Advanced Unidirectional Route Assessment (AURA)Universidad de Buenos AiresAv. Paseo Colón 850Buenos AiresC1063ACVArgentina+54 11 5285-0716ihameli@cnet.fi.uba.arhttp://cnet.fi.uba.ar/ignacio.alvarez-hamelin/AT&T Labs200 Laurel Avenue SouthMiddletownNJ07748United States of America+1 732 420 1571acm@research.att.comTU WienGusshausstrasse 25/E389Vienna1040Austria+43 1 58801 38813Joachim.Fabini@tuwien.ac.athttp://www.tc.tuwien.ac.at/about-us/staff/joachim-fabini/Cisco Systems, Inc.7200-11 Kit Creek RoadResearch Triangle ParkNC27709United States of Americacpignata@cisco.comDeutsche TelekomHeinrich Hertz Str. 3-7Darmstadt64295Germany+49 6151 5812747Ruediger.Geib@telekom.dePerformanceMetricsIPPMpathparallel pathsThis memo introduces an advanced unidirectional route assessment
(AURA) metric and associated measurement methodology based on the IP
Performance Metrics (IPPM) framework (RFC 2330). This memo updates RFC
2330 in the areas of path-related terminology and path description,
primarily to include the possibility of parallel subpaths between a
given Source and Destination pair, owing to the presence of multipath
technologies.Status of This Memo
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by
the Internet Engineering Steering Group (IESG). Further
information on Internet Standards is available in Section 2 of
RFC 7841.
Information about the current status of this document, any
errata, and how to provide feedback on it may be obtained at
.
Copyright Notice
Copyright (c) 2022 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
() in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this
document must include Revised BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Revised BSD License.
Table of Contents
. Introduction
. Issues with Earlier Work to Define a Route Metric
. Requirements Language
. Scope
. Route Metric Specifications
. Terms and Definitions
. Formal Name
. Parameters
. Metric Definitions
. Related Round-Trip Delay and Loss Definitions
. Discussion
. Reporting the Metric
. Route Assessment Methodologies
. Active Methodologies
. Temporal Composition for Route Metrics
. Routing Class Identification
. Intermediate Observation Point Route Measurement
. Hybrid Methodologies
. Combining Different Methods
. Background on Round-Trip Delay Measurement Goals
. RTD Measurements Statistics
. Security Considerations
. IANA Considerations
. References
. Normative References
. Informative References
. MPLS Methods for Route Assessment
Acknowledgements
Authors' Addresses
IntroductionThe IETF IP Performance Metrics (IPPM) Working Group first created a
framework for metric development in . This
framework has stood the test of time and enabled development of many
fundamental metrics. It has been updated in the area of metric
composition and in several areas related to
active stream measurement of modern networks with reactive properties
.The framework in motivated the development of
"performance and reliability metrics for paths through the Internet";
defines terms that support
description of a path under test. However, metrics for assessment of
paths and related performance aspects had not been attempted in IPPM
when the framework in was written.This memo takes up the Route measurement challenge and specifies a
new Route metric, two practical frameworks for methods of measurement
(using either active or hybrid active-passive methods ), and Round-Trip Delay and link
information discovery
using the results of measurements. All Route measurements are limited by
the willingness of Hosts along the path to be discovered, to cooperate
with the methods used, or to recognize that the measurement operation is
taking place (such as when tunnels are present).Issues with Earlier Work to Define a Route Metric presents a simple example of
a "Route" metric along with several other examples. The example is
reproduced below (where the reference is to ):
route:
The path, as defined in Section , from A to B at a given time.
This example provides a starting point to develop a more complete
definition of Route. Areas needing clarification include:
Time:
In practice, the Route will be assessed over a
time interval because active path detection methods like Paris-traceroute rely on Hop Limits for their
operation and cannot accomplish discovery of all Hosts using a
single packet.
Type-P:
The legacy Route definition lacks the option
to cater for packet-dependent routing. In this memo, we assess the
Route for a specific packet of Type-P and reflect this in the
metric definition. The methods of measurement determine the
specific Type-P used.
Parallel Paths:
Parallel paths are a reality of the
Internet and a strength of advanced Route assessment methods, so
the metric must acknowledge this possibility. Use of Equal-Cost
Multipath (ECMP) and Unequal-Cost Multipath (UCMP) technologies
are common sources of parallel subpaths.
Cloud Subpath:
Cloud subpaths may contain Hosts that do not
decrement the Hop Limit but may have two or more exchange links
connecting "discoverable" Hosts or routers. Parallel subpaths
contained within clouds cannot be discovered. The assessment
methods only discover Hosts or routers on the path that decrement
Hop Limit or cooperate with interrogation protocols. The presence
of tunnels and nested tunnels further complicate assessment by
hiding Hops.
Hop:
The definition of Hop in was a link-Host pair. However, only Hosts
that were discoverable and cooperated with
interrogation protocols (where link information may be exposed) provided both link and Host information.
Note that the actual definitions appear in .Requirements LanguageThe key words "MUST", "MUST NOT",
"REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT",
"RECOMMENDED", "NOT RECOMMENDED",
"MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
14 when, and only
when, they appear in all capitals, as shown here.ScopeThe purpose of this memo is to add new Route metrics and methods of
measurement to the existing set of IPPM metrics.The scope is to define Route metrics that can identify the path taken
by a packet or a flow traversing the Internet between two Hosts.
