Network Working Group

Internet Engineering Task Force (IETF)                         G. Mirsky
Internet-Draft                                                 ZTE Corp.
Intended status: Standards Track
Request for Comments: 8762                                        G. Jun
Expires: May 3, 2020
Category: Standards Track                                      ZTE Corporation Corp.
ISSN: 2070-1721                                                H. Nydell
                                                       Accedian Networks
                                                                R. Foote
                                                                   Nokia
                                                        October 31, 2019
                                                              March 2020

               Simple Two-way Two-Way Active Measurement Protocol
                        draft-ietf-ippm-stamp-10

Abstract

   This document describes a the Simple Two-way Active Measurement
   Protocol (STAMP), which enables the measurement of both one-way and
   round-trip performance metrics metrics, like delay, delay variation, and
   packet loss.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents an Internet Standards Track document.

   This document is a product of the Internet Engineering Task Force
   (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list  It represents the consensus of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid the IETF community.  It has
   received public review and has been approved for a maximum publication by the
   Internet Engineering Steering Group (IESG).  Further information on
   Internet Standards is available in Section 2 of six months RFC 7841.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be updated, replaced, or obsoleted by other documents obtained at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on May 3, 2020.
   https://www.rfc-editor.org/info/rfc8762.

Copyright Notice

   Copyright (c) 2019 2020 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Conventions used Used in this document . . . . . . . . . . . . . .   3 This Document
     2.1.  Terminology . . . . . . . . . . . . . . . . . . . . . . .   3
     2.2.  Requirements Language . . . . . . . . . . . . . . . . . .   3
   3.  Operation and Management of Performance Measurement Based on
           STAMP . . . . . . . . . . . . . . . . . . . . . . . . . . . .   3
   4.  Theory of Operation . . . . . . . . . . . . . . . . . . . . .   4
     4.1.  UDP Port Numbers in STAMP Testing . . . . . . . . . . . .   5
     4.2.  Session-Sender Behavior and Packet Format . . . . . . . .   5
       4.2.1.  Session-Sender Packet Format in Unauthenticated Mode    5
       4.2.2.  Session-Sender Packet Format in Authenticated Mode  .   7
     4.3.  Session-Reflector Behavior and Packet Format  . . . . . .   8
       4.3.1.  Session-Reflector Packet Format in Unauthenticated Mode  . . . . . . . . . . . . . . . . . . . . . . . .   9
       4.3.2.  Session-Reflector Packet Format in Authenticated Mode  10
     4.4.  Integrity Protection in STAMP . . . . . . . . . . . . . .  11
     4.5.  Confidentiality Protection in STAMP . . . . . . . . . . .  12
     4.6.  Interoperability with TWAMP Light . . . . . . . . . . . .  12
   5.  Operational Considerations  . . . . . . . . . . . . . . . . .  13
   6.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .  13
   7.  Security Considerations . . . . . . . . . . . . . . . . . . .  13
   8.  Acknowledgments . . . . . . . . . . . . . . . . . . . . . . .  14
   9.  References  . . . . . . . . . . . . . . . . . . . . . . . . .  14
     9.1.
     8.1.  Normative References  . . . . . . . . . . . . . . . . . .  14
     9.2.
     8.2.  Informative References  . . . . . . . . . . . . . . . . .  15
   Acknowledgments
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  16

1.  Introduction

   Development and deployment of the Two-Way Active Measurement Protocol
   (TWAMP) [RFC5357] and its extensions, e.g., [RFC6038] that defined extensions (e.g., [RFC6038], which defines
   Symmetrical Size for TWAMP, TWAMP) provided invaluable experience.  Several
   independent implementations of both TWAMP and TWAMP Light exist, have
   been deployed, and provide important operational performance
   measurements.

