idnits 2.17.1 draft-ietf-mboned-mtrace-v2-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** The document seems to lack a License Notice according IETF Trust Provisions of 28 Dec 2009, Section 6.b.i or Provisions of 12 Sep 2009 Section 6.b -- however, there's a paragraph with a matching beginning. Boilerplate error? (You're using the IETF Trust Provisions' Section 6.b License Notice from 12 Feb 2009 rather than one of the newer Notices. See https://trustee.ietf.org/license-info/.) Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 7 instances of lines with non-RFC2606-compliant FQDNs in the document. == There are 1 instance of lines with multicast IPv4 addresses in the document. If these are generic example addresses, they should be changed to use the 233.252.0.x range defined in RFC 5771 Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords -- however, there's a paragraph with a matching beginning. Boilerplate error? (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document seems to contain a disclaimer for pre-RFC5378 work, and may have content which was first submitted before 10 November 2008. The disclaimer is necessary when there are original authors that you have been unable to contact, or if some do not wish to grant the BCP78 rights to the IETF Trust. If you are able to get all authors (current and original) to grant those rights, you can and should remove the disclaimer; otherwise, the disclaimer is needed and you can ignore this comment. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (October 26, 2009) is 5294 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: '2' is defined on line 1313, but no explicit reference was found in the text == Unused Reference: '5' is defined on line 1322, but no explicit reference was found in the text ** Obsolete normative reference: RFC 2460 (ref. '2') (Obsoleted by RFC 8200) ** Obsolete normative reference: RFC 2373 (ref. '3') (Obsoleted by RFC 3513) ** Obsolete normative reference: RFC 2434 (ref. '4') (Obsoleted by RFC 5226) ** Downref: Normative reference to an Informational RFC: RFC 1071 (ref. '5') ** Obsolete normative reference: RFC 4601 (ref. '8') (Obsoleted by RFC 7761) == Outdated reference: A later version (-18) exists of draft-ietf-mboned-auto-multicast-08 Summary: 6 errors (**), 0 flaws (~~), 7 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 MBONED Working Group H. Asaeda 3 Internet-Draft Keio University 4 Intended status: Standards Track T. Jinmei 5 Expires: April 29, 2010 ISC 6 W. Fenner 7 Arastra, Inc. 8 S. Casner 9 Packet Design, Inc. 10 October 26, 2009 12 Mtrace Version 2: Traceroute Facility for IP Multicast 13 draft-ietf-mboned-mtrace-v2-05 15 Status of this Memo 17 This Internet-Draft is submitted to IETF in full conformance with the 18 provisions of BCP 78 and BCP 79. This document may contain material 19 from IETF Documents or IETF Contributions published or made publicly 20 available before November 10, 2008. The person(s) controlling the 21 copyright in some of this material may not have granted the IETF 22 Trust the right to allow modifications of such material outside the 23 IETF Standards Process. Without obtaining an adequate license from 24 the person(s) controlling the copyright in such materials, this 25 document may not be modified outside the IETF Standards Process, and 26 derivative works of it may not be created outside the IETF Standards 27 Process, except to format it for publication as an RFC or to 28 translate it into languages other than English. 30 Internet-Drafts are working documents of the Internet Engineering 31 Task Force (IETF), its areas, and its working groups. Note that 32 other groups may also distribute working documents as Internet- 33 Drafts. 35 Internet-Drafts are draft documents valid for a maximum of six months 36 and may be updated, replaced, or obsoleted by other documents at any 37 time. It is inappropriate to use Internet-Drafts as reference 38 material or to cite them other than as "work in progress." 40 The list of current Internet-Drafts can be accessed at 41 http://www.ietf.org/ietf/1id-abstracts.txt. 43 The list of Internet-Draft Shadow Directories can be accessed at 44 http://www.ietf.org/shadow.html. 46 This Internet-Draft will expire on April 29, 2010. 48 Copyright Notice 49 Copyright (c) 2009 IETF Trust and the persons identified as the 50 document authors. All rights reserved. 52 This document is subject to BCP 78 and the IETF Trust's Legal 53 Provisions Relating to IETF Documents in effect on the date of 54 publication of this document (http://trustee.ietf.org/license-info). 55 Please review these documents carefully, as they describe your rights 56 and restrictions with respect to this document. 58 Abstract 60 This document describes the IP multicast traceroute facility. Unlike 61 unicast traceroute, multicast traceroute requires special 62 implementations on the part of routers. This specification describes 63 the required functionality in multicast routers, as well as how 64 management applications can use the router functionality. 66 Table of Contents 68 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 6 69 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 7 70 3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 71 4. Packet Formats . . . . . . . . . . . . . . . . . . . . . . . . 9 72 4.1. Mtrace2 TLV format . . . . . . . . . . . . . . . . . . . . 9 73 4.2. Defined TLVs . . . . . . . . . . . . . . . . . . . . . . . 9 74 5. Mtrace2 Query Header . . . . . . . . . . . . . . . . . . . . . 10 75 5.1. # hops: 8 bits . . . . . . . . . . . . . . . . . . . . . . 10 76 5.2. Multicast Address . . . . . . . . . . . . . . . . . . . . 10 77 5.3. Source Address . . . . . . . . . . . . . . . . . . . . . . 11 78 5.4. Destination Address . . . . . . . . . . . . . . . . . . . 11 79 5.5. Query ID: 16 bits . . . . . . . . . . . . . . . . . . . . 11 80 5.6. Client Port # . . . . . . . . . . . . . . . . . . . . . . 11 81 6. IPv4 Mtrace2 Standard Response Block . . . . . . . . . . . . . 12 82 6.1. Query Arrival Time: 32 bits . . . . . . . . . . . . . . . 12 83 6.2. Incoming Interface Address: 32 bits . . . . . . . . . . . 13 84 6.3. Outgoing Interface Address: 32 bits . . . . . . . . . . . 13 85 6.4. Previous-Hop Router Address: 32 bits . . . . . . . . . . . 13 86 6.5. Input packet count on incoming interface: 64 bits . . . . 13 87 6.6. Output packet count on incoming interface: 64 bits . . . . 13 88 6.7. Total number of packets for this source-group pair: 64 89 bits . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 90 6.8. Rtg Protocol: 16 bits . . . . . . . . . . . . . . . . . . 14 91 6.9. Multicast Rtg Protocol: 16 bits . . . . . . . . . . . . . 14 92 6.10. Fwd TTL: 8 bits . . . . . . . . . . . . . . . . . . . . . 14 93 6.11. MBZ: 8 bit . . . . . . . . . . . . . . . . . . . . . . . . 14 94 6.12. S: 1 bit . . . . . . . . . . . . . . . . . . . . . . . . . 14 95 6.13. Src Mask: 7 bits . . . . . . . . . . . . . . . . . . . . . 14 96 6.14. Forwarding Code: 8 bits . . . . . . . . . . . . . . . . . 14 97 7. IPv6 Mtrace2 Standard Response Block . . . . . . . . . . . . . 17 98 7.1. Query Arrival Time: 32 bits . . . . . . . . . . . . . . . 17 99 7.2. Incoming Interface ID: 32 bits . . . . . . . . . . . . . . 17 100 7.3. Outgoing Interface ID: 32 bits . . . . . . . . . . . . . . 18 101 7.4. Local Address . . . . . . . . . . . . . . . . . . . . . . 18 102 7.5. Remote Address . . . . . . . . . . . . . . . . . . . . . . 18 103 7.6. Input packet count on incoming interface . . . . . . . . . 18 104 7.7. Output packet count on incoming interface . . . . . . . . 18 105 7.8. Total number of packets for this source-group pair . . . . 18 106 7.9. Rtg Protocol: 16 bits . . . . . . . . . . . . . . . . . . 19 107 7.10. Multicast Rtg Protocol: 16 bits . . . . . . . . . . . . . 19 108 7.11. MBZ: 15 bits . . . . . . . . . . . . . . . . . . . . . . . 19 109 7.12. S: 1 bit . . . . . . . . . . . . . . . . . . . . . . . . . 19 110 7.13. Src Prefix Len: 8 bits . . . . . . . . . . . . . . . . . . 