Although primarily intended for Hosts communicating on the Internet, the
definitions and metrics are constructed to be applicable to other
network domains, if desired. The methods of measurement to assess the
path may not be able to discover all Hosts comprising the path, but such
omissions are often deterministic and explainable sources of error.This memo also specifies a framework for active methods of
measurement that uses the techniques described in
as well as a framework for hybrid active-passive methods of measurement,
such as the Hybrid Type I method described in
. Methods using are intended only for single
administrative domains that provide a protocol for explicit
interrogation of Nodes on a path. Combinations of active methods and
hybrid active-passive methods are also in scope.Further, this memo provides additional analysis of the Round-Trip
Delay measurements made possible by the methods in an effort to
discover more details about the path, such as the link technology in
use.This memo updates in the areas
of path-related terminology and path description, primarily to include
the possibility of parallel subpaths between a given Source and
Destination address pair (possibly resulting from ECMP and UCMP technologies).There are several simple non-goals of this memo. There is no attempt
to assess the reverse path from any Host on the path to the Host
attempting the path measurement. The reverse path contribution to delay
will be that experienced by ICMP packets (in active methods) and may be
different from delays experienced by UDP or TCP packets. Also, the
Round-Trip Delay will include an unknown contribution of processing time
at
the Host that generates the ICMP response. Therefore, the ICMP-based
active methods are not supposed to yield accurate, reproducible
estimations of the Round-Trip Delay that UDP or TCP packets will
experience.Route Metric SpecificationsThis section sets requirements for the components of the route
metric.Terms and Definitions
Host
A Host (as defined in ) is
a computer capable of IP communication, including routers (aka an
RFC 2330 Host).
Node
A Node is any network function on the path
capable of IP-layer Communication, including RFC 2330 Hosts.
Node Identity
The Node identity is the unique address for Nodes
communicating within the network domain. For Nodes communicating
on the Internet with IP, it is the globally routable IP address
that the Node uses when communicating with other Nodes under
normal or error conditions. The Node identity revealed (and its
connection to a Node name through reverse DNS) determines whether
interfaces to parallel links can be associated with a single Node
or appear to identify unique Nodes.
Discoverable Node
Discoverable Nodes are Nodes that convey their Node
identity according to the requirements of their network domain,
such as when error conditions are detected by that Node. For Nodes
communicating with IP packets, compliance with
, when
discarding a packet due to TTL or
Hop Limit Exceeded condition, MUST result in sending the
corresponding Time Exceeded message (containing a form of Node
identity) to the source. This requirement is also consistent with
for routers.
Cooperating Node
Cooperating Nodes are Nodes that respond to direct
queries for their Node identity as part of a previously established and
agreed upon interrogation protocol. Nodes SHOULD also provide
information such as arrival/departure interface identification,
arrival timestamp, and any relevant information about the Node or
specific link that delivered the query to the Node.
Hop specification
A Hop specification MUST contain a
Node identity and MAY contain arrival and/or departure interface
identification, Round-Trip Delay, and an arrival timestamp.
Routing Class
Routing Class is a Route that treats a class of
different types of packets, designated "C" (unrelated to address
classes of the past) equally (). Knowledge of such a class allows any one of
the types of packets within that class to be used for subsequent
measurement of the Route. The designator "class C" is used for
historical reasons; see .
Formal NameThe formal name of the metric is: Type-P-Route-Ensemble-Method-Variant abbreviated as Route Ensemble.Note that Type-P depends heavily on the chosen method and
variant.ParametersThis section lists the REQUIRED input factors to define and measure
a Route metric, as specified in this memo.
Src:
the address of a Node (such as the globally routable IP
address).
Dst:
the address of a Node (such as the globally routable IP
address).
i:
the limit on the number of Hops a specific packet may visit
as it traverses from the Node at Src to the Node at Dst (such as
the TTL or Hop Limit).
MaxHops:
the maximum value of i used (i=1,2,3,...MaxHops).
T0:
a time (start of measurement interval).
Tf:
a time (end of measurement interval).
MP(address):
the Measurement Point at address, such as Src or Dst,
usually at the same Node stack layer as "address".
T:
the Node time of a packet as measured at MP(Src), meaning
Measurement Point at the Source.
Ta:
the Node time of a reply packet's arrival as measured at
MP(Src), assigned to packets that arrive within a "reasonable"
time (see parameter below).
Tmax:
a maximum waiting time for reply packets to return to the
source, set sufficiently long to disambiguate packets with long
delays from packets that are discarded (lost), such that the
distribution of Round-Trip Delay is not truncated.
F:
the number of different flows simulated by the method and
variant.
flow:
the stream of packets with the same n-tuple of designated
header fields that (when held constant) result in identical
treatment in a multipath decision (such as the decision taken in
load balancing). Note: The IPv6 flow label MAY be included in the
flow definition if the MP(Src) is a Tunnel Endpoint (TEP)
complying with the guidelines in .
Type-P:
the complete description of the packets for which this
assessment applies (including the flow-defining fields).
Metric DefinitionsThis section defines the REQUIRED measurement components of the
Route metrics (unless otherwise indicated):
M:
the total number of packets sent between T0 and Tf.
N:
the smallest value of i needed for a packet to be received at
Dst (sent between T0 and Tf).
Nmax:
the largest value of i needed for a packet to be received at
Dst (sent between T0 and Tf). Nmax may be equal to N.
Next, define a singleton for a Node on the path with
sufficient indexes to identify all Nodes identified in a measurement
interval (where singleton is part of the IPPM Framework ).