   At the same time, there has been noticeable interest in using a more
   straightforward mechanism for active performance monitoring that can
   provide deterministic behavior and inherent separation of control
   (vendor-specific configuration or orchestration) and test functions.
   Recent work on "Performance Measurement from IP Edge to Customer
   Equipment using TWAMP Light from Light" [BBF.TR-390] by the Broadband Forum [BBF.TR-390] demonstrated
   demonstrates that interoperability among implementations of TWAMP
   Light is difficult because the composition and operation of TWAMP
   Light were not sufficiently specified in [RFC5357].  According to
   [RFC8545], TWAMP Light includes a sub-set subset of TWAMP-Test functions.
   Thus, to have a comprehensive tool to measure packet loss and delay
   requires support by other applications that provide, for example,
   control and security.

   This document defines an active performance measurement test
   protocol, Simple Two-way Active Measurement Protocol (STAMP), that
   enables measurement of both one-way and round-trip performance
   metrics
   metrics, like delay, delay variation, and packet loss.  Some  Support of
   some optional TWAMP extensions, e.g., [RFC7750] are supported by the extensions to STAMP
   base specification [RFC7750], is discussed in [I-D.ietf-ippm-stamp-option-tlv].
   [STAMP-OPTION].

2.  Conventions used Used in this document This Document

2.1.  Terminology

   STAMP -

   STAMP:      Simple Two-way Active Measurement Protocol

   NTP -

   NTP:        Network Time Protocol

   PTP -

   PTP:        Precision Time Protocol

   HMAC

   HMAC:       Hashed Message Authentication Code

   OWAMP

   OWAMP:      One-Way Active Measurement Protocol

   TWAMP

   TWAMP:      Two-Way Active Measurement Protocol

   MBZ

   MBZ:        Must be Zero

   PDU:        Protocol Data Unit

2.2.  Requirements Language

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
   "OPTIONAL" in this document are to be interpreted as described in
   BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
   capitals, as shown here.

3.  Operation and Management of Performance Measurement Based on STAMP

   Figure 1 presents the Simple Two-way Active Measurement Protocol
   (STAMP) Session-Sender, Session-Sender and Session-Reflector with a measurement
   session.  In this document, a measurement session session, also referred to
   as
   STAMP session, a "STAMP session", is the bi-directional bidirectional packet flow between one
   specific Session-Sender and one particular Session-Reflector for a
   time duration.  The configuration and management of the STAMP Session-
   Sender,
   Session-Sender, Session-Reflector, and management of the STAMP sessions are outside the scope
   of this document and can be achieved through various means.  A few
   examples are: are Command Line Interface, telecommunication services' OSS/BSS systems,
   Operational Support System (OSS) / Business Support System (BSS),
   SNMP, and Netconf/YANG-
   based SDN NETCONF/YANG-based Software-Defined Networking (SDN)
   controllers.

         o----------------------------------------------------------o
         |                      Configuration and                   |
         |                         Management                       |
         o----------------------------------------------------------o
                ||                                          ||
                ||                                          ||
                ||                                          ||
     +----------------------+                +-------------------------+
     | STAMP Session-Sender | <--- STAMP---> | STAMP Session-Reflector |
     +----------------------+                +-------------------------+

                      Figure 1: STAMP Reference Model

4.  Theory of Operation

   The STAMP Session-Sender transmits test packets over UDP transport
   toward the STAMP Session-Reflector.  The STAMP Session-Reflector
   receives Session-
   Sender's the Session-Sender's packet and acts according to the
   configuration.  Two modes of the STAMP Session-Reflector characterize
   the expected behavior and, consequently, performance metrics that can
   be measured:

   o  Stateless -

   Stateless:
      The STAMP Session-Reflector does not maintain test state and will
      use the value in the Sequence Number field in the received packet
      as the value for the Sequence Number field in the reflected
      packet.  As a result, values in the Sequence Number and
      Session-Sender Session-
      Sender Sequence Number fields are the same, and only round-trip
      packet loss can be calculated while the reflector is operating in
      stateless mode.

   o  Stateful -

   Stateful:
      STAMP Session-Reflector maintains the test state state, thus
      enabling allowing
      the ability Session-Sender to determine forward loss, directionality of loss using the
      combination of gaps recognized in the received sequence number. Session Sender Sequence
      Number and Sequence Number fields, respectively.  As a result,
      both near-end (forward) and far-end (backward) packet loss can be
      computed.  That implies that the STAMP Session-Reflector MUST keep
      maintain a state for each configured STAMP-test STAMP-Test session, thereby
      uniquely identifying
      STAMP-test associating STAMP-Test packets to with one such session instance, and
      instance and, thus, enabling
      adding the addition of a sequence number in
      the test reply that is individually incremented by one on a per-session per-
      session basis.

