Re: [ippm] [spring] WG Adoption Call for https://tools.ietf.org/html/draft-gandhi-spring-twamp-srpm-11

Gyan Mishra <hayabusagsm@gmail.com> Sat, 05 December 2020 06:15 UTC

Return-Path: <hayabusagsm@gmail.com>
X-Original-To: ippm@ietfa.amsl.com
Delivered-To: ippm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 531EF3A0CDA; Fri, 4 Dec 2020 22:15:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.086
X-Spam-Level:
X-Spam-Status: No, score=-2.086 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_REMOTE_IMAGE=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yI6suHXHupnB; Fri, 4 Dec 2020 22:15:33 -0800 (PST)
Received: from mail-pf1-x42b.google.com (mail-pf1-x42b.google.com [IPv6:2607:f8b0:4864:20::42b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CBC613A0C97; Fri, 4 Dec 2020 22:15:32 -0800 (PST)
Received: by mail-pf1-x42b.google.com with SMTP id t8so5301291pfg.8; Fri, 04 Dec 2020 22:15:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=qNMTBUtlj473GnPIKbbbdNt9isAQENx9rJ6k8ECId1I=; b=VTi/PAqfP5FomJWWYim7w4MwyHgo3NUvC2A5xJjPOUA3ZtJF62hmDZ2bvxZJ19EsM0 t2sxFlBoSs+Fp10hh4ultmuyXxygayor8zoGBGc85xM5X+oOQw+A9czWLo3NpHr+RlAh uL4TG26H61L9Ho5cTK1RHToHUXybK1HIkwpadWEISnfwhgTzT0to7iJjEPSzDZq1oy6h imO1c3gLN3Vlk87JT5JSPcIGZPMFbYkc5lh5tb5F52tC4K597DRDdohNdb2lyCu4tOjW /jM4rw4IACAkcTKwTHIT5BhnP7gsnC7RfHwzNpymYFJzGyNhIZxXYylzrjwyQ8YCuIGH mksw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=qNMTBUtlj473GnPIKbbbdNt9isAQENx9rJ6k8ECId1I=; b=saiSfCSS/KHDatSB+mo9HFJu9mFAfDCEyDsM9P5y77P7RW6hBcjkT7IzSGbQ2Clnab Y5odSHDj20v9MlOssd33kP6utwQX0CmtKjiibAW3C6yRTFfG4oV/V2jp+UeJJacGj+0F ihQzCcE2ypvkB9S0ZhH2cxTUGcLb/GC7FsPVR4yVyj72KwO2N9aquxcp6wJIjcemLjyD ktL62cj6SC4JEHMotrSQ6xtYsvf4oV0sLbR6C3vK56LShM0lfQf+UPh64yap3YfFfNqd IJtcWQ3EhwEN3X/+HLTDqwd5p3vaRuTMCHVVlu6idqOCuI/mW7/116uRtvCAf9yhDGNI kn/Q==
X-Gm-Message-State: AOAM532wCTj5rgfU719G/FQ11wR+z21STeaJxgHaf4iaU++X7XZVwAUa lLMoZmkf7fsyKrMF3upxcc2aYIF0zC2yPL8A8KE=
X-Google-Smtp-Source: ABdhPJwi+Fyhrzrl+zHXGlpsys1m3UtoJ/ZBo16DYMjmNbfqs//r5WN8+7BqrqLjT29sEkaJP+gipuv61RaiaHR3BrM=
X-Received: by 2002:a65:5ac4:: with SMTP id d4mr1401292pgt.50.1607148931762; Fri, 04 Dec 2020 22:15:31 -0800 (PST)
MIME-Version: 1.0
References: <DM6PR13MB3066F695F1ABFC22C52CEA3BD21D0@DM6PR13MB3066.namprd13.prod.outlook.com> <CA+RyBmWROaXBChBht9hCq3S6r5EASc47Qny1mr3u6kyuuiTXfQ@mail.gmail.com> <DM6PR11MB3115E21076C99CDE5D0B4B25BFE90@DM6PR11MB3115.namprd11.prod.outlook.com> <CA+RyBmVMX4HsmFQ8r5LfTj_DrZmF+ME8BLT8Lgzvyyk70=nzfw@mail.gmail.com> <CABNhwV1gKYvnyV-7_1JQ5h_2299epNDxxuuKm5_86FQdziSA6g@mail.gmail.com> <DM6PR11MB3115E8AAC89CECAA553E8191BFF90@DM6PR11MB3115.namprd11.prod.outlook.com> <CA+RyBmVcf5HGH05rkgwFhysG7EqE6cXnYjAzH-GrPgkStR4NyQ@mail.gmail.com> <DM6PR11MB31156BE924B8DF1F37E159BEBFF30@DM6PR11MB3115.namprd11.prod.outlook.com> <CA+RyBmWmd_RXefMksyTEWoH7xyiLkY-EhcQCs1APoWVpcqDoqg@mail.gmail.com>
In-Reply-To: <CA+RyBmWmd_RXefMksyTEWoH7xyiLkY-EhcQCs1APoWVpcqDoqg@mail.gmail.com>
From: Gyan Mishra <hayabusagsm@gmail.com>
Date: Sat, 05 Dec 2020 01:15:20 -0500
Message-ID: <CABNhwV3wGHejsRdnD6ppTBhOz+aaVkOBCJkQSOc+rTB6HbiNtA@mail.gmail.com>
To: Greg Mirsky <gregimirsky@gmail.com>
Cc: Greg Mirsky <gregory.mirsky@ztetx.com>, IETF IPPM WG <ippm@ietf.org>, James Guichard <james.n.guichard@futurewei.com>, "Rakesh Gandhi (rgandhi)" <rgandhi@cisco.com>, "ippm-chairs@ietf.org" <ippm-chairs@ietf.org>, "spring-chairs@ietf.org" <spring-chairs@ietf.org>, "spring@ietf.org" <spring@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000002dce6a05b5b185f9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ippm/zQbGx4sCoqrJtPCU4ZKdQb20MRw>
Subject: Re: [ippm] [spring] WG Adoption Call for https://tools.ietf.org/html/draft-gandhi-spring-twamp-srpm-11
X-BeenThere: ippm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF IP Performance Metrics Working Group <ippm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ippm>, <mailto:ippm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ippm/>
List-Post: <mailto:ippm@ietf.org>
List-Help: <mailto:ippm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ippm>, <mailto:ippm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 05 Dec 2020 06:15:43 -0000

Hi Rakesh

Had a general question.

I read through the draft again and a question came to mind as this draft is
Standards Track, what new is being introduced other then a procedure of how
to use TWAMP in SR networks SR-MPLS which reuses the MPLS data plane and
SRv6 which used the IPv6 data plane.  I don’t believe there exists  a
Standards track draft procedure for how to use STAMP over IP network or
MPLS network as an example.

Section 4.1.4 describes SR-MPLS use case and SRv6 use case.  As there
appears to be nothing new introduced such as a new IANA TLV or code point
or even a special SID code point  for TWAMP, all basic vanilla SR, that
without this draft you could run STAMP, TWAMP, OWAMP over SR which has
existed for a while now.

What is the new invention here?

Sorry but I may have missed something.

My thoughts are at most this be a BCP or I am thinking informational draft
would be appropriate.

Thoughts?

