Re: [ippm] Magnus Westerlund's Discuss on draft-ietf-ippm-stamp-07: (with DISCUSS and COMMENT)

Greg Mirsky <gregimirsky@gmail.com> Tue, 10 September 2019 19:44 UTC

Return-Path: <gregimirsky@gmail.com>
X-Original-To: ippm@ietfa.amsl.com
Delivered-To: ippm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 61203120273; Tue, 10 Sep 2019 12:44:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.755
X-Spam-Level:
X-Spam-Status: No, score=-0.755 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, NUMERIC_HTTP_ADDR=1.242, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U_yXjeODjcZv; Tue, 10 Sep 2019 12:43:59 -0700 (PDT)
Received: from mail-lj1-x244.google.com (mail-lj1-x244.google.com [IPv6:2a00:1450:4864:20::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C8AD4120096; Tue, 10 Sep 2019 12:43:58 -0700 (PDT)
Received: by mail-lj1-x244.google.com with SMTP id q22so13103183ljj.2; Tue, 10 Sep 2019 12:43:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=5Q6FfsLHA4HaIhMIepo+v4rLPfQakHsZyQZRUhbUMKY=; b=be+Z13tpGMsb3j6EOWK6QNarhdGYAaAL7M8z9AUox6QTdza4rcdfvUSGvgliCXr/pl FasY6sHRpIUyn7C1mc/1rlGGJ0/hIMlVJvQjFGVSo1mgpQkyQbK/ayvGapK4MdsuF2Lk ioUvz1QMx5UlAZUAaHmPfif1nmWK6znW9hQGe8wg2npKuY3iL18//CBTktgffYCIpUYz Gl1v8yetCPDX8HYVFMz/n6l9J1HutwdW71eu0A9pLG1clfLeYrUV3qgflo1oA85ELzc5 iDj3788bRw0l4lpL6OMt9iVgh9WoDHcbAQbTiL/d74lP6IK1c4SIPPeBBgfBRQMsLm5b +x9g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=5Q6FfsLHA4HaIhMIepo+v4rLPfQakHsZyQZRUhbUMKY=; b=XnUd33erZwhR8WXJzUy7RDXVjwBDKbJuU8o0HTG3T8xD6JMfKfsmHQmG6INUWRov6m BypswHVSKZ/GFIu4el0YF46CUFiYixasfmqxCMaCf5bmjSa8fiwDsMoDaUOUpzqpoThA 9nIRFrYAOqSXrq7ZWO2QDrenZiJoWz67UmOgjUDdJvOdDnszDnQAYQTbRZOcts7w9hF9 clZR/Gx7szqtxzrtf7jXrwhFDhNA5K6yi3NHNagbh3h4/NqN9KgKGdHonLDlpmCMMI/o +HJyfYbFBZCpcu/dBBVDMmOqC0Ig/ze4XxHJuI13LJ3d9p1t/kCjbIDeuMAjkE6y8HSW OR3w==
X-Gm-Message-State: APjAAAWIs/3OA4MSzj6SLTBJmRfWyr2sDAvofGkt/GNgGUg1DG8sR60j JPwwIvDpIRJv9drAo8spK035c5JJ/Wo+OUhDypU=
X-Google-Smtp-Source: APXvYqxfakd7Zc9IG46R7RNmDcBd1RTSFQqhSeiBcvpUqLLMDlK88JqNZK3piDSdU0yJm14dXa7IlN6kCNiY2I7xUO8=
X-Received: by 2002:a2e:9006:: with SMTP id h6mr492576ljg.42.1568144636991; Tue, 10 Sep 2019 12:43:56 -0700 (PDT)
MIME-Version: 1.0
References: <156760524845.22816.16339950342338392164.idtracker@ietfa.amsl.com>
In-Reply-To: <156760524845.22816.16339950342338392164.idtracker@ietfa.amsl.com>
From: Greg Mirsky <gregimirsky@gmail.com>
Date: Tue, 10 Sep 2019 12:43:45 -0700
Message-ID: <CA+RyBmUy-_ETfaPWoYivcWa0S3De4dcn9=Wb47M7x0vSfEsjYQ@mail.gmail.com>
To: Magnus Westerlund <magnus.westerlund@ericsson.com>
Cc: The IESG <iesg@ietf.org>, draft-ietf-ippm-stamp@ietf.org, Tal Mizrahi <tal.mizrahi.phd@gmail.com>, IPPM Chairs <ippm-chairs@ietf.org>, IETF IPPM WG <ippm@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000000b5b990592382022"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/4i4BbKO9V2y0qJ_E171qGPfw7J8>
Subject: Re: [ippm] Magnus Westerlund's Discuss on draft-ietf-ippm-stamp-07: (with DISCUSS and COMMENT)
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Sep 2019 19:44:03 -0000

Hi Magnus,
thank you for the review and thoughtful, pointed questions. Please find my
answers in-line under GIM>> tag.

