idnits 2.17.1 draft-gandhi-spring-rfc6374-srpm-udp-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (October 4, 2019) is 1667 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Obsolete informational reference (is this intentional?): RFC 8321 (Obsoleted by RFC 9341) Summary: 0 errors (**), 0 flaws (~~), 1 warning (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 SPRING Working Group R. Gandhi, Ed. 3 Internet-Draft C. Filsfils 4 Intended Status: Standards Track Cisco Systems, Inc. 5 Expires: April 6, 2020 D. Voyer 6 Bell Canada 7 S. Salsano 8 Universita di Roma "Tor Vergata" 9 M. Chen 10 Huawei 11 October 4, 2019 13 Performance Measurement Using UDP Path 14 for Segment Routing Networks 15 draft-gandhi-spring-rfc6374-srpm-udp-02 17 Abstract 19 Segment Routing (SR) leverages the source routing paradigm. Segment 20 Routing (SR) is applicable to both Multiprotocol Label Switching 21 (SR-MPLS) and IPv6 (SRv6) data planes. This document specifies 22 procedures for using UDP path for sending and processing probe query 23 and response messages for Performance Measurement (PM). The 24 procedure uses the mechanisms defined in RFC 6374 for Performance 25 Delay and Loss Measurement. The procedure specified is applicable to 26 SR-MPLS and SRv6 data planes for both links and end-to-end 27 measurement for SR Policies. 29 Status of This Memo 31 This Internet-Draft is submitted in full conformance with the 32 provisions of BCP 78 and BCP 79. 34 Internet-Drafts are working documents of the Internet Engineering 35 Task Force (IETF). Note that other groups may also distribute 36 working documents as Internet-Drafts. The list of current Internet- 37 Drafts is at http://datatracker.ietf.org/drafts/current/. 39 Internet-Drafts are draft documents valid for a maximum of six months 40 and may be updated, replaced, or obsoleted by other documents at any 41 time. It is inappropriate to use Internet-Drafts as reference 42 material or to cite them other than as "work in progress." 44 Copyright Notice 46 Copyright (c) 2019 IETF Trust and the persons identified as the 47 document authors. All rights reserved. 49 This document is subject to BCP 78 and the IETF Trust's Legal 50 Provisions Relating to IETF Documents 51 (http://trustee.ietf.org/license-info) in effect on the date of 52 publication of this document. Please review these documents 53 carefully, as they describe your rights and restrictions with respect 54 to this document. Code Components extracted from this document must 55 include Simplified BSD License text as described in Section 4.e of 56 the Trust Legal Provisions and are provided without warranty as 57 described in the Simplified BSD License. 59 Table of Contents 61 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 62 2. Conventions Used in This Document . . . . . . . . . . . . . . 4 63 2.1. Requirements Language . . . . . . . . . . . . . . . . . . 4 64 2.2. Abbreviations . . . . . . . . . . . . . . . . . . . . . . 4 65 2.3. Reference Topology . . . . . . . . . . . . . . . . . . . . 5 66 3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 67 3.1. Example Provisioning Model . . . . . . . . . . . . . . . . 7 68 4. Probe Messages . . . . . . . . . . . . . . . . . . . . . . . . 7 69 4.1. Probe Query Message . . . . . . . . . . . . . . . . . . . 7 70 4.1.1. Delay Measurement Probe Query Message . . . . . . . . 8 71 4.1.2. Loss Measurement Probe Query Message . . . . . . . . . 8 72 4.1.3. Probe Query for SR Links . . . . . . . . . . . . . . . 9 73 4.1.4. Probe Query for End-to-end Measurement for SR Policy . 9 74 4.1.4.1. Probe Query Message for SR-MPLS Policy . . . . . . 9 75 4.1.4.2. Probe Query Message for SRv6 Policy . . . . . . . 10 76 4.2. Probe Response Message . . . . . . . . . . . . . . . . . . 11 77 4.2.1. One-way Measurement Mode . . . . . . . . . . . . . . . 12 78 4.2.1.1. SR Links and End-to-end Measurement for SR 79 Policy . . . . . . . . . . . . . . . . . . . . . . 12 80 4.2.1.2. Probe Response Message to Controller . . . . . . . 12 81 4.2.2. Two-way Measurement Mode . . . . . . . . . . . . . . . 12 82 4.2.2.1. SR Links . . . . . . . . . . . . . . . . . . . . . 12 83 4.2.2.2. End-to-end Measurement for SR Policy . . . . . . . 12 84 4.2.2.3. Return Path TLV . . . . . . . . . . . . . . . . . 13 85 4.2.2.4. Probe Response Message for SR-MPLS Policy . . . . 13 86 4.2.2.5. Probe Response Message for SRv6 Policy . . . . . . 14 87 4.2.3. Loopback Measurement Mode . . . . . . . . . . . . . . 14 88 5. Performance Measurement for P2MP SR Policies . . . . . . . . . 14 89 6. ECMP Support for SR Policies . . . . . . . . . . . . . . . . . 15 90 7. Sequence Numbers . . . . . . . . . . . . . . . . . . . . . . . 15 91 7.1. Sequence Number TLV in Unauthenticated Mode . . . . . . . 16 92 7.2. Sequence Number TLV in Authenticated Mode . . . . . . . . 16 93 8. Additional Message Processing Rules . . . . . . . . . . . . . 18 94 8.1. TTL Value . . . . . . . . . . . . . . . . . . . . . . . . 18 95 8.2. Router Alert Option . . . . . . . . . . . . . . . . . . . 18 96 8.3. UDP Checksum . . . . . . . . . . . . . . . . . . . . . . . 18 97 9. Security Considerations . . . . . . . . . . . . . . . . . . . 18 98 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 19 99 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 19 100 11.1. Normative References . . . . . . . . . . . . . . . . . . 19 101 11.2. Informative References . . . . . . . . . . . . . . . . . 