idnits 2.17.1 draft-ietf-mboned-mtrace-v2-12.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 7 instances of lines with non-RFC2606-compliant FQDNs in the document. == There are 1 instance of lines with multicast IPv4 addresses in the document. If these are generic example addresses, they should be changed to use the 233.252.0.x range defined in RFC 5771 Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (October 9, 2015) is 3122 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 2460 (ref. '2') (Obsoleted by RFC 8200) ** Obsolete normative reference: RFC 5226 (ref. '4') (Obsoleted by RFC 8126) ** Obsolete normative reference: RFC 4601 (ref. '5') (Obsoleted by RFC 7761) Summary: 3 errors (**), 0 flaws (~~), 4 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 MBONED Working Group H. Asaeda 3 Internet-Draft NICT 4 Intended status: Standards Track K. Meyer 5 Expires: April 11, 2016 Cisco 6 W. Lee, Ed. 7 October 9, 2015 9 Mtrace Version 2: Traceroute Facility for IP Multicast 10 draft-ietf-mboned-mtrace-v2-12 12 Abstract 14 This document describes the IP multicast traceroute facility, named 15 Mtrace version 2 (Mtrace2). Unlike unicast traceroute, Mtrace2 16 requires special implementations on the part of routers. This 17 specification describes the required functionality in multicast 18 routers, as well as how an Mtrace2 client invokes a query and 19 receives a reply. 21 Status of This Memo 23 This Internet-Draft is submitted in full conformance with the 24 provisions of BCP 78 and BCP 79. 26 Internet-Drafts are working documents of the Internet Engineering 27 Task Force (IETF). Note that other groups may also distribute 28 working documents as Internet-Drafts. The list of current Internet- 29 Drafts is at http://datatracker.ietf.org/drafts/current/. 31 Internet-Drafts are draft documents valid for a maximum of six months 32 and may be updated, replaced, or obsoleted by other documents at any 33 time. It is inappropriate to use Internet-Drafts as reference 34 material or to cite them other than as "work in progress." 36 This Internet-Draft will expire on April 11, 2016. 38 Copyright Notice 40 Copyright (c) 2015 IETF Trust and the persons identified as the 41 document authors. All rights reserved. 43 This document is subject to BCP 78 and the IETF Trust's Legal 44 Provisions Relating to IETF Documents 45 (http://trustee.ietf.org/license-info) in effect on the date of 46 publication of this document. Please review these documents 47 carefully, as they describe your rights and restrictions with respect 48 to this document. Code Components extracted from this document must 49 include Simplified BSD License text as described in Section 4.e of 50 the Trust Legal Provisions and are provided without warranty as 51 described in the Simplified BSD License. 53 Table of Contents 55 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 56 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 57 2.1. Definitions . . . . . . . . . . . . . . . . . . . . . . . 5 58 3. Packet Formats . . . . . . . . . . . . . . . . . . . . . . . 6 59 3.1. Mtrace2 TLV format . . . . . . . . . . . . . . . . . . . 7 60 3.2. Defined TLVs . . . . . . . . . . . . . . . . . . . . . . 7 61 3.2.1. Mtrace2 Query . . . . . . . . . . . . . . . . . . . . 8 62 3.2.2. Mtrace2 Request . . . . . . . . . . . . . . . . . . . 10 63 3.2.3. Mtrace2 Reply . . . . . . . . . . . . . . . . . . . . 10 64 3.2.4. IPv4 Mtrace2 Standard Response Block . . . . . . . . 11 65 3.2.5. IPv6 Mtrace2 Standard Response Block . . . . . . . . 14 66 3.2.6. Mtrace2 Augmented Response Block . . . . . . . . . . 17 67 3.2.7. Mtrace2 Extended Query Block . . . . . . . . . . . . 18 68 4. Router Behavior . . . . . . . . . . . . . . . . . . . . . . . 19 69 4.1. Receiving Mtrace2 Query . . . . . . . . . . . . . . . . . 19 70 4.1.1. Query Packet Verification . . . . . . . . . . . . . . 19 71 4.1.2. Query Normal Processing . . . . . . . . . . . . . . . 20 72 4.2. Receiving Mtrace2 Request . . . . . . . . . . . . . . . . 20 73 4.2.1. Request Packet Verification . . . . . . . . . . . . . 20 74 4.2.2. Request Normal Processing . . . . . . . . . . . . . . 21 75 4.3. Forwarding Mtrace2 Request . . . . . . . . . . . . . . . 22 76 4.3.1. Destination Address . . . . . . . . . . . . . . . . . 23 77 4.3.2. Source Address . . . . . . . . . . . . . . . . . . . 23 78 4.3.3. Appending Standard Response Block . . . . . . . . . . 23 79 4.4. Sending Mtrace2 Reply . . . . . . . . . . . . . . . . . . 24 80 4.4.1. Destination Address . . . . . . . . . . . . . . . . . 24 81 4.4.2. Source Address . . . . . . . . . . . . . . . . . . . 24 82 4.4.3. Appending Standard Response Block . . . . . . . . . . 24 83 4.5. Proxying Mtrace2 Query . . . . . . . . . . . . . . . . . 24 84 4.6. Hiding Information . . . . . . . . . . . . . . . . . . . 25 85 5. Client Behavior . . . . . . . . . . . . . . . . . . . . . . . 25 86 5.1. Sending Mtrace2 Query . . . . . . . . . . . . . . . . . . 25 87 5.1.1. Destination Address . . . . . . . . . . . . . . . . . 25 88 5.1.2. Source Address . . . . . . . . . . . . . . . . . . . 25 89 5.2. Determining the Path . . . . . . . . . . . . . . . . . . 26 90 5.3. Collecting Statistics . . . . . . . . . . . . . . . . . . 26 91 5.4. Last Hop Router (LHR) . . . . . . . . . . . . . . . . . . 26 92 5.5. First Hop Router (FHR) . . . . . . . . . . . . . . . . . 26 93 5.6. Broken Intermediate Router . . . . . . . . . . . . . . . 26 94 5.7. Non-Supported Router . . . . . . . . . . . . . . . . . . 27 95 5.8. Mtrace2 Termination . . . . . . . . . . . . . . . . . . . 27 96 5.8.1. Arriving at Source . . . . . . . . . . . . . . . . . 27 97 5.8.2. Fatal Error . . . . . . . . . . . . . . . . . . . . . 27 98 5.8.3. No Upstream Router . . . . . . . . . . . . . . . . . 27 99 5.8.4. Reply Timeout . . . . . . . . . . . . . . . . . . . . 27 100 5.9. Continuing after an Error . . . . . . . . . . . . . . . . 28 101 6. Protocol-Specific Considerations . . . . . . . . . . . . . . 28 102 6.1. PIM-SM . . . . . . . . . . . . . . . . . . . . . . . . . 28 103 6.2. Bi-Directional PIM . . . . . . . . . . . . . . . . . . . 28 104 6.3. PIM-DM . . . . . . . . . . . . . . . . . . . . . . . . . 29 105 6.4. IGMP/MLD Proxy . . . . . . . . . . . . . . . . . . . . . 29 106 7. Problem Diagnosis . . . . . . . . . . . . . . . . . . . . . . 29 107 7.1. Forwarding Inconsistencies . . . . . . . . . . . . . . . 29 108 7.2. TTL or Hop Limit Problems . . . . . . . . . . . . . . . . 29 109 7.3. Packet Loss . . . . . . . . . . . . . . . . . . . . . . . 30 110 7.4. Link Utilization . . . . . . . . . . . . . . . . . . . . 30 111 7.5. Time Delay . . . . . . . . . . . . . . . . . . . . . . . 30 112 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 31 113 8.1. Forwarding Codes . . . . . . . . . . . . . . . . . . . . 31 114 8.2. UDP Destination Port . . . . . . . . . . . . . . . . . . 31 115 9. Security Considerations . . . . . . . . . . . . . . . . . . . 31 116 9.1. Addresses in Mtrace2 Header . . . . . . . . . . . . . . . 31 117 9.2. Topology Discovery . . . . . . . . . . . . . . . . . . . 31 118 9.3. Characteristics of Multicast Channel . . . . . . . . . . 31 119 9.4. Limiting Query/Request Rates . . . . . . . . . . . . . . 32 120 9.5. Limiting Reply Rates . . . . . . . . . . . . . . . . . . 32 121 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 32 122 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 32 123 11.1. Normative References . . . . . . . . . . . . . . . . . . 32 124 11.2. Informative References . . . . . . . . . . . . . . . . . 33 125 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 33 127 1. Introduction 129 Given a multicast distribution tree, tracing from a multicast source 130 to a receiver is difficult, since we do not know which branch of the 131 multicast tree the receiver lies. This means that we have to flood 132 the whole tree to find the path from a source to a receiver. On the 133 other hand, walking up the tree from a receiver to a source is easy, 134 as most existing multicast routing protocols know the upstream router 135 for each source. Tracing from a receiver to a source can involve 136 only the routers on the direct path. 138 This document specifies the multicast traceroute facility named 139 Mtrace version 2 or Mtrace2 which allows the tracing of an IP 140 multicast routing path. Mtrace2 is usually initiated from a Mtrace2 141 client towards a specified source, or a Rendezvous Point (RP) if no 142 source address is specified. RP is a special router where the source 143 and receiver meet in PIM-SM [5]. Moreover, Mtrace2 provides 144 additional information such as the packet rates and losses, as well 145 as other diagnosis information. Especially, Mtrace2 can be used for 146 the following purposes: 148 o To trace the path that a packet would take from a source to a 149 receiver. 