One document matched: draft-ietf-ippm-more-twamp-02.xml
<?xml version="1.0" encoding="US-ASCII"?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd">
<?rfc toc="yes"?>
<?rfc tocompact="yes"?>
<?rfc tocdepth="3"?>
<?rfc tocindent="yes"?>
<?rfc symrefs="yes"?>
<?rfc sortrefs="yes"?>
<?rfc comments="yes"?>
<?rfc inline="yes"?>
<?rfc compact="yes"?>
<?rfc subcompact="no"?>
<rfc category="std" docName="draft-ietf-ippm-more-twamp-02"
ipr="pre5378Trust200902" updates="5357">
<front>
<title abbrev="TWAMP Extensions">More Features for the Two-Way Active
Measurement Protocol - TWAMP</title>
<author fullname="Al Morton" initials="A." surname="Morton">
<organization>AT&T Labs</organization>
<address>
<postal>
<street>200 Laurel Avenue South</street>
<city>Middletown,</city>
<region>NJ</region>
<code>07748</code>
<country>USA</country>
</postal>
<phone>+1 732 420 1571</phone>
<facsimile>+1 732 368 1192</facsimile>
<email>acmorton@att.com</email>
<uri>http://home.comcast.net/~acmacm/</uri>
</address>
</author>
<author fullname="Kaynam Hedayat" initials="K." surname="Hedayat">
<organization>EXFO</organization>
<address>
<postal>
<street>285 Mill Road</street>
<city>Chelmsford</city>
<region>MA</region>
<code>01824</code>
<country>USA</country>
</postal>
<phone>+1</phone>
<facsimile>+1</facsimile>
<email>kaynam.hedayat@exfo.com</email>
<uri>http://www.exfo.com/</uri>
</address>
</author>
<date day="20" month="May" year="2009" />
<abstract>
<t>This memo describes a simple extension to TWAMP - the Two-Way Active
Measurement Protocol. The extension adds the option to use different
security modes in the TWAMP-Control and TWAMP-Test protocols
simultaneously. The memo also requests that IANA establish a registry
for additional new features, called the TWAMP-Modes registry.</t>
</abstract>
<note title="Requirements Language">
<t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in <xref
target="RFC2119">RFC 2119</xref>.</t>
</note>
</front>
<middle>
<section title="Introduction">
<t>The Two-Way Active Measurement Protocol, TWAMP <xref
target="RFC5357"></xref> is an extension of the One-way Active
Measurement Protocol, OWAMP <xref target="RFC4656"></xref>. The TWAMP
specification gathered wide review as it approached completion, and the
by-products were several recommendations for new features in TWAMP.
There is a growing number TWAMP implementations at present, and
wide-spread usage is expected. There are even devices that are designed
to test implementations for protocol compliance.</t>
<t>This memo describes a simple extension for TWAMP, the option to use
different security modes in the TWAMP-Control and TWAMP-Test protocols
(mixed security mode). It also requests that IANA establish a registry
for additional new features, called the TWAMP-Modes registry.</t>
<t>When the Server and Control-Client have agreed to use the mixed
security mode during control connection setup, then the Control-Client,
the Server, the Session-Sender and the Session-Reflector MUST all
conform to the requirements of this mode as described in sections 3, 4,
and 5.</t>
<t>This memo updates <xref target="RFC5357"></xref>.</t>
</section>
<section title="Purpose and Scope">
<t>The purpose of this memo is to describe and specify an extension for
TWAMP <xref target="RFC5357"></xref>, and request the establishment of a
registry for future TWAMP extensions.</t>
<t>The scope of the memo is limited to specifications of the
following:</t>
<t><list style="symbols">
<t>Extension of the modes of operation through assignment of one new
value in the Mode field (see section 3.1 of <xref
target="RFC4656"></xref>), while retaining backward compatibility
with TWAMP <xref target="RFC5357"></xref> implementations. This
value adds the OPTIONAL ability to use different security modes in
the TWAMP-Control and TWAMP-Test protocols. The motivation for this
extension is to permit the low packet rate TWAMP-Control protocol to
utilize a stronger mode of integrity protection than that used in
the TWAMP-Test protocol.</t>
</list></t>
</section>
<section title="TWAMP Control Extensions">
<t>TWAMP-Control protocol is a derivative of the OWAMP-Control protocol,
and coordinates a two-way measurement capability. All TWAMP Control
messages are similar in format and follow similar guidelines to those
defined in section 3 of <xref target="RFC4656"></xref> with the