Gyan

On Thu, Dec 3, 2020 at 12:51 PM Greg Mirsky <gregimirsky@gmail.com> wrote:

> Hi Rakesh,
> thank you for the continued discussion. You can find my follow-up notes
> in-line below under GIM3>> tag. I felt that one comment is at the root of
> our different views on what is considered to be a problem that drafts
> solve. You've said:
>
> <RG3> As mentioned, the extensions defined are for the direct-mode packet
> loss measurement for TWAMP Light and STAMP.
>
> But draft-ietf-ippm-stamp-option-tlv
> <https://datatracker.ietf.org/doc/draft-ietf-ippm-stamp-option-tlv/>,
> currently in  Submitted to IESG for Publication WG state according to IETF
> datatracker, includes Section 4.5 Direct Measurement TLV. It is noted in
> the section:
>    The Direct Measurement TLV enables collection of the number of in-
>    profile packets, i.e., packets that form a specific data flow, that
>    had been transmitted and received by the Session-Sender and Session-
>    Reflector, respectively.  The definition of "in-profile packet" is
>    outside the scope of this document and is left to the test operators
>    to determine.
> Thus I cannot see any technical need for the introduction of yet another
> way of direct loss measurement in STAMP. As for the case of TWAMP Light, I
> believe that there's no sufficient evidence that the proposed direct
> loss-measurement measurement method benefits existing implementations of
> TWAMP Light. Also, historically, all extensions applicable to TWAMP Light
> have been introduced through extending TWAMP proper, i.e., extending
> TWAMP-Control and TWAMP-Test. The way of "extending" TWAMP Light presented
> in the drafts we are discussing is, in my opinion, in violation of RFC 5357.
>
> More notes can be found below.
>
> Regards,
> Greg
>
>
> On Wed, Dec 2, 2020 at 12:18 PM Rakesh Gandhi (rgandhi) <rgandhi@cisco.com>
> wrote:
>
>> Thank you Greg for your further reply and the discussions.
>>
>> *Good to know that you do see a need for the extensions for the
>> direct-mode packet loss detection and the authors are actively working on
>> an alternate methods using BFD (as you mentioned below).*
>>
> GIM3>> As you've recognized, in draft-mirmin-bfd-extended
> <https://www.ietf.org/archive/id/draft-mirmin-bfd-extended-03.txt> we
> build an integrated OAM based on the lightweight Fault Management protocol
> with optional Performance Monitoring, based on RFC 6374. RFC 6374, in turn,
> provides a rich set of performance measurement methods, including direct
> loss measurement.
>
> Please see replies inline with <RG3>….
>>
>>
>>
>>
>>
>> *From: *Greg Mirsky <gregimirsky@gmail.com>
>> *Date: *Monday, November 30, 2020 at 11:30 AM
>> *To: *Rakesh Gandhi (rgandhi) <rgandhi@cisco.com>
>> *Cc: *Gyan Mishra <hayabusagsm@gmail.com>, IETF IPPM WG <ippm@ietf.org>,
>> James Guichard <james.n.guichard@futurewei.com>, ippm-chairs@ietf.org <
>> ippm-chairs@ietf.org>, spring-chairs@ietf.org <spring-chairs@ietf.org>,
>> spring@ietf.org <spring@ietf.org>, Greg Mirsky <gregory.mirsky@ztetx.com>
>> *Subject: *Re: [spring] [ippm] WG Adoption Call for
>> https://tools.ietf.org/html/draft-gandhi-spring-twamp-srpm-11
>>
>> Hi Rakesh,
>>
>> thank you for the continued discussion. I appreciate your responses. I am
>> still not convinced of the value these documents add. Please find my
>> follow-up notes in-line below under the GIM2>> tag.
>>
>>
>>
>> Regards,
>>
>> Greg
>>
>>
>>
>>
>>
>> On Wed, Nov 25, 2020 at 8:19 PM Rakesh Gandhi (rgandhi) <
>> rgandhi@cisco.com> wrote:
>>
>> Thank you Gyan and Greg for your review comments and discussions. Please
>> see inline replies with <RG2>…
>>
>> *From: *Gyan Mishra <hayabusagsm@gmail.com>
>> *Date: *Wednesday, November 25, 2020 at 12:34 PM
>> *To: *Greg Mirsky <gregimirsky@gmail.com>
>> *Cc: *IETF IPPM WG <ippm@ietf.org>, James Guichard <
>> james.n.guichard@futurewei.com>, Rakesh Gandhi (rgandhi) <
>> rgandhi@cisco.com>, ippm-chairs@ietf.org <ippm-chairs@ietf.org>,
>> spring-chairs@ietf.org <spring-chairs@ietf.org>, spring@ietf.org <
>> spring@ietf.org>
>> *Subject: *Re: [spring] [ippm] WG Adoption Call for
>> https://tools.ietf.org/html/draft-gandhi-spring-twamp-srpm-11
>>
>>  Hi Rakesh
>>
>> I have been following this thread and to help progress the discussion I
>> would like to provide some comments in-line Gyan>
>>
>> Thanks
>>
>> Gyan
>>
>> On Sun, Nov 15, 2020 at 7:08 PM Greg Mirsky <gregimirsky@gmail.com>
>> wrote:
>>
>> Hi Rakesh,
>>
>> thank you for the response to my comments. Please find my follow-up notes
>> in-lined below under the GIM>> tag.
>>
>> Regards,
>>
>> Greg
>>
>> On Tue, Nov 10, 2020 at 7:33 AM Rakesh Gandhi (rgandhi) <
>> rgandhi@cisco.com> wrote:
>>
>> Thank you Greg for taking time for thoroughly reviewing the documents and
>> providing the comments.
>>
>> Please see replies inline with <RG>…
>>
>> *From: *ippm <ippm-bounces@ietf.org>
>> *Date: *Friday, November 6, 2020 at 11:18 AM
>> *To: *James Guichard <james.n.guichard@futurewei.com>
>> *Cc: *spring@ietf.org <spring@ietf.org>, ippm-chairs@ietf.org <
>> ippm-chairs@ietf.org>, spring-chairs@ietf.org <spring-chairs@ietf.org>,
>> IETF IPPM WG <ippm@ietf.org>
>> *Subject: *Re: [ippm] [spring] WG Adoption Call for
>> https://tools.ietf.org/html/draft-gandhi-spring-twamp-srpm-11
>>
>> Dear Chairs of the SPRING and IPPM WGs, Authors, et al.,
>>
>> I've found myself in the situation when two related drafts are in the WG
>> APs in the SPRING and IPPM WG (with the possibility that expertise from the
>> third WG, BFD WG, might be desirable to review the "liveness monitoring").
>> Because these drafts are closely related, I've decided to combine my
>> questions and comments in a single thread. I hope that would be acceptable
>> and considered by the SPRING WG as well as IPPM WG.
>>
>> Usually, the bar for the adoption of a document can be evaluated by
>> answers to these three questions:
>>
>>    - Is the document(s) reasonably well-written
>>
>> I've got surprised that the drafts don't use the terminology from RFC
>> 4656 and 5357 and introduce their own terminology for Session-Sender and
>> Session-Reflector. Also, many terms, e.g., Links, "congruent paths", are
>> used in the documents without proper definitions. Other than that both
>> drafts are readable and reasonably well-written.
>>
>> <RG> We are ok to change Sender to Session-Sender and Reflector to
>> Session-Reflector if it helps.
>>
>>
>>
>> GIM>> I believe that the consistency in terminology between the core RFC
>> and what is intended as its extension is not only helpful to a reader but,
>> to the best of my understanding, is required for IETF specifications. But I
>> don't think that switching the terminology will fix the fundamental issue
>> with the proposal. The operation that is required from the remote entity,
>> whether it is referred to as responder or Session-Reflector, is not defined
>> in Appendix I of RFC 5357, nor in RFCs 4656 or 5357 itself. In my opinion,
>> the behavior required, as described in the draft, cannot be characterized
>> as an extension of OWAMP, TWAMP, or TWAMP Light but presents a completely
>> new protocol that, if there's a need in the new PM OAM protocol, must be
>> properly defined.
>>
>>    Gyan> I am in complete agreement with Greg about terminology and
>> consistency.  The problem with inconsistency is that that you are not
>> following well known normative references required to understand the
>> specification leading to confusion and misunderstanding of the
