rfc9507.original   rfc9507.txt 
ICNRG S. Mastorakis Internet Research Task Force (IRTF) S. Mastorakis
Internet-Draft University of Notre Dame Request for Comments: 9507 University of Notre Dame
Intended status: Experimental D. Oran Category: Experimental D. Oran
Expires: 18 February 2024 Network Systems Research and Design ISSN: 2070-1721 Network Systems Research and Design
I. Moiseenko I. Moiseenko
Apple Inc Apple Inc.
J. Gibson J. Gibson
R. Droms R. Droms
Unaffiliated Unaffiliated
17 August 2023 March 2024
ICN Traceroute Protocol Specification Information-Centric Networking (ICN) Traceroute Protocol Specification
draft-irtf-icnrg-icntraceroute-11
Abstract Abstract
This document presents the design of an ICN Traceroute protocol. This document presents the design of an Information-Centric
This includes the operation of both the client and the forwarder. Networking (ICN) Traceroute protocol. This includes the operation of
both the client and the forwarder.
This document is a product of the Information-Centric Networking This document is a product of the Information-Centric Networking
Research Group (ICNRG) of the IRTF. Research Group (ICNRG) of the IRTF.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This document is not an Internet Standards Track specification; it is
provisions of BCP 78 and BCP 79. published for examination, experimental implementation, and
evaluation.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months This document defines an Experimental Protocol for the Internet
and may be updated, replaced, or obsoleted by other documents at any community. This document is a product of the Internet Research Task
time. It is inappropriate to use Internet-Drafts as reference Force (IRTF). The IRTF publishes the results of Internet-related
material or to cite them other than as "work in progress." research and development activities. These results might not be
suitable for deployment. This RFC represents the consensus of the
Information-Centric Networking Research Group of the Internet
Research Task Force (IRTF). Documents approved for publication by
the IRSG are not candidates for any level of Internet Standard; see
Section 2 of RFC 7841.
This Internet-Draft will expire on 18 February 2024. Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
https://www.rfc-editor.org/info/rfc9507.
Copyright Notice Copyright Notice
Copyright (c) 2023 IETF Trust and the persons identified as the Copyright (c) 2024 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents
license-info) in effect on the date of publication of this document. (https://trustee.ietf.org/license-info) in effect on the date of
Please review these documents carefully, as they describe your rights publication of this document. Please review these documents
and restrictions with respect to this document. carefully, as they describe your rights and restrictions with respect
to this document.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction
1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 1.1. Requirements Language
2. Background on IP-Based Traceroute Operation . . . . . . . . . 3 2. Background on IP-Based Traceroute Operation
3. Traceroute Functionality Challenges and Opportunities in 3. Traceroute Functionality Challenges and Opportunities in ICN
ICN . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 4. ICN Traceroute CCNx Packet Formats
4. ICN Traceroute CCNx Packet Format . . . . . . . . . . . . . . 6 4.1. ICN Traceroute Request CCNx Packet Format
4.1. ICN Traceroute Request CCNx Packet Format . . . . . . . . 6 4.2. ICN Traceroute Reply CCNx Packet Format
4.2. Traceroute Reply CCNx Packet Format . . . . . . . . . . . 8 5. ICN Traceroute NDN Packet Formats
5. ICN Traceroute NDN Packet Format . . . . . . . . . . . . . . 12 5.1. ICN Traceroute Request NDN Packet Format
5.1. ICN Traceroute Request NDN Packet Format . . . . . . . . 12 5.2. ICN Traceroute Reply NDN Packet Format
5.2. Traceroute Reply NDN Packet Format . . . . . . . . . . . 13 6. Forwarder Operation
6. Forwarder Operation . . . . . . . . . . . . . . . . . . . . . 14 7. Protocol Operation for Locally Scoped Namespaces
7. Protocol Operation For Locally-Scoped Namespaces . . . . . . 15 8. Security Considerations
8. Security Considerations . . . . . . . . . . . . . . . . . . . 16 9. IANA Considerations
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 17 10. References
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 17 10.1. Normative References
10.1. Normative References . . . . . . . . . . . . . . . . . . 17 10.2. Informative References
10.2. Informative References . . . . . . . . . . . . . . . . . 17 Appendix A. Traceroute Client Application (Consumer) Operation
Appendix A. Traceroute Client Application (Consumer) Authors' Addresses
Operation . . . . . . . . . . . . . . . . . . . . . . . . 18
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 19
1. Introduction 1. Introduction
In TCP/IP, routing and forwarding are based on IP addresses. To In TCP/IP, routing and forwarding are based on IP addresses. To
ascertain the route to an IP address and to measure the transit ascertain the route to an IP address and to measure the transit
delays, the traceroute utility is commonly used. In ICN, routing and delays, the traceroute utility is commonly used. In Information-
forwarding are based on name prefixes. To this end, the problem of Centric Networking (ICN), routing and forwarding are based on name
ascertaining the characteristics (i.e., transit forwarders and prefixes. To this end, the ability to ascertain the characteristics
delays) of at least one of the available routes to a name prefix is a of at least one of the available routes to a name prefix is a
fundamendal requirement for instrumentation and network management. fundamental requirement for instrumentation and network management.
These characteristics include, among others, route properties such as
which forwarders were transited and the delay incurred through
forwarding.
In order to carry out meaningful experimentation and deployment of In order to carry out meaningful experimentation and deployment of
ICN protocols, tools to manage and debug the operation of ICN ICN protocols, new tools analogous to ping and traceroute used for
architectures and protocols are needed analogous to ping and TCP/IP are needed to manage and debug the operation of ICN
traceroute used for TCP/IP. This document describes the design of a architectures and protocols. This document describes the design of a
management and debugging protocol analogous to the traceroute management and debugging protocol analogous to the traceroute
protocol of TCP/IP, which will aid the experimental deployment of ICN protocol of TCP/IP; this new management and debugging protocol will
protocols. As the community continues its experimentation with ICN aid the experimental deployment of ICN protocols. As the community
architectures and protocols, the design of ICN Traceroute might continues its experimentation with ICN architectures and protocols,
change accordingly. ICN Traceroute is designed as a tool to the design of ICN Traceroute might change accordingly. ICN
troubleshoot ICN architectures and protocols. As such, this document Traceroute is designed as a tool to troubleshoot ICN architectures
is classified as an experimental RFC. and protocols. As such, this document is classified as an
Experimental RFC.
This specification uses the terminology defined in [RFC8793]. This specification uses the terminology defined in [RFC8793].
This document is not an Internet Standards Track specification; it is This RFC represents the consensus of the Information-Centric
published for examination, experimental implementation, and Networking Research Group (ICNRG) of the Internet Research Task Force
evaluation. This document defines an Experimental Protocol for the (IRTF).