   STAMP supports two authentication modes: unauthenticated and
   authenticated.  Unauthenticated STAMP test STAMP-Test packets, defined in
   Section
   Sections 4.2.1 and Section 4.3.1, ensure interworking between STAMP and TWAMP Light
   Light, as described in Section 4.6 regarding packet formats.

   By default, STAMP uses symmetrical packets, i.e., the size of the
   packet transmitted by the Session-Reflector equals the size of the
   packet received by the Session-Reflector.

4.1.  UDP Port Numbers in STAMP Testing

   A STAMP Session-Sender MUST use UDP port 862 (TWAMP-Test Receiver
   Port) as the default destination UDP port number.  A STAMP
   implementation of the Session-Sender MUST be able to use be used as the
   destination UDP port numbers from User, a.k.a.  Registered, the User Ports (aka Registered
   Ports) and
   Dynamic, a.k.a. Dynamic Ports (aka Private or Ephemeral, Ports Ephemeral Ports) ranges
   defined in [RFC6335].  Before using numbers from the User Ports
   range, the possible impact on the network MUST be carefully studied
   and agreed on by all users of the network domain where the test has
   been planned.

   An

   By default, an implementation of the STAMP Session-Reflector by default MUST
   receive
   STAMP test STAMP-Test packets on UDP port 862.  An implementation of Session-
   Reflector the
   Session-Reflector that supports this specification MUST be able to
   define the port number to receive STAMP test STAMP-Test packets from User Ports
   and Dynamic Ports ranges that ranges, which are defined in [RFC6335].  STAMP
   defines two different test packet formats, formats: one for packets
   transmitted by the
   STAMP-Session-Sender STAMP Session-Sender and one for packets
   transmitted by the STAMP- STAMP Session-Reflector.

4.2.  Session-Sender Behavior and Packet Format

   A STAMP Session-Reflector supports the symmetrical size of test
   packets, as defined in Section 3 of [RFC6038], as the default
   behavior.  A reflected base test packet includes more information and thus from the
   Session-Reflector and, thus, is larger.
   Because of that,  To maintain the symmetry
   between base STAMP packets, the base STAMP Session-Sender packet is padded
   includes the Must-Be-Zero (MBZ) field to match to the size of a base
   reflected STAMP test packet.  Hence, the base STAMP Session-Sender
   packet has a minimum size of 44 octets in unauthenticated mode, see mode (see
   Figure 2, 2) and 112 octets in the authenticated mode, see mode (see Figure 4.  The 4).
   Generating variable length of a test packet in STAMP is supported by using Extra Padding TLV defined in
   [I-D.ietf-ippm-stamp-option-tlv].
   [STAMP-OPTION].

4.2.1.  Session-Sender Packet Format in Unauthenticated Mode

   STAMP Session-Sender packet format in unauthenticated mode:

       0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                        Sequence Number                        |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                          Timestamp                            |
      |                                                               |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |         Error Estimate        |                               |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+                               +
      |                                                               |
      |                                                               |
      |                      Reserved                        MBZ  (30 octets)                       |
      |                                                               |
      |                                                               |
      |                                                               |
      |                                                               |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

            Figure 2: STAMP Session-Sender test packet format Test Packet Format in unauthenticated
                                   mode

   where
                            Unauthenticated Mode

   The fields are defined as the following:

   o

   *  The Sequence Number field is four octets long field. long.  For each new session
      session, its value starts at zero and is incremented by one with
      each transmitted packet.

