Markdown Version | Session Recording

Session Date/Time: 29 Jul 2022 16:30

ippm

Summary

The ippm session covered updates on several adopted working group drafts, including IOM Data Integrity and Deployment, IOM and STAMP YANG models, the IP Capacity Protocol, Explicit Flow Measurements, and IPPM Responsiveness. A new draft, Precision Availability Metrics, was also presented for potential working group adoption. Key discussions revolved around security considerations (authentication and encryption), IANA allocations, algorithm refinements, and testing of IPv6 extension headers.

Key Discussion Points

• Document Status:
  • Several IOM-related drafts are progressing through IESG review or are with the AD, including IOM Conf State (AD action pending), IPv6 Options (authors' action pending), and RFC 8321/8889 bis (requires scrub of experimental language).
  • Working Group Last Call (WGLC) for Explicit Flow Measurements has received feedback, indicating a need for revision.
• IOM Data Integrity and Deployment:
  • Integrity: Draft is stable; updates include RFC references, merging encapsulating node and validator roles, editorial changes. An implementation effort is underway at the University of Liege (VPP). The question of initiating WGLC now or waiting for implementation feedback (expected September) was raised.
  • Deployment: Updated with BIER references.
  • A suggestion was made to add a reference to the IOM Conf State document and a description of IOM capabilities discovery to the deployment draft.
• IOM YANG:
  • Major changes addressed early YANG doctor review comments, including use of derived-from for identities, interface data type, list key validation, clarification of mandatory functionalities, and improved descriptions.
  • The document is considered stable and mature, and WGLC was requested.
• STAMP YANG:
  • Updated to cover RFC 8972 STAMP Options extensions, marking operational STAMP information as read-only (config false).
  • Includes new features like session identifier, extra padding location, ToB timestamp, ToB Class of Service, and authentication for extensions.
  • Another YANG doctor review is planned before WGLC.
• STAMP SRPM:
  • Updated with references to RFC 8972, a new verification flag, and clarification on symmetric packet size.
  • Experimental values for TLVs were added to facilitate interoperability testing, with a request for early IANA allocation.
  • Companion drafts in other WGs (SPRING, MPLS) were noted.
  • Discussion initiated about alternative IP UDP encapsulation of STAMP in MPLS.
• IP Capacity Protocol:
  • Significant progress, including input from a SecDir review.
  • Security: Discussion on authentication and encryption modes for control exchanges (setup, test activation) versus data plane (load PDUs, feedback messages). The draft pushes back on authenticating every load PDU due to performance impact and minimal attack surface.
  • Key Management: Current manual keys, suggestions to explore RFC 7210, key identifiers, and orderly key rollover.
  • DTLS: Considered for confidentiality in the setup phase, but with noted overhead and firewall implications.
  • Silent Rejection: Discussed behavior in authenticated vs. unauthenticated modes.
  • New Algorithm (Type C): Presented a fast ramp-up algorithm (multiplicative 1.5x sending rate) deemed more suitable for mobile and short-interval testing compared to the linear Type B.
  • A strong preference was expressed for not fully encrypting data plane traffic due to its impact on measurement accuracy and host processing, and a dialogue with ADs was requested to clarify security requirements.
• Explicit Flow Measurements:
  • A draft in WGLC, aimed at enabling troubleshooting of loss/latency in encrypted networks using a few dedicated bits.
  • Compared different bit usage strategies for various latency and loss measurements.
  • Discussion around overlap of the "square bit" with RFC 8321 and its upcoming bis version (which favors time-based vs. packet-based intervals). Suggestion to describe both approaches in the informational document.
  • Real-world implementations by Akamai, Orange, and researchers were reported.
• IPPM Responsiveness:
  • Updates include DNS-based service discovery for local network testing, server-side example configurations, and a significant rework of the measurement algorithm.
  • New Algorithm: Continuously probes every 100ms on separate and load-generating connections, aggregating a large dataset. Calculates responsiveness in Round Trips Per Minute (RPM) from a weighted 90th percentile of various latency measurements (TCP/TLS handshake, HTTP request/response).
  • Flaw Identified: The previous algorithm could prematurely declare goodput saturation without fully occupying the buffer. The new algorithm aims to saturate both goodput and responsiveness (buffer occupancy) before terminating.
  • Implementations include macOS Ventura's Network Quality Tool and an open-source Go tool.
  • Remaining issues include well-known URI for config, impact of congestion control, confidence estimation, and allowing non-TLS measurements for low-end devices.
• Encrypted PDMv2 (IPv6 Destination Option):
  • A draft for end-to-end performance measurement using an IPv6 Destination Option header to separate server time from network time.
  • An early SecDir review indicated good progress but highlighted the need for authentication/authorization.
  • Initial testing showed that IPv6 Extension Headers (EH) are making it through various internet paths (FreeBSD kernel patch, FTPs, curls across continents), even when fragmented.
  • Acknowledged need for more extensive testing, especially on consumer access networks (mobile, DSL).
  • Future work involves continuing encryption implementation, as the data can be sensitive.
• Precision Availability Metrics:
  • Introduced as a new draft to measure overall service availability based on combinations of multiple Service Level Objectives (SLOs), expressed as "precision availability."
  • Clarified problem statement and use cases, added a "packets since last violated packet" metric, and standardized terminology (e.g., "violated intervals").
  • Authors requested working group adoption.

Decisions and Action Items

• STAMP SRPM: The working group agreed there were no objections to proceed with early IANA allocations for experimental TLV values. The WG chairs will pursue this.
• IP Capacity Protocol: The authors will initiate a dialogue with the IESG (Roman and Paul) to clarify the ADs' expectations regarding authentication and encryption for the data plane (load PDUs and feedback messages) and the trade-offs involved in terms of measurement accuracy and host processing load.
• Explicit Flow Measurements: Given recent feedback, the working group last call (WGLC) will likely be extended to allow for another revision, followed by a new WGLC at a later point. The authors will discuss describing both time and packet-based options for the "square bit" in the document.
• IPPM Responsiveness: Authors will consult Mark Nottingham regarding the use of a well-known URI for the JSON configuration to assess its viability for expert review.

Next Steps

• IOM Data Integrity and Deployment: Continue to gather feedback on implementations, incorporate Xiaomi's suggested reference, and discuss WGLC timing.
• IOM YANG: Proceed with working group last call.
• STAMP YANG: Address early review comments and plan for another YANG doctor review, aiming for WGLC by the next IETF meeting.
• IP Capacity Protocol: Incorporate security-related feedback into the draft, particularly regarding authentication of control messages and carefully considered protection for feedback messages. Continue internal discussions and testing of new algorithms.
• Explicit Flow Measurements: Revise the draft based on WGLC feedback, including clarifications on the "square bit" and its relation to RFC 8321/bis, and prepare for an extended WGLC.
• IPPM Responsiveness: Address remaining issues (#17, #63, #55, #66, #62) and update the algorithm in the draft to ensure saturation of both goodput and responsiveness. Continue to evolve the open-source implementation and encourage community testing.
• Encrypted PDMv2: Conduct more extensive testing of IPv6 extension headers across diverse network environments, including consumer access networks (mobile, DSL). Continue implementation of encryption capabilities.
• Precision Availability Metrics: Seek working group adoption and continue work on the document.