Internet community. This document is a product of the Internet
Research Task Force (IRTF). The IRTF publishes the results of
Internet-related research and development activities. These results
might not be suitable for deployment. This RFC represents the
consensus of the Information-Centric Networking Research Group of the
Internet Research Task Force (IRTF). Documents approved for
publication by the IRSG are not candidates for any level of Internet
Standard; see Section 2 of RFC 7841.
1.1. Requirements Language 1.1. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
document are to be interpreted as described in BCP 14 [RFC2119] "OPTIONAL" in this document are to be interpreted as described in
[RFC8174] when, and only when, they appear in all capitals, as shown BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
here. capitals, as shown here.
2. Background on IP-Based Traceroute Operation 2. Background on IP-Based Traceroute Operation
In IP-based networks, traceroute is based on the expiration of the In IP-based networks, traceroute is based on the expiration of the
Time To Live (TTL) IP header field. Specifically, a traceroute Time To Live (TTL) IP header field. Specifically, a traceroute
client sends consecutive packets (depending on the implementation and client sends consecutive packets (depending on the implementation and
the user-specified behavior such packets can be either UDP datagrams, the user-specified behavior, such packets can be either UDP
ICMP Echo Request or TCP SYN packets) with a TTL value increased by datagrams, ICMP Echo Request packets, or TCP SYN packets) with a TTL
1, essentially performing a expanding ring search. In this way, the value increased by 1, essentially performing an expanding ring
first IP packet sent will expire at the first router along the path, search. In this way, the first IP packet sent will expire at the
the second IP packet at the second router along the path, etc, until first router along the path, the second IP packet at the second
the router (or host) with the specified destination IP address is router along the path, etc., until the router (or host) with the
reached. Each router along the path towards the destination, specified destination IP address is reached. Each router along the
responds by sending back an ICMP Time Exceeded packet, unless path towards the destination responds by sending back an ICMP Time
explicitly prevented from doing so by a security policy. Exceeded packet, unless explicitly prevented from doing so by a
security policy.
The IP-based traceroute utility operates on IP addresses, and in The IP-based traceroute utility operates on IP addresses and in
particular depends on the IP packets having source IP addresses that particular depends on the IP packets having source IP addresses that
are used as the destination address for replies. Given that ICN are used as the destination address for replies. Given that ICN
forwards based on names rather than destination IP addresses, that forwards based on names rather than destination IP addresses, that
the names do not refer to unique endpoints (multi-destination), and the names do not refer to unique endpoints (multi-destination), and
that the packets do not contain source addresses, a substantially that the packets do not contain source addresses, a substantially
different approach is needed. different approach is needed.
3. Traceroute Functionality Challenges and Opportunities in ICN 3. Traceroute Functionality Challenges and Opportunities in ICN
In the NDN and CCN protocols, the communication paradigm is based In the Named Data Networking (NDN) and Content-Centric Networking
exclusively on named objects. An Interest is forwarded across the (CCNx) protocols, the communication paradigm is based exclusively on
network based on its name. Eventually, it retrieves a content object named objects. An Interest message is forwarded across the network
either from a producer application or some forwarder's Content Store based on its name. Eventually, it retrieves a Content Object from
(CS). either a producer application or some forwarder's Content Store (CS).
An ICN network differs from an IP network in at least 4 important An ICN network differs from an IP network in at least four important
ways: ways (four of which are as follows):
* IP identifies interfaces to an IP network with a fixed-length * IP identifies interfaces to an IP network with a fixed-length
address, and delivers IP packets to one or more interfaces. ICN address and delivers IP packets to one or more interfaces. ICN
identifies units of data in the network with a variable length identifies units of data in the network with a variable-length
name consisting of a hierarchical list of segments. name consisting of a hierarchical list of segments.
* An IP-based network depends on the IP packets having source IP * An IP-based network depends on the IP packets having source IP
addresses that are used as the destination address for replies. addresses that are used as the destination address for replies.
On the other hand, ICN Interests do not have source addresses and On the other hand, ICN Interests do not have source addresses, and
they are forwarded based on names, which do not refer to a unique they are forwarded based on names, which do not refer to a unique
end-point. Data packets follow the reverse path of the Interests endpoint. Data packets follow the reverse path of the Interests
based on hop-by-hop state created during Interest forwarding. based on hop-by-hop state created during Interest forwarding.
* An IP network supports multi-path, single destination, stateless * An IP network supports multi-path, single-destination, stateless
packet forwarding and delivery via unicast, a limited form of packet forwarding and delivery via unicast; a limited form of
multi-destination selected delivery with anycast, and group-based multi-destination selected delivery with anycast; and group-based
multi-destination delivery via multicast. In contrast, ICN multi-destination delivery via multicast. In contrast, ICN
supports multi-path and multi-destination stateful Interest supports multi-path and multi-destination stateful Interest
forwarding and multi-destination data delivery to units of named forwarding and multi-destination data delivery to units of named
data. This single forwarding semantic subsumes the functions of data. This single forwarding semantic subsumes the functions of
unicast, anycast, and multicast. As a result, consecutive (or unicast, anycast, and multicast. As a result, consecutive (or
retransmitted) ICN Interest messages may be forwarded through an retransmitted) ICN Interest messages may be forwarded through an
ICN network along different paths, and may be forwarded to ICN network along different paths and may be forwarded to
different data sources (e.g., end-node applications, in-network different data sources (e.g., end-node applications, in-network
storage) holding a copy of the requested unit of data. The storage) holding a copy of the requested unit of data. The
ability to discover multiple available (or potentially all) paths ability to discover multiple available (or potentially all) paths
towards a name prefix is a desirable capability for an ICN towards a name prefix is a desirable capability for an ICN
traceroute protocol, since it can be beneficial for congestion Traceroute protocol, since it can be beneficial for congestion
control purposes. Knowing the number of available paths for a control purposes. Knowing the number of available paths for a
name can also be useful in cases that Interest forwarding based on name can also be useful in cases where Interest forwarding based
application semantics/preferences is desirable. on application semantics/preferences is desirable.
* In the case of multiple Interests with the same name arriving at a * In the case of multiple Interests with the same name arriving at a
forwarder, a number of Interests may be aggregated in a common forwarder, a number of Interests may be aggregated in a common
Pending Interest Table (PIT) entry. Depending on the lifetime of Pending Interest Table (PIT) entry. Depending on the lifetime of
a PIT entry, the round-trip time an Interest-Data exchange might a PIT entry, the round-trip time of an Interest-Data exchange
significantly vary (e.g., it might be shorter than the full round- might vary significantly (e.g., it might be shorter than the full
trip time to reach the original content producer). To this end, round-trip time to reach the original content producer). To this
the round-trip time experienced by consumers might also vary even end, the round-trip time experienced by consumers might also vary
under constant network load. even under constant network load.
