]> Cisco Systems, Inc.

Canada rgandhi@cisco.com

Cisco Systems, Inc.

cfilsfil@cisco.com

Bell Canada

daniel.voyer@bell.ca

Huawei

mach.chen@huawei.com

Colt

Bart.Janssens@colt.net

IPPM Working Group Segment Routing (SR) leverages the source routing paradigm. SR is applicable to both Multiprotocol Label Switching (SR-MPLS) and IPv6 (SRv6) data planes. This document specifies RFC 8762 (Simple Two-Way Active Measurement Protocol (STAMP)) extensions for Delay and Loss Measurement in Segment Routing networks, for both SR-MPLS and SRv6 data planes.

Segment Routing (SR) leverages the source routing paradigm and greatly simplifies network operations for Software Defined Networks (SDNs). SR is applicable to both Multiprotocol Label Switching (SR-MPLS) and IPv6 (SRv6) data planes. Built-in SR Performance Measurement (PM) is one of the essential requirements to provide Service Level Agreements (SLAs). The Simple Two-way Active Measurement Protocol (STAMP) provides capabilities for the measurement of various performance metrics in IP networks using probe messages . It eliminates the need for control-channel signaling by using configuration data model to provision a test-channel (e.g. UDP paths). defines TLV extensions for STAMP messages. The STAMP message with a TLV for "direct measurement" can be used for combined Delay + Loss measurement . However, in order to use only for loss measurement purpose, it requires the node to support the delay measurement messages and support timestamp for these messages (which may also require clock synchronization). Furthermore, for hardware-based counter collection for direct-mode loss measurement, the optional TLV based processing adds unnecessary overhead (as counters are not at well-known locations). This document specifies RFC 8762 (Simple Two-Way Active Measurement Protocol (STAMP)) extensions for Delay and Loss Measurement in Segment Routing networks, for both SR-MPLS and SRv6 data planes.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in when, and only when, they appear in all capitals, as shown here.

BSID: Binding Segment ID. DM: Delay Measurement. HMAC: Hashed Message Authentication Code. LM: Loss Measurement. MPLS: Multiprotocol Label Switching. NTP: Network Time Protocol. OWAMP: One-Way Active Measurement Protocol. PM: Performance Measurement. PTP: Precision Time Protocol. SID: Segment ID. SL: Segment List. SR: Segment Routing. SRH: Segment Routing Header. SR-MPLS: Segment Routing with MPLS data plane. SRv6: Segment Routing with IPv6 data plane. SSID: STAMP Session Identifier. STAMP: Simple Two-way Active Measurement Protocol.

In the reference topology shown below, the sender node R1 initiates a performance measurement probe query message and the reflector node R5 sends a probe response message for the query message received. The probe response message is typically sent to the sender node R1.

| | | R1 |=====================| R5 | | |<- - - - - - - - - - | | +-------+ Response +-------+ \ / t4 t3 Sender Reflector Reference Topology ]]>

In this document, the Control Code field is defined for delay and loss measurement probe query messages for STAMP protocol in unauthenticated and authenticated modes. The modified delay measurement probe query message format is shown in Figure 1. This message format is backwards compatible with the message format defined in STAMP as its reflector MUST ignore the received field (previously identified as MBZ). With this field, the reflector node does not require any additional state for PM (recall that in SR networks, the state is in the probe packet and signaling of the parameters is undesired). The usage of the Control Code is not limited to the SR and can be used for non-SR network.

Sender Control Code: Set as follows in STAMP probe query message. In a Query: 0x0: Out-of-band Response Requested. Indicates that the probe response is not required over the same path in the reverse direction. This is also the default behavior. 0x1: In-band Response Requested. Indicates that this query has been sent over a bidirectional path and the probe response is required over the same path in the reverse direction. 0x2: No Response Requested.

In this document, STAMP probe query messages for loss measurement are defined as shown in Figure 2 and Figure 3. The message formats are hardware efficient due to well-known locations of the counters and payload small in size. They are stand-alone and similar to the delay measurement message formats (e.g. location of the Counter and Timestamp). They also do not require backwards compatibility and support for the existing DM message formats from as different user-configured destination UDP port is used for loss measurement.

Sequence Number (32-bit): As defined in . Transmit Counter (64-bit): The number of packets or octets sent by the sender node in the query message and by the reflector node in the response message. The counter is always written at the well-known location in the probe query and response messages. Receive Counter (64-bit): The number of packets or octets received at the reflector node. It is written by the reflector node in the probe response message. Sender Counter (64-bit): This is the exact copy of the transmit counter from the received query message. It is written by the reflector node in the probe response message. Sender Sequence Number (32-bit): As defined in . Sender TTL: As defined in . X: Extended counter format indicator. Indicates the use of extended (64-bit) counter values. Initialized to 1 upon creation (and prior to transmission) of an LM query and copied from an LM query to an LM response message. Set to 0 when the LM message is transmitted or received over an interface that writes 32-bit counter values. B: Octet (byte) count. When set to 1, indicates that the Counter 1-4 fields represent octet counts. The octet count applies to all packets within the LM scope, and the octet count of a packet sent or received includes the total length of that packet (but excludes headers, labels, or framing of the channel itself). When set to 0, indicates that the Counter fields represent packet counts. Block Number (8-bit): The Loss Measurement using Alternate-Marking method defined in requires to color the data traffic. To be able to correlate the transmit and receive traffic counters of the matching color, the Block Number (or color) of the traffic counters is carried by the probe query and response messages for loss measurement. The Block Number can also be used to aggregate performance metrics collected. HMAC: The probe message in authenticated mode includes a key Hashed Message Authentication Code (HMAC) hash. Each probe query and response messages are authenticated by adding Sequence Number with Hashed Message Authentication Code (HMAC) TLV. It can use HMAC-SHA-256 truncated to 128 bits (similarly to the use of it in IPSec defined in ); hence the length of the HMAC field is 16 octets. HMAC uses its own key and the mechanism to distribute the HMAC key is outside the scope of this document. In authenticated mode, only the sequence number is encrypted, and the other payload fields are sent in clear text. The probe message MAY include Comp.MBZ (Must Be Zero) variable length field to align the packet on 16 octets boundary.

