idnits 2.17.1 draft-ietf-ippm-storetraceroutes-04.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** It looks like you're using RFC 3978 boilerplate. You should update this to the boilerplate described in the IETF Trust License Policy document (see https://trustee.ietf.org/license-info), which is required now. -- Found old boilerplate from RFC 3978, Section 5.1 on line 18. -- Found old boilerplate from RFC 3978, Section 5.5, updated by RFC 4748 on line 2147. -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 2158. -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 2165. -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 2171. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust Copyright Line does not match the current year == Line 1868 has weird spacing: '...A |Set the t...' -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (August 24, 2007) is 6061 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: '1-9' is mentioned on line 808, but not defined == Missing Reference: '0-9' is mentioned on line 809, but not defined == Missing Reference: '0-4' is mentioned on line 809, but not defined == Missing Reference: '0-5' is mentioned on line 809, but not defined == Unused Reference: 'RFC3032' is defined on line 1756, but no explicit reference was found in the text == Outdated reference: A later version (-26) exists of draft-ietf-ipfix-protocol-25 Summary: 1 error (**), 0 flaws (~~), 8 warnings (==), 7 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 IPPM Working Group S. Niccolini 3 Internet-Draft S. Tartarelli 4 Intended status: Standards Track J. Quittek 5 Expires: February 25, 2008 NEC 6 M. Swany 7 UDel 8 August 24, 2007 10 Information Model and XML Data Model for Traceroute Measurements 11 draft-ietf-ippm-storetraceroutes-04 13 Status of this Memo 15 By submitting this Internet-Draft, each author represents that any 16 applicable patent or other IPR claims of which he or she is aware 17 have been or will be disclosed, and any of which he or she becomes 18 aware will be disclosed, in accordance with Section 6 of BCP 79. 20 Internet-Drafts are working documents of the Internet Engineering 21 Task Force (IETF), its areas, and its working groups. Note that 22 other groups may also distribute working documents as Internet- 23 Drafts. 25 Internet-Drafts are draft documents valid for a maximum of six months 26 and may be updated, replaced, or obsoleted by other documents at any 27 time. It is inappropriate to use Internet-Drafts as reference 28 material or to cite them other than as "work in progress." 30 The list of current Internet-Drafts can be accessed at 31 http://www.ietf.org/ietf/1id-abstracts.txt. 33 The list of Internet-Draft Shadow Directories can be accessed at 34 http://www.ietf.org/shadow.html. 36 This Internet-Draft will expire on February 25, 2008. 38 Copyright Notice 40 Copyright (C) The IETF Trust (2007). 42 Abstract 44 This document describes a standard way to store the configuration and 45 the results of traceroute measurements. This document first of all 46 describes the tool itself; afterwards, the common information model 47 is defined dividing the information elements in two semantically 48 separated groups (configuration elements and results ones). Moreover 49 an additional element is defined to relate configuration elements and 50 results ones by means of a common unique identifier. On the basis of 51 the information model a data model based on XML is defined to store 52 the results of traceroute measurements. 54 Table of Contents 56 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 57 2. Terminology used in this document . . . . . . . . . . . . . . 3 58 3. The Traceroute tool and its operations . . . . . . . . . . . . 4 59 4. Results of traceroute measurements . . . . . . . . . . . . . . 4 60 5. Information Model for Traceroute Measurements . . . . . . . . 5 61 5.1. Data Types . . . . . . . . . . . . . . . . . . . . . . . . 6 62 5.2. Information Elements . . . . . . . . . . . . . . . . . . . 7 63 5.2.1. Configuration Information Elements . . . . . . . . . . 7 64 5.2.2. Results Information Elements . . . . . . . . . . . . . 11 65 5.2.3. Information Element Correlating Configuration and 66 Results Elements . . . . . . . . . . . . . . . . . . . 15 67 5.2.4. Information Elements to compare traceroute 68 measurements results one with each other . . . . . . . 15 69 6. Data Model for Storing Traceroute Measurements . . . . . . . . 16 70 7. XML Schema for traceroute Measurements . . . . . . . . . . . . 17 71 8. Security Considerations . . . . . . . . . . . . . . . . . . . 35 72 8.1. Conducting Traceroute Measurements . . . . . . . . . . . . 35 73 8.2. Securing Traceroute Measurements Information . . . . . . . 36 74 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 36 75 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 37 76 10.1. Normative References . . . . . . . . . . . . . . . . . . . 37 77 10.2. Informative References . . . . . . . . . . . . . . . . . . 37 78 Appendix A. Traceroute Default Configuration Parameters . . . . . 38 79 A.1. Alternative Traceroute Implementations . . . . . . . . . . 42 80 Appendix B. Known Problems with Traceroute . . . . . . . . . . . 42 81 B.1. Compatibility between traceroute measurements results 82 and IPPM metrics . . . . . . . . . . . . . . . . . . . . . 42 83 Appendix C. Differences to DISMAN-TRACEROUTE-MIB . . . . . . . . 43 84 C.1. Naming . . . . . . . . . . . . . . . . . . . . . . . . . . 44 85 C.2. Semantics . . . . . . . . . . . . . . . . . . . . . . . . 44 86 C.3. Additional Information Elements . . . . . . . . . . . . . 45 87 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 45 88 Intellectual Property and Copyright Statements . . . . . . . . . . 47 90 1. Introduction 92 Traceroutes are being used by lots of measurement efforts, either as 93 an independent measurement or to get path information to support 94 other measurement efforts. That is why there is the need to 95 standardize the way the configuration and the results of traceroute 96 measurements are stored. The standard metrics defined by IPPM 97 working group in matter of delay, connectivity and losses do not 98 apply to the metrics returned by the traceroute tool; therefore, in 99 order to compare results of traceroute measurements, the only 100 possibility is to add to the stored results a specification of the 101 operating system and version for the traceroute tool used. This 102 document, in order to store results of traceroute measurements and 103 allow comparison of them, defines a standard way to store them using 104 a XML schema. The document is organized as follows: Section 2 105 defines the terminology used in this document, Section 3 describes 106 the traceroute tool, Section 4 describes the results of a traceroute 107 measurement as displayed to the screen from which the traceroute tool 108 was launched. Section 5 and Section 6 respectively describe the 109 information model and data model for storing configuration and 110 results of the traceroute measurements. The document ends with 111 security considerations and IANA considerations in Section 8 and 112 Section 9 respectively. 114 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 115 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 116 document are to be interpreted as described in RFC 2119. 118 2. Terminology used in this document 120 The terminology used in this document is defined as follow: 121 o traceroute tool: a software tool for network diagnostic behaving 122 like described in Section 3; 123 o traceroute measurement: an instance of the traceroute tool 124 launched, with specific configuration parameters (traceroute 125 measurement configuration parameters), from a specific host 126 (initiator of the traceroute measurement) giving as output 127 specific traceroute measurement results; 128 o traceroute probe: one of many IP packets send out by the 129 traceroute tool during a traceroute measurement; 130 o traceroute measurement configuration parameters: the configuration 131 parameters of a traceroute measurement; 132 o traceroute measurement results: the results of a traceroute 133 measurement; 134 o traceroute measurement information: both the results and the 135 configuration parameters of a traceroute measurement; 137 o traceroute measurement path: a sequence of hosts transited in 138 order by traceroute probes during a traceroute measurement; 140 3. The Traceroute tool and its operations 142 Traceroute is a network diagnostic tool used to determine the hop by 143 hop path from a source to a destination and the Round Trip Time (RTT) 144 from the source to each hop. Traceroute can be therefore used to 145 discover some information (hop counts, delays, etc.) about the path 146 between the initiator of the traceroute measurement and other hosts. 