Network Working GroupInternet Engineering Task Force (IETF) A. Morton, Ed.Internet-DraftRequest for Comments: 8545 AT&T Labs Updates:4656 and4656, 5357(if approved)G. Mirsky, Ed.Intended status:Category: Standards Track ZTE Corp.Expires: June 12,ISSN: 2070-1721 March 2019December 9, 2018 OWAMP and TWAMPWell-Known Port Assignmentsdraft-ietf-ippm-port-twamp-test-04for the One-Way Active Measurement Protocol (OWAMP) and the Two-Way Active Measurement Protocol (TWAMP) Abstract This memo explains the motivation and describes there-assignmentreassignment of well-known ports for theOne-wayOne-Way Active Measurement Protocol (OWAMP) andTwo- waythe Two-Way Active Measurement Protocol(OWAMP and TWAMP) protocols(TWAMP) for control andmeasurement, andmeasurement. It also clarifies the meaning and composition of thesestandards trackStandards Track protocol names for the industry.TheThis memo updatesRFCRFCs 4656 andRFC5357, in terms of the UDPwell- knownwell-known port assignments, and it clarifies the complete OWAMP and TWAMP protocol composition for the industry. Status of This Memo ThisInternet-Draftissubmitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documentsan Internet Standards Track document. This document is a product of the Internet Engineering Task Force (IETF).Note that other groups may also distribute working documents as Internet-Drafts. The listIt represents the consensus ofcurrent Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents validthe IETF community. It has received public review and has been approved fora maximumpublication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 ofsix monthsRFC 7841. Information about the current status of this document, any errata, and how to provide feedback on it may beupdated, replaced, or obsoleted by other documentsobtained atany time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on June 12, 2019.https://www.rfc-editor.org/info/rfc8545. Copyright Notice Copyright (c)20182019 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Requirements Language . . . . . . . . . . . . . . . . . . . .32 3. Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 4. Definitions and Background . . . . . . . . . . . . . . . . . 3 5. New Well-Known Ports . . . . . . . . . . . . . . . . . . . . 4 5.1. Impact on TWAMP-Control Protocol . . . . . . . . . . . . 4 5.2. Impact on OWAMP-Control Protocol . . . . . . . . . . . . 5 5.3. Impact onOWAMP/TWAMP-TestOWAMP-Test/TWAMP-Test Protocols . . . . . . . .. .5 6. Security Considerations . . . . . . . . . . . . . . . . . . . 6 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . .67 8.Contributors . . . . . .References . . . . . . . . . . . . . . . . . .7 9. Appendix A. . . . . . . 7 8.1. Normative References . . . . . . . . . . . . . . . . . . 710. Acknowledgements8.2. Informative References . . . . . . . . . . . . . . . . . 8 Appendix A. Background on TWAMP Light . . . . .8 11. References. . . . . . . . 8 Acknowledgements . . . . . . . . . . . . . . . . .8 11.1. Normative References. . . . . . . 9 Contributors . . . . . . . . . . .8 11.2. Informative References . .. . . . . . . . . . . . . . . 9 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 9 1. Introduction The IETF IP Performance Metrics (IPPM)working groupWorking Group first developed the One-Way Active MeasurementProtocol, OWAMP,Protocol (OWAMP), as specified in [RFC4656]. Further protocol development to support testing resulted in the Two-Way Active MeasurementProtocol, TWAMP,Protocol (TWAMP), as specified in [RFC5357]. Both OWAMP and TWAMP require the implementation of a control and mode negotiation protocol (OWAMP-Control and TWAMP-Control)whichthat employs the reliable transport services of TCP (including security configuration and key derivation). The control protocols arrange for the configuration and management of test sessions using the associated test protocol (OWAMP-Test or TWAMP-Test) on UDP transport.In this memo,The IETF recognizes the value of assigning a well-known UDP port to the*-Test protocols,OWAMP-Test and TWAMP-Test protocols and also recognizes that this goal caneasilybe easily arranged through portre-assignments.reassignments. 2. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. 3. Scope The scope of this memo is twofold: (1) tore-allocatereallocate the well-known ports for the UDPTesttest protocols that compose necessary parts of their respectivestandards track protocols, OWAMPStandards Track protocols (OWAMP andTWAMP, along with clarifications ofTWAMP) and (2) to clarify thecomplete protocolmeaning and composition of these Standards Track protocol names for the industry.TheThis memo updates [RFC4656] and [RFC5357], in terms of the UDPwell- knownwell-known port assignments. 4. Definitions and Background This section defines key terms and clarifies the required composition of the OWAMP and TWAMPstandards-trackStandards Track protocols.OWAMP-Control"OWAMP-Control" is the protocol defined in Section 3 of [RFC4656].OWAMP-Test"OWAMP-Test" is the protocol defined in Section 4 of [RFC4656]. OWAMP is described inathis direct quote from Section 1.1of[RFC4656]:of [RFC4656]: "OWAMP actually consists of two inter-related protocols:OWAMP- ControlOWAMP-Control and OWAMP-Test." A similar sentence appears in Section 2 of [RFC4656]. For avoidance of doubt, the implementation of bothOWAMP- ControlOWAMP-Control and OWAMP-Testareis REQUIRED forstandards-trackStandards Track OWAMP as specified in [RFC4656](aplying(applying the consensus of many dictionary definitions of "consist").TWAMP-Control"TWAMP-Control" is the protocol defined in Section 3 of [RFC5357].TWAMP-Test"TWAMP-Test" is the protocol defined in Section 4 of [RFC5357]. TWAMP is described inathis direct quote from Section 1.1 of [RFC5357]: "Similar to OWAMP [RFC4656], TWAMP consists of two inter-related protocols: TWAMP-Control and TWAMP-Test." For avoidance of doubt, the implementation of both TWAMP-Control and TWAMP-Testareis REQUIRED forstandards-trackStandards Track TWAMP as specified in [RFC5357](aplying(applying the consensus of many dictionary definitions of "consist").TWAMP Light"TWAMP Light" is an idea described inInformativeAppendix I ("TWAMP Light (Informative)") of[RFC5357], and[RFC5357]; TWAMP Light includes anun-specifiedunspecified control protocol combined with the TWAMP-Test protocol.TheIn [RFC5357], the TWAMP Light idea was relegated totheAppendix I becauseitTWAMP Light failed to meet the requirements for IETF protocols (there are no specifications for negotiating this form ofoperation,operation and no specifications for mandatory-to-implement security features), as described in Appendix A of thismemo, which citesmemo. See also [LarsAD] and[TimDISCUSS] .[TimDISCUSS]. Since the idea of TWAMP Light clearly includes the TWAMP-Test component of TWAMP, it is considered reasonable for future systems to use the TWAMP-Test well-known UDP port (whosere-allocatedreallocated assignment isrequested here).specified in this document). Clearly, the TWAMP Light idea envisions many components and communication capabilities beyond TWAMP-Test (implementing the security requirements, forexample), otherwiseexample); otherwise, Appendix I of [RFC5357] would be one sentence long(equivocating(equating TWAMP Light with TWAMP-Test only). 5. New Well-Known Ports Originally, both TCP and UDP well-known ports were assigned to the control protocols that are essential components ofstandards trackStandards Track OWAMP and TWAMP. Since OWAMP-Control and TWAMP-Control require TCP transport, they cannot make use of the UDP portswhichthat were originally assigned. However, test sessions using OWAMP-Test or TWAMP-Test operate on UDP transport.This memo requests re-assignment ofPer this memo, IANA has reassigned the UDP well-known port from theControlcontrol protocol to theTesttest protocol (seethe IANA ConsiderationsSection7). Use7 ("IANA Considerations")). The use of this UDP port is OPTIONAL instandards-trackStandards Track OWAMP and TWAMP. It may simplify some operations to have awell- knownwell-known port available for theTest protocols,test protocols or for future specifications involving TWAMP-Test to use this port as a default port. For example, [TR-390] is a specification for testing at the customer edge of IP networks, andwhose implememntations should benefit.conforming implementations will benefit from reallocation of the well-known UDP port to the test protocol. 