Re: [ippm] WGLC for STAMP Extensions
Greg Mirsky <gregimirsky@gmail.com> Thu, 11 June 2020 14:20 UTC
Return-Path: <gregimirsky@gmail.com>
X-Original-To: ippm@ietfa.amsl.com
Delivered-To: ippm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CBE483A08AA for <ippm@ietfa.amsl.com>; Thu, 11 Jun 2020 07:20:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WwHuwyTnYV12 for <ippm@ietfa.amsl.com>; Thu, 11 Jun 2020 07:20:33 -0700 (PDT)
Received: from mail-lj1-x22f.google.com (mail-lj1-x22f.google.com [IPv6:2a00:1450:4864:20::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AF2BB3A08D1 for <ippm@ietf.org>; Thu, 11 Jun 2020 07:20:32 -0700 (PDT)
Received: by mail-lj1-x22f.google.com with SMTP id q19so7135712lji.2 for <ippm@ietf.org>; Thu, 11 Jun 2020 07:20:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=FMsB4aHeZVcy8G+0Vtjn9QOsSqBCotKE5szmGZBkgI0=; b=FpI1FXb8u5xnjpcBpQT9VgDcFdQlG0ant0rZH/IZ9ht1Vm9pXHJSGn8JCcg25nPYXn j9NL54qP6k0N+Y6uEcQkgswtsqQoFigRGPYdOvdN1p7NuRojL5jWgAlktZh7WrdUFVLG Bryci1HXqY61XM45eDaxd0emxEPsx1P3OFA5tcaEdTeTYl3B6IC+je9mbdBuefVVgEVh DXcd/njYjLA+6I9fj3F9DrlPGC525DQdysBwdWO0clAc1vrYE5x3ABAbiyHhLw5Rumh/ thIJZdIEtONos2/R8kEjoQnp6823I44vrAYHYc66h454kWmvaXlp4a2seswx04vTFyfv 4pQQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=FMsB4aHeZVcy8G+0Vtjn9QOsSqBCotKE5szmGZBkgI0=; b=tpW+U0hl+3e0YLiiBFTGQrfab+amtKQ2JWVaVB6J6T1E/XiAZGsX4CYxS9nEP5Nqao 9eq/1C47eeFffkIcrkqDeLt2W+XMbkV2SzLaVUom65U3RgUBmVT4JvoicZGiFoay60un h1cmIk2yx5mgwReU0DywEk+rsuH3T+KPMwaBxFUu98kJC+qm3Nc3HNXEXglb3cZ+h5J9 tpUDRNmkA4tJgOUvJc3ljYHkIXIs2gvZv18ZFnWo1PYa1LNRE5qgNzBknLxQcmiTd8yA wla6Osf1DydenBrEUeOXT+wkx+WIkvf9y60JsEaaQtkq1oqAxO9V0T8UjAu68jcnvomB 74jQ==
X-Gm-Message-State: AOAM532zdhjM8l+ql/+qFWeH0x/xMRqGDnMmolFoTjUVH0DIX9mORdtF EfR/suj/zUze5dm0s5fZJInAzJeUzGeyIxZxav8=
X-Google-Smtp-Source: ABdhPJx0yohKZGSKW1ibQn8sInAxN9WflvtzZRArQioa/Kuij2BgTFLIEdJj/smJ8PJAleXEKv6kZEVtuqv/M/kMrVg=
X-Received: by 2002:a2e:3010:: with SMTP id w16mr4535634ljw.8.1591885230668; Thu, 11 Jun 2020 07:20:30 -0700 (PDT)
MIME-Version: 1.0
References: <CAKcm_gMVc88xpkOMmV7L-ybVCBzw+LhNS6Jw3=iB2gutR0ZhxA@mail.gmail.com> <4D7F4AD313D3FC43A053B309F97543CF0108A608DC@njmtexg5.research.att.com> <CA+RyBmW8hHqidEu_Br6zKpsjfQFVcK14ELhebzcCETMO4WQhMA@mail.gmail.com> <4D7F4AD313D3FC43A053B309F97543CF0108A6311B@njmtexg5.research.att.com> <CA+RyBmUsMGTHGyNbDecHjE5M39rfXz5t2VzC8mMjYBM75WQbXw@mail.gmail.com> <CAMZsk6crUg+GWYu8APgdrW6s_+FD8dgJ8+gM+0oB19jSBPgkxA@mail.gmail.com> <CA+RyBmUrpBMGZx=G_s6sAboXi3_QthAMGoL8Ou_YUzJTS78e_Q@mail.gmail.com> <CAMZsk6cp9DUDwuRnd-fY=q2tz8SjeRj64gtKSgvebS8WdzdvOA@mail.gmail.com>
In-Reply-To: <CAMZsk6cp9DUDwuRnd-fY=q2tz8SjeRj64gtKSgvebS8WdzdvOA@mail.gmail.com>
From: Greg Mirsky <gregimirsky@gmail.com>
Date: Thu, 11 Jun 2020 07:20:18 -0700
Message-ID: <CA+RyBmX=3AZkimwVK4mL8VeYMaVTyEmUkT-xRzxz7hXN3ee36g@mail.gmail.com>
To: Rakesh Gandhi <rgandhi.ietf@gmail.com>
Cc: "MORTON, ALFRED C (AL)" <acm@research.att.com>, "IETF IPPM WG (ippm@ietf.org)" <ippm@ietf.org>, Ian Swett <ianswett=40google.com@dmarc.ietf.org>
Content-Type: multipart/alternative; boundary="000000000000b27e3605a7cfa929"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/PM85UQvaaUi-S87xEX2JoLVq-h0>
Subject: Re: [ippm] WGLC for STAMP Extensions
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Jun 2020 14:20:37 -0000