148 Typically, the traceroute tool attempts to discover the path to a 149 destination by sending UDP probes with specific time-to-live (TTL) 150 values in the IP packet header and trying to elicit an ICMP 151 TIME_EXCEEDED response from each gateway along the path to some host. 153 More in detail, a first set of probes with TTL equal to 1 are sent by 154 the traceroute tool from the host initiating the traceroute 155 measurement (some tool implementations allow setting the initial TTL 156 to a value equal to "n" different from 1, so that the first "n-1" 157 hops are skipped and the first hop that will be traced is the "n-th" 158 in the path). Upon receiving a probe, the first hop host decreases 159 the TTL value by one. By observing a TTL value equal to zero, the 160 host rejects the probe and typically returns an ICMP message with a 161 TIME_EXCEEDED value. The traceroute tool can therefore derive the IP 162 address of the first hop from the header of the ICMP message and 163 evaluate the RTT between the host initiating the traceroute 164 measurement and the first hop. The next hops are discovered 165 following the same procedure, taking care of increasing at each step 166 the TTL value of the probes by one. The TTL value is increased until 167 either an ICMP PORT_UNREACHABLE message is received, meaning that the 168 destination host has been reached, or the maximum configured number 169 of hops has been hit. 171 Some implementations, use ICMP Echos, instead of UDP datagrams. 172 However, many routers do not return ICMP messages about ICMP 173 messages, i.e. no ICMP TIME_EXCEEDED is returned for an ICMP Echo. 174 Therefore, this document recommends to base implementations on UDP 175 datagrams. Considerations on TCP-based implementations of the 176 traceroute tool are reported in Appendix A.1. 178 4. Results of traceroute measurements 180 The following list reports the information fields provided as results 181 by all traceroute tool implementations considered. The order in 182 which they are reported here is not relevant and it changes in 183 different implementations. For each hop the information reported is: 184 o the hop index; 185 o the host symbolic address, provided that at least one of the 186 probes received a response, the symbolic address could be resolved 187 at the corresponding host and that the option to display only 188 numerical addresses was not set; 189 o the host IP address, provided that at least one of the probes 190 received a response; 191 o the RTT for each response to a probe. 192 Depending on the traceroute tool implementation, additional 193 information might be displayed in the output (for instance MPLS- 194 related information). 196 It might happen that some probes do not receive a response within the 197 configured time-out (for instance if the probe is filtered out by a 198 firewall). In this case, an "*" is displayed in place of the RTT. 199 The information model reflects this using a string with the value of 200 "RoundTripTimeNotAvailable" meaning either the probe was lost because 201 of a time-out or it was not possible to transmit a probe. It may 202 also happen that some implementations print the same line multiple 203 times when a router decreases the TTL by more than one looking like 204 multiple hops, the information model is not impacted by this since 205 each line is handled separately and it is left to the applications 206 handling the XML file how to deal with it. Moreover, for delays 207 below 1 ms, some implementations reports 0 ms (e.g. UNIX and LINUX) 208 while WINDOWS tracert reports "< 1 ms". 210 5. Information Model for Traceroute Measurements 212 The information model is composed of information elements; for 213 defining these information elements, a template is used. Such 214 template is specified in the list below: 216 o name - A unique and meaningful name for the information element. 217 The preferred spelling for the name is to use mixed case if the 218 name is compound, with an initial lower case letter, e.g., 219 "sourceIpAddress". 220 o description - The semantics of this information element. 221 o dataType - One of the types listed in Section 5.1 of this document 222 or in an extension of the information model. The type space for 223 attributes is constrained to facilitate implementation. 224 o units - If the element is a measure of some kind, the units 225 identify what the measure is. 226 o default value - The default value for the element (where 227 applicable). 229 5.1. Data Types 231 This section describes the set of valid data types of the information 232 model. 234 o String - The type "String" represents a finite length string of 235 valid characters from the Unicode character encoding set. Unicode 236 allows for ASCII and many other international character sets to be 237 used. It is expected that strings will be encoded in UTF-8 238 format, which is identical in encoding for USASCII characters, but 239 also accommodates other Unicode multi-byte characters. 240 o InetAddressType - The type "InetAddressType" represents a type of 241 Internet address. The allowed values are to be intended as 242 imported from [RFC4001]; an additional allowed value is 243 "asnumber". 244 o InetAddress - The type "InetAddress" denotes a generic Internet 245 address. The allowed values are to be intended as imported from 246 [RFC4001]; an additional allowed value is the AS number to be 247 indicated as the actual number plus the indication how the mapping 248 from IP address to AS number was performed. 249 o TruthValue - The type "TruthValue" represents a Boolean value. 250 The allowed values are to be intended as imported from [RFC2579]. 251 o Unsigned32 - The type "Unsigned32" represents a value in the range 252 (0..4294967295). 253 o Unsigned16 - The type "Unsigned16" represents a value in the range 254 (0..65535). 255 o Unsigned8 - The type "Unsigned32" represents a value in the range 256 (0..255). 257 o InterfaceIndexOrZero - The type "InterfaceIndexOrZero" is an 258 extension of the InterfaceIndex convention. The latter defines a 259 greater than zero value used to identify an interface or interface 260 sub-layer in the system. This extension permits the additional 261 value of zero. Examples of the usage of zero might include 262 situations where interface was unknown, or when none or all 263 interfaces need to be referenced. The allowed values are to be 264 intended as imported from [RFC2863]. 265 o ProbesType - The type "ProbesType" represents a way of indicating 266 the protocol used for the traceroute probes. Allowed values are 267 UDP, TCP, ICMP. 268 o DateAndTime - The type "DateAndTime" represents a date-time 269 specification. The allowed values are to be intended as imported 270 from [RFC2579] apart from the fact that in this document there is 271 the need to use a millisecond resolution instead a decisecond one. 272 o OperationResponseStatus - The type "OperationResponseStatus" is 273 used to report the result of an operation. The allowed values are 274 to be intended as imported from [RFC4560]. 276 5.2. Information Elements 278 This section describes the elements related to the storing of a 279 traceroute measurement. The elements are grouped in two groups 280 (Configuration and Results) according to their semantics. In order 281 to relate configuration and results elements by means of a common 282 unique identifier, an additional element is defined belonging to both 283 the two groups. 285 5.2.1. Configuration Information Elements 287 This section describes the elements specific to the configuration of 288 the traceroute measurement. 290 5.2.1.1. CtlTargetAddressType 292 o name - CtlTargetAddressType 293 o description - Specifies the type of destination address used in 294 the traceroute measurement. 295 o dataType - InetAddressType 296 o units - N/A 297 o default value - N/A 299 5.2.1.2. CtlTargetAddress 301 o name - CtlTargetAddress 302 o description - Specifies the host address used in the traceroute 303 measurement. The host address type can be determined by the 304 examining the value of the corresponding CtlTargetAddressType. 305 o dataType - InetAddress 306 o units - N/A 307 o default value - N/A 309 5.2.1.3. CtlBypassRouteTable 311 o name - CtlBypassRouteTable 312 o description - Specifies if the optional bypassing of the route 313 table was enabled or not. If enabled, the normal routing tables 314 will be bypassed and the probes will be sent directly to a host on 315 an attached network. If the host is not on a directly-attached 316 network, an error is returned. This option can be used to perform 317 the traceroute measurement to a local host through an interface 318 that has no route defined. 