IETF Logo Mail Archive

Re: [ippm] WGLC for STAMP Extensions

Greg Mirsky <gregimirsky@gmail.com> Thu, 11 June 2020 14:44 UTC

Return-Path: <gregimirsky@gmail.com>
X-Original-To: ippm@ietfa.amsl.com
Delivered-To: ippm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 778033A0819 for <ippm@ietfa.amsl.com>; Thu, 11 Jun 2020 07:44:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zYo3zdR_jlNM for <ippm@ietfa.amsl.com>; Thu, 11 Jun 2020 07:44:45 -0700 (PDT)
Received: from mail-lj1-x22e.google.com (mail-lj1-x22e.google.com [IPv6:2a00:1450:4864:20::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F197C3A0810 for <ippm@ietf.org>; Thu, 11 Jun 2020 07:44:44 -0700 (PDT)
Received: by mail-lj1-x22e.google.com with SMTP id x18so7219981lji.1 for <ippm@ietf.org>; Thu, 11 Jun 2020 07:44:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=pxntNvh708H9CNmuSLAdTw7hL1R1kD0WNICyx3TpJdA=; b=qEiElMNku1wxeyKEMvVb35ay8iuacyDEPTaD6mqqsPH4e+GDKEAr/RI5mVR6vZaY4q pOpojTuA7x6B8jLDu9LMBaNZA0hS850pl6ynGHnLdy0KLlsXMCuclGzhOTiOLVN5p2OF c+ng5tNTUH0s8Fm5IPauPnMtyM4+zybOtXhVeDOLrLPfYIr0DAjkDXkF5jlJKht5oGcj YiwUUxQWXoiyIV1VTgdUJi10lD85Yfo4q/Gspbkuowd+JqCayxYfWNXAdM0P9vI8XuhM /1qZrrMISZFL7WZUI5drTnMlecoLUQ5xxN/BH71t5Cx6jsKNaqdKp35razR3mxEinERb 4baw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=pxntNvh708H9CNmuSLAdTw7hL1R1kD0WNICyx3TpJdA=; b=K6Uv//vFnG0SskVO/a6wwmjt8VXgYmwBii2zl1B+3t7d4heL9lEG8c5Eqf9ejufoTq /IenHZulv4Wt6MHSk10BUQagKbUvGC95+WqnTpcd4NgUNlJx6crS8j7Y59dgUo5nuK6k 6HrC1uWrAZwvHyE8UZAzDnYy0b0CoXZxzUJDdNmG0+bDGdOO1MEjQlP8bCRzhfrd7htN tivTvLaXzHwnUzFqYbc9+qgVKh0IaX3AwW405BjoN40+JGi6W76+cx1JZsDow8fnilQ0 AvGTapMbHck6S6NczZQ+lxofrYz2IKtY4I3AqJYt7GLZfvqOJS/JnwEBG77jce/vIY5y Qyew==
X-Gm-Message-State: AOAM533Wmreb/PTvYzcI/9ulUGihMLpe2MAbQRr6vZGRdd8Vgpk5Odui ZqWjOr0VM6FIyPpZ1gJjx+wZ+iZd/sdW2Gu9Ikc=
X-Google-Smtp-Source: ABdhPJz8SsUZbx9TY0sPFB5rbvNlGuIAQc3O5cT54quNZjp58JkrfflFVYWls0RQaB34lwImhpJtLO1jw7/aYHd96U0=
X-Received: by 2002:a05:651c:54e:: with SMTP id q14mr4072473ljp.279.1591886682922; Thu, 11 Jun 2020 07:44:42 -0700 (PDT)
MIME-Version: 1.0
References: <CAKcm_gMVc88xpkOMmV7L-ybVCBzw+LhNS6Jw3=iB2gutR0ZhxA@mail.gmail.com> <4D7F4AD313D3FC43A053B309F97543CF0108A608DC@njmtexg5.research.att.com> <CA+RyBmW8hHqidEu_Br6zKpsjfQFVcK14ELhebzcCETMO4WQhMA@mail.gmail.com> <4D7F4AD313D3FC43A053B309F97543CF0108A6311B@njmtexg5.research.att.com> <CA+RyBmUsMGTHGyNbDecHjE5M39rfXz5t2VzC8mMjYBM75WQbXw@mail.gmail.com> <CAMZsk6crUg+GWYu8APgdrW6s_+FD8dgJ8+gM+0oB19jSBPgkxA@mail.gmail.com> <CA+RyBmUrpBMGZx=G_s6sAboXi3_QthAMGoL8Ou_YUzJTS78e_Q@mail.gmail.com> <CAMZsk6cp9DUDwuRnd-fY=q2tz8SjeRj64gtKSgvebS8WdzdvOA@mail.gmail.com> <CA+RyBmX=3AZkimwVK4mL8VeYMaVTyEmUkT-xRzxz7hXN3ee36g@mail.gmail.com> <0E1A53C3-907A-4162-AEF9-C9664C852A2C@cisco.com>
In-Reply-To: <0E1A53C3-907A-4162-AEF9-C9664C852A2C@cisco.com>
From: Greg Mirsky <gregimirsky@gmail.com>
Date: Thu, 11 Jun 2020 07:44:30 -0700
Message-ID: <CA+RyBmVWnW5X_VgekdXtFR3s2CD0-uTBi1WPaqWpXMt_8udZ6g@mail.gmail.com>
To: "Rakesh Gandhi (rgandhi)" <rgandhi@cisco.com>
Cc: Rakesh Gandhi <rgandhi.ietf@gmail.com>, "MORTON, ALFRED C (AL)" <acm@research.att.com>, Ian Swett <ianswett=40google.com@dmarc.ietf.org>, "IETF IPPM WG (ippm@ietf.org)" <ippm@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000042259705a7d0009d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/K9zTXgtq0y4J8RU714dgtl7B9j8>
Subject: Re: [ippm] WGLC for STAMP Extensions
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Jun 2020 14:44:49 -0000