singleton:
A Hop specification, designated h(i,j), the IP address and/or
identity of Discoverable Nodes (or Cooperating Nodes) that are i Hops
away from the Node with address = Src and part of Route j during the
measurement interval T0 to Tf. As defined here, a Hop singleton
measurement MUST contain a Node identity, hid(i,j), and MAY contain
one or more of the following attributes:
a(i,j) Arrival Interface ID (e.g., when is supported)
d(i,j) Departure Interface ID (e.g., when is supported)
t(i,j) arrival timestamp, where t(i,j) is ideally supplied by
the Hop (note that t(i,j) might be approximated from the sending
time of the packet that revealed the Hop, e.g., when the
round-trip response time is available and divided by 2)
Measurements of Round-Trip Delay (for each packet that reveals
the same Node identity and flow attributes, then this attribute is
computed; see next section)
Node identities and related information can be ordered by their
distance from the Node with address Src in Hops h(i,j). Based on this,
two forms of Routes are distinguished:A Route Ensemble is defined as the combination of all Routes
traversed by different flows from the Node at Src address to the Node
at Dst address. A single Route traversed by a single flow (determined
by an unambiguous tuple of addresses Src and Dst and other identical
flow criteria) is a member of the Route Ensemble and called a Member
Route.Using h(i,j) and components and parameters further define:When considering the set of Hops in the context of a single flow, a
Member Route j is an ordered list {h(1,j), ... h(Nj, j)} where h(i-1,
j) and h(i, j) are one Hop away from each other and Nj satisfying
h(Nj,j)=Dst is the minimum count of Hops needed by the packet on
member Route j to reach Dst. Member Routes must be unique. The
uniqueness property requires that any two Member Routes, j and k, that
are part of the same Route Ensemble differ either in terms of minimum
Hop count Nj and Nk to reach the destination Dst or, in the case of
identical Hop count Nj=Nk, they have at least one distinct Hop: h(i,j)
!= h(i,k) for at least one i (i=1..Nj).All the optional information collected to describe a Member Route,
such as the arrival interface, departure interface, and Round-Trip
Delay at each Hop, turns each list item into a rich structure. There
may be information on the links between Hops, possible information on
the routing (arrival interface and departure interface), an estimate
of distance between Hops based on Round-Trip Delay measurements and
calculations, and a timestamp indicating when all these additional
details were measured.The Route Ensemble from Src to Dst, during the measurement interval
T0 to Tf, is the aggregate of all m distinct Member Routes discovered
between the two Nodes with Src and Dst addresses. More formally, with
the Node having address Src omitted:
Route Ensemble = {
{h(1,1), h(2,1), h(3,1), ... h(N1,1)=Dst},
{h(1,2), h(2,2), h(3,2),..., h(N2,2)=Dst},
...
{h(1,m), h(2,m), h(3,m), ....h(Nm,m)=Dst}
}
where the following conditions apply: i <= Nj <= Nmax
(j=1..m)Note that some h(i,j) may be empty (null) in the case that systems
do not reply (not discoverable or not cooperating).h(i-1,j) and h(i,j) are the Hops on the same Member Route one Hop
away from each other.Hop h(i,j) may be identical with h(k,l) for i!=k and j!=l, which
means there may be portions shared among different Member Routes
(parts of Member Routes may overlap).Related Round-Trip Delay and Loss DefinitionsRTD(i,j,T) is defined as a singleton of the Round-Trip Delay between the Node with address =
Src and the Node at Hop h(i,j) at time T.RTL(i,j,T) is defined as a singleton of the Round-Trip Loss between the Node with address = Src
and the Node at Hop h(i,j) at time T.DiscussionDepending on the way that the Node identity is revealed, it may be
difficult to determine parallel subpaths between the same pair of
Nodes (i.e., multiple parallel links). It is easier to detect parallel
subpaths involving different Nodes.
If a pair of discovered Nodes identify two different addresses
(IP or not), then they will appear to be different Nodes. See item
below.
If a pair of discovered Nodes identify two different IP
addresses and the IP addresses resolve to the same Node name (in
the DNS), then they will appear to be the same Node.
If a discovered Node always replies using the same network
address, regardless of the interface a packet arrives on, then
multiple parallel links cannot be detected in that network domain.
This condition may apply to traceroute-style methods but may not
apply to other hybrid methods based on In situ Operations,
Administration, and Maintenance (IOAM). For example, if the ICMP extension mechanism described in is
implemented, then
parallel links can be detected with the discovery traceroute-style
methods.
If parallel links between routers are aggregated below the IP
layer, then, from the Node's point of view, all these links share the
same pair of IP addresses. The existence of these parallel links
can't be detected at the IP layer. This applies to other network
domains with layers below them as well. This condition may apply
to traceroute-style methods but may not apply to other hybrid
methods based on IOAM.
When a Route assessment employs IP packets (for example), the
reality of flow assignment to parallel subpaths involves layers above
IP. Thus, the measured Route Ensemble is applicable to IP and higher
layers (as described in the methodology's packet of Type-P and flow
parameters).Reporting the MetricAn Information Model and an XML Data Model for Storing Traceroute
Measurements is available in . The measured
information at each Hop includes four pieces of information: a
one-dimensional Hop index, Node symbolic address, Node IP address, and
RTD for each response.The description of Hop information that may be collected according
to this memo covers more dimensions, as defined in .
For example, the Hop index is two-dimensional to capture the
complexity of a Route Ensemble, and it contains corresponding Node
identities at a minimum. The models need to be expanded to include
these features as well as Arrival Interface ID, Departure Interface
ID, and arrival timestamp, when available. The original sending
Timestamp from the Src Node anchors a particular measurement in
time.Route Assessment MethodologiesThere are two classes of methods described in this section, active
methods relying on the reaction to TTL or Hop Limit Exceeded condition
to discover Nodes on a path and hybrid active-passive methods that
involve direct interrogation of Cooperating Nodes (usually within a
single domain). Description of these methods follow.Active MethodologiesThis section describes the method employed by current open-source
tools, thereby providing a practical framework for further advanced
techniques to be included as method variants. This method is
applicable for use across multiple administrative domains.Internet routing is complex because it depends on the policies of
thousands of Autonomous Systems (ASes). Most routers perform load
balancing on flows using a form of ECMP.
describes a number of flow-based or hashed
approaches (e.g., Modulo-N Hash, Hash-Threshold, and Highest Random Weight
(HRW)) and makes some good suggestions. Flow-based ECMP avoids
increased packet Delay Variation and possibly overwhelming levels of
packet reordering in flows.A few routers still divide the workload through packet-based
techniques, such as a round-robin scheme to distribute every new
outgoing packet to multiple links, as explained in . The methods described in this
section assume flow-based ECMP.Taking into account that Internet protocol was designed under the
"end-to-end" principle, the IP payload and its header do
not provide any information about the Routes or path necessary to
reach some destination. For this reason, the popular tool, traceroute,
was developed to gather the IP addresses of each Hop along a path
using ICMP . Traceroute also
measures RTD from each Hop. However, the growing complexity of the
Internet makes it more challenging to develop an accurate traceroute
implementation. For instance, the early traceroute tools would be
inaccurate in the current network, mainly because they were not
designed to retain a flow state. However, evolved traceroute tools,
such as Paris-traceroute () and
Scamper (), expect to encounter ECMP and achieve
more accurate results when they do, where Scamper ensures traceroute
packets will follow the same path in 98% of cases ().Today's traceroute tools send Type-P of packets, which are either ICMP, UDP,
or TCP. UDP and TCP are used when a particular characteristic needs to
be verified, such as filtering or traffic shaping on specific ports
(i.e., services). UDP and TCP traceroute are also used when ICMP
responses are not received. supports IPv6
traceroute measurements, keeping the Flow Label constant in all
packets.Paris-traceroute allows its users to measure the RTD to every Node
of the path for a particular flow. Furthermore, either
Paris-traceroute or Scamper is capable of unveiling the many available
paths between a source and destination (which are visible to active
methods). This task is accomplished by repeating complete traceroute
measurements with different flow parameters for each measurement;
Paris-traceroute provides an "exhaustive" mode, while Scamper
provides "tracelb" (which stands for "traceroute load balance").