exceptions described in TWAMP <xref target="RFC5357"></xref>, and in the
following sections.</t>
<t>All OWAMP-Control messages apply to TWAMP-Control, except for the
Fetch Session command.</t>
<section title="Extended Control Connection Setup">
<t>TWAMP-Control connection establishment follows the same procedure
defined in section 3.1 of <xref target="RFC4656"></xref>. This
extended mode assigns one new bit position (and value) to allow the
Test protocol security mode to operate in Unauthenticated mode, while
the Control protocol operates in Encrypted mode. With this extension,
the complete set of TWAMP Mode values are as follows:</t>
<t><figure>
<preamble></preamble>
<artwork><![CDATA[Value Description Reference/Explanation
0 Reserved
1 Unauthenticated RFC4656, Section 3.1
2 Authenticated RFC4656, Section 3.1
4 Encrypted RFC4656, Section 3.1
8 Unauth. TEST protocol, new bit position (3)
Encrypted CONTROL
]]></artwork>
<postamble></postamble>
</figure></t>
<t>In the original OWAMP and TWAMP Modes field, setting bit position
0, 1 or 2 indicated the security mode of the Control protocol, and the
Test protocol inherited the same mode (see section 4 of <xref
target="RFC4656"></xref>).</t>
<t>In this extension to TWAMP, when the Control-Client sets Modes
Field bit position 3, it SHALL discontinue the inheritance of the
security mode in the Test protocol, and each protocol’s mode
SHALL be as specified below. When the desired TWAMP-Test protocol mode
is identical to the Control Session mode, the corresponding Modes
Field bit (position 0, 1 or 2) SHALL be set by the Control-Client. The
table below gives the various combinations of integrity protection
that are permissible in TWAMP (with this extension). The TWAMP-Control
and TWAMP-Test protocols SHALL use the mode in each column
corresponding to the bit position set in the Modes Field.</t>
<t><figure>
<preamble></preamble>
<artwork><![CDATA[--------------------------------------------------------
Protocol | Permissible Mode Combinations (Modes bit set)
--------------------------------------------------------
Control | Unauth.(0)| Auth. == Encrypted (1,2,3)
--------------------------------------------------------
| Unauth.(0)| Unauth. (3)
-----------------------------------------------
Test | | Auth.(1)
-----------------------------------------------
| | Encrypted (2)
--------------------------------------------------------]]></artwork>
<postamble></postamble>
</figure></t>
<t>Note that the TWAMP-Control protocol security measures are
identical in the Authenticated and Encrypted Modes. Therefore, only
one new bit position (3) is needed to convey the single mixed security
mode.</t>
<t>The value of the Modes Field sent by the Server in the
Server-Greeting message is the bit-wise OR of the modes (bit
positions) that it is willing to support during this session. Thus,
the last four bits of the Modes 32-bit Field are used. When no other
features are activated, the first 28 bits MUST be zero. A client
conforming to this extension of <xref target="RFC5357"></xref> MAY
ignore the values in the first 28 bits of the Modes Field, or it MAY
support other features that are communicated in these bit
positions.</t>
<t>Other ways in which TWAMP extends OWAMP are described in <xref
target="RFC5357"></xref>.</t>
</section>
</section>
<section title="Extended TWAMP Test ">
<t>The TWAMP test protocol is similar to the OWAMP <xref
target="RFC4656"></xref> test protocol with the exception that the
Session-Reflector transmits test packets to the Session-Sender in
response to each test packet it receives. TWAMP <xref
target="RFC5357"></xref> defines two different test packet formats, one
for packets transmitted by the Session-Sender and one for packets
transmitted by the Session-Reflector. As with OWAMP-Test protocol there
are three security modes that also determine the test packet format:
unauthenticated, authenticated, and encrypted. This TWAMP extension
makes it possible to use TWAMP-Test Unauthenticated mode regardless of
the mode used in the TWAMP-Control protocol.</t>
<t>When the Server has identified the ability to support the mixed
security mode, the Control-Client has selected the mixed security mode
in its Set-Up-Response, and the Server responds with a zero Accept field
in the Server-Start message, these extensions are REQUIRED.</t>
