Internet-Draft | Simple Direct Loss Measurement Procedure | February 2022 |
Gandhi, et al. | Expires 8 August 2022 | [Page] |
This document defines Simple Two-Way Direct Loss Measurement (DLM) procedure that can be used for Alternate-Marking Method for detecting accurate data packet loss in a network. Specifically, DLM probe packets are defined for both unauthenticated and authenticated modes and they are efficient for hardware-based implementation.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 8 August 2022.¶
Copyright (c) 2022 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
Many Service Provider Service Level Agreements (SLAs) depend on the ability to measure performance loss metric experienced by the Customer data traffic flow. Accurate Customer data packet loss can be measured by using a Direct Loss Measurement (DLM) procedure. Currently there is no efficient active measurement procedure available for accurate data packet loss detection in IP networks. Note that an approach for conducting packet loss measurement in IP networks is documented in [RFC7680]. This approach requires clock synchronization between the measurement points and lacks support for accurate data packet loss measurement.¶
[ITU-Y1731] defines procedures for performance loss monitoring for Ethernet-based networks. Specifically, the Loss Measurement Message (LMM) defined in Section 9.12 of [ITU-Y1731] can be used for accurate frame loss measurement as described in Appendix II of that document. The procedure is specific to the Ethernet-based networks and does not apply to the IP networks.¶
The Simple Two-Way Active Measurement Protocol (STAMP) provides capabilities for the measurement of various performance metrics in IP networks [RFC8762] without the use of a control channel to pre-signal session parameters. The STAMP can be used for (synthetic or inferred) packet loss measurement based on the Sequence Number in the test packets, however, this method can only provide approximate packet loss metrics.¶
[RFC8972] defines optional extensions for STAMP. The STAMP test packet with the "Direct Measurement" TLV (Type 5) [RFC8972] can be used for combined timestamps and data packet counters collection. This method, however, has the following limitations when used for detecting data packet loss:¶
This document defines Simple Two-Way Direct Loss Measurement (DLM) procedure that can be used for Alternate-Marking Method [RFC8321] for detecting accurate data packet loss in a network. Specifically, DLM probe packets are defined for both unauthenticated and authenticated modes and they are efficient for hardware-based implementation.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
AMM: Alternate-Marking Method.¶
DLM: Direct Loss Measurement.¶
HMAC: Hashed Message Authentication Code.¶
MBZ: Must be Zero.¶
PM: Performance Measurement.¶
SHA: Secure Hash Algorithm.¶
SSID: Sender Session Identifier.¶
STAMP: Simple Two-Way Active Measurement Protocol.¶
TTL: Time To Live.¶
As shown in the reference topology, the Session-Sender S1 initiates a Direct Loss Measurement (DLM) probe packet over UDP transport. The Session-Reflector R1 receives the Session-Sender's DLM probe packet and acts according to the local configuration. The Session-Reflector R1 transmits a DLM reply probe packet to the Session-Sender S1.¶
C1 C2 / \ +-------+ DLM Probe Packet +-------+ | | - - - - - - - - - - - ->| | | S1 |=========================| R1 | | |<- - - - - - - - - - - - | | +-------+ DLM Reply Probe Packet +-------+ \ / C4 C3 Session-Sender Session-Reflector Reference Topology¶
For accurate data packet loss detection, the DLM probe packets are transmitted by the Session-Sender over UDP transport, and are used to collect the transmit and receive counters for the data traffic flow under measurement. The DLM reply probe packets are transmitted by the Session-Reflector to collect the transmit and receive counters for the data traffic flow under measurement in the reverse direction.¶
The DLM probe packets carry user-configured destination UDP port. The destination UDP port 862 is not used for the DLM probe packets. The user-configured destination UDP port follows the guidelines described in Section 4.1 of [RFC8762]. Different destination UDP port is used for DLM probe packets than the STAMP test packets defined in [RFC8762]. Hence, the Session-Sender and the Session-Reflector do not require backwards compatibility and support for STAMP.¶
