Internet Engineering Task Force Inter-Domain Multicast Routing Working Group INTERNET-DRAFT W. Fenner draft-ietf-idmr-traceroute-ipm-02.txt Xerox PARC S. Casner Precept Software November 21, 1997 Expires April 1998 A ''traceroute'' facility for IP Multicast. Status of this Memo This document is an Internet Draft. Internet Drafts are working documents of the Internet Engineering Task Force (IETF), its Areas, and its Working Groups. Note that other groups may also distribute working documents as Internet Drafts. Internet Drafts are draft documents valid for a maximum of six months. Internet Drafts may be updated, replaced, or obsoleted by other documents at any time. It is not appropriate to use Internet Drafts as reference material or to cite them other than as a "working draft" or "work in progress." To learn the current status of any Internet-Draft, please check the "1id-abstracts.txt" listing contained in the Internet-Drafts Shadow Directories on ftp.is.co.za (Africa), nic.nordu.net (Europe), munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or ftp.isi.edu (US West Coast). Distribution of this document is unlimited. Abstract This draft describes the IGMP multicast traceroute facility. As the deployment of IP multicast has spread, it has become clear that a method for tracing the route that a multicast IP packet takes from a source to a particular receiver is absolutely required. Unlike unicast traceroute, multicast traceroute requires a special packet type and implementation on the part of routers. This specification describes the required functionality. This document is a product of the Inter-Domain Multicast Routing working group within the Internet Engineering Task Force. Comments are solicited and should be addressed to the working group's mailing list at idmr@cs.ucl.ac.uk and/or the author(s). Casner, Fenner Expires April 1998 [Page 1] Internet Draft draft-ietf-idmr-traceroute-ipm-02.txt November 21, 1997 1. Key Words The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [Bradner97]. 2. Introduction The unicast "traceroute" program allows the tracing of a path from one machine to another, using a mechanism that already existed in IP. Unfortunately, no such existing mechanism can be applied to IP multicast paths. The key mechanism for unicast traceroute is the ICMP TTL exceeded message, which is specifically precluded as a response to multicast packets. Thus, we specify the multicast "traceroute" facility to be implemented in multicast routers and accessed by diagnostic programs. While it is a disadvantage that a new mechanism is required, the multicast traceroute facility can provide additional information about packet rates and losses that the unicast traceroute cannot, and generally requires fewer packets to be sent. Goals: + To be able to trace the path that a packet would take from some source to some destination. + To be able to isolate packet loss problems (e.g., congestion). + To be able to isolate configuration problems (e.g., TTL threshold). + To minimize packets sent (e.g. no flooding, no implosion). 3. Overview Tracing from a source to a multicast destination is hard, since you don't know down which branch of the multicast tree the destination lies. This means that you have to flood the whole tree to find the path from one source to one destination. However, walking up the tree from destination to source is easy, as all existing multicast routing protocols know the previous hop for each source. Tracing from destination to source can involve only routers on the direct path. The party requesting the traceroute (which need be neither the source nor the destination) sends a traceroute Query packet to the last-hop multicast router for the given destination. The last-hop router turns the Query into a Request packet by adding a response data block containing its interface addresses and packet statistics, and then forwards the Request packet via unicast to the router that it believes Casner, Fenner Expires April 1998 [Page 2] Internet Draft draft-ietf-idmr-traceroute-ipm-02.txt November 21, 1997 is the proper previous hop for the given source and group. Each hop adds its response data to the end of the Request packet, then unicast forwards it to the previous hop. The first hop router (the router that believes that packets from the source originate on one of its directly connected networks) changes the packet type to indicate a Response packet and sends the completed response to the response destination address. The response may be returned before reaching the first hop router if a fatal error condition such as "no route" is encountered along the path. Multicast traceroute uses any information available to it in the router to attempt to determine a previous hop to forward the trace towards. Multicast routing protocols vary in the type and amount of state they keep; multicast traceroute endeavors to work with all of them by using whatever is available. For example, if a DVMRP router has no active state for a particular source but does have a DVMRP route, it chooses the parent of the DVMRP route as the previous hop. If a PIM-SM router is on the (*,G) tree, it chooses the parent towards the RP as the previous hop. In these cases, no source/group-specific state is available, but the path may still be traced. 