RFC 7276
An Overview of Operations, Administration, and Maintenance (OAM) Tools
Pages: 53
Informational
Informational
Part 2 of 3 – Pages 17 to 33
3. OAM Functions
This subsection provides a brief summary of the common OAM functions used in OAM-related standards. These functions are used as building blocks in the OAM standards described in this document. o Connectivity Verification (CV), Path Verification, and Continuity Check (CC): As defined in Section 2.2.7. o Path Discovery / Fault Localization: This function can be used to trace the route to a destination, i.e., to identify the nodes along the route to the destination. When more than one route is available to a specific destination, this function traces one of the available routes. When a failure occurs, this function attempts to detect the location of the failure. Note that the term "route tracing" (or "Traceroute"), which is used in the context of IP and MPLS, is sometimes referred to as "path tracing" in the context of other protocols, such as TRILL.
o Performance Monitoring:
Typically refers to:
* Loss Measurement (LM) - monitors the packet loss rate.
* Delay Measurement (DM) - monitors the delay and delay variation
(jitter).
4. OAM Tools in the IETF - A Detailed Description
This section presents a detailed description of the sets of OAM-
related tools in each of the toolsets in Table 1.
4.1. IP Ping
Ping is a common network diagnostic application for IP networks that
use ICMP. According to [NetTerms], 'Ping' is an abbreviation for
Packet internet groper, although the term has been so commonly used
that it stands on its own. As defined in [NetTerms], it is a program
used to test reachability of destinations by sending them an ICMP
Echo request and waiting for a reply.
The ICMP Echo request/reply exchange in Ping is used as a Continuity
Check function for the Internet Protocol. The originator transmits
an ICMP Echo request packet, and the receiver replies with an Echo
reply. ICMP Ping is defined in two variants: [ICMPv4] is used for
IPv4, and [ICMPv6] is used for IPv6.
Ping can be invoked to either a unicast destination or a multicast
destination. In the latter case, all members of the multicast group
send an Echo reply back to the originator.
Ping implementations typically use ICMP messages. UDP Ping is a
variant that uses UDP messages instead of ICMP Echo messages.
Ping is a single-ended Continuity Check, i.e., it allows the
*initiator* of the Echo request to test the reachability. If it is
desirable for both ends to test the reachability, both ends have to
invoke Ping independently.
Note that since ICMP filtering is deployed in some routers and
firewalls, the usefulness of Ping is sometimes limited in the wider
Internet. This limitation is equally relevant to Traceroute.
4.2. IP Traceroute
Traceroute ([TCPIP-Tools], [NetTools]) is an application that allows users to discover a path between an IP source and an IP destination. The most common way to implement Traceroute [TCPIP-Tools] is described as follows. Traceroute sends a sequence of UDP packets to UDP port 33434 at the destination. By default, Traceroute begins by sending three packets (the number of packets is configurable in most Traceroute implementations), each with an IP Time-To-Live (or Hop Limit in IPv6) value of one, to the destination. These packets expire as soon as they reach the first router in the path. Consequently, that router sends three ICMP Time Exceeded Messages back to the Traceroute application. Traceroute now sends another three UDP packets, each with the TTL value of 2. These messages cause the second router to return ICMP messages. This process continues, with ever-increasing values for the TTL field, until the packets actually reach the destination. Because no application listens to port 33434 at the destination, the destination returns ICMP Destination Unreachable Messages indicating an unreachable port. This event indicates to the Traceroute application that it is finished. The Traceroute program displays the round-trip delay associated with each of the attempts. While Traceroute is a tool that finds *a* path from A to B, it should be noted that traffic from A to B is often forwarded through Equal- Cost Multipaths (ECMPs). Paris Traceroute [PARIS] is an extension to Traceroute that attempts to discovers all the available paths from A to B by scanning different values of header fields (such as UDP ports) in the probe packets. It is noted that Traceroute is an application, and not a protocol. As such, it has various different implementations. One of the most common ones uses UDP probe packets, as described above. Other implementations exist that use other types of probe messages, such as ICMP or TCP. Note that IP routing may be asymmetric. While Traceroute discovers a path between a source and destination, it does not reveal the reverse path. A few ICMP extensions ([ICMP-MP], [ICMP-Int]) have been defined in the context of Traceroute. These documents define several extensions, including extensions to the ICMP Destination Unreachable message, that can be used by Traceroute applications.
