IETF Logo Mail Archive

Re: [ippm] WGLC for STAMP Extensions

Greg Mirsky <gregimirsky@gmail.com> Thu, 11 June 2020 01:32 UTC

Return-Path: <gregimirsky@gmail.com>
X-Original-To: ippm@ietfa.amsl.com
Delivered-To: ippm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EF9983A161C for <ippm@ietfa.amsl.com>; Wed, 10 Jun 2020 18:32:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eiw1_mcOw_R2 for <ippm@ietfa.amsl.com>; Wed, 10 Jun 2020 18:32:44 -0700 (PDT)
Received: from mail-lj1-x22c.google.com (mail-lj1-x22c.google.com [IPv6:2a00:1450:4864:20::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DE6EF3A1618 for <ippm@ietf.org>; Wed, 10 Jun 2020 18:32:43 -0700 (PDT)
Received: by mail-lj1-x22c.google.com with SMTP id c17so4892225lji.11 for <ippm@ietf.org>; Wed, 10 Jun 2020 18:32:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ikKXXJA5QHnHQ8FYQmperOeWmdmDJqEeXXQrYg595JY=; b=O8tyCGGqoO93KyiKSbJift0f7wjsT4ZULwLvchx7I3V+1dLNbz5Wrm7W+vpIP3unVn l8iWh7hMM4sDQlUt+FyfIWFnIPNx+Hw0gdWJHq+RpEXwXcE0T/w/a8iRKG1k5WE8LJPX bu6IM/FCLtcCMzhEjft1JA2XSS9TPt3+uhguv8e9ymICwxxyhHLPHzqHhp1Vr9o83afl vOpq59/CLTaWkXNM5Tiw2wDsJJyKMLqSqK4p4oqUdOSqmJ8UVUXcmW09893Ii326Y7/z Ehcy+ssS4CBE2lTaDYpTgogikhYb2I7Kx6oU7CEiRRLttZBZGMmyoMYLfAcNkvXa40Ur nidQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ikKXXJA5QHnHQ8FYQmperOeWmdmDJqEeXXQrYg595JY=; b=UH2CyPwr6iBJtnj1+ngtAoEDTmzsTJGd67iZTi5A0RdhJA7/RdmJk0ugVQPnzmFw9W EdvdfNERjcm74MJY4sZpW/vi6xdyNFcr70Vi3mD4RX7EZVMplInyt9o5EmH50JP+xy7g OjhzVVxrAQZ0e91ssH006DSiY1ChGvqLffu2d1J3gIvAvNRzge85xyFW1jiYChvapBtc Mt+LHhqYQaQ9FS8jdXI9cO2uRf2FEJui5Dw9jZmY9064qQLdInXgVyFAQwZdSYVaGnu0 GiVo0rQQmwdgV58ew69yuJM3jpBvoYstC4A3cYkxHPDCREy/qJ2nkRSFhah7sDrCZSoZ 5uBA==
X-Gm-Message-State: AOAM530LP3J8ADADdPqKBjJcBBn994VbRcheKCvwjGNn1wiiUsNprUER b3a9NZxKS6iqa4J9lM1EJ3ojZZEGo0q4JKMeYRo=
X-Google-Smtp-Source: ABdhPJwkfi1AXEJF5e4UcZn6j739tzccPR7UDiPUf+zxl0u/iRlEbFmDtgdoXLaoouQPP+G7dO07KzG2J1g4p4cJzLY=
X-Received: by 2002:a2e:b88c:: with SMTP id r12mr3081765ljp.266.1591839161863; Wed, 10 Jun 2020 18:32:41 -0700 (PDT)
MIME-Version: 1.0
References: <CAKcm_gMVc88xpkOMmV7L-ybVCBzw+LhNS6Jw3=iB2gutR0ZhxA@mail.gmail.com> <4D7F4AD313D3FC43A053B309F97543CF0108A608DC@njmtexg5.research.att.com> <CA+RyBmW8hHqidEu_Br6zKpsjfQFVcK14ELhebzcCETMO4WQhMA@mail.gmail.com> <4D7F4AD313D3FC43A053B309F97543CF0108A6311B@njmtexg5.research.att.com> <CA+RyBmUsMGTHGyNbDecHjE5M39rfXz5t2VzC8mMjYBM75WQbXw@mail.gmail.com> <CAMZsk6crUg+GWYu8APgdrW6s_+FD8dgJ8+gM+0oB19jSBPgkxA@mail.gmail.com>
In-Reply-To: <CAMZsk6crUg+GWYu8APgdrW6s_+FD8dgJ8+gM+0oB19jSBPgkxA@mail.gmail.com>
From: Greg Mirsky <gregimirsky@gmail.com>
Date: Wed, 10 Jun 2020 18:32:29 -0700
Message-ID: <CA+RyBmUrpBMGZx=G_s6sAboXi3_QthAMGoL8Ou_YUzJTS78e_Q@mail.gmail.com>
To: Rakesh Gandhi <rgandhi.ietf@gmail.com>
Cc: "MORTON, ALFRED C (AL)" <acm@research.att.com>, "IETF IPPM WG (ippm@ietf.org)" <ippm@ietf.org>, Ian Swett <ianswett=40google.com@dmarc.ietf.org>
Content-Type: multipart/alternative; boundary="000000000000c8538905a7c4ef20"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/qe893GMC2KHfkvZSLmiUXGVAdVE>
Subject: Re: [ippm] WGLC for STAMP Extensions
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Jun 2020 01:32:47 -0000