A DLM session is identified by the 4-tuple (source and destination IP addresses, source and destination UDP port numbers). A DLM Session-Sender MAY generate a locally unique Sender Session Identifier (SSID). The SSID is a two-octet, non-zero unsigned integer. The SSID generation policy is implementation specific. An implementation MUST NOT assign the same identifier to different DLM sessions. A Session-Sender MAY use the SSID to identify a DLM session. If the SSID is used, it MUST be present in each probe packet of the given DLM session.¶
The DLM Session-Reflector operates in the Stateless mode. The DLM Session-Reflector does not maintain session state and will use the value in the Sequence Number field in the received probe packet as the value for the Sequence Number field in the reply probe packet. As a result, values in the Sequence Number and Session-Sender Sequence Number fields are the same in this mode.¶
In this document, the examples of DLM probe packets are shown with UDP header, however, the packets can be encapsulated with a different header based on the the transport protocol used in the network.¶
In this document, base Session-Sender DLM probe packet formats are defined as shown in Figure 1 and Figure 2 for unauthenticated and authenticated modes, respectively. They are stand-alone DLM probe packet formats to carry the counters for the data traffic flow under measurement. The DLM probe packet formats are similar to the base STAMP test packet formats (for example the locations of the Counters and Timestamps).¶
Fields are defined as the following:¶
Sequence Number (32-bit): For each new DLM session, its value starts at zero and is incremented by one with each transmitted DLM probe packet. The Sequence Number helps to check the DLM session state as active or not active, as well as detect probe packet drops.¶
Transmit Counter (64-bit): The number of packets or octets transmitted by the Session-Sender in the DLM probe packet. The counter is always written at the well-known fixed location in the DLM probe packet. This is an important property for hardware-based implementation, e.g., for point-to-point links and circuits. Counter is for the data traffic flow under measurement.¶
X: Extended counter format indicator. Indicates the use of extended (64-bit) counter values. Initialized to 1 upon creation (and prior to transmission) of a DLM probe packet. Set to 0 when the DLM probe packet is transmitted or received over an interface that writes 32-bit counter values.¶
B: Octet (byte) count. When set to 1, indicates that the Counter fields represent octet counts. The octet count applies to all packets within the DLM scope, and the octet count of a packet transmitted or received includes the total length of that packet (but excludes headers, labels, or framing of the channel itself). When set to 0, indicates that the Counter fields represent packet counts.¶
T: Traffic-class-specific measurement indicator. Set to 1 when the DLM session is scoped to data packets of a particular traffic class (DSCP value), and 0 otherwise. When set to 1, the DSCP field of the DLM probe packet indicates the measured traffic class.¶
DSCP (6-bit): DSCP of the data traffic flow being measured when T flag is set.¶
Block Number (7-bit): The Direct Loss Measurement using Alternate-Marking Method [RFC8321] requires to collect Block Number of the counters for the data traffic flow under measurement. To be able to correlate the transmit and receive counters of the matching Block Number, the Block Number of the counters carried in the DLM probe packets.¶
SSID (16-bit): DLM Sender Session Identifier.¶
HMAC: The use of the HMAC field is described in Section 4.4 of [RFC8762]. HMAC uses its own key and the mechanism to distribute the HMAC key is outside the scope of this document.¶
MBZ: Must be Zero. It MUST be all zeroed on the transmission and MUST be ignored on receipt.¶
The Session-Reflector receives the DLM Session-Sender probe packet and verifies it. If the DLM probe packet is validated, the Session-Reflector that supports this specification prepares and transmits the DLM reply probe packet. In this document, Session-Reflector DLM reply probe packet formats are defined as shown in Figure 3 and Figure 4, for unauthenticated and authenticated modes, respectively.¶
Fields are defined as the following:¶
Sequence Number (32-bit): This is the exact copy of the Sequence Number from the received Session-Sender DLM probe packet that allows Stateless mode of Session-Reflector.¶