319 o dataType - TruthValue 320 o units - N/A 321 o default value - false 323 5.2.1.4. CtlProbeDataSize 325 o name - CtlProbeDataSize 326 o description - Specifies the size of the probes of a traceroute 327 measurement in octets. If UDP datagrams are used as probes, then 328 the value contained in this object is exact. If another protocol 329 is used to transmit probes (i.e. TCP or ICMP) for which the 330 specified size is not appropriate, then the implementation can use 331 whatever size (appropriate to the method) is closest to the 332 specified size. The maximum value for this object was computed by 333 subtracting the smallest possible IP header size of 20 octets 334 (IPv4 header with no options) and the UDP header size of 8 octets 335 from the maximum IP packet size. An IP packet has a maximum size 336 of 65535 octets (excluding IPv6 Jumbograms). 337 o dataType - Unsigned32 338 o units - octets 339 o default value - 0 341 5.2.1.5. CtlTimeOut 343 o name - CtlTimeOut 344 o description - Specifies the time-out value, in seconds, for each 345 probe of a traceroute measurement. 346 o dataType - Unsigned32 347 o units - seconds 348 o default value - 3 350 5.2.1.6. CtlProbesPerHop 352 o name - CtlProbesPerHop 353 o description - Specifies the number of probes with the same time- 354 to-live (TTL) value that are sent for each host. 355 o dataType - Unsigned32 356 o units - probes 357 o default value - 3 359 5.2.1.7. CtlPort 361 o name - CtlPort 362 o description - Specifies the base UDP port used by the traceroute 363 measurement. A port that is not in use at the destination 364 (target) host needs to be specified. The default value for this 365 object is the IANA assigned port, 33434, for the traceroute 366 measurement. 367 o dataType - Unsigned32 368 o units - UDP Port 369 o default value - 33434 371 5.2.1.8. CtlMaxTtl 373 o name - CtlMaxTtl 374 o description - Specifies the maximum TTL value for the traceroute 375 measurement. 376 o dataType - Unsigned32 377 o units - time-to-live value 378 o default value - 30 380 5.2.1.9. CtlDSField 382 o name - CtlDSField 383 o description - Specifies the value that was stored in the 384 Differentiated Services (DS) field in the traceroute probe. The 385 DS Field is defined as the Type of Service (TOS) octet in a IPv4 386 header or as the Traffic Class octet in a IPv6 header. The value 387 of this object must be a decimal integer in the range from 0 to 388 255. This option can be used to determine what effect an explicit 389 DS field setting has on a traceroute measurement and its probes. 390 Not all values are legal or meaningful. Useful TOS octet values 391 are probably '16' (low delay) and '8' (high throughput). Further 392 references can be found in [RFC2474] for the definition of the 393 Differentiated Services (DS) field and to [RFC1812] Section 5.3.2 394 for Type of Service (TOS). 395 o dataType - Unsigned32 396 o units - N/A 397 o default value - 0 399 5.2.1.10. CtlSourceAddressType 401 o name - CtlSourceAddressType 402 o description - Specifies the type of the source address, 403 CtlSourceAddress, used in the traceroute measurement. 404 o dataType - InetAddressType 405 o units - N/A 406 o default value - N/A 408 5.2.1.11. CtlSourceAddress 410 o name - CtlSourceAddress 411 o description - Specifies the IP address (which has to be given as 412 an IP number, not a hostname) as the source address used in 413 traceroute probes. On hosts with more than one IP address, this 414 option can be used to force the source address to be something 415 other than the primary IP address of the interface the probe is 416 sent on. A zero length octet string value for this object means 417 that source address specification was disabled. The address type 418 (InetAddressType) that relates to this object is specified by the 419 corresponding value of CtlSourceAddressType. 420 o dataType - InetAddress 421 o units - N/A 422 o default value - N/A 424 5.2.1.12. CtlIfIndex 426 o name - CtlIfIndex 427 o description - Specifies the interface index used in the traceroute 428 measurement for sending the traceroute probes. A value of zero 429 for this object implies that the interface was unknown. 430 o dataType - InterfaceIndexOrZero 431 o units - N/A 432 o default value - 0 434 5.2.1.13. CtlMiscOptions 436 o name - CtlMiscOptions 437 o description - Specifies implementation dependent options. 438 o dataType - String 439 o units - N/A 440 o default value - N/A 442 5.2.1.14. CtlMaxFailures 444 o name - CtlMaxFailures 445 o description - Specifies the maximum number of consecutive timeouts 446 allowed before terminating a traceroute measurement. A value of 447 either 255 (maximum hop count/possible TTL value) or a 0 indicates 448 that the function of terminating a remote traceroute measurement 449 when a specific number of consecutive timeouts are detected was 450 disabled. This element is included to give full compatibility 451 with [RFC4560]. No known implementation of traceroute currently 452 supports it. 453 o dataType - Unsigned32 454 o units - timeouts 455 o default value - 5 457 5.2.1.15. CtlDontFragment 459 o name - CtlDontFragment 460 o description - Specifies if the don't fragment flag (DF) in the IP 461 header for a probe was enabled or not. Setting the DF flag can be 462 used for performing a manual PATH MTU test. 464 o dataType - TruthValue 465 o units - N/A 466 o default value - false 468 5.2.1.16. CtlInitialTtl 470 o name - CtlInitialTtl 471 o description - Specifies the initial TTL value used in a traceroute 472 measurement. Such TTL setting is intended to bypass the initial 473 (often well known) portion of a path. 474 o dataType - Unsigned32 475 o units - N/A 476 o default value - 1 478 5.2.1.17. CtlDescr 480 o name - CtlDescr 481 o description - The purpose of this element is to provide a 482 description of the traceroute measurement. 483 o dataType - String 484 o units - N/A 485 o default value - N/A 487 5.2.1.18. CtlType 489 o name - CtlType 490 o description - Specifies the implementation method used for the 491 traceroute measurement. It specifies if the traceroute is using 492 TCP, UDP or ICMP probes. 493 o dataType - ProbesType 494 o units - N/A 495 o default value - UDP 497 5.2.2. Results Information Elements 499 This section describes the elements specific to the results of the 500 traceroute measurement. 502 5.2.2.1. ResultsStartDateAndTime 504 o name - ResultsStartDateAndTime 505 o description - Specifies the date and start time of the traceroute 506 measurement. This is the time when the first probe was seen at 507 the sending interface. 508 o dataType - DateAndTime 509 o units - N/A 510 o default value - N/A 512 5.2.2.2. ResultsIpTgtAddrType 514 o name - ResultsIpTgtAddrType 515 o description - Specifies the type of address stored in the 516 corresponding ResultsIpTgtAddr element. 517 o dataType - InetAddressType 518 o units - N/A 519 o default value - N/A 521 5.2.2.3. ResultsIpTgtAddr 523 o name - ResultsIpTgtAddr 524 o description - Specifies the IP address associated with a 525 CtlTargetAddress value when the destination address is specified 526 as a DNS name. The value of this object should be a zero length 527 octet string when a DNS name is not specified or when a specified 528 DNS name fails to resolve. 529 o dataType - InetAddress 530 o units - N/A 531 o default value - N/A 533 5.2.2.4. Index 535 o name - Index 536 o description - Specifies an index that consecutively numbers all 537 probes for which a reply was received in the sequential order in 538 which the replies were received. The maximum value for this 539 object is CtlMaxTtl*CtlProbesPerHop. 540 o dataType - Unsigned32 541 o units - N/A 542 o default value - N/A 544 5.2.2.5. HopIndex 546 o name - HopIndex 547 o description - Specifies which hop in a traceroute measurement path 548 the probe's results are for. 549 o dataType - Unsigned32 550 o units - N/A 551 o default value - N/A 553 5.2.2.6. IndexPerHop 555 o name - IndexPerHop 556 o description - Specifies the index of a probe for a particular hop 557 in a traceroute measurement path. The number of probes per hop is 558 determined by the value of the corresponding CtlProbesPerHop 559 element. 560 o dataType - Unsigned32 561 o units - N/A 562 o default value - N/A 564 5.2.2.7. HopAddrType 566 o name - HopAddrType 567 o description - Specifies the type of address stored in the 568 corresponding HopAddr element. 