Hi Rakesh,
as Al clarified, and I agree with this scenario, a Session-Reflector must
be provisioned with a session identifier (some elements, I think, might be
specified as a wild card) before the session is commenced. All test packets
that do not match the provisioned identifier must be discarded without
processing. I've tried to capture that in the latest update sent earlier.
What do you think of this scenario?

Regards,
Greg

On Wed, Jun 10, 2020 at 4:36 PM Rakesh Gandhi <rgandhi.ietf@gmail.com>
wrote:

> Hi Greg, Al,
> I am not sure if I follow the scenario.
> Between nodes A and B, there can be more than one STAMP sessions, e.g.
> {Node-A, Node-B, Src-Port-1, Dst-Port-1, SSID1} and {Node-A, Node-B,
> Src-Port-1, Dst-Port-1, SSID2}. I assume this is allowed? If yes, how do we
> know when there is now a third session between them with SSID3 (with same 4
> tuple), it is a change (from SSID1 or SSID2?) or a new third session?
> Thanks,
> Rakesh
>
>
>
>
> On Wed, Jun 10, 2020 at 7:21 PM Greg Mirsky <gregimirsky@gmail.com> wrote:
>
>> Hi Al,
>> many thanks for your quick response, much appreciated. We'll need some
>> more time to discuss your suggestion related to the Access Report TLV. I've
>> front-copied the other open issue and added my notes under the tag GIM2>>
>> below.
>>
>>
>>
>>    An implementation of STAMP Session-Reflector that supports this
>>
>>    specification SHOULD identify a STAMP Session using the SSID in
>>
>>    combination with elements of the usual 4-tuple
>>
>> [acm] <insert> for the session. If the Session-Reflector finds that
>>
>> the SSID and 4-tuple combination changes during a test session, then
>>
>> the Session-Reflector MUST discard the non-matching packet(s) and take
>>
>> no further action on them.
>>
>>    .  A conforming...
>>
>> GIM>> We've discussed the scenario and couldn't define how a
>> Session-Reflector can distinguish between a new STAMP test session and the
>> event of a change in identifiers, i.e., SSID and 4-tuple of the ongoing
>> test session. Could you kindly help us here?
>>
>>
>>
>> *[acm] Thanks, I’m surprised that a new test session (with new SSID) can
>> begin without any Session-Reflector agreement or communication from the
>> Session-Reflector’s management interface. Since the Sending address and
>> port could be spoofed, Session-Reflectors could receive lots of unexpected
>> traffic, if you know what I mean....*
>>
>> GIM2>> Thank you for the clarification. I was not thinking out of a box.
>> Please review the proposed new text below. I hope it captures the scenario
>> you've pointed out.
>> OLD TEXT:
>>    An implementation of STAMP Session-Reflector that supports this
>>    specification SHOULD identify a STAMP Session using the SSID in
>>    combination with elements of the usual 4-tuple for the session.  A
>>    conforming implementation of STAMP Session-Reflector MUST copy the
>>    SSID value from the received test packet and put it into the
>>    reflected packet, as displayed in Figure 2.
>> NEW TEXT:
>>    An implementation of STAMP Session-Reflector that supports this
>>    specification SHOULD identify a STAMP Session using the SSID in
>>    combination with elements of the usual 4-tuple for the session.
>>    Before a test session commenced, a Session-Reflector MUST be
>>    provisioned with all the elements that identify the STAMP Session.  A