Traceroute allows path discovery to *unicast* destination addresses. A similar tool [mtrace] was defined for multicast destination addresses; it allows tracing the route that a multicast IP packet takes from a source to a particular receiver.4.3. Bidirectional Forwarding Detection (BFD)
4.3.1. Overview
While multiple OAM tools have been defined for various protocols in the protocol stack, Bidirectional Forwarding Detection [BFD], defined by the IETF BFD working group, is a generic OAM tool that can be deployed over various encapsulating protocols, and in various medium types. The IETF has defined variants of the protocol for IP ([BFD-IP], [BFD-Multi]), for MPLS LSPs [BFD-LSP], and for pseudowires [BFD-VCCV]. The usage of BFD in MPLS-TP is defined in [TP-CC-CV]. BFD includes two main OAM functions, using two types of BFD packets: BFD Control packets and BFD Echo packets.4.3.2. Terminology
BFD operates between *systems*. The BFD protocol is run between two or more systems after establishing a *session*.4.3.3. BFD Control
BFD supports a bidirectional Continuity Check, using BFD Control packets that are exchanged within a BFD session. BFD sessions operate in one of two modes: o Asynchronous mode (i.e., proactive): in this mode, BFD Control packets are sent periodically. When the receiver detects that no BFD Control packets have been received during a predetermined period of time, a failure is reported. o Demand mode: in this mode, BFD Control packets are sent on demand. Upon need, a system initiates a series of BFD Control packets to check the continuity of the session. BFD Control packets are sent independently in each direction. Each of the endpoints (referred to as systems) of the monitored path maintains its own session identification, called a Discriminator; both Discriminators are included in the BFD Control Packets that are exchanged between the endpoints. At the time of session establishment, the Discriminators are exchanged between the two endpoints. In addition, the transmission (and reception) rate is
negotiated between the two endpoints, based on information included in the control packets. These transmission rates may be renegotiated during the session. During normal operation of the session, i.e., when no failures have been detected, the BFD session is in the Up state. If no BFD Control packets are received during a period of time called the Detection Time, the session is declared to be Down. The detection time is a function of the pre-configured or negotiated transmission rate and a parameter called Detect Mult. Detect Mult determines the number of missing BFD Control packets that cause the session to be declared as Down. This parameter is included in the BFD Control packet.4.3.4. BFD Echo
A BFD Echo packet is sent to a peer system and is looped back to the originator. The echo function can be used proactively or on demand. The BFD Echo function has been defined in BFD for IPv4 and IPv6 ([BFD-IP]), but it is not used in BFD for MPLS LSPs or PWs, or in BFD for MPLS-TP.4.4. MPLS OAM
The IETF MPLS working group has defined OAM for MPLS LSPs. The requirements and framework of this effort are defined in [MPLS-OAM-FW] and [MPLS-OAM], respectively. The corresponding OAM tool defined, in this context, is LSP Ping [LSP-Ping]. OAM for P2MP services is defined in [MPLS-P2MP]. BFD for MPLS [BFD-LSP] is an alternative means for detecting data- plane failures, as described below.4.4.1. LSP Ping
LSP Ping is modeled after the Ping/Traceroute paradigm, and thus it may be used in one of two modes: o "Ping" mode: In this mode, LSP Ping is used for end-to-end Connectivity Verification between two LERs. o "Traceroute" mode: This mode is used for hop-by-hop fault isolation.
