One document matched: draft-ietf-ippm-more-twamp-00.xml
<?xml version="1.0" encoding="US-ASCII"?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd">
<?rfc toc="yes"?>
<?rfc tocompact="yes"?>
<?rfc tocdepth="3"?>
<?rfc tocindent="yes"?>
<?rfc symrefs="yes"?>
<?rfc sortrefs="yes"?>
<?rfc comments="yes"?>
<?rfc inline="yes"?>
<?rfc compact="yes"?>
<?rfc subcompact="no"?>
<rfc category="std" docName="draft-ietf-ippm-more-twamp-00" ipr="full3978">
<front>
<title abbrev="TWAMP Extensions">More Features for TWAMP</title>
<author fullname="Al Morton" initials="A." surname="Morton">
<organization>AT&T Labs</organization>
<address>
<postal>
<street>200 Laurel Avenue South</street>
<city>Middletown,</city>
<region>NJ</region>
<code>07748</code>
<country>USA</country>
</postal>
<phone>+1 732 420 1571</phone>
<facsimile>+1 732 368 1192</facsimile>
<email>acmorton@att.com</email>
<uri>http://home.comcast.net/~acmacm/</uri>
</address>
</author>
<author fullname="Kaynam Hedayat" initials="K." surname="Hedayat">
<organization>Brix Networks</organization>
<address>
<postal>
<street>285 Mill Road</street>
<city>Chelmsford</city>
<region>MA</region>
<code>01824</code>
<country>USA</country>
</postal>
<phone>+1</phone>
<facsimile>+1</facsimile>
<email>khedayat@brixnet.com</email>
<uri>http://www.brixnet.com/</uri>
</address>
</author>
<date day="19" month="October" year="2008" />
<abstract>
<t>The IETF has completed its work on TWAMP - the Two-Way Active
Measurement Protocol. This memo describes a simple extension to TWAMP,
the option to use different security modes in the TWAMP-Control and
TWAMP-Test protocols.</t>
</abstract>
<note title="Requirements Language">
<t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in <xref
target="RFC2119">RFC 2119</xref>.</t>
</note>
</front>
<middle>
<section title="Introduction">
<t>The IETF has completed its work on the core specification of TWAMP -
the Two-Way Active Measurement Protocol <xref target="RFC5357"></xref>.
TWAMP is an extension of the One-way Active Measurement Protocol, OWAMP
<xref target="RFC4656"></xref>. The TWAMP specification gathered wide
review as it approached completion, and the by-products were several
recommendations for new features in TWAMP. There are a growing number
TWAMP implementations at present, and wide-spread usage is expected.
There are even devices that are designed to test implementations for
protocol compliance.</t>
<t>This memo describes a simple extension for TWAMP, the option to use
different security modes in the TWAMP-Control and TWAMP-Test
protocols.</t>
<t>The relationship between this memo and TWAMP is intended to be an
update to <xref target="RFC5357"></xref> when published.</t>
</section>
<section title="Purpose and Scope">
<t>The purpose of this memo is to describe and specify an extension for
TWAMP <xref target="RFC5357"></xref>. The features and extensions were
vetted before adoption in this memo.</t>
<t>The scope of the memo is limited to specifications of the
following:</t>
<t><list style="symbols">
<t>Extension of the modes of operation through assignment of one new
value in the Mode field (see section 3.1 of <xref
target="RFC4656"></xref>), while retaining backward compatibility
with TWAMP <xref target="RFC5357"></xref> implementations. This
value adds the OPTIONAL ability to use different security modes in
the TWAMP-Control and TWAMP-Test protocols. The motivation for this
extension is to permit the low packet rate TWAMP-Control protocol to
utilize a stronger mode of integrity protection than that used in
the TWAMP-Test protocol.</t>
</list></t>
</section>
<section title="TWAMP Control Extensions">
<t>TWAMP-Control protocol is a derivative of the OWAMP-Control protocol,
and coordinates a two-way measurement capability. All TWAMP Control
messages are similar in format and follow similar guidelines to those