Regards,
Greg

On Wed, Sep 4, 2019 at 3:54 PM Magnus Westerlund via Datatracker <
noreply@ietf.org>; wrote:

> Magnus Westerlund has entered the following ballot position for
> draft-ietf-ippm-stamp-07: Discuss
>
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
>
>
> Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html
> for more information about IESG DISCUSS and COMMENT positions.
>
>
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-ippm-stamp/
>
>
>
> ----------------------------------------------------------------------
> DISCUSS:
> ----------------------------------------------------------------------
>
> Two very much discussing discusses. However, I would really like to hear
> the
> answer to these concerns before clearing.
>
> 1. Section 4.3: Is the HMAC field size of 16 bytes hard coded? If there
> ever
> would exist a need to deploy another integrity solution, even if the actual
> algorithm used to construct the tag can be agreed by the management, there
> appear to exist a hard look in to use 16-byte tags. Have this issue been
> considered?
>
GIM>> Indeed, this specification defines the use of only one algorithm and
only 16 bytes-long HMAC field. Your question prompted the discussion among
authors and we believe that in a future specification it would be feasible
to extend supporting a number of algorithms and different lengths of HMAC
field both being defined through extension to STAMP YANG data model.

>
>         2. Section 6:
>         The possible impact of the
>    STAMP test packets on the network MUST be thoroughly analyzed, and
>    the use of STAMP for each case MUST be agreed by all users on the
>    network before starting the STAMP test session.
>
>         I assume some potential issues are know, shouldn't they really be
>         listed here in the security consideration to further motivate why
> the
>         analysis needs to happen.
>
GIM>> This is in reference to using numbers from the User range as the
destination port number. Would adding the reference to the case of using
the port numbers from the User range address your concern? Or rather refer
to Section 4, as it includes more discussion (see below)?

>
>
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
>
>         1. Section 4:
>         Before using numbers from the User Ports range, the possible impact
>    on the network MUST be carefully studied and agreed by all users of
>    the network.
>
>         Is the above sentence missing to list an important assumption? Is
> the
>         assumption that by using the registred destination port an operator
>         that sees to much STAMP traffic can simply filter it out and that
> way
>         deal with the traffic, something which is not possible when using
> an
>         locally decided port? If that is the case, this assumption should
>         probably be noted.
>
GIM>> That is a very good point but our primary motivation for this
cautionary note (or strong warning) was that by allowing STAMP to use port
numbers from the User range, ports that may be already assigned to
protocols, creates a DDOS attack vector. As for the filtering STAMP traffic
out, I think that even if the destination port is one from the Dynamic
range, for a relatively long test session it can be filtered out.

>
>         2. Section 3 and 4, and 4.1.1: What is a STAMP Session? Is that a
>         measurment session between one specific and sender and a specific
>         reflector for a time duration?  The defenition of the session do
> matter
>         if one intended to enable a single sender to use multiple
> reflectors,
>         and if that can be a single session or always multiple indepdendent
>         ones. Would appreciate a definition what a session is. If it is
>         possible to send STAMP traffic using a multicast or broadcast
> address
>         should be made explicit.
>
GIM>> Your interpretation is correct, STAMP session is implicitly defined
as p2p. And that is what reflected in the STAMP YANG model. Would the
following text make it clearer:
NEW TEXT:
   In this document, a measurement session also referred to as
   STAMP session, is the session between one specific Session-Sender and
   one particular Session-Reflector for a time duration.

>
>         3.  Section 4.1.1.:
>         Timestamp is eight octets long field.  STAMP node MUST support
>       Network Time Protocol (NTP) version 4 64-bit timestamp format
>       [RFC5905], the format used in [RFC5357].  STAMP node MAY support
>       IEEE 1588v2 Precision Time Protocol truncated 64-bit timestamp
>       format [IEEE.1588.2008], the format used in [RFC8186].
>
>         Is the clock source here something that may be relevant or simply
>         information the management functions should capture. I think there
> is a
>         similar issue to that of RTP faced when it comes to understand
> what the
>         timestamp actually represent and thus be used correctly. RTP clock
>         source specification is RFC 7273
>         (https://datatracker.ietf.org/doc/rfc7273/)
>
GIM>> NTP and PTP encodings have a different interpretation of the Fraction
field of the Timestamp field. In my experience, PTP format is native for
the data plane, while NTP is more used at the control plane. Original
extension to TWAMP has been described in RFC 8186
<https://datatracker.ietf.org/doc/rfc8186/>;.

>
>         4. Section 4.1:
>            Because STAMP supports symmetrical test packets, STAMP
> Session-Sender
>    packet has a minimum size of 44 octets in unauthenticated mode, see
>    Figure 2, and 112 octets in the authenticated mode, see Figure 4.
>
>         The above text implies some potential for UDP payload size
> variability
>         for the STAMP packets. However, the actual definition appear to
> have
>         fixed sizes. Can you please clarify if I have missed something that
>         enables the STAMP packet to have variable size?
>
GIM>> I think that the text can be improved by characterizing the listed
sizes as "base". The variable length of a test packet in STAMP is supported
by using Extra Padding TLV defined in draft-ietf-ippm-stamp-option-tlv
<https://datatracker.ietf.org/doc/draft-ietf-ippm-stamp-option-tlv/>;. Below
is the proposed update:
OLD TEXT:
   Because STAMP supports symmetrical test packets, STAMP Session-Sender
   packet has a minimum size of 44 octets in unauthenticated mode, see
   Figure 2, and 112 octets in the authenticated mode, see Figure 4.
NEW TEXT:
   STAMP supports symmetrical test packets.  The base STAMP Session-
   Sender packet has a minimum size of 44 octets in unauthenticated
   mode, see Figure 2, and 112 octets in the authenticated mode, see
   Figure 4.  The variable length of a test packet in STAMP is supported
   by using Extra Padding TLV defined in
   [I-D.ietf-ippm-stamp-option-tlv].

With the new reference, should I-D.ietf-ippm-stamp-option-tlv be moved to
the Normative References list or may remain in the Informative list?