>>    STAMP Session-Reflector MUST discard the non-matching STAMP test
>>    packet(s).  The means of provisioning the STAMP Session
>>    identification is outside the scope of this specification.  A
>>    conforming implementation of STAMP Session-Reflector MUST copy the
>>    SSID value from the received test packet and put it into the
>>    reflected packet, as displayed in Figure 2.
>>
>> Would the new text address your concern?
>>
>> Regards,
>> Greg
>>
>>
>> On Wed, Jun 10, 2020 at 8:01 AM MORTON, ALFRED C (AL) <
>> acm@research.att.com> wrote:
>>
>>> Hi Greg, Thanks for all replies.
>>>
>>> Let’s concentrate on those needing some additional thought...
>>>
>>> Al
>>>
>>>
>>>
>>>
>>>
>>>    An implementation of STAMP Session-Reflector that supports this
>>>
>>>    specification SHOULD identify a STAMP Session using the SSID in
>>>
>>>    combination with elements of the usual 4-tuple
>>>
>>> [acm] <insert> for the session. If the Session-Reflector finds that
>>>
>>> the SSID and 4-tuple combination changes during a test session, then
>>>
>>> the Session-Reflector MUST discard the non-matching packet(s) and take
>>>
>>> no further action on them.
>>>
>>>    .  A conforming...
>>>
>>> GIM>> We've discussed the scenario and couldn't define how a
>>> Session-Reflector can distinguish between a new STAMP test session and the
>>> event of a change in identifiers, i.e., SSID and 4-tuple of the ongoing
>>> test session. Could you kindly help us here?
>>>
>>>
>>>
>>> *[acm] Thanks, I’m surprised that a new test session (with new SSID) can
>>> begin without any Session-Reflector agreement or communication from the
>>> Session-Reflector’s management interface. Since the Sending address and
>>> port could be spoofed, Session-Reflectors could receive lots of unexpected
>>> traffic, if you know what I mean.... *
>>>
>>>
>>>
>>>
>>>
>>> ...
>>>
>>>  …                 | 2     |   Non-3GPP  | This document |
>>>
>>>                   +-------+-------------+---------------+
>>>
>>> [acm] these seem overly broad, and unlikely to be extended because they
>>> *cover everything*!!
>>>
>>> GIM>> Here we've turned to our 3GPP expert.. The current (Rel-16)
>>> specification of ATSSS defines only two access types - 3GPP and Non-3GPP.
>>> Creating a sub-registry and leaving a space for new types might help to
>>> accommodate potential changes in 5G specification and the development of
>>> new specifications, e.g., 6G, in the future.
>>>
>>> *[acm] *
>>>
>>> *Yes, but your examples of 5G and 6G would fall under the general
>>> category of “3GPP” (which I accidentally delated above).*
>>>
>>> *Maybe some additional detail would help, like “3GPP-LTE”, “3GPP-5G”,
>>> and make “Non-3GPP” the first entry so that expansion with new technologies
>>> starts at 2, 3, …*
>>>
>>>                             Table 8: Access IDs
>>>
>>>
>>>
>>> ...
>>>
>>>
>>>
>>>               +-------+---------------------+---------------+
>>>
>>>               | Value |     Description     | Reference     |
>>>
>>>               +-------+---------------------+---------------+
>>>
>>>               | 1     |  Network available  | This document |
>>>
>>>               | 2     | Network unavailable | This document |
>>>
>>>               +-------+---------------------+---------------+
>>>
>>> [acm] these seem overly broad, and imply knowledge where the STAMP