151 o To isolate packet loss problems (e.g., congestion). 153 o To isolate configuration problems (e.g., TTL threshold). 155 Figure 1 shows a typical case on how Mtrace2 is used. FHR represents 156 the first-hop router, LHR represents the last-hop router, and the 157 arrow lines represent the Mtrace2 messages that are sent from one 158 node to another. The numbers before the Mtrace2 messages represent 159 the sequence of the messages that would happen. Source, Receiver and 160 Mtrace2 client are typically a host on the Internet. 162 2. Request 2. Request 163 +----+ +----+ 164 | | | | 165 v | v | 166 +--------+ +-----+ +-----+ +----------+ 167 | Source |----| FHR |----- The Internet -----| LHR |----| Receiver | 168 +--------+ +-----+ | +-----+ +----------+ 169 \ | ^ 170 \ | / 171 \ | / 172 \ | / 173 3. Reply \ | / 1. Query 174 \ | / 175 \ | / 176 \ +---------+ / 177 v | Mtrace2 |/ 178 | client | 179 +---------+ 181 Figure 1 183 When an Mtrace2 client initiates a multicast trace anywhere on the 184 Internet, it sends an Mtrace2 Query packet to the LHR or RP for a 185 multicast group and a source address. The LHR/RP turns the Query 186 packet into a Request, appends a standard response block containing 187 its interface addresses and packet statistics to the Request packet, 188 then forwards the packet towards the source. The Request packet is 189 either unicasted to its upstream router towards the source, or 190 multicasted to the group if the upstream router's IP address is not 191 known. In a similar fashion, each router along the path to the 192 source appends a standard response block to the end of the Request 193 packet before forwarding it to its upstream router. When the FHR 194 receives the Request packet, it appends its own standard response 195 block, turns the Request packet into a Reply, and unicasts the Reply 196 back to the Mtrace2 client. 198 The Mtrace2 Reply may be returned before reaching the FHR if it 199 reaches the RP first, or a fatal error condition such as "no route" 200 is encountered along the path, or the hop count is exceeded. 202 The Mtrace2 client waits for the Mtrace2 Reply message and displays 203 the results. When not receiving an Mtrace2 Reply message due to 204 network congestion, a broken router (see Section 5.6), or a non- 205 responding router (see Section 5.7), the Mtrace2 client may resend 206 another Mtrace2 Query with a lower hop count (see Section 3.2.1), and 207 repeat the process until it receives an Mtrace2 Reply message. The 208 details are Mtrace2 client specific, and it is outside the scope of 209 this document. 211 Note that when a router's control plane and forwarding plane are out 212 of sync, the Mtrace2 Requests might be forwarded based on the control 213 states instead. In which case, the traced path might not represent 214 the real path the data packets would follow. 216 Mtrace2 supports both IPv4 and IPv6. Unlike the previous version of 217 Mtrace, which implements its query and response as IGMP messages [8], 218 all Mtrace2 messages are UDP-based. Although the packet formats of 219 IPv4 and IPv6 Mtrace2 are different because of the address families, 220 the syntax between them is similar. 222 2. Terminology 224 In this document, the key words "MUST", "MUST NOT", "REQUIRED", 225 "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", 226 and "OPTIONAL" are to be interpreted as described in RFC 2119 [1], 227 and indicate requirement levels for compliant Mtrace2 228 implementations. 230 2.1. Definitions 232 Since Mtrace2 Queries and Requests flow in the opposite direction to 233 the data flow, we refer to "upstream" and "downstream" with respect 234 to data, unless explicitly specified. 236 Incoming interface 237 The interface on which data is expected to arrive from the 238 specified source and group. 240 Outgoing interface 241 The interface to which data from the source or RP is expected to 242 transmit for the specified source and group. It is also the 243 interface on which the Mtrace2 Request will be received. 245 Upstream router 246 The router, connecting to the Incoming interface of the current 247 router, which is responsible for forwarding data for the specified 248 source and group to the current router. 250 First-hop router (FHR) 251 The router that is directly connected to the source the Mtrace2 252 Query specifies. 254 Last-hop router (LHR) 255 The router that is directly connected to the receivers. It is 256 also the router that receives the Mtrace2 Query from an Mtrace2 257 client. 259 Group state 260 It is the state a shared-tree protocol, such as PIM-SM [5], uses 261 to choose the upstream router towards the RP for the specified 262 group. In this state, source-specific state is not available for 263 the corresponding group address on the router. 265 Source-specific state 266 It is the state that is used to choose the path towards the source 267 for the specified source and group. 269 ALL-[protocol]-ROUTERS.MCAST.NET 270 It is a link-local multicast address for multicast routers to 271 communicate with their adjacent routers that are running the same 272 routing protocol. For instance, the address of ALL-PIM- 273 ROUTERS.MCAST.NET [5] is '224.0.0.13' for IPv4 and 'ff02::d' for 274 IPv6. 276 3. Packet Formats 278 This section describes the details of the packet formats for Mtrace2 279 messages. 281 All Mtrace2 messages are encoded in TLV format (see Section 3.1). If 282 an implementation receives an unknown TLV, it SHOULD ignored and 283 silently discarded the unknown TLV. If the length of a TLV exceeds 284 the length specified in the TLV, the TLV SHOULD be accepted; however, 285 any additional data after the specified TLV length SHOULD be ignored. 287 All Mtrace2 messages are UDP packets. For IPv4, Mtrace2 Query and 288 Request messages MUST NOT be fragmented. For IPv6, the packet size 289 for the Mtrace2 messages MUST NOT exceed 1280 bytes, which is the 290 smallest MTU for an IPv6 interface [2]. The source port is uniquely 291 selected by the local host operating system. The destination port is 292 the IANA reserved Mtrace2 port number (see Section 8). All Mtrace2 293 messages MUST have a valid UDP checksum. 295 Additionally, Mtrace2 supports both IPv4 and IPv6, but not mixed. 296 For example, if an Mtrace2 Query or Request message arrives in as an 297 IPv4 packet, all addresses specified in the Mtrace2 messages MUST be 298 IPv4 as well. Same rule applies to IPv6 Mtrace2 messages. 300 3.1. Mtrace2 TLV format 302 0 1 2 3 303 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 304 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 305 | Type | Length | Value .... | 306 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 308 Type: 8 bits 310 Describes the format of the Value field. For all the available 311 types, please see Section 3.2 313 Length: 16 bits 315 Length of Type, Length, and Value fields in octets. Minimum 316 length required is 6 octets. The maximum TLV length is not 317 defined; however the entire Mtrace2 packet length should not 318 exceed the available MTU. 320 Value: variable length 322 The format is based on the Type value. The length of the value 323 field is Length field minus 3. All reserved fields in the Value 324 field MUST be transmitted as zeros and ignored on receipt. 326 3.2. Defined TLVs 328 The following TLV Types are defined: 330 Code Type 331 ==== ================================ 332 0x01 Mtrace2 Query 333 0x02 Mtrace2 Request 334 0x03 Mtrace2 Reply 335 0x04 Mtrace2 Standard Response Block 336 0x05 Mtrace2 Augmented Response Block 337 0x06 Mtrace2 Extended Query Block 339 Each Mtrace2 message MUST begin with either a Query, Request or Reply 340 TLV. The first TLV determines the type of each Mtrace2 message. 341 Following a Query TLV, there can be a sequence of optional Extended 342 Query Blocks. In the case of a Request or a Reply TLV, it is then 343 followed by a sequence of Standard Response Blocks, each from a 344 multicast router on the path towards the source or the RP. In the 345 case more information is needed, a Standard Response Block can be 346 followed by one or multiple Augmented Response Blocks. 348 We will describe each message type in detail in the next few 349 sections. 351 3.2.1. Mtrace2 Query 353 An Mtrace2 Query is usually originated by an Mtrace2 client which 354 sends an Mtrace2 Query message to the LHR. When tracing towards the 355 source or the RP, the intermediate routers MUST NOT modify the Query 356 message except the Type field. 