These differences introduce new challenges, new opportunities and new These differences introduce new challenges, new opportunities, and
requirements in the design of ICN traceroute. Following this new requirements regarding the design of ICN Traceroute. Following
communication model, a traceroute client should be able to express this communication model, a traceroute client should be able to
traceroute requests directed to a name prefix and receive responses. express traceroute requests directed to a name prefix and receive
responses.
Our goals are the following: Our goals are as follows:
* Trace one or more paths towards an ICN forwarder (for * Trace one or more paths towards an ICN forwarder (for
troubleshooting purposes). troubleshooting purposes).
* Trace one or more paths along which an named data of an * Trace one or more paths through which a named data object can be
application can be reached in the sense that Interest packets can reached in the sense that Interest packets can be forwarded
be forwarded toward it. towards the application hosting the object.
* Test whether a specific named object is cached in some on-path CS, * Test whether a specific named object is cached in some on-path CS,
and, if so, trace the path towards it and return the identity of and, if so, trace the path towards it and return the identity of
the corresponding forwarder. the corresponding forwarder.
* Perform transit delay network measurements. * Perform transit delay network measurements.
To this end, a traceroute target name can represent: To this end, a traceroute target name can represent:
* An administrative name that has been assigned to a forwarder. * An administrative name that has been assigned to a forwarder.
Assigning a name to a forwarder implies the presence of a Assigning a name to a forwarder implies the presence of a
management application running locally, which handles Operations, management application running locally that handles Operations,
Administration and Management (OAM) operations. Administration, and Maintenance (OAM) operations.
* A name that includes an application's namespace as a prefix. * A name that includes an application's namespace as a prefix.
* A named object that might reside in some in-network storage. * A named object that might reside in some in-network storage.
In order to provide stable and reliable diagnostics, it is desirable In order to provide stable and reliable diagnostics, it is desirable
that the packet encoding of a traceroute request enable the that the packet encoding of a traceroute request enable the
forwarders to distinguish this request from a normal Interest, while forwarders to distinguish this request from a normal Interest while
also preserving forwarding behavior as similar as possible to that also diverging as little as possible from the forwarding behavior for
for an Interest packet. In the same way, the encoding of a an Interest packet. In the same way, the encoding of a traceroute
traceroute reply should allow for processing as similar as possible reply should minimize any processing differences from those employed
to that of a data packet by the forwarders. for a data packet by the forwarders.
The term "traceroute session" is used for an iterative process during The term "traceroute session" is used for an iterative process during
which an endpoint client application generates a number of traceroute which an endpoint client application generates a number of traceroute
requests to successively traverse more distant hops in the path until requests to successively traverse more distant hops in the path until
it receives a final traceroute reply from a forwarder. It is it receives a final traceroute reply from a forwarder. It is
desirable that ICN traceroute be able to discover a number of paths desirable that ICN Traceroute be able to discover a number of paths
towards the expressed prefix within the same session or subsequent towards the expressed prefix within the same session or subsequent
sessions. To discover all the hops in a path, we need a mechanism sessions. To discover all the hops in a path, we need a mechanism
(Interest Steering) to steer requests along different paths. Such a (Interest Steering) to steer requests along different paths. Such a
capability was initially published in [PATHSTEERING] and has been capability was initially published in [PATHSTEERING] and has been
specified for CCNx and NDN in [I-D.irtf-icnrg-pathsteering]. specified for CCNx and NDN in [RFC9531].
It is also important, in the case of traceroute requests for the same In the case of traceroute requests for the same prefix from different
prefix from different sources, to have a mechanism to avoid sources, it is also important to have a mechanism to avoid
aggregating those requests in the PIT. To this end, we need some aggregating those requests in the PIT. To this end, we need some
encoding in the traceroute requests to make each request for a common encoding in the traceroute requests to make each request for a common
prefix unique, and hence avoid PIT aggregation and further enabling prefix unique, hence avoiding PIT aggregation and further enabling
the exact matching of a response with a particular traceroute packet. the exact matching of a response with a particular traceroute packet.
The packet types and format are presented in Section 4. The The packet types and formats are presented in Section 4. Procedures
procedures, e.g. the procedures for determining and indicating that a for determining and indicating that a destination has been reached
destination has been reached, are specified in Section 6. are included in Section 6.
4. ICN Traceroute CCNx Packet Format 4. ICN Traceroute CCNx Packet Formats
In this section, we present the CCNx packet format [RFC8609] of ICN In this section, we present the CCNx packet formats [RFC8609] of ICN
traceroute, where messages exist within outermost containments Traceroute where messages exist within outermost containments
(packets). Specifically, we propose two types of traceroute packets, (packets). Specifically, we propose two types of traceroute packets:
a traceroute request and a traceroute reply packet type. a traceroute request and a traceroute reply.
4.1. ICN Traceroute Request CCNx Packet Format 4.1. ICN Traceroute Request CCNx Packet Format
The format of the traceroute request packet is presented below: The format of the traceroute request packet is presented below:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| | | | | | | |
| Version | TrRequest | PacketLength | | Version | PT_TR_REQUEST | PacketLength |
| | | | | | | |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| | | | | | | | | |
| HopLimit | Reserved | Flags | HeaderLength | | HopLimit | Reserved | Flags | HeaderLength |
| | | | | | | | | |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
/ / / /
/ Path label TLV / / Path Label TLV /
/ / / /
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| | | |
| Traceroute Request Message TLVs | | Traceroute Request Message TLVs |
| | | |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
Figure 1: Traceroute Request CCNx Packet Format Figure 1: Traceroute Request CCNx Packet Format
The existing packet header fields have similar functionality to the The existing packet header fields have functionality similar to that
header fields of a CCNx Interest packet. The value of the packet of the header fields of a CCNx Interest packet. The value of the
type field is TrRequest. See Section 9 for the value assignment. packet type field is PT_TR_REQUEST. See Section 9 for the value
assignment.
Compared to the typical format of a CCNx packet header [RFC8609], In contrast to the typical format of a CCNx packet header [RFC8609],
there is a new optional fixed header added to the packet header: there is a new optional fixed header added to the packet header:
* A Path Steering hop-by-hop header TLV, which is constructed hop- * A Path Steering hop-by-hop header TLV, which is constructed hop by
by-hop in the traceroute reply and included in the traceroute hop in the traceroute reply and included in the traceroute request
request to steer consecutive requests expressed by a client to steer consecutive requests expressed by a client towards a
towards a common or different forwarding paths. The Path label common forwarding path or different forwarding paths. The Path
TLV is specified in [I-D.irtf-icnrg-pathsteering] Label TLV is specified in [RFC9531].