5.1. Impact on TWAMP-Control Protocol Section 3.5 of [RFC5357] describes the detailed process of negotiating the Receiver Port number, on which the TWAMP Session-Reflector will send and receive TWAMP-Testpackets.packets; see the quoted text below. The Control-Client, acting on behalf of the Session-Sender, proposes the ReceiverportPort number from the DynamicPortPorts range [RFC6335]:"TheThe Receiver Port is the desired UDP port to which TWAMP-Test packets will be sent by the Session-Sender (the port where the Session-Reflector is asked to receive test packets). The Receiver Port is also the UDP port from which TWAMP-Test packets will be sent by the Session-Reflector (the Session-Reflector will use the same UDP port to send and receivepackets)."packets). It is possible that the proposed Receiver Port maybenot be available, e.g., the port is in use by another test session or another application. In thiscase: "...case, we update the last paragraph of Section 3.5 of [RFC5357] per Erratum ID 1587 (see <https://www.rfc-editor.org/errata/eid1587>) as follows: ... the Server at the Session-Reflector MAY suggest an alternate and available port for this session in the Port field. The Control-Client either accepts the alternateport,port or composes a new Session-Request message with suitable parameters. Otherwise, the Server uses the Accept field to convey other forms of session rejection or failure to theControl ClientControl-Client and MUST NOT suggest an alternate port; in this case, the Port field MUST be set tozero."zero. AControl ClientControl-Client that supports the use of the allocated TWAMP-Test Receiver PortSection 7(Section 7) MAY request to use that port number in the Request-TW-SessionCommand.command. If the Server does not support the allocated TWAMP-Test Receiver Port, then it sends an alternate port number in the Accept-Session message with Accept field = 0.ThusThus, the deployment of the allocated TWAMP Receiver Port number is backward compatible with existing TWAMP-Control solutions that are based on [RFC5357]. Of course,use ofusing a UDP port number chosen from the DynamicPortPorts range [RFC6335] will helptoavoid the situationwhenwhere the Control-Client or Server finds that the proposed portbeingis already in use. 5.2. Impact on OWAMP-Control Protocol As described above, anOWAMP Control ClientOWAMP-Control client that supports the use of the allocated OWAMP-Test Receiver PortSection 7(Section 7) MAY request to use that port number in the Request-SessionCommand.command. If the Server does not support the allocated OWAMP-Test Receiver Port (or does not have the port available), then it sends an alternate port number in the Accept-Session message with Accept field = 0. Further exchanges proceed as already specified. 5.3. Impact onOWAMP/TWAMP-TestOWAMP-Test/TWAMP-Test ProtocolsOWAMP/TWAMP-TestOWAMP-Test/TWAMP-Test may be used to measure IP performance metrics in anEqual CostEqual-Cost Multipath (ECMP) environment. Though algorithms to balance IP flows among available paths have not been standardized, the most common is the five-tuple that uses destination IP address, source IP address, protocol type, destination port number, and source port number. When attempting to monitor different paths in an ECMP network, it is sufficient to vary only one of five parameters,e.g.e.g., the source port number. Thus, there will be no negative impact on the ability to arrange concurrent OWAMP/TWAMP test sessions between the same test points to monitor different paths in the ECMP network when using there-allocatedreallocated UDP port number as the Receiver Port, asuse ofusing the port is optional. 