358 An Mtrace2 Query message is shown as follows: 360 0 1 2 3 361 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 362 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 363 | Type | Length | # Hops | 364 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 365 | | 366 | Multicast Address | 367 | | 368 +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 369 | | 370 | Source Address | 371 | | 372 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 373 | | 374 | Mtrace2 Client Address | 375 | | 376 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 377 | Query ID | Client Port # | 378 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 380 Figure 2 382 # Hops: 8 bits 383 This field specifies the maximum number of hops that the Mtrace2 384 client wants to trace. If there are some error conditions in the 385 middle of the path that prevent an Mtrace2 Reply from being 386 received by the client, the client MAY issue another Mtrace2 Query 387 with a lower number of hops until it receives a Reply. 389 Multicast Address: 32 bits or 128 bits 390 This field specifies an IPv4 or IPv6 address, which can be either: 392 m-1: a multicast group address to be traced; or, 394 m-2: all 1's in case of IPv4 or the unspecified address (::) in 395 case of IPv6 if no group-specific information is desired. 397 Source Address: 32 bits or 128 bits 398 This field specifies an IPv4 or IPv6 address, which can be either: 400 s-1: an unicast address of the source to be traced; or, 402 s-2: all 1's in case of IPv4 or the unspecified address (::) in 403 case of IPv6 if no source-specific information is desired. 404 For example, the client is tracing a (*,g) group state. 406 Note that it is invalid to have a source-group combination of 407 (s-2, m-2). If a router receives such combination in an Mtrace2 408 Query, it MUST silently discard the Query. 410 Mtrace2 Client Address: 32 bits or 128 bits 411 This field specifies the Mtrace2 client's IPv4 address or IPv6 412 global address. This address MUST be a valid unicast address, and 413 therefore, MUST NOT be all 1's or an unspecified address. The 414 Mtrace2 Reply will be sent to this address. 416 Query ID: 16 bits 417 This field is used as a unique identifier for this Mtrace2 Query 418 so that duplicate or delayed Reply messages may be detected. 420 Client Port #: 16 bits 421 This field specifies the destination UDP port number for receiving 422 the Mtrace2 Reply packet. 424 3.2.2. Mtrace2 Request 426 The format of an Mtrace2 Request message is similar to an Mtrace2 427 Query except the Type field is 0x02. 429 When a LHR receives an Mtrace2 Query message, it would turn the Query 430 into a Request by changing the Type field of the Query from 0x01 to 431 0x02. The LHR would then append an Mtrace2 Standard Response Block 432 (see Section 3.2.4) of its own to the Request message before sending 433 it upstream. The upstream routers would do the same without changing 434 the Type field until one of them is ready to send a Reply. 436 3.2.3. Mtrace2 Reply 438 The format of an Mtrace2 Reply message is similar to an Mtrace2 Query 439 except the Type field is 0x03. 441 When a FHR or a RP receives an Mtrace2 Request message which is 442 destined to itself, it would append an Mtrace2 Standard Response 443 Block (see Section 3.2.4) of its own to the Request message. Next, 444 it would turn the Request message into a Reply by changing the Type 445 field of the Request from 0x02 to 0x03. The Reply message would then 446 be unicasted to the Mtrace2 client specified in the Mtrace2 Client 447 Address field. 449 There are a number of cases an intermediate router might return a 450 Reply before a Request reaches the FHR or the RP. See Section 4.1.1, 451 Section 4.2.2, Section 4.3.3, and Section 4.5 for more details. 453 3.2.4. IPv4 Mtrace2 Standard Response Block 455 This section describes the message format of an IPv4 Mtrace2 Standard 456 Response Block. The Type field is 0x04. 458 0 1 2 3 459 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 460 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 461 | Type | Length | MBZ | 462 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 463 | Query Arrival Time | 464 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 465 | Incoming Interface Address | 466 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 467 | Outgoing Interface Address | 468 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 469 | Upstream Router Address | 470 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 471 | | 472 . Input packet count on incoming interface . 473 | | 474 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 475 | | 476 . Output packet count on outgoing interface . 477 | | 478 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 479 | | 480 . Total number of packets for this source-group pair . 481 | | 482 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 483 | Rtg Protocol | Multicast Rtg Protocol | 484 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 485 | Fwd TTL | MBZ |S| Src Mask |Forwarding Code| 486 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 488 MBZ: 8 bits 489 This field must be zeroed on transmission and ignored on 490 reception. 492 Query Arrival Time: 32 bits 493 The Query Arrival Time is a 32-bit NTP timestamp specifying the 494 arrival time of the Mtrace2 Query or Request packet at this 495 router. The 32-bit form of an NTP timestamp consists of the 496 middle 32 bits of the full 64-bit form; that is, the low 16 bits 497 of the integer part and the high 16 bits of the fractional part. 499 The following formula converts from a UNIX timeval to a 32-bit NTP 500 timestamp: 502 query_arrival_time 503 = (tv.tv_sec + 32384) << 16 + ((tv.tv_usec << 10) / 15625) 505 The constant 32384 is the number of seconds from Jan 1, 1900 to 506 Jan 1, 1970 truncated to 16 bits. ((tv.tv_usec << 10) / 15625) is 507 a reduction of ((tv.tv_usec / 100000000) << 16). 509 Note that Mtrace2 does not require all the routers on the path to 510 have synchronized clocks in order to measure one-way latency. 512 Additionally, Query Arrival Time is useful for measuring the 513 packet rate. For example, suppose that a client issues two 514 queries, and the corresponding requests R1 and R2 arrive at router 515 X at time T1 and T2, then the client would be able to compute the 516 packet rate on router X by using the packet count information 517 stored in the R1 and R2, and the time T1 and T2. 519 Incoming Interface Address: 32 bits 520 This field specifies the address of the interface on which packets 521 from the source or the RP are expected to arrive, or 0 if unknown 522 or unnumbered. 524 Outgoing Interface Address: 32 bits 525 This field specifies the address of the interface on which packets 526 from the source or the RP are expected to transmit towards the 527 receiver, or 0 if unknown or unnumbered. This is also the address 528 of the interface on which the Mtrace2 Query or Request arrives. 530 Upstream Router Address: 32 bits 531 This field specifies the address of the upstream router from which 532 this router expects packets from this source. This may be a 533 multicast group (e.g. ALL-[protocol]-ROUTERS.MCAST.NET) if the 534 upstream router is not known because of the workings of the 535 multicast routing protocol. However, it should be 0 if the 536 incoming interface address is unknown or unnumbered. 538 Input packet count on incoming interface: 64 bits 539 This field contains the number of multicast packets received for 540 all groups and sources on the incoming interface, or all 1's if no 541 count can be reported. This counter may have the same value as 542 ifHCInMulticastPkts from the IF-MIB [10] for this interface. 544 Output packet count on outgoing interface: 64 bit 545 This field contains the number of multicast packets that have been 546 transmitted or queued for transmission for all groups and sources 547 on the outgoing interface, or all 1's if no count can be reported. 548 This counter may have the same value as ifHCOutMulticastPkts from 549 the IF-MIB [10] for this interface. 551 Total number of packets for this source-group pair: 64 bits 552 This field counts the number of packets from the specified source 553 forwarded by the router to the specified group, or all 1's if no 554 count can be reported. If the S bit is set (see below), the count 555 is for the source network, as specified by the Src Mask field (see 556 below). If the S bit is set and the Src Mask field is 127, 557 indicating no source-specific state, the count is for all sources 558 sending to this group. This counter should have the same value as 559 ipMcastRoutePkts from the IPMROUTE-STD-MIB [11] for this 560 forwarding entry. 