The message of a traceroute request is presented below: The message of a traceroute request is presented below:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| | | | | |
| MessageType = 1 | MessageLength | | MessageType = 0x05 | MessageLength |
| | | | | |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| | | |
| Name TLV | | Name TLV |
| | | |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
Figure 2: Traceroute Request Message Format Figure 2: Traceroute Request Message Format
The traceroute request message is of type Interest in order to The traceroute request message is of type T_DISCOVERY. The Name TLV
leverage the Interest forwarding behavior provided by the network. has the structure described in [RFC8609]. The name consists of the
The Name TLV has the structure described in [RFC8609]. The name target (destination) prefix appended with a nonce typed name as its
consists of the target (destination) prefix appended with a nonce last segment. The nonce can be encoded as a base64-encoded string
typed name as its last segment. The nonce can be encoded as a with the URL-safe alphabet as defined in Section 5 of [RFC4648], with
base64-encoded string with the URL-safe alphabet as defined in padding omitted. The format of this TLV is a 64-bit nonce. See
Section 5 of [RFC4648], with padding omitted. The format of this TLV [RFC9508] for the value assignment. The purpose of the nonce is to
is a 64-bit nonce. See Section 9 for the value assignment. The avoid Interest aggregation and allow client matching of replies with
purpose of the nonce is to avoid Interest aggregation and allow requests. As described below, the nonce is ignored for CS checking.
client matching of replies with requests. As described below, the
nonce is ignored for CS checking.
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| | | | | |
| Name_Nonce_Type | Name_Nonce_Length = 8 | | Name_Nonce_Type | Name_Nonce_Length = 8 |
| | | | | |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| | | |
| | | |
| | | |
| Name_Nonce_Value | | Name_Nonce_Value |
| | | |
| | | |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
Figure 3: Name Nonce Typed Segment TLV Figure 3: Name Nonce Typed Segment TLV
4.2. Traceroute Reply CCNx Packet Format 4.2. ICN Traceroute Reply CCNx Packet Format
The format of a traceroute reply packet is presented below: The format of a traceroute reply packet is presented below:
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| | | | | | | |
| Version | TrReply | PacketLength | | Version | PT_TR_REPLY | PacketLength |
| | | | | | | |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| | | | | | | |
| Reserved | Flags | HeaderLength | | Reserved | Flags | HeaderLength |
| | | | | | | |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| | | |
| Path label TLV | | Path Label TLV |
| | | |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| | | |
| Traceroute Reply Message TLVs | | Traceroute Reply Message TLVs |
| | | |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
Figure 4: Traceroute Reply CCNx Packet Format Figure 4: Traceroute Reply CCNx Packet Format
The header of a traceroute reply consists of the header fields of a The header of a traceroute reply consists of the header fields of a
CCNx Content Object and a hop-by-hop path steering TLV. The value of CCNx Content Object and a hop-by-hop Path Steering TLV. The value of
the packet type field is TrReply. See Section 9 for the value the packet type field is PT_TR_REPLY. See Section 9 for the value
assignment. assignment.
A traceroute reply message is of type Content Object, contains a Name A traceroute reply message is of type T_OBJECT and contains a Name
TLV (name of the corresponding traceroute request), a PayloadType TLV TLV (name of the corresponding traceroute request), a PayloadType
and an ExpiryTime TLV with a value of 0 to indicate that replies must TLV, and an ExpiryTime TLV with a value of 0 to indicate that replies
not be returned from network caches. must not be returned from network caches.
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| | | | | |
| MessageType = 2 | MessageLength | | MessageType = 0x06 | MessageLength |
| | | | | |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| | | |
| Name TLV | | Name TLV |
| | | |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| | | |
| PayloadType TLV | | PayloadType TLV |
| | | |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| | | |
| ExpiryTime TLV | | ExpiryTime TLV |
| | | |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
Figure 5: Traceroute Reply Message Format Figure 5: Traceroute Reply Message Format
The PayloadType TLV is presented below. It is of type The PayloadType TLV is presented below. It is of type
T_PAYLOADTYPE_DATA, and the data schema consists of 3 TLVs: T_PAYLOADTYPE_DATA, and the data schema consists of three TLVs:
1) the name of the sender of this reply (with the same structure as 1) the name of the sender of this reply (with the same structure as
a CCNx Name TLV), a CCNx Name TLV),
2) the sender's signature of their own name (with the same structure 2) the sender's signature of their own name (with the same structure
as a CCNx ValidationPayload TLV), as a CCNx ValidationPayload TLV), and
3) a TLV with return codes to indicate whether the request was 3) a TLV with return codes to indicate whether the request was
satisfied due to the existence of a local application, a CS hit satisfied due to the existence of a local application, a CS hit,
or a match with a forwarder's name, or the HopLimit value of the a match with a forwarder's name, or the HopLimit value of the
corresponding request reached 0. corresponding request reaching 0.
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| | | | | |
| T_PAYLOADTYPE_DATA | Length | | T_PAYLOADTYPE_DATA | Length |
| | | | | |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| | | |
| Sender's Name TLV | | Sender's Name TLV |
| | | |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| | | |
| Sender's Signature TLV | | Sender's Signature TLV |
| | | |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| | | |
| TrReply Code TLV | | PT_TR_REPLY Code TLV |
| | | |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
Figure 6: Traceroute Reply Message Format Figure 6: Traceroute Reply PayloadType TLV Format
The goal of including the name of the sender in the reply is to The goal of including the name of the sender in the reply is to
enable the user to reach this entity directly to ask for further enable the user to reach this entity directly to ask for further
management/administrative information using generic Interest-Data management/administrative information using generic Interest-Data
exchanges or by employing a more comprehensive management tool such exchanges or by employing a more comprehensive management tool, such
as CCNInfo [RFC9344] after a successful verification of the sender's as CCNinfo [RFC9344], after a successful verification of the sender's
name. name.
The structure of the TrReply Code TLV is presented below (16-bit The structure of the PT_TR_REPLY Code TLV is presented below (16-bit
value). The assigned values are the following: value). The four assigned values are as follows:
1: Indicates that the target name matched the administrative name of 1: Indicates that the target name matched the administrative name of
a forwarder (as served by its internal management application). a forwarder (as served by its internal management application).
2: Indicates that the target name matched a prefix served by an 2: Indicates that the target name matched a prefix served by an
application (other than the internal management application of a application (other than the internal management application of a
forwarder). forwarder).
3: Indicates that the target name matched the name of an object in a 3: Indicates that the target name matched the name of an object in a
forwarder's CS. forwarder's CS.
4: Indicates that the the Hop limit reached the 0 value. 4: Indicates that the HopLimit reached 0.