>> specification.  The goal should be clear and concise in terminology and
>> verbiage.
>>
>> <RG2> Agree. Will address the terms from RFC 5357 in the next revision.
>>
>> <RG> There are many existing RFCs that use term “Link” (e.g. RFC 5613,
>> 5340, 8330, etc.) and term “Congruent Path” (e.g. RFC 5921, 6669) without
>> defining them. I suspect it is because these are well-known terms. Having
>> said that, we can add a reference for them if it helps.
>>
>> GIM>> Thank you for listing these RFCs. I think I need to clarify my
>> questions. While a reference to any of RFCs you've mentioned, I don't think
>> that will address my concern. In reviewed documents, "Link" is capitalized
>> while referenced RFCs used the lower case form for the term "link". Can
>> these be used interchangeably? Do they refer to the same network object?
>>
>> Now I'll try to illustrate my concern with using the term "congruent
>> path" in these drafts (using ASCII-art):
>>
>>                        C---------D
>>
>>                      /                 \
>>
>>             A----B                   E-----F
>>
>>                      \                  /
>>
>>                      G------------H
>>
>> Consider an SR tunnel from A to F that traverses the network as
>> A-B-C-D-E-F. Is A-B-G-H-E-F congruent to it? From the definition of
>> "congruent" as "two figures or objects are congruent if they have the same
>> shape and size, or if one has the same shape and size as the mirror image
>> of the other", it looks as the path A-B-G-H-E-F is congruent to that SR
>> tunnel. But a packet of an active OAM intended to monitor a flow over the
>> SR tunnel is out-of-band relative to that flow and will not produce any
>> meaningful measurement. Of course, for the case of the extensions in drafts
>> *-twamp-srpm, direct loss measurement can be performed, as information
>> collected from node F and packets that collect the counters are not
>> required to be in-band with the monitored flow. So, this example, in my
>> opinion, illustrates two of my concerns:
>>
>> ·         using a congruent path for active performance measurement,
>> e.g., TWAMP or TWAMP Light, may produce information that does not reflect
>> the condition experienced by the monitored flow. It seems that the
>> terminology should reflect the fundamental requirement of ensuring that
>> active OAM test packets are in-band with the monitored flow.
>>
>> ·         there are no technical requirements to justify using in-band
>> test packets for direct packet loss measurement. In fact, using the in-band
>> method for collecting in-profile counters leads to a waste of bandwidth,
>> which may have a negative impact on services that require low-latency
>> and/or low packet loss. As demonstrated in this example, direct packet loss
>> can be performed using an out-of-band mechanism, e.g., SNMP queries,
>> Netconf notifications based on YANG data model.
>>
>>
>>    - Does the document solve a real problem?
>>
>> No, it appears that these drafts define a new performance measurement
>> protocol for the purpose of combining OWAMP and TWAMP functionality and
>> adding the ability to collect counters of "in-profile" packets. I couldn't
>> find sufficient technical arguments for using a PM protocol instead of, for
>> example, extending the existing OAM mechanisms like ICMP.
>>
>>  Gyan>  This may sound basic but is a very critical subject going down
>> the same lines of clarity in verbiage so their is no misunderstanding.
>>  “Congruent” by definition means shape of an object and if you super
>> imposed two objects on top of each other they fit perfectly and the edges
>> coincide identically.  The problem with congruent is that it is based on
>> the shape and that shape could be a mirror image or reflection which may
>> not be exact.  So when referring to a SR-TE path taken this could lead to
>> confusion as to path taken if it’s the same path or congruent which is
>> vague as to “exactly” which path is taken where here there is criticality
>> as to the path being referenced in terms of in-band versus out-of-band.  I
>> agree that for direct in band packet loss measurement can be done via
>> existing OAM mechanisme via ICMP.
>>
>> <RG2> Ok, we will find an appropriate term for “sending packets on the
>> same path as data traffic”.
>>
>> <RG2> Extending ICMP for direct-mode loss measurement is outside the
>> scope of this draft. But good to see the agreement for the direct in band
>> packet loss measurement to be done (albeit by some other means).
>>
>> GIM2>> I feel that you misunderstand my position in regard to the use
>> case these four documents try to solve. I don't recall that I've stated
>> that "direct in-band packet loss measurement" requires any additional
>> standardization work. The Direct Measurement TLV has solved that for STAMP
>> and draft-ietf-ippm-stamp-option-tlv is now in the RFC Editor's queue. I
>> cannot find any valid technical reason to re-open this and measure the
>> direct packet loss in a slightly different way. I must point out that a
>> claim that using fixed positions for the direct packet loss optimizes
>> performance does not stand for cases (Section 4.2.1 and 4.2.2 of
>> draft-gandhi-spring-stamp-srpm) when the return path is specified in the
>> Return Path TLV and, as I understand it, in some cases even the second TLV,
>> Node Address TLV, is used. Thus, it is clear that the proposed new method
>> of direct packet loss measurement does not offer any significant benefits
>> comparing to the STAMP's Direct Measurement TLV and appears nothing but
>> superfluous.
>>
>>
>>
>> <RG3> The direct-mode packet loss use-case is typically for the forward
>> direction packet loss. And this does not use the return path TLV. We can
>> clarify that in the draft.
>>
> GIM3>> Clarification would be very helpful as your latest note might be
> interpreted that the proposed mechanisms are not applicable in the case of
> a bi-directional SR tunnel.
>
>> <RG> There is a requirement to measure performance delay as well as
>> synthetic and direct-mode packet loss in segment-routing networks. OWAMP
>> and TWAMP protocols are widely deployed for performance delay and synthetic
>> packet loss measurement today. I am not sure extending ICMP for LM is a
>> good option here.
>>
>> GIM>> I agree with the requirements you've listed (though the SPRING WG
>> OAM requirements document
>> <https://tools.ietf.org/html/draft-ietf-spring-sr-oam-requirement-03> has
>> been abandoned and expired 3+ years ago). I believe that there's no
>> sufficient technical reason to use OWAMP/TWAMP for exclusive direct packet
>> loss measurement.
>>
>>     Gyan> Agreed
>>
>> <RG2> There is definitely a need to do direct-mode loss measurement in
>> IP/SR networks, as RFC 6374 mechanisms are for MPLS networks. Note that
>> there was an attempt to extend BFD for direct-mode loss measurement for
>> this purpose using RFC 6374 loss measurement message (see
>> draft-mirmin-bfd-extended-03).
>>
>> GIM2>> I am surprised that you refer to draft-mirmin-bfd-extended
>> <https://www.ietf.org/archive/id/draft-mirmin-bfd-extended-03.txt> in
>> the past tense. The work and discussion of the proposal continues and the
>> new version will be published soon.
>>
>>
>>
>> *<RG3> Ok, so you do see a need for the extensions for the direct-mode
>> packet loss detection and the authors are actively working on an alternate
>> methods using BFD. *
>>
>>
>>    - Is the proposed solution technically viable?
>>
>> There are too many unaddressed aspects, particularly the risk introduced