Hi Rakesh, I agree with your scenario. Do you feel that the document, including the updated text, precludes it? Would you suggest text clarifications? Regards, Greg On Thu, Jun 11, 2020 at 7:13 AM Rakesh Gandhi <rgandhi.ietf@gmail.com> wrote: > Thanks Greg. > SSID can be internally generated by the sender node. Expecting sender node > to communicate this to the controller and then to the reflector node for > *each* session may be overkill. > > The destination UDP port to use on the reflector node is already > provisioned value and not any arbitrary port can be used anyways. So that > should help with such issues. > > My 2c. > > Thanks, > Rakesh > > > > On Wed, Jun 10, 2020 at 9:32 PM Greg Mirsky <gregimirsky@gmail.com> wrote: > >> Hi Rakesh, >> as Al clarified, and I agree with this scenario, a Session-Reflector must >> be provisioned with a session identifier (some elements, I think, might be >> specified as a wild card) before the session is commenced. All test packets >> that do not match the provisioned identifier must be discarded without >> processing. I've tried to capture that in the latest update sent earlier. >> What do you think of this scenario? >> >> Regards, >> Greg >> >> On Wed, Jun 10, 2020 at 4:36 PM Rakesh Gandhi <rgandhi.ietf@gmail.com> >> wrote: >> >>> Hi Greg, Al, >>> I am not sure if I follow the scenario. >>> Between nodes A and B, there can be more than one STAMP sessions, e.g. >>> {Node-A, Node-B, Src-Port-1, Dst-Port-1, SSID1} and {Node-A, Node-B, >>> Src-Port-1, Dst-Port-1, SSID2}. I assume this is allowed? If yes, how do we >>> know when there is now a third session between them with SSID3 (with same 4 >>> tuple), it is a change (from SSID1 or SSID2?) or a new third session? >>> Thanks, >>> Rakesh >>> >>> >>> >>> >>> On Wed, Jun 10, 2020 at 7:21 PM Greg Mirsky <gregimirsky@gmail.com> >>> wrote: >>> >>>> Hi Al, >>>> many thanks for your quick response, much appreciated. We'll need some >>>> more time to discuss your suggestion related to the Access Report TLV. I've >>>> front-copied the other open issue and added my notes under the tag GIM2>> >>>> below. >>>> >>>> >>>> >>>> An implementation of STAMP Session-Reflector that supports this >>>> >>>> specification SHOULD identify a STAMP Session using the SSID in >>>> >>>> combination with elements of the usual 4-tuple >>>> >>>> [acm] <insert> for the session. If the Session-Reflector finds that >>>> >>>> the SSID and 4-tuple combination changes during a test session, then >>>> >>>> the Session-Reflector MUST discard the non-matching packet(s) and take >>>> >>>> no further action on them. >>>> >>>> . A conforming... >>>> >>>> GIM>> We've discussed the scenario and couldn't define how a >>>> Session-Reflector can distinguish between a new STAMP test session and the >>>> event of a change in identifiers, i.e., SSID and 4-tuple of the ongoing >>>> test session. Could you kindly help us here? >>>> >>>> >>>> >>>> *[acm] Thanks, I’m surprised that a new test session (with new SSID) >>>> can begin without any Session-Reflector agreement or communication from the >>>> Session-Reflector’s management interface. Since the Sending address and >>>> port could be spoofed, Session-Reflectors could receive lots of unexpected >>>> traffic, if you know what I mean....