19 111 7.14. Forwarding Code: 8 bits . . . . . . . . . . . . . . . . . 19 112 8. Mtrace2 Augmented Response Block . . . . . . . . . . . . . . . 20 113 9. Router Behavior . . . . . . . . . . . . . . . . . . . . . . . 21 114 9.1. Traceroute Query . . . . . . . . . . . . . . . . . . . . . 21 115 9.1.1. Packet Verification . . . . . . . . . . . . . . . . . 21 116 9.1.2. Normal Processing . . . . . . . . . . . . . . . . . . 21 117 9.2. Mtrace2 Request . . . . . . . . . . . . . . . . . . . . . 21 118 9.2.1. Packet Verification . . . . . . . . . . . . . . . . . 22 119 9.2.2. Normal Processing . . . . . . . . . . . . . . . . . . 22 120 9.3. Forwarding Mtrace2 Requests . . . . . . . . . . . . . . . 24 121 9.4. Sending Mtrace2 Responses . . . . . . . . . . . . . . . . 24 122 9.4.1. Destination Address . . . . . . . . . . . . . . . . . 24 123 9.4.2. Source Address . . . . . . . . . . . . . . . . . . . . 24 124 9.5. Proxying Mtrace2 Queries . . . . . . . . . . . . . . . . . 24 125 9.6. Hiding Information . . . . . . . . . . . . . . . . . . . . 25 126 10. Client Behavior . . . . . . . . . . . . . . . . . . . . . . . 26 127 10.1. Sending Mtrace2 Queries . . . . . . . . . . . . . . . . . 26 128 10.2. Determining the Path . . . . . . . . . . . . . . . . . . . 26 129 10.3. Collecting Statistics . . . . . . . . . . . . . . . . . . 26 130 10.4. Last Hop Router . . . . . . . . . . . . . . . . . . . . . 26 131 10.5. First Hop Router . . . . . . . . . . . . . . . . . . . . . 27 132 10.6. Broken Intermediate Router . . . . . . . . . . . . . . . . 27 133 10.7. Mtrace2 Termination . . . . . . . . . . . . . . . . . . . 27 134 10.7.1. Arriving at source . . . . . . . . . . . . . . . . . . 27 135 10.7.2. Fatal error . . . . . . . . . . . . . . . . . . . . . 27 136 10.7.3. No previous hop . . . . . . . . . . . . . . . . . . . 27 137 10.7.4. Traceroute shorter than requested . . . . . . . . . . 28 138 10.8. Continuing after an error . . . . . . . . . . . . . . . . 28 139 11. Protocol-Specific Considerations . . . . . . . . . . . . . . . 29 140 11.1. PIM-SM . . . . . . . . . . . . . . . . . . . . . . . . . . 29 141 11.2. Bi-Directional PIM . . . . . . . . . . . . . . . . . . . . 29 142 11.3. PIM-DM . . . . . . . . . . . . . . . . . . . . . . . . . . 29 143 11.4. IGMP/MLD Proxy . . . . . . . . . . . . . . . . . . . . . . 29 144 11.5. AMT . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 145 12. Problem Diagnosis . . . . . . . . . . . . . . . . . . . . . . 31 146 12.1. Forwarding Inconsistencies . . . . . . . . . . . . . . . . 31 147 12.2. TTL or Hop Limit Problems . . . . . . . . . . . . . . . . 31 148 12.3. Packet Loss . . . . . . . . . . . . . . . . . . . . . . . 31 149 12.4. Link Utilization . . . . . . . . . . . . . . . . . . . . . 32 150 12.5. Time Delay . . . . . . . . . . . . . . . . . . . . . . . . 32 151 13. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 33 152 13.1. Forwarding Codes . . . . . . . . . . . . . . . . . . . . . 33 153 13.2. UDP Destination Port and IPv6 Address . . . . . . . . . . 33 154 14. Security Considerations . . . . . . . . . . . . . . . . . . . 34 155 14.1. Topology Discovery . . . . . . . . . . . . . . . . . . . . 34 156 14.2. Traffic Rates . . . . . . . . . . . . . . . . . . . . . . 34 157 14.3. Limiting Query/Request Rates . . . . . . . . . . . . . . . 34 158 15. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 35 159 16. References . . . . . . . . . . . . . . . . . . . . . . . . . . 36 160 16.1. Normative References . . . . . . . . . . . . . . . . . . . 36 161 16.2. Informative References . . . . . . . . . . . . . . . . . . 36 162 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 38 164 1. Introduction 166 The unicast "traceroute" program allows the tracing of a path from 167 one machine to another. The key mechanism for unicast traceroute is 168 the ICMP TTL exceeded message, which is specifically precluded as a 169 response to multicast packets. On the other hand, the multicast 170 traceroute facility allows the tracing of an IP multicast routing 171 paths. In this document, we specify the multicast "traceroute" 172 facility to be implemented in multicast routers and accessed by 173 diagnostic programs. The multicast traceroute described in this 174 document named as mtrace version 2 or mtrace2 provides additional 175 information about packet rates and losses that the unicast traceroute 176 cannot, and generally requires fewer packets to be sent. 178 o. To be able to trace the path that a packet would take from some 179 source to some destination. 181 o. To be able to isolate packet loss problems (e.g., congestion). 183 o. To be able to isolate configuration problems (e.g., TTL 184 threshold). 186 o. To minimize packets sent (e.g. no flooding, no implosion). 188 This document supports both IPv4 and IPv6 multicast traceroute 189 facility. The protocol design, concept, and program behavior are 190 same between IPv4 and IPv6 mtrace2. While the original IPv4 191 multicast traceroute, mtrace, the query and response messages are 192 implemented as IGMP messages [12], all mtrace2 messages are carried 193 on UDP. The packet formats of IPv4 and IPv6 mtrace2 are different 194 because of the different address families, but the syntax is similar. 196 2. Terminology 198 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL 199 NOT","SHOULD", "SHOULD NOT", "RECOMMENDED","MAY", and "OPTIONAL" in 200 this document are to be interpreted as described in RFC 2119 [1]. 202 Since multicast traceroutes flow in the opposite direction to the 203 data flow, we refer to "upstream" and "downstream" with respect to 204 data, unless explicitly specified. 206 Incoming interface: 207 The interface on which traffic is expected from the specified source 208 and group. 210 Outgoing interface: 211 The interface on which traffic is forwarded from the specified source 212 and group toward the destination. It is the interface on which the 213 multicast traceroute Request was received. 215 Previous-hop router: 216 The router that is on the link attached to the Incoming Interface and 217 is responsible for forwarding traffic for the specified source and 218 group. 220 Group state: 221 It is the state in which a shared-tree protocol (e.g., PIM-SM [8]) 222 running on a router chooses the previous-hop router toward the core 223 router or Rendezvous Point (RP) as its parent router. In this state, 224 source-specific state is not available for the corresponding 225 multicast address on the router. 227 Source-specific state: 228 It is the state in which a routing protocol running on a router 229 chooses the path that would be followed for a source-specific join. 231 ALL-[protocol]-ROUTERS.MCAST.NET: 232 It is a dedicated multicast address for a multicast router to 233 communicate with other routers that are working with the same routing 234 protocol. For instance,the address of ALL-PIM-ROUTERS.MCAST.NET is 235 '224.0.0.13' for IPv4 and 'ff02::d' for IPv6. 237 3. Overview 239 Given a multicast distribution tree, tracing from a source to a 240 multicast destination is hard, since you don't know down which branch 241 of the multicast tree the destination lies. This means that you have 242 to flood the whole tree to find the path from one source to one 243 destination. However, walking up the tree from destination to source 244 is easy, as most existing multicast routing protocols know the 245 previous hop for each source. Tracing from destination to source can 246 involve only routers on the direct path. 248 The party requesting the traceroute sends a traceroute Query packet 249 to the last-hop multicast router for the given destination. The 250 last-hop router turns the Query into a Request packet by adding a 251 response data block containing its interface addresses and packet 252 statistics, and then forwards the Request packet via unicast to the 253 router that it believes is the proper previous hop for the given 254 source and group. Each hop adds its response data to the end of the 255 Request packet, then unicast forwards it to the previous hop. The 256 first hop router (the router that believes that packets from the 257 source originate on one of its directly connected networks) changes 258 the packet type to indicate a Response packet and sends the completed 259 response to the response destination address. The response may be 260 returned before reaching the first hop router if a fatal error 261 condition such as "no route" is encountered along the path. 263 Multicast traceroute uses any information available to it in the 264 router to attempt to determine a previous hop to forward the trace 265 towards. Multicast routing protocols vary in the type and amount of 266 state they keep; multicast traceroute endeavors to work with all of 267 them by using whatever is available. For example, if a PIM-SM router 268 is on the (*,G) tree, it chooses the parent towards the RP as the 269 previous hop. In these cases, no source/group-specific state is 270 available, but the path may still be traced. 