6. Security Considerations The security considerations that apply to any active measurement of live paths are relevant here as well (see [RFC4656] and [RFC5357]). When considering the privacy of those involved in measurement or those whose traffic is measured, the sensitive information available to potential observers is greatly reduced when using active techniqueswhichthat are within this scope of work. Passive observations of user traffic for measurement purposes raise many privacy issues. We refer the reader to the security and privacy considerations described in theLarge ScaleLarge-Scale Measurement of Broadband Performance (LMAP)Frameworkframework [RFC7594], which covers both active and passive techniques. The registered UDP port as the Receiver Port forOWAMP/TWAMP-TestOWAMP-Test/ TWAMP-Test could become a target ofdenial-of-service (DoS),denial of service (DoS) or could be used to aidman- in-the-middleman-in-the-middle (MITM) attacks. To improve protectionfromagainst DoS, theDoSfollowing methods are recommended: o filtering access to the OWAMP/TWAMP Receiver Portbyvia an accesslist;list. o using a non-globally routable IP address for the OWAMP/TWAMP Session-Reflector address. A MITMattackattacker may try to modify thecontentcontents of theOWAMP/TWAMP-TestOWAMP-Test/ TWAMP-Test packets in order to alter the measurement results. However, an implementation can use authenticated mode to detect modification of data. In addition, an implementation can use encrypted mode to prevent eavesdropping andun-detectedundetected modification of theOWAMP/TWAMP-TestOWAMP-Test/TWAMP-Test packets. There is alsoathe risk of a network under test giving special treatment to flows involving the well-known UDP port, with or without knowing source and destination addresses of measurement systems, and thus biasing the results through preferential or detrimental processing. 7. IANA ConsiderationsThis memo requests re-allocation ofIANA has reallocated two UDP port numbers from the System Ports range of the "Service Name and Transport Protocol Port Number Registry" [RFC6335]. Specifically,this memo requests thatIANAre-allocatehas reallocated UDP ports 861 and 862 as shown below, leaving the TCP port assignmentsas-is: +------------+-------+---------+----------------------+-------------+as is. IANA has also updated the Assignee and Contact for these ports (both UDP and TCP) to be the IESG and the IETF Chair, respectively. +---------------+--------+-----------+------------------+-----------+ | Service | Port |Transp.Transport | Description | Reference | | Name |Num. | Protocol| | | | |Number | Protocol | | |+------------+-------+---------+----------------------+-------------++---------------+--------+-----------+------------------+-----------+ |owamp-owamp-control | 861 | tcp | OWAMP-Control |[RFC4656] | | control | | | |RFC 4656 | | owamp-test | 861 | udp | OWAMP-Test |[RFCXXXX]RFC 8545 | | | | | Receiver Port | | |twamp-|862|tcp|TWAMP-Control|[RFC5357]| |controltwamp-control | 862 | tcp | TWAMP-Control | RFC 5357 | | twamp-test | 862 | udp | TWAMP-TestReceiver|[RFCXXXX]RFC 8545 | | | | | Receiver Port | |+------------+-------+---------+----------------------+-------------+ Table 1 Re-allocated OWAMP and TWAMP Ports where RFCXXXX is this memo when published. The Assignee and Contact should information be updated as follows: Assignee: IESG Contact: IETF Chair 11.+---------------+--------+-----------+------------------+-----------+ 8. References11.1.8.