* >>>> >>>> GIM2>> Thank you for the clarification. I was not thinking out of a >>>> box. Please review the proposed new text below. I hope it captures the >>>> scenario you've pointed out. >>>> OLD TEXT: >>>> An implementation of STAMP Session-Reflector that supports this >>>> specification SHOULD identify a STAMP Session using the SSID in >>>> combination with elements of the usual 4-tuple for the session. A >>>> conforming implementation of STAMP Session-Reflector MUST copy the >>>> SSID value from the received test packet and put it into the >>>> reflected packet, as displayed in Figure 2. >>>> NEW TEXT: >>>> An implementation of STAMP Session-Reflector that supports this >>>> specification SHOULD identify a STAMP Session using the SSID in >>>> combination with elements of the usual 4-tuple for the session. >>>> Before a test session commenced, a Session-Reflector MUST be >>>> provisioned with all the elements that identify the STAMP Session. A >>>> STAMP Session-Reflector MUST discard the non-matching STAMP test >>>> packet(s). The means of provisioning the STAMP Session >>>> identification is outside the scope of this specification. A >>>> conforming implementation of STAMP Session-Reflector MUST copy the >>>> SSID value from the received test packet and put it into the >>>> reflected packet, as displayed in Figure 2. >>>> >>>> Would the new text address your concern? >>>> >>>> Regards, >>>> Greg >>>> >>>> >>>> On Wed, Jun 10, 2020 at 8:01 AM MORTON, ALFRED C (AL) < >>>> acm@research.att.com> wrote: >>>> >>>>> Hi Greg, Thanks for all replies. >>>>> >>>>> Let’s concentrate on those needing some additional thought... >>>>> >>>>> Al >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> An implementation of STAMP Session-Reflector that supports this >>>>> >>>>> specification SHOULD identify a STAMP Session using the SSID in >>>>> >>>>> combination with elements of the usual 4-tuple >>>>> >>>>> [acm] <insert> for the session. If the Session-Reflector finds that >>>>> >>>>> the SSID and 4-tuple combination changes during a test session, then >>>>> >>>>> the Session-Reflector MUST discard the non-matching packet(s) and take >>>>> >>>>> no further action on them. >>>>> >>>>> . A conforming... >>>>> >>>>> GIM>> We've discussed the scenario and couldn't define how a >>>>> Session-Reflector can distinguish between a new STAMP test session and the >>>>> event of a change in identifiers, i.e., SSID and 4-tuple of the ongoing >>>>> test session. Could you kindly help us here? >>>>> >>>>> >>>>> >>>>> *[acm] Thanks, I’m surprised that a new test session (with new SSID) >>>>> can begin without any Session-Reflector agreement or communication from the >>>>> Session-Reflector’s management interface. Since the Sending address and >>>>> port could be spoofed, Session-Reflectors could receive lots of unexpected >>>>> traffic, if you know what I mean.... * >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> ... >>>>> >>>>> … | 2 | Non-3GPP | This document | >>>>> >>>>> +-------+-------------+---------------+ >>>>> >>>>> [acm] these seem overly broad, and unlikely to be extended because >>>>> they *cover everything*!! >>>>> >>>>> GIM>> Here we've turned to our 3GPP expert.. The current (Rel-16) >>>>> specification of ATSSS defines only two access types - 3GPP and Non-3GPP. >>>>> Creating a sub-registry and leaving a space for new types might help to >>>>> accommodate potential changes in 5G specification and the development of >>>>> new specifications, e.g., 6G, in the future. >>>>> >>>>> *[acm] * >>>>> >>>>> *Yes, but your examples of 5G and 6G would fall under the general >>>>> category of “3GPP” (which I accidentally delated above).