20 102 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 23 103 Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 104 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 23 106 1. Introduction 108 Segment Routing (SR) leverages the source routing paradigm and 109 greatly simplifies network operations for Software Defined Networks 110 (SDNs). SR is applicable to both Multiprotocol Label Switching 111 (SR-MPLS) and IPv6 (SRv6) data planes. SR takes advantage of the 112 Equal-Cost Multipaths (ECMPs) between source and transit nodes, 113 between transit nodes and between transit and destination nodes. SR 114 Policies as defined in [I-D.spring-segment-routing-policy] are used 115 to steer traffic through a specific, user-defined paths using a stack 116 of Segments. Built-in SR Performance Measurement (PM) is one of the 117 essential requirements to provide Service Level Agreements (SLAs). 119 The One-Way Active Measurement Protocol (OWAMP) defined in [RFC4656] 120 and Two-Way Active Measurement Protocol (TWAMP) defined in [RFC5357] 121 provide capabilities for the measurement of various performance 122 metrics in IP networks. These protocols rely on control-channel 123 signaling to establish a test-channel over an UDP path. These 124 protocols lack support for IEEE 1588 timestamp [IEEE1588] format and 125 direct-mode Loss Measurement (LM), which are required in SR networks 126 [RFC6374]. The Simple Two-way Active Measurement Protocol (STAMP) 127 [I-D.ippm-stamp] alleviates the control-channel signaling by using 128 configuration data model to provision a test-channel. In addition, 129 the STAMP supports IEEE 1588 timestamp format for Delay Measurement 130 (DM). The TWAMP Light [Appendix I in RFC5357] [BBF.TR-390] provides 131 simplified mechanisms for active performance measurement in Customer 132 IP networks by provisioning UDP paths and eliminates the 133 control-channel signaling. [Y1731] specifies the mechanisms to carry 134 OAM messages specifically for Ethernet networks that include Ethernet 135 Frame Delay and Loss measurements. 137 [RFC6374] specifies protocol mechanisms to enable the efficient and 138 accurate measurement of performance metrics and can be used in SR 139 networks with MPLS data plane [I-D.spring-rfc6374-srpm-mpls]. 141 [RFC6374] addresses the limitations of the IP based performance 142 measurement protocols as specified in Section 1 of [RFC6374]. The 143 [RFC6374] requires data plane to support MPLS Generic Associated 144 Channel Label (GAL) and Generic Associated Channel (G-Ach), which may 145 not be supported on all nodes in the network. 147 [RFC7876] specifies the procedures to be used when sending and 148 processing out-of-band performance measurement probe response 149 messages over an UDP return path for RFC 6374 based probe queries. 150 [RFC7876] can be used to send out-of-band PM probe responses in both 151 SR-MPLS and SRv6 networks for one-way performance measurement. 153 For SR Policies, there are ECMPs between the source and transit 154 nodes, between transit nodes and between transit and destination 155 nodes. Existing PM protocols (e.g. RFC 6374) do not define handling 156 for ECMP forwarding paths in SR networks. 158 For two-way measurements for SR Policies, there is a need to specify 159 a return path in the form of a Segment List in PM probe query 160 messages without requiring any SR Policy state on the destination 161 node. Existing protocols do not have such mechanisms to specify 162 return path in the PM probe query messages. 164 This document specifies a procedure for sending and processing probe 165 query and response messages using UDP paths for Performance 166 Measurement in SR networks. The procedure uses RFC 6374 defined 167 mechanisms for Performance Delay and Loss Measurement and unless 168 otherwise specified, the procedures from RFC 6374 are not modified. 169 The procedure specified is applicable to both SR-MPLS and SRv6 data 170 planes. The procedure can be used for both SR links and end-to-end 171 performance measurement for SR Policies and it does not require to 172 bootstrap PM sessions. 174 2. Conventions Used in This Document 176 2.1. Requirements Language 178 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 179 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 180 document are to be interpreted as described in [RFC2119] [RFC8174] 181 when, and only when, they appear in all capitals, as shown here. 183 2.2. Abbreviations 185 ACH: Associated Channel Header. 187 BSID: Binding Segment ID. 189 DFLag: Data Format Flag. 191 DM: Delay Measurement. 193 ECMP: Equal Cost Multi-Path. 195 G-ACh: Generic Associated Channel (G-ACh). 197 GAL: Generic Associated Channel (G-ACh) Label. 199 LM: Loss Measurement. 201 MPLS: Multiprotocol Label Switching. 203 NTP: Network Time Protocol. 205 OWAMP: One-Way Active Measurement Protocol. 207 PM: Performance Measurement. 209 PSID: Path Segment Identifier. 211 PTP: Precision Time Protocol. 213 SID: Segment ID. 215 SL: Segment List. 217 SR: Segment Routing. 219 SR-MPLS: Segment Routing with MPLS data plane. 221 SRv6: Segment Routing with IPv6 data plane. 223 STAMP: Simple Two-way Active Measurement Protocol. 225 TC: Traffic Class. 227 TWAMP: Two-Way Active Measurement Protocol. 229 URO: UDP Return Object. 231 2.3. Reference Topology 233 In the reference topology shown below, the sender node R1 initiates a 234 probe query for performance measurement and the responder node R5 235 sends a probe response for the query message received. The probe 236 response may be sent to the sender node R1 or to a controller node 237 R100. The nodes R1 and R5 may be directly connected via a link 238 enabled with Segment Routing or there exists a Point-to-Point (P2P) 239 SR Policy [I-D.spring-segment-routing-policy] on node R1 with 240 destination to node R5. In case of Point-to-Multipoint (P2MP), SR 241 Policy originating from source node R1 may terminate on multiple 242 destination leaf nodes [I-D.spring-sr-p2mp-policy]. 