"Framework for IP Performance Metrics", updated by , has the
flexibility to require that the Round-Trip Delay measurement uses packets with the constraints
to assure that
all packets in a single measurement appear as the same flow. This
flexibility covers ICMP, UDP, and TCP. The accompanying methodology of
needs to be expanded to report the sequential
Hop identifiers along with RTD measurements, but no new metric
definition is needed.The advanced Route assessment methods used in Paris-traceroute
keep the critical fields constant for every packet
to maintain the appearance of the same flow. When considering IPv6
headers, it is necessary to ensure that the IP Source and Destination
addresses and Flow Label are constant (but note that many routers
ignore the Flow Label field at this time); see . Use of IPv6 Extension Headers may add critical
fields and SHOULD be avoided. In IPv4, certain fields of the IP
header and the first 4 bytes of the IP payload should remain
constant in a flow. In the IPv4 header, the IP Source and Destination
addresses, protocol number, and Diffserv fields identify flows. The
first 4 payload bytes include the UDP and TCP ports and the ICMP
type, code, and checksum fields.Maintaining a constant ICMP checksum in IPv4 is most challenging,
as the ICMP sequence number or identifier fields will usually change
for different probes of the same path. Probes should use arbitrary
bytes in the ICMP data field to offset changes to the sequence number and
identifier, thus keeping the checksum constant.Finally, it is also essential to Route the resulting ICMP Time
Exceeded messages along a consistent path. In IPv6, the fields above
are sufficient.
In IPv4, the ICMP Time Exceeded message will contain
the IP header and the first 8 bytes of the IP payload, both of which
affect its ICMP checksum calculation. The TCP sequence number, UDP length, and
UDP checksum will affect this value and should remain constant.Formally, to maintain the same flow in the measurements to a
particular Hop, the Type-P-Route-Ensemble-Method-Variant packets
should have the following attributes (see ):
TCP case:
For IPv4, the fields Src, Dst, port-Src, port_Dst,
sequence number, and Diffserv SHOULD be the same. For IPv6,
the fields Flow Label, Src, and Dst SHOULD be the same.
UDP case:
For IPv4, the fields Src, Dst, port-Src, port-Dst, and
Diffserv should be the same, and the UDP checksum SHOULD change to
keep the IP checksum of the ICMP Time Exceeded reply constant.
Then, the data length should be fixed, and the data field is used
to make it so (consider that ICMP checksum uses its data field,
which contains the original IP header plus 8 bytes of UDP, where
TTL, IP identification, IP checksum, and UDP checksum changes).
For IPv6, the field Flow Label and Source and Destination
addresses SHOULD be the same.
ICMP case:
For IPv4, the data field SHOULD compensate
variations on TTL or Hop Limit, IP identification, and IP checksum
for every packet. There is no need to consider ICMPv6 because only
Flow Label of IPv6 and Source and Destination addresses are used,
and all of them SHOULD be constant.
Then, the way to identify different Hops and attempts of the same
IPv4 flow is:
TCP case:
The IP identification field.
UDP case:
The IP identification field.
ICMP case:
The IP identification field and ICMP sequence
number.
Temporal Composition for Route MetricsThe active Route assessment methods described above have the
ability to discover portions of a path where ECMP load balancing is
present, observed as two or more unique Member Routes having one or
more distinct Hops that are part of the Route Ensemble. Likewise,
attempts to deliberately vary the flow characteristics to discover
all Member Routes will reveal portions of the path that are
flow invariant. describes the Temporal
Composition of metrics and introduces the possibility of a
relationship between earlier measurement results and the results for
measurement at the current time (for a given metric). There is value
in establishing a Temporal Composition relationship for Route
metrics; however, this relationship does not represent a forecast of
future Route conditions in any way.For Route-metric measurements, the value of Temporal Composition
is to reduce the measurement iterations required with repeated
measurements. Reduced iterations are possible by inferring that
current measurements using fixed and previously measured flow
characteristics:
will have many common Hops with previous measurements.
will have relatively time-stable results at the ingress and
egress portions of the path when measured from user locations,
as opposed to measurements of backbone networks and across
inter-domain gateways.
may have greater potential for time variation in path
portions where ECMP load balancing is observed (because
increasing or decreasing the pool of links changes the hash
calculations).
Optionally, measurement systems may take advantage of the
inferences above when seeking to reduce measurement iterations
after exhaustive measurements indicate that the time-stable
properties are present. Repetitive active Route measurement
systems:
SHOULD occasionally check path portions that have exhibited
stable results over time, particularly ingress and egress
portions of the path (e.g., daily checks if measuring many times
during a day).
SHOULD continue testing portions of the path that have
previously exhibited ECMP load balancing.
SHALL trigger reassessment of the complete path and Route
Ensemble if any change in Hops is observed for a specific (and
previously tested) flow.
Routing Class IdentificationThere is an opportunity to apply the notion from
of equal treatment for a class of packets, "...very useful to
know if a given Internet component treats equally a class C of
different types of packets", as it applies to Route measurements.