   o

   *  The Timestamp field is eight octets long field. long.  The STAMP node MUST
      support the Network Time Protocol (NTP) version 4 64-bit timestamp
      format [RFC5905], the format used in [RFC5357].  The STAMP node
      MAY support the IEEE 1588v2 Precision Time Protocol (PTP)
      truncated 64-bit timestamp format [IEEE.1588.2008], the format
      used in [RFC8186].  The use of the specific format, NTP or PTP, is
      part of configuration of the Session-Sender or the particular test
      session.

   o

   *  The Error Estimate field is two octets long field with the format
      displayed in Figure 3 3:

               0                   1
               0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
              +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
              |S|Z|   Scale   |   Multiplier  |
              +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

                       Figure 3: Error Estimate Format
      where

      The S, Scale, and Multiplier fields are interpreted as they have
      been are
      defined in section Section 4.1.2 [RFC4656]; and of [RFC4656].  The Z field - is interpreted
      as has been it is defined in section Section 2.3 of [RFC8186]:

      *  0 -

      0:  NTP 64 bit 64-bit format of a timestamp;

      *  1 - timestamp

      1:  PTPv2 truncated format of a timestamp. timestamp

      The default behavior of the STAMP Session-Sender and Session-
      Reflector is to use the NTP 64-bit timestamp format (Z field value
      of 0) 0).  An operator, operator using configuration/management function, function MAY
      configure the STAMP Session-Sender and Session-Reflector to using use
      the PTPv2 truncated format of a timestamp (Z field value of 1).  Note,
      Note that an implementation of a Session-Sender that supports this
      specification MAY be configured to use the PTPv2 format of a
      timestamp even though the Session-Reflector is configured to use
      NTP format.

   o  Reserved

   *  The MBZ field in the Session-Sender unauthenticated packet is 30
      octets long.  It MUST be all zeroed on the transmission and MUST
      be ignored on receipt.

4.2.2.  Session-Sender Packet Format in Authenticated Mode

   STAMP Session-Sender packet format in authenticated mode:

     0                   1                   2                   3
     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                      Sequence Number                          |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                                                               |
    |                      MBZ (12 octets)                          |
    |                                                               |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                        Timestamp                              |
    |                                                               |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |        Error Estimate         |                               |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+                               +
    ~                                                               ~
    |                         MBZ (70 octets)                       |
    ~                                                               ~
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                                                               |
    |                       HMAC (16 octets)                        |
    |                                                               |
    |                                                               |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

            Figure 4: STAMP Session-Sender test packet format Test Packet Format in authenticated
                                   mode
                             Authenticated Mode

   The field definitions are the same as the unauthenticated mode,
   listed in Section 4.2.1.  Also, Must-Be-Zero (MBZ) MBZ fields are used to
   to make the
   packet length a multiple of 16 octets.  The value of the field MUST
   be zeroed on transmission and MUST be ignored on receipt.  Note, that the
   both MBZ field is fields are used to calculate a key-hashed key hashed message
   authentication code (HMAC) ([RFC2104]) [RFC2104] hash.  Also, the packet includes
   an HMAC hash at the end of the PDU.  The detailed use of the HMAC
   field is described in Section 4.4.

4.3.  Session-Reflector Behavior and Packet Format

   The Session-Reflector receives the STAMP test STAMP-Test packet and verifies it.
   If the base STAMP test STAMP-Test packet is validated, the Session-Reflector, Session-Reflector
   that supports this specification, specification prepares and transmits the reflected
   test packet symmetric to the packet received from the Session-Sender
   copying the content beyond the size of the base STAMP packet (see
   Section 4.2).

4.3.1.  Session-Reflector Packet Format in Unauthenticated Mode

   For unauthenticated mode:

     0                   1                   2                   3
     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                        Sequence Number                        |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                          Timestamp                            |
    |                                                               |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |         Error Estimate        |            MBZ                |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                          Receive Timestamp                    |
    |                                                               |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                 Session-Sender Sequence Number                |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |                  Session-Sender Timestamp                     |
    |                                                               |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    | Session-Sender Error Estimate |            MBZ                |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |Ses-Sender TTL |                   Reserved                      MBZ                      |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

          Figure 5: STAMP Session-Reflector test packet format Test Packet Format in
                           unauthenticated mode

   where fields
                            Unauthenticated Mode

   Fields are defined as the following:

   o

   *  The Sequence Number field is four octets long field. long.  The value of the
      Sequence Number field is set according to the mode of the STAMP
      Session-Reflector:

      *  in

      -  In the stateless mode, the Session-Reflector copies the value
         from the received STAMP test STAMP-Test packet's Sequence Number field;

      *  in field.