Hi Rakesh,
thank you for your quick response. Below is the text proposed in the update:
   Before a test session commenced, a Session-Reflector MUST be
   provisioned with all the elements that identify the STAMP Session.  A
   STAMP Session-Reflector MUST discard the non-matching STAMP test
   packet(s).  The means of provisioning the STAMP Session
   identification is outside the scope of this specification.
The intention of the update is to point to the need to use the management
or control plane to provision a STAMP session on the Session-Reflector. At
the same time, the text does not specify which of the informational
elements be provisioned to the explicit values and which may use a
wildcard. If you have concerns with the update, could you please suggest
modifications or propose an alternative?

Regards,
Greg

On Thu, Jun 11, 2020 at 7:28 AM Rakesh Gandhi (rgandhi) <rgandhi@cisco.com>
wrote:

> Hi Greg,
>
> The current (OLD) text in the document looks good to me.
>
> P.S. The goal for STAMP (with Simple) is to simplify such things when
> compared to TWAMP (RFC 5357).
>
>
>
> Thanks,
>
> Rakesh
>
>
>
>
>
> *From: *ippm <ippm-bounces@ietf.org> on behalf of Greg Mirsky <
> gregimirsky@gmail.com>
> *Date: *Thursday, June 11, 2020 at 10:21 AM
> *To: *Rakesh Gandhi <rgandhi.ietf@gmail.com>
> *Cc: *"MORTON, ALFRED C (AL)" <acm@research.att.com>, Ian Swett <ianswett=
> 40google.com@dmarc.ietf.org>, "IETF IPPM WG (ippm@ietf.org)" <
> ippm@ietf.org>
> *Subject: *Re: [ippm] WGLC for STAMP Extensions
>
>
>
> Hi Rakesh,
>
> I agree with your scenario. Do you feel that the document, including the
> updated text, precludes it? Would you suggest text clarifications?
>
>
>
> Regards,
>
> Greg
>
>
>
> On Thu, Jun 11, 2020 at 7:13 AM Rakesh Gandhi <rgandhi.ietf@gmail.com>
> wrote:
>
> Thanks Greg.
>
> SSID can be internally generated by the sender node. Expecting sender node
> to communicate this to the controller and then to the reflector node for
> *each* session may be overkill.
>
>
>
> The destination UDP port to use on the reflector node is already
> provisioned value and not any arbitrary port can be used anyways. So that
> should help with such issues.
>
>
>
> My 2c.
>
>
>
> Thanks,
>
> Rakesh
>
>
>
>
>
>
>
> On Wed, Jun 10, 2020 at 9:32 PM Greg Mirsky <gregimirsky@gmail.com> wrote:
>
> Hi Rakesh,
>
> as Al clarified, and I agree with this scenario, a Session-Reflector must
> be provisioned with a session identifier (some elements, I think, might be
> specified as a wild card) before the session is commenced. All test packets
> that do not match the provisioned identifier must be discarded without
> processing. I've tried to capture that in the latest update sent earlier.
>
> What do you think of this scenario?
>
>
>
> Regards,
>
> Greg
>
>
>
> On Wed, Jun 10, 2020 at 4:36 PM Rakesh Gandhi <rgandhi.ietf@gmail.com>
> wrote:
>
> Hi Greg, Al,
>
> I am not sure if I follow the scenario.
>
> Between nodes A and B, there can be more than one STAMP sessions, e.g.
> {Node-A, Node-B, Src-Port-1, Dst-Port-1, SSID1} and {Node-A, Node-B,
> Src-Port-1, Dst-Port-1, SSID2}. I assume this is allowed? If yes, how do we
> know when there is now a third session between them with SSID3 (with same 4
> tuple), it is a change (from SSID1 or SSID2?) or a new third session?
>
> Thanks,
>
> Rakesh
>
>
>
>
>
>
>
>
>
> On Wed, Jun 10, 2020 at 7:21 PM Greg Mirsky <gregimirsky@gmail.com> wrote:
>
> Hi Al,
>
> many thanks for your quick response, much appreciated. We'll need some
> more time to discuss your suggestion related to the Access Report TLV. I've
> front-copied the other open issue and added my notes under the tag GIM2>>
> below.
>
>
>
>    An implementation of STAMP Session-Reflector that supports this
>
>    specification SHOULD identify a STAMP Session using the SSID in
>
>    combination with elements of the usual 4-tuple
>
> [acm] <insert> for the session. If the Session-Reflector finds that
>
> the SSID and 4-tuple combination changes during a test session, then
>