272 4. Packet Formats 274 Mtrace2 message is encoded in TLV format. If an implementation 275 receives a TLV whose length exceeds the TLV length specified in the 276 Length field, the TLV SHOULD be accepted but any additional data 277 SHOULD be ignored. 279 4.1. Mtrace2 TLV format 281 0 1 2 3 282 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 283 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 284 | Type | Length | Value .... | 285 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 287 Type (8 bits) 289 Length (16 bits) 291 Value (variable length) 293 4.2. Defined TLVs 295 The following TLV Types are defined: 297 Code Type 298 ====== ====================================== 299 1 Mtrace2 Query 300 2 Mtrace2 Response 301 3 Mtrace2 Standard Response Block 302 4 Mtrace2 Augmented Response Block 304 An mtrace2 message MUST contain one Mtrace2 Query or Response. An 305 mtrace2 message MAY contain one or multiple Mtrace2 Standard and 306 Augmented Responses. A multicast router that sends mtrace2 request 307 MUST NOT contain multiple Mtrace2 Standard blocks but MAY contain 308 multiple Augmented Response blocks. 310 The type field is defined to be "0x1" for mtrace2 queries and 311 requests. The type field is changed to "0x2" when the packet is 312 completed and sent as a response from the first hop router to the 313 querier. Two codes are required so that multicast routers will not 314 attempt to process a completed response in those cases where the 315 initial query was issued from a router. 317 5. Mtrace2 Query Header 319 The mtrace2 message is carried as a UDP packet. The UDP source port 320 is uniquely selected by the local host operating system. The UDP 321 destination port is the IANA reserved mtrace2 port number (see 322 Section 13). The UDP checksum MUST be valid in mtrace2 messages. 324 The mtrace2 message includes the common mtrace2 Query header as 325 follows. The header is only filled in by the originator of the 326 mtrace2 Query; intermediate routers MUST NOT modify any of the 327 fields. 329 0 1 2 3 330 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 331 +-+-+-+-+-+-+-+-+ 332 | # hops | 333 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 334 | | 335 | Multicast Address | 336 | | 337 +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 338 | | 339 | Source Address | 340 | | 341 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 342 | | 343 | Destination Address | 344 | | 345 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 346 | Query ID | Client Port # | 347 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 349 Figure 1 351 5.1. # hops: 8 bits 353 This field specifies the maximum number of hops that the requester 354 wants to trace. If there is some error condition in the middle of 355 the path that keeps the mtrace2 request from reaching the first-hop 356 router, this field can be used to perform an expanding-ring search to 357 trace the path to just before the problem. 359 5.2. Multicast Address 361 This field specifies the 32 bits length IPv4 or 128 bits length IPv6 362 multicast address to be traced, or is filled with "all 1" in case of 363 IPv4 or with the unspecified address (::) in case of IPv6 if no 364 group-specific information is desired. Note that non-group-specific 365 mtrace2 MUST specify source address. 367 5.3. Source Address 369 This field specifies the 32 bits length IPv4 or 128 bits length IPv6 370 address of the multicast source for the path being traced, or is 371 filled with "all 1" in case of IPv4 or with the unspecified address 372 (::) in case of IPv6 if no source-specific information is desired. 373 Note that non-source-specific traceroutes may not be possible with 374 certain multicast routing protocols. 376 5.4. Destination Address 378 This field specifies the 32 bits length IPv4 or 128 bits length IPv6 379 address of the multicast receiver for the path being traced. The 380 trace starts at this destination and proceeds toward the traffic 381 source. 383 5.5. Query ID: 16 bits 385 This field is used as a unique identifier for this traceroute request 386 so that duplicate or delayed responses may be detected and to 387 minimize collisions when a multicast response address is used. 389 5.6. Client Port # 391 Mtrace2 response is sent back to the address specified in a 392 Destination Address field. This field specifies the UDP port number 393 the router will send Mtrace2 Response. This client port number MUST 394 NOT be changed by any router. 396 6. IPv4 Mtrace2 Standard Response Block 398 Each intermediate IPv4 router in a trace path appends "response data 399 block" to the forwarded trace packet. The standard response data 400 block looks as follows. 402 0 1 2 3 403 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 404 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 405 | Query Arrival Time | 406 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 407 | Incoming Interface Address | 408 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 409 | Outgoing Interface Address | 410 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 411 | Previous-Hop Router Address | 412 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 413 | | 414 . Input packet count on incoming interface . 415 | | 416 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 417 | | 418 . Output packet count on outgoing interface . 419 | | 420 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 421 | | 422 . Total number of packets for this source-group pair . 423 | | 424 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 425 | Rtg Protocol | Multicast Rtg Protocol | 426 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 427 | Fwd TTL | MBZ |S| Src Mask |Forwarding Code| 428 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 430 6.1. Query Arrival Time: 32 bits 432 The Query Arrival Time is a 32-bit NTP timestamp specifying the 433 arrival time of the traceroute request packet at this router. The 434 32-bit form of an NTP timestamp consists of the middle 32 bits of the 435 full 64-bit form; that is, the low 16 bits of the integer part and 436 the high 16 bits of the fractional part. 438 The following formula converts from a UNIX timeval to a 32-bit NTP 439 timestamp: 441 query_arrival_time 442 = (tv.tv_sec + 32384) << 16 + ((tv.tv_usec << 10) / 15625) 444 The constant 32384 is the number of seconds from Jan 1, 1900 to Jan 445 1, 1970 truncated to 16 bits. ((tv.tv_usec << 10) / 15625) is a 446 reduction of ((tv.tv_usec / 100000000) << 16). 448 6.2. Incoming Interface Address: 32 bits 450 This field specifies the address of the interface on which packets 451 from this source and group are expected to arrive, or 0 if unknown or 452 unnumbered. 454 6.3. Outgoing Interface Address: 32 bits 456 This field specifies the address of the interface on which packets 457 from this source and group flow to the specified destination, or 0 if 458 unknown or unnumbered. 