244 ------ 245 |R100| 246 ------ 247 ^ 248 | Response 249 | 250 +-------+ Query +-------+ 251 | | - - - - - - - - - ->| | 252 | R1 |---------------------| R5 | 253 | |<- - - - - - - - - - | | 254 +-------+ Response +-------+ 255 Sender Responder 257 Reference Topology 259 3. Overview 261 One-way delay and two-way delay measurement procedure defined in 262 Section 2.4 of [RFC6374] are used. Transmit and Receive packet loss 263 measurement procedures defined in Section 2.2 and Section 2.6 of 264 [RFC6374] are used. One-way loss measurement provides receive packet 265 loss whereas two-way loss measurement provides both transmit and 266 receive packet loss. Separate UDP destination port numbers are 267 user-configured for delay and loss measurements from the range 268 specified in [I-D.ippm-stamp]. The sender uses the destination UDP 269 port number following the guidelines specified in Section 6 in 270 [RFC6335]. For both links and end-to-end SR Policies, no PM session 271 for delay or loss measurement is created on the responder node R5 272 [RFC6374]. 274 For Performance Measurement, probe query and response messages are 275 sent as following: 277 o For Delay Measurement, the probe messages are sent on the 278 congruent path of the data traffic by the sender node, and are 279 used to measure the delay experienced by the actual data traffic 280 flowing on the links and SR Policies. 282 o For Loss Measurement, the probe messages are sent on the congruent 283 path of the data traffic by the sender node, and are used to 284 collect the receive traffic counters for the incoming link or 285 incoming SID where the probe query messages are received at the 286 responder node (incoming link or incoming SID needed since the 287 responder node does not have PM session state present). 289 The In-Situ Operations, Administration, and Maintenance (IOAM) 290 mechanisms for SR-MPLS defined in [I-D.spring-ioam-sr-mpls] and for 291 SRv6 defined in [I-D.spring-ioam-srv6] are used to carry PM 292 information such as timestamp in-band as part of the data packets, 293 and are outside the scope of this document. 295 3.1. Example Provisioning Model 297 An example of a provisioning model and typical measurement parameters 298 for performance delay and loss measurements is shown in the following 299 Figure: 301 +------------+ 302 | Controller | 303 +------------+ 304 Measurement Protocol / \ Measurement Protocol 305 Destination UDP Port / \ Destination UDP port 306 Measurement Type / \ Measurement Type 307 Delay/Loss / \ Delay/Loss 308 Authentication Mode & Key / \ Authentication Mode & Key 309 Timestamp Format / \ 310 Delay Measurement Mode / \ 311 Loss Measurement Mode / \ 312 v v 313 +-------+ +-------+ 314 | | | | 315 | R1 |-----------| R5 | 316 | | | | 317 +-------+ +-------+ 318 Sender Responder 320 Provisioning Model 322 The mechanisms used to provision the sender and responder nodes are 323 outside the scope of this document. 325 4. Probe Messages 327 4.1. Probe Query Message 328 In this document, UDP path is used for Delay and Loss measurements 329 for SR links and end-to-end SR Policies for the probe messages 330 defined in [RFC6374]. The user-configured destination UDP ports 331 (separate UDP ports for different delay and loss message formats) are 332 used for identifying the PM probe packets. 333 4.1.1. Delay Measurement Probe Query Message 335 The message content for Delay Measurement for probe query message 336 using UDP header [RFC768] is shown in Figure 1. The DM probe query 337 message is sent with user-configured Destination UDP port number for 338 DM. The Destination UDP port can also be used as Source port for 339 two-way delay measurement, since the message has a flag to 340 distinguish between query and response. The DM probe query message 341 contains the payload format for delay measurement defined in Section 342 3.2 of [RFC6374]. 344 +---------------------------------------------------------------+ 345 | IP Header | 346 . Source IP Address = Sender IPv4 or IPv6 Address . 347 . Destination IP Address = Responder IPv4 or IPv6 Address . 348 . Protocol = UDP . 349 . . 350 +---------------------------------------------------------------+ 351 | UDP Header | 352 . Source Port = As chosen by Sender . 353 . Destination Port = User-configured Port for Delay Measurement. 354 . . 355 +---------------------------------------------------------------+ 356 | Payload = Message as specified in Section 3.2 of RFC 6374 | 357 . . 358 +---------------------------------------------------------------+ 360 Figure 1: DM Probe Query Message 362 It is recommended to use the IEEE 1588v2 Precision Time Protocol 363 (PTP) truncated 64-bit timestamp format [IEEE1588] as a default 364 format as specified in Appendix A of [RFC6374], preferred with 365 hardware support. As an alternative, Network Time Protocol (NTP) 366 timestamp format can also be used [RFC6374]. 368 4.1.2. Loss Measurement Probe Query Message 370 The message content for Loss measurement probe query message using 371 UDP header [RFC768] is shown in Figure 2. As shown, the LM probe 372 query message is sent with user-configured Destination UDP port 373 number for LM. Separate Destination UDP ports are used for 374 direct-mode and inferred-mode loss measurements. The Destination UDP 375 port can also be used as Source port for two-way loss measurement, 376 since the message has a flag to distinguish between query and 377 response. The LM probe query message contains the payload format for 378 loss measurement defined in Section 3.1 of [RFC6374]. 