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| | | | | |
| TrReply_Code_Type | TrReply_Code_Length = 2 | | PT_TR_REPLY_Code_Type | PT_TR_REPLY_Code_Length = 2 |
| | | | | |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
| | | |
| TrReply_Code_Value | | PT_TR_REPLY_Code_Value |
| | | |
+---------------+---------------+---------------+---------------+ +---------------+---------------+---------------+---------------+
Figure 7: TrReply Code TLV Figure 7: PT_TR_REPLY Code TLV
5. ICN Traceroute NDN Packet Format 5. ICN Traceroute NDN Packet Formats
In this section, we present the ICN traceroute Request and Reply In this section, we present the ICN Traceroute Request and Reply
Format according to the NDN packet specification [NDNTLV]. packet formats according to the NDN packet format specification
[NDNTLV].
5.1. ICN Traceroute Request NDN Packet Format 5.1. ICN Traceroute Request NDN Packet Format
A traceroute request is encoded as an NDN Interest packet. Its A traceroute request is encoded as an NDN Interest packet. Its
format is the following: format is as follows:
TracerouteRequest = INTEREST-TYPE TLV-LENGTH TracerouteRequest = INTEREST-TYPE TLV-LENGTH
Name Name
MustBeFresh MustBeFresh
Nonce Nonce
HopLimit HopLimit
ApplicationParameters? ApplicationParameters?
Figure 8: Traceroute Request NDN Packet Format Figure 8: Traceroute Request NDN Packet Format
The name of a request consists of the target name, a nonce value (it The name of a request consists of the target name, a nonce value (it
can be the value of the Nonce field) and the suffix "traceroute" to can be the value of the Nonce field), and the suffix "traceroute" to
denote that this Interest is a traceroute request (added as a denote that this Interest is a traceroute request (added as a
KeywordNameComponent). When the "ApplicationParameters" element is KeywordNameComponent [NDNTLV]). When the "ApplicationParameters"
present, a ParametersSha256DigestComponent is added as the last name element is present, a ParametersSha256DigestComponent (Section 6) is
segment. added as the last name segment.
A traceroute request MAY carry a Path label TLV in the NDN Link A traceroute request MAY carry a Path Label TLV in the NDN Link
Adaptation Protocol [NDNLPv2] as specified in Adaptation Protocol [NDNLPv2] as specified in [RFC9531].
[I-D.irtf-icnrg-pathsteering].
Since the NDN packet format does not provide a mechanism to prevent Since the NDN packet format does not provide a mechanism to prevent
the network from caching specific data packets, we instead use the the network from caching specific data packets, we instead use the
MustBeFresh selector for requests (in combination with a Freshness MustBeFresh TLV for requests (in combination with a FreshnessPeriod
Period TLV of value 1 for replies) to avoid fetching cached TLV with a value of 1 for replies) to avoid fetching cached
traceroute replies with a freshness period that has expired traceroute replies with a freshness period that has expired
[REALTIME]. [REALTIME].
5.2. Traceroute Reply NDN Packet Format 5.2. ICN Traceroute Reply NDN Packet Format
A traceroute reply is encoded as an NDN Data packet. Its format is A traceroute reply is encoded as an NDN Data packet. Its format is
the following: as follows:
TracerouteReply = DATA-TLV TLV-LENGTH TracerouteReply = DATA-TLV TLV-LENGTH
Name Name
MetaInfo MetaInfo
Content Content
Signature Signature
Figure 9: Traceroute Reply NDN Packet Format Figure 9: Traceroute Reply NDN Packet Format
A traceroute reply MAY carry a Path label TLV in the NDN Link A traceroute reply MAY carry a Path Label TLV in the NDN Link
Adaptation Protocol [NDNLPv2] as specified in Adaptation Protocol [NDNLPv2] as specified in [RFC9531], since it
[I-D.irtf-icnrg-pathsteering], since it might be modified in a hop- might be modified in a hop-by-hop fashion by the forwarders along the
by-hop fashion by the forwarders along the reverse path. reverse path.
The name of a traceroute reply is the name of the corresponding The name of a traceroute reply is the name of the corresponding
traceroute request, while the format of the MetaInfo field is the traceroute request while the format of the MetaInfo field is as
following: follows:
MetaInfo = META-INFO-TYPE TLV-LENGTH MetaInfo = META-INFO-TYPE TLV-LENGTH
ContentType ContentType
FreshnessPeriod FreshnessPeriod
Figure 10: MetaInfo TLV Figure 10: MetaInfo TLV
The value of the ContentType TLV is 0. The value of the The value of the ContentType TLV is 0. The value of the
FreshnessPeriod TLV is 1, so that the replies are treated as stale FreshnessPeriod TLV is 1, so that the replies are treated as stale
data (almost instantly) as they are received by a forwarder. data (almost instantly) as they are received by a forwarder.
The content of a traceroute reply consists of the following 2 TLVs: The content of a traceroute reply consists of the following two TLVs:
Sender's name (an NDN Name TLV) and Traceroute Reply Code. There is Sender's Name (an NDN Name TLV) and Traceroute Reply Code. There is
no need to have a separate TLV for the sender's signature in the no need to have a separate TLV for the sender's signature in the
content of the reply, since every NDN data packet carries the content of the reply, since every NDN Data packet carries the
signature of the data producer. signature of the data producer.
The Traceroute Reply Code TLV format is the following (with the The Traceroute Reply Code TLV format is as follows (with the values
values specified in Section 4.2): specified in Section 4.2):
TrReplyCode = TRREPLYCODE-TLV-TYPE TLV-LENGTH 2*OCTET PT_TR_REPLYCode = TRREPLYCODE-TLV-TYPE TLV-LENGTH 2*OCTET
Figure 11: Traceroute Reply Code TLV Figure 11: Traceroute Reply Code TLV
6. Forwarder Operation 6. Forwarder Operation
When a forwarder receives a traceroute request, the hop limit value When a forwarder receives a traceroute request, the HopLimit value is
is checked and decremented and the target name (i.e, the name of the checked and decremented, and the target name (i.e., the name of the
traceroute request without the last nonce name segment as well as the traceroute request without the last Nonce name segment as well as the
suffix "traceroute" and the ParametersSha256DigestComponent in the suffix "traceroute" and the ParametersSha256DigestComponent in the
case of a request with the NDN packet format) is extracted. case of a request with the NDN packet format) is extracted.
If the HopLimit has not expired (its value is greater than 0), the If the HopLimit has not expired (i.e., is greater than 0), the
forwarder will forward the request upstream based on CS lookup, PIT forwarder will forward the request upstream based on CS lookup, PIT
creation, LPM lookup and the path steering value, if present. If no creation, Longest Name Prefix Match (LNPM) lookup, and (if present)
valid next-hop is found, an InterestReturn indicating "No Route" in the path steering value. If no valid next hop is found, an
the case of CCNx or a network NACK in the case of NDN is sent InterestReturn indicating "No Route" in the case of CCNx or a network
downstream. NACK in the case of NDN is sent downstream.