460 6.4. Previous-Hop Router Address: 32 bits 462 This field specifies the router from which this router expects 463 packets from this source. This may be a multicast group (e.g. ALL- 464 [protocol]-ROUTERS.MCAST.NET) if the previous hop is not known 465 because of the workings of the multicast routing protocol. However, 466 it should be 0 if the incoming interface address is unknown or 467 unnumbered. 469 6.5. Input packet count on incoming interface: 64 bits 471 This field contains the number of multicast packets received for all 472 groups and sources on the incoming interface, or "all 1" if no count 473 can be reported. This counter may have the same value as 474 ifHCInMulticastPkts from the IF-MIB [14] for this interface. 476 6.6. Output packet count on incoming interface: 64 bits 478 This field contains the number of multicast packets that have been 479 transmitted or queued for transmission for all groups and sources on 480 the outgoing interface, or "all 1" if no count can be reported. This 481 counter may have the same value as ifHCOutMulticastPkts from the IF- 482 MIB for this interface. 484 6.7. Total number of packets for this source-group pair: 64 bits 486 This field counts the number of packets from the specified source 487 forwarded by this router to the specified group, or "all 1" if no 488 count can be reported. If the S bit is set, the count is for the 489 source network, as specified by the Src Mask field. If the S bit is 490 set and the Src Mask field is 63, indicating no source-specific 491 state, the count is for all sources sending to this group. This 492 counter should have the same value as ipMcastRoutePkts from the 493 IPMROUTE-STD-MIB [15] for this forwarding entry. 495 6.8. Rtg Protocol: 16 bits 497 This field describes the routing protocol used to decide an RPF 498 interface for the requested source. This value should have the same 499 value as ipMcastRouteRtProtocol from the IPMROUTE-STD-MIB [15] for 500 this entry. If the router does not able to obtain this value, "all 501 0" must be specified. 503 6.9. Multicast Rtg Protocol: 16 bits 505 This field describes the multicast routing protocol in use between 506 this router and the previous-hop router. This value should have the 507 same value as ipMcastRouteProtocol from the IPMROUTE-STD-MIB [15] for 508 this entry. If the router does not able to obtain this value, "all 509 0" must be specified. 511 6.10. Fwd TTL: 8 bits 513 This field contains the TTL that a packet is required to have before 514 it will be forwarded over the outgoing interface. 516 6.11. MBZ: 8 bit 518 Must be zeroed on transmission and ignored on reception. 520 6.12. S: 1 bit 522 This S bit indicates that the packet count for the source-group pair 523 is for the source network, as determined by masking the source 524 address with the Src Mask field. 526 6.13. Src Mask: 7 bits 528 This field contains the number of 1's in the netmask this router has 529 for the source (i.e. a value of 24 means the netmask is 0xffffff00). 530 If the router is forwarding solely on group state, this field is set 531 to 127 (0x7f). 533 6.14. Forwarding Code: 8 bits 535 This field contains a forwarding information/error code. Section 9.2 536 explains how and when the forwarding code is filled. Defined values 537 are as follows; 539 Value Name Description 540 ----- -------------- ------------------------------------------- 542 0x00 NO_ERROR No error 544 0x01 WRONG_IF Mtrace2 request arrived on an interface 545 to which this router would not forward for 546 this source, group, destination. 548 0x02 PRUNE_SENT This router has sent a prune upstream which 549 applies to the source and group in the 550 traceroute request. 552 0x03 PRUNE_RCVD This router has stopped forwarding for this 553 source and group in response to a request 554 from the next hop router. 556 0x04 SCOPED The group is subject to administrative 557 scoping at this hop. 559 0x05 NO_ROUTE This router has no route for the source or 560 group and no way to determine a potential 561 route. 563 0x06 WRONG_LAST_HOP This router is not the proper last-hop 564 router. 566 0x07 NOT_FORWARDING This router is not forwarding this source, 567 group out the outgoing interface for an 568 unspecified reason. 570 0x08 REACHED_RP Reached Rendezvous Point or Core 572 0x09 RPF_IF Mtrace2 request arrived on the expected 573 RPF interface for this source and group. 575 0x0A NO_MULTICAST Mtrace2 request arrived on an interface 576 which is not enabled for multicast. 578 0x0B INFO_HIDDEN One or more hops have been hidden from this 579 trace. 581 0x0C REACHED_GW Mtrace2 request arrived on a gateway (e.g., 582 a NAT or firewall) that hides the 583 information between this router and the 584 mtrace2 querier 586 0x81 NO_SPACE There was not enough room to insert another 587 response data block in the packet. 589 0x82 OLD_ROUTER The previous-hop router does not understand 590 mtrace2 requests. 592 0x83 ADMIN_PROHIB Mtrace2 is administratively prohibited. 594 Note that if a router discovers there is not enough room in a packet 595 to insert its response, it puts the NO_SPACE error code in the 596 previous router's Forwarding Code field, overwriting any error the 597 previous router placed there. After the router sends the response to 598 the Destination Address in the header, the router continues the 599 mtrace2 query by sending an mtrace2 request containing the same 600 mtrace2 query header. Section 9.3 and Section 10.8 include the 601 details. 603 The 0x80 bit of the Forwarding Code is used to indicate a fatal 604 error. A fatal error is one where the router may know the previous 605 hop but cannot forward the message to it. 607 7. IPv6 Mtrace2 Standard Response Block 609 Each intermediate IPv6 router in a trace path appends "response data 610 block" to the forwarded trace packet. The standard response data 611 block looks as follows. 613 0 1 2 3 614 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 615 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 616 | Query Arrival Time | 617 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 618 | Incoming Interface ID | 619 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 620 | Outgoing Interface ID | 621 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 622 | | 623 * Local Address * 624 | | 625 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 626 | | 627 * Remote Address * 628 | | 629 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 630 | | 631 . Input packet count on incoming interface . 632 | | 633 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 634 | | 635 . Output packet count on outgoing interface . 636 | | 637 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 638 | | 639 . Total number of packets for this source-group pair . 640 | | 641 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 642 | Rtg Protocol | Multicast Rtg Protocol | 643 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 644 | MBZ |S|Src Prefix Len |Forwarding Code| 645 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 647 7.1. Query Arrival Time: 32 bits 649 Same definition described in Section 6.1 651 7.2. Incoming Interface ID: 32 bits 653 This field specifies the interface ID on which packets from this 654 source and group are expected to arrive, or 0 if unknown. This ID 655 should be the value taken from InterfaceIndex of the IF-MIB [14] for 656 this interface. This field is carried in network byte order. 658 7.3. Outgoing Interface ID: 32 bits 660 This field specifies the interface ID on which packets from this 661 source and group flow to the specified destination, or 0 if unknown. 662 This ID should be the value taken from InterfaceIndex of the IF-MIB 663 for this interface. This field is carried in network byte order. 665 7.4. Local Address 667 This field specifies a global IPv6 address that uniquely identifies 668 the router. A unique local unicast address [13] SHOULD NOT be used 669 unless the router is only assigned link-local and unique local 670 addresses. If the router is only assigned link-local addresses, its 671 link-local address can be specified in this field. 