      -  In the stateful mode, the Session-Reflector counts the
         transmitted STAMP test STAMP-Test packets.  It starts with zero and is
         incremented by one for each subsequent packet for each test
         session.  The Session-Reflector uses that counter to set the
         value of the Sequence Number field.

   o

   *  The Timestamp and Receive Timestamp fields are each eight octets
      long.  The format of these fields, NTP or PTPv2, is indicated by
      the Z field of the Error Estimate field field, as described in
      Section 4.2. 4.2.1.  Receive Timestamp is the time the test packet was
      received by the Session-
      Reflector. Session-Reflector.  Timestamp - is the time taken by
      the Session-Reflector at the start of transmitting the test
      packet.

   o

   *  The Error Estimate field has the same size and interpretation as
      described in Section 4.2. 4.2.1.  It is applicable to both Timestamp
      and Receive Timestamp.

   o

   *  The Session-Sender Sequence Number, Session-Sender Timestamp, and
      Session-Sender Error Estimate fields are copies of the
      corresponding fields in the STAMP test STAMP-Test packet sent by the Session-Sender.

   o Session-
      Sender.

   *  The Session-Sender TTL field is one octet long field, long, and its value is
      the copy of the TTL field in IPv4 (or Hop Limit in IPv6) from the
      received STAMP test STAMP-Test packet.

   o

   *  The MBZ is fields are used to achieve alignment of fields within the
      packet on a
      four octets four-octet boundary.  The value of the field MUST be zeroed on
      transmission and MUST be ignored on receipt.

   o  Reserved each MBZ field in the Session-Reflector unauthenticated packet is
      three octets long.  It MUST
      be all zeroed on the transmission and MUST be ignored on receipt.

4.3.2.  Session-Reflector Packet Format in Authenticated Mode

   For the authenticated mode:

      0                   1                   2                   3
      0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                        Sequence Number                        |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                        MBZ (12 octets)                        |
      |                                                               |
      |                                                               |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                          Timestamp                            |
      |                                                               |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |         Error Estimate        |                               |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+                               +
      |                        MBZ (6 octets)                         |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                        Receive Timestamp                      |
      |                                                               |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                        MBZ (8 octets)                         |
      |                                                               |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                 Session-Sender Sequence Number                |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                        MBZ (12 octets)                        |
      |                                                               |
      |                                                               |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                 Session-Sender Timestamp                      |
      |                                                               |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      | Session-Sender Error Estimate |                               |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+                               +
      |                        MBZ (6 octets)                         |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |Ses-Sender TTL |                                               |
      +-+-+-+-+-+-+-+-+                                               +
      |                                                               |
      |                        MBZ (15 octets)                        |
      |                                                               |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |                        HMAC (16 octets)                       |
      |                                                               |
      |                                                               |
      |                                                               |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

          Figure 6: STAMP Session-Reflector test packet format Test Packet Format in authenticated
                                   mode
                             Authenticated Mode

   The field definitions are the same as the unauthenticated mode,
   listed in Section 4.3.1.  Additionally, the MBZ field is used to to make
   the packet length a multiple of 16 octets.  The value of the field
   MUST be zeroed on transmission and MUST be ignored on receipt.
   Note,  Note
   that the MBZ field is used to calculate the HMAC hash value.  Also,
   the STAMP Session-Reflector test packet format in authenticated mode
   includes the HMAC ([RFC2104]) [RFC2104] hash at the end of the PDU.  The detailed
   use of the HMAC field is in Section 4.4.