4. Multicast Traceroute header The header for all multicast traceroute packets is as follows: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IGMP Type | # hops | checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Multicast Group Address | +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ | Source Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Destination Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Response Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | resp ttl | Query ID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 4.1. IGMP Type: 8 bits The IGMP type field is defined to be 0x1F for traceroute queries and requests. The IGMP type field is changed to 0x1E when the packet is completed and sent as a response from the first hop router to the querier. Two codes are required so that multicast Casner, Fenner Expires April 1998 [Page 3] Internet Draft draft-ietf-idmr-traceroute-ipm-02.txt November 21, 1997 routers won't attempt to process a completed response in those cases where the initial query was issued from a router or the response is sent via multicast. 4.2. # hops: 8 bits This field specifies the maximum number of hops that the requester wants to trace. If there is some error condition in the middle of the path that keeps the traceroute request from reaching the first-hop router, this field can be used to perform an expanding- length search to trace the path to just before the problem. 4.3. Checksum: 16 bits The checksum is the 16-bit one's complement of the one's complement sum of the whole IGMP message (the entire IP payload). For computing the checksum, the checksum field is set to zero. When transmitting packets, the checksum MUST be computed and inserted into this field. When receiving packets, the checksum MUST be verified before processing a packet. 4.4. Group address This field specifies the group address to be traced, or zero if no group-specific information is desired. Note that non-group- specific traceroutes may not be possible with certain multicast routing protocols. 4.5. Source address This field specifies the IP address of the multicast source for the path being traced, or 0xFFFFFFFF if no source-specific information is desired. Note that non-source-specific traceroutes may not be possible with certain multicast routing protocols. 4.6. Destination address This field specifies the IP address of the multicast receiver for the path being traced. The trace starts at this destination and proceeds toward the traffic source. 4.7. Response Address This field specifies where the completed traceroute response packet gets sent. It can be a unicast address or a multicast address, as explained in section 6.2. Casner, Fenner Expires April 1998 [Page 4] Internet Draft draft-ietf-idmr-traceroute-ipm-02.txt November 21, 1997 4.8. resp ttl: 8 bits This field specifies the TTL at which to multicast the response, if the response address is a multicast address. 4.9. Query ID: 24 bits This field is used as a unique identifier for this traceroute request so that duplicate or delayed responses may be detected and to minimize collisions when a multicast response address is used. 5. Definitions Since multicast traceroutes flow in the opposite direction to the data flow, we always refer to "upstream" and "downstream" with respect to data, unless explicitly specified. Incoming Interface The interface on which traffic is expected from the specified source and group. Outgoing Interface The interface on which traffic is forwarded from the specified source and group towards the destination. Also called the "Reception Interface", since it is the interface on which the multicast traceroute Request was received. Previous-Hop Router The router, on the Incoming Interface, which is responsible for forwarding traffic for the specified source and group. Casner, Fenner Expires April 1998 [Page 5] Internet Draft draft-ietf-idmr-traceroute-ipm-02.txt November 21, 1997 6. Response data Each router adds a "response data" segment to the traceroute packet be- fore it forwards it on. The response data looks like this: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Query Arrival Time | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Incoming Interface Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Outgoing Interface Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Previous-Hop Router Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Input packet count on incoming interface | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Output packet count on outgoing interface | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Total number of packets for this source-group pair | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | |M| | | | | Rtg Protocol | FwdTTL |B|S| Src Mask |Forwarding Code| | | |Z| | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 6.1. Query Arrival Time The Query Arrival Time is a 32-bit NTP timestamp specifying the arrival time of the traceroute request packet at this router. The 32-bit form of an NTP timestamp consists of the middle 32 bits of the full 64-bit form; that is, the low 16 bits of the integer part and the high 16 bits of the fractional part. The following formula converts from a UNIX timeval to a 32-bit NTP timestamp: query_arrival_time = (tv.tv_sec + 32384) << 16 + ((tv.tv_usec << 10) / 15625) The constant 32384 is the number of seconds from Jan 1, 1900 to Jan 1, 1970 truncated to 16 bits. ((tv.tv_usec << 10) / 15625) is a reduction of ((tv.tv_usec / 100000000) << 16). Casner, Fenner Expires April 1998 [Page 6] Internet Draft draft-ietf-idmr-traceroute-ipm-02.txt November 21, 1997 6.2. Incoming Interface Address This field specifies the address of the interface on which packets from this source and group are expected to arrive, or 0 if unknown. 