> the Session-Reflector MUST discard the non-matching packet(s) and take
>
> no further action on them.
>
>    .  A conforming...
>
> GIM>> We've discussed the scenario and couldn't define how a
> Session-Reflector can distinguish between a new STAMP test session and the
> event of a change in identifiers, i.e., SSID and 4-tuple of the ongoing
> test session. Could you kindly help us here?
>
>
>
> *[acm] Thanks, I’m surprised that a new test session (with new SSID) can
> begin without any Session-Reflector agreement or communication from the
> Session-Reflector’s management interface. Since the Sending address and
> port could be spoofed, Session-Reflectors could receive lots of unexpected
> traffic, if you know what I mean.....*
>
> GIM2>> Thank you for the clarification. I was not thinking out of a box.
> Please review the proposed new text below. I hope it captures the scenario
> you've pointed out.
>
> OLD TEXT:
>
>    An implementation of STAMP Session-Reflector that supports this
>    specification SHOULD identify a STAMP Session using the SSID in
>    combination with elements of the usual 4-tuple for the session.  A
>    conforming implementation of STAMP Session-Reflector MUST copy the
>    SSID value from the received test packet and put it into the
>    reflected packet, as displayed in Figure 2.
>
> NEW TEXT:
>
>    An implementation of STAMP Session-Reflector that supports this
>    specification SHOULD identify a STAMP Session using the SSID in
>    combination with elements of the usual 4-tuple for the session.
>    Before a test session commenced, a Session-Reflector MUST be
>    provisioned with all the elements that identify the STAMP Session.  A
>    STAMP Session-Reflector MUST discard the non-matching STAMP test
>    packet(s).  The means of provisioning the STAMP Session
>    identification is outside the scope of this specification.  A
>    conforming implementation of STAMP Session-Reflector MUST copy the
>    SSID value from the received test packet and put it into the
>    reflected packet, as displayed in Figure 2.
>
>
>
> Would the new text address your concern?
>
>
>
> Regards,
>
> Greg
>
>
>
>
>
> On Wed, Jun 10, 2020 at 8:01 AM MORTON, ALFRED C (AL) <
> acm@research.att.com> wrote:
>
> Hi Greg, Thanks for all replies.
>
> Let’s concentrate on those needing some additional thought...
>
> Al
>
>
>
>
>
>    An implementation of STAMP Session-Reflector that supports this
>
>    specification SHOULD identify a STAMP Session using the SSID in
>
>    combination with elements of the usual 4-tuple
>
> [acm] <insert> for the session. If the Session-Reflector finds that
>
> the SSID and 4-tuple combination changes during a test session, then
>
> the Session-Reflector MUST discard the non-matching packet(s) and take
>
> no further action on them.
>
>    .  A conforming...
>
> GIM>> We've discussed the scenario and couldn't define how a
> Session-Reflector can distinguish between a new STAMP test session and the
> event of a change in identifiers, i.e., SSID and 4-tuple of the ongoing
> test session. Could you kindly help us here?
>
>
>
> *[acm] Thanks, I’m surprised that a new test session (with new SSID) can
> begin without any Session-Reflector agreement or communication from the
> Session-Reflector’s management interface. Since the Sending address and
> port could be spoofed, Session-Reflectors could receive lots of unexpected
> traffic, if you know what I mean..... *
>
>
>
>
>
> ...
>
>  …                 | 2     |   Non-3GPP  | This document |
>
>                   +-------+-------------+---------------+
>
> [acm] these seem overly broad, and unlikely to be extended because they
> *cover everything*!!
>
> GIM>> Here we've turned to our 3GPP expert... The current (Rel-16)
> specification of ATSSS defines only two access types - 3GPP and Non-3GPP.
> Creating a sub-registry and leaving a space for new types might help to
> accommodate potential changes in 5G specification and the development of
> new specifications, e.g., 6G, in the future.
