draft-ietf-ippm-multipoint-alt-mark-02.txt   draft-ietf-ippm-multipoint-alt-mark-03.txt 
IPPM Working Group G. Fioccola, Ed. IPPM Working Group G. Fioccola, Ed.
Internet-Draft Huawei Technologies Internet-Draft Huawei Technologies
Intended status: Experimental M. Cociglio Intended status: Experimental M. Cociglio
Expires: January 2, 2020 Telecom Italia Expires: May 7, 2020 Telecom Italia
A. Sapio A. Sapio
R. Sisto R. Sisto
Politecnico di Torino Politecnico di Torino
July 1, 2019 November 4, 2019
Multipoint Alternate Marking method for passive and hybrid performance Multipoint Alternate Marking method for passive and hybrid performance
monitoring monitoring
draft-ietf-ippm-multipoint-alt-mark-02 draft-ietf-ippm-multipoint-alt-mark-03
Abstract Abstract
The Alternate Marking method, as presented in RFC 8321 [RFC8321], can The Alternate Marking method, as presented in RFC 8321 [RFC8321], can
be applied only to point-to-point flows because it assumes that all be applied only to point-to-point flows because it assumes that all
the packets of the flow measured on one node are measured again by a the packets of the flow measured on one node are measured again by a
single second node. This document aims to generalize and expand this single second node. This document aims to generalize and expand this
methodology to measure any kind of unicast flows, whose packets can methodology to measure any kind of unicast flows, whose packets can
follow several different paths in the network, in wider terms a follow several different paths in the network, in wider terms a
multipoint-to-multipoint network. For this reason the technique here multipoint-to-multipoint network. For this reason the technique here
skipping to change at page 2, line 4 skipping to change at page 2, line 4
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 2, 2020. This Internet-Draft will expire on May 7, 2020.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Correlation with RFC5644 . . . . . . . . . . . . . . . . . . 4 2. Correlation with RFC5644 . . . . . . . . . . . . . . . . . . 4
3. Flow classification . . . . . . . . . . . . . . . . . . . . . 4 3. Flow classification . . . . . . . . . . . . . . . . . . . . . 5
4. Multipoint Performance Measurement . . . . . . . . . . . . . 7 4. Multipoint Performance Measurement . . . . . . . . . . . . . 7
4.1. Monitoring Network . . . . . . . . . . . . . . . . . . . 7 4.1. Monitoring Network . . . . . . . . . . . . . . . . . . . 7
5. Multipoint Packet Loss . . . . . . . . . . . . . . . . . . . 8 5. Multipoint Packet Loss . . . . . . . . . . . . . . . . . . . 9
6. Network Clustering . . . . . . . . . . . . . . . . . . . . . 9 6. Network Clustering . . . . . . . . . . . . . . . . . . . . . 9
6.1. Algorithm for Cluster partition . . . . . . . . . . . . . 10 6.1. Algorithm for Cluster partition . . . . . . . . . . . . . 10
7. Timing Aspects . . . . . . . . . . . . . . . . . . . . . . . 12 7. Timing Aspects . . . . . . . . . . . . . . . . . . . . . . . 13
8. Multipoint Delay and Delay Variation . . . . . . . . . . . . 14 8. Multipoint Delay and Delay Variation . . . . . . . . . . . . 14
8.1. Delay measurements on multipoint paths basis . . . . . . 14 8.1. Delay measurements on multipoint paths basis . . . . . . 15
8.1.1. Single Marking measurement . . . . . . . . . . . . . 14 8.1.1. Single Marking measurement . . . . . . . . . . . . . 15
8.2. Delay measurements on single packets basis . . . . . . . 14 8.2. Delay measurements on single packets basis . . . . . . . 15
8.2.1. Single and Double Marking measurement . . . . . . . . 14 8.2.1. Single and Double Marking measurement . . . . . . . . 15
8.2.2. Hashing selection method . . . . . . . . . . . . . . 15 8.2.2. Hashing selection method . . . . . . . . . . . . . . 16
9. An Intelligent Performance Management approach . . . . . . . 17 9. An Intelligent Performance Management approach . . . . . . . 17
10. Examples of application . . . . . . . . . . . . . . . . . . . 18 10. Examples of application . . . . . . . . . . . . . . . . . . . 18
11. Security Considerations . . . . . . . . . . . . . . . . . . . 18 11. Security Considerations . . . . . . . . . . . . . . . . . . . 19
12. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 18 12. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 19
13. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 19 13. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 19
14. References . . . . . . . . . . . . . . . . . . . . . . . . . 19 14. References . . . . . . . . . . . . . . . . . . . . . . . . . 20
14.1. Normative References . . . . . . . . . . . . . . . . . . 19 14.1. Normative References . . . . . . . . . . . . . . . . . . 20
14.2. Informative References . . . . . . . . . . . . . . . . . 19 14.2. Informative References . . . . . . . . . . . . . . . . . 20
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 20 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 21
1. Introduction 1. Introduction
The alternate marking method, as presented until now, is applicable The alternate marking method, as presented until now, is applicable
to a point-to-point path; so the extension proposed in this document to a point-to-point path; so the extension proposed in this document
explains the most general case of multipoint-to-multipoint path and explains the most general case of multipoint-to-multipoint path and
enables flexible and adaptive performance measurements in a managed enables flexible and adaptive performance measurements in a managed
network. network.
