More Features for the Two-Way Active
Measurement Protocol - TWAMPAT&T Labs200 Laurel Avenue SouthMiddletown,NJ07748USA+1 732 420 1571+1 732 368 1192acmorton@att.comhttp://home.comcast.net/~acmacm/EXFO285 Mill RoadChelmsfordMA01824USA+1+1khedayat@exfo.comhttp://www.exfo.com/This memo describes a simple extension to TWAMP - the Two-Way Active
Measurement Protocol. The extension adds the option to use different
security modes in the TWAMP-Control and TWAMP-Test protocols
simultaneously. The memo also requests that IANA establish a registry
for additional new features, called the TWAMP-Modes registry.The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119.The Two-Way Active Measurement Protocol, TWAMP is an extension of the One-way Active
Measurement Protocol, OWAMP . The TWAMP
specification gathered wide review as it approached completion, and the
by-products were several recommendations for new features in TWAMP.
There are a growing number TWAMP implementations at present, and
wide-spread usage is expected. There are even devices that are designed
to test implementations for protocol compliance.This memo describes a simple extension for TWAMP, the option to use
different security modes in the TWAMP-Control and TWAMP-Test protocols
(mixed security mode). It also requests that IANA establish a registry
for additional new features, called the TWAMP-Modes registry.When the Server and Control-Client have agreed to use the mixed
security mode during control connection setup, then the Control-Client,
the Server, the Session-Sender and the Session-Reflector MUST all
conform to the requirements of this mode as described in sections 3, 4,
and 5.This memo updates .The purpose of this memo is to describe and specify an extension for
TWAMP , and request the establishment of a
registry for future TWAMP extensions.The scope of the memo is limited to specifications of the
following:Extension of the modes of operation through assignment of one new
value in the Mode field (see section 3.1 of ), while retaining backward compatibility
with TWAMP implementations. This
value adds the OPTIONAL ability to use different security modes in
the TWAMP-Control and TWAMP-Test protocols. The motivation for this
extension is to permit the low packet rate TWAMP-Control protocol to
utilize a stronger mode of integrity protection than that used in
the TWAMP-Test protocol.TWAMP-Control protocol is a derivative of the OWAMP-Control protocol,
and coordinates a two-way measurement capability. All TWAMP Control
messages are similar in format and follow similar guidelines to those
defined in section 3 of with the
exceptions described in TWAMP , and in the
following sections.All OWAMP-Control messages apply to TWAMP-Control, except for the
Fetch Session command.TWAMP-Control connection establishment follows the same procedure
defined in section 3.1 of . This
extended mode assigns one new bit position (and value) to allow the
Test protocol security mode to operate in Unauthenticated mode, while
the Control protocol operates in Encrypted mode. With this extension,
the complete set of TWAMP Mode values are as follows:In the original OWAMP and TWAMP Modes field, setting bit position
0, 1 or 2 indicated the security mode of the Control protocol, and the
Test protocol inherited the same mode (see section 4 of ).In this extension to TWAMP, when the Control-Client sets Modes
Field bit position 3, it SHALL discontinue the inheritance of the
security mode in the Test protocol, and each protocol’s mode
SHALL be as specified below. When the desired TWAMP-Test protocol mode
is identical to the Control Session mode, the corresponding Modes
Field bit (position 0, 1 or 2) SHALL be set by the Control-Client. The
table below gives the various combinations of integrity protection
that are permissible in TWAMP (with this extension). The TWAMP-Control
and TWAMP-Test protocols SHALL use the mode in each column
corresponding to the bit position set in the Modes Field.Note that the TWAMP-Control protocol security measures are
identical in the Authenticated and Encrypted Modes. Therefore, only
one new bit position (3) is needed to convey the single mixed security
mode.The value of the Modes Field sent by the Server in the
Server-Greeting message is the bit-wise OR of the modes (bit
positions) that it is willing to support during this session. Thus,
the last four bits of the Modes 32-bit Field are used. When no other
features are activated, the first 28 bits MUST be zero. A client
conforming to this extension of MAY
ignore the values in the first 28 bits of the Modes Field, or it MAY
support other features that are communicated in these bit
positions.Other ways in which TWAMP extends OWAMP are described in .The TWAMP test protocol is similar to the OWAMP test protocol with the exception that the
Session-Reflector transmits test packets to the Session-Sender in
response to each test packet it receives. TWAMP defines two different test packet formats, one
for packets transmitted by the Session-Sender and one for packets
transmitted by the Session-Reflector. As with OWAMP-Test protocol there
are three security modes that also determine the test packet format:
unauthenticated, authenticated, and encrypted. This TWAMP extension
makes it possible to use TWAMP-Test Unauthenticated mode regardless of
the mode used in the TWAMP-Control protocol.This section describes OPTIONAL extensions. When the Server has
identified the ability to support the mixed security mode, the
Control-Client has selected the mixed security mode in its
Set-Up-Response, and the Server responds with a zero Accept field in the
Server-Start message, then these extensions are conditionally
REQUIRED.This section describes extensions to the behavior of the TWAMP
Session-Sender.The Send Schedule is not utilized in TWAMP, and there are no
extensions defined in this memo.The Session-Sender packet format and content MUST follow the same
procedure and guidelines as defined in section 4.1.2 of and section 4.1.2 of , with the following exceptions: the Send Schedule is not used, andthe Session-Sender MUST support the mixed security mode
(Unauthenticated TEST, Encrypted CONTROL,value 8, bit position
3) defined in section 3.1 of this memo.The TWAMP Session-Reflector is REQUIRED to follow the procedures
and guidelines in section 4.2 of , with
the following extensions:the Session-Reflector MUST support the mixed security mode
(Unauthenticated TEST, Encrypted CONTROL,value 8, bit position 3)
defined in section 3.1 of this memo.The extended mixed-mode of operation permits stronger
security/integrity protection on the TWAMP-Control protocol while
simultaneously emphasizing accuracy or efficiency on the TWAMP-Test
protocol, thus making it possible to increase overall security when
compared to the previous options.The security considerations that apply to any active measurement of
live networks are relevant here as well. See and .This memo adds one security mode bit position/value beyond those in
the OWAMP-Control specification, and
describes behavior when the new mode is used. This memo requests
creation of an IANA registry for the TWAMP Modes field. This field is a
recognized extension mechanism for TWAMP.IANA is requested to create a TWAMP-Modes registry. TWAMP-Modes are
specified in TWAMP Server Greeting messages and Set-up Response
messages consistent with section 3.1 of
and section 3.1 of , and extended by
this memo. Modes are indicated by setting bits in the 32-bit Modes
Field. Thus, this registry can contain a total of 32 possible bit
positions and corresponding values.Because the TWAMP-Modes registry can contain only thirty-two
values, and because TWAMP is an IETF protocol, this registry must be
updated only by "IETF Consensus" as specified in (an RFC documenting registry use that is
approved by the IESG). For the TWAMP-Modes registry, we expect that
new features will be assigned using monotonically increasing bit
positions and in the range [0-31] and the corresponding values, unless
there is a good reason to do otherwise.No experimental values are currently assigned for the Modes
Registry.TWAMP Modes RegistryThe authors would like to thank Len Ciavattone for helpful review and
comments.