673 7.5. Remote Address 675 This field specifies the address of the previous-hop router, which, 676 in most cases, is a link-local unicast address for the queried source 677 and destination addresses. 679 Although a link-local address does not have enough information to 680 identify a node, it is possible to detect the previous-hop router 681 with the assistance of Incoming Interface ID and the current router 682 address (i.e., Local Address). 684 This may be a multicast group (e.g., ALL-[protocol]- 685 ROUTERS.MCAST.NET) if the previous hop is not known because of the 686 workings of the multicast routing protocol. However, it should be 687 the unspecified address (::) if the incoming interface address is 688 unknown. 690 7.6. Input packet count on incoming interface 692 Same definition described in Section 6.5 694 7.7. Output packet count on incoming interface 696 Same definition described in Section 6.6 698 7.8. Total number of packets for this source-group pair 700 This field counts the number of packets from the specified source 701 forwarded by this router to the specified group, or "all 1" if no 702 count can be reported. If the S bit is set, the count is for the 703 source network, as specified by the Src Prefix Len field. If the S 704 bit is set and the Src Prefix Len field is 255, indicating no source- 705 specific state, the count is for all sources sending to this group. 706 This counter should have the same value as ipMcastRoutePkts from the 707 IPMROUTE-STD-MIB for this forwarding entry. 709 7.9. Rtg Protocol: 16 bits 711 Same definition described in Section 6.8 713 7.10. Multicast Rtg Protocol: 16 bits 715 Same definition described in Section 6.9 717 7.11. MBZ: 15 bits 719 Must be zeroed on transmission and ignored on reception. 721 7.12. S: 1 bit 723 This S bit indicates that the packet count for the source-group pair 724 is for the source network, as determined by masking the source 725 address with the Src Prefix Len field. 727 7.13. Src Prefix Len: 8 bits 729 This field contains the prefix length this router has for the source. 730 If the router is forwarding solely on group state, this field is set 731 to 255 (0xff) 733 7.14. Forwarding Code: 8 bits 735 Same definition described in Section 6.14 737 8. Mtrace2 Augmented Response Block 739 In addition to the standard response block, a multicast router on the 740 path will be able to add "augumented response block" when it sends 741 the request to its upstream router or sends the response to the 742 Destination Address. This augmented response block is flexible to 743 add various information. 745 0 1 2 3 746 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 747 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 748 | Type | Value .... | 749 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 751 The augmented response block is always appended to mtrace2 TLV header 752 (0x04). The 16 bits Type filed of the augmented response block is 753 defined for various purposes, such as diagnosis (as in Section 12) 754 and protocol verification. The packet length of the augmented 755 response block is specified in the augmented response block TLV 756 header as seen in Section 4.1. 758 The following augmented response block type is defined: 760 Code Type 761 ====== ================================================= 762 0x01 # Mtrace2 Standard Response Blocks Returned 764 When the NO_SPACE error occurs, the router sends back the mtrace2 765 response with contained data (i.e., all appended response blocks), 766 and continues the mtrace2 query by sending an mtrace2 request as will 767 be described in Section 9.3. In this mtrace2 request, the router 768 appends the augmented response block with the code "0x01" and the 769 number of returned mtrace2 response blocks. Every router between 770 this router and the first-hop router can recognize the limit number 771 of hops by referring this number and the # hops in the header. 773 This document only defines the above augmented response block type 774 and does not define other augmented response block types. Specifing 775 how to deal with diagnosis information will be also described in 776 separate documents. 778 9. Router Behavior 780 All of these actions are performed in addition to (NOT instead of) 781 forwarding the packet, if applicable. E.g. a multicast packet that 782 has TTL or the hop limit remaining MUST be forwarded normally, as 783 MUST a unicast packet that has TTL or the hop limit remaining and is 784 not addressed to this router. 786 9.1. Traceroute Query 788 An mtrace2 Query message is a traceroute message with no response 789 blocks filled in, and uses TLV type 0x1 for IPv4 and IPv6 mtrace2. 791 9.1.1. Packet Verification 793 Upon receiving an mtrace2 Query message, a router must examine the 794 Query to see if it is the proper last-hop router for the destination 795 address in the packet. It is the proper last-hop router if it has a 796 multicast-capable interface on the same subnet as the Destination 797 Address and is the router that would forward traffic from the given 798 (S,G) onto that subnet. 800 If the router determines that it is not the proper last-hop router, 801 or it cannot make that determination, it does one of two things 802 depending if the Query was received via multicast or unicast. If the 803 Query was received via multicast, then it MUST be silently dropped. 804 If it was received via unicast, a forwarding code of WRONG_LAST_HOP 805 is noted and processing continues as in Section 9.2 807 Duplicate Query messages as identified by the tuple (IP Source, Query 808 ID) SHOULD be ignored. This MAY be implemented using a simple 1-back 809 cache (i.e. remembering the IP source and Query ID of the previous 810 Query message that was processed, and ignoring future messages with 811 the same IP Source and Query ID). Duplicate Request messages MUST 812 NOT be ignored in this manner. 814 9.1.2. Normal Processing 816 When a router receives an mtrace2 Query and it determines that it is 817 the proper last-hop router, it treats it like an mtrace2 Request and 818 performs the steps listed in Section 9.2 820 9.2. Mtrace2 Request 822 An mtrace2 Request is a traceroute message with some number of 823 response blocks filled in, and uses TLV type 0x1 for IPv4 and IPv6 824 mtrace2. Routers can tell the difference between Queries and 825 Requests by checking the length of the packet. 827 9.2.1. Packet Verification 829 If the mtrace2 Request does not come from an adjacent host or router, 830 it MUST be silently ignored. If the mtrace2 Request is not addressed 831 to this router, or if the Request is addressed to a multicast group 832 which is not a link-scoped group (i.e. 224/24 for IPv4, FFx2::/16 [3] 833 for IPv6), it MUST be silently ignored. It is highly RECOMMENDED for 834 the router to use GTSM [16] to determine whether the host or router 835 is adjacent or not. 837 9.2.2. Normal Processing 839 When a router receives an mtrace2 Request, it performs the following 840 steps. Note that it is possible to have multiple situations covered 841 by the Forwarding Codes. The first one encountered is the one that 842 is reported, i.e. all "note forwarding code N" should be interpreted 843 as "if forwarding code is not already set, set forwarding code to N". 845 1. If there is room in the current buffer (or the router can 846 efficiently allocate more space to use), insert a new response 847 block into the packet and fill in the Query Arrival Time, 848 Outgoing Interface Address (for IPv4 mtrace2) or Outgoing 849 Interface ID (for IPv6 mtrace2), Output Packet Count, and Fwd 850 TTL (for IPv4 mtrace2). If there was no room, fill in the 851 response code "NO_SPACE" in the *previous* hop's response block, 852 and forward the packet to the address specified in the 853 Destination Address field and continue the trace as described in 854 Section 9.3. 