The notion of class C was examined further in as it applied to load-balancing flows over
parallel paths, which is the case we develop here. Knowledge of
class C parameters (unrelated to address classes of the past) on a
path potentially reduces the number of flows required for a given
method to assess a Route Ensemble over time.First, recognize that each Member Route of a Route Ensemble will
have a corresponding class C. Class C can be discovered by testing
with multiple flows, all of which traverse the unique set of Hops
that comprise a specific Member Route.Second, recognize that the different classes depend primarily on
the hash functions used at each instance of ECMP load balancing on
the path.Third, recognize the synergy with Temporal Composition methods
(described above), where evaluation intends to discover time-stable
portions of each Member Route so that more emphasis can be placed
on ECMP portions that also determine class C.The methods to assess the various class C characteristics benefit
from the following measurement capabilities:
flows designed to determine which n-tuple header fields are
considered by a given hash function and ECMP Hop on the path
and which are not. This operation immediately narrows the search
space, where possible, and partially defines a class C.
a priori knowledge of the possible types of hash functions in
use also helps to design the flows for testing (major router
vendors publish information about these hash functions; examples
are in ).
ability to direct the emphasis of current measurements on
ECMP portions of the path, based on recent past measurement
results (the Routing Class of some portions of the path is
essentially "all packets").
Intermediate Observation Point Route MeasurementThere are many examples where passive monitoring of a flow at an
Observation Point within the network can detect unexpected
Round-Trip Delay or Delay Variation. But how can the cause of the
anomalous delay be investigated further from the Observation Point
possibly located at an intermediate point on the path?In this case, knowledge that the flow of interest belongs to a
specific Routing Class C will enable measurement of the Route where
anomalous delay has been observed. Specifically, Round-Trip Delay
assessment to each Hop on the path between the Observation Point and
the Destination for the flow of interest may discover high or
variable delay on a specific link and Hop combination.The determination of a Routing Class C that includes the flow of
interest is as described in the section above, aided by computation
of the relevant hash function output as the target.Hybrid MethodologiesThe Hybrid Type I methods provide an alternative for Route
assessment.
The "Scope, Applicability, and Assumptions" section of provides one possible set of data
fields that would support Route identification.In general, Nodes in the measured domain would be equipped with
specific abilities:
Store the identity of Nodes that a packet has visited in header
data fields in the order the packet visited the Nodes.
Support of a "Loopback" capability where a copy of the packet
is returned to the encapsulating Node and the packet is processed
like any other IOAM packet on the return transfer.
In addition to Node identity, Nodes may also identify the ingress
and egress interfaces utilized by the tracing packet, the absolute
time when the packet was processed, and other generic data (as
described in ).
Interface identification isn't necessarily limited to IP, i.e.,
different links in a bundle (Link Aggregation Control Protocol (LACP))
could be identified. Equally well,
links without explicit IP addresses can be identified (like with
unnumbered interfaces in an IGP deployment).Note that the Type-P packet specification for this method will
likely be a partial specification because most of the packet fields
are determined by the user traffic. The packet encapsulation
header or headers added by the hybrid method can certainly be specified in
Type-P, in unpopulated form.Combining Different MethodsIn principle, there are advantages if the entity conducting Route
measurements can utilize both forms of advanced methods (active and
hybrid) and combine the results. For example, if there are Nodes
involved in the path that qualify as Cooperating Nodes but not as
Discoverable Nodes, then a more complete view of Hops on the path is
possible when a hybrid method (or interrogation protocol) is applied
and the results are combined with the active method results collected
across all other domains.In order to combine the results of active and hybrid/interrogation
methods, the network Nodes that are part of a domain supporting an
interrogation protocol have the following attributes:
Nodes at the ingress to the domain SHOULD be both Discoverable
and Cooperating.
Any Nodes within the domain that are both Discoverable and
Cooperating SHOULD reveal the same Node identity in response to
both active and hybrid methods.
Nodes at the egress to the domain SHOULD be both Discoverable
and Cooperating and SHOULD reveal the same Node identity in
response to both active and hybrid methods.
When Nodes follow these requirements, it becomes a simple matter to
match single-domain measurements with the overlapping results from a
multidomain measurement.In practice, Internet users do not typically have the ability to
utilize the Operations, Administrations, and Maintenance (OAM)
capabilities of networks that their packets traverse,
so the results from a remote domain supporting an interrogation
protocol would not normally be accessible. However, a network operator
could combine interrogation results from their access domain with
other measurements revealing the path outside their domain.Background on Round-Trip Delay Measurement GoalsThe aim of this method is to use packet probes to unveil the paths
between any two End-Nodes of the network. Moreover, information derived
from RTD measurements might be meaningful to identify:
Intercontinental submarine links
Satellite communications
Congestion
Inter-domain paths
This categorization is widely accepted in the literature and among
operators alike, and it can be trusted with empirical data and several
sources as ground of truth (e.g., ), but it is an
inference measurement nonetheless .The first two categories correspond to the physical distance
dependency on RTD, the next one binds RTD with
queuing delay on routers, and the last one helps to identify different
ASes using traceroutes. Due to the significant contribution of
propagation delay in long-distance Hops, RTD will be on the order of
100 ms on transatlantic Hops, depending on the geolocation of the vantage
points. Moreover, RTD is typically higher than 480 ms when two Hops are
connected using geostationary satellite technology (i.e., their orbit is
at 36000 km). Detecting congestion with latency implies deeper
mathematical understanding, since network traffic load is not stationary.
Nonetheless, as the first approach, a link seems to be congested if
observing different/varying statistical results after sending several
traceroute probes (e.g., see ). Finally, to
recognize distinctive ASes in the same traceroute path is challenging
because more data is needed, like AS relationships and Regional Internet
Registry (RIR) delegations
among others (for more details, please consult ).RTD Measurements StatisticsSeveral articles have shown that network traffic presents a
self-similar nature that is
accountable for filling the queues of the routers. Moreover, router
queues are designed to handle traffic bursts, which is one of the most
remarkable features of self-similarity. Naturally, while queue length
increases, the delay to traverse the queue increases as well and leads
to an increase on RTD. Due to traffic bursts generating short-term
overflow on buffers (spiky patterns), every RTD only depicts the
queueing status on the instant when that packet probe was in transit.