>> by the protocol on network security, to comprehensively evaluate the
>> proposed solution.
>>
>> <RG> About your comment on zero checksum, this is described in Security
>> section in RFC 6936. We will add reference to this RFC in our Security
>> Section as well. This is only specific to the UDP port locally provisioned
>> in the domain by the operator for TWAMP. Other than this, I did not find
>> any other security related issue in your review below.
>>
>> GIM>> I don't think that a mere reference sufficiently explains why the
>> use of zero UDP checksum in IPv6 header is not decremental, does not create
>> a security risk for the protocol.
>>
>>      Gyan> Agreed 0 UDP MIMA security threats and that you need to
>> thorough vetting of RFC 6936.
>>
>>  <RG2> Yes, will add in the next revision. Hope we can work together on
>> needed text.
>>
>> To summarize my review of these two drafts:
>>
>>    - these propose a new protocol, not an update or enhancement of the
>>    TWAMP-like protocol;
>>
>> <RG> The probe and response messages defined in [RFC 5357] are used for
>> delay measurement and synthetic packet loss. The direct-mode packet loss
>> messages are defined in draft-gandhi-ippm-twamp-srpm
>> <https://datatracker.ietf.org/doc/draft-gandhi-ippm-twamp-srpm/> that
>> match these delay measurement messages. As stated,
>> draft-gandhi-ippm-twamp-srpm
>> <https://datatracker.ietf.org/doc/draft-gandhi-ippm-twamp-srpm/> defines
>> “extensions” for TWAMP Light.
>>
>> GIM>> I cannot find where RFC 5357 defines "the probe and response
>> messages". Could you give a more specific reference or provide the text
>> that, in your opinion, defines such messages? But I'm more concerned with
>> the direction of "extending" non-protocol referred to as "TWAMP Light". As
>> a contributor to BBF's TR-390, I'm have learned how different are existing
>> implementations of TWAMP Light. And that is also noted in EANTC
>> Multi-Vendor Interoperability 2019 white paper
>> <https://mail.google.com/mail/u/0/?q=draft-ietf-ippm-stamp-option-tlv#inbox?compose=CqMvqmRLZZrxJQtbnmkKJVzZBZszkgxPgsfzWBLMWntdzDFXDrjLTQtqrhmDFgdNbzkHXhJNrKg>.
>> The status of TWAMP Light is explained in RFC 8545 and I cannot see that it
>> can be used as a foundation of any standard.
>>
>>   Gyan> I don’t see the probe a d response messages in TWAMP RFC 5357
>>
>> <RG2> Agree to use term test-packet from RFC 5357.
>>
>> ·         several parts of the proposed protocol, e.g., Zero UDP
>> checksum in IPv6, require detailed security analysis, which is currently
>> absent;
>>
>>      Gyan> Agreed
>>
>> <RG2> Please see previous reply.
>>
>> <RG> This is specified in RFC 6936 Security Section. We will add
>> reference to this RFC in our Security Section as well. This is only
>> specific to the UDP port locally provisioned in the domain by the operator
>> for TWAMP.
>>
>> GIM>>  I've noted above that a simple reference does not sufficiently
>> explains why the use of zero UDP checksum in IPv6 header is not
>> decremental, does not create a security risk for the protocol. I believe
>> that the proposal to use zero UDP header checksum requires extensive
>> analysis, using the analysis provided in RFC 6936.
>>
>>     Gyan> Completely Agree
>>
>>  <RG2> Please see previous reply.
>>
>>
>>    - I was surprised to find out that draft-gandhi-ippm-twamp-srpm is on
>>    the Informational track even though it is essential to the new protocol as
>>    it defines its key elements
>>
>> <RG> This was to address your previous comment quoted as:
>>
>>  “- as I understand, the draft is applicable to TWAMP Light mode,
>>
>>    mentioned in the informational Appendix I in RFC 5357, not the TWAMP
>>
>>    protocol itself. Since TWAMP Light is not a standard but its idea is
>>
>>    described in the informational text only, I think that the
>> Informational
>>
>>   track is more appropriate for this specification.”
>>
>> https://mailarchive.ietf.org/arch/msg/ippm/bGTsJmJ5-eC3B-mfDCXAFiCAC3o/
>>
>> <RG> Having said that, we are ok to change to PS.
>>
>> GIM>> As explained in RFC 8545 "TWAMP Light is an idea", not a protocol.
>> If anyone is interested in standardizing an "extension", I'd expect that
>> they first define the base specification to which the extension applies. I
>> might have missed the definition of TWAMP Light protocol in the draft. Could
>> you point to the definition, for example, of the Authenticated mode in
>> TWAMP Light in the draft-gandhi-spring-twamp-srpm or RFC 5357?
>>
>>      Gyan> Agreed
>>
>> <RG2> The Appendix I of RFC 5357 does have information on the
>> Authentication mode. As specified there, this is based on user configured
>> parameters.
>>
>> ·         I believe that draft-gandhi-spring-twamp-srpm should be
>> anchored at IPPM WG as it does introduce the new PM protocol.
>>
>> <RG> The TWAMP Light extension draft-gandhi-ippm-twamp-srpm
>> <https://datatracker.ietf.org/doc/draft-gandhi-ippm-twamp-srpm/> is
>> already in IPPM WG. The SPRING draft only defines SR PM procedures.
>>
>>  Below, please find my detailed comments, questions on these drafts:
>>
>>    - draft-gandhi-spring-twamp-srpm
>>
>> I have several questions about the relationships between this draft and
>> Appendix I in RFC 5357 where the idea of a mode known as TWAMP Light has
>> been mentioned. The nature of the TWAMP Light and what is required to make
>> it a standard is well-explained in Section 4 of RFC 8545
>> <https://datatracker.ietf.org/doc/rfc8545/> (apologies for the long
>> quote):
>>
>>    "TWAMP Light" is an idea described in Appendix I ("TWAMP Light
>>    (Informative)") of [RFC5357]; TWAMP Light includes an unspecified
>>    control protocol combined with the TWAMP-Test protocol.  In
>>    [RFC5357], the TWAMP Light idea was relegated to Appendix I because
>>    TWAMP Light failed to meet the requirements for IETF protocols (there
>>    are no specifications for negotiating this form of operation and no
>>    specifications for mandatory-to-implement security features), as
>>    described in Appendix A of this memo.  See also [LarsAD] and
>>    [TimDISCUSS].
>>
>>    Since the idea of TWAMP Light clearly includes the TWAMP-Test
>>    component of TWAMP, it is considered reasonable for future systems to
>>    use the TWAMP-Test well-known UDP port (whose reallocated assignment
>>    is specified in this document).  Clearly, the TWAMP Light idea
>>    envisions many components and communication capabilities beyond
>>    TWAMP-Test (implementing the security requirements, for example);
>>    otherwise, Appendix I of [RFC5357] would be one sentence long
>>    (equating TWAMP Light with TWAMP-Test only).
>>
>>  Since we don't have an IETF document that addressed these open
>> questions, I don't think we can have a draft that proposes extensions to a
>> non-standard mechanism (Appendix is for Informational material, as I
>> understand it) on the Standard track.
>>
>>  Gyan> Agreed
>>
>> <RG2> The procedure for using the RFC 5357 defined messages in TWAMP
>> Light configuration mode is defined in the corresponding spring drafts. It
>> also describes the provisioning model.
>>
>> GIM2>> If a return path can be provisioned for TWAMP Light, why the same
>> method of controlling a test session cannot be used for STAMP?
>>
>>
>>
>> <RG3> It is not expected that all STAMP TLV extensions need to be
>> supported for TWAMP Light using provisioning.
>>
>  <RG> This was to address your previous comment quoted as
>>
>>  “- as I understand, the draft is applicable to TWAMP Light mode,