LSP Ping is based on the ICMP Ping operation (of data-plane Connectivity Verification) with additional functionality to verify data-plane vs. control-plane consistency for a Forwarding Equivalence Class (FEC) and also to identify Maximum Transmission Unit (MTU) problems. The Traceroute functionality may be used to isolate and localize MPLS faults, using the Time-To-Live (TTL) indicator to incrementally identify the sub-path of the LSP that is successfully traversed before the faulty link or node. The challenge in MPLS networks is that the traffic of a given LSP may be load-balanced across Equal-Cost Multipaths (ECMPs). LSP Ping monitors all the available paths of an LSP by monitoring its different FECs. Note that MPLS-TP does not use ECMP, and thus does not require OAM over multiple paths. Another challenge is that an MPLS LSP does not necessarily have a return path; traffic that is sent back from the egress LSR to the ingress LSR is not necessarily sent over an MPLS LSP, but it can be sent through a different route, such as an IP route. Thus, responding to an LSP Ping message is not necessarily as trivial as in IP Ping, where the responder just swaps the source and destination IP addresses. Note that this challenge is not applicable to MPLS-TP, where a return path is always available. It should be noted that LSP Ping supports unique identification of the LSP within an addressing domain. The identification is checked using the full FEC identification. LSP Ping is extensible to include additional information needed to support new functionality, by use of Type-Length-Value (TLV) constructs. The usage of TLVs is typically handled by the control plane, as it is not easy to implement in hardware. LSP Ping supports both asynchronous and on-demand activation.4.4.2. BFD for MPLS
BFD [BFD-LSP] can be used to detect MPLS LSP data-plane failures. A BFD session is established for each MPLS LSP that is being monitored. BFD Control packets must be sent along the same path as the monitored LSP. If the LSP is associated with multiple FECs, a BFD session is established for each FEC.
While LSP Ping can be used for detecting MPLS data-plane failures and for verifying the MPLS LSP data plane against the control plane, BFD can only be used for the former. BFD can be used in conjunction with LSP Ping, as is the case in MPLS-TP (see Section 4.5.4).4.4.3. OAM for Virtual Private Networks (VPNs) over MPLS
The IETF has defined two classes of VPNs: Layer 2 VPNs (L2VPNs) and Layer 3 VPNs (L3VPNs). [L2VPN-OAM] provides the requirements and framework for OAM in the context of L2VPNs, and specifically it also defines the OAM layering of L2VPNs over MPLS. [L3VPN-OAM] provides a framework for the operation and management of L3VPNs.4.5. MPLS-TP OAM
4.5.1. Overview
The MPLS working group has defined the OAM toolset that fulfills the requirements for MPLS-TP OAM. The full set of requirements for MPLS-TP OAM are defined in [MPLS-TP-OAM] and include both general requirements for the behavior of the OAM tools and a set of operations that should be supported by the OAM toolset. The set of mechanisms required are further elaborated in [TP-OAM-FW], which describes the general architecture of the OAM system and also gives overviews of the functionality of the OAM toolset. Some of the basic requirements for the OAM toolset for MPLS-TP are: o MPLS-TP OAM must be able to support both an IP-based environment and a non-IP-based environment. If the network is IP based, i.e., IP routing and forwarding are available, then the MPLS-TP OAM toolset should rely on the IP routing and forwarding capabilities. On the other hand, in environments where IP functionality is not available, the OAM tools must still be able to operate without dependence on IP forwarding and routing. o OAM packets and the user traffic are required to be congruent (i.e., OAM packets are transmitted in-band), and there is a need to differentiate OAM packets from ordinary user packets in the data plane. Inherent in this requirement is the principle that MPLS-TP OAM be independent of any existing control plane, although it should not preclude use of the control-plane functionality. OAM packets are identified by the Generic Associated Channel Label (GAL), which is a reserved MPLS label value (13).
4.5.2. Terminology
Maintenance Entity (ME) The MPLS-TP OAM tools are designed to monitor and manage a Maintenance Entity (ME). An ME, as defined in [TP-OAM-FW], defines a relationship between two points of a transport path to which maintenance and monitoring operations apply. The term "Maintenance Entity (ME)" is used in ITU-T Recommendations (e.g., [ITU-T-Y1731]), as well as in the MPLS-TP terminology ([TP-OAM-FW]). Maintenance Entity Group (MEG) The collection of one or more MEs that belong to the same transport path and that are maintained and monitored as a group are known as a Maintenance Entity Group (based on [TP-OAM-FW]). Maintenance Point (MP) A Maintenance Point (MP) is a functional entity that is defined at a node in the network and can initiate and/or react to OAM messages. This document focuses on the data-plane functionality of MPs, while MPs interact with the control plane and with the management plane as well. The term "MP" is used in IEEE 802.1ag and was similarly adopted in MPLS-TP ([TP-OAM-FW]). MEG End Point (MEP) A MEG End Point (MEP) is one of the endpoints of an ME, and can initiate OAM messages and respond to them (based on [TP-OAM-FW]). MEG Intermediate Point (MIP) In between MEPs, there are zero or more intermediate points, called MEG Intermediate Points (based on [TP-OAM-FW]). A MEG Intermediate Point (MIP) is an intermediate point that does not generally initiate OAM frames (one exception to this is the use of AIS notifications) but is able to respond to OAM frames that are destined to it. A MIP in MPLS-TP identifies OAM packets destined to it by the expiration of the TTL field in the OAM packet. The term "Maintenance Point" is a general term for MEPs and MIPs.