For this reason, several RTD measurements during a time window could
begin to describe the random behavior of latency. Loss must also be
accounted for in the methodology.To understand the ongoing process, examining the quartiles provides a
nonparametric way of analysis. Quartiles are defined by five values:
minimum RTD (m), RTD value of the 25% of the Empirical Cumulative
Distribution Function (ECDF) (Q1), the median value (Q2), the RTD value
of the 75% of the ECDF (Q3), and the maximum RTD (M). Congestion can be
inferred when RTD measurements are spread apart; consequently, the
Interquartile Range (IQR), i.e., the distance between Q3 and Q1, increases
its value.This procedure requires the algorithm presented in to compute quartile values "on the fly".This procedure allows us to update the quartile values whenever a new
measurement arrives, which is radically different from classic methods
of computing quartiles, because they need to use the whole dataset to
compute the values. This way of calculus provides savings in memory and
computing time.To sum up, the proposed measurement procedure consists of performing
traceroutes several times to obtain samples of the RTD in every Hop from
a path during a time window (W) and compute the quartiles for every
Hop. This procedure could be done for a single Member Route flow, for a
non-exhaustive search with parameter E (defined below) set to False, or
for every detected Route Ensemble flow (E=True).The identification of a specific Hop in a traceroute is based on the IP
origin address of the returned ICMP Time Exceeded packet and on the
distance identified by the value set in the TTL (or Hop Limit) field
inserted by traceroute. As this specific Hop can be reached by different
paths, the IP Source and Destination addresses of the traceroute
packet also need to be recorded. Finally, different return paths are
distinguished by evaluating the ICMP Time Exceeded TTL (or Hop Limit) of
the reply message; if this TTL (or Hop Limit) is constant for different
paths containing the same Hop, the return paths have the same distance.
Moreover, this distance can be estimated considering that the TTL (or
Hop Limit) value is normally initialized with values 64, 128, or 255.
The 5-tuple (origin IP, destination IP, reply IP, distance, and response TTL
or Hop Limit) unequivocally identifies every measurement.This algorithm below runs in the origin of the traceroute. It returns
the Qs quartiles for every Hop and Alt (alternative paths because of
balancing). Notice that the "Alt" parameter condenses the parameters of
the 5-tuple (origin IP, destination IP, reply IP, distance, and response
TTL), i.e., one for each possible combination.
================================================================
0 input: W (window time of the measurement)
1 i_t (time between two measurements, set the i_t time
2 long enough to avoid incomplete results)
3 E (True: exhaustive, False: a single path)
4 Dst (destination IP address)
5 output: Qs (quartiles for every Hop and Alt)
----------------------------------------------------------------
6 T := start_timer(W)
7 while T is not finished do:
8 | start_timer(i_t)
9 | RTD(Hop,Alt) = advanced-traceroute(Dst,E)
10 | for each Hop and Alt in RTD do:
11 | | Qs[Dst,Hop,Alt] := ComputeQs(RTD(Hop,Alt))
12 | done
13 | wait until i_t timer is expired
14 done
15 return (Qs)
================================================================
During the time W, lines 6 and 7 assure that the measurement loop is
made.
Lines 8 and 13 set a timer for each cycle of measurements. A cycle
comprises the traceroutes packets, considering every possible Hop and
the alternatives paths in the Alt variable (ensured in lines 9-12). In
line 9, the advanced-traceroute could be either Paris-traceroute or
Scamper, which will use the "exhaustive" mode or
"tracelb" option if E is set to True, respectively. The
procedure returns a list of tuples (m, Q1, Q2, Q3, and M) for each intermediate
Hop, or "Alt" in as a function of the 5-tuple, in the path towards the
Dst. Finally, lines 10 through 12 store each measurement into the
real-time quartiles computation.Notice there are cases where even having a unique Hop at distance
h from the Src to Dst, the returning path could have several
possibilities, yielding different total paths. In this situation, the
algorithm will return another "Alt" for this particular Hop.Security ConsiderationsThe security considerations that apply to any active measurement of
live paths are relevant here as well. See and
.The active measurement process of changing several fields to keep
the checksum of different packets identical does not require special
security considerations because it is part of synthetic traffic
generation and is designed to have minimal to zero impact on network
processing (to process the packets for ECMP).Some of the protocols used (e.g., ICMP) do not provide cryptographic
protection for the requested/returned data, and there are risks of
processing untrusted data in general, but these are limitations of the
existing protocols where we are applying new methods.For applicable hybrid methods, the security considerations in apply.When considering the privacy of those involved in measurement or those
whose traffic is measured, the sensitive information available to
potential observers is greatly reduced when using active techniques
that are within this scope of work. Passive observations of user
traffic for measurement purposes raise many privacy issues. We refer the
reader to the privacy considerations described in the Large-scale
Measurement of Broadband Performance (LMAP) Framework , which covers active and passive
techniques.IANA ConsiderationsThis document has no IANA actions.ReferencesNormative ReferencesInternet Control Message ProtocolRequirements for Internet Hosts - Communication LayersThis RFC is an official specification for the Internet community. It incorporates by reference, amends, corrects, and supplements the primary protocol standards documents relating to hosts. [STANDARDS-TRACK]Requirements for IP Version 4 RoutersThis memo defines and discusses requirements for devices that perform the network layer forwarding function of the Internet protocol suite. [STANDARDS-TRACK]Key words for use in RFCs to Indicate Requirement LevelsIn many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.Framework for IP Performance MetricsThe purpose of this memo is to define a general framework for particular metrics to be developed by the IETF's IP Performance Metrics effort. This memo provides information for the Internet community. It does not specify an Internet standard of any kind.A Round-trip Delay Metric for IPPMThis memo defines a metric for round-trip delay of packets across Internet paths. [STANDARDS-TRACK]A One-way Active Measurement Protocol (OWAMP)The One-Way Active Measurement Protocol (OWAMP) measures unidirectional characteristics such as one-way delay and one-way loss. High-precision measurement