>>
>>    mentioned in the informational Appendix I in RFC 5357, not the TWAMP
>>
>>    protocol itself. Since TWAMP Light is not a standard but its idea is
>>
>>    described in the informational text only, I think that the
>> Informational
>>
>>    track is more appropriate for this specification.”
>>
>> https://mailarchive.ietf.org/arch/msg/ippm/bGTsJmJ5-eC3B-mfDCXAFiCAC3o/
>>
>> <RG> Having said that, we are ok to change to PS as you mentioned above.
>>
>> <RG> BTW, despite only difference of fixed vs. variable length payload in
>> STAMP vs. TWAMP Light, the STAMP is a proposed standard as RFC 8762 (and it
>> uses the same approach of provisioning  as defined in this draft). Hence,
>> security considerations for STAMP and TWAMP Light are not different. Note
>> that both STAMP and TWAMP Light have authenticated messages defined for
>> Security purpose.
>>
>> GIM>> RFC 5357 mentioned TWAMP Light as an unauthenticated, and thus the
>> light, simpler, version of TWAMP-Test component of TWAMP protocol. I cannot
>> find in draft-gandhi-spring-twamp-srpm definition of the Authenticated mode
>> of TWAMP Light. Also, I'll prefer not to refer to RFC 8762 STAMP in the
>> discussion of "extension" to TWAMP Light.
>>
>> <RG2> The Authentication information is user-configured as shown in
>> Section 3.1 of the draft-gandhi-spring-twamp-srpm, and is also described in
>> Appendix I of RFC 5357.
>>
>> Now a number of more specific questions.
>>
>> draft-gandhi-spring-twamp-srpm:
>>
>>    - In the Introduction it is stated that:
>>
>>   The TWAMP Light [Appendix I in RFC5357] [BBF.TR-390] provides
>>    simplified mechanisms for active performance measurement in Customer
>>    IP networks by provisioning UDP paths and eliminates the need for
>>    control-channel signaling.
>>
>> I can not find where, either Appendix I or TR-390, "eliminated the need
>> for control-channel signaling". Also, could you point where the referenced
>> documents describe "provisioning UDP paths"?
>>
>> <RG> The Appendix I of RFC 5357 has following text. We can reword and match the exact text if you prefer.
>>
>>
>>
>> “This example eliminates the need for the TWAMP-Control protocol, and
>>
>>    assumes that the Session-Reflector is configured”
>>
>> GIM>> I think that the text you're proposing is even more confusing. It
>> is not clear which example the sentence is referring to. Also, what is the
>> basis for such an assumption?
>>
>> <RG2> This is the exact text from RFC 5357 Appendix I. Please go through
>> the entire Section in that RFC 5357 to avoid “out of context” discussion.
>>
>>
>>    - It appears that the last paragraph in the Introduction describes
>>    the relationship with Appendix I of RFC 5357:
>>
>>    The procedure uses the mechanisms defined in [RFC5357]
>>    (TWAMP Light) and its extensions for Performance Measurement.
>>
>> I think that the reference must be to Appendix I, not RFC 5357. Also,
>> could you please specify which extensions of TWAMP Light have been used in
>> this draft?
>>
>> <RG> We can add the Appendix I as reference in the next revision.
>> Extensions are defined in draft-gandhi-ippm-twamp-srpm, we can add this
>> reference.
>>
>> GIM>> The problem, in my view, is that Appendix I of RFC 5357 must be a
>> normative reference while it is, by its nature, an Informational document.
>>
>> <RG2> If approved, it is fine to have informational draft/RFC in a
>> normative reference. But RFC 5357 is PS.
>>
>>
>>    - In Section 2.3 describing the reference model is noted:
>>
>>    The probe response message is typically sent to the sender node R1.
>>
>> In which scenarios the reflector acts differently? How such behavior is
>> related to the behavior of a TWAMP Session-Reflector, as defined in RFC
>> 5357?
>>
>> <RG> Do you prefer we remove “typically” from the sentence?
>>
>> GIM>> If that fits into the operational model of the new protocol you're
>> defining.
>>
>>
>>    - Also in Section 2.3 a Link is mentioned as an element directly
>>    connecting nodes in the presented reference model. Could you clarify what
>>    is a Link? Is it always a physical connection between two systems or a
>>    virtual?
>>
>> <RG> Both, please see Section 4.1.3. “Link” is well known term used in
>> many existing RFCs (please see RFC 5613, 5340, 8330).
>>
>> GIM>> Thank you for the references. I couldn't find a definition of an
>> object "Link" (capitalized) but only "link" (lower case). Hence, since the
>> draft consistently uses the capitalized form, I consider it to be something
>> else, something different from a link.
>>
>> <RG2> Ok, we can change Link to link in the next revision to avoid
>> confusion.
>>
>>
>>    - In Section 3 behavior of the reflector described as
>>
>>    ... no PM state for delay or loss measurement need to be created on the
>>    reflector node R5.
>>
>> That is in contradiction to the behavior of a TWAMP Session-Reflector as
>> defined in RFC 5357. Could you provide a reference to an IETF standard
>> where this behavior is defined? Also, how, without creating a state at the
>> Session-Reflector, to achieve one-way delay and synthetic loss measurement
>> on a bidirectional SR tunnel?
>>
>>  Gyan> Valid point
>>
>> <RG2> Bidirectional SR tunnel may have an SR state but the statement
>> above is that no PM (i.e. TWAMP Light) protocol session state is created
>> for it. We can clarify in the next revision.
>>
>> GIM2>> So-called stateless Session-Reflector in TWAMP Light is only one
>> option. I am well-familiar with the implementation that uses the stateful
>> mode.
>>
>>
>>
>> <RG3> What information stateful PM need to maintain in the state on the
>> reflector? Doesn’t that cause scale issues. We can add in the draft you if
>> there is anything specifically needed in the spec.
>>
> GIM3>> RFCs 5357 and 8762 are clear about what information must be
> maintained by a Session-Reflector. The Session-Reflector must have
> knowledge of the test session state and count reflected test packets. The
> value of such a counter must be copied in the Sequence Number field of the
> reflected packet. Thus the method enables the measurement of the one-way
> packet loss metric.
>
>>  <RG> Quoting the text from Appendix I in RFC 5357. We can quote the
>> text as is.
>>
>> “In the case of TWAMP Light, the Session-Reflector does not necessarily have knowledge of the session state. “
>>
>> GIM>> By the informational nature of Appendix I, the text is not
>> normative. I am familiar with the implementation of TWAMP Light which does
>> maintain the session state and thus supports one-way packet loss
>> measurement. If you require that the remote node does not maintain the
>> state, the draft must define that as part of the specifying the behavior of
>> the protocol.
>>
>>  <RG2> Ok, we can discuss what information is to be maintained in that
>> state on the reflector for synthetic packet loss. We can add appropriate
>> text if you can help please.
>>
>> GIM2>> I don't see any reason to do that as that already defined in RFC
>> 8762 and draft-ietf-ippm-stamp-yang
>> <https://datatracker.ietf.org/doc/draft-ietf-ippm-stamp-yang/>
>>
>>
>>
>> <RG3> Ok.
>>
>> ·         Further, in Section 3 the selection of UDP port explained as
>> the following:
>>
>>    As specified in [RFC8545], the reflector
>>    supports the destination UDP port 862 for delay measurement probe
>>    messages by default.  This UDP port however, is not used for loss
>>    measurement probe messages.
>>