569 o dataType - InetAddressType 570 o units - N/A 571 o default value - N/A 573 5.2.2.8. HopAddr 575 o name - HopAddr 576 o description - Specifies the address of a hop in the traceroute 577 measurement path. This object is not allowed to be a DNS name. 578 The value of the corresponding object, HopAddrType, indicates this 579 object's IP address type. 580 o dataType - InetAddress 581 o units - N/A 582 o default value - N/A 584 5.2.2.9. HopGeoLocation 586 o name - HopGeoLocation 587 o description - Specifies the geo location of a hop in the 588 traceroute measurement path. 589 o dataType - String 590 o units - N/A 591 o default value - N/A 593 5.2.2.10. MPLSTopLabel 595 o name - MPLSTopLabel 596 o description - Specifies the top entry of the MPLS label stack of a 597 probe observed when the probe arrived at the hop that replied to 598 the probe. This object contains the top MPLS label stack entry as 599 32 bit value as it is observed on the MPLS label stack. Contained 600 in this single number are the MPLS label, the Exp field, the S 601 flag, and the MPLS TTL value as specified in RFC 3032. 603 o dataType - Unsigned32 604 o units - N/A 605 o default value - N/A 607 5.2.2.11. RoundTripTime 609 o name - RoundTripTime 610 o description - Specifies the amount of time measured in 611 milliseconds from when a probe was sent to when its response was 612 received or when it timed out. The value of this element is 613 reported as the truncation of the number reported by the 614 traceroute tool (the output "< 1 ms" is therefore encoded as 0 615 ms). A string with the value of "RoundTripTimeNotAvailable" means 616 either the probe was lost because of a timeout or it was not 617 possible to transmit a probe. 618 o dataType - Unsigned32 or String 619 o units - milliseconds or N/A 620 o default value - N/A 622 5.2.2.12. ResponseStatus 624 o name - ResponseStatus 625 o description - Specifies the result of a traceroute measurement 626 made by the host for a particular probe. 627 o dataType - OperationResponseStatus 628 o units - N/A 629 o default value - N/A 631 5.2.2.13. Time 633 o name - Time 634 o description - Specifies the timestamp for when the response to the 635 probe was received at the interface. 636 o dataType - DateAndTime 637 o units - N/A 638 o default value - N/A 640 5.2.2.14. ResultsHopRawOutputData 642 o name - ResultsHopRawOutputData 643 o description - Specifies the raw output data returned by the 644 traceroute measurement for a certain hop in a traceroute 645 measurement path. 646 o dataType - String 647 o units - N/A 648 o default value - N/A 650 5.2.2.15. ResultsEndDateAndTime 652 o name - ResultsEndDateAndTime 653 o description - Specifies the date and end time of the traceroute 654 measurement. It is either the time when the response to the last 655 probe of the traceroute measurement was received or the time when 656 the last probe of the traceroute measurement was sent plus the 657 relative timeout (in case of missing response). 658 o dataType - DateAndTime 659 o units - N/A 660 o default value - N/A 662 5.2.3. Information Element Correlating Configuration and Results 663 Elements 665 This section defines an additional element belonging to both the two 666 previous groups (configuration elements and result elements) named 667 TestName. This element is defined in order to relate configuration 668 elements and results ones by means of a common unique identifier. 670 5.2.3.1. TestName 672 o name - TestName 673 o description - Specifies the name of a traceroute measurement. 674 This is locally unique. 675 o dataType - String 676 o units - N/A 677 o default value - N/A 679 5.2.4. Information Elements to compare traceroute measurements results 680 one with each other 682 This section defines additional elements belonging to both the two 683 previous groups (configuration elements and result elements); these 684 elements were defined in order to allow traceroute measurements 685 results comparison among different traceroute measurements. 687 5.2.4.1. OSName 689 o name - OSName 690 o description - Specifies the name of the operating system on which 691 the traceroute measurement was launched. 692 o dataType - String 693 o units - N/A 694 o default value - N/A 696 5.2.4.2. OSVersion 698 o name - OSVersion 699 o description - Specifies the OS version on which the traceroute 700 measurement was launched. 701 o dataType - String 702 o units - N/A 703 o default value - N/A 705 5.2.4.3. ToolVersion 707 o name - ToolVersion 708 o description - Specifies the version of the traceroute tool used. 709 o dataType - String 710 o units - N/A 711 o default value - N/A 713 6. Data Model for Storing Traceroute Measurements 715 For storing and transmitting information according to the information 716 model defined in the previous section, a data model is required that 717 specifies how to encode the elements of the information model. 719 There are several design choices for a data model. It can use a 720 binary or textual representation and it can be defined from scratch 721 or use already existing frameworks and data models. In general, the 722 use of already existing frameworks and models should be preferred. 724 Binary and textual representation both have advantages and 725 disadvantages. Textual representations are (with some limitations) 726 human readable while a binary representation consumes less resources 727 for storing, transmitting and parsing data. 729 An already existing and closely related data model is the DISMAN- 730 TRACEROUTE-MIB module [RFC4560], that specifies a BER encoding 731 [RFC3417] used by the Simple Network Management Protocol (SNMP) 732 [RFC3410] for transmitting traceroute measurement information 733 (configuration and results). This data model is well suited and 734 supported within network management systems, but as a general format 735 for storing and transmitting traceroute results it is not easily 736 applicable. 738 Another binary representation would be an extension of traffic flow 739 information encodings as specified for the IPFIX protocol 740 [I-D.ietf-ipfix-protocol], [I-D.ietf-ipfix-info]. The IPFIX protocol 741 is extensible. However, the architecture behind this protocol 742 [I-D.ietf-ipfix-architecture] is targeted at exporting passively 743 measured flow information. Therefore, some obstacles are expected 744 when trying to use it for transmitting traceroute measurements 745 information. 747 For textual representations, using the eXtensible Markup Language 748 (XML) [XML] is an obvious choice. XML supports clean structuring of 749 data and syntax checking of records. With some limitations it is 750 human readable. It is supported well by a huge pool of tools and 751 standards for generating, transmitting, parsing and converting it to 752 other data formats. Its disadvantages is the resource consumption 753 for processing, storing, and transmitting information. Since the 754 expected data volumes related to traceroute measurements in network 755 operation and maintenance is not expected to be extremely high, the 756 inefficient usage of resources is not a significant disadvantage. 757 Therefore, XML was chosen as basis for the traceroute measurements 758 information model that is specified in this section. 760 Section 7 contains the XML schema to be used as a template for 761 storing and/or exchanging traceroute measurements information. The 762 schema was designed in order to use an extensible approach based on 763 templates (pretty similar to how IPFIX protocol is designed) where 764 the traceroute configuration elements (both the requested parameters, 765 Request, and the actual parameters used, MeasurementMetadata) are 766 metadata to be referenced by results information elements (data) by 767 means of the TestName element (used as unique identifier). Currently 768 Open Grid Forum (OGF) is also using this approach and cross- 769 requirements have been analyzed. As a result of this analysis the 770 XML schema contained in Section 7 is compatible with OGF schema since 771 it was designed in a way that both limits the unnecessary redundancy 772 and a simple one-to-one transformation between the two exist. 774 7. XML Schema for traceroute Measurements 776 777 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 799 800 801 802 803 805 806 807 810 811 813 814 815 817 818 820 821 822 823 824 826 827 828 830 831 832 833 834 835 836 838 839 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 857 858 859 861 862 863 864 865 867 868 869 Specifies the name of a 870 traceroute measurement. This is locally unique. 871 872 873 874 875 876 878 879 880 Specifies the name of the operating 881 system on which the traceroute measurement was 882 launched. 883 884 885 886 887 888 890 891 892 Specifies the OS version on which the 893 traceroute measurement was launched. 