defined in section 3 of <xref target="RFC4656"></xref> with the
exceptions described in TWAMP <xref target="RFC5357"></xref>, and in the
following sections.</t>
<t>All OWAMP-Control messages apply to TWAMP-Control, except for the
Fetch Session command.</t>
<section title="Extended Connection Setup">
<t>TWAMP connection establishment follows the same procedure defined
in section 3.1 of <xref target="RFC4656"></xref>. This extended mode
assigns one new bit position (and value) to allow the Test protocol
security mode to operate in Unauthenticated mode, while the Control
protocol operates in Encrypted mode. With this extension, the complete
set of TWAMP values are as follows:</t>
<t><figure>
<preamble></preamble>
<artwork><![CDATA[Value Description Reference/Explanation
0 Reserved
1 Unauthenticated RFC4656, Section 3.1
2 Authenticated RFC4656, Section 3.1
4 Encrypted RFC4656, Section 3.1
8 Unauth. TEST protocol, new bit position (3)
Encrypted CONTROL
]]></artwork>
<postamble></postamble>
</figure></t>
<t>In the original OWAMP Modes field, setting bit positions 0, 1 or 2
indicated the security mode of the Control protocol, and the Test
protocol inherited the same mode (see section 4 of <xref
target="RFC4656"></xref>). In this extension to TWAMP, setting Modes
Field bit position 3 SHALL discontinue the inheritance of the security
mode in the Test protocol, and each protocol’s mode SHALL be as
specified below. When the desired TWAMP Test protocol mode is
identical to the Control Session mode, the corresponding Modes Field
bit (position 0, 1 or 2) SHALL be set. The table below gives the
various combinations of integrity protection that are permissible in
TWAMP (with this extension). The Test protocol SHALL use the mode in
each column corresponding to the Modes Field bit position.</t>
<t><figure>
<preamble></preamble>
<artwork><![CDATA[--------------------------------------------------------
Protocol | Permissible Mode Combinations (Modes bit set)
--------------------------------------------------------
Control | Unauth.(0)| Auth. == Encrypted (1,2,3)
--------------------------------------------------------
| Unauth.(0)| Unauth. (3)
-----------------------------------------------
Test | | Auth.(1)
-----------------------------------------------
| | Encrypted (2)
--------------------------------------------------------]]></artwork>
<postamble></postamble>
</figure></t>
<t>Note that the TWAMP-Control protocol security measures are
identical in the Authenticated and Encrypted Modes. Therefore, only
one new bit position (3) is needed to convey the single mixed security
mode.</t>
<t>The value of the Modes Field sent by the Server in the
Server-Greeting message is the bit-wise OR of the modes (bit
positions) that it is willing to support during this session. Thus,
the last four bits of the Modes 32-bit Field are used. The first 28
bits MUST be zero. A client conforming to this extension of <xref
target="RFC5357"></xref> MAY ignore the values in the first 28 bits of
the Modes Field, or it MAY support other features that are
communicated in these bit positions.</t>
<t>Other ways in which TWAMP extends OWAMP are described in <xref
target="RFC5357"></xref>.</t>
</section>
</section>
<section title="Extended TWAMP Test ">
<t>The TWAMP test protocol is similar to the OWAMP <xref
target="RFC4656"></xref> test protocol with the exception that the
Session-Reflector transmits test packets to the Session-Sender in
response to each test packet it receives. TWAMP <xref
target="RFC5357"></xref> defines two different test packet formats, one
for packets transmitted by the Session-Sender and one for packets
transmitted by the Session-Reflector. As with OWAMP-Test protocol there
are three security modes: unauthenticated, authenticated, and encrypted.