>>> end-point has limited insights!!
>>>
>>> GIM>>  These are defined in ATSSS specification of Performance
>>> Measurement Function. The value for the Return Code field is passed to
>>> STAMP system and it only transports it. Would a new text clarify the role
>>> of a STAMP system:
>>>
>>> OLD TEXT:
>>>
>>>    o  Return Code - one octet long field that identifies the report
>>>       signal, e.g., available, unavailable.  The value is one of those
>>>       listed in Section 5.5.
>>>
>>> NEW TEXT:
>>>
>>>    o  Return Code - one octet long field that identifies the report
>>>       signal, e.g., available, unavailable.  The value is passed,
>>>       supplied to the STAMP end-point through some mechanism that is
>>>       outside the scope of this document.  The value is one of those
>>>       listed in Section 5.5.
>>>
>>> *[acm] *
>>>
>>> *OK*
>>>
>>>                           Table 10: Return Codes
>>>
>>>
>>>
>>> ...
>>>
>>>
>>>
>>> 6.  Security Considerations
>>>
>>>
>>>
>>>    Use of HMAC in authenticated mode may be used to simultaneously
>>>
>>>    verify both the data integrity and the authentication of the STAMP
>>>
>>>    test packets.
>>>
>>> [acm] That's it? At least add reference to STAMP 8762 Security Section?
>>>
>>> GIM>> Thank you for your suggestion. The new text is below:
>>>
>>> NEW TEXT:
>>>
>>>    This document defines extensions to STAMP [RFC8762] and inherits all
>>>
>>>    the security considerations applicable to the base protocol.
>>>    Additionally, the HMAC TLV is defined in this document to protect the
>>>    integrity of optional STAMP extensions.  The use of HMAC TLV is
>>>    discussed in detail in Section 4.8.
>>>
>>>
>>>
>>> *[acm] OK*
>>>
>>> [acm] I suspect there will be some challenges for "Location" in future
>>>
>>>
>>>
>>>
>>>
>>> *From:* ippm [mailto:ippm-bounces@ietf.org] *On Behalf Of *Ian Swett
>>> *Sent:* Friday, May 22, 2020 5:26 PM
>>> *To:* IETF IPPM WG (ippm@ietf.org) <ippm@ietf.org>
>>> *Subject:* [ippm] WGLC for STAMP Extensions
>>>
>>>
>>>
>>> Hi IPPM,
>>>
>>> At our virtual interim meeting, we decided
>>> draft-ietf-ippm-stamp-option-tlv was ready for last call. This email starts
>>> a two-week WGLC for this draft.
>>>
>>> The latest version can be found here:
>>> https://tools.ietf.org/html/draft-ietf-ippm-stamp-option-tlv-04
>>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__tools.ietf.org_html_draft-2Dietf-2Dippm-2Dstamp-2Doption-2Dtlv-2D04&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=OfsSu8kTIltVyD1oL72cBw&m=-FQ_7VkardtUOemNdXjWGCdxDzw_8jcaV16Ots-GfRo&s=zadhVvE6IwVbJd0BcDUJdpX4xXqA4i60susVdbT5Pvg&e=>
>>>
>>> This last call will end on *Monday, June 8th*. Please reply to
>>> ippm@ietf.org with your reviews and comments.
>>>
>>> Thanks,
>>> Ian & Tommy
>>>
>>> _______________________________________________
>>> ippm mailing list
>>> ippm@ietf.org
>>> https://www.ietf.org/mailman/listinfo/ippm
>>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_ippm&d=DwMFaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=_6cen3Hn-e_hOm0BhY7aIpA58dd19Z9qGQsr8-6zYMI&m=AJPt25JReJLCcKTac6bW207kN8j0F2v7N7paNXkrS0Y&s=9RnqOZ8tzteJbGK2PJMpE2Y8RqKl-bvq-QfiStX4ywc&e=>
>>>
>>> _______________________________________________
>> ippm mailing list
>> ippm@ietf.org
>> https://www.ietf.org/mailman/listinfo/ippm
>>
>

v2.23.0 | Report a Bug | By Email