* >>>>> >>>>> *Maybe some additional detail would help, like “3GPP-LTE”, “3GPP-5G”, >>>>> and make “Non-3GPP” the first entry so that expansion with new technologies >>>>> starts at 2, 3, …* >>>>> >>>>> Table 8: Access IDs >>>>> >>>>> >>>>> >>>>> ... >>>>> >>>>> >>>>> >>>>> +-------+---------------------+---------------+ >>>>> >>>>> | Value | Description | Reference | >>>>> >>>>> +-------+---------------------+---------------+ >>>>> >>>>> | 1 | Network available | This document | >>>>> >>>>> | 2 | Network unavailable | This document | >>>>> >>>>> +-------+---------------------+---------------+ >>>>> >>>>> [acm] these seem overly broad, and imply knowledge where the STAMP >>>>> end-point has limited insights!! >>>>> >>>>> GIM>> These are defined in ATSSS specification of Performance >>>>> Measurement Function. The value for the Return Code field is passed to >>>>> STAMP system and it only transports it. Would a new text clarify the role >>>>> of a STAMP system: >>>>> >>>>> OLD TEXT: >>>>> >>>>> o Return Code - one octet long field that identifies the report >>>>> signal, e.g., available, unavailable. The value is one of those >>>>> listed in Section 5.5. >>>>> >>>>> NEW TEXT: >>>>> >>>>> o Return Code - one octet long field that identifies the report >>>>> signal, e.g., available, unavailable. The value is passed, >>>>> supplied to the STAMP end-point through some mechanism that is >>>>> outside the scope of this document. The value is one of those >>>>> listed in Section 5.5. >>>>> >>>>> *[acm] * >>>>> >>>>> *OK* >>>>> >>>>> Table 10: Return Codes >>>>> >>>>> >>>>> >>>>> ... >>>>> >>>>> >>>>> >>>>> 6. Security Considerations >>>>> >>>>> >>>>> >>>>> Use of HMAC in authenticated mode may be used to simultaneously >>>>> >>>>> verify both the data integrity and the authentication of the STAMP >>>>> >>>>> test packets. >>>>> >>>>> [acm] That's it? At least add reference to STAMP 8762 Security Section? >>>>> >>>>> GIM>> Thank you for your suggestion. The new text is below: >>>>> >>>>> NEW TEXT: >>>>> >>>>> This document defines extensions to STAMP [RFC8762] and inherits all >>>>> >>>>> the security considerations applicable to the base protocol. >>>>> Additionally, the HMAC TLV is defined in this document to protect >>>>> the >>>>> integrity of optional STAMP extensions. The use of HMAC TLV is >>>>> discussed in detail in Section 4.8. >>>>> >>>>> >>>>> >>>>> *[acm] OK* >>>>> >>>>> [acm] I suspect there will be some challenges for "Location" in future >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> *From:* ippm [mailto:ippm-bounces@ietf.org] *On Behalf Of *Ian Swett >>>>> *Sent:* Friday, May 22, 2020 5:26 PM >>>>> *To:* IETF IPPM WG (ippm@ietf.org) <ippm@ietf.org> >>>>> *Subject:* [ippm] WGLC for STAMP Extensions >>>>> >>>>> >>>>> >>>>> Hi IPPM, >>>>> >>>>> At our virtual interim meeting, we decided >>>>> draft-ietf-ippm-stamp-option-tlv was ready for last call. This email starts >>>>> a two-week WGLC for this draft. >>>>> >>>>> The latest version can be found here: >>>>> https://tools.ietf.org/html/draft-ietf-ippm-stamp-option-tlv-04 >>>>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__tools.ietf.org_html_draft-2Dietf-2Dippm-2Dstamp-2Doption-2Dtlv-2D04&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=OfsSu8kTIltVyD1oL72cBw&m=-FQ_7VkardtUOemNdXjWGCdxDzw_8jcaV16Ots-GfRo&s=zadhVvE6IwVbJd0BcDUJdpX4xXqA4i60susVdbT5Pvg&e=> >>>>> >>>>> This