In this document, STAMP probe response message formats are defined for loss measurement as shown in Figure 4 and Figure 5.

In this document, Node Address TLV is defined for STAMP message and has the following format shown in Figure 6:

The Address Family field indicates the type of the address, and it SHALL be set to one of the assigned values in the "IANA Address Family Numbers" registry. The STAMP TLV Flags are set using the procedures described in . The following Type is defined and it contains Node Address TLV: Destination Node Address (value TBA1): The Destination Node Address TLV is optional. The Destination Node Address TLV indicates the address of the intended recipient node of the probe message. The reflector node MUST NOT send response message if it is not the intended destination node of the probe query message.

For two-way performance measurement, the reflector node needs to send the probe response message on a specific reverse path. The sender node can request in the probe query message to the reflector node to send a response message back on a given reverse path (e.g. co-routed bidirectional path). This way the reflector node does not require any additional state for PM (recall that in SR networks, the state is in the probe packet and signaling of the parameters is undesired). For one-way performance measurement, the sender node address may not be reachable via IP route from the reflector node. The sender node in this case needs to send its reachability path information to the reflector node. defines STAMP probe query messages that can include one or more optional TLVs. The TLV Type (value TBA2) is defined in this document for Return Path that carries reverse path for STAMP probe response messages (in the payload of the message). The format of the Return Path TLV is shown in Figure 7:

The STAMP TLV Flags are set using the procedures described in . The following Type defined for the Return Path TLV contains the Node Address sub-TLV using the format shown above in Figure 7: Type (value 0): Return Address. Target node address of the response message different than the Source Address in the query

The Segment List Sub-TLV (shown above in Figure 8) in the Return Path TLV can be one of the following Types: Type (value 1): SR-MPLS Label Stack of the Reverse Path Type (value 2): SR-MPLS Binding SID of the Reverse SR Policy Type (value 3): SRv6 Segment List of the Reverse Path Type (value 4): SRv6 Binding SID of the Reverse SR Policy The Return Path TLV is optional. The sender node MUST only insert one Return Path TLV in the probe query message and the reflector node MUST only process the first Return Path TLV in the probe query message and ignore other Return Path TLVs if present. The reflector node MUST send probe response message back on the reverse path specified in the Return Path TLV and MUST NOT add Return Path TLV in the probe response message.

The performance measurement is intended for deployment in well-managed private and service provider networks. As such, it assumes that a node involved in a measurement operation has previously verified the integrity of the path and the identity of the far-end reflector node. If desired, attacks can be mitigated by performing basic validation and sanity checks, at the sender, of the counter or timestamp fields in received measurement response messages. The minimal state associated with these protocols also limits the extent of measurement disruption that can be caused by a corrupt or invalid message to a single query/response cycle. Use of HMAC-SHA-256 in the authenticated mode protects the data integrity of the probe messages. Cryptographic measures may be enhanced by the correct configuration of access-control lists and firewalls.

IANA will create a "STAMP TLV Type" registry for . IANA is requested to allocate a value for the following Destination Address TLV Type from the IETF Review TLV range of this registry. This TLV is to be carried in the probe messages. Type TBA1: Destination Node Address TLV IANA is also requested to allocate a value for the following Return Path TLV Type from the IETF Review TLV range of the same registry. This TLV is to be carried in the probe query messages. Type TBA2: Return Path TLV IANA is requested to create a sub-registry for "Return Path Sub-TLV Type". All code points in the range 1 through 175 in this registry shall be allocated according to the "IETF Review" procedure as specified in . Code points in the range 176 through 239 in this registry shall be allocated according to the "First Come First Served" procedure as specified in . Remaining code points are allocated according to : Value Description Reference 0 Reserved This document 1 - 175 Unassigned This document 176 - 239 Unassigned This document 240 - 251 Experimental This document 252 - 254 Private Use This document 255 Reserved This document IANA is requested to allocate the values for the following Sub-TLV Types from this registry. Type (value 1): Return Address Type (value 2): SR-MPLS Label Stack of the Reverse Path Type (value 3): SR-MPLS Binding SID of the Reverse SR Policy Type (value 4): SRv6 Segment List of the Reverse Path Type (value 5): SRv6 Binding SID of the Reverse SR Policy

&RFC2119; &RFC8174; &RFC8762; &I-D.ietf-ippm-stamp-option-tlv; &RFC2104; &RFC4868; &RFC8126; &RFC8321; &I-D.ietf-pce-binding-label-sid;

The authors would like to thank Thierry Couture for the discussions on the use-cases for Performance Measurement in Segment Routing. The authors would also like to thank Greg Mirsky for reviewing this document and providing useful comments and suggestions. The authors would like to acknowledge the earlier work on the loss measurement using TWAMP described in draft-xiao-ippm-twamp-ext-direct-loss.