380 +---------------------------------------------------------------+ 381 | IP Header | 382 . Source IP Address = Sender IPv4 or IPv6 Address . 383 . Destination IP Address = Responder IPv4 or IPv6 Address . 384 . Protocol = UDP . 385 . . 386 +---------------------------------------------------------------+ 387 | UDP Header | 388 . Source Port = As chosen by Sender . 389 . Destination Port = User-configured Port for Loss Measurement . 390 . . 391 +---------------------------------------------------------------+ 392 | Payload = Message as specified in Section 3.1 of RFC 6374 | 393 . . 394 +---------------------------------------------------------------+ 396 Figure 2: LM Probe Query Message 398 The Loss Measurement using Alternate-Marking method defined in 399 [RFC8321] requires to identify the Block Number (or color) of the 400 traffic counters carried by the probe query and response messages. 401 Block Number TLV defined in [I-D.spring-rfc6374-srpm-mpls] is used to 402 carry Block Number for the counters in the probe query and response 403 messages for loss measurement. 405 4.1.3. Probe Query for SR Links 407 The probe query message as defined in Figure 1 is sent on the 408 congruent path of the data traffic for performance Delay measurement. 409 Similarly, the probe query message as defined in Figure 2 is sent on 410 the congruent path of the data traffic for performance Loss 411 measurement. 413 4.1.4. Probe Query for End-to-end Measurement for SR Policy 415 The performance delay and loss measurement for segment routing is 416 applicable to both SR-MPLS and SRv6 Policies. 418 4.1.4.1. Probe Query Message for SR-MPLS Policy 420 The probe query message for end-to-end performance measurement of an 421 SR-MPLS Policy is sent using its SR-MPLS header containing the MPLS 422 segment list as shown in Figure 3. 424 0 1 2 3 425 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 426 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 427 | Segment List(1) | TC |S| TTL | 428 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 429 . . 430 . . 431 . . 432 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 433 | Segment List(n) | TC |S| TTL | 434 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 435 | PSID | TC |S| TTL | 436 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 437 | Message as shown in Figure 1 for DM or Figure 2 for LM | 438 . . 439 +---------------------------------------------------------------+ 441 Figure 3: Probe Query Message for SR-MPLS Policy 443 The Segment List (SL) can be empty to indicate Implicit NULL label 444 case for a single-hop SR Policy. 446 The Path Segment Identifier (PSID) [I-D.spring-mpls-path-segment] of 447 the SR-MPLS Policy is used for accounting received traffic on the 448 egress node for loss measurement. The PSID is not added for end-to- 449 end SR Policy delay measurement. 451 4.1.4.2. Probe Query Message for SRv6 Policy 453 An SRv6 Policy is setup using the SRv6 Segment Routing Header (SRH) 454 and a Segment List as defined in [I-D.6man-segment-routing-header]. 455 The probe query messages using UDP header for end-to-end performance 456 measurement of an SRv6 Policy is sent using its SRv6 Segment Routing 457 Header (SRH) and Segment List as shown in Figure 4. 459 +---------------------------------------------------------------+ 460 | SRH | 461 . END.OTP (DM) or END.OP (LM) with Target SRv6 SID . 462 . . 463 +---------------------------------------------------------------+ 464 | Message as shown in Figure 1 for DM or Figure 2 for LM | 465 . (Using IPv6 Source and Destination Addresses) . 466 . . 467 +---------------------------------------------------------------+ 469 Figure 4: Probe Query Message for SRv6 Policy 471 For delay measurement of SRv6 Policy using SRH, END function END.OTP 472 [I-D.6man-srv6-oam] is used with the target SRv6 SID to punt probe 473 messages on the target node, as shown in Figure 4. Similarly, for 474 loss measurement of SRv6 Policy, END function END.OP 475 [I-D.6man-srv6-oam] is used with target SRv6 SID to punt probe 476 messages on the target node. 478 4.2. Probe Response Message 480 When the received probe query message does not contain any UDP Return 481 Object (URO) TLV [RFC7876], the probe response message is sent using 482 the IP/UDP information from the received probe query message. The 483 content of the probe response message is shown in Figure 5. 485 +---------------------------------------------------------------+ 486 | IP Header | 487 . Source IP Address = Responder IPv4 or IPv6 Address . 488 . Destination IP Address = Source IP Address from Query . 489 . Protocol = UDP . 490 . Router Alert Option Not Set . 491 . . 492 +---------------------------------------------------------------+ 493 | UDP Header | 494 . Source Port = As chosen by Responder . 495 . Destination Port = Source Port from Query . 496 . . 497 +---------------------------------------------------------------+ 498 | Message as specified in Section 3.2 of RFC 6374 for DM, or | 499 . Message as specified in Section 3.1 of RFC 6374 for LM . 500 . . 501 +---------------------------------------------------------------+ 503 Figure 5: Probe Response Message 505 When the received probe query message contains UDP Return Object 506 (URO) TLV [RFC7876], the probe response message uses the IP/UDP 507 information from the URO in the probe query message. The content of 508 the probe response message is shown in Figure 6. 510 +---------------------------------------------------------------+ 511 | IP Header | 512 . Source IP Address = Responder IPv4 or IPv6 Address . 513 . Destination IP Address = URO.Address . 