of these one-way IP performance metrics became possible with wider availability of good time sources (such as GPS and CDMA). OWAMP enables the interoperability of these measurements. [STANDARDS-TRACK]Information Model and XML Data Model for Traceroute MeasurementsThis document describes a standard way to store the configuration and the results of traceroute measurements. This document first describes the terminology used in this document and the traceroute tool itself; afterwards, the common information model is defined, dividing the information elements into two semantically separated groups (configuration elements and results elements). Moreover, an additional element is defined to relate configuration elements and results elements by means of a common unique identifier. On the basis of the information model, a data model based on XML is defined to store the results of traceroute measurements. [STANDARDS-TRACK]Using the IPv6 Flow Label for Equal Cost Multipath Routing and Link Aggregation in TunnelsThe IPv6 flow label has certain restrictions on its use. This document describes how those restrictions apply when using the flow label for load balancing by equal cost multipath routing and for link aggregation, particularly for IP-in-IPv6 tunneled traffic. [STANDARDS-TRACK]Round-Trip Packet Loss MetricsMany user applications (and the transport protocols that make them possible) require two-way communications. To assess this capability, and to achieve test system simplicity, round-trip loss measurements are frequently conducted in practice. The Two-Way Active Measurement Protocol specified in RFC 5357 establishes a round-trip loss measurement capability for the Internet. However, there is currently no round-trip packet loss metric specified according to the RFC 2330 framework.This memo adds round-trip loss to the set of IP Performance Metrics (IPPM). [STANDARDS-TRACK]Active and Passive Metrics and Methods (with Hybrid Types In-Between)This memo provides clear definitions for Active and Passive performance assessment. The construction of Metrics and Methods can be described as either "Active" or "Passive". Some methods may use a subset of both Active and Passive attributes, and we refer to these as "Hybrid Methods". This memo also describes multiple dimensions to help evaluate new methods as they emerge.Detecting Multiprotocol Label Switched (MPLS) Data-Plane FailuresThis document describes a simple and efficient mechanism to detect data-plane failures in Multiprotocol Label Switching (MPLS) Label Switched Paths (LSPs). It defines a probe message called an "MPLS echo request" and a response message called an "MPLS echo reply" for returning the result of the probe. The MPLS echo request is intended to contain sufficient information to check correct operation of the data plane and to verify the data plane against the control plane, thereby localizing faults.This document obsoletes RFCs 4379, 6424, 6829, and 7537, and updates RFC 1122.Ambiguity of Uppercase vs Lowercase in RFC 2119 Key WordsRFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.IPv4, IPv6, and IPv4-IPv6 Coexistence: Updates for the IP Performance Metrics (IPPM) FrameworkThis memo updates the IP Performance Metrics (IPPM) framework defined by RFC 2330 with new considerations for measurement methodology and testing. It updates the definition of standard-formed packets to include IPv6 packets, deprecates the definition of minimal IP packet, and augments distinguishing aspects, referred to as Type-P, for test packets in RFC 2330. This memo identifies that IPv4-IPv6 coexistence can challenge measurements within the scope of the IPPM framework. Example use cases include, but are not limited to, IPv4-IPv6 translation, NAT, and protocol encapsulation. IPv6 header compression and use of IPv6 over Low-Power Wireless Area Networks (6LoWPAN) are considered and excluded from the standard-formed packet evaluation.Data Fields for In Situ Operations, Administration, and Maintenance (IOAM)Informative Referencesbdrmap: Inference of Borders Between IP NetworksProceedings of the 2016 ACM on Internet Measurement Conference, pp. 381-396Challenges in Inferring Internet Interdomain Congestionbdrmap: Inference of Borders Between IP NetworksProceedings of the 2014 Conference on Internet
Measurement Conference, pp. 15-22COMPARISON OF HASH STRATEGIES FOR FLOW-BASED LOAD BALANCINGInternational Journal of Electronic
Commerce Studies, Vol.6, No.2, pp.259-268Measuring load-balanced paths in the internetProceedings of the 7th ACM SIGCOMM conference on
Internet measurement, pp. 149-160An empirical mixture model for large-scale RTT measurements2015 IEEE Conference on Computer Communications
(INFOCOM), pp. 2470-2478The P 2 algorithm for dynamic calculation of quartiles and histograms without storing observationsCommunications of the ACM 28.10 (1985): 1076-1085Avoiding traceroute anomalies with Paris tracerouteProceedings of the 6th ACM SIGCOMM conference on
Internet measurement, pp. 153-158Multipath Issues in Unicast and Multicast Next-Hop SelectionThe effect of multipath routing on a forwarder is that the forwarder potentially has several next-hops for any given destination and must use some method to choose which next-hop should be used for a given data packet. This memo summarizes current practices, problems, and solutions. This memo provides information for the Internet community.A Two-Way Active Measurement Protocol (TWAMP)The One-way Active Measurement Protocol (OWAMP), specified in RFC 4656, provides a common protocol for measuring one-way metrics between network devices. OWAMP can be used bi-directionally to measure one-way metrics in both directions between two network elements. However, it does not accommodate round-trip or two-way measurements. This memo specifies a Two-Way Active Measurement Protocol (TWAMP), based on the OWAMP, that adds two-way or round-trip measurement capabilities. The TWAMP measurement architecture is usually comprised of two hosts with specific roles, and this allows for some protocol simplifications, making it an attractive alternative in some circumstances. [STANDARDS-TRACK]Framework for Metric CompositionThis memo describes a detailed framework for composing and aggregating metrics (both in time and in space) originally defined by the IP Performance Metrics (IPPM), RFC 2330, and developed by the IETF. This new framework memo describes the generic composition and aggregation mechanisms. The memo provides a basis for additional documents that implement the framework to define detailed compositions and aggregations of metrics that are useful in practice. This document is not an Internet Standards Track specification; it is published for informational purposes.Extending ICMP for Interface and Next-Hop IdentificationThis memo defines a data structure that can be appended to selected ICMP messages. The ICMP extension defined herein can be used to identify any combination of the following: the IP interface