6.3. Outgoing Interface Address This field specifies the address of the interface on which packets from this source and group flow to the specified destination, or 0 if unknown. 6.4. Previous-Hop Router Address This field specifies the router from which this router expects packets from this source. This may be a multicast group if the previous hop is not known because of the workings of the multicast routing protocol. However, it should be 0 if the incoming interface address is unknown. 6.5. Input packet count on incoming interface This field contains the number of multicast packets received for all groups and sources on the incoming interface, or 0xffffffff if no count can be reported. 6.6. Output packet count on outgoing interface This field contains the number of multicast packets that have been transmitted for all groups and sources on the outgoing interface, or 0xffffffff if no count can be reported. 6.7. Total number of packets for this source-group pair This field counts the number of packets from the specified source forwarded by this router to the specified group, or 0xffffffff if no count can be reported. If the S bit is set, the count is for the source network, as specified by the Src Mask field. If the S bit is set and the Src Mask field is 63, indicating no source-specific state, the count is for all sources sending to this group. 6.8. Rtg Protocol: 8 bits This field describes the routing protocol in use between this router and the previous-hop router. Specified values include: Casner, Fenner Expires April 1998 [Page 7] Internet Draft draft-ietf-idmr-traceroute-ipm-02.txt November 21, 1997 1 DVMRP 2 MOSPF 3 PIM 4 CBT 5 PIM using special routing table 6 PIM using a static route 7 DVMRP using a static route 6.9. FwdTTL: 8 bits This field contains the TTL that a packet is required to have before it will be forwarded over the outgoing interface. 6.10. MBZ: 1 bit Must be zeroed on transmission and ignored on reception. 6.11. S: 1 bit If this bit is set, it indicates that the packet count for the source-group pair is for the source network, as determined by masking the source address with the Src Mask field. 6.12. Src Mask: 6 bits This field contains the number of 1's in the netmask this router has for the source (i.e. a value of 24 means the netmask is 0xffffff00). If the router is forwarding solely on group state, this field is set to 63 (0x2f). 6.13. Forwarding Code: 8 bits This field contains a forwarding information/error code. Defined values include: 0x00 No error 0x01 Traceroute request arrived on an interface to which this router would not forward for this source,group,destination. 0x02 This router has sent a prune upstream which applies to the source and group in the traceroute request. 0x03 This router has stopped forwarding for this source and group in response to a request from the next hop router. Casner, Fenner Expires April 1998 [Page 8] Internet Draft draft-ietf-idmr-traceroute-ipm-02.txt November 21, 1997 0x04 The group is subject to administrative scoping at this hop. 0x05 This router has no route for the source. 0x06 This router is not the proper last-hop router. 0x07 This router is not forwarding this source,group for an unspecified reason. 0x08 Reached Rendez-vous Point or Core 0x09 Traceroute request arrived on the expected RPF interface for this source,group. 0x0A Traceroute request arrived on an interface which is not enabled for multicast. 0x81 There was not enough room to insert another response data block in the packet. 0x82 The previous hop router does not understand traceroute requests. 0x83 Traceroute is administratively prohibited. Note that if a router discovers there is not enough room in a packet to insert its response, it puts the 0x81 error code in the previous router's Forwarding Code field, overwriting any error the previous router placed there. It is expected that a multicast traceroute client, upon receiving this error, will restart the trace at the last hop listed in the packet. The 0x80 bit of the Forwarding Code is used to indicate a fatal error. A fatal error is one where the router may know the previous hop but cannot forward the message to it. 7. Router Behavior All of these actions are performed in addition to (NOT instead of) forwarding the packet, if applicable. E.g. a multicast packet that has TTL remaining MUST be forwarded normally, as should a unicast packet that has TTL remaining and is not addressed to this router. 