4.4.  Integrity Protection in STAMP

   Authenticated mode provides integrity protection to each STAMP
   message by adding Hashed Message Authentication Code (HMAC).  STAMP
   uses HMAC-SHA-256 truncated to 128 bits (similarly to the use of it
   in IPSec IPsec defined in [RFC4868]); hence hence, the length of the HMAC field
   is 16 octets.  In the Authenticated authenticated mode, HMAC covers the first six
   blocks (96 octets).  HMAC uses its own key that key, which may be unique for
   each STAMP test STAMP-Test session; key management and the mechanisms to
   distribute the HMAC key are outside the scope of this specification.
   One example is to use an orchestrator to configure the HMAC key based
   on the STAMP YANG data model [I-D.ietf-ippm-stamp-yang]. [STAMP-YANG].  HMAC MUST be verified as
   early as possible to avoid using or propagating corrupted data.

   Future specifications may define the use of other, more advanced
   cryptographic algorithms, possibly providing an update to the STAMP
   YANG data model [I-D.ietf-ippm-stamp-yang]. [STAMP-YANG].

4.5.  Confidentiality Protection in STAMP

   If confidentiality protection for STAMP is required, a STAMP test STAMP-Test
   session MUST use a secured transport.  For example, STAMP packets
   could be transmitted in the dedicated IPsec tunnel or share the IPsec
   tunnel with the monitored flow.  Also, the Datagram Transport Layer
   Security protocol would provide the desired confidentiality
   protection.

4.6.  Interoperability with TWAMP Light

   One of the essential requirements to STAMP is the ability to
   interwork with a TWAMP Light device.  Because STAMP and TWAMP use
   different algorithms in Authenticated authenticated mode (HMAC-SHA-256 vs. versus HMAC-
   SHA-1), interoperability is only considered for Unauthenticated unauthenticated mode.
   There are two possible combinations for such a use case:

   o

   *  STAMP Session-Sender with TWAMP Light Session-Reflector;

   o Session-Reflector

   *  TWAMP Light Session-Sender with STAMP Session-Reflector. Session-Reflector

   In the former case, the Session-Sender might not be aware that its
   Session-Reflector does not support STAMP.  For example, a TWAMP Light
   Session-Reflector may not support the use of UDP port 862 862, as
   specified in [RFC8545].  Thus  Thus, Section 4. 4 permits a STAMP Session-
   Sender to use alternative ports.  If any of STAMP extensions are
   used, the TWAMP Light Session-Reflector will view them as the Packet
   Padding field.

   In the latter scenario, if a TWAMP Light Session-Sender does not
   support the use of UDP port 862, the test management system MUST set
   the STAMP Session-Reflector to use UDP port number, as permitted by
   Section 4.  The Session-Reflector MUST be set to use the default
   format for its timestamps, NTP.

   A STAMP Session-Reflector that supports this specification will
   transmit the base packet (Figure 5) if it receives a packet smaller
   than the STAMP base packet.  If the packet received from the TWAMP
   Session-Sender is larger than the STAMP base packet, the STAMP
   Session-Reflector that supports this specification will copy the
   content of the remainder of the received packet to transmit a
   reflected packet of symmetrical size.

5.  Operational Considerations

   STAMP is intended to be used on production networks to enable the
   operator to assess service level agreements based on packet delay,
   delay variation, and loss.  When using STAMP over the Internet,
   especially when STAMP test STAMP-Test packets are transmitted with the
   destination UDP port number from the User Ports range, the possible
   impact of the STAMP test STAMP-Test packets MUST be thoroughly analyzed.  The
   use of STAMP for each case MUST be agreed by users of nodes hosting
   the Session-Sender and Session-Reflector before starting the STAMP
   test STAMP-
   Test session.

   Also, the use of the well-known port number as the destination UDP
   port number in STAMP test STAMP-Test packets transmitted by a Session-Sender
   would not impede the ability to measure performance in an Equal Cost Equal-Cost
   Multipath environment environment, and analysis in Section 5.3 of [RFC8545] fully
   applies to STAMP.

6.  IANA Considerations

   This document doesn't have any has no IANA action.  This section may be
   removed before the publication. actions.