562 Rtg Protocol: 16 bits 563 This field describes the unicast routing protocol running between 564 this router and the upstream router, and it is used to determine 565 the RPF interface for the specified source or RP. This value 566 should have the same value as ipMcastRouteRtProtocol from the 567 IPMROUTE-STD-MIB [11] for this entry. If the router is not able 568 to obtain this value, all 0's must be specified. 570 Multicast Rtg Protocol: 16 bits 571 This field describes the multicast routing protocol in use between 572 the router and the upstream router. This value should have the 573 same value as ipMcastRouteProtocol from the IPMROUTE-STD-MIB [11] 574 for this entry. If the router cannot obtain this value, all 0's 575 must be specified. 577 Fwd TTL: 8 bits 578 This field contains the configured multicast TTL threshold, if 579 any, of the outgoing interface. 581 S: 1 bit 582 If this bit is set, it indicates that the packet count for the 583 source-group pair is for the source network, as determined by 584 masking the source address with the Src Mask field. 586 Src Mask: 7 bits 587 This field contains the number of 1's in the netmask the router 588 has for the source (i.e. a value of 24 means the netmask is 589 0xffffff00). If the router is forwarding solely on group state, 590 this field is set to 127 (0x7f). 592 Forwarding Code: 8 bits 593 This field contains a forwarding information/error code. 594 Section 4.1 and Section 4.2 will explain how and when the 595 Forwarding Code is filled. Defined values are as follows: 597 Value Name Description 598 ----- -------------- ---------------------------------------------- 599 0x00 NO_ERROR No error 600 0x01 WRONG_IF Mtrace2 Request arrived on an interface 601 to which this router would not forward for 602 the specified group towards the source or RP. 603 0x02 PRUNE_SENT This router has sent a prune upstream which 604 applies to the source and group in the 605 Mtrace2 Request. 606 0x03 PRUNE_RCVD This router has stopped forwarding for this 607 source and group in response to a request 608 from the downstream router. 609 0x04 SCOPED The group is subject to administrative 610 scoping at this router. 611 0x05 NO_ROUTE This router has no route for the source or 612 group and no way to determine a potential 613 route. 614 0x06 WRONG_LAST_HOP This router is not the proper LHR. 615 0x07 NOT_FORWARDING This router is not forwarding this source and 616 group out the outgoing interface for an 617 unspecified reason. 618 0x08 REACHED_RP Reached the Rendezvous Point. 619 0x09 RPF_IF Mtrace2 Request arrived on the expected 620 RPF interface for this source and group. 621 0x0A NO_MULTICAST Mtrace2 Request arrived on an interface 622 which is not enabled for multicast. 623 0x0B INFO_HIDDEN One or more hops have been hidden from this 624 trace. 625 0x0C REACHED_GW Mtrace2 Request arrived on a gateway (e.g., 626 a NAT or firewall) that hides the 627 information between this router and the 628 Mtrace2 client. 629 0x0D UNKNOWN_QUERY A non-transitive Extended Query Type was 630 received by a router which does not support 631 the type. 632 0x80 FATAL_ERROR A fatal error is one where the router may 633 know the upstream router but cannot forward 634 the message to it. 635 0x81 NO_SPACE There was not enough room to insert another 636 Standard Response Block in the packet. 637 0x83 ADMIN_PROHIB Mtrace2 is administratively prohibited. 639 3.2.5. IPv6 Mtrace2 Standard Response Block 641 This section describes the message format of an IPv6 Mtrace2 Standard 642 Response Block. The Type field is also 0x04. 644 0 1 2 3 645 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 646 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 647 | Type | Length | MBZ | 648 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 649 | Query Arrival Time | 650 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 651 | Incoming Interface ID | 652 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 653 | Outgoing Interface ID | 654 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 655 | | 656 * Local Address * 657 | | 658 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 659 | | 660 * Remote Address * 661 | | 662 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 663 | | 664 . Input packet count on incoming interface . 665 | | 666 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 667 | | 668 . Output packet count on outgoing interface . 669 | | 670 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 671 | | 672 . Total number of packets for this source-group pair . 673 | | 674 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 675 | Rtg Protocol | Multicast Rtg Protocol | 676 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 677 | MBZ 2 |S|Src Prefix Len |Forwarding Code| 678 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 680 MBZ: 8 bits 681 This field must be zeroed on transmission and ignored on 682 reception. 684 Query Arrival Time: 32 bits 685 Same definition as in IPv4. 687 Incoming Interface ID: 32 bits 688 This field specifies the interface ID on which packets from the 689 source or RP are expected to arrive, or 0 if unknown. This ID 690 should be the value taken from InterfaceIndex of the IF-MIB [10] 691 for this interface. 693 Outgoing Interface ID: 32 bits 694 This field specifies the interface ID to which packets from the 695 source or RP are expected to transmit, or 0 if unknown. This ID 696 should be the value taken from InterfaceIndex of the IF-MIB [10] 697 for this interface 699 Local Address: 128 bits 700 This field specifies a global IPv6 address that uniquely 701 identifies the router. An unique local unicast address [9] SHOULD 702 NOT be used unless the router is only assigned link-local and 703 unique local addresses. If the router is only assigned link-local 704 addresses, its link-local address can be specified in this field. 706 Remote Address: 128 bits 707 This field specifies the address of the upstream router, which, in 708 most cases, is a link-local unicast address for the upstream 709 router. 711 Although a link-local address does not have enough information to 712 identify a node, it is possible to detect the upstream router with 713 the assistance of Incoming Interface ID and the current router 714 address (i.e., Local Address). 716 Note that this may be a multicast group (e.g., ALL-[protocol]- 717 ROUTERS.MCAST.NET) if the upstream router is not known because of 718 the workings of a multicast routing protocol. However, it should 719 be the unspecified address (::) if the incoming interface address 720 is unknown. 722 Input packet count on incoming interface: 64 bits 723 Same definition as in IPv4. 725 Output packet count on outgoing interface: 64 bits 726 Same definition as in IPv4. 728 Total number of packets for this source-group pair: 64 bits 729 Same definition as in IPv4, except if the S bit is set (see 730 below), the count is for the source network, as specified by the 731 Src Prefix Len field. If the S bit is set and the Src Prefix Len 732 field is 255, indicating no source-specific state, the count is 733 for all sources sending to this group. This counter should have 734 the same value as ipMcastRoutePkts from the IPMROUTE-STD-MIB [11] 735 for this forwarding entry. 737 Rtg Protocol: 16 bits 738 Same definition as in IPv4. 740 Multicast Rtg Protocol: 16 bits 741 Same definition as in IPv4. 743 MBZ 2: 15 bits 744 This field must be zeroed on transmission and ignored on 745 reception. 747 S: 1 bit 748 Same definition as in IPv4, except the Src Prefix Len field is 749 used to mask the source address. 751 Src Prefix Len: 8 bits 752 This field contains the prefix length this router has for the 753 source. If the router is forwarding solely on group state, this 754 field is set to 255 (0xff). 756 Forwarding Code: 8 bits 757 Same definition as in IPv4. 759 3.2.6. Mtrace2 Augmented Response Block 761 In addition to the Standard Response Block, a multicast router on the 762 traced path can optionally add one or multiple Augmented Response 763 Blocks before sending the Request to its upstream router. 765 The Augmented Response Block is flexible for various purposes such as 766 providing diagnosis information (see Section 7) and protocol 767 verification. Its Type field is 0x05, and its format is as follows: 769 0 1 2 3 770 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 771 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 772 | Type | Length | MBZ | 773 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 774 | Augmented Response Type | Value .... | 775 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 777 MBZ: 8 bits 778 This field must be zeroed on transmission and ignored on 779 reception. 