If the HopLimit value is equal to zero, the forwarder generates a If HopLimit equals 0, the forwarder generates a traceroute reply.
traceroute reply. This reply includes the forwarder's administrative This reply includes the forwarder's administrative name and
name and signature, and a Path label TLV. This TLV initially has a signature, and a Path Label TLV. This TLV initially has a null
null value since the traceroute reply originator does not forward the value, since the traceroute reply originator does not forward the
request and, thus, does not make a path choice. The reply will also request and thus does not make a path choice. The reply will also
include the corresponding TrReply Code TLV. include the corresponding PT_TR_REPLY Code TLV.
A traceroute reply will be the final reply of a traceroute session if A traceroute reply will be the final reply of a traceroute session if
any of the following conditions are met: any of the following conditions are met:
* If a forwarder has been given one or more administrative names, * If a forwarder has been given one or more administrative names,
the target name matches one of them. the target name matches one of them.
* The target name exactly matches the name of a content-object * The target name exactly matches the name of a Content Object
residing in the forwarder's CS (unless the traceroute client residing in the forwarder's CS (unless the traceroute client
application has chosen not to receive replies due to CS hits as application has chosen not to receive replies due to CS hits as
specified in Appendix A). specified in Appendix A).
* The target name matches (in a Longest Prefix Match manner) a FIB * The target name matches (in an LNPM manner) a FIB entry with an
entry with an outgoing face referring to a local application. outgoing face referring to a local application.
The TrReply Code TLV value of the reply is set to indicate the The PT_TR_REPLY Code TLV value of the reply is set to indicate the
specific condition that was met. If none of those conditions was specific condition that was met. If none of those conditions were
met, the TrReply Code is set to 4 to indicate that the hop limit met, the PT_TR_REPLY Code is set to 4 to indicate that the HopLimit
value reached 0. reached 0.
A received traceroute reply will be matched to an existing PIT entry A received traceroute reply will be matched to an existing PIT entry
as usual. On the reverse path, the path steering TLV of a reply will as usual. On the reverse path, the Path Steering TLV of a reply will
be updated by each forwarder to encode its choice of next-hop(s). be updated by each forwarder to encode its choice of next hop(s).
When included in subsequent requests, this path steering TLV allows When included in subsequent requests, this Path Steering TLV allows
the forwarders to steer the requests along the same path. the forwarders to steer the requests along the same path.
7. Protocol Operation For Locally-Scoped Namespaces 7. Protocol Operation for Locally Scoped Namespaces
In this section, we elaborate on 2 alternative design approaches in In this section, we elaborate on two alternative design approaches in
cases that the traceroute target prefix corresponds to a locally- cases where the traceroute target prefix corresponds to a locally
scoped namespace not directly routable from the client's local scoped namespace not directly routable from the client's local
network. network.
The first approach leverages the NDN Link Object [SNAMP]. The first approach leverages the NDN Link Object [SNAMP].
Specifically, the traceroute client attaches to the expressed request Specifically, the traceroute client attaches to the expressed request
a LINK Object that contains a number of routable name prefixes, based a Link Object that contains a number of routable name prefixes, based
on which the request can be forwarded across the Internet until it on which the request can be forwarded across the Internet until it
reaches a network region, where the request name itself is routable. reaches a network region where the request name itself is routable.
A LINK Object is created and signed by a data producer allowed to A Link Object is created and signed by a data producer allowed to
publish data under a locally-scoped namespace. The way that a client publish data under a locally scoped namespace. The way that a client
retrieves a LINK Object depends on various network design factors and retrieves a Link Object depends on various network design factors and
is out of the scope of the current draft. is out of scope for this document.
Based on the current deployment of the LINK Object by the NDN team, a At the time of this writing, and based on the current deployment of
forwarder at the border of the region, where an Interest name becomes the Link Object by the NDN team [NDNLPv2], a forwarder at the border
routable has to remove the LINK Object from the incoming Interests. of the region where an Interest name becomes routable has to remove
The Interest state maintained along the entire forwarding path is the Link Object from the incoming Interests. The Interest state
based on the Interest name regardless of whether it was forwarded maintained along the entire forwarding path is based on the Interest
based on this name or a prefix in the LINK Object. name regardless of whether it was forwarded based on this name or a
prefix in the Link Object.
The second approach is based on prepending a routable prefix to the The second approach is based on prepending a routable prefix to the
locally-scoped name. The resulting prefix will be the name of the locally scoped name. The resulting prefix will be the name of the
traceroute requests expressed by the client. In this way, a request traceroute requests expressed by the client. In this way, a request
will be forwarded based on the routable part of its name. When it will be forwarded based on the routable part of its name. When it
reaches the network region where the original locally-scoped name is reaches the network region where the original locally scoped name is
routable, the border forwarder rewrites the request name and deletes routable, the border forwarder rewrites the request name and deletes
its routable part. There are two conditions for a forwarder to its routable part. A forwarder will perform this rewriting operation
perform this rewriting operation on a request: on a request if the following two conditions are met:
1) the routable part of the request name matches a routable name of 1) the routable part of the request name matches a routable name of
the network region adjacent to the forwarder (assuming that a the network region adjacent to the forwarder (assuming that a
forwarder is aware of those names), and forwarder is aware of those names), and
2) the remaining part of the request name is routable across the 2) the remaining part of the request name is routable across the
network region of this forwarder. network region of this forwarder.
The state maintained along the path, where the locally-scoped name is The state along the path depends on whether the request is traversing
not routable, is based on the routable prefix along with the locally- the portion of the network where the locally scoped name is routable.
scoped prefix, while within the network region that the locally- In this case, the forwarding can be based entirely on the locally
scoped prefix is routable is based only on it. To ensure that the scoped name. However, where a portion of the path lies outside the
generated replies will reach the client, the border forwarder has region where the locally scoped name is routable, the border router
also to rewrite the name of a reply and prepend the routable prefix has to rewrite the name of a reply and prepend the routable prefix of
of the corresponding request. the corresponding request to ensure that the generated replies will
reach the client.
8. Security Considerations 8. Security Considerations
A reflection attack could occur in the case of a traceroute reply A reflection attack could occur in the case of a traceroute reply
with the CCNx packet format if a compromised forwarder includes in with the CCNx packet format if a compromised forwarder includes in
the reply the name of a victim forwarder. This could redirect the the reply the name of a victim forwarder. This could redirect the
future administrative traffic towards the victim. To foil such future administrative traffic towards the victim. To foil such
reflection attacks, the forwarder that generates a traceroute reply reflection attacks, the forwarder that generates a traceroute reply
MUST sign the name included in the payload. In this way, the client MUST sign the name included in the payload. In this way, the client
is able to verify that the included name is legitimate and refers to is able to verify that the included name is legitimate and refers to
the forwarder that generated the reply. Alternatively, the forwarder the forwarder that generated the reply. Alternatively, the forwarder
could include in the reply payload their routable prefix(es) encoded could include in the reply payload their routable prefix(es) encoded
as a signed NDN Link Object [SNAMP]. as a signed NDN Link Object [SNAMP].