856 2. Attempt to determine the forwarding information for the source 857 and group specified, using the same mechanisms as would be used 858 when a packet is received from the source destined for the 859 group. State need not be instantiated, it can be "phantom" 860 state created only for the purpose of the trace, such as "dry- 861 run". 863 If using a shared-tree protocol and there is no source-specific 864 state, or if no source-specific information is desired (i.e., 865 "all 1" for IPv4 or unspecified address (::) for IPv6), group 866 state should be used. If there is no group state or no group- 867 specific information is desired, potential source state (i.e. 868 the path that would be followed for a source-specific Join) 869 should be used. If this router is the Core or RP and no source- 870 specific state is available (e.g., this router has been 871 receiving PIM Register messages from the first-hop router), note 872 a code of REACHED_RP. 874 3. If no forwarding information can be determined, the router notes 875 an error code of NO_ROUTE, sets the remaining fields that have 876 not yet been filled in to zero, and then forwards the packet to 877 the requester as described in Section 9.3. 879 4. Fill in the Incoming Interface Address, Previous-Hop Router 880 Address, Input Packet Count, Total Number of Packets, Routing 881 Protocol, S, and Src Mask from the forwarding information that 882 was determined. 884 5. If mtrace2 is administratively prohibited or the previous hop 885 router does not understand mtrace2 requests, note the 886 appropriate forwarding code (ADMIN_PROHIB or OLD_ROUTER). If 887 mtrace2 is administratively prohibited and any of the fields as 888 filled in step 4 are considered private information, zero out 889 the applicable fields. Then the packet is forwarded to the 890 requester as described in Section 9.3. 892 6. If the reception interface is not enabled for multicast, note 893 forwarding code NO_MULTICAST. If the reception interface is the 894 interface from which the router would expect data to arrive from 895 the source, note forwarding code RPF_IF. Otherwise, if the 896 reception interface is not one to which the router would forward 897 data from the source to the group, a forwarding code of WRONG_IF 898 is noted. 900 7. If the group is subject to administrative scoping on either the 901 Outgoing or Incoming interfaces, a forwarding code of SCOPED is 902 noted. 904 8. If this router is the Rendezvous Point or Core for the group, a 905 forwarding code of REACHED_RP is noted. 907 9. If this router has sent a prune upstream which applies to the 908 source and group in the mtrace2 Request, it notes forwarding 909 code PRUNE_SENT. If the router has stopped forwarding 910 downstream in response to a prune sent by the next hop router, 911 it notes forwarding code PRUNE_RCVD. If the router should 912 normally forward traffic for this source and group downstream 913 but is not, it notes forwarding code NOT_FORWARDING. 915 10. If this router is a gateway (e.g., a NAT or firewall) that hides 916 the information between this router and the mtrace2 querier, it 917 notes forwarding code REACHED_GW. 919 11. The packet is then sent on to the previous hop or the 920 Destination Address as described in Section 9.3. 922 9.3. Forwarding Mtrace2 Requests 924 If the Previous-hop router is known for this request and the number 925 of response blocks is less than the number requested (i.e., the "# 926 hops" field in mtrace2 header), the packet is sent to that router. 927 If the Incoming Interface is known but the Previous-hop router is not 928 known, the packet is sent to an appropriate multicast address on the 929 Incoming Interface. The appropriate multicast address may depend on 930 the routing protocol in use, MUST be a link-scoped group (i.e. 224/24 931 for IPv4, FF02::/16 for IPv6), MUST NOT be ALL-SYSTEMS.MCAST.NET 932 (224.0.0.1) for IPv4 and All Nodes Address (FF02::1) for IPv6, and 933 MAY be ALL-ROUTERS.MCAST.NET (224.0.0.2) for IPv4 or All Routers 934 Address (FF02::2) for IPv6 if the routing protocol in use does not 935 define a more appropriate group. Otherwise, it is sent to the 936 Destination Address in the header. 938 When the REACHED_GW code is noted, the router sends back the mtrace2 939 response as in Section 9.4. In addition to that, it must continue 940 the mtrace2 query by proxying the original querier as in Section 9.5. 942 When the NO_SPACE error occurs, the router sends back the mtrace2 943 response with contained data and the NO_SPACE error code as in 944 Section 9.4, and continues the mtrace2 query by sending an mtrace2 945 request containing the same mtrace2 query header and its standard and 946 augmented response blocks. The corresponding augmented response 947 block type is "# Mtrace2 Response Blocks Returned" described in 948 Section 8. 950 9.4. Sending Mtrace2 Responses 952 9.4.1. Destination Address 954 An mtrace2 Response must be sent to the address specified in the 955 Destination Address field in the mtrace2 query header. 957 9.4.2. Source Address 959 An mtrace2 Response must be sent with the address of the router's 960 reception interface. 962 9.5. Proxying Mtrace2 Queries 964 When a gateway (e.g., a NAT or firewall) that needs to block unicast 965 packets to the mtrace2 querier or hide information between the 966 gateway and the mtrace2 querier receives mtrace2 query from an 967 adjacent host or mtrace2 request from an adjacent router, it sends 968 back the mtrace2 response with contained data and the REACHED_GW code 969 to the address specified in the Destination Address field in the 970 mtrace2 query header. 972 At the same time, the gateway prepares a new mtrace2 query message. 973 The gateway uses the original mtrace2 query header as the base for 974 the new mtrace2 query; it sets the Destination Address to its 975 Incoming Interface address and the Client Port # to its own port 976 (which may be the same as the mtrace2 port as the gateway is 977 listening on that port), and decreases # hops according to the number 978 of standard response blocks in the returned mtrace2 response from the 979 gateway. The mtrace2 query message is sent to the previous-hop 980 router or to an appropriate multicast address on the Incoming 981 Interface. 983 When the gateway receives the mtrace2 response from the first-hop 984 router or any intermediate router, it MUST forward the mtrace2 985 response back to the mtrace2 querier with the original mtrace2 query 986 header. 988 9.6. Hiding Information 990 Information about a domain's topology and connectivity may be hidden 991 from multicast traceroute requests. The INFO_HIDDEN forwarding code 992 may be used to note that, for example, the incoming interface address 993 and packet count are for the entrance to the domain and the outgoing 994 interface address and packet count are the exit from the domain. The 995 source-group packet count may be from either router or not specified 996 (all 1). 998 10. Client Behavior 1000 10.1. Sending Mtrace2 Queries 1002 When the destination of the mtrace2 is the machine running the 1003 client, the mtrace2 Query packet can be sent to the ALL- 1004 ROUTERS.MCAST.NET (224.0.0.2) for IPv4 or All Routers Address 1005 (FF02::2) for IPv6. This will ensure that the packet is received by 1006 the last-hop router on the subnet. Otherwise, if the proper last-hop 1007 router is known for the mtrace2 destination, the Query could be 1008 unicasted to that router. 1010 See also Section 10.4 on determining the last-hop router. 1012 10.2. Determining the Path 1014 The client could send a small number of initial query messages with a 1015 large "# hops" field, in order to try to trace the full path. If 1016 this attempt fails, one strategy is to perform a linear search (as 1017 the traditional unicast traceroute program does); set the "# hops" 1018 field to 1 and try to get a response, then 2, and so on. If no 1019 response is received at a certain hop, the hop count can continue 1020 past the non-responding hop, in the hopes that further hops may 1021 respond. These attempts should continue until a user-defined timeout 1022 has occurred. 