781 Augmented Response Type: 16 bits 782 This field specifies the type of various responses from a 783 multicast router that might need to communicate back to the 784 Mtrace2 client as well as the multicast routers on the traced 785 path. 787 The Augmented Response Type is defined as follows: 789 Code Type 790 ==== =============================================== 791 0x01 # of the returned Standard Response Blocks 793 When the NO_SPACE error occurs on a router, the router should send 794 the original Mtrace2 Request received from the downstream router 795 as a Reply back to the Mtrace2 client, and continue with a new 796 Mtrace2 Request. In the new Request, the router would add a 797 Standard Response Block followed by an Augmented Response Block 798 with 0x01 as the Augmented Response Type, and the number of the 799 returned Mtrace2 Standard Response Blocks as the Value. 801 Each upstream router would recognize the total number of hops the 802 Request has been traced so far by adding this number and the 803 number of the Standard Response Block in the current Request 804 message. 806 This document only defines one Augmented Response Type in the 807 Augmented Response Block. The description on how to provide 808 diagnosis information using the Augmented Response Block is out of 809 the scope of this document, and will be addressed in separate 810 documents. 812 Value: variable length 813 The format is based on the Augmented Response Type value. The 814 length of the value field is Length field minus 6. 816 3.2.7. Mtrace2 Extended Query Block 818 There may be a sequence of optional Extended Query Blocks that follow 819 an Mtrace2 Query to further specify any information needed for the 820 Query. For example, an Mtrace2 client might be interested in tracing 821 the path the specified source and group would take based on a certain 822 topology. In which case, the client can pass in the multi-topology 823 ID as the Value for an Extended Query Type (see below). The Extended 824 Query Type is extensible and the behavior of the new types will be 825 addressed by separate documents. 827 The Mtrace2 Extended Query Block's Type field is 0x06, and is 828 formatted as follows: 830 0 1 2 3 831 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 832 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 833 | Type | Length | MBZ |T| 834 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 835 | Extended Query Type | Value .... | 836 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 838 MBZ: 7 bits 839 This field must be zeroed on transmission and ignored on 840 reception. 842 T-bit (Transitive Attribute): 1 bit 843 If the TLV type is unrecognized by the receiving router, then this 844 TLV is either discarded or forwarded along with the Query, 845 depending on the value of this bit. If this bit is set, then the 846 router MUST forward this TLV. If this bit is clear, the router 847 MUST send an Mtrace2 Reply with an UNKNOWN_QUERY error. 849 Extended Query Type: 16 bits 850 This field specifies the type of the Extended Query Block. 852 Value: 16 bits 853 This field specifies the value of this Extended Query. 855 4. Router Behavior 857 This section describes the router behavior in the context of Mtrace2 858 in detail. 860 4.1. Receiving Mtrace2 Query 862 An Mtrace2 Query message is an Mtrace2 message with no response 863 blocks filled in, and uses TLV type of 0x01. 865 4.1.1. Query Packet Verification 867 Upon receiving an Mtrace2 Query message, a router MUST examine 868 whether the Multicast Address and the Source Address are a valid 869 combination as specified in Section 3.2.1, and whether the Mtrace2 870 Client Address is a valid IP unicast address. If either one is 871 invalid, the Query MUST be silently ignored. 873 Mtrace2 supports a non-local client to the LHR/RP. It is up to the 874 implementation to filter out such queries. 876 In the case where a local LHR client is required, the router must 877 then examine the Query to see if it is the proper LHR/RP for the 878 destination address in the packet. It is the proper local LHR if it 879 has a multicast-capable interface on the same subnet as the Mtrace2 880 Client Address and is the router that would forward traffic from the 881 given (S,G) or (*,G) onto that subnet. It is the proper RP if the 882 multicast group address specified in the query is 0 and if the IP 883 header destination address is a valid RP address on this router. 885 If the router determines that it is not the proper LHR/RP, or it 886 cannot make that determination, it does one of two things depending 887 on whether the Query was received via multicast or unicast. If the 888 Query was received via multicast, then it MUST be silently discarded. 889 If it was received via unicast, the router turns the Query into a 890 Reply message by changing the TLV type to 0x03 and appending a 891 Standard Response Block with a Forwarding Code of WRONG_LAST_HOP. 892 The rest of the fields in the Standard Response Block MUST be zeroed. 893 The router then sends the Reply message to the Mtrace2 Client Address 894 on the Client Port # as specified in the Mtrace2 Query. 896 Duplicate Query messages as identified by the tuple (Mtrace2 Client 897 Address, Query ID) SHOULD be ignored. This MAY be implemented using 898 a cache of previously processed queries keyed by the Mtrace2 Client 899 Address and Query ID pair. The duration of the cached entries is 900 implementation specific. Duplicate Request messages MUST NOT be 901 ignored in this manner. 903 4.1.2. Query Normal Processing 905 When a router receives an Mtrace2 Query and it determines that it is 906 the proper LHR, it turns the Query to a Request by changing the TLV 907 type from 0x01 to 0x02, and performs the steps listed in Section 4.2. 909 4.2. Receiving Mtrace2 Request 911 An Mtrace2 Request is an Mtrace2 message that uses TLV type of 0x02. 912 With the exception of the LHR, whose Request was just converted from 913 a Query, each Request received by a router should have at least one 914 Standard Response Block filled in. 916 4.2.1. Request Packet Verification 918 If the Mtrace2 Request does not come from an adjacent router, or if 919 the Request is not addressed to this router, or if the Request is 920 addressed to a multicast group which is not a link-scoped group (i.e. 921 224/24 for IPv4, FFx2::/16 [3] for IPv6), it MUST be silently 922 ignored. GTSM [12] SHOULD be used by the router to determine whether 923 the router is adjacent or not. 925 If the sum of the number of the Standard Response Blocks in the 926 received Mtrace2 Request and the value of the Augmented Response Type 927 of 0x01, if any, is equal or more than the # Hops in the Mtrace2 928 Request, it MUST be silently ignored. 930 4.2.2. Request Normal Processing 932 When a router receives an Mtrace2 Request message, it performs the 933 following steps. Note that it is possible to have multiple 934 situations covered by the Forwarding Codes. The first one 935 encountered is the one that is reported, i.e. all "note Forwarding 936 Code N" should be interpreted as "if Forwarding Code is not already 937 set, set Forwarding Code to N". 939 1. Prepare a Standard Response Block to be appended to the packet 940 and fill in the Query Arrival Time, Outgoing Interface Address 941 (for IPv4) or Outgoing Interface ID (for IPv6), Output Packet 942 Count, and Fwd TTL (for IPv4). Note that the Outgoing Interface 943 is the one on which the Mtrace2 Request message arrives. 945 2. Attempt to determine the forwarding information for the 946 specified source and group, using the same mechanisms as would 947 be used when a packet is received from the source destined for 948 the group. A state need not be instantiated, it can be a 949 "phantom" state created only for the purpose of the trace, such 950 as "dry-run." 952 If using a shared-tree protocol and there is no source-specific 953 state, or if no source-specific information is desired (i.e., 954 all 1's for IPv4 or unspecified address (::) for IPv6), group 955 state should be used. If there is no group state or no group- 956 specific information is desired, potential source state (i.e., 957 the path that would be followed for a source-specific Join) 958 should be used. 960 3. If no forwarding information can be determined, the router notes 961 a Forwarding Code of NO_ROUTE, sets the remaining fields that 962 have not yet been filled in to zero, and then sends an Mtrace2 963 Reply back to the Mtrace2 client. 965 4. Fill in the Incoming Interface Address (or Incoming Interface ID 966 and Local Address for IPv6), Upstream Router Address (or Remote 967 Address for IPv6), Input Packet Count, Total Number of Packets, 968 Routing Protocol, S, and Src Mask (or Src Prefix Len for IPv6) 969 using the forwarding information determined by the step 2. 