This approach does not protect against on-path attacks, where a This approach does not protect against on-path attacks where a
compromised forwarder that receives a traceroute reply replaces the compromised forwarder that receives a traceroute reply replaces the
forwarder's name and the signature in the message with its own name forwarder's name and the signature in the message with its own name
and signature to make the client believe that the reply was generated and signature to make the client believe that the reply was generated
by the compromised forwarder. To foil such attack scenarios, a by the compromised forwarder. To foil such attack scenarios, a
forwarder can sign the reply message itself. In such cases, the forwarder can sign the reply message itself. In such cases, the
forwarder does not have to sign its own name in reply message, since forwarder does not have to sign its own name in the reply message,
the message signature protects the message as a whole and will be since the message signature protects the message as a whole and will
invalidated in the case of an on-path attack. Additionally, a be invalidated in the case of an on-path attack. Additionally, a
forwarder could swap out the name of a traceroute request with the forwarder could swap out the name of a traceroute request with a name
name of its choosing. In this case, however, the response with the of its choosing. In this case, however, the response with the
spoofed name will not be received by a client, since the change of spoofed name will not be received by a client, since the change of
name would invalidate the state in PIT on the path back to the name would invalidate the state in the PIT on the path back to the
client. client.
Signing each traceroute reply message can be expensive and can Signing each traceroute reply message can be expensive and can
potentially lead to computation attacks against forwarders. To potentially lead to computation attacks against forwarders. To
mitigate such attack scenarios, the processing of traceroute requests mitigate such attack scenarios, the processing of traceroute requests
and the generation of the replies SHOULD be handled by a separate and the generation of the replies SHOULD be handled by a separate
management application running locally on each forwarder. Serving management application running locally on each forwarder. The
traceroute replies therefore is thereby separated from load on the serving of traceroute replies is thereby separated from load on the
forwarder itself. The approaches used by ICN applications to manage forwarder itself. The approaches used by ICN applications to manage
load may also apply to the forwarder's management application. load may also apply to the forwarder's management application.
Interest flooding attack amplification is possible in the case of the Interest flooding attack amplification is possible in the case of the
second approach to deal with locally-scoped namespaces described in second approach for dealing with locally scoped namespaces as
Section 7. A border forwarder will have to maintain extra state to described in Section 7. A border forwarder will have to maintain
prepend the correct routable prefix to the name of an outgoing reply, extra state to prepend the correct routable prefix to the name of an
since the forwarder might be attached to multiple network regions outgoing reply, since the forwarder might be attached to multiple
(reachable under different prefixes) or a network region attached to network regions (reachable under different prefixes) or a network
this forwarder might be reachable under multiple routable prefixes. region attached to this forwarder might be reachable under multiple
routable prefixes.
We also note that traceroute requests have the same privacy We also note that traceroute requests have the same privacy
characteristics as regular Interests. characteristics as regular Interests.
9. IANA Considerations 9. IANA Considerations
IANA will assign TBD1 to "TrRequest" and TBD2 to "TrReplay" in the IANA has assigned 0x07 to "PT_TR_REQUEST" and 0x08 to "PT_TR_REPLY"
CCNx Packet Types registry established by [RFC8609]. in the "CCNx Packet Types" registry established by [RFC8609].
IANA will assign TBD3 to "Nonce" in the CCNx Name Segment Types
registry established by [RFC8609].
10. References 10. References
10.1. Normative References 10.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
skipping to change at page 18, line 5 skipping to change at line 728
[RFC8793] Wissingh, B., Wood, C., Afanasyev, A., Zhang, L., Oran, [RFC8793] Wissingh, B., Wood, C., Afanasyev, A., Zhang, L., Oran,
D., and C. Tschudin, "Information-Centric Networking D., and C. Tschudin, "Information-Centric Networking
(ICN): Content-Centric Networking (CCNx) and Named Data (ICN): Content-Centric Networking (CCNx) and Named Data
Networking (NDN) Terminology", RFC 8793, Networking (NDN) Terminology", RFC 8793,
DOI 10.17487/RFC8793, June 2020, DOI 10.17487/RFC8793, June 2020,
<https://www.rfc-editor.org/info/rfc8793>. <https://www.rfc-editor.org/info/rfc8793>.
10.2. Informative References 10.2. Informative References
[I-D.irtf-icnrg-pathsteering] [NDNLPv2] NDN team, "NDNLPv2: Named Data Networking Link Adaptation
Moiseenko, I. and D. R. Oran, "Path Steering in CCNx and Protocol v2", February 2023, <https://redmine.named-
NDN", Work in Progress, Internet-Draft, draft-irtf-icnrg-
pathsteering-03, 23 July 2023,
<https://datatracker.ietf.org/doc/html/draft-irtf-icnrg-
pathsteering-03>.
[NDNLPv2] "Named Data Networking Link Adaptation Protocol v2",
various, <https://redmine.named-
data.net/projects/nfd/wiki/NDNLPv2>. data.net/projects/nfd/wiki/NDNLPv2>.
[NDNTLV] "NDN Packet Format Specification.", 2021, [NDNTLV] NDN project team, "NDN Packet Format Specification",
February 2024,
<https://named-data.net/doc/NDN-packet-spec/current/>. <https://named-data.net/doc/NDN-packet-spec/current/>.
[PATHSTEERING] [PATHSTEERING]
Moiseenko, I. and D. Oran, "Path switching in content Moiseenko, I. and D. Oran, "Path switching in content
centric and named data networks", in Proceedings of the centric and named data networks", ICN '17: Proceedings of
4th ACM Conference on Information-Centric Networking, the 4th ACM Conference on Information-Centric Networking,
2017. pp. 66-76, DOI 10.1145/3125719.3125721, September 2017,
<https://dl.acm.org/doi/10.1145/3125719.3125721>.
[REALTIME] Mastorakis, S., Gusev, P., Afanasyev, A., and L. Zhang, [REALTIME] Mastorakis, S., Gusev, P., Afanasyev, A., and L. Zhang,
"Real-Time Data Retrieval in Named Data Networking", in "Real-Time Data Retrieval in Named Data Networking", 2018
Proceedings of the 1st IEEE International Conference on 1st IEEE International Conference on Hot Information-
Hot Topics in Information-Centric Networking, 2017. Centric Networking (HotICN), Shenzhen, China, pp. 61-66,
DOI 10.1109/HOTICN.2018.8605992, August 2018,
<https://ieeexplore.ieee.org/document/8605992>.
[RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data [RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data
Encodings", RFC 4648, DOI 10.17487/RFC4648, October 2006, Encodings", RFC 4648, DOI 10.17487/RFC4648, October 2006,
<https://www.rfc-editor.org/info/rfc4648>. <https://www.rfc-editor.org/info/rfc4648>.
[RFC9344] Asaeda, H., Ooka, A., and X. Shao, "CCNinfo: Discovering [RFC9344] Asaeda, H., Ooka, A., and X. Shao, "CCNinfo: Discovering
Content and Network Information in Content-Centric Content and Network Information in Content-Centric
Networks", RFC 9344, DOI 10.17487/RFC9344, February 2023, Networks", RFC 9344, DOI 10.17487/RFC9344, February 2023,
<https://www.rfc-editor.org/info/rfc9344>. <https://www.rfc-editor.org/info/rfc9344>.
[SNAMP] Afanasyev, A. and , "SNAMP: Secure namespace mapping to [RFC9508] Mastorakis, S., Oran, D., Gibson, J., Moiseenko, I., and
scale NDN forwarding", IEEE Conference on Computer R. Droms, "Information-Centric Networking (ICN) Ping
Communications Workshops (INFOCOM WKSHPS), 2015. Protocol Specification", RFC 9508, DOI 10.17487/RFC9508,
March 2024, <https://www.rfc-editor.org/info/rfc9508>.
[RFC9531] Moiseenko, I. and D. Oran, "Path Steering in Content-
Centric Networking (CCNx) and Named Data Networking
(NDN)", RFC 9531, DOI 10.17487/RFC9531, March 2024,
<https://www.rfc-editor.org/info/rfc9531>.
[SNAMP] Afanasyev, A., Yi, C., Wang, L., Zhang, B., and L. Zhang,
"SNAMP: Secure namespace mapping to scale NDN forwarding",
2015 IEEE Conference on Computer Communications Workshops
(INFOCOM WKSHPS), Hong Kong, China, pp. 281-286,
DOI 10.1109/INFCOMW.2015.7179398, April 2015,
<https://ieeexplore.ieee.org/abstract/document/7179398>.
Appendix A. Traceroute Client Application (Consumer) Operation Appendix A. Traceroute Client Application (Consumer) Operation
This section is an informative appendix regarding the proposed This section is an informative appendix regarding the proposed
traceroute client operation. traceroute client operation.
The client application is responsible for generating traceroute The client application is responsible for generating traceroute
requests for prefixes provided by users. requests for prefixes provided by users.
The overall process can be iterative: the first traceroute request of The overall process can be iterative: the first traceroute request of
each session will have a HopLimit of value 1 to reach the first hop each session will have a HopLimit of 1 to reach the first hop
forwarder, the second of value 2 to reach the second hop forwarder forwarder, the second request will have a HopLimit of 2 to reach the
and so on and so forth. second hop forwarder, and so on.
When generating a series of requests for a specific name, the first When generating a series of requests for a specific name, the first
one will typically not include a Path label TLV, since no TLV value request will typically not include a Path Label TLV, since no TLV
is known. After a traceroute reply containing a Path label TLV is value is known. After a traceroute reply containing a Path Label TLV
received, each subsequent request might include the received path is received, each subsequent request might include the received path
steering value in the Path label header TLV to drive the requests steering value in the Path Label header TLV to drive the requests
towards a common path as part of checking the network performance. towards a common path as part of checking network performance. To
To discover more paths, a client can omit the Path label TLV in discover more paths, a client can omit the Path Label TLV in future
future requests. Moreover, for each new traceroute request, the requests. Moreover, for each new traceroute request, the client has
client has to generate a new nonce and record the time that the to generate a new nonce and record the time that the request was
request was expressed. It will also set the lifetime of a request, expressed. The client also sets the lifetime of the traceroute
which will have semantics similar to the lifetime of an Interest. request, which carries the same semantics as the Interest Lifetime
[RFC8609] in an Interest.
Moreover, the client application might not wish to receive replies Moreover, the client application might not wish to receive replies
due to CS hits. In CCNx, a mechanism to achieve that would be to use due to CS hits. In CCNx, a mechanism to achieve that would be to use
a Content Object Hash Restriction TLV with a value of 0 in the a Content Object Hash Restriction TLV with a value of 0 in the
payload of a traceroute request message. In NDN, the exclude filter payload of a traceroute request message. In NDN, the exclude filter
selector can be used. selector can be used.
When it receives a traceroute reply, the client would typically match When it receives a traceroute reply, the client would typically match
the reply to a sent request and compute the round-trip time of the the reply to a sent request and compute the round-trip time of the
request. It should parse the Path label value and decode the reply's request. It should parse the Path Label value and decode the reply's
payload to parse the sender's name and signature. The client should payload to parse the sender's name and signature. The client should
verify that both the received message and the forwarder's name have verify that both the received message and the forwarder's name have
been signed by the key of the forwarder, whose name is included in been signed by the key of the forwarder, whose name is included in
the payload of the reply (by fetching this forwarder's public key and the payload of the reply (by fetching this forwarder's public key and
verifying the contained signature). In the case that the client verifying the contained signature). In the case that the client
receives an TrReply Code TLV with a valid value, it can stop sending receives a PT_TR_REPLY Code TLV with a valid value, it can stop
requests with increasing HopLimit values and potentially start a new sending requests with increasing HopLimit values and potentially
traceroute session. start a new traceroute session.
In the case that a traceroute reply is not received for a request In the case that a traceroute reply is not received for a request
within a certain time interval (lifetime of the request), the client within a certain time interval (lifetime of the request), the client
should time-out and send a new request with a new nonce value up to a should time out and send a new request with a new nonce value up to a
maximum number of requests to be sent specified by the user. maximum number of requests to be sent specified by the user.
Authors' Addresses Authors' Addresses
Spyridon Mastorakis Spyridon Mastorakis
University of Notre Dame University of Notre Dame
South Bend, IN South Bend, IN
United States of America United States of America
Email: smastor2@nd.edu Email: smastor2@nd.edu
Dave Oran Dave Oran
Network Systems Research and Design Network Systems Research and Design
Cambridge, MA Cambridge, MA
United States of America United States of America
Email: daveoran@orandom.net Email: daveoran@orandom.net
Ilya Moiseenko Ilya Moiseenko
Apple Inc Apple Inc.
Cupertino, CA Cupertino, CA
United States of America United States of America
Email: iliamo@mailbox.org Email: iliamo@mailbox.org
Jim Gibson Jim Gibson
Unaffiliated Unaffiliated
Belmont, MA Belmont, MA
United States of America United States of America
Email: jcgibson61@gmail.com Email: jcgibson61@gmail.com
 End of changes. 121 change blocks. 
328 lines changed or deleted 339 lines changed or added

This html diff was produced by rfcdiff 1.48.