
"Topic" SHOULD be specified as one of "Routing Measurement", "Topology Measurement", "DNS Measurement", "Traffic Measurement" or "Performance Measurement" (See Section 5 for details).¶
Subject¶
"Subject" is a non-empty set of metric subjects(See section 4 for details).¶
Entity¶
"Entity" is a structure of entity types that hosts this metric (See Section 6 for details). JSON is the RECOMMENDED format for this structure's description. The entity types in a structure can be the same or different.¶
Semantics¶
"Semantics" is the meaning of the metric containing the description of each element in the data structure given by the "Representation" element. It MAY be a descriptive definition or a model representation based on mathematical symbols. The description of metric semantics MUST be basic, normative, and unambiguous no matter what method is adopted. For items whose value range includes numerical values, the metric unit to be used MUST also be given, which MUST be in international metric units.¶
Attribute¶
"Attribute" consists of two sub-elements: a) Basic attribute. According to the semantics and characteristics of the metric, the value SHOULD be one of structural| characteristic|sample|other. A Metric composed of one or more entity objects of different entity types (see Section 6 for entity types) and contains a relatively stable specific structural relationship among entity objects is called a structural metric, such as networks' topologies; a metric that describes the inherent characteristics of an entity object is called a characteristic metric, such as the capacity of a link. A characteristic metric is relatively stable so could also be called a static metric; the metric based on a specific Measurement Source Data and analyzed by the Analysis Model is called a sample Metric; Metrics that can not be described by the above attributes are uniformly called other metrics. The proposer of such metrics SHOULD try to give appropriate explanations and descriptions of other metrics. b) Fusible attribute. Fusible attribute refers to whether the measurement result of this metric could perform the fusion activities. For the definition and related content of the fusion activity, see Section 9.¶
Parameter¶
"Parameter" is a set of parameters (name & type) that MUST be used during the measurement, which MAY be empty. For example, the agreement on unit time, the bandwidth usage threshold when congestion occurs, etc. The semantics of these parameters SHOULD be reflected in the metric's "Semantics" element. The parameter set is RECOMMEDED to be given in JSON.¶
Others¶
The metric's description information that is not included in the above elements but MUST be explained. This element would be empty if there is no need.¶
Measurement Activities MUST only be carried out for Metrics that have completed Metric Specifications. A Measurement Activity SHOULD be described as an 8-tuple [Measurement Activity's Name, Metric's Name, Metric's Parameter, measurement method, measurement point, entity object, Measurement Source Data, measurement results]. The front 7 items are the attributes of the Measurement Activity, that is, each Measurement Activity instance MUST have a unique identification, and only be oriented to one Metric at the same measurement point, using the same measurement method and under the conditions with the same parameters; the measurement result is a collection of triples like [measurement time, entity object, measurement value].¶
Measurement Activity Name¶
It refers to the identifier of the Measurement Activity, which uniquely identifies the Measurement Activity. A measure activity name is ADVISED to be expanded based on the name or number that can uniquely identify the organizations or individuals that perform the measurement. The organizations or individuals who perform the Measurement Activity SHALL be responsible for the measurement results and have the obligation to further explain the measurement results when necessary.¶
Metric¶
It refers to the name of the Metric targeted by this Measurement Activity(see Section 7 for details).¶
Metric Parameter¶
It refers to the specific value of each parameter described in the "Parameter" element of the Metric Specification in this Measurement Activity. The "Parameter" element is referred to Article 8 in Section 7.¶
Measurement Method¶
It refers to the description of the Analysis Model used in this Measurement Activity, that is, the algorithm or model used in the process of mapping a Measurement Source Data object into a Metric value, which is described in natural language or pseudocode. The Analysis Model is defined in section 2.¶
Measurement Point¶
It refers to the network location where the Measurement Source Data is obtained.¶
Entity Object¶
It refers to a sequence of network entity objects that carry the Metric. The type of all entity objects in the sequence MUST be consistent with the description of the Metric element "Entity" in the corresponding Metric Specification. If the measurement is performed for different entity objects, the value of this attribute is null and will be marked in "Measurement Results".¶
Measurement Source Data¶
It refers to a description of the Measurement Source Data used in this Measurement Activity and acquired at the measurement point, which follows the definition in section 2, along with the parameters associated with these Measurement Source Data (e.g., the sampling rate for passively collecting traffic).¶
When the "entity object" attribute of the Measurement Activity is non-null, the measurement result of the Measurement Activity is a sequence of 2-tuples [measurement time, measurement value], otherwise, the measurement result is a sequence of triples [measurement time, measurement value, entity object]. A more specific explanation is as follows:¶
The procedure of processing the measurement results or fusion results through combination, statistics, etc. is called metric fusion, such as the combination of topology graphs, the mean or median of the sample metrics, etc. Metric fusion is carried out by metric fusion activities towards completed Measurement Activities or fusion activities. Metric fusion activities are described as a 6-tuple: [fusion activity name, Metric, description, fusion object, fusion model, fusion result]. The detailed description is as follows:¶
Fusion Activity Name¶
It refers to an identifier of the fusion activity. It is used to uniquely identify the fusion activity. It is ADVISED to be expanded based on the name or number that uniquely identifies the organizations or individuals performing this fusion activity and distinguished from the Measurement Activity name through a standard suffix. The organizations or individuals that carry out this fusion activity are responsible for the result of this fusion and have the obligation to further explain the results of the fusion as needed.¶
Metric¶
It refers to the Metric for which the fusion activity is oriented, as described in Article 1) in Section 7. In particular, sub-element b) of the "Attribute" elements of the Metric in the fusion activity SHOULD be marked as " Fusible".¶
Description¶
It refers to a general description of the intention of this fusion activity and other matters that need to be explained.¶
Fusion Object¶
The measurement results and fusion results of the collection of completed measurement activities and fusion activities are the fusion objects of this fusion activity. It SHOULD be noted that all the results of measurement activities and fusion activities that are fusion objects MUST have the same metric. In general, the measurement results have the same structure.¶
Fusion Model¶
It refers to the description of the Analysis Model (or algorithm) used in this fusion activity.¶
Fusion Result¶
It is as same as measurement result.¶
TBD¶
This document has no actions for IANA.¶