7.1. Traceroute Query A traceroute Query message is a traceroute message with no response blocks filled in, and uses IGMP type 0x1F. 7.1.1. Packet Verification Upon receiving a traceroute Query message, a router must examine the Query to see if it is the proper last-hop router for the destination address in the packet. It is the proper last-hop router if it has a multicast-capable interface on the same subnet as the Destination Address and is the router that Casner, Fenner Expires April 1998 [Page 9] Internet Draft draft-ietf-idmr-traceroute-ipm-02.txt November 21, 1997 would forward traffic from the given source onto that subnet. A router may receive a traceroute Query message via either unicast or multicast. If received via multicast and it determines that it is not the proper last-hop router, the packet MUST be silently dropped. If received via unicast and the packet was addressed to this router, an error code of 0x06 should be noted and normal processing should occur. Duplicate Query messages as identified by the tuple (IP Source, Query ID) SHOULD be ignored. 7.1.2. Normal Processing When a router receives a traceroute Query and it determines that it is the proper last-hop router, it treats it like a traceroute Request and performs the steps listed under Normal Processing of a Traceroute Request, below. 7.2. Traceroute Request A traceroute Request is a traceroute message with some number of response blocks filled in, and also uses IGMP type 0x1F. Routers can tell the difference between Queries and Requests by checking the length of the packet. 7.2.1. Packet Verification If the traceroute Request is not addressed to this router, or if the Request is addressed to a multicast group which is not a link-scoped group (e.g. 224.0.0.x), it MUST be silently ignored. 7.2.2. Normal Processing When a router receives a traceroute Request, it performs the following steps. Note that it is possible to have multiple situations covered by the Forwarding Codes. The first one encountered is the one that is reported, i.e. all "note forwarding code N" should be interpreted as "if forwarding code is not already set, set forwarding code to N". 1. Insert a new response block into the packet and fill in the Query Arrival Time, Outgoing Interface Address, Output Packet Count, and FwdTTL. 2. Attempt to determine the forwarding information for the source and group specified, using the same mechanisms as Casner, Fenner Expires April 1998 [Page 10] Internet Draft draft-ietf-idmr-traceroute-ipm-02.txt November 21, 1997 would be used when a packet is received from the source destined for the group. State need not be instantiated, it can be "phantom" state created only for the purpose of the trace. 3. If no forwarding information can be determined, an error code of 0x05 is inserted in the Forwarding Code field, the remaining fields that have not yet been filled in are set to zero, and the packet is forwarded to the requester as described in "Forwarding Traceroute Requests". 4. Fill in the Incoming Interface Address, Previous-Hop Router Address, Input Packet Count, Total Number of Packets, Routing Protocol, S, and Src Mask from the forwarding information that was determined. 5. If traceroute is administratively prohibited or the previous hop router does not understand traceroute requests, note the appropriate forwarding code. If traceroute is administratively prohibited and any of the fields as filled in step 4 is considered private information, zero out the applicable fields. Then the packet is forwarded to the requester as described in "Forwarding Traceroute Requests". 6. If the reception interface is not enabled for multicast, note forwarding code 0xA. If the reception interface is the interface from which the router would expect data to arrive from the source, a forwarding code of 0x9 is noted. Otherwise, if the reception interface is not one to which the router would forward data from the source, a forwarding code of 0x1 is noted. 7. If the group is subject to administrative scoping on either the Outgoing or Incoming interfaces, a forwarding code of 0x4 is noted. 8. If this router is the Rendez-vous Point or Core for the group, a forwarding code of 0x8 is noted. (NOTE: should this be earlier?) 9. If this router has sent a prune upstream which applies to the source and group in the traceroute Request, it notes forwarding code 0x2. If the router has stopped forwarding downstream in response to a prune sent by the next hop router, it notes forwarding code 0x3. If the router should normally forward traffic for this source and group downstream but is not, it notes forwarding code Casner, Fenner Expires April 1998 [Page 11] Internet Draft draft-ietf-idmr-traceroute-ipm-02.txt November 21, 1997 0x7. 10. The packet is then sent on to the previous hop or the requester as described in "Forwarding Traceroute Requests". 7.3. Traceroute response A router must forward all traceroute response packets normally, with no special processing. If a router has initiated a traceroute with a Query or Request message, it may listen for Responses to that traceroute but MUST still forward them as well. 7.4. Forwarding Traceroute Requests If the Previous-hop router is known for the source and group (or, if no group is specified, the previous-hop router for the source, or if no source is specified, the previous-hop router for the group) and the number of response blocks is less than the number requested, the packet is sent to that router. If the Incoming Interface is known but the Previous-hop router is not known, the packet is sent to an appropriate multicast address on the Incoming Interface. The appropriate multicast address may depend on the routing protocol in use, MUST be a link-scoped group (i.e. 224.0.0.x), MUST NOT be ALL- SYSTEMS.MCAST.NET (224.0.0.1) and may be ALL-ROUTERS.MCAST.NET (224.0.0.2) if the routing protocol in use does not define a more appropriate group. Otherwise, it is sent to the Response Address in the header, as described in "Sending Traceroute Responses". 