Up and Down MEPs
IEEE 802.1ag [IEEE802.1Q] defines a distinction between Up MEPs
and Down MEPs. A MEP monitors traffic in either the direction
facing the network or the direction facing the bridge. A Down MEP
is a MEP that receives OAM packets from and transmits them to the
direction of the network. An Up MEP receives OAM packets from and
transmits them to the direction of the bridging entity. MPLS-TP
([TP-OAM-FW]) uses a similar distinction on the placement of the
MEP -- at either the ingress, egress, or forwarding function of
the node (Down / Up MEPs). This placement is important for
localization of a failure.
Note that the terms "Up MEP" and "Down MEP" are entirely unrelated
to the conventional "Up"/"Down" terminology, where "Down" means
faulty and "Up" means not faulty.
The distinction between Up and Down MEPs was defined in
[TP-OAM-FW], but has not been used in other MPLS-TP RFCs, as of
the writing of this document.
4.5.3. Generic Associated Channel
In order to address the requirement for in-band transmission of
MPLS-TP OAM traffic, MPLS-TP uses a Generic Associated Channel
(G-ACh), defined in [G-ACh] for LSP-based OAM traffic. This
mechanism is based on the same concepts as the PWE3 ACH [PW-ACH] and
VCCV [VCCV] mechanisms. However, to address the needs of LSPs as
differentiated from PW, the following concepts were defined for
[G-ACh]:
o An Associated Channel Header (ACH), which uses a format similar to
the PW Control Word [PW-ACH], is a 4-byte header that is prepended
to OAM packets.
o A Generic Associated Channel Label (GAL). The GAL is a reserved
MPLS label value (13) that indicates that the packet is an ACH
packet and the payload follows immediately after the label stack.
It should be noted that while the G-ACh was defined as part of the
MPLS-TP definition effort, the G-ACh is a generic tool that can be
used in MPLS in general, and not only in MPLS-TP.
4.5.4. MPLS-TP OAM Toolset
To address the functionality that is required of the OAM toolset, the
MPLS WG conducted an analysis of the existing IETF and ITU-T OAM
tools and their ability to fulfill the required functionality. The
conclusions of this analysis are documented in [OAM-Analys]. MPLS-TP uses a mixture of OAM tools that are based on previous standards and adapted to the requirements of [MPLS-TP-OAM]. Some of the main building blocks of this solution are based on: o Bidirectional Forwarding Detection ([BFD], [BFD-LSP]) for proactive Continuity Check and Connectivity Verification. o LSP Ping as defined in [LSP-Ping] for on-demand Connectivity Verification. o New protocol packets, using G-ACH, to address different functionality. o Performance measurement protocols. The following subsections describe the OAM tools defined for MPLS-TP as described in [TP-OAM-FW].4.5.4.1. Continuity Check and Connectivity Verification
Continuity Checks and Connectivity Verification are presented in Section 2.2.7 of this document. As presented there, these tools may be used either proactively or on demand. When using these tools proactively, they are generally used in tandem. For MPLS-TP there are two distinct tools: the proactive tool is defined in [TP-CC-CV], while the on-demand tool is defined in [OnDemand-CV]. In on-demand mode, this function should support monitoring between the MEPs and, in addition, between a MEP and MIP. [TP-OAM-FW] highlights, when performing Connectivity Verification, the need for the CC-V messages to include unique identification of the MEG that is being monitored and the MEP that originated the message. The proactive tool [TP-CC-CV] is based on extensions to BFD (see Section 4.3) with the additional limitation that the transmission and receiving rates are based on configuration by the operator. The on-demand tool [OnDemand-CV] is an adaptation of LSP Ping (see Section 4.4.1) for the required behavior of MPLS-TP.4.5.4.2. Route Tracing
[MPLS-TP-OAM] defines that there is a need for functionality that would allow a path endpoint to identify the intermediate and endpoints of the path. This function would be used in on-demand mode. Normally, this path will be used for bidirectional PW, LSP,
and Sections; however, unidirectional paths may be supported only if a return path exists. The tool for this is based on the LSP Ping (see Section 4.4.1) functionality and is described in [OnDemand-CV].4.5.4.3. Lock Instruct