514 . Protocol = UDP . 515 . Router Alert Option Not Set . 516 . . 517 +---------------------------------------------------------------+ 518 | UDP Header | 519 . Source Port = As chosen by Responder . 520 . Destination Port = URO.UDP-Destination-Port . 521 . . 522 +---------------------------------------------------------------+ 523 | Message as specified in Section 3.2 of RFC 6374 for DM, or | 524 . Message as specified in Section 3.1 of RFC 6374 for LM . 525 . . 526 +---------------------------------------------------------------+ 528 Figure 6: Probe Response Message Using URO from Probe Query 530 4.2.1. One-way Measurement Mode 532 4.2.1.1. SR Links and End-to-end Measurement for SR Policy 534 In one-way performance measurement mode, the probe response message 535 as defined in Figure 5 or Figure 6 is sent out-of-band to the sender 536 node, for both SR links and SR Policies. 538 The PM sender node can receive probe response message back by setting 539 its own IP address as Source Address of the header or by adding URO 540 TLV in the probe query message and setting its own IP address in the 541 IP Address in the URO TLV (Type=131) [RFC7876]. The "control code" 542 in the probe query message is set to "out-of-band response 543 requested". The "Source Address" TLV (Type 130), and "Return 544 Address" TLV (Type 1), if present in the probe query message, are not 545 used to send probe response message. 547 4.2.1.2. Probe Response Message to Controller 549 As shown in the Reference Topology, if the sender node requires the 550 probe response message to be sent to the controller R100, it adds URO 551 TLV in the probe query message and sets the IP address of R100 in the 552 IP Address field and user-configured UDP port for DM and for LM in 553 the UDP-Destination-Port field of the URO TLV (Type=131) [RFC7876]. 555 4.2.2. Two-way Measurement Mode 557 4.2.2.1. SR Links 559 In two-way performance measurement mode, when using a bidirectional 560 link, the probe response message as defined in Figure 5 or Figure 6 561 is sent back on the congruent path of the data traffic to the sender 562 node for SR links. In this case, the "control code" in the probe 563 query message is set to "in-band response requested" [RFC6374]. 565 4.2.2.2. End-to-end Measurement for SR Policy 566 In two-way performance measurement mode, when using a bidirectional 567 path, the probe response message is sent back on the congruent path 568 of the data traffic to the sender node for end-to-end measurement of 569 SR Policies. In this case, the "control code" in the probe query 570 message is set to "in-band response requested" [RFC6374]. 572 4.2.2.3. Return Path TLV 574 For two-way performance measurement, the sender node can request the 575 responder node to send a response message back on a given reverse 576 path (e.g. co-routed path for two-way measurement). Return Path TLV 577 defined in [I-D.spring-rfc6374-srpm-mpls] is used to carry reverse SR 578 path information as part of the payload of the probe query message. 580 Additional Segment List Sub-TLVs are defined in this document for the 581 Return Path TLV for the following Types: 583 o Type (value TBD4): SRv6 Segment List of the Reverse SR Path 585 o Type (value TBD5): SRv6 Binding SID [I-D.pce-binding-label-sid] of 586 the Reverse SR Policy 588 4.2.2.4. Probe Response Message for SR-MPLS Policy 590 The message content for sending probe response message on the 591 congruent path of the data traffic for two-way end-to-end performance 592 measurement of an SR-MPLS Policy is shown in Figure 8. The SR-MPLS 593 label stack in the packet header is built using the Segment List 594 received in the Return Path TLV in the probe query message. 596 0 1 2 3 597 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 598 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 599 | Segment List(1) | TC |S| TTL | 600 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 601 . . 602 . . 603 . . 604 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 605 | Segment List(n) | TC |S| TTL | 606 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 607 | Message as shown in Figure 5 or 6 | 608 . . 609 +---------------------------------------------------------------+ 611 Figure 8: Probe Response Message for SR-MPLS Policy 613 The Path Segment Identifier (PSID) [I-D.spring-mpls-path-segment] of 614 the forward SR-MPLS Policy can be used to find the reverse SR-MPLS 615 Policy to send the probe response message for two-way measurement in 616 the absence of Return Path TLV defined in the following Section. 618 4.2.2.5. Probe Response Message for SRv6 Policy 620 The message content for sending probe response message on the 621 congruent path of the data traffic for two-way end-to-end performance 622 measurement of an SRv6 Policy is shown in Figure 9. For SRv6 Policy 623 using SRH, the SRv6 SID list in the SRH of the probe response message 624 is built using the SRv6 Segment List received in the Return Path TLV 625 in the probe query message. 627 +---------------------------------------------------------------+ 628 | SRH | 629 . END.OTP (DM) or END.OP (LM) with Target SRv6 SID . 630 . . 631 +---------------------------------------------------------------+ 632 | Message as shown in Figure 5 or 6 | 633 . (Using IPv6 Source and Destination Addresses) . 634 . . 