>> To the best of my understanding, as one of the contributors and Editors
>> of RFC 8545, it re-allocated UDP port 862 for use by a TWAMP
>> Session-Reflector without excluding any type of measurement. Besides, in
>> TWAMP delay and packet loss are measured in the same test session, using
>> the same flow of TWAMP-Test packets.
>>
>>  Gyan> Agreed
>>
>> <RG2> Yes, we can use port 862 for both delay and synthetic packet loss –
>> they are using the same test packet. There is no change proposed in the
>> draft.
>>
>> GIM2>> Packet delay and synthetic packet loss measurements are already
>> supported in RFC 8762. Are you proposing a new protocol to duplicate the
>> STAMP functionalities?
>>
>>
>>
>> <RG3> As mentioned, the extensions defined are for the direct-mode packet
>> loss measurement for TWAMP Light and STAMP.
>>
>> <RG> The packet loss in existing RFC 5357 refers to synthetic loss as
>> there is no support for direct-mode loss in RFC 5357. We can change the
>> text to clarify as “This UDP port however, is not used for direct-mode loss
>> measurement probe messages.”
>>
>> GIM>> I've found that there's some misconception in the draft. RFC 8545
>> re-assigned UDP port 862 not for "delay measurement probe messages" but for
>> TWAMP-Test protocol. TWAMP-Test protocol, in turn, supports packet delay,
>> packet loss, reordering (RFC 4737 defines packet reordering metric), and
>> packet duplication measurement.
>>
>>
>>    - Then the draft states that
>>
>> The sender uses the UDP port number following the guidelines specified in
>> Section 6 in [RFC6335].
>>
>> Could you point to the guidelines that a user can use when selecting a
>> UDP port number of a test session?
>>
>> Gyan> Good point
>>
>> <RG> Please see section 6 in [RFC6335]. We can cite the range which will
>> be the same as used in [RFC8762]. This was also discussed earlier.
>>
>> https://mailarchive.ietf.org/arch/msg/ippm/ONYYhG9Y8sbiNO15bxWIRM9ymEE/
>>
>> GIM>> I've looked through Section 6 but I don't find anything
>> specifically applicable to this draft we're discussing. If the protocol to
>> use UDP port numbers from the Dynamic ports range, a.k.a., Private or
>> Ephemeral, then it seems that stating that explicitly would be the best
>> way.
>>
>> <RG2> This would be, User Ports and Dynamic Ports ranges, which are defined in [RFC6335 <https://tools.ietf.org/html/rfc6335>]. Yes, we can add this text.
>>
>>
>>    - At the closing of the paragraph, we read that
>>
>>   The number of UDP ports with PM functionality needs to be minimized due
>>    to limited hardware resources.
>>
>> Does a UDP port number pose PM functionality? How it is assigned to the
>> port number?
>>
>> <RG> UDP ports are user configured for delay and direct-mode loss PM as
>> described in Section 3.1.
>>
>> GIM>> Can UDP port 862 be used? Also, requiring that the direct-loss
>> measurement uses port number different from the one used by a TWAMP-Test
>> packet, in my opinion, is another indication that this is the definition of
>> a different from TWAMP Light PM OAM protocol.
>>
>> <RG2> If we add a field in the packet then UDP port 862 may be used along
>> with the new field. But it will require extra processing in hardware. It is
>> better to use a different UDP port for processing efficiency in hardware.
>>
>>
>>    - Following the above-quoted text, in Section 3 is noted:
>>
>>    For Performance Measurement, probe query and response messages are
>>    sent as following:
>>
>> Could you clarify if the listed further procedures deviate from
>> OWAMP/TWAMP or follow procedures defined in RFC 4656 and RFC 5357 for
>> Session-Sender and Session-Reflector respectively?
>>
>> <RG> Probe messages follow the same procedure as defined in RFC 4656 and
>> RFC 5357.
>>
>> GIM>> All messages, i.e., TWAMP-Test packets as well as the defined
>> in draft-gandhi-ippm-twamp-srpm?
>>
>>  <RG2> Yes, unless otherwise specified in the
>> draft-gandhi-ippm-twamp-srpm.
>>
>>
>>    - for both delay and loss measurements draft requires test packet be
>>    transmitted on a congruent path:
>>
>>       the probe messages are sent on the
>>       congruent path of the data traffic by the sender node
>>
>> It is not clear what "the congruent path" means. The definition
>> of congruency in geometry tells us that an object B is congruent to object
>> A if it has the same shape and size, but is allowed to flip, slide or turn.
>> How a path can be congruent to another path?
>>
>>        Gyan> Agreed.  The use of congruent in the context of pathing is
>> confusing as the path being addressed may not be reflected accurately by
>> the term congruent.
>>
>> <RG2> As replied above.
>>
>> <RG> There are many existing RFCs that use term Congruent Path (e.g. RFC
>> 5921, 6669) without defining them. I suspect it is because it is well-known
>> term. Having said that, we can add a reference for it if it helps reader.
>>
>> GIM>> I cannot assume what was the context of these RFCs. I've sketched a
>> network diagram above to illustrate that a "congruent path" may well lead
>> to out-of-band path. Is that the intention of the authors of the draft to
>> use this protocol out-of-band?
>>
>> <RG2> As replied above.
>>
>>
>>    - The last paragraph in Section 3 refers to work on iOAM:
>>
>>    The In-Situ Operations, Administration, and Maintenance (IOAM)
>>    mechanisms for SR-MPLS defined in [I-D.gandhi-mpls-ioam-sr] and for
>>    SRv6 defined in [I-D.ali-spring-ioam-srv6] are used to carry PM
>>    information such as timestamp in-band as part of the data packets,
>>    and are outside the scope of this document.
>>
>> Is iOAM in the scope of this specification? What are the relationships
>> between iOAM and draft-gandhi-spring-twamp-srpm?
>>
>> <RG> As mentioned in the draft, IOAM is outside the scope.
>>
>> GIM>> Yes, but it appears that references to the two IOAM-related drafts
>> have some purpose. What is it? How are these drafts related
>> to draft-gandhi-spring-twamp-srpm?
>>
>> <RG2> We can remove them if it is confusing. It is informational text
>> (was added to address a review comment).
>>
>>
>>    - Section 3.1 presents an example of the provisioning model but puts
>>    the definition of the provisioning model outside the scope. Is there an
>>    accompanying specification that defines the provisioning model that can be
>>    used in multi-vendor deployment? Could that be YANG data model? What is the
>>    relationship with draft-ietf-ippm-twamp-yang
>>    <https://tools.ietf.org/html/draft-ietf-ippm-twamp-yang-13>? Would
>>    the TWAMP YANG data model be augmented?
>>
>> <RG> Yes, this can be Yang model. We can review
>> draft-ietf-ippm-twamp-yang
>> <https://tools.ietf.org/html/draft-ietf-ippm-twamp-yang-13> and add any
>> missing items in a separate draft. We can also add a reference in this
>> draft.
>>
>> GIM>> I think that theremust be some discussion on how the new protocol
>> is configured. If TWAMP YANG data model can be augmented, I'd expect that
>> being defined in draft-gandhi-ippm-twamp-srpm. But I couldn't find anything
>> about the configuration of the protocol.
>>
>> <RG2> The Yang model extensions are not in the scope of this draft
>>
>>
>>    - Section 4.1 states that a new message is introduced to perform the
>>    Loss Measurement in this protocol Why the capability of TWAMP to measure
>>    the loss in one-way and two-way is not sufficient?
>>
>> <RG> Existing TWAMP messages do not support “direct-mode” loss
>> measurement. We can add “direct-mode” in the text to clarify.
>>