1024 See also Section 10.5 and Section 10.6 on receiving the results of a 1025 trace. 1027 10.3. Collecting Statistics 1029 After a client has determined that it has traced the whole path or as 1030 much as it can expect to (see Section 10.7), it might collect 1031 statistics by waiting a short time and performing a second trace. If 1032 the path is the same in the two traces, statistics can be displayed 1033 as described in Section 12.3 and Section 12.4. 1035 10.4. Last Hop Router 1037 The mtrace2 querier may not know which is the last hop router, or 1038 that router may be behind a firewall that blocks unicast packets but 1039 passes multicast packets. In these cases, the mtrace2 request should 1040 be multicasted to ALL-ROUTERS.MCAST.NET (224.0.0.2) for IPv4 or All 1041 Routers Address (FF02::2) for IPv6. All routers except the correct 1042 last hop router should ignore any mtrace2 request received via 1043 multicast. Mtrace2 requests which are multicasted to the group being 1044 traced must include the Router Alert option[6][7]. 1046 Another alternative is to unicast to the trace destination. Mtrace2 1047 requests which are unicasted to the trace destination must include 1048 the Router Alert option, in order that the last-hop router is aware 1049 of the packet. 1051 10.5. First Hop Router 1053 The IANA assigned 224.0.1.32, MTRACE.MCAST.NET as the default 1054 multicast group for IPv4 mtrace responses, in order to support mtrace 1055 queriers that are not unicast reachable from the first hop router. 1056 However, mtrace2 does not reserve any IPv4/IPv6 multicast addresses 1057 for mtrace2 responses. Every mtrace2 response is sent to the unicast 1058 address specified in the Destination Address field of the mtrace2 1059 query header. 1061 10.6. Broken Intermediate Router 1063 A broken intermediate router might simply not understand mtrace2 1064 packets, and drop them. The querier would then get no response at 1065 all from its mtrace2 requests. It should then perform a hop-by-hop 1066 search by setting the number of responses field until it gets a 1067 response (both linear and binary search are options, but binary is 1068 likely to be slower because a failure requires waiting for a 1069 timeout). 1071 10.7. Mtrace2 Termination 1073 When performing an expanding hop-by-hop trace, it is necessary to 1074 determine when to stop expanding. 1076 10.7.1. Arriving at source 1078 A trace can be determined to have arrived at the source if the 1079 Incoming Interface of the last router in the trace is non-zero, but 1080 the Previous Hop router is zero. 1082 10.7.2. Fatal error 1084 A trace has encountered a fatal error if the last Forwarding Error in 1085 the trace has the 0x80 bit set. 1087 10.7.3. No previous hop 1089 A trace can not continue if the last Previous Hop in the trace is set 1090 to 0. 1092 10.7.4. Traceroute shorter than requested 1094 If the trace that is returned is shorter than requested (i.e. the 1095 number of response blocks is smaller than the "# hops" field), the 1096 trace encountered an error and could not continue. 1098 10.8. Continuing after an error 1100 When the NO_SPACE error occurs, as described in Section 9.3, the 1101 multicast routers sends back the mtrace2 response to the address 1102 specified in the Destination Address field in the mtrace2 query 1103 header. In this case, the mtrace2 client may receive multiple 1104 mtrace2 responses from different routers (along the path). After the 1105 client receives multiple mtrace2 response messages, it integrates 1106 (i.e. constructs) them as a single mtrace2 response message. 1108 If a trace times out, it is likely to be because a router in the 1109 middle of the path does not support multicast traceroute. That 1110 router's address will be in the Previous Hop field of the last entry 1111 in the last response packet received. A client may be able to 1112 determine (via mrinfo or SNMP [13][15]) a list of neighbors of the 1113 non-responding router. If desired, each of those neighbors could be 1114 probed to determine the remainder of the path. Unfortunately, this 1115 heuristic may end up with multiple paths, since there is no way of 1116 knowing what the non-responding router's algorithm for choosing a 1117 previous-hop router is. However, if all paths but one flow back 1118 towards the non-responding router, it is possible to be sure that 1119 this is the correct path. 1121 11. Protocol-Specific Considerations 1123 11.1. PIM-SM 1125 When a multicast traceroute reaches a PIM-SM RP and the RP does not 1126 forward the trace on, it means that the RP has not performed a 1127 source-specific join so there is no more state to trace. However, 1128 the path that traffic would use if the RP did perform a source- 1129 specific join can be traced by setting the trace destination to the 1130 RP, the trace source to the traffic source, and the trace group to 0. 1131 This trace Query may be unicasted to the RP. 1133 11.2. Bi-Directional PIM 1135 Bi-directional PIM [9] is a variant of PIM-SM that builds bi- 1136 directional shared trees connecting multicast sources and receivers. 1137 Along the bi-directional shared trees, multicast data is natively 1138 forwarded from sources to the RPA (Rendezvous Point Address) and from 1139 the RPA to receivers without requiring source-specific state. In 1140 contrast to PIM-SM, RP always has the state to trace. 1142 A Designated Forwarder (DF) for a given RPA is in charge of 1143 forwarding downstream traffic onto its link, and forwarding upstream 1144 traffic from its link towards the RPL (Rendezvous Point Link) that 1145 the RPA belongs to. Hence mtrace2 reports DF addresses or RPA along 1146 the path. 1148 11.3. PIM-DM 1150 Routers running PIM Dense Mode do not know the path packets would 1151 take unless traffic is flowing. Without some extra protocol 1152 mechanism, this means that in an environment with multiple possible 1153 paths with branch points on shared media, multicast traceroute can 1154 only trace existing paths, not potential paths. When there are 1155 multiple possible paths but the branch points are not on shared 1156 media, the previous hop router is known, but the last hop router may 1157 not know that it is the appropriate last hop. 1159 When traffic is flowing, PIM Dense Mode routers know whether or not 1160 they are the last-hop forwarder for the link (because they won or 1161 lost an Assert battle) and know who the previous hop is (because it 1162 won an Assert battle). Therefore, multicast traceroute is always 1163 able to follow the proper path when traffic is flowing. 1165 11.4. IGMP/MLD Proxy 1167 When a mtrace2 Query packet reaches an incoming interface of IGMP/MLD 1168 Proxy [10], it puts a WRONG_IF (0x01) value in Forwarding Code of 1169 mtrace2 standard response block (as in Section 6.14) and sends the 1170 mtrace2 response back to the Destination Address. When a mtrace2 1171 Query packet reaches an outgoing interface of IGMP/MLD proxy, it is 1172 forwarded through its incoming interface towards the upstream router. 1174 11.5. AMT 1176 AMT [11] provides the multicast connectivity to the unicast-only 1177 inter-network. To do this, multicast packets being sent to or from a 1178 site are encapsulated in unicast packets. When a mtrace2 query 1179 packet reaches an AMT pseudo-interface of an AMT gateway, the AMT 1180 gateway encapsulats it to a particular AMT relay reachable across the 1181 unicast-only infrastructure. Then the AMT relay decapsulates the 1182 mtrace2 query packet and forwards the mtrace2 request to the 1183 appropriate multicast router. 1185 12. Problem Diagnosis 1187 12.1. Forwarding Inconsistencies 1189 The forwarding error code can tell if a group is unexpectedly pruned 1190 or administratively scoped. 1192 12.2. TTL or Hop Limit Problems 1194 By taking the maximum of hops (from source + forwarding TTL (or hop 1195 limit) threshold) over all hops, it is possible to discover the TTL 1196 or hop limit required for the source to reach the destination. 