635 +---------------------------------------------------------------+ 637 Figure 9: Probe Response Message for SRv6 Policy 639 4.2.3. Loopback Measurement Mode 641 The Loopback measurement mode defined in Section 2.8 of [RFC6374] can 642 be used to measure round-trip delay of a bidirectional SR Path. The 643 IP header of the probe query message contains the destination address 644 equals to the sender address and the source address equals to the 645 responder address. Optionally, the probe query message can carry the 646 reverse path information (e.g. reverse path label stack for SR-MPLS) 647 as part of the SR header. The responder node does not process the PM 648 probe messages and generate response messages. 650 5. Performance Measurement for P2MP SR Policies 652 The procedures for delay and loss measurement described in this 653 document for Point-to-Point (P2P) SR Policies 654 [I-D.spring-segment-routing-policy] are also equally applicable to 655 the Point-to-Multipoint (P2MP) SR Policies 656 [I-D.spring-sr-p2mp-policy] as following: 658 o The sender root node sends probe query messages using the either 659 Spray P2MP segment or TreeSID P2MP segment defined in 660 [I-D.spring-sr-p2mp-policy] over the P2MP SR Policy. 662 o The sender root node sets the PM probe query message Destination 663 IPv4 Address from the 127/8 range for SR-MPLS Policy. 665 o Each responder leaf node sends its IP address in the Source 666 Address of the probe response messages. This allows the sender 667 root node to identify the responder leaf nodes of the P2MP SR 668 Policy. 670 o The P2MP root node measures the end-to-end delay and loss 671 performance for each P2MP leaf node. 673 6. ECMP Support for SR Policies 675 An SR Policy can have ECMPs between the source and transit nodes, 676 between transit nodes and between transit and destination nodes. 677 Usage of Anycast SID [RFC8402] by an SR Policy can result in ECMP 678 paths via transit nodes part of that Anycast group. The PM probe 679 messages need to be sent to traverse different ECMP paths to measure 680 performance delay of an SR Policy. 682 Forwarding plane has various hashing functions available to forward 683 packets on specific ECMP paths. Following mechanisms can be used in 684 PM probe messages to take advantage of the hashing function in 685 forwarding plane to influence the path taken by them. 687 o The mechanisms described in [RFC8029] and [RFC5884] for handling 688 ECMPs are also applicable to the performance measurement. In the 689 IP/UDP header of the PM probe messages, Destination Addresses in 690 127/8 range for IPv4 or 0:0:0:0:0:FFFF:7F00/104 range for IPv6 can 691 be used to exercise a particular ECMP path. As specified in 692 [RFC6437], 3-tuple of Flow Label, Source Address and Destination 693 Address fields in the IPv6 header can also be used. 695 o For SR-MPLS Policy, entropy label [RFC6790] can be used in the PM 696 probe messages. 698 o For SRv6 Policy using SRH, Flow Label in the SRH 699 [I-D.6man-segment-routing-header] of the PM probe messages can be 700 used. 702 7. Sequence Numbers 704 The message formats for DM and LM [RFC6374] can carry either 705 timestamp or sequence number but not both. There are case where both 706 timestamp and sequence number are desired for both DM and LM. 707 Sequence numbers can be useful when some probe query messages are 708 lost or they arrive out of order. In addition, the sequence numbers 709 can be useful for detecting denial-of-service (DoS) attacks on UDP 710 ports. 712 7.1. Sequence Number TLV in Unauthenticated Mode 714 [RFC6374] defines DM and LM probe query and response messages that 715 can include one or more optional TLVs. New TLV Type (value TBA1) is 716 defined in this document to carry sequence number for probe query and 717 response messages for delay and loss measurement. The format of the 718 Sequence Number TLV in unauthenticated mode is shown in Figure 10. 720 0 1 2 3 721 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 722 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 723 | Type TBA1 | Length | Reserved | 724 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 725 | Sequence Number | 726 ~ ~ 727 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 729 Figure 10: Sequence Number TLV - Unauthenticated Mode 731 o The sequence numbers start with 0 and are incremented by one for 732 each subsequent probe query packet. 734 o The sequence number are independent for DM and LM messages. 736 o The sequence number can be of any length determined by the sender 737 node. 739 o The Sequence Number TLV is optional. 741 o The PM sender node SHOULD only insert one Sequence Number TLV in 742 the probe query message and the responder node in the probe 743 response message SHOULD return the first Sequence Number TLV from 744 the probe query message and ignore the other Sequence Number TLVs 745 if present. 747 o When Sequence Number TLV is added, the DM and LM messages SHOULD 748 NOT carry sequence number in the timestamp field of the message. 750 7.2. Sequence Number TLV in Authenticated Mode 751 The PM probe query and response packet format in authenticated mode 752 includes a key Hashed Message Authentication Code (HMAC) ([RFC2104]) 753 hash. Each probe query and response messages are authenticated by 754 adding Sequence Number with Hashed Message Authentication Code (HMAC) 755 TLV. It can use HMAC-SHA-256 truncated to 128 bits (similarly to the 756 use of it in IPSec defined in [RFC4868]); hence the length of the 757 HMAC field is 16 octets. 759 In authenticated mode, only the sequence number is encrypted, and the 760 other payload fields are sent in clear text. The probe packet MAY 761 include Comp.MBZ (Must Be Zero) variable length field to align the 762 packet on 16 octets boundary. 