894 895 896 897 898 899 901 902 903 Specifies the version of the traceroute 904 tool used. 905 906 907 908 909 910 912 913 914 Specifies if the optional bypassing 915 of the route table was enabled or not. If enabled, 916 the normal routing tables will be bypassed and the 917 probes will be sent directly to a host on an attached 918 network. If the host is not on a directly-attached 919 network, an error is returned. This option can be 920 used to perform the traceroute measurement to a 921 local host through an interface that has no route 922 defined. 923 924 925 926 928 929 930 Specifies the size of the probes 931 of a traceroute measurement in octets. If UDP 932 datagrams are used as probes, then the value 933 contained in this object is exact. If another 934 protocol is used to transmit probes (i.e. TCP or 935 ICMP) for which the specified size is not 936 appropriate, then the implementation can use 937 whatever size (appropriate to the method) is 938 closest to the specified size. The maximum value 939 for this object was computed by subtracting the 940 smallest possible IP header size of 20 octets (IPv4 941 header with no options) and the UDP header size of 942 8 octets from the maximum IP packet size. An IP 943 packet has a maximum size of 65535 octets (excluding 944 IPv6 Jumbograms). 945 946 947 948 949 950 952 953 954 Specifies the time-out value, in 955 seconds, for each probe of a traceroute measurement. 956 957 958 959 960 961 962 964 965 966 Specifies the number of probes 967 with the same time-to-live (TTL) value that are 968 sent for each host. 969 970 971 972 973 974 975 977 978 979 Specifies the base UDP port used 980 by the traceroute measurement. A port that is not 981 in use at the destination (target) host needs to be 982 specified. The default value for this object is the 983 IANA assigned port, 33434, for the traceroute 984 measurement. 985 986 987 988 989 990 992 993 994 Specifies the maximum TTL value 995 for the traceroute measurement. 996 997 998 999 1000 1001 1003 1004 1005 Specifies the value that was 1006 stored in the Differentiated Services (DS) field 1007 in the traceroute probe. The DS Field is defined 1008 as the Type of Service (TOS) octet in a IPv4 header 1009 or as the Traffic Class octet in a IPv6 header. 1010 The value of this object must be a decimal integer 1011 in the range from 0 to 255. This option can be 1012 used to determine what effect an explicit DS field 1013 setting has on a traceroute measurement and its 1014 probes. Not all values are legal or meaningful. 1015 Useful TOS octet values are probably '16' (low 1016 delay) and '8' (high throughput). Further references 1017 can be found in RFC 2474 for the definition of the 1018 Differentiated Services (DS) field and to RFC 1812 1019 Section 5.3.2 for Type of Service (TOS). 1020 1021 1022 1023 1025 1026 1027 Specifies the interface index 1028 used in the traceroute measurement for sending 1029 the traceroute probes. A value of zero for this 1030 object implies that the interface was unknown. 1031 1032 1033 1034 1036 1037 1038 Specifies implementation dependent 1039 options. 1040 1041 1042 1043 1044 1046 1047 1048 Specifies the maximum number 1049 of consecutive timeouts allowed before terminating 1050 a traceroute measurement. A value of either 255 1051 (maximum hop count/possible TTL value) or a 0 1052 indicates that the function of terminating a 1053 remote traceroute measurement when a specific 1054 number of consecutive timeouts are detected was 1055 disabled. This element is included to give full 1056 compatibility with RFC 4560. No known implementation 1057 of traceroute currently supports it. 1058 1059 1060 1061 1063 1064 1065 Specifies if the don't fragment 1066 flag (DF) in the IP header for a probe was enabled 1067 or not. Setting the DF flag can be used for 1068 performing a manual PATH MTU test. 1069 1070 1071 1072 1074 1075 1076 Specifies the initial TTL 1077 value used in a traceroute measurement. Such 1078 TTL setting is intended to bypass the initial 1079 (often well known) portion of a path. 1080 1081 1082 1083 1084 1085 1087 1088 1089 The purpose of this element 1090 is to provide a description of the traceroute 1091 measurement. 1092 1093 1094 1095 1096 1097 1099 1100 1101 Specifies the implementation 1102 method used for the traceroute measurement. 1103 It specifies if the traceroute is using TCP, 1104 UDP or ICMP probes. 1105 1106 1107 1108 1109 1110 1111 1112 1114 1115 1116 Specifies an index that 1117 consecutively numbers all probes for which 1118 a reply was received in the sequential order 1119 in which the replies were received. The 1120 maximum value for this object is 1121 CtlMaxTtl*CtlProbesPerHop. 1122 1123 1124 1125 1126 1127 1128 1130 1131 1132 Specifies which hop in a 1133 traceroute measurement path the probe's 1134 results are for. 1135 1136 1137 1138 1139 1140 1142 1143 1144 Specifies the index of a 1145 probe for a particular hop in a traceroute 1146 measurement path. The number of probes per hop 1147 is determined by the value of the corresponding 1148 CtlProbesPerHop element. 1149 1150 1151 1152 1153 1154 1155 1157 1158 1159 Specifies the geo location of a 1160 hop in the traceroute measurement path. 1161 1162 1163 1164 1165 1166 1168 1169 1170 Specifies the top entry of the 1171 MPLS label stack of a probe observed when the probe 1172 arrived at the hop that replied to the probe. 1173 This object contains the top MPLS label stack 1174 entry as 32 bit value as it is observed on the MPLS 1175 label stack. Contained in this single number are the 1176 MPLS label, the Exp field, the S flag, and the MPLS 1177 TTL value as specified in RFC 3032. 1178 1179 1180 1181 1182 1183 1185 1186 1187 1188 1189 1191 1192 1193 1194 1195 1197 1198 1199 Specifies the raw output data 1200 returned by the traceroute measurement for a certain 1201 hop in a traceroute measurement path. 1202 1203 1204 1205 1206 1207 1209 1210 1211 Specifies the AS number of a hop in the 1212 traceroute path as a 24 bit number and the indication how 1213 the mapping from IP address to AS number was performed. 1214 1215 1216 1217 1219 1221 1223 1225 1226 1227 1229 1231 1233 1235 1237 1238 1240 1241 1242 1244 1246 1248 1250 1252 1253 1255 1256 1257 1259 1261 1262 1264 1265 1266 Specifies the type of destination 1267 address used in the traceroute measurement. 1268 1269 1270 1271 1273 1274 1276 1277 1278 Specifies the host address 1279 used in the traceroute measurement. The host 1280 address type can be determined by the examining 1281 the value of the corresponding CtlTargetAddressType. 1282 1283 1284 1285 1286 1287 1289 1290 1291 Specifies the type of the source 1292 address, CtlSourceAddress, used in the traceroute 1293 measurement. 1294 1295 1296 1297 1299 1300 1302 1303 1304 Specifies the IP address (which 1305 has to be given as an IP number, not a hostname) 1306 as the source address used in traceroute probes. 1307 On hosts with more than one IP address, this option 1308 can be used to force the source address to be 1309 something other than the primary IP address of the 1310 interface the probe is sent on. A zero length 1311 octet string value for this object means that 1312 source address specification was disabled. The 1313 address type (InetAddressType) that relates to 1314 this object is specified by the corresponding 1315 value of CtlSourceAddressType. 1316 1317 1318 1319 1321 1322 1324 1325 1326 Specifies the date and start 1327 time of the traceroute measurement. This is the 1328 time when the first probe was seen at the sending 1329 interface. 1330 1331 1332 1333 1334 1335 1337 1338 1339 Specifies the type of address stored 1340 in the corresponding ResultsIpTgtAddr element. 1341 1342 1343 1344 1346 1347 1349 1350 1351 Specifies the IP address associated 1352 with a CtlTargetAddress value when the destination 1353 address is specified as a DNS name. The value of 1354 this object should be a zero length octet string 1355 when a DNS name is not specified or when a specified 1356 DNS name fails to resolve. 1357 1358 1359 1360 1362 1363 1365 1366 1367 Specifies the type of address stored 1368 in the corresponding HopAddr element. 1369 1370 1371 1372 1374 1375 1377 1378 1379 Specifies the address of a 1380 hop in the traceroute measurement path. This 1381 object is not allowed to be a DNS name. The 1382 value of the corresponding object, HopAddrType, 1383 indicates this object's IP address type. 1384 1385 1386 1387 1389 1390 1392 1393 1394 Specifies the amount of 1395 time measured in milliseconds from when a 1396 probe was sent to when its response was 1397 received or when it timed out. The value of 1398 this element is reported as the truncation 1399 of the number reported by the traceroute 1400 tool (the output "< 1 ms" is therefore 1401 encoded as 0 ms). A string with the value of 1402 "RoundTripTimeNotAvailable" means either the 1403 probe was lost because of a timeout or it 1404 was not possible to transmit a probe. 