1198 12.3. Packet Loss 1200 By taking two traces, it is possible to find packet loss information 1201 by comparing the difference in input packet counts to the difference 1202 in output packet counts for the specified source-group address pair 1203 at the previous hop. On a point-to-point link, any difference in 1204 these numbers implies packet loss. Since the packet counts may be 1205 changing as the mtrace2 query is propagating, there may be small 1206 errors (off by 1 or 2 or more) in these statistics. However, these 1207 errors will not accumulate if multiple traces are taken to expand the 1208 measurement period. On a shared link, the count of input packets can 1209 be larger than the number of output packets at the previous hop, due 1210 to other routers or hosts on the link injecting packets. This 1211 appears as "negative loss" which may mask real packet loss. 1213 In addition to the counts of input and output packets for all 1214 multicast traffic on the interfaces, the response data includes a 1215 count of the packets forwarded by a node for the specified source- 1216 group pair. Taking the difference in this count between two traces 1217 and then comparing those differences between two hops gives a measure 1218 of packet loss just for traffic from the specified source to the 1219 specified receiver via the specified group. This measure is not 1220 affected by shared links. 1222 On a point-to-point link that is a multicast tunnel, packet loss is 1223 usually due to congestion in unicast routers along the path of that 1224 tunnel. On native multicast links, loss is more likely in the output 1225 queue of one hop, perhaps due to priority dropping, or in the input 1226 queue at the next hop. The counters in the response data do not 1227 allow these cases to be distinguished. Differences in packet counts 1228 between the incoming and outgoing interfaces on one node cannot 1229 generally be used to measure queue overflow in the node. 1231 12.4. Link Utilization 1233 Again, with two traces, you can divide the difference in the input or 1234 output packet counts at some hop by the difference in time stamps 1235 from the same hop to obtain the packet rate over the link. If the 1236 average packet size is known, then the link utilization can also be 1237 estimated to see whether packet loss may be due to the rate limit or 1238 the physical capacity on a particular link being exceeded. 1240 12.5. Time Delay 1242 If the routers have synchronized clocks, it is possible to estimate 1243 propagation and queuing delay from the differences between the 1244 timestamps at successive hops. However, this delay includes control 1245 processing overhead, so is not necessarily indicative of the delay 1246 that data traffic would experience. 1248 13. IANA Considerations 1250 The following new assignments can only be made via a Standards Action 1251 as specified in [4]. 1253 13.1. Forwarding Codes 1255 New Forwarding codes must only be created by an RFC that modifies 1256 this document's Section 10, fully describing the conditions under 1257 which the new forwarding code is used. The IANA may act as a central 1258 repository so that there is a single place to look up forwarding 1259 codes and the document in which they are defined. 1261 13.2. UDP Destination Port and IPv6 Address 1263 The IANA should allocate UDP destination port for multicast 1264 traceroute version 2 upon publication of the first RFC. 1266 14. Security Considerations 1268 14.1. Topology Discovery 1270 Mtrace2 can be used to discover any actively-used topology. If your 1271 network topology is a secret, mtrace2 may be restricted at the border 1272 of your domain, using the ADMIN_PROHIB forwarding code. 1274 14.2. Traffic Rates 1276 Mtrace2 can be used to discover what sources are sending to what 1277 groups and at what rates. If this information is a secret, mtrace2 1278 may be restricted at the border of your domain, using the 1279 ADMIN_PROHIB forwarding code. 1281 14.3. Limiting Query/Request Rates 1283 Routers should limit mtrace2 queries and requests by ignoring the 1284 received messages. Routers MAY randomly ignore the received messages 1285 to minimize the processing overhead, i.e., to keep fairness in 1286 processing queries. 1288 15. Acknowledgements 1290 This specification started largely as a transcription of Van 1291 Jacobson's slides from the 30th IETF, and the implementation in 1292 mrouted 3.3 by Ajit Thyagarajan. Van's original slides credit Steve 1293 Casner, Steve Deering, Dino Farinacci and Deb Agrawal. The original 1294 multicast traceroute client, mtrace (version 1), has been implemented 1295 by Ajit Thyagarajan, Steve Casner and Bill Fenner. 1297 The idea of unicasting a multicast traceroute Query to the 1298 destination of the trace with Router Alert set is due to Tony 1299 Ballardie. The idea of the "S" bit to allow statistics for a source 1300 subnet is due to Tom Pusateri. 1302 For the mtrace version 2 specification, extensive comments were 1303 received from Yiqun Cai, Liu Hui, Bharat Joshi, Pekka Savola, 1304 Shinsuke Suzuki, Dave Thaler, Achmad Husni Thamrin, and Cao Wei. 1306 16. References 1308 16.1. Normative References 1310 [1] Bradner, S., "Key words for use in RFCs to indicate requirement 1311 levels", RFC 2119, March 1997. 1313 [2] Deering, S. and R. Hinden, "Internet Protocol, Version 6 (IPv6) 1314 Specification", RFC 2460, December 1998. 1316 [3] Hinden, R. and S. Deering, "IP Version 6 Addressing 1317 Architecture", RFC 2373, July 1998. 1319 [4] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA 1320 Considerations Section in RFCs", RFC 2434, October 1998. 1322 [5] Braden, B., Borman, D., and C. Partridge, "Computing the 1323 Internet Checksum", RFC 1071, September 1988. 1325 [6] Katz, D., "IP Router Alert Option", RFC 2113, February 1997. 1327 [7] Partridge, C. and A. Jackson, "IPv6 Router Alert Option", 1328 RFC 2711, October 1999. 1330 [8] Fenner, B., Handley, M., Holbrook, H., and I. Kouvelas, 1331 "Protocol Independent Multicast - Sparse Mode (PIM-SM): 1332 Protocol Specification (Revised)", RFC 4601, August 2006. 1334 [9] Handley, M., Kouvelas, I., Speakman, T., and L. Vicisano, 1335 "Bidirectional Protocol Independent Multicast (BIDIR-PIM)", 1336 RFC 5015, October 2007. 1338 [10] Fenner, B., He, H., Haberman, B., and H. Sandick, "Internet 1339 Group Management Protocol (IGMP) / Multicast Listener Discovery 1340 (MLD)-Based Multicast Forwarding ("IGMP/MLD Proxying")", 1341 RFC 4605, August 2006. 1343 [11] Thaler, D., Talwar, M., Aggarwal, A., Vicisano, L., and T. 1344 Pusateri, "Automatic IP Multicast Without Explicit Tunnels 1345 (AMT)", draft-ietf-mboned-auto-multicast-08.txt (work in 1346 progress), October 2007. 1348 16.2. Informative References 1350 [12] Cain, B., Deering, S., Kouvelas, I., Fenner, B., and A. 1351 Thyagarajan, "Internet Group Management Protocol, Version 3", 1352 RFC 3376, October 2002. 1354 [13] Draves, R. and D. Thaler, "Default Router Preferences and More- 1355 Specific Routes", RFC 4191, November 2005. 1357 [14] McCloghrie, K. and F. Kastenholz, "The Interfaces Group MIB", 1358 RFC 2863, June 2000. 1360 [15] McWalter, D., Thaler, D., and A. Kessler, "IP Multicast MIB", 1361 RFC 5132, December 2007. 1363 [16] Gill, V., Heasley, J., Meyer, D., Savola, P., and C. Pignataro, 1364 "The Generalized TTL Security Mechanism (GTSM)", RFC 5082, 1365 October 2007. 1367 Authors' Addresses 1369 Hitoshi Asaeda 1370 Keio University 1371 Graduate School of Media and Governance 1372 Fujisawa, Kanagawa 252-8520 1373 Japan 1375 Email: asaeda@wide.ad.jp 1376 URI: http://www.sfc.wide.ad.jp/~asaeda/ 1378 Tatuya Jinmei 1379 Internet Systems Consortium 1380 Redwood City, CA 94063 1381 US 1383 Email: Jinmei_Tatuya@isc.org 1385 William C. Fenner 1386 Arastra, Inc. 1387 Menlo Park, CA 94025 1388 US 1390 Email: fenner@fenron.com 1392 Stephen L. Casner 1393 Packet Design, Inc. 1394 Palo Alto, CA 94304 1395 US 1397 Email: casner@packetdesign.com