764 The computation of HMAC field using HMAC-SHA1 [RFC5357] can be used 765 with the procedure defined in this document. HMAC uses own key and 766 the definition of the mechanism to distribute the HMAC key is outside 767 the scope of this document. Both the authentication type and key can 768 be user-configured on both the sender and responder nodes. 770 The format of the Sequence Number TLV in authentication mode is shown 771 in Figure 11. 773 0 1 2 3 774 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 775 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 776 | Type TBA2 | Length | Reserved | 777 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 778 | Sequence Number | 779 ~ ~ 780 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 781 ~ Comp.MBZ ~ 782 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 783 | HMAC (16 octets) | 784 | | 785 | | 786 | | 787 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 789 Figure 11: Sequence Number TLV - Authenticated Mode 791 o This TLV is mandatory in the authenticated mode. 793 o The node MUST discard the probe message if HMAC is invalid. 795 o The Sequence Number follows the same processing rule as defined in 796 the unauthenticated mode. 798 8. Additional Message Processing Rules 800 8.1. TTL Value 802 The TTL or the Hop Limit field in the IP, MPLS and SRH headers of the 803 probe query messages are set to 255. 805 When using the Destination IPv4 Address from the 127/8 range, the TTL 806 in the IPv4 header is set to 1 [RFC8029]. Similarly, when using the 807 Destination IPv6 Address from the 0:0:0:0:0:FFFF:7F00/104 range, the 808 Hop Limit field in the inner IPv6 header is set to 1 whereas in the 809 outer IPv6 header is set to 255. 811 8.2. Router Alert Option 813 The Router Alert IP option is not set when using the routable 814 Destination IP Address in the probe messages. 816 When using the Destination IPv4 Address from the 127/8 range, the 817 Router Alert IP Option of value 0x0 [RFC2113] for IPv4 is set in the 818 IP header [RFC8029]. Similarly, when using the Destination IPv6 819 Address from the 0:0:0:0:0:FFFF:7F00/104 range, the Router Alert IP 820 Option of value 69 [RFC7506] for IPv6 is set in the IP header. 822 8.3. UDP Checksum 824 The Checksum Complement for delay and loss measurement messages 825 follows the procedure defined in [RFC7820] and can be optionally used 826 with the procedures defined in this document. 828 For IPv4 and IPv6 probe messages, where the hardware is not capable 829 of re-computing the UDP checksum or adding checksum complement 830 [RFC7820], the sender node sets the UDP checksum to 0 [RFC6936] 831 [RFC8085]. The receiving node bypasses the checksum validation and 832 accepts the packets with UDP checksum of 0 for the UDP port being 833 used for PM. 835 9. Security Considerations 837 The performance measurement is intended for deployment in 838 well-managed private and service provider networks. As such, it 839 assumes that a node involved in a measurement operation has 840 previously verified the integrity of the path and the identity of the 841 far end responder node. The security considerations described in 842 Section 8 of [RFC6374] are applicable to this specification, and 843 particular attention should be paid to the last three paragraphs. 845 If desired, attacks can be mitigated by performing basic validation 846 and sanity checks, at the sender, of the counter or timestamp fields 847 in received measurement response messages. The minimal state 848 associated with these protocols also limits the extent of measurement 849 disruption that can be caused by a corrupt or invalid message to a 850 single query/response cycle. 852 Use of HMAC-SHA-256 in the authenticated mode defined in this 853 document protects the data integrity of the probe messages. SRv6 has 854 HMAC protection authentication defined for SRH 855 [I-D.6man-segment-routing-header]. Hence, PM probe messages for SRv6 856 may not need authentication mode. Cryptographic measures may be 857 enhanced by the correct configuration of access-control lists and 858 firewalls. 860 10. IANA Considerations 862 IANA is requested to allocate the values for the following Sub-TLV 863 Types for the Return Path TLV for RFC 6374. 865 o Type TBD4: SRv6 Segment List of the Reverse SR Path 867 o Type TBD5: SRv6 Binding SID of the Reverse SR Policy 869 IANA is also requested to allocate the values for the following 870 Sequence Number TLV Types for RFC 6374 to be carried in the PM probe 871 query and response messages for delay and loss measurement: 873 o Type TBA1: Sequence Number TLV in Unauthenticated Mode 875 o Type TBA2: Sequence Number TLV in Authenticated Mode 877 11. References 879 11.1. Normative References 881 [RFC768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, 882 August 1980. 884 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 885 Requirement Levels", RFC 2119, March 1997. 887 [RFC6374] Frost, D. and S. Bryant, "Packet Loss and Delay 888 Measurement for MPLS networks', RFC 6374, September 2011. 890 [RFC7876] Bryant, S., Sivabalan, S., and Soni, S., "UDP Return Path 891 for Packet Loss and Delay Measurement for MPLS Networks", 892 RFC 7876, July 2016. 894 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 895 2119 Key Words", RFC 8174, May 2017. 897 [I-D.spring-rfc6374-srpm-mpls] Gandhi, R. Ed., et al. "Performance 898 Measurement in Segment Routing Networks with MPLS Data 899 Plane", draft-gandhi-spring-rfc6374-srpm-mpls, work in 900 progress. 902 [I-D.6man-srv6-oam] Ali, Z., et al., "Operations, Administration, 903 and Maintenance (OAM) in Segment Routing Networks with 904 IPv6 Data plane (SRv6)", draft-ietf-6man-spring-srv6-oam, 905 work in progress. 