971 5. If Mtrace2 is administratively prohibited, note the Forwarding 972 Code of ADMIN_PROHIB. If Mtrace2 is administratively prohibited 973 and any of the fields as filled in the step 4 are considered 974 private information, zero out the applicable fields. 976 6. If the Outgoing interface is not enabled for multicast, note 977 Forwarding Code of NO_MULTICAST. If the Outgoing interface is 978 the interface from which the router would expect data to arrive 979 from the source, note forwarding code RPF_IF. If the Outgoing 980 interface is not one to which the router would forward data from 981 the source or RP to the group, a Forwarding code of WRONG_IF is 982 noted. In the above three cases, the router will return an 983 Mtrace2 Reply and terminate the trace. 985 7. If the group is subject to administrative scoping on either the 986 Outgoing or Incoming interfaces, a Forwarding Code of SCOPED is 987 noted. 989 8. If this router is the RP for the group for a non-source-specific 990 query, note a Forwarding Code of REACHED_RP. The router will 991 send an Mtrace2 Reply and terminate the trace. 993 9. If this router is directly connected to the specified source or 994 source network on the Incoming interface, it sets the Upstream 995 Router Address (for IPv4) or the Remote Address (for IPv6) of 996 the response block to zero. The router will send an Mtrace2 997 Reply and terminate the trace. 999 10. If this router has sent a prune upstream which applies to the 1000 source and group in the Mtrace2 Request, it notes Forwarding 1001 Code of PRUNE_SENT. If the router has stopped forwarding 1002 downstream in response to a prune sent by the downstream router, 1003 it notes Forwarding Code of PRUNE_RCVD. If the router should 1004 normally forward traffic downstream for this source and group 1005 but is not, it notes Forwarding Code of NOT_FORWARDING. 1007 11. If this router is a gateway (e.g., a NAT or firewall) that hides 1008 the information between this router and the Mtrace2 client, it 1009 notes Forwarding Code of REACHED_GW. The router continues the 1010 processing as described in Section 4.5. 1012 12. If the total number of the Standard Response Blocks, including 1013 the newly prepared one, and the value of the Augmented Response 1014 Type of 0x01, if any, is less than the # Hops in the Request, 1015 the packet is then forwarded to the upstream router as described 1016 in Section 4.3; otherwise, the packet is sent as an Mtrace2 1017 Reply to the Mtrace2 client as described in Section 4.4. 1019 4.3. Forwarding Mtrace2 Request 1021 This section describes how an Mtrace2 Request should be forwarded. 1023 4.3.1. Destination Address 1025 If the upstream router for the Mtrace2 Request is known for this 1026 request, the Mtrace2 Request is sent to that router. If the Incoming 1027 interface is known but the upstream router is not, the Mtrace2 1028 Request is sent to an appropriate multicast address on the Incoming 1029 interface. The multicast address SHOULD depend on the multicast 1030 routing protocol in use, such as ALL-[protocol]-ROUTERS.MCAST.NET. 1031 It MUST be a link-scoped group (i.e. 224/24 for IPv4, FF02::/16 for 1032 IPv6), and MUST NOT be ALL-SYSTEMS.MCAST.NET (224.0.0.1) for IPv4 and 1033 All Nodes Address (FF02::1) for IPv6. It MAY also be ALL- 1034 ROUTERS.MCAST.NET (224.0.0.2) for IPv4 or All Routers Address 1035 (FF02::2) for IPv6 if the routing protocol in use does not define a 1036 more appropriate multicast address. 1038 4.3.2. Source Address 1040 An Mtrace2 Request should be sent with the address of the Incoming 1041 interface. However, if the Incoming interface is unnumbered, the 1042 router can use one of its numbered interface address as the source 1043 address. 1045 4.3.3. Appending Standard Response Block 1047 An Mtrace2 Request MUST be sent upstream towards the source or the RP 1048 after appending a Standard Response Block to the end of the received 1049 Mtrace2 Request. The Standard Response Block includes the multicast 1050 states and statistics information of the router described in 1051 Section 3.2.4. 1053 If appending the Standard Response Block would make the Mtrace2 1054 Request packet longer than the MTU of the Incoming Interface, or, in 1055 the case of IPv6, longer than 1280 bytes, the router MUST change the 1056 Forwarding Code in the last Standard Response Block of the received 1057 Mtrace2 Request into NO_SPACE. The router then turns the Request 1058 into a Reply, and sends the Reply as described in Section 4.4. 1060 The router will continue with a new Request by copying from the old 1061 Request excluding all the response blocks, followed by the previously 1062 prepared Standard Response Block, and an Augmented Response Block 1063 with Augmented Response Type of 0x01 and the number of the returned 1064 Standard Response Blocks as the value. The new Request is then 1065 forwarded upstream. 1067 4.4. Sending Mtrace2 Reply 1069 An Mtrace2 Reply MUST be returned to the client by a router if the 1070 total number of the traced routers is equal to the # Hops in the 1071 Request. The total number of the traced routers is the sum of the 1072 Standard Response Blocks in the Request (including the one just 1073 added) and the number of the returned blocks, if any. 1075 4.4.1. Destination Address 1077 An Mtrace2 Reply MUST be sent to the address specified in the Mtrace2 1078 Client Address field in the Mtrace2 Request. 1080 4.4.2. Source Address 1082 An Mtrace2 Reply SHOULD be sent with the address of the router's 1083 Outgoing interface. However, if the Outgoing interface address is 1084 unnumbered, the router can use one of its numbered interface address 1085 as the source address. 1087 4.4.3. Appending Standard Response Block 1089 An Mtrace2 Reply MUST be sent with the prepared Standard Response 1090 Block appended at the end of the received Mtrace2 Request except in 1091 the case of NO_SPACE forwarding code. 1093 4.5. Proxying Mtrace2 Query 1095 When a gateway (e.g., a NAT or firewall), which needs to block 1096 unicast packets to the Mtrace2 client, or hide information between 1097 the gateway and the Mtrace2 client, receives an Mtrace2 Query from an 1098 adjacent host or Mtrace2 Request from an adjacent router, it appends 1099 a Standard Response Block with REACHED_GW as the Forwarding Code, and 1100 turns the Query or Request as a Reply, and sends the Reply back to 1101 the client. 1103 At the same time, the gateway originates a new Mtrace2 Query message 1104 by copying the original Mtrace2 header (the Query or Request without 1105 any of the response blocks), and makes the changes as follows: 1107 o sets the RPF interface's address as the Mtrace2 Client Address; 1109 o uses its own port number as the Client Port #; and, 1111 o decreases # Hops by the number of the Standard Response Block that 1112 was just returned as a Reply. 1114 The new Mtrace2 Query message is then sent to the upstream router or 1115 to an appropriate multicast address on the RPF interface. 1117 When the gateway receives an Mtrace2 Reply whose Query ID matches the 1118 one in the original Mtrace2 header, it MUST relay the Mtrace2 Reply 1119 back to the Mtrace2 client by replacing the Reply's header with the 1120 original Mtrace2 header. If the gateway does not receive the 1121 corresponding Mtrace2 Reply within the [Mtrace Reply Timeout] period 1122 (see Section 5.8.4), then it silently discards the original Mtrace2 1123 Query or Request message, and terminates the trace. 1125 4.6. Hiding Information 1127 Information about a domain's topology and connectivity may be hidden 1128 from the Mtrace2 Requests. The Forwarding Code of INFO_HIDDEN may be 1129 used to note that. For example, the incoming interface address and 1130 packet count on the ingress router of a domain, and the outgoing 1131 interface address and packet count on the egress router of the domain 1132 can be specified as all 1's. Additionally, the source-group packet 1133 count (see Section 3.2.4 and Section 3.2.5) within the domain may be 1134 all 1's if it is hidden. 1136 5. Client Behavior 1138 This section describes the behavior of an Mtrace2 client in detail. 1140 5.1. Sending Mtrace2 Query 1142 An Mtrace2 client initiates an Mtrace2 Query by sending the Query to 1143 the LHR of interest. 1145 5.1.1. Destination Address 1147 If an Mtrace2 client knows the proper LHR, it unicasts an Mtrace2 1148 Query packet to that router; otherwise, it MAY send the Mtrace2 Query 1149 packet to the ALL-ROUTERS.MCAST.NET (224.0.0.2) for IPv4 or All 1150 Routers Address (FF02::2) for IPv6. This will ensure that the packet 1151 is received by the LHR on the subnet. 