1405 1406 1407 1408 1410 1412 1413 1414 1415 1416 Specifies the result of a traceroute 1417 measurement made by the host for a particular probe. 1418 1419 1420 1421 1423 1424 1426 1427 1428 Specifies the timestamp for 1429 when the response to the probe was received at the 1430 interface. 1431 1432 1433 1434 1435 1436 1438 1439 1440 1442 1444 1446 1448 1450 1453 1456 1458 1460 1463 1464 1466 1467 1468 Specifies the date and end time 1469 of the traceroute measurement. It is either the 1470 time when the response to the last probe of the 1471 traceroute measurement was received or the time 1472 when the last probe of the traceroute measurement 1473 was sent plus the relative timeout (in case of 1474 missing response). 1475 1476 1477 1478 1479 1480 1482 1483 1484 Specifies the metadata for a 1485 traceroute operation. In a request, these are the 1486 requested parameters. In a response, they are the 1487 actual parameters used. 1488 1489 1490 1491 1493 1496 1499 1502 1504 1506 1510 1513 1516 1519 1522 1525 1528 1530 1532 1535 1538 1541 1544 1547 1550 1554 1555 1557 1558 1559 1560 Contains the actual traceroute measurement 1561 results. 1562 1563 1564 1565 1567 1569 1571 1573 1576 1579 1581 1582 1584 1585 1586 1587 1589 1590 1591 1593 1594 1595 1597 1598 1599 1601 1603 1604 1605 1608 1610 1611 1612 1614 1616 1617 1618 1620 1622 1624 1625 1626 1628 1629 1633 1635 8. Security Considerations 1637 Security considerations in this section discuss are grouped into 1638 considerations related to conducting traceroute measurements and 1639 considerations related to storing and transmitting traceroute 1640 measurements information. 1642 This memo does not specify an implementation of a traceroute tool. 1643 Neither does it specify a certain procedure for storing traceroute 1644 measurements information. Still it is considered desirable to 1645 discuss related security issues below. 1647 8.1. Conducting Traceroute Measurements 1649 Conducting Internet measurements can raise both security and privacy 1650 concerns. Traceroute measurements, in which traffic is injected into 1651 the network, can be abused for denial-of-service attacks disguised as 1652 legitimate measurement activity. 1654 Measurement parameters MUST be carefully selected so that the 1655 measurements inject trivial amounts of additional traffic into the 1656 networks they measure. If they inject "too much" traffic, they can 1657 skew the results of the measurement, and in extreme cases cause 1658 congestion and denial of service. 1660 The measurements themselves could be harmed by routers giving 1661 measurement traffic a different priority than "normal" traffic, or by 1662 an attacker injecting artificial measurement traffic. If routers can 1663 recognize measurement traffic and treat it separately, the 1664 measurements will not reflect actual user traffic. If an attacker 1665 injects artificial traffic that is accepted as legitimate, the loss 1666 rate will be artificially lowered. Therefore, the measurement 1667 methodologies SHOULD include appropriate techniques to reduce the 1668 probability measurement traffic can be distinguished from "normal" 1669 traffic. 1671 Authentication techniques, such as digital signatures, may be used 1672 where appropriate to guard against injected traffic attacks. 1674 8.2. Securing Traceroute Measurements Information 1676 Traceroute measurement information are not considered highly 1677 sensitive. Still, they may contain sensitive information on network 1678 paths, routing states, use IP addresses, and roundtrip times, that 1679 the operator a networks may want to detect for business or security 1680 reasons. 1682 It is thus important to control access to Information acquired by 1683 conducting traceroute measurements, particularly when transmitting it 1684 over a networks but also when storing it. It is RECOMMENDED that 1685 transmission of traceroute measurement information over a network 1686 uses appropriate protection mechanisms for preserving privacy, 1687 integrity and authenticity. It is further RECOMMENDED that secure 1688 authentication and authorization are used for protecting stored 1689 traceroute measurement information. 1691 9. IANA Considerations 1693 This document uses URNs to describe an XML namespace and an XML 1694 schema for traceroute measurements information storing and 1695 transmission conforming to a registry mechanism described in 1696 [RFC3688]. Two URI assignments are requested. 1697 1. Registration request for the IPPM traceroute measurements 1698 namespace 1699 * URI: urn:ietf:params:xml:ns:traceroute-1.0 1700 * Registrant Contact: IESG 1701 * XML: None. Namespace URIs do not represent an XML 1702 2. Registration request for the IPPM traceroute measurements schema 1703 * URI: urn:ietf:params:xml:schema:traceroute-1.0 1704 * Registrant Contact: IESG 1705 * XML: See the section Section 7 of this document. 1707 10. References 1709 10.1. Normative References 1711 [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. 1712 Schoenwaelder, Ed., "Textual Conventions for SMIv2", 1713 STD 58, RFC 2579, April 1999. 1715 [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group 1716 MIB", RFC 2863, June 2000. 1718 [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. 1719 Schoenwaelder, "Textual Conventions for Internet Network 1720 Addresses", RFC 4001, February 2005. 1722 [RFC4560] Quittek, J. and K. White, "Definitions of Managed Objects 1723 for Remote Ping, Traceroute, and Lookup Operations", 1724 RFC 4560, June 2006. 1726 10.2. Informative References 1728 [I-D.ietf-ipfix-architecture] 1729 Sadasivan, G., "Architecture for IP Flow Information 1730 Export", draft-ietf-ipfix-architecture-12 (work in 1731 progress), September 2006. 1733 [I-D.ietf-ipfix-info] 1734 Quittek, J., "Information Model for IP Flow Information 1735 Export", draft-ietf-ipfix-info-15 (work in progress), 1736 February 2007. 1738 [I-D.ietf-ipfix-protocol] 1739 Claise, B., "Specification of the IPFIX Protocol for the 1740 Exchange of IP Traffic Flow Information", 1741 draft-ietf-ipfix-protocol-25 (work in progress), 1742 August 2007. 1744 [RFC1812] Baker, F., "Requirements for IP Version 4 Routers", 1745 RFC 1812, June 1995. 1747 [RFC2474] Nichols, K., Blake, S., Baker, F., and D. Black, 1748 "Definition of the Differentiated Services Field (DS 1749 Field) in the IPv4 and IPv6 Headers", RFC 2474, 1750 December 1998. 1752 [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. 1753 Schoenwaelder, Ed., "Structure of Management Information 1754 Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. 1756 [RFC3032] Rosen, E., Tappan, D., Fedorkow, G., Rekhter, Y., 1757 Farinacci, D., Li, T., and A. Conta, "MPLS Label Stack 1758 Encoding", RFC 3032, January 2001. 1760 [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, 1761 "Introduction and Applicability Statements for Internet- 1762 Standard Management Framework", RFC 3410, December 2002. 1764 [RFC3417] Presuhn, R., "Transport Mappings for the Simple Network 1765 Management Protocol (SNMP)", STD 62, RFC 3417, 1766 December 2002. 1768 [RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688, 1769 January 2004. 1771 [XML] Yergeau et al., F., "Extensible Markup Language (XML) 1.0 1772 (Third Edition)", W3C Recommendation, February 2004. 1774 Appendix A. Traceroute Default Configuration Parameters 1776 This section lists traceroute measurement configuration parameters as 1777 well as their defaults on various platforms and illustrates how 1778 widely they may vary. This document considered four major traceroute 1779 tool implementations and compared them based on configurable 1780 parameters and default values. The LINUX (SUSE 9.1), BSD (FreeBSD 1781 7.0) and UNIX (SunOS 5.9) implementations are based on UDP datagrams, 1782 while the WINDOWS (XP SP2) one uses ICMP Echos. The comparison is 1783 summarized in the following table, where an N/A in the option column, 1784 means that such parameter is not configurable for the specific 1785 implementation. A comprehensive comparison of available 1786 implementations is outside the scope of this document; however, 1787 already by sampling a few different implementations, it can be 1788 observed that they can differ quite significantly in terms of 1789 configurable parameters and also default values. Note that in the 1790 following table only those options which are available in at least 1791 two of the considered implementations are reported. 