7.5. Sending Traceroute Responses 7.5.1. Destination Address A traceroute response must be sent to the Response Address in the traceroute header. 7.5.2. TTL If the Response Address is unicast, the router inserts its normal unicast TTL in the IP header. If the Response Address is multicast, the router copies the Response TTL from the traceroute header into the IP header. Casner, Fenner Expires April 1998 [Page 12] Internet Draft draft-ietf-idmr-traceroute-ipm-02.txt November 21, 1997 7.5.3. Source Address If the Response Address is unicast, the router may use any of its interface addresses as the source address. Since some multicast routing protocols forward based on source address, if the Response Address is multicast, the router MUST use an address that is known in the multicast routing table if it can make that determination. 7.5.4. Sourcing Multicast Responses When a router sources a multicast response, the response packet MUST be sent on a single interface, then forwarded as if it were received on that interface. It MUST NOT source the response packet individually on each interface, since that causes duplicate packets. 8. Using multicast traceroute <> Several problems may arise when attempting to use multicast traceroute. 8.1. Last hop router The traceroute querier may not know which is the last hop router, or that router may be behind a firewall that blocks unicast packets but passes multicast packets. In these cases, the traceroute request should be multicasted to the group being traced (since the last hop router listens to that group). All routers except the correct last hop router should ignore any multicast traceroute request received via multicast. Traceroute requests which are multicasted to the group being traced must include the Router Alert IP option [Katz97]. Another alternative is to unicast to the trace destination. Traceroute requests which are unicasted to the trace destination must include the Router Alert IP option [Katz97], in order that the last-hop router is aware of the packet. If the traceroute querier is attached to the same router as the destination of the request, the traceroute request may be multicasted to 224.0.0.2 (ALL-ROUTERS.MCAST.NET) if the last- hop router is not known. Casner, Fenner Expires April 1998 [Page 13] Internet Draft draft-ietf-idmr-traceroute-ipm-02.txt November 21, 1997 8.2. First hop router The traceroute querier may not be unicast reachable from the first hop router. In this case, the querier should set the traceroute response address to a multicast address, and should set the response TTL to a value sufficient for the response from the first hop router to reach the querier. It may be appropriate to start with a small TTL and increase in subsequent attempts until a sufficient TTL is reached, up to an appropriate maximum (such as 192). The IANA has assigned 224.0.1.32, MTRACE.MCAST.NET, as the default multicast group for multicast traceroute responses. Other groups may be used if needed, e.g. when using mtrace to diagnose problems with the IANA-assigned group. 8.3. Broken intermediate router A broken intermediate router might simply not understand traceroute packets, and drop them. The querier would then get no response at all from its traceroute requests. It should then perform a hop-by-hop search by setting the number of responses field until it gets a response (both linear and binary search are options, but binary is likely to be slower because a failure requires waiting for a timeout). 8.4. Trace termination When performing an expanding hop-by-hop trace, it is necessary to determine when to stop expanding. 8.4.1. Arriving at source A trace can be determined to have arrived at the source if the Incoming Interface of the last router in the trace is non- zero, but the Previous Hop router is zero. (XXX Need to actually check if this heuristic really works) <> <> 8.4.2. Fatal Error A trace has encountered a fatal error if the last Forwarding Error in the trace has the 0x80 bit set. 8.4.3. No Previous Hop A trace can not continue if the last Previous Hop in the trace Casner, Fenner Expires April 1998 [Page 14] Internet Draft draft-ietf-idmr-traceroute-ipm-02.txt November 21, 1997 is set to 0. 9. Problem Diagnosis 9.1. Forwarding Inconsistencies The forwarding error code can tell if a group is unexpectedly pruned or administratively scoped. 9.2. TTL problems By taking the maximum of (hops from source + forwarding TTL threshold) over all hops, you can discover the TTL required for the source to reach the destination. 