1153 See also Section 5.4 on determining the LHR. 1155 5.1.2. Source Address 1157 An Mtrace2 Query MUST be sent with the client's interface address, 1158 which would be the Mtrace2 Client Address. 1160 5.2. Determining the Path 1162 An Mtrace2 client could send an initial Query messages with a large # 1163 Hops, in order to try to trace the full path. If this attempt fails, 1164 one strategy is to perform a linear search (as the traditional 1165 unicast traceroute program does); set the # Hops field to 1 and try 1166 to get a Reply, then 2, and so on. If no Reply is received at a 1167 certain hop, the hop count can continue past the non-responding hop, 1168 in the hopes that further hops may respond. These attempts should 1169 continue until the [Mtrace Reply Timeout] timeout has occurred. 1171 See also Section 5.6 on receiving the results of a trace. 1173 5.3. Collecting Statistics 1175 After a client has determined that it has traced the whole path or as 1176 much as it can expect to (see Section 5.8), it might collect 1177 statistics by waiting a short time and performing a second trace. If 1178 the path is the same in the two traces, statistics can be displayed 1179 as described in Section 7.3 and Section 7.4. 1181 5.4. Last Hop Router (LHR) 1183 The Mtrace2 client may not know which is the last-hop router, or that 1184 router may be behind a firewall that blocks unicast packets but 1185 passes multicast packets. In these cases, the Mtrace2 Request should 1186 be multicasted to ALL-ROUTERS.MCAST.NET (224.0.0.2) for IPv4 or All 1187 Routers Address (FF02::2) for IPv6. All routers except the correct 1188 last-hop router SHOULD ignore any Mtrace2 Request received via 1189 multicast. 1191 5.5. First Hop Router (FHR) 1193 The IANA assigned 224.0.1.32, MTRACE.MCAST.NET as the default 1194 multicast group for old IPv4 mtrace (v1) responses, in order to 1195 support mtrace clients that are not unicast reachable from the first- 1196 hop router. Mtrace2, however, does not require any IPv4/IPv6 1197 multicast addresses for the Mtrace2 Replies. Every Mtrace2 Reply is 1198 sent to the unicast address specified in the Mtrace2 Client Address 1199 field of the Mtrace2 Reply. 1201 5.6. Broken Intermediate Router 1203 A broken intermediate router might simply not understand Mtrace2 1204 packets, and drop them. The Mtrace2 client will get no Reply at all 1205 as a result. It should then perform a hop-by-hop search by setting 1206 the # Hops field until it gets an Mtrace2 Reply. The client may use 1207 linear or binary search; however, the latter is likely to be slower 1208 because a failure requires waiting for the [Mtrace Reply Timeout] 1209 period. 1211 5.7. Non-Supported Router 1213 When a non-supported router receives an Mtrace2 Query or Request 1214 message whose destination address is a multicast address, the router 1215 will silently discard the message. 1217 When the router receives an Mtrace2 Query which is destined to 1218 itself, the router would return an ICMP port unreachable to the 1219 Mtrace2 client. On the other hand, when the router receives an 1220 Mtrace2 Request which is destined to itself, the router would return 1221 an ICMP port unreachable to its adjacent router from which the 1222 Request receives. Therefore, the Mtrace2 client needs to terminate 1223 the trace when the [Mtrace Reply Timeout] timeout has occurred, and 1224 may then issue another Query with a lower number of # Hops. 1226 5.8. Mtrace2 Termination 1228 When performing an expanding hop-by-hop trace, it is necessary to 1229 determine when to stop expanding. 1231 5.8.1. Arriving at Source 1233 A trace can be determined to have arrived at the source if the 1234 Incoming Interface of the last router in the trace is non-zero, but 1235 the Upstream Router is zero. 1237 5.8.2. Fatal Error 1239 A trace has encountered a fatal error if the last Forwarding Error in 1240 the trace has the 0x80 bit set. 1242 5.8.3. No Upstream Router 1244 A trace can not continue if the last Upstream Router in the trace is 1245 set to 0. 1247 5.8.4. Reply Timeout 1249 This document defines the [Mtrace Reply Timeout] value, which is used 1250 to time out an Mtrace2 Reply as seen in Section 4.5, Section 5.2, and 1251 Section 5.7. The default [Mtrace Reply Timeout] value is 10 1252 (seconds), and can be manually changed on the Mtrace2 client and 1253 routers. 1255 5.9. Continuing after an Error 1257 When the NO_SPACE error occurs, as described in Section 4.2, a router 1258 will send back an Mtrace2 Reply to the Mtrace2 client, and continue 1259 with a new Request (see Section 4.3.3). In which case, the Mtrace2 1260 client may receive multiple Mtrace2 Replies from different routers 1261 along the path. When this happens, the client MUST treat them as a 1262 single Mtrace2 Reply message. 1264 If a trace times out, it is very likely that a router in the middle 1265 of the path does not support Mtrace2. That router's address will be 1266 in the Upstream Router field of the last Standard Response Block in 1267 the last received Reply. A client may be able to determine (via 1268 mrinfo or SNMP [9][11]) a list of neighbors of the non-responding 1269 router. If desired, each of those neighbors could be probed to 1270 determine the remainder of the path. Unfortunately, this heuristic 1271 may end up with multiple paths, since there is no way of knowing what 1272 the non-responding router's algorithm for choosing an upstream router 1273 is. However, if all paths but one flow back towards the non- 1274 responding router, it is possible to be sure that this is the correct 1275 path. 1277 6. Protocol-Specific Considerations 1279 This section describes the Mtrace2 behavior with the present of 1280 different multicast protocols. 1282 6.1. PIM-SM 1284 When an Mtrace2 reaches a PIM-SM RP, and the RP does not forward the 1285 trace on, it means that the RP has not performed a source-specific 1286 join so there is no more state to trace. However, the path that 1287 traffic would use if the RP did perform a source-specific join can be 1288 traced by setting the trace destination to the RP, the trace source 1289 to the traffic source, and the trace group to 0. This Mtrace2 Query 1290 may be unicasted to the RP, and the RP takes the same actions as an 1291 LHR. 1293 6.2. Bi-Directional PIM 1295 Bi-directional PIM [6] is a variant of PIM-SM that builds bi- 1296 directional shared trees connecting multicast sources and receivers. 1297 Along the bi-directional shared trees, multicast data is natively 1298 forwarded from the sources to the Rendezvous Point Link (RPL), and 1299 from which, to receivers without requiring source-specific state. In 1300 contrast to PIM-SM, Bi-directional PIM always has the state to trace. 1302 A Designated Forwarder (DF) for a given Rendezvous Point Address 1303 (RPA) is in charge of forwarding downstream traffic onto its link, 1304 and forwarding upstream traffic from its link towards the RPL that 1305 the RPA belongs to. Hence Mtrace2 Reply reports DF addresses or RPA 1306 along the path. 1308 6.3. PIM-DM 1310 Routers running PIM Dense Mode [13] do not know the path packets 1311 would take unless traffic is flowing. Without some extra protocol 1312 mechanism, this means that in an environment with multiple possible 1313 paths with branch points on shared media, Mtrace2 can only trace 1314 existing paths, not potential paths. When there are multiple 1315 possible paths but the branch points are not on shared media, the 1316 upstream router is known, but the LHR may not know that it is the 1317 appropriate last hop. 1319 When traffic is flowing, PIM Dense Mode routers know whether or not 1320 they are the LHR for the link (because they won or lost an Assert 1321 battle) and know who the upstream router is (because it won an Assert 1322 battle). Therefore, Mtrace2 is always able to follow the proper path 1323 when traffic is flowing. 1325 6.4. IGMP/MLD Proxy 1327 When an IGMP/MLD Proxy [7] receives an Mtrace2 Query packet on an 1328 incoming interface, it notes a WRONG_IF in the Forwarding Code of the 1329 last Standard Response Block (see Section 3.2.4), and sends the 1330 Mtrace2 Reply back to the Mtrace2 client. On the other hand, when an 1331 Mtrace2 Query packet reaches an outgoing interface of the IGMP/MLD 1332 proxy, it is forwarded onto its incoming interface towards the 1333 upstream router. 1335 7. Problem Diagnosis 1337 This section describes different scenarios Mtrace2 can be used to 1338 diagnose the multicast problems. 1340 7.1. Forwarding Inconsistencies 1342 The Forwarding Error code can tell if a group is unexpectedly pruned 1343 or administratively scoped. 