>
> *[acm] *
>
> *Yes, but your examples of 5G and 6G would fall under the general category
> of “3GPP” (which I accidentally delated above).*
>
> *Maybe some additional detail would help, like “3GPP-LTE”, “3GPP-5G”, and
> make “Non-3GPP” the first entry so that expansion with new technologies
> starts at 2, 3, …*
>
>                             Table 8: Access IDs
>
>
>
> ...
>
>
>
>               +-------+---------------------+---------------+
>
>               | Value |     Description     | Reference     |
>
>               +-------+---------------------+---------------+
>
>               | 1     |  Network available  | This document |
>
>               | 2     | Network unavailable | This document |
>
>               +-------+---------------------+---------------+
>
> [acm] these seem overly broad, and imply knowledge where the STAMP
> end-point has limited insights!!
>
> GIM>>  These are defined in ATSSS specification of Performance Measurement
> Function. The value for the Return Code field is passed to STAMP system and
> it only transports it. Would a new text clarify the role of a STAMP system:
>
> OLD TEXT:
>
>    o  Return Code - one octet long field that identifies the report
>       signal, e.g., available, unavailable.  The value is one of those
>       listed in Section 5.5.
>
> NEW TEXT:
>
>    o  Return Code - one octet long field that identifies the report
>       signal, e.g., available, unavailable.  The value is passed,
>       supplied to the STAMP end-point through some mechanism that is
>       outside the scope of this document.  The value is one of those
>       listed in Section 5.5.
>
> *[acm] *
>
> *OK*
>
>                           Table 10: Return Codes
>
>
>
> ...
>
>
>
> 6.  Security Considerations
>
>
>
>    Use of HMAC in authenticated mode may be used to simultaneously
>
>    verify both the data integrity and the authentication of the STAMP
>
>    test packets.
>
> [acm] That's it? At least add reference to STAMP 8762 Security Section?
>
> GIM>> Thank you for your suggestion. The new text is below:
>
> NEW TEXT:
>
>    This document defines extensions to STAMP [RFC8762] and inherits all
>
>    the security considerations applicable to the base protocol.
>    Additionally, the HMAC TLV is defined in this document to protect the
>    integrity of optional STAMP extensions.  The use of HMAC TLV is
>    discussed in detail in Section 4.8.
>
>
>
> *[acm] OK*
>
> [acm] I suspect there will be some challenges for "Location" in future
>
>
>
>
>
> *From:* ippm [mailto:ippm-bounces@ietf.org] *On Behalf Of *Ian Swett
> *Sent:* Friday, May 22, 2020 5:26 PM
> *To:* IETF IPPM WG (ippm@ietf.org) <ippm@ietf.org>
> *Subject:* [ippm] WGLC for STAMP Extensions
>
>
>
> Hi IPPM,
>
> At our virtual interim meeting, we decided
> draft-ietf-ippm-stamp-option-tlv was ready for last call. This email starts
> a two-week WGLC for this draft.
>
> The latest version can be found here:
> https://tools.ietf.org/html/draft-ietf-ippm-stamp-option-tlv-04
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__tools.ietf.org_html_draft-2Dietf-2Dippm-2Dstamp-2Doption-2Dtlv-2D04&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=OfsSu8kTIltVyD1oL72cBw&m=-FQ_7VkardtUOemNdXjWGCdxDzw_8jcaV16Ots-GfRo&s=zadhVvE6IwVbJd0BcDUJdpX4xXqA4i60susVdbT5Pvg&e=>
>
> This last call will end on *Monday, June 8th*. Please reply to
> ippm@ietf.org with your reviews and comments.
>
> Thanks,
> Ian & Tommy
>
> _______________________________________________
> ippm mailing list
> ippm@ietf.org
> https://www.ietf.org/mailman/listinfo/ippm
> <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_ippm&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=_6cen3Hn-e_hOm0BhY7aIpA58dd19Z9qGQsr8-6zYMI&m=AJPt25JReJLCcKTac6bW207kN8j0F2v7N7paNXkrS0Y&s=9RnqOZ8tzteJbGK2PJMpE2Y8RqKl-bvq-QfiStX4ywc&e=>
>
> _______________________________________________
> ippm mailing list
> ippm@ietf.org
> https://www.ietf.org/mailman/listinfo/ippm
>
>

v2.23.0 | Report a Bug | By Email