upon which a datagram arrived, the sub-IP component of an IP interface upon which a datagram arrived, the IP interface through which the datagram would have been forwarded had it been forwardable, and the IP next hop to which the datagram would have been forwarded.Devices can use this ICMP extension to identify interfaces and their components by any combination of the following: ifIndex, IPv4 address, IPv6 address, name, and MTU. ICMP-aware devices can use these extensions to identify both numbered and unnumbered interfaces. [STANDARDS-TRACK]IPv6 Flow Label SpecificationThis document specifies the IPv6 Flow Label field and the minimum requirements for IPv6 nodes labeling flows, IPv6 nodes forwarding labeled packets, and flow state establishment methods. Even when mentioned as examples of possible uses of the flow labeling, more detailed requirements for specific use cases are out of the scope for this document.The usage of the Flow Label field enables efficient IPv6 flow classification based only on IPv6 main header fields in fixed positions. [STANDARDS-TRACK]Advanced Stream and Sampling Framework for IP Performance Metrics (IPPM)To obtain repeatable results in modern networks, test descriptions need an expanded stream parameter framework that also augments aspects specified as Type-P for test packets. This memo updates the IP Performance Metrics (IPPM) Framework, RFC 2330, with advanced considerations for measurement methodology and testing. The existing framework mostly assumes deterministic connectivity, and that a single test stream will represent the characteristics of the path when it is aggregated with other flows. Networks have evolved and test stream descriptions must evolve with them; otherwise, unexpected network features may dominate the measured performance. This memo describes new stream parameters for both network characterization and support of application design using IPPM metrics.MPLS Forwarding Compliance and Performance RequirementsThis document provides guidelines for implementers regarding MPLS forwarding and a basis for evaluations of forwarding implementations. Guidelines cover many aspects of MPLS forwarding. Topics are highlighted where implementers might otherwise overlook practical requirements which are unstated or under emphasized or are optional for conformance to RFCs but are often considered mandatory by providers.A Framework for Large-Scale Measurement of Broadband Performance (LMAP)Measuring broadband service on a large scale requires a description of the logical architecture and standardisation of the key protocols that coordinate interactions between the components. This document presents an overall framework for large-scale measurements. It also defines terminology for LMAP (Large-Scale Measurement of Broadband Performance).A Scalable and Topology-Aware MPLS Data-Plane Monitoring SystemThis document describes features of an MPLS path monitoring system and related use cases. Segment-based routing enables a scalable and simple method to monitor data-plane liveliness of the complete set of paths belonging to a single domain. The MPLS monitoring system adds features to the traditional MPLS ping and Label Switched Path (LSP) trace, in a very complementary way. MPLS topology awareness reduces management and control-plane involvement of Operations, Administration, and Maintenance (OAM) measurements while enabling new OAM features.In and out of Cuba: Characterizing Cuba's ConnectivityProceedings of the 2015 ACM Conference on Internet
Measurement Conference, pp. 487-493Scamper: a scalable and extensible packet prober for active measurement of the internetProceedings of the 10th ACM SIGCOMM conference on
Internet measurement, pp. 239-245Self-Similar Network Traffic and Performance Evaluation (1st ed.)MPLS Methods for Route AssessmentA Node assessing an MPLS path must be part of the MPLS domain where
the path is implemented. When this condition is met, provides a
powerful set of mechanisms to detect "correct operation of the
data plane, as well as a mechanism to verify the data plane against the
control plane".MPLS routing is based on the presence of a Forwarding Equivalence
Class (FEC) Stack in all visited Nodes. Selecting one of several
Equal-Cost Multipaths (ECMPs) is, however, based on information hidden
deeper in
the stack. Late deployments may support a so-called "Entropy label" for
this purpose. State-of-the-art deployments base their choice of an ECMP
member interface on the complete MPLS label stack and on IP addresses up
to the complete 5-tuple IP header information (see ). Load sharing based
on IP information decouples this
function from the actual MPLS routing information. Thus, an MPLS
traceroute is able to check how packets with a contiguous number of
ECMP-relevant IP addresses (and an identical MPLS label stack) are
forwarded
by a particular router. The minimum number of equivalent MPLS paths
traceable at a router should be 32. Implementations supporting more
paths are available.The MPLS echo request and reply messages offering this feature must
support the Downstream Detailed Mapping TLV (was Downstream Mapping
initially, but the latter has been deprecated). The MPLS echo response
includes the incoming interface where a router received the MPLS echo
request. The MPLS echo reply further informs which of the n addresses
relevant for the load-sharing decision results in a particular next-hop
interface and contains the next Hop's interface address (if
available). This ensures that the next Hop will receive a properly coded
MPLS echo request in the next step Route of assessment. explains how a central Path Monitoring
System could be used to detect arbitrary MPLS paths between any routers
within a single MPLS domain. The combination of MPLS forwarding, Segment
Routing, and MPLS traceroute offers a simple architecture and a powerful
mechanism to detect and validate (segment-routed) MPLS paths.AcknowledgementsThe original three authors (Ignacio, Al, Joachim) acknowledge for his penetrating comments on the initial document and his initial
text for the appendix on MPLS. challenged the authors
to consider a wider scope and applied his substantial expertise with
many technologies and their measurement features in his extensive
comments. also shared useful
comments and so did . We thank them all!Authors' AddressesUniversidad de Buenos AiresAv. Paseo Colón 850Buenos AiresC1063ACVArgentina+54 11 5285-0716ihameli@cnet.fi.uba.arhttp://cnet.fi.uba.ar/ignacio.alvarez-hamelin/AT&T Labs200 Laurel Avenue SouthMiddletownNJ07748United States of America+1 732 420 1571acm@research.att.comTU WienGusshausstrasse 25/E389Vienna1040Austria+43 1 58801 38813Joachim.Fabini@tuwien.ac.athttp://www.tc.tuwien.ac.at/about-us/staff/joachim-fabini/Cisco Systems, Inc.7200-11 Kit Creek RoadResearch Triangle ParkNC27709United States of Americacpignata@cisco.comDeutsche TelekomHeinrich Hertz Str. 3-7Darmstadt64295Germany+49 6151 5812747Ruediger.Geib@telekom.de