last call will end on *Monday, June 8th*. Please reply to >>>>> ippm@ietf.org with your reviews and comments. >>>>> >>>>> Thanks, >>>>> Ian & Tommy >>>>> >>>>> _______________________________________________ >>>>> ippm mailing list >>>>> ippm@ietf.org >>>>> https://www.ietf.org/mailman/listinfo/ippm >>>>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_ippm&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=_6cen3Hn-e_hOm0BhY7aIpA58dd19Z9qGQsr8-6zYMI&m=AJPt25JReJLCcKTac6bW207kN8j0F2v7N7paNXkrS0Y&s=9RnqOZ8tzteJbGK2PJMpE2Y8RqKl-bvq-QfiStX4ywc&e=> >>>>> >>>>> _______________________________________________ >>>> ippm mailing list >>>> ippm@ietf.org >>>> https://www.ietf.org/mailman/listinfo/ippm >>>> >>>
- [ippm] WGLC for STAMP Extensions Ian Swett
- Re: [ippm] WGLC for STAMP Extensions Tommy Pauly
- Re: [ippm] WGLC for STAMP Extensions Adi Masputra
- Re: [ippm] WGLC for STAMP Extensions Greg Mirsky
- Re: [ippm] WGLC for STAMP Extensions Tianran Zhou
- Re: [ippm] WGLC for STAMP Extensions xiao.min2
- Re: [ippm] WGLC for STAMP Extensions Giuseppe Fioccola
- Re: [ippm] WGLC for STAMP Extensions Henrik Nydell
- Re: [ippm] WGLC for STAMP Extensions Ernesto Ruffini
- Re: [ippm] WGLC for STAMP Extensions Foote, Footer (Nokia - CA)
- [ippm] 答复: WGLC for STAMP Extensions Songyuezhong (songyuezhong, IP technology Research Dept)
- Re: [ippm] WGLC for STAMP Extensions wangyali
- Re: [ippm] 答复: WGLC for STAMP Extensions Henrik Nydell
- Re: [ippm] 答复: WGLC for STAMP Extensions Greg Mirsky
- [ippm] 答复: 答复: WGLC for STAMP Extensions Songyuezhong (songyuezhong, IP technology Research Dept)
- Re: [ippm] 答复: WGLC for STAMP Extensions Greg Mirsky
- [ippm] 答复: 答复: WGLC for STAMP Extensions Songyuezhong (songyuezhong, IP technology Research Dept)
- Re: [ippm] WGLC for STAMP Extensions Rakesh Gandhi
- Re: [ippm] 答复: WGLC for STAMP Extensions Greg Mirsky
- Re: [ippm] WGLC for STAMP Extensions MORTON, ALFRED C (AL)
- Re: [ippm] WGLC for STAMP Extensions Greg Mirsky
- Re: [ippm] WGLC for STAMP Extensions Ian Swett
- Re: [ippm] WGLC for STAMP Extensions Greg Mirsky
- Re: [ippm] WGLC for STAMP Extensions MORTON, ALFRED C (AL)
- Re: [ippm] WGLC for STAMP Extensions Greg Mirsky
- Re: [ippm] WGLC for STAMP Extensions Rakesh Gandhi
- Re: [ippm] WGLC for STAMP Extensions Greg Mirsky
- Re: [ippm] WGLC for STAMP Extensions Greg Mirsky
- Re: [ippm] WGLC for STAMP Extensions MORTON, ALFRED C (AL)
- Re: [ippm] WGLC for STAMP Extensions MORTON, ALFRED C (AL)
- Re: [ippm] WGLC for STAMP Extensions Rakesh Gandhi
- Re: [ippm] WGLC for STAMP Extensions Greg Mirsky
- Re: [ippm] WGLC for STAMP Extensions Rakesh Gandhi (rgandhi)
- Re: [ippm] WGLC for STAMP Extensions Greg Mirsky
- Re: [ippm] WGLC for STAMP Extensions Rakesh Gandhi
- Re: [ippm] WGLC for STAMP Extensions Greg Mirsky
- Re: [ippm] WGLC for STAMP Extensions Rakesh Gandhi
- Re: [ippm] WGLC for STAMP Extensions Greg Mirsky
- Re: [ippm] WGLC for STAMP Extensions wangyali
- Re: [ippm] WGLC for STAMP Extensions Greg Mirsky
- Re: [ippm] WGLC for STAMP Extensions Greg Mirsky
- [ippm] 答复: WGLC for STAMP Extensions wangyali
- Re: [ippm] WGLC for STAMP Extensions Greg Mirsky
- Re: [ippm] WGLC for STAMP Extensions wangyali
- Re: [ippm] WGLC for STAMP Extensions Greg Mirsky
- Re: [ippm] WGLC for STAMP Extensions wangyali