>> GIM>> True, direct loss measurement, in fact, is not active measurement
>> and thus is outside the scope of Two-Way Active Measurement Protocol
>> (TWAMP). The direct-loss measurement is, by the definition of RFC 7799,
>> passive measurement method and fetching counters can be done using numerous
>> methods, e.g., SNMP, Netconf
>>
>> <RG2> RFC 7799 does not say using Test-packets to collect counters for
>> direct-mod loss measurement is passive.
>>
>> GIM2>> Per RFC 7799, injecting in-band test packets is the characteristic
>> of an active measurement method. Using out-of-band transport, e.g., SNMP
>> queries, would be an example of a passive measurement method.
>>
>>
>>
>> <RG3> Ok, so you answered your own question that the direct-mode packet
>> loss extension defined is “active measurement” method.
>>
>>
>>    - Section 4.1.1 requires that
>>
>>   The Destination UDP port cannot be used as Source port, since
>>    the message does not have any indication to distinguish between the
>>    query and response message.
>>
>> Does that imply that the Destination UDP port used for the Delay
>> measurement is unique throughout the particular domain?
>>
>>        Gyan> Good question
>>
>> <RG2> Yes, it is unique in the domain.
>>
>> <RG> This is user-defined and is up to the user what UDP port to
>> provision in a domain.
>>
>> GIM>> So, can user configure a port number from the User Ports range? Or,
>> can the same port number be used on the same system for a number of test
>> sessions? I find the use of UDP port numbers being underspecified.
>>
>>
>>    - Section 4.1.2 of RFC 5357 does not define "the delay measurement
>>    message" but refers to the definition of the Session-Sender's test packet
>>    in RFC 4656 OWAMP. Note, that OWAMP and TWAMP are using a single test
>>    packet format to perform both delay and packet loss measurement.
>>
>> <RG> Ok, we can update the text in the next revision to indicate exact
>> name from the RFC 4656. We can also add text to include synthetic packet
>> loss.
>>
>> GIM>> I think that making it explicit would help. Also, that will
>> highlight what is being introduced by *twamp-srpm drafts is, in fact, a new
>> protocol to perform synthetic packet loss measurement.
>>
>>  <RG2> No, it does not change anything for synthetic packet loss.
>>
>>
>>    - Can you explain how "the DM probe query message contains the
>>    payload format defined in Section 4.2.1 of [RFC5357]" when the referenced
>>    section of RFC 5357 defines the format of a Session-Reflector's test packet?
>>
>> <RG> We can update the text in the next revision to indicate query format
>> name from RFC 5357.
>>
>> GIM>> I cannot find any reference to a query format in RFCs 4656/5357.
>> Could you please quote from any of these documents?
>>
>>  <RG2> It is test-packet, we will use RFC 5357 term.
>>
>>
>>    - Can clarify the applicability of RFC 6038 and the symmetrical
>>    packet size? Is it required? Can it be non-symmetrical?
>>
>> <RG> Yes. Please see section 4.1.1 and quoted below:
>>
>> “For symmetrical size query and response messages as defined in [RFC6038],”
>>
>> GIM>> RFC 6038 defines an extension to RFC 5357 for OPTIONAL use of the
>> symmetrical test packets. Since *-twamp-srpm proposals do not use
>> TWAMP-Control protocol and Appendix I in RFC 5357 tells us nothing about
>> that either (in part because RFC 6038 came later), I don't see that there's
>> any certainty in what is the sze of a test packet used in the direct-loss
>> measurement.
>>
>>  <RG2> The test-packets as defined in these existing RFCs are used for
>> delay and synthetic packet loss. The direct-mode test-packets are defined
>> in this draft.
>>
>> GIM2>> This draft defines only a new packet format for the direct packet
>> loss measurement. For STAMP such a mechanism is clearly superfluous given
>> the Direct Measurement TLV is already defined.
>>
>>
>>
>> <RG3> As replied earlier.
>>
>>
>>    - Can you clarify the use of the timestamp format, NTP or PTPv2? It
>>    is not clear which is the default, mandatory or optional.
>>
>> <RG> This is same as TWAMP. There is no change.
>>
>> GIM>> Per RFC 5357, TWAMP uses only NTP format. Is that the case for
>> *-twamp-srpm?
>>
>>  <RG2> No change in existing in what is there in RFC 5357 and RFC 8186.
>>
>>
>>    - Also, is "hardware support in Segment Routing networks" of the
>>    PTPv2 format required, guaranteed, or something else?
>>
>> <RG> Hardware timestamps are recommended for SR use-cases. We can change
>> the sentence.
>>
>> GIM>> Perhaps you can propose some text, that would be helpful.
>>
>>  <RG2> Ack.
>>
>>
>>    - Section 4.1.1.1 stated that
>>
>>    A separate user-configured
>>    destination UDP port is used for the delay measurement in
>>    authentication mode due to the different probe message format.
>>
>> Can that be interpreted that there could be concurrent authenticated and
>> unauthenticated test sessions using this protocol? Would different
>> authentication methods require using unique destination UDP port numbers?
>>
>> <RG> Yes, and Yes, and these are based on provisioning.
>>
>> GIM>> But that requirement is far outside the TWAMP, as defined in RFC
>> 5357.
>>
>>  <RG2> Some Session-Sender can use authenticated and some not. It is
>> part of RFC 5357.
>>
>>
>>    - Section 4.1.2 by introducing the dedicated Loss measurement packet
>>    format, effectively modifies the behavior defined in RFC 5357 for
>>    Session-Sender and Session-Reflector. But the document does not state that.
>>    Can you clarify whether this specification changes the behavior of a
>>    Session-Sender and Session-Reflector as defined in RFC 4656 and RFC 5357
>>    respectively for the support of packet loss measurement?
>>
>> <RG> The direct-mode loss defines new procedure for sender/reflector to
>> collect traffic counters, as opposed to timestamp. The rest is the same as
>> RFC 4656 and 5357.
>>
>> GIM>> I cannot agree with your statement " The rest is the same as RFC
>> 4656 and 5357" because the sender's direct-loss format does not have Error
>> Estimate field, Thus, a reflected packet does not have Sender's Error
>> Estimate, nor Error Estimate of the reflector. And that, in my opinion, is
>> another clear indication that *twamp-srpm drafts define a new protocol,
>> separate from OWAMP/TWAMP.
>>
>>  <RG2> That field is specific to timestamps and would not apply to
>> counters for direct-mode loss measurement.
>>
>>
>>    - And a similar question about the use of the separate UDP port
>>    number for the authenticated of the packet loss measurement.
>>    - A couple of question to the following text in Section 4.1.3:
>>
>>    The local and remote IP
>>    addresses of the link are used as Source and Destination Addresses.
>>    They can also be IPv6 link local address as probe messages are pre-
>>    routed.
>>
>>    - What are the addresses of a link?
>>
>> <RG> I am assuming this well-known (e.g. RFC 2328).
>>
>> GIM>> I am not familiar with the term "pre-routed". What does it mean?
>>
>>  <RG2> Ensure that packets are routed over the link.
>>
>>
>>    - In which scenarios an IPv6 LLA can be used?
>>
>> <RG> I am assuming this is well-known (e.g. RFC 5613).
>>
>> GIM>> So, LLA may be used as the source and destination addresses when
>> testing an SR tunnel?
>>
>>  <RG2> As mentioned this is for links.
>>
>>
>>    - Also, could the use of a routable destination IP address be used as
>>       a DDOS attack vector? Consider the scenario when an attacker generates