9.3. Congestion By taking two traces, you can find packet loss information by comparing the difference in input packet counts to the difference in output packet counts at the previous hop. On a point-to-point link, any difference in these numbers implies packet loss. Since the packet counts may be changing as the trace query is propagating, there may be small errors (off by 1 or 2) in these statistics. However, these errors will not accumulate if multiple traces are taken to expand the measurement period. On a shared link, the count of input packets can be larger than the number of output packets at the previous hop, due to other routers or hosts on the link injecting packets. This appears as "negative loss" which may mask real packet loss. In addition to the counts of input and output packets for all multicast traffic on the interfaces, the response data includes a count of the packets forwarded by a node for the specified source-group pair. Taking the difference in this count between two traces and then comparing those differences between two hops gives a measure of packet loss just for traffic from the specified source to the specified receiver via the specified group. This measure is not affected by shared links. On a point-to-point link that is a multicast tunnel, packet loss is usually due to congestion in unicast routers along the path of that tunnel. On native multicast links, loss is more likely in the output queue of one hop, perhaps due to priority dropping, or in the input queue at the next hop. The counters in the response data do not allow these cases to be distinguished. Differences in packet counts between the Casner, Fenner Expires April 1998 [Page 15] Internet Draft draft-ietf-idmr-traceroute-ipm-02.txt November 21, 1997 incoming and outgoing interfaces on one node cannot generally be used to measure queue overflow in the node because some packets may be routed only to or from other interfaces on that node. In the multicast extensions for SunOS 4.1.x from Xerox PARC, both the output packet count and the packet forwarding count for the source-group pair are incremented before priority dropping for rate limiting occurs and before the packets are put onto the interface output queue which may overflow. These drops will appear as (positive) loss on the link even though they occur within the router. In release 3.3/3.4 of the UNIX multicast extensions, a multicast packet generated on a router will be counted as having come in an interface even though it did not. This can create the appearance of negative loss even on a point-to- point link. In releases up through 3.5/3.6, packets were not counted as input on an interface if the reverse-path forwarding check decided that the packets should be dropped. That causes the packets to appear as lost on the link if they were output by the upstream hop. This situation can arise when two routers on the path for the group being traced are connected by a shared link, and the path for some other group does not flow between those two routers because the downstream router receives packets for the other group on another interface, but the upstream router is the elected forwarder to other routers or hosts on the shared link. 9.4. Link Utilization Again, with two traces, you can divide the difference in the input or output packet counts at some hop by the difference in time stamps from the same hop to obtain the packet rate over the link. If the average packet size is known, then the link utilization can also be estimated to see whether packet loss may be due to the rate limit or the physical capacity on a particular link being exceeded. 9.5. Time delay If the routers have synchronized clocks, it is possible to estimate propagation and queueing delay from the differences between the timestamps at successive hops. Casner, Fenner Expires April 1998 [Page 16] Internet Draft draft-ietf-idmr-traceroute-ipm-02.txt November 21, 1997 10. Acknowledgments This specification started largely as a transcription of Van Jacobson's slides from the 30th IETF, and the implementation in mrouted 3.3 by Ajit Thyagarajan. Van's original slides credit Steve Casner, Steve Deering, Dino Farinacci and Deb Agrawal. A multicast traceroute client, mtrace, has been implemented by Ajit Thyagarajan, Steve Casner and Bill Fenner. The idea of unicasting a multicast traceroute Query to the destination of the trace with RA set is due to Tony Ballardie. The idea of the "S" bit to allow statistics for a source subnet is due to Tom Pusateri. 11. IANA Considerations 11.1. Routing Protocols Should the IANA be responsible for allocating new Routing Protocol codes? 11.2. Forwarding Codes Should the IANA be responsible for allocating new Forwarding Codes? 12. Security Considerations 12.1. Topology discovery mtrace can be used to discover any actively-used topology. If your network topology is a secret, you should restrict mtrace at the border of your domain. 12.2. Traffic rates mtrace can be used to discover what sources are sending to what groups and at what rates. If this information is a secret, you should restrict mtrace at the border of your domain. ...more... 13. References Bradner97 Bradner, S., "Key words for use in RFCs to Indicate Casner, Fenner Expires April 1998 [Page 17] Internet Draft draft-ietf-idmr-traceroute-ipm-02.txt November 21, 1997 Requirement Levels", RFC 2119/BCP 14, Harvard University, March 1997. Katz97 Katz, D., "IP Router Alert Option," RFC 2113, Cisco Systems, February 1997. Casner, Fenner Expires April 1998 [Page 18] Internet Draft draft-ietf-idmr-traceroute-ipm-02.txt November 21, 1997 14. Authors' Addresses William C. Fenner Xerox PARC 3333 Coyote Hill Road Palo Alto, CA 94304 Phone: +1 650 812 4816 Email: fenner@parc.xerox.com Stephen L. Casner Precept Software, Inc. 1072 Arastradero Road Palo Alto, CA 94304 Email: casner@precept.com Casner, Fenner Expires April 1998 [Page 19]