<section title="Sender Behavior">
<t>This section describes extensions to the behavior of the TWAMP
Session-Sender.</t>
<section title="Packet Timings">
<t>The Send Schedule is not utilized in TWAMP, and there are no
extensions defined in this memo.</t>
</section>
<section title="Packet Format and Content">
<t>The Session-Sender packet format and content MUST follow the same
procedure and guidelines as defined in section 4.1.2 of <xref
target="RFC4656"></xref> and section 4.1.2 of <xref
target="RFC5357"></xref>, with the following exceptions: <list
style="symbols">
<t>the Send Schedule is not used, and</t>
<t>the Session-Sender MUST support the mixed security mode
(Unauthenticated TEST, Encrypted CONTROL, value 8, bit position
3) defined in section 3.1 of this memo.</t>
</list></t>
</section>
</section>
<section title="Reflector Behavior">
<t>The TWAMP Session-Reflector is REQUIRED to follow the procedures
and guidelines in section 4.2 of <xref target="RFC5357"></xref>, with
the following extensions:</t>
<t><list style="symbols">
<t>the Session-Reflector MUST support the mixed security mode
(Unauthenticated TEST, Encrypted CONTROL, value 8, bit position 3)
defined in section 3.1 of this memo.</t>
</list></t>
</section>
</section>
<section anchor="Security" title="Security Considerations">
<t>The extended mixed-mode of operation permits stronger
security/integrity protection on the TWAMP-Control protocol while
simultaneously emphasizing accuracy or efficiency on the TWAMP-Test
protocol, thus making it possible to increase overall security when
compared to the previous options.</t>
<t>The security considerations that apply to any active measurement of
live networks are relevant here as well. See <xref
target="RFC4656"></xref> and <xref target="RFC5357"></xref>.</t>
</section>
<section anchor="IANA" title="IANA Considerations">
<t>This memo adds one security mode bit position/value beyond those in
the OWAMP-Control specification<xref target="RFC4656"> </xref>, and
describes behavior when the new mode is used. This memo requests
creation of an IANA registry for the TWAMP Modes field. This field is a
recognized extension mechanism for TWAMP.</t>
<section title="Registry Specification">
<t>IANA is requested to create a TWAMP-Modes registry. TWAMP-Modes are
specified in TWAMP Server Greeting messages and Set-up Response
messages consistent with section 3.1 of <xref target="RFC4656"></xref>
and section 3.1 of <xref target="RFC5357"></xref>, and extended by
this memo. Modes are currently indicated by setting single bits in the
32-bit Modes Field. However, more complex encoding may be used in the
future. Thus, this registry can contain a total of 2^32 possible
assignments.</t>
</section>
<section title="Registry Management">
<t>Because the TWAMP-Modes registry can contain a maximum of 2^32
values, and because TWAMP is an IETF protocol, this registry must be
updated only by "IETF Review" as specified in <xref
target="RFC5226"></xref>(an RFC documenting registry use that is
approved by the IESG). For the TWAMP-Modes registry, we expect that
new features will be assigned using monotonically increasing single
bit positions and in the range [0-31], unless there is a good reason
to do otherwise (more complex encoding than single bit positions may
be used in the future, to access the 2^32 value space).</t>
</section>
<section title="Experimental Numbers">
<t>No experimental values are currently assigned for the Modes
Registry.</t>
</section>
<section title="Initial Registry Contents">
<t>TWAMP Modes Registry<figure>
<preamble></preamble>
<artwork><![CDATA[Value Description Semantics Definition
0 Reserved
1 Unauthenticated RFC4656, Section 3.1
2 Authenticated RFC4656, Section 3.1
4 Encrypted RFC4656, Section 3.1
8 Unauth. TEST protocol, this document, Section 3.1
Encrypted CONTROL
]]></artwork>
<postamble></postamble>
</figure></t>
</section>
</section>
<section anchor="Acknowledgements" title="Acknowledgements">
<t>The authors would like to thank Len Ciavattone for helpful review and
comments.</t>
</section>
</middle>
<back>
<references title="Normative References">
<?rfc include="reference.RFC.2119"?>
<?rfc include='reference.RFC.4656'?>
<?rfc include='reference.RFC.5226'?>
<?rfc include='reference.RFC.5357'?>
</references>
</back>
</rfc>| PAFTECH AB 2003-2026 | 2026-04-24 14:12:31 |