>>       SR-encapsulated packets with the destination IP address other than any of
>>       the SR-terminating nodes. Such a packet will be routed, correct? That does
>>       appear as a security threat, would you agree?
>>
>> <RG> Absolutely do not agree. It is no different than IP routed TWAMP
>> packet as defined in [RFC5357].
>>
>> GIM>> You don't agree that the processing described cannot happen because
>> of laws of physics or it wouldn't happen because no one will think of that?
>> If the latter, I think that that is security threat.
>>
>>  <RG2> There is no new threat like you have mentioned.
>>
>> GIM2>> Hmmm, but how the integrity of TLVs proposed
>> in draft-gandhi-ippm-stamp-srpm can be protected? These are not protected
>> by HMAC as presented in figures 3 and
>> 5.
>>
>>
>>
>>
>> <RG3> The extensions do not change the processing of these existing TLVs
>> defined for HMAC. We can add text to indicate this.
>>
>>
>>    - Section 4.1.4.2 references Figure 5 that, as I understand it,
>>    displays the format of a probe query message. In figure two references to
>>    RFC 5357 are provided - a section that references RFC 4656 OWAMP definition
>>    of the Session-Sender test packet, and a section that defines the
>>    Session-Reflector's reflected packet. Which of the two is used for the
>>    delay measurement in the proposed protocol?
>>
>> <RG> The probe query packet in the Session-Sender text packet. We can
>> update the name.
>>
>>    - Section 4.2.1 states that
>>
>>    In one-way measurement mode, the probe response message as defined in
>>    Figure 6 is sent back out-of-band to the sender node ...
>>
>> Could you clarify how the responder controls that the response packet is
>> sent not in-band but out-of-band?
>>
>> <RG> Please refer to section 3.1 in draft-gandhi-ippm-twamp-srpm.  This
>> is existing behaviour for out-of-band.
>>
>> GIM>> draft-gandhi-ippm-twamp-srpm does not specify that it defines
>> another new protocol OWAMP Light. And it is not clear what you reference as
>> "this is existing behavior". Is it to reference behavior of TWAMP test
>> packet? But the behavior of the TWAMP-Test protocol by itself is neither
>> in-band, nor out-of-band. It is the encapsulation of the TWAMP test packet
>> that makes it either in-band or out-of-band.
>>
>>  <RG2> Right.
>>
>>
>>    - How's the method described in Section 4.2.3 is different from the
>>    method described in RFC 8403 <https://tools.ietf.org/html/rfc8403>?
>>    What is distinctly unique about the loopback mode proposed in the section?
>>
>> <RG> There is no mention of Loopback mode or TWAMP / RFC 5357 in RFC 8403.
>>
>> GIM>> So, you believe that proposing to use the method described in RFC
>> 8403 for the TWAMP packet is innovation? And what are the benefits of using
>> the TWAMP test packet format in the Loopback mode?
>>
>>  <RG2> Please see the draft.
>>
>>
>>    - What is the rationale for setting TTL/Hop Limit fields always to
>>    255 for IPv4, MPLS, and IPv6 (per Section 4.3.1)?
>>
>> <RG> This is as defined in Section 4.2 of RFC 5357 (Bullet 4).
>>
>> GIM>> I believe you've misunderstood the text in RFC 5357. This bullet
>> specifies the behavior of a Session-Reflector. It is to try to read TTL
>> value of the received TWAMP test packet and copy the value in Sender TTL
>> field of the reflected packet. If the Session-Reflector cannot access the
>> TTL field, it MUST write 255 in the Sender TTL field. So, I think that my
>> questions still remains.
>>
>>  <RG2> Please see Section 4.2.1 of RFC 5357.
>>
>>
>>    - Section 4.3.3 states that a zero-value UDP checksum may be used in
>>    some scenarios. RFC 8085 allows that but in very specific cases that are
>>    documented in detail in Section 3.4.1. Do you believe that the case of this
>>    protocol checks all the requirements for allowing the use of Zero UDP
>>    checksum as specified in RFC 8085? Also, I believe that allowing the use of
>>    Zero UDP checksum in some scenarios, this protocol introduces a security
>>    threat that must be thoroughly analyzed in the Security Considerations
>>    section.
>>
>> <RG> This is described in RFC 6936. It will be very specific to the UDP
>> port provisioned for TWAMP. We will add reference to RFC 6936 in Security
>> Section.
>>
>> GIM>> I don't think that the reference is sufficient for the
>> Securit Consideration. I'd expect some extended discussion on why using
>> zero UDP header checksum is not a security threat for *twamp-srpm  protocol.
>>
>>  <RG2> Please see reply above.
>>
>>
>>    - Section 8 refers to "liveness monitoring of Links and SR Paths".
>>    This appears as the replication of functionality provided by BFD/S-BFD
>>    protocols. Is such comparison accurate? If it is, shouldn't the proposal be
>>    also reviewed by the BFD WG?
>>
>> <RG> TWAMP  probe messages are used today for synthetic packet loss which
>> can also be used to detect connection loss (performance metric). The
>> section simply highlights this obvious metric.
>>
>> GIM>> Can you point to a document that has defined "TWAMP  probe messages
>> are used today for synthetic packet loss"? Also, which document defines
>> loss of connectivity as a performance metric? Does *twamp-srpm proposes to
>> use the new protocol to detect the loss of path continuity?
>>
>>  <RG2> For example Y.1731 has such notion of connection loss. TWAMP is
>> used widely for synthetic packet loss and is well-known. There is no change
>> in protocol. This is reported metric.
>>
>> GIM2>> What are packet transmission frequencies authors envisioned for
>> that mode? A single-digit millisecond?
>>
>>
>>
>> <RG3> It depends on the implementation.
>>
>>
>>    - I found the Security Section of the proposed protocol inadequately
>>    terse and missing very important threats that this protocol introduces in
>>    the network.
>>
>> <RG> Other than referring RFC 6936 for zero checksum what else is
>> missing? Otherwise it is no different than RFC 8762 (STAMP).
>>
>> GIM>> I cannot see how RFC 8762 is relevant to *twamp-srpm drafts. The
>> use of source IP addresses, as mentioned above, appears to be another
>> security risk introduced by *-twamp-srpm drafts.
>>
>>  <RG2> There is no mention of Source IP address above.
>>
>>
>>    - draft-gandhi-ippm-twamp-srpm
>>
>> As I understand it, the motivation for the Loss Measurement mode defined
>> in this specification is to collect "in-profile" counters. Is that correct?
>> Do you see as essential for this mode that the query messages are in-band
>> with the flow being profiled? In your opinion, how using an out-of-band
>> method of collecting these counters, e.g., by using ICMP multi-part message
>> extension per RFC 4884, could affect the accuracy comparing with the method
>> in this protocol? How the impact changes if extended ICMP messages are
>> in-band with the profiled flow?
>>
>>  <RG2> Yes, they need to be in-band with the flow, to collect the counter
>> from the right forwarding paths for the flow. Discussion of using ICMP for
>> direct-mode loss measurement is outside the scope of this draft.
>>
>> GIM2>> I think that the assumption "they need to be in-band with the
>> flow, to collect the counter from the right forwarding paths for the flow"
>> is technically inaccurate. Otherwise, how SNMP queries could work for
>> decades of networking history?
>>
>>
>>
>> --

<http://www.verizon.com/>

*Gyan Mishra*

*Network Solutions A**rchitect *



*M 301 502-134713101 Columbia Pike *Silver Spring, MD