1793 +---------------------------------------------------------+ 1794 | OS |Option| Description | Default | 1795 +--------+------+-------------------------------+---------+ 1796 | LINUX | -m |Specify the maximum TTL used | 30 | 1797 |--------+------|in traceroute probes. |---------| 1798 | FreeBSD| -m | | OS var | 1799 |--------+------| |---------| 1800 | UNIX | -m | | 30 | 1801 |--------+------| |---------| 1802 | WINDOWS| -h | | 30 | 1803 +--------+------+-------------------------------+---------+ 1804 | LINUX | -n |Display hop addresses | - | 1805 |--------+------|numerically rather than |---------| 1806 | FreeBSD| -n |symbolically. | - | 1807 |--------+------| |---------| 1808 | UNIX | -n | | - | 1809 |--------+------| |---------| 1810 | WINDOWS| -d | | - | 1811 +--------+------+-------------------------------+---------+ 1812 | LINUX | -w |Set the time to wait for a | 3 sec | 1813 |--------+------|response to a probe. |---------| 1814 | FreeBSD| -w | | 5 sec | 1815 |--------+------| |---------| 1816 | UNIX | -w | | 5 sec | 1817 |--------+------| |---------| 1818 | WINDOWS| -w | | 4 sec | 1819 +--------+------+-------------------------------+---------+ 1820 | LINUX | N/A |Specify a loose source route | - | 1821 |--------+------|gateway (to direct the |---------| 1822 | FreeBSD| -g |traceroute probes through | - | 1823 |--------+------|routers not necessarily in |---------| 1824 | UNIX | -g | the path). | - | 1825 |--------+------| |---------| 1826 | WINDOWS| -g | | - | 1827 +--------+------+-------------------------------+---------+ 1828 | LINUX | -p |Set the base UDP port number | 33434 | 1829 |------- +------|used in traceroute probes |---------| 1830 | FreeBSD| -p |(UDP port = base + nhops - 1). | 33434 | 1831 |--------+------| |---------| 1832 | UNIX | -p | | 33434 | 1833 |--------+------| |---------| 1834 | WINDOWS| N/A | | - | 1835 +--------+------+-------------------------------+---------+ 1836 | LINUX | -q |Set the number of probes per | 3 | 1837 |--------+------|TTL. |---------| 1838 | FreeBSD| -q | | 3 | 1839 |--------+------| |---------| 1840 | UNIX | -q | | 3 | 1841 |--------+------| |---------| 1842 | WINDOWS| N/A | | 3 | 1843 +--------+------+-------------------------------+---------+ 1844 | LINUX | -S |Set the IP source address in |IP | 1845 |--------+------|outgoing probes to the |address | 1846 | FreeBSD| -s |specified value. |of the | 1847 |--------+------| |out | 1848 | UNIX | -s | |interface| 1849 |--------+------| | | 1850 | WINDOWS| N/A | | | 1851 +--------+------+-------------------------------+---------+ 1852 | LINUX | -t |Set the type-of-service (TOS) | 0 | 1853 |--------+------|in the probes to the specified |---------| 1854 | FreeBSD| -t |value. | 0 | 1855 |--------+------| |---------| 1856 | UNIX | -t | | 0 | 1857 |--------+------| |---------| 1858 | WINDOWS| N/A | | 0 | 1859 +--------+------+-------------------------------+---------+ 1860 | LINUX | -v |Verbose output: received ICMP | - | 1861 |--------+------|packets other than |---------| 1862 | FreeBSD| -v |TIME_EXCEEDED and | - | 1863 |--------+------|UNREACHABLE are listed. |---------| 1864 | UNIX | -v | | - | 1865 |--------+------| |---------| 1866 | WINDOWS| N/A | | - | 1867 +--------+------+-------------------------------+---------+ 1868 | LINUX | N/A |Set the time (in msec) to | - | 1869 |--------+------|pause between probes. |---------| 1870 | FreeBSD| -z | | 0 | 1871 |--------+------| |---------| 1872 | UNIX | -P | | 0 | 1873 |--------+------| |---------| 1874 | WINDOWS| N/A | | - | 1875 +--------+------+-------------------------------+---------+ 1876 | LINUX | -r |Bypass the normal routing | - | 1877 |--------+------|tables and send directly to a |---------| 1878 | FreeBSD| -r |host on attached network. | - | 1879 |--------+------| |---------| 1880 | UNIX | -r | | - | 1881 |--------+------| |---------| 1882 | WINDOWS| N/A | | - | 1883 +--------+------+-------------------------------+---------+ 1884 | LINUX | -f |Set the initial TTL for the | 1 | 1885 |--------+------|first probe. |---------| 1886 | FreeBSD| -f | | 1 | 1887 |--------+------| |---------| 1888 | UNIX | -f | | 1 | 1889 |--------+------| |---------| 1890 | WINDOWS| N/A | | 1 | 1891 +--------+------+-------------------------------+---------+ 1892 | LINUX | -F |Set the "don't fragment" bit. | - | 1893 |--------+------| |---------| 1894 | FreeBSD| -F | | - | 1895 |--------+------| |---------| 1896 | UNIX | -F | | - | 1897 |--------+------| |---------| 1898 | WINDOWS| N/A | | - | 1899 +--------+------+-------------------------------+---------+ 1900 | LINUX | N/A |Enables socket level debugging.| - | 1901 |--------+------| |---------| 1902 | FreeBSD| -d | | - | 1903 |--------+------| |---------| 1904 | UNIX | -d | | - | 1905 |--------+------| |---------| 1906 | WINDOWS| N/A | | - | 1907 +--------+------+-------------------------------+---------+ 1908 | LINUX | N/A |Use ICMP ECHO instead of UDP | - | 1909 |--------+------|datagrams. |---------| 1910 | FreeBSD| -I | | - | 1911 |--------+------| |---------| 1912 | UNIX | -I | | - | 1913 |--------+------| |---------| 1914 | WINDOWS| N/A | | - | 1915 +--------+------+-------------------------------+---------+ 1916 | LINUX | -I |Specify a network interface to | - | 1917 |--------+------|obtain the IP address for |---------| 1918 | FreeBSD| -i |outgoing IP packets | - | 1919 |--------+------|(alternative to option -s). |---------| 1920 | UNIX | -i | | - | 1921 |--------+------| |---------| 1922 | WINDOWS| N/A | | - | 1923 +--------+------+-------------------------------+---------+ 1924 | LINUX | N/A |Toggle checksum. | - | 1925 |--------+------| |---------| 1926 | FreeBSD| -x | | - | 1927 |--------+------| |---------| 1928 | UNIX | -x | | - | 1929 |--------+------| |---------| 1930 | WINDOWS| N/A | | - | 1931 +--------+------+-------------------------------+---------+ 1932 | LINUX | - |As optional last parameter, |Depends | 1933 |--------+------|LINUX, FreeBSD and UNIX |on | 1934 | FreeBSD| - |implementations allow |implement| 1935 |--------+------|specifying the probe datagram |ation. | 1936 | UNIX | - |length for outgoing probes. | | 1937 |--------+------| | | 1938 | WINDOWS| N/A | | | 1939 +--------+------+-------------------------------+---------+ 1941 A.1. Alternative Traceroute Implementations 1943 As stated above, the widespread use of firewalls might prevent UDP or 1944 ICMP based traceroutes to completely trace the path to a destination, 1945 since traceroute probes might end up being filtered. In some cases, 1946 such limitation might be overcome by sending instead TCP packets to 1947 specific ports that hosts located behind the firewall are listening 1948 for connections on. TCP based implementations use TCP SYN or FIN 1949 probes and listen for TIME_EXCEEDED messages, TCP RESET and other 1950 messages from firewalls and gateways on the path. On the other hand, 1951 some firewalls filter out TCP SYN packets to prevent denial of 1952 service attacks, therefore the actual advantage of using TCP instead 1953 of UDP traceroute depends mainly on firewall configurations, which 1954 are not known in advance. A detailed analysis of TCP-based 1955 traceroute tools and measurements was outside the scope of this 1956 document, anyway for completeness reasons the information model 1957 supports the storing of TCP-based traceroute measurements, too. 1959 Appendix B. Known Problems with Traceroute 1961 B.1. Compatibility between traceroute measurements results and IPPM 1962 metrics 1964 Because of implementation choices, a known inconsistency exists 1965 between the round-trip delay metric defined by the IPPM working group 1966 in RFC 2681 and the results returned by the current traceroute tool 1967 implementations. Unfortunately, it is unlikely that the traceroute 1968 tool implementations will implement the standard definition in the 1969 near future. The only possibility is therefore to compare results of 1970 different traceroute measurements one with each other; in order to do 1971 this, specifications both of the operating system (name and version) 1972 and of the traceroute tool version used were added to the metadata 1973 elements in order to help in comparing metrics between two different 1974 traceroute measurements results (if run using the same operating 1975 system and the same version of the tool). Moreover, the traceroute 1976 tool has built-in configurable mechanisms like time-outs and can 1977 experience problems related to the crossing of firewalls; therefore 1978 some of the packets that traceroute sends out end up being time-out 1979 or filtered. As a consequence, it might not be possible to trace the 1980 path to a node or there might not be a complete set of probes 1981 describing the RTT to reach it. 1983 Appendix C. Differences to DISMAN-TRACEROUTE-MIB 1985 For performing remote traceroute operations at managed node, the IETF 1986 has standardized the DISMAN-TRACEROUTE-MIB module in [RFC4560]. This 1987 module allows: 1989 o retrieving capability information of the traceroute tool 1990 implementation at the managed node, 1991 o configuring traceroute measurements to be performed, 1992 o retrieving information about ongoing and completed traceroute 1993 measurements, 1994 o retrieving traceroute measurement statistics. 