7.  Security Considerations

   [RFC5357] does not identify security considerations specific to
   TWAMP-Test but refers to security considerations identified for OWAMP
   in [RFC4656].  Since both OWAMP and TWAMP include control plane control-plane and
   data plane
   data-plane components, only security considerations related to OWAMP-
   Test,
   Test discussed in Sections 6.2, 6.2 and 6.3 of [RFC4656] apply to STAMP.

   STAMP uses the well-known UDP port number allocated for the OWAMP-
   Test/TWAMP-Test Receiver port.  Thus Port.  Thus, the security considerations and
   measures to mitigate the risk of the attack using the registered port
   number documented in Section 6 of [RFC8545] equally apply to STAMP.
   Because of the control and management of a STAMP test STAMP-Test being outside
   the scope of this specification specification, only the more general requirement is
   set:

      To mitigate the possible attack vector, the control, control and management
      of a STAMP test STAMP-Test session MUST use the secured transport.

      The load of the STAMP test STAMP-Test packets offered to a network MUST be
      carefully estimated, and the possible impact on the existing
      services MUST be thoroughly analyzed before launching the test
      session.  [RFC8085] section  Section 3.1.5 of [RFC8085] provides guidance on handling
      network load for UDP-based protocol.  While the characteristic of
      test traffic depends on the test objective, it is highly
      recommended to stay in the limits limits, as provided in [RFC8085].

   Use of HMAC-SHA-256 in the authenticated mode protects the data
   integrity of the STAMP test STAMP-Test packets.

8.

9.  References

9.1.

8.1.  Normative References

   [I-D.ietf-ippm-stamp-option-tlv]
              Mirsky, G., Xiao, M., Jun, G., Nydell, H., Foote, R., and
              A. Masputra, "Simple Two-way Active Measurement Protocol
              Optional Extensions", draft-ietf-ippm-stamp-option-tlv-01
              (work in progress), September 2019.

   [IEEE.1588.2008]
              "Standard
              IEEE, "IEEE Standard for a Precision Clock Synchronization
              Protocol for Networked Measurement and Control Systems",
              IEEE Standard 1588, March July 2008.

   [RFC2104]  Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed-
              Hashing for Message Authentication", RFC 2104,
              DOI 10.17487/RFC2104, February 1997,
              <https://www.rfc-editor.org/info/rfc2104>.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <https://www.rfc-editor.org/info/rfc2119>.

   [RFC4656]  Shalunov, S., Teitelbaum, B., Karp, A., Boote, J., and M.
              Zekauskas, "A One-way Active Measurement Protocol
              (OWAMP)", RFC 4656, DOI 10.17487/RFC4656, September 2006,
              <https://www.rfc-editor.org/info/rfc4656>.

   [RFC5357]  Hedayat, K., Krzanowski, R., Morton, A., Yum, K., and J.
              Babiarz, "A Two-Way Active Measurement Protocol (TWAMP)",
              RFC 5357, DOI 10.17487/RFC5357, October 2008,
              <https://www.rfc-editor.org/info/rfc5357>.

   [RFC5905]  Mills, D., Martin, J., Ed., Burbank, J., and W. Kasch,
              "Network Time Protocol Version 4: Protocol and Algorithms
              Specification", RFC 5905, DOI 10.17487/RFC5905, June 2010,
              <https://www.rfc-editor.org/info/rfc5905>.

   [RFC6038]  Morton, A. and L. Ciavattone, "Two-Way Active Measurement
              Protocol (TWAMP) Reflect Octets and Symmetrical Size
              Features", RFC 6038, DOI 10.17487/RFC6038, October 2010,
              <https://www.rfc-editor.org/info/rfc6038>.

   [RFC6335]  Cotton, M., Eggert, L., Touch, J., Westerlund, M., and S.
              Cheshire, "Internet Assigned Numbers Authority (IANA)
              Procedures for the Management of the Service Name and
              Transport Protocol Port Number Registry", BCP 165,
              RFC 6335, DOI 10.17487/RFC6335, August 2011,
              <https://www.rfc-editor.org/info/rfc6335>.