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <https://www.rfc-editor.org/info/rfc2119>. [RFC4656] Shalunov, S., Teitelbaum, B., Karp, A., Boote, J., and M. Zekauskas, "A One-way Active Measurement Protocol (OWAMP)", RFC 4656, DOI 10.17487/RFC4656, September 2006, <https://www.rfc-editor.org/info/rfc4656>. [RFC5357] Hedayat, K., Krzanowski, R., Morton, A., Yum, K., and J. Babiarz, "A Two-Way Active Measurement Protocol (TWAMP)", RFC 5357, DOI 10.17487/RFC5357, October 2008, <https://www.rfc-editor.org/info/rfc5357>. [RFC6335] Cotton, M., Eggert, L., Touch, J., Westerlund, M., and S. Cheshire, "Internet Assigned Numbers Authority (IANA) Procedures for the Management of the Service Name and Transport Protocol Port Number Registry", BCP 165, RFC 6335, DOI 10.17487/RFC6335, August 2011, <https://www.rfc-editor.org/info/rfc6335>. [RFC7594] Eardley, P., Morton, A., Bagnulo, M., Burbridge, T., Aitken, P., and A. Akhter, "A Framework for Large-Scale Measurement of Broadband Performance (LMAP)", RFC 7594, DOI 10.17487/RFC7594, September 2015, <https://www.rfc-editor.org/info/rfc7594>. [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, <https://www.rfc-editor.org/info/rfc8174>.11.2.8.2. Informative References [IPPM-TWAMP-06] Hedayat, K., Krzanowski, R., Yum, K., Morton, A., and J. Babiarz, "A Two-way Active Measurement Protocol (TWAMP)", Work in Progress, draft-ietf-ippm-twamp-06, December 2007. [LarsAD]"https://mailarchive.ietf.org/arch/msg/ippm/ LzcTPYhPhWhbb5-ncR046XKpnzo",Eggert, L., "Subject: [ippm] AD review: draft-ietf-ippm- twamp-06.txt", message to the ippm mailing list, April2008.2008, <https://mailarchive.ietf.org/arch/msg/ippm/ LzcTPYhPhWhbb5-ncR046XKpnzo>. [TimDISCUSS]"https://datatracker.ietf.org/doc/rfc5357/history/","Tim Polk's Ballot discuss", July2008.2008, <https://datatracker.ietf.org/doc/rfc5357/history>. [TR-390]"TR-390Broadband Forum, "TR-390: Performance Measurement from IP Edge toCustom erCustomer Equipment using TWAMPLight,Light", Issue:1",1, May 2017,<https://www.broadband-forum.org/technical/download/ TR-390.pdf>. 9.<https://www.broadband- forum.org/technical/download/TR-390.pdf>. AppendixAA. Background on TWAMP Light This informativeAppendixappendix provides theBackgroundbackground on the decision to move the TWAMP Light idea to an informativeAppendixappendix in [RFC5357].TheAs also noted in Section 4, the TWAMP Light idea was relegated totheAppendix I of [RFC5357] because it failed to meet the requirements for IETF protocols (there are no specifications for negotiating this form ofoperation,operation and no specifications for mandatory-to-implement security features), as described in the references cited below: o Lars Eggert's Area Director review [LarsAD], where he pointed out that having two variants ofTWAMP,TWAMP (TWAMP Light and Complete(called standards track TWAMP here), requiredTWAMP) requires a protocol mechanism to negotiate which variant will be used. Note that "Complete TWAMP" is called "Standards Track TWAMP" in this document. SeeLars'Lars's "Section 5.2, paragraph 0" comment onSec 5.2.[LarsAD], which refers to a section in [IPPM-TWAMP-06]. The working group consensus was to place the TWAMP Light description in AppendixI,I and to refer tothe Appendixthat appendix only as an "incremental path to adopting TWAMP, by implementing theTWAMP- TestTWAMP-Test protocolfirst".first." o Tim Polk'sDISCUSS Ballot,"Ballot discuss" of 2008-07-16 [TimDISCUSS], which points out that TWAMP Light was an incomplete specification because the key required for authenticated and encrypted modes depended on the TWAMP-Control Session key.See Tim's DISCUSS on 2008-07-16 [TimDISCUSS].Additional requirement statements were added intheAppendix I to address Tim'sDISCUSSBallot discuss (see the last three paragraphs of Appendix I in [RFC5357]). Since the idea of TWAMP Light clearly includes the TWAMP-Test protocol and other undefined facilities, Appendix I of [RFC5357] simply describes ideasoffor how TWAMP-Test might be usedousideoutside of the context ofStandards-TrackStandards Track TWAMP.10.Acknowledgements The authors thank the IPPMworking groupWorking Group for their rapid review; thanks also to Muthu Arul Mozhi Perumal and Luay Jalil for their participation and suggestions.8.Contributors Richard Foote and Luis M. Contreras made notable contributions on this topic. Authors' Addresses Al Morton (editor) AT&T Labs 200 Laurel Avenue South Middletown, NJ 07748USAUnited States of America Phone: +1 732 420 1571 Fax: +1 732 368 1192 Email: acmorton@att.com Greg Mirsky (editor) ZTE Corp. Email: gregimirsky@gmail.com