1345 7.2. TTL or Hop Limit Problems 1347 By taking the maximum of hops from the source and forwarding TTL 1348 threshold over all hops, it is possible to discover the TTL or hop 1349 limit required for the source to reach the destination. 1351 7.3. Packet Loss 1353 By taking two traces, it is possible to find packet loss information 1354 by comparing the difference in input packet counts to the difference 1355 in output packet counts for the specified source-group address pair 1356 at the previous hop. On a point-to-point link, any difference in 1357 these numbers implies packet loss. Since the packet counts may be 1358 changing as the Mtrace2 Request is propagating, there may be small 1359 errors (off by 1 or 2 or more) in these statistics. However, these 1360 errors will not accumulate if multiple traces are taken to expand the 1361 measurement period. On a shared link, the count of input packets can 1362 be larger than the number of output packets at the previous hop, due 1363 to other routers or hosts on the link injecting packets. This 1364 appears as "negative loss" which may mask real packet loss. 1366 In addition to the counts of input and output packets for all 1367 multicast traffic on the interfaces, the Standard Response Block 1368 includes a count of the packets forwarded by a node for the specified 1369 source-group pair. Taking the difference in this count between two 1370 traces and then comparing those differences between two hops gives a 1371 measure of packet loss just for traffic from the specified source to 1372 the specified receiver via the specified group. This measure is not 1373 affected by shared links. 1375 On a point-to-point link that is a multicast tunnel, packet loss is 1376 usually due to congestion in unicast routers along the path of that 1377 tunnel. On native multicast links, loss is more likely in the output 1378 queue of one hop, perhaps due to priority dropping, or in the input 1379 queue at the next hop. The counters in the Standard Response Block 1380 do not allow these cases to be distinguished. Differences in packet 1381 counts between the incoming and outgoing interfaces on one node 1382 cannot generally be used to measure queue overflow in the node. 1384 7.4. Link Utilization 1386 Again, with two traces, you can divide the difference in the input or 1387 output packet counts at some hop by the difference in time stamps 1388 from the same hop to obtain the packet rate over the link. If the 1389 average packet size is known, then the link utilization can also be 1390 estimated to see whether packet loss may be due to the rate limit or 1391 the physical capacity on a particular link being exceeded. 1393 7.5. Time Delay 1395 If the routers have synchronized clocks, it is possible to estimate 1396 propagation and queuing delay from the differences between the 1397 timestamps at successive hops. However, this delay includes control 1398 processing overhead, so is not necessarily indicative of the delay 1399 that data traffic would experience. 1401 8. IANA Considerations 1403 The following new assignments can only be made via a Standards Action 1404 as specified in [4]. 1406 8.1. Forwarding Codes 1408 New Forwarding Codes must only be created by an RFC that modifies 1409 this document's Section 3.2.4 and Section 3.2.5, fully describing the 1410 conditions under which the new Forwarding Code is used. The IANA may 1411 act as a central repository so that there is a single place to look 1412 up Forwarding Codes and the document in which they are defined. 1414 8.2. UDP Destination Port 1416 The IANA should allocate UDP destination port for Mtrace2 upon 1417 publication of the first RFC. 1419 9. Security Considerations 1421 This section addresses some of the security considerations related to 1422 Mtrace2. 1424 9.1. Addresses in Mtrace2 Header 1426 An Mtrace2 header includes three addresses, source address, multicast 1427 address, and Mtrace2 client address. These addresses MUST be 1428 congruent with the definition defined in Section 3.2.1 and forwarding 1429 Mtrace2 messages having invalid addresses MUST be prohibited. For 1430 instance, if Mtrace2 Client Address specified in an Mtrace2 header is 1431 a multicast address, then a router that receives the Mtrace2 message 1432 MUST silently discard it. 1434 9.2. Topology Discovery 1436 Mtrace2 can be used to discover any actively-used topology. If your 1437 network topology is a secret, Mtrace2 may be restricted at the border 1438 of your domain, using the ADMIN_PROHIB forwarding code. 1440 9.3. Characteristics of Multicast Channel 1442 Mtrace2 can be used to discover what sources are sending to what 1443 groups and at what rates. If this information is a secret, Mtrace2 1444 may be restricted at the border of your domain, using the 1445 ADMIN_PROHIB forwarding code. 1447 9.4. Limiting Query/Request Rates 1449 A router may limit Mtrace2 Queries and Requests by ignoring some of 1450 the consecutive messages. The router MAY randomly ignore the 1451 received messages to minimize the processing overhead, i.e., to keep 1452 fairness in processing queries, or prevent traffic amplification. 1453 The rate limit is left to the router's implementation. 1455 9.5. Limiting Reply Rates 1457 The proxying and NO_SPACE behaviors may result in one Query returning 1458 multiple Reply messages. In order to prevent abuse, the routers in 1459 the traced path MAY need to rate-limit the Replies. The rate limit 1460 function is left to the router's implementation. 1462 10. Acknowledgements 1464 This specification started largely as a transcription of Van 1465 Jacobson's slides from the 30th IETF, and the implementation in 1466 mrouted 3.3 by Ajit Thyagarajan. Van's original slides credit Steve 1467 Casner, Steve Deering, Dino Farinacci and Deb Agrawal. The original 1468 multicast traceroute client, mtrace (version 1), has been implemented 1469 by Ajit Thyagarajan, Steve Casner and Bill Fenner. The idea of the 1470 "S" bit to allow statistics for a source subnet is due to Tom 1471 Pusateri. 1473 For the Mtrace version 2 specification, the authors would like to 1474 give special thanks to Tatsuya Jinmei, Bill Fenner, and Steve Casner. 1475 Also, extensive comments were received from David L. Black, Ronald 1476 Bonica, Yiqun Cai, Liu Hui, Bharat Joshi, Robert Kebler, Heidi Ou, 1477 Pekka Savola, Shinsuke Suzuki, Dave Thaler, Achmad Husni Thamrin, 1478 Stig Venaas, and Cao Wei. 1480 11. References 1482 11.1. Normative References 1484 [1] Bradner, S., "Key words for use in RFCs to indicate 1485 requirement levels", RFC 2119, March 1997. 1487 [2] Deering, S. and R. Hinden, "Internet Protocol, Version 6 1488 (IPv6) Specification", RFC 2460, December 1998. 1490 [3] Hinden, R. and S. Deering, "IP Version 6 Addressing 1491 Architecture", RFC 4291, February 2006. 1493 [4] Narten, T. and H. Alvestrand, "Guidelines for Writing an 1494 IANA Considerations Section in RFCs", RFC 5226, May 2008. 1496 [5] Fenner, B., Handley, M., Holbrook, H., and I. Kouvelas, 1497 "Protocol Independent Multicast - Sparse Mode (PIM-SM): 1498 Protocol Specification (Revised)", RFC 4601, August 2006. 1500 [6] Handley, M., Kouvelas, I., Speakman, T., and L. Vicisano, 1501 "Bidirectional Protocol Independent Multicast (BIDIR- 1502 PIM)", RFC 5015, October 2007. 1504 [7] Fenner, B., He, H., Haberman, B., and H. Sandick, 1505 "Internet Group Management Protocol (IGMP) / Multicast 1506 Listener Discovery (MLD)-Based Multicast Forwarding 1507 ("IGMP/MLD Proxying")", RFC 4605, August 2006. 1509 11.2. Informative References 1511 [8] Cain, B., Deering, S., Kouvelas, I., Fenner, B., and A. 1512 Thyagarajan, "Internet Group Management Protocol, Version 1513 3", RFC 3376, October 2002. 1515 [9] Draves, R. and D. Thaler, "Default Router Preferences and 1516 More-Specific Routes", RFC 4191, November 2005. 1518 [10] McCloghrie, K. and F. Kastenholz, "The Interfaces Group 1519 MIB", RFC 2863, June 2000. 1521 [11] McWalter, D., Thaler, D., and A. Kessler, "IP Multicast 1522 MIB", RFC 5132, December 2007. 1524 [12] Gill, V., Heasley, J., Meyer, D., Savola, P., and C. 1525 Pignataro, "The Generalized TTL Security Mechanism 1526 (GTSM)", RFC 5082, October 2007. 1528 [13] Adams, A., Nicholas, J., and W. Siadak, "Protocol 1529 Independent Multicast - Dense Mode (PIM-DM): Protocol 1530 Specification (Revised)", RFC 3973, January 2005. 1532 Authors' Addresses 1534 Hitoshi Asaeda 1535 National Institute of Information and Communications Technology 1536 4-2-1 Nukui-Kitamachi 1537 Koganei, Tokyo 184-8795 1538 Japan 1540 Email: asaeda@nict.go.jp 1541 Kerry Meyer 1542 Cisco Systems, Inc. 1543 510 McCarthy Blvd. 1544 Milpitas, CA 95035 1545 USA 1547 Email: kerrymey@cisco.com 1549 WeeSan Lee (editor) 1551 Email: weesan@weesan.com