   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
              May 2017, <https://www.rfc-editor.org/info/rfc8174>.

   [RFC8186]  Mirsky, G. and I. Meilik, "Support of the IEEE 1588
              Timestamp Format in a Two-Way Active Measurement Protocol
              (TWAMP)", RFC 8186, DOI 10.17487/RFC8186, June 2017,
              <https://www.rfc-editor.org/info/rfc8186>.

   [RFC8545]  Morton, A., Ed. and G. Mirsky, Ed., "Well-Known Port
              Assignments for the One-Way Active Measurement Protocol
              (OWAMP) and the Two-Way Active Measurement Protocol
              (TWAMP)", RFC 8545, DOI 10.17487/RFC8545, March 2019,
              <https://www.rfc-editor.org/info/rfc8545>.

9.2.

8.2.  Informative References

   [BBF.TR-390]
              Broadband Forum, "Performance Measurement from IP Edge to
              Customer Equipment using TWAMP Light", BBF TR-390, TR-390 Issue 1, May
              2017.

   [I-D.ietf-ippm-stamp-yang]
              Mirsky, G., Xiao, M., and W. Luo, "Simple Two-way Active
              Measurement Protocol (STAMP) Data Model", draft-ietf-ippm-
              stamp-yang-05 (work in progress), October 2019.

   [RFC4868]  Kelly, S. and S. Frankel, "Using HMAC-SHA-256, HMAC-SHA-
              384, and HMAC-SHA-512 with IPsec", RFC 4868,
              DOI 10.17487/RFC4868, May 2007,
              <https://www.rfc-editor.org/info/rfc4868>.

   [RFC7750]  Hedin, J., Mirsky, G., and S. Baillargeon, "Differentiated
              Service Code Point and Explicit Congestion Notification
              Monitoring in the Two-Way Active Measurement Protocol
              (TWAMP)", RFC 7750, DOI 10.17487/RFC7750, February 2016,
              <https://www.rfc-editor.org/info/rfc7750>.

   [RFC8085]  Eggert, L., Fairhurst, G., and G. Shepherd, "UDP Usage
              Guidelines", BCP 145, RFC 8085, DOI 10.17487/RFC8085,
              March 2017, <https://www.rfc-editor.org/info/rfc8085>.

   [STAMP-OPTION]
              Mirsky, G., Xiao, M., Nydell, H., Foote, R., Masputra, A.,
              and E. Ruffini, "Simple Two-way Active Measurement
              Protocol Optional Extensions", Work in Progress, Internet-
              Draft, draft-ietf-ippm-stamp-option-tlv-03, 21 February
              2020, <https://tools.ietf.org/html/draft-ietf-ippm-stamp-
              option-tlv-03>.

   [STAMP-YANG]
              Mirsky, G., Xiao, M., and W. Luo, "Simple Two-way Active
              Measurement Protocol (STAMP) Data Model", Work in
              Progress, Internet-Draft, draft-ietf-ippm-stamp-yang-05,
              25 October 2019, <https://tools.ietf.org/html/draft-ietf-
              ippm-stamp-yang-05>.

Acknowledgments

   Authors

   The authors express their appreciation to Jose Ignacio Alvarez-Hamelin Alvarez-
   Hamelin and Brian Weis for their great insights into the security and
   identity protection, and protection as well as the most helpful and practical
   suggestions.  Also, our sincere thanks to David Ball and Ball, Rakesh Gandhi or Gandhi,
   and Xiao Min for their thorough reviews and helpful comments.

Authors' Addresses

   Greg Mirsky
   ZTE Corp.

   Email: gregimirsky@gmail.com

   Guo Jun
   ZTE Corporation Corp.
   68# Zijinghua Road
   Nanjing, Jiangsu
   Nanjing
   Jiangsu, 210012
   P.R.China
   China

   Phone: +86 18105183663
   Email: guo.jun2@zte.com.cn

   Henrik Nydell
   Accedian Networks

   Email: hnydell@accedian.com

   Richard Foote
   Nokia

   Email: footer.foote@nokia.com