The Alternate Marking methodology described in RFC 8321 [RFC8321] has The Alternate Marking methodology described in RFC 8321 [RFC8321] has
the property to synchronize measurements in different points the property to synchronize measurements in different points
maintaining the coherence of the counters. So it is possible to show maintaining the coherence of the counters. So it is possible to show
what is happening in every marking period for each monitored flow. what is happening in every marking period for each monitored flow.
The monitoring parameters are the packet counter and timestamps of a The monitoring parameters are the packet counter and timestamps of a
flow for each marking period. flow for each marking period. Note that additional details about the
Alternate Marking methodology are described in the paper
[IEEE-Network-PNPM]
There are some applications of the alternate marking method where There are some applications of the alternate marking method where
there are a lot of monitored flows and nodes. Multipoint Alternate there are a lot of monitored flows and nodes. Multipoint Alternate
Marking aims to reduce these values and makes the performance Marking aims to reduce these values and makes the performance
monitoring more flexible in case a detailed analysis is not needed. monitoring more flexible in case a detailed analysis is not needed.
For instance, by considering n measurement points and m monitored For instance, by considering n measurement points and m monitored
flows,the order of magnitude of the packet counters for each time flows,the order of magnitude of the packet counters for each time
interval is n*m*2 (1 per color). If both n and m are high values the interval is n*m*2 (1 per color). If both n and m are high values the
packet counters increase a lot and Multipoint Alternate Marking packet counters increase a lot and Multipoint Alternate Marking
offers a tool to control these parameters. offers a tool to control these parameters.
The approach presented in this document is applied only to unicast The approach presented in this document is applied only to unicast
flows and not to multicast. BUM (Boradcast Unkown Unicast Multicast) flows and not to multicast. BUM (Broadcast Unknown Unicast
traffic is not considered here, because traffic replication is not Multicast) traffic is not considered here, because traffic
covered by the Multipoint Alternate Marking method. Furthermore it replication is not covered by the Multipoint Alternate Marking
can be applicable to anycast flows. method. Furthermore it can be applicable to anycast flows and ECMP
(Equal-Cost Multi-Path) paths can also be easily monitored with this
technique.
The base Alternate Marking method of RFC 8321 [RFC8321] works by In short, RFC 8321 [RFC8321] applies to point-to-point unicast flows
definition for multipoint to multipoint paths, and the network and BUM traffic and the Multipoint alternate marking and its
clustering approach presented in this document is the formalization Clustering approach is valid for multipoint-to-multipoint unicast
of how to implement this property and allow a flexible and optimized flows, anycast and ECMP flows.
performance measurement support for network management.
The Alternate Marking method can therefore be extended to any kind of
multipoint to multipoint paths, and the network clustering approach
presented in this document is the formalization of how to implement
this property and allow a flexible and optimized performance
measurement support for network management in every situation.
Without network clustering, it is possible to apply alternate marking Without network clustering, it is possible to apply alternate marking
only for all the network or per single flow. Instead, with network only for all the network or per single flow. Instead, with network
clustering, it is possible