Transmit Counter (64-bit): The number of packets or octets transmitted by the Session-Reflector in the DLM reply probe packet. Counter is for the reverse direction data traffic flow under measurement. The Session-Reflector writes the Transmit Counter at the same location in the DLM reply probe packet as the Session-Sender DLM probe packet. This is an important property for hardware-based implementation.¶
XBT Flags (3-bit): The XBT Flags for the reverse direction data traffic flow under measurement set using the same procedure defined for the Session-Sender DLM probe packet.¶
DSCP (6-bit): Set for the reverse direction data traffic flow under measurement using the same procedure defined for the Session-Sender DLM probe packet.¶
Block Number (7-bit): Set for the reverse direction data traffic flow under measurement using the same procedure defined for the Session-Sender DLM probe packet.¶
SSID: SSID is the exact copy of the SSID in the received Session-Sender DLM probe packet.¶
Receive Counter (64-bit): The number of packets or octets received at the Session-Reflector. It is written by the Session-Reflector in the DLM reply probe packet. Counter is for the data traffic flow under measurement.¶
Session-Sender Counter (64-bit): This is the exact copy of the Transmit Counter from the received Session-Sender DLM probe packet.¶
Session-Sender Sequence Number (32-bit): This is the exact copy of the Sequence Number from the received Session-Sender DLM probe packet.¶
Session-Sender Block Number: This is the exact copy of the Block Number from the received Session-Sender DLM probe packet.¶
Session-Sender FLAGS: This is the exact copy of the XBT Flags from the received Session-Sender DLM probe packet.¶
Session-Sender DSCP: This is the exact copy of the DSCP from the received Session-Sender DLM probe packet.¶
Session-Sender TTL: The Session-Sender TTL field is one octet long, and its value is the copy of the TTL field in IPv4 (or Hop Limit in IPv6) from the received Session-Sender DLM probe packet.¶
Using the Counters C1, C2, C3 and C4 as per reference topology, from the nth and (n-1)th DLM probe packets, packet loss and byte loss for the data traffic flow can be calculated as follows:¶
Transmit Loss TxL[ n-1, n] = (C1[ n] - C1[ n-1]) - (C2[ n] - C2[ n-1])¶
Receive Loss RxL[ n-1, n] = (C3[ n] - C3[ n-1]) - (C4[ n] - C4[ n-1])¶
The Total Transmit and Receive Loss are calculated as follows:¶
Total Transmit Loss = TxL[ 1, 2] + TxL[ 2, 3] + ...¶
Total Receive Loss = RxL[ 1, 2] + RxL[ 2, 3] + ...¶
These values are updated each time a DLM reply probe packet is received and processed at the Session-Sender, and they represent the Total Transmit and Total Receive Loss since the DLM session was initiated. When computing the values TxL[n-1,n] and RxL[n-1,n], the possibility of counter wrap must be taken into account.¶
When using Alternate-Marking Method, all Counters used for loss calculation belongs to the same Block Number, as described in Section 3.1 of [RFC8321].¶
There are currently no optional (TLV) extensions defined for the DLM probe packets.¶
The integrity protection and confidentiality protection specified in [RFC8762] also apply to the procedures defined in this document.¶
The operational considerations specified in [RFC8762] also apply to the procedures defined in this document.¶
The DLM protocol is intended for deployment in limited domains [RFC8799]. As such, it assumes that a node involved in DLM protocol operation has previously verified the integrity of the path and the identity of the far-end Session-Reflector.¶
If desired, attacks can be mitigated by performing basic validation and sanity checks, at the Session-Sender, of the counter fields in received reply probe packets. The minimal state associated with these protocols also limits the extent of measurement disruption that can be caused by a corrupt or invalid probe packet to a single probe cycle.¶
The security considerations specified in [RFC8762] and [RFC8972] also apply to the protocol defined in this document. Specifically, the message integrity protection using HMAC, as defined in [RFC8762] Section 4.4, also apply to the procedure described in this document.¶
This document has no IANA actions.¶
The authors would like to thank Greg Mirsky, Tianran Zhou, Gyan Mishra, Zhenqiang Li, Reshad Rahman, Cheng Li, and Yali Wang for the comments on Direct Loss Measurement. The authors would like to thank Pierpaolo Loreti and the team for the Open Source implementation of SRv6-PM Loss Monitoring and its publications in [SRV6-PM-TNSM] and [SRV6-PM-IEEE]. The authors would like to acknowledge the earlier work on the loss measurement using TWAMP described in draft-xiao-ippm-twamp-ext-direct-loss.¶