The Lock Instruct function [Lock-Loop] is used to notify a transport- path endpoint of an administrative need to disable the transport path. This functionality will generally be used in conjunction with some intrusive OAM function, e.g., performance measurement or diagnostic testing, to minimize the side-effect on user data traffic.4.5.4.4. Lock Reporting
Lock Reporting is a function used by an endpoint of a path to report to its far-end endpoint that a lock condition has been affected on the path.4.5.4.5. Alarm Reporting
Alarm reporting [TP-Fault] provides the means to suppress alarms following detection of defect conditions at the server sub-layer. Alarm reporting is used by an intermediate point of a path, that becomes aware of a fault on the path, to report to the endpoints of the path. [TP-OAM-FW] states that this may occur as a result of a defect condition discovered at a server sub-layer. This generates an Alarm Indication Signal (AIS) that continues until the fault is cleared. The consequent action of this function is detailed in [TP-OAM-FW].4.5.4.6. Remote Defect Indication
Remote Defect Indication (RDI) is used proactively by a path endpoint to report to its peer endpoint that a defect is detected on a bidirectional connection between them. [MPLS-TP-OAM] points out that this function may be applied to a unidirectional LSP only if a return path exists. [TP-OAM-FW] points out that this function is associated with the proactive CC-V function.4.5.4.7. Client Failure Indication
Client Failure Indication (CFI) is defined in [MPLS-TP-OAM] to allow the propagation information from one edge of the network to the other. The information concerns a defect to a client, in the case that the client does not support alarm notification.
4.5.4.8. Performance Monitoring
The definition of MPLS performance monitoring was motivated by the MPLS-TP requirements [MPLS-TP-OAM] but was defined generically for MPLS in [MPLS-LM-DM]. An additional document [TP-LM-DM] defines a performance monitoring profile for MPLS-TP.4.5.4.8.1. Packet Loss Measurement (LM)
Packet Loss Measurement is a function used to verify the quality of the service. Packet loss, as defined in [IPPM-1LM] and [MPLS-TP-OAM], indicates the ratio of the number of user packets lost to the total number of user packets sent during a defined time interval. There are two possible ways of determining this measurement: o Using OAM packets, it is possible to compute the statistics based on a series of OAM packets. This, however, has the disadvantage of being artificial and may not be representative since part of the packet loss may be dependent upon packet sizes and upon the implementation of the MEPs that take part in the protocol. o Delimiting messages can be sent at the start and end of a measurement period during which the source and sink of the path count the packets transmitted and received. After the end delimiter, the ratio would be calculated by the path OAM entity.4.5.4.8.2. Packet Delay Measurement (DM)
Packet Delay Measurement is a function that is used to measure one- way or two-way delay of a packet transmission between a pair of the endpoints of a path (PW, LSP, or Section). Where: o One-way packet delay, as defined in [IPPM-1DM], is the time elapsed from the start of transmission of the first bit of the packet by a source node until the reception of the last bit of that packet by the destination node. Note that one-way delay measurement requires the clocks of the two endpoints to be synchronized. o Two-way packet delay, as defined in [IPPM-2DM], is the time elapsed from the start of transmission of the first bit of the packet by a source node until the reception of the last bit of the looped-back packet by the same source node, when the loopback is performed at the packet's destination node. Note that due to possible path asymmetry, the one-way packet delay from one endpoint to another is not necessarily equal to half of the
two-way packet delay. As opposed to one-way delay measurement,
two-way delay measurement does not require the two endpoints to be
synchronized.
For each of these two metrics, the DM function allows the MEP to
measure the delay, as well as the delay variation. Delay
measurement is performed by exchanging timestamped OAM packets
between the participating MEPs.