This TWAMP extension makes it possible to use TWAMP-Test Unauthenticated
mode regardless of the mode used in the TWAMP-Control protocol.</t>
<section title="Sender Behavior">
<t>This section describes REQUIRED extensions to the behavior of the
TWAMP Sender.</t>
<section title="Packet Timings">
<t>The Send Schedule is not utilized in TWAMP, and there are no
extensions defined in this memo.</t>
</section>
<section title="Packet Format and Content">
<t>The Session Sender packet format and content MUST follow the same
procedure and guidelines as defined in section 4.1.2 of <xref
target="RFC4656"></xref> and section 4.1.2 of <xref
target="RFC5357"></xref>, with the following exceptions: <list
style="symbols">
<t>the Send Schedule is not used, and</t>
<t>the Sessions-Sender MUST support the mixed security mode
(Unauthenticated TEST, Encrypted CONTROL,value 8, bit position
3) defined in section 3.1 of this memo.</t>
</list></t>
</section>
</section>
<section title="Reflector Behavior">
<t>The TWAMP Reflector is REQUIRED to follow the procedures and
guidelines in section 4.2 of <xref target="RFC5357"></xref>, with the
following extensions:</t>
<t><list style="symbols">
<t>the Sessions-Reflector MUST support the mixed security mode
(Unauthenticated TEST, Encrypted CONTROL,value 8, bit position 3)
defined in section 3.1 of this memo.</t>
</list></t>
</section>
</section>
<section anchor="Security" title="Security Considerations">
<t>The extended mixed-mode of operation permits stronger
security/integrity protection on the TWAMP-Control protocol while
simultaneously emphasizing accuracy or efficiency on the TWAMP-Test
protocol, thus making it possible to increase overall security when
compared to the previous options.</t>
<t>The security considerations that apply to any active measurement of
live networks are relevant here as well. See <xref
target="RFC4656"></xref> and <xref target="RFC5357"></xref>.</t>
</section>
<section anchor="IANA" title="IANA Considerations">
<t>This memo adds three security mode combinations to the OWAMP-Control
specification<xref target="RFC4656"> </xref>, and describes behavior
when the new modes are used. This memo requests creation an IANA
registry for the TWAMP Mode field. This field is a recognized extension
mechanism for TWAMP.</t>
<section title="Registry Specification">
<t>IANA is requested to create a TWAMP-Modes registry. TWAMP-Modes are
specified in TWAMP Server Greeting messages and Set-up Response
messages consistent with section 3.1 of <xref
target="RFC4656"></xref>, and extended by this memo. Modes are
indicated by setting bits in the 32-bit Modes Field. Thus, this
registry can contain a total of 32 possible bit positions and
corresponding values.</t>
</section>
<section title="Registry Management">
<t>Because the TWAMP-Modes registry can contain only thirty-two
values, and because TWAMP is an IETF protocol, this registry must be
updated only by "IETF Consensus" as specified in <xref
target="RFC2434"></xref>(an RFC documenting registry use that is
approved by the IESG). For the Modes registry, we expect that new
features will be assigned using monotonically increasing bit positions
and in the range [0-31] and the corresponding values, unless there is
a good reason to do otherwise.</t>
</section>
<section title="Experimental Numbers">
<t>No experimental values are currently assigned for the Modes
Registry.</t>
</section>
<section title="Initial Registry Contents">
<t>TWAMP Modes Registry<figure>
<preamble></preamble>
<artwork><![CDATA[Value Description Semantics Definition
0 Reserved
1 Unauthenticated RFC4656, Section 3.1
2 Authenticated RFC4656, Section 3.1
4 Encrypted RFC4656, Section 3.1
8 Unauth. TEST protocol, this document, Section 3.1
Encrypted CONTROL
]]></artwork>
<postamble></postamble>
</figure></t>
</section>
</section>
<section anchor="Acknowledgements" title="Acknowledgements">
<t>The authors would like to thank Len Ciavattone for helpful review and
comments.</t>
</section>
</middle>
<back>
<references title="Normative References">
<?rfc include="reference.RFC.2119"?>
<?rfc include='reference.RFC.4656'?>
<?rfc ?>
<?rfc include='reference.RFC.2434'?>
<?rfc include='reference.RFC.5357'?>
<?rfc ?>
<?rfc ?>
</references>
<references title="Informative References">
<?rfc ?>
<reference anchor="x">
<front>
<title></title>
<author fullname="" surname="">
<organization></organization>
</author>
<date month="" year="" />
</front>
</reference>
</references>
</back>
</rfc>| PAFTECH AB 2003-2026 | 2026-04-24 14:12:29 |