1996 The traceroute storage format described in this document has 1997 significant overlaps with this MIB module. Particularly, the models 1998 for the traceroute measurement configuration and for the result from 1999 completed measurements are almost identical. But for other pats of 2000 the DISMAN-TRACEROUTE MIB module there is no need to model them in a 2001 traceroute measurements storage format. Particularly, the capability 2002 information, information about ongoing measurements and measurement 2003 statistics are not covered by the DISMAN traceroute storage model. 2005 Concerning traceroute measurements and their results, there are 2006 structural differences between the two models caused by the different 2007 choices for the encoding of the specification. For DISMAN- 2008 TRACEROUTE-MIB, the Structure of Management Information (SMIv2, STD 2009 58, RFC 2578 [RFC2578]) was used, while the IPPM traceroute 2010 measurements data model is encoded using XML. 2012 This difference in structure implies that the DISMAN-TRACEROUTE-MIB 2013 module contains SMI-specific information element (managed objects) 2014 that concern tables of managed objects (specification, entry creation 2015 and deletion, status retrieval) that are not required for the XML- 2016 encoded traceroute measurements data model. 2018 But for most of the remaining information elements that concern 2019 configuration of traceroute measurements and results of completed 2020 measurements, the semantics is identical between the DISMAN- 2021 TRACEROUTE-MIB module and the traceroute measurements data model. 2022 There are very few exceptions to this which are listed below. Also 2023 naming of information elements is identical between both models with 2024 a few exceptions. For the traceroute measurements data model, a few 2025 information elements have been added, some because of the different 2026 structure and some to provide additional information on completed 2027 measurements. 2029 C.1. Naming 2031 Basically, names in both models are chosen using the same naming 2032 conventions. 2034 For the traceroute measurement configuration information all names, 2035 such as CtlProbesPerHop, are identical in both models except for the 2036 traceRoute prefix that was removed to avoid unnecessary redundancy in 2037 the XML file and for CtlDataSize which was renamed to 2038 CtlProbeDataSize for clarification in the traceroute measurements 2039 data model. 2041 Results of measurements in the DISMAN-TRACEROUTE-MIB modules are 2042 distributed over two tables, the traceRouteResultsTable containing 2043 mainly information about ongoing measurements and the 2044 traceRouteProbeHistoryTable containing only information about 2045 completed measurements. According to the SMIv2 naming conventions 2046 names of information elements in these tables have different prefixes 2047 (traceRouteResults and traceRouteProbeHistory). Since the traceroute 2048 measurements data model only reports on completed measurements, this 2049 separation is not needed anymore and the prefix "Results" is used for 2050 all related information elements. 2052 Beyond that, there are only a few changes in element names. The 2053 renaming actions include: 2055 o traceRouteProbeHistoryProbeIndex to IndexPerHop, 2056 o traceRouteProbeHistoryResponse to RoundTripTime, 2057 o traceRouteProbeHistoryTime to ResultsEndDateAndTime, 2058 o traceRouteProbeHistoryLastRC to ResultsHopRawOutputData. 2060 C.2. Semantics 2062 The semantics was changed for two information elements only. 2064 For traceRouteProbeHistoryResponse in the DISMAN-TRACEROUTE-MIB, a 2065 value of 0 indicated, that it was not possible to transmit a probe. 2066 For the traceroute measurements data model, a value of 0 for element 2067 RoundTripTime indicates that the measured time was less than one 2068 millisecond, while for the case that it was not possible to transmit 2069 a probe a string is used that indicates the problem. 2071 For traceRouteCtlIfIndex in the DISMAN-TRACEROUTE-MIB, a value of 0 2072 indicated, that it the option to set the index is not available. 2073 This was translated to the traceroute measurements data model, such 2074 that a value of 0 for this element indicates that the used interface 2075 is unknown. 2077 The element traceRouteProbeHistoryLastRC in the DISMAN-TRACEROUTE-MIB 2078 was replaced by element ResultsHopRawOutputData. While 2079 traceRouteProbeHistoryLastRC just reports a reply code, 2080 ResultsHopRawOutputData reports the full raw output data produced by 2081 the traceroute measurements that was used. 2083 C.3. Additional Information Elements 2085 Only a few information elements have been added to the model of the 2086 DISMAN-TRACEROUTE-MIB module. 2088 o For providing geographical information about hops in the 2089 traceroute measurement path, HopGeoLocation was added. 2090 o For providing the top MPLS label stack entry of a probe in the 2091 traceroute measurement path MPLSTopLabel was added. 2092 o For providing additional timestamp beyond ResultsEndDateAndTime, 2093 ResultsStartDateAndTime and Time were added. 2095 Authors' Addresses 2097 Saverio Niccolini 2098 Network Laboratories, NEC Europe Ltd. 2099 Kurfuersten-Anlage 36 2100 Heidelberg 69115 2101 Germany 2103 Phone: +49 (0) 6221 4342 118 2104 Email: saverio.niccolini@netlab.nec.de 2105 URI: http://www.netlab.nec.de 2107 Sandra Tartarelli 2108 Network Laboratories, NEC Europe Ltd. 2109 Kurfuersten-Anlage 36 2110 Heidelberg 69115 2111 Germany 2113 Phone: +49 (0) 6221 4342 132 2114 Email: sandra.tartarelli@netlab.nec.de 2115 URI: http://www.netlab.nec.de 2116 Juergen Quittek 2117 Network Laboratories, NEC Europe Ltd. 2118 Kurfuersten-Anlage 36 2119 Heidelberg 69115 2120 Germany 2122 Phone: +49 (0) 6221 4342 115 2123 Email: quittek@netlab.nec.de 2124 URI: http://www.netlab.nec.de 2126 Martin Swany 2127 Dept. of Computer and Information Sciences, University of Delaware 2128 Newark DE 19716 2129 U.S.A. 2131 Email: swany@UDel.Edu 2133 Full Copyright Statement 2135 Copyright (C) The IETF Trust (2007). 2137 This document is subject to the rights, licenses and restrictions 2138 contained in BCP 78, and except as set forth therein, the authors 2139 retain all their rights. 2141 This document and the information contained herein are provided on an 2142 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 2143 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND 2144 THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS 2145 OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF 2146 THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 2147 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 2149 Intellectual Property 2151 The IETF takes no position regarding the validity or scope of any 2152 Intellectual Property Rights or other rights that might be claimed to 2153 pertain to the implementation or use of the technology described in 2154 this document or the extent to which any license under such rights 2155 might or might not be available; nor does it represent that it has 2156 made any independent effort to identify any such rights. Information 2157 on the procedures with respect to rights in RFC documents can be 2158 found in BCP 78 and BCP 79. 2160 Copies of IPR disclosures made to the IETF Secretariat and any 2161 assurances of licenses to be made available, or the result of an 2162 attempt made to obtain a general license or permission for the use of 2163 such proprietary rights by implementers or users of this 2164 specification can be obtained from the IETF on-line IPR repository at 2165 http://www.ietf.org/ipr. 2167 The IETF invites any interested party to bring to its attention any 2168 copyrights, patents or patent applications, or other proprietary 2169 rights that may cover technology that may be required to implement 2170 this standard. Please address the information to the IETF at 2171 ietf-ipr@ietf.org. 2173 Acknowledgment 2175 Funding for the RFC Editor function is provided by the IETF 2176 Administrative Support Activity (IASA).