907 11.2. Informative References 909 [IEEE1588] IEEE, "1588-2008 IEEE Standard for a Precision Clock 910 Synchronization Protocol for Networked Measurement and 911 Control Systems", March 2008. 913 [Y1731] ITU-T Recommendation Y.1731 (02/08), "OAM functions and 914 mechanisms for Ethernet based networks", February 2008. 916 [RFC2104] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed- 917 Hashing for Message Authentication", RFC 2104, DOI 918 10.17487/RFC2104, February 1997, . 921 [RFC2113] Katz, D., "IP Router Alert Option", RFC 2113, February 922 1997. 924 [RFC4656] Shalunov, S., Teitelbaum, B., Karp, A., Boote, J., and M. 925 Zekauskas, "A One-way Active Measurement Protocol 926 (OWAMP)", RFC 4656, September 2006. 928 [RFC4868] Kelly, S. and S. Frankel, "Using HMAC-SHA-256, HMAC-SHA- 929 384, and HMAC-SHA-512 with IPsec", RFC 4868,DOI 930 10.17487/RFC4868, May 2007, . 933 [RFC5357] Hedayat, K., Krzanowski, R., Morton, A., Yum, K., and J. 934 Babiarz, "A Two-Way Active Measurement Protocol (TWAMP)", 935 RFC 5357, October 2008. 937 [RFC5884] Aggarwal, R., Kompella, K., Nadeau, T., and G. Swallow, 938 "Bidirectional Forwarding Detection (BFD) for MPLS Label 939 Switched Paths (LSPs)", RFC 5884, DOI 10.17487/RFC5884, 940 June 2010. 942 [RFC6335] Cotton, M., Eggert, L., Touch, J., Westerlund, M., and S. 943 Cheshire, "Internet Assigned Numbers Authority (IANA) 944 Procedures for the Management of the Service Name and 945 Transport Protocol Port Number Registry", BCP 165,RFC 946 6335, August 2011. 948 [RFC6437] Amante, S., Carpenter, B., Jiang, S., and J. Rajahalme, 949 "IPv6 Flow Label Specification", RFC 6437, November 2011. 951 [RFC6790] Kompella, K., Drake, J., Amante, S., Henderickx, W., and 952 L. Yong, "The Use of Entropy Labels in MPLS Forwarding", 953 RFC 6790, November 2012. 955 [RFC6936] Fairhurst, G. and M. Westerlund, "Applicability Statement 956 for the Use of IPv6 UDP Datagrams with Zero Checksums", 957 RFC 6936, April 2013. 959 [RFC7506] Raza, K., Akiya, N., and C. Pignataro, "IPv6 Router Alert 960 Option for MPLS Operations, Administration, and 961 Maintenance (OAM)", RFC 7506, DOI 10.17487/RFC7506, April 962 2015, . 964 [RFC7820] Mizrahi, T., "UDP Checksum Complement in the One-Way 965 Active Measurement Protocol (OWAMP) and Two-Way Active 966 Measurement Protocol (TWAMP)", RFC 7820, March 2016. 968 [RFC8029] Kompella, K., Swallow, G., Pignataro, C., Kumar, N., 969 Aldrin, S. and M. Chen, "Detecting Multiprotocol Label 970 Switched (MPLS) Data-Plane Failures", RFC 8029, March 971 2017. 973 [RFC8085] Eggert, L., Fairhurst, G., and G. Shepherd, "UDP Usage 974 Guidelines", BCP 145, RFC 8085, DOI 10.17487/RFC8085, 975 March 2017, . 977 [RFC8321] Fioccola, G. Ed., "Alternate-Marking Method for Passive 978 and Hybrid Performance Monitoring", RFC 8321, January 979 2018. 981 [RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L., 982 Decraene, B., Litkowski, S., and R. Shakir, "Segment 983 Routing Architecture", RFC 8402, DOI 10.17487/RFC8402, 984 July 2018, . 986 [I-D.spring-segment-routing-policy] Filsfils, C., et al., "Segment 987 Routing Policy Architecture", 988 draft-ietf-spring-segment-routing-policy, work in 989 progress. 991 [I-D.spring-sr-p2mp-policy] Voyer, D. Ed., et al., "SR Replication 992 Policy for P2MP Service Delivery", 993 draft-voyer-spring-sr-p2mp-policy, work in progress. 995 [I-D.6man-segment-routing-header] Filsfils, C., et al., "IPv6 996 Segment Routing Header (SRH)", 997 draft-ietf-6man-segment-routing-header, work in progress. 999 [I-D.pce-binding-label-sid] Filsfils, C., et al., "Carrying Binding 1000 Label/Segment-ID in PCE-based Networks", 1001 draft-ietf-pce-binding-label-sid, work in progress. 1003 [I-D.spring-mpls-path-segment] Cheng, W., et al., "Path Segment in 1004 MPLS Based Segment Routing Network", 1005 draft-ietf-spring-mpls-path-segment, work in progress. 1007 [I-D.ippm-stamp] Mirsky, G. et al. "Simple Two-way Active 1008 Measurement Protocol", draft-ietf-ippm-stamp, work in 1009 progress. 1011 [BBF.TR-390] "Performance Measurement from IP Edge to Customer 1012 Equipment using TWAMP Light", BBF TR-390, May 2017. 1014 [I-D.spring-ioam-sr-mpls] Gandhi, R. Ed., et al., "Segment Routing 1015 with MPLS Data Plane Encapsulation for In-situ OAM Data", 1016 draft-gandhi-spring-ioam-sr-mpls, work in progress. 1018 [I-D.spring-ioam-srv6]. Ali, Z., et al., "Segment Routing Header 1019 encapsulation for In-situ OAM Data", 1020 draft-ali-spring-ioam-srv6, work in progress. 1022 Acknowledgments 1024 The authors would like to thank Nagendra Kumar and Carlos Pignataro 1025 for the discussion on SRv6 Performance Measurement. The authors 1026 would like to thank Thierry Couture for the discussions on the 1027 use-cases for the performance measurement in segment routing 1028 networks. The authors would also like to thank Stewart Bryant for 1029 the discussion on UDP port allocation for Performance Measurement and 1030 Greg Mirsky for providing useful comments and suggestions. 1032 Contributors 1034 Sagar Soni 1035 Cisco Systems, Inc. 1036 Email: sagsoni@cisco.com 1038 Patrick Khordoc 1039 Cisco Systems, Inc. 1040 Email: pkhordoc@cisco.com 1042 Zafar Ali 1043 Cisco Systems, Inc. 1044 Email: zali@cisco.com 1046 Pier Luigi Ventre 1047 CNIT 1048 Italy 1049 Email: pierluigi.ventre@cnit.it 1051 Authors' Addresses 1053 Rakesh Gandhi (editor) 1054 Cisco Systems, Inc. 1055 Canada 1056 Email: rgandhi@cisco.com 1058 Clarence Filsfils 1059 Cisco Systems, Inc. 1060 Email: cfilsfil@cisco.com 1061 Daniel Voyer 1062 Bell Canada 1063 Email: daniel.voyer@bell.ca 1065 Stefano Salsano 1066 Universita di Roma "Tor Vergata" 1067 Italy 1068 Email: stefano.salsano@uniroma2.it 1070 Mach(Guoyi) Chen 1071 Huawei 1072 Email: mach.chen@huawei.com