4.6. Pseudowire OAM
4.6.1. Pseudowire OAM Using Virtual Circuit Connectivity Verification
(VCCV)
VCCV, as defined in [VCCV], provides a means for end-to-end fault
detection and diagnostic tools to be used for PWs (regardless of the
underlying tunneling technology). The VCCV switching function
provides a Control Channel associated with each PW. [VCCV] defines
three Control Channel (CC) types, i.e., three possible methods for
transmitting and identifying OAM messages:
o Control Channel Type 1: In-band VCCV, as described in [VCCV], is
also referred to as "PWE3 Control Word with 0001b as first
nibble". It uses the PW Associated Channel Header [PW-ACH].
o Control Channel Type 2: Out-of-band VCCV, as described in [VCCV],
is also referred to as "MPLS Router Alert Label". In this case,
the Control Channel is created by using the MPLS router alert
label [MPLS-ENCAPS] immediately above the PW label.
o Control Channel Type 3: TTL expiry VCCV, as described in [VCCV],
is also referred to as "MPLS PW Label with TTL == 1", i.e., the
Control Channel is identified when the value of the TTL field in
the PW label is set to 1.
VCCV currently supports the following OAM tools: ICMP Ping, LSP Ping,
and BFD. ICMP and LSP Ping are IP encapsulated before being sent
over the PW ACH. BFD for VCCV [BFD-VCCV] supports two modes of
encapsulation -- either IP/UDP encapsulated (with IP/UDP header) or
PW-ACH encapsulated (with no IP/UDP header) -- and provides support
to signal the AC status. The use of the VCCV Control Channel
provides the context, based on the MPLS-PW label, required to bind
and bootstrap the BFD session to a particular pseudowire (FEC),
eliminating the need to exchange Discriminator values.
VCCV consists of two components: (1) the signaled component to communicate VCCV capabilities as part of the VC label, and (2) the switching component to cause the PW payload to be treated as a control packet. VCCV is not directly dependent upon the presence of a control plane. The VCCV capability advertisement may be performed as part of the PW signaling when LDP is used. In case of manual configuration of the PW, it is the responsibility of the operator to set consistent options at both ends. The manual option was created specifically to handle MPLS-TP use cases where no control plane was a requirement. However, new use cases such as pure mobile backhaul find this functionality useful too. The PWE3 working group has conducted an implementation survey of VCCV [VCCV-SURVEY] that analyzes which VCCV mechanisms are used in practice.4.6.2. Pseudowire OAM Using G-ACh
As mentioned above, VCCV enables OAM for PWs by using a Control Channel for OAM packets. When PWs are used in MPLS-TP networks, rather than the Control Channels defined in VCCV, the G-ACh can be used as an alternative Control Channel. The usage of the G-ACh for PWs is defined in [PW-G-ACh].4.6.3. Attachment Circuit - Pseudowire Mapping
The PWE3 working group has defined a mapping and notification of defect states between a pseudowire (PW) and the Attachment Circuits (ACs) of the end-to-end emulated service. This mapping is of key importance to the end-to-end functionality. Specifically, the mapping is provided by [PW-MAP], by [L2TP-EC] for L2TPv3 pseudowires, and by Section 5.3 of [ATM-L2] for ATM. [L2VPN-OAM] provides the requirements and framework for OAM in the context of Layer 2 Virtual Private Networks (L2VPNs), and specifically it also defines the OAM layering of L2VPNs over pseudowires. The mapping defined in [Eth-Int] allows an end-to-end emulated Ethernet service over pseudowires.
4.7. OWAMP and TWAMP
4.7.1. Overview
The IPPM working group in the IETF defines common criteria and metrics for measuring performance of IP traffic ([IPPM-FW]). Some of the key RFCs published by this working group have defined metrics for measuring connectivity [IPPM-Con], delay ([IPPM-1DM], [IPPM-2DM]), and packet loss [IPPM-1LM]. It should be noted that the work of the IETF in the context of performance metrics is not limited to IP networks; [PM-CONS] presents general guidelines for considering new performance metrics. The IPPM working group has defined not only metrics for performance measurement but also protocols that define how the measurement is carried out. The One-Way Active Measurement Protocol [OWAMP] and the Two-Way Active Measurement Protocol [TWAMP] each define a method and protocol for measuring performance metrics in IP networks. OWAMP [OWAMP] enables measurement of one-way characteristics of IP networks, such as one-way packet loss and one-way delay. For its proper operation, OWAMP requires accurate time-of-day setting at its endpoints. TWAMP [TWAMP] is a similar protocol that enables measurement of both one-way and two-way (round-trip) characteristics. OWAMP and TWAMP are each comprised of two separate protocols: o OWAMP-Control/TWAMP-Control: used to initiate, start, and stop test sessions and to fetch their results. Continuity Check and Connectivity Verification are tested and confirmed by establishing the OWAMP/TWAMP Control Protocol TCP connection. o OWAMP-Test/TWAMP-Test: used to exchange test packets between two measurement nodes. Enables the loss and delay measurement functions, as well as detection of other anomalies, such as packet duplication and packet reordering. It should be noted that while [OWAMP] and [TWAMP] define tools for performance measurement, they do not define the accuracy of these tools. The accuracy depends on scale, implementation, and network configurations. Alternative protocols for performance monitoring are defined, for example, in MPLS-TP OAM ([MPLS-LM-DM], [TP-LM-DM]) and in Ethernet OAM [ITU-T-Y1731].
4.7.2. Control and Test Protocols
OWAMP and TWAMP control protocols run over TCP, while the test protocols run over UDP. The purpose of the control protocols is to initiate, start, and stop test sessions, and for OWAMP to fetch results. The test protocols introduce test packets (which contain sequence numbers and timestamps) along the IP path under test according to a schedule, and they record statistics of packet arrival. Multiple sessions may be simultaneously defined, each with a session identifier, and defining the number of packets to be sent, the amount of padding to be added (and thus the packet size), the start time, and the send schedule (which can be either a constant time between test packets or exponentially distributed pseudorandomly). Statistics recorded conform to the relevant IPPM RFCs. From a security perspective, OWAMP and TWAMP test packets are hard to detect because they are simply UDP streams between negotiated port numbers, with potentially nothing static in the packets. OWAMP and TWAMP also include optional authentication and encryption for both control and test packets.4.7.3. OWAMP
OWAMP defines the following logical roles: Session-Sender, Session-Receiver, Server, Control-Client, and Fetch-Client. The Session-Sender originates test traffic that is received by the Session-Receiver. The Server configures and manages the session, as well as returning the results. The Control-Client initiates requests for test sessions, triggers their start, and may trigger their termination. The Fetch-Client requests the results of a completed session. Multiple roles may be combined in a single host -- for example, one host may play the roles of Control-Client, Fetch-Client, and Session-Sender, and a second may play the roles of Server and Session-Receiver. In a typical OWAMP session, the Control-Client establishes a TCP connection to port 861 of the Server, which responds with a Server greeting message indicating supported security/integrity modes. The Control-Client responds with the chosen communications mode, and the Server accepts the mode. The Control-Client then requests and fully describes a test session to which the Server responds with its acceptance and supporting information. More than one test session may be requested with additional messages. The Control-Client then starts a test session; the Server acknowledges and then instructs the Session-Sender to start the test. The Session-Sender then sends test packets with pseudorandom padding to the Session-Receiver until the session is complete or until the Control-Client stops the session.
Once finished, the Session-Sender reports to the Server, which recovers data from the Session-Receiver. The Fetch-Client can then send a fetch request to the Server, which responds with an acknowledgement and, immediately thereafter, the result data.4.7.4. TWAMP
TWAMP defines the following logical roles: Session-Sender, Session-Reflector, Server, and Control-Client. These are similar to the OWAMP roles, except that the Session-Reflector does not collect any packet information, and there is no need for a Fetch-Client. In a typical TWAMP session, the Control-Client establishes a TCP connection to port 862 of the Server, and the mode is negotiated as in OWAMP. The Control-Client then requests sessions and starts them. The Session-Sender sends test packets with pseudorandom padding to the Session-Reflector, which returns them with timestamps inserted.4.8. TRILL
The requirements of OAM in TRILL are defined in [TRILL-OAM]. The challenge in TRILL OAM, much like in MPLS networks, is that traffic between RBridges RB1 and RB2 may be forwarded through more than one path. Thus, an OAM protocol between RBridges RB1 and RB2 must be able to monitor all the available paths between the two RBridges. During the writing of this document, the detailed definition of the TRILL OAM tools is still work in progress. This subsection presents the main requirements of TRILL OAM. The main requirements defined in [TRILL-OAM] are: o Continuity Checking (CC) - the TRILL OAM protocol must support a function for CC between any two RBridges RB1 and RB2. o Connectivity Verification (CV) - connectivity between two RBridges RB1 and RB2 can be verified on a per-flow basis. o Path Tracing - allows an RBridge to trace all the available paths to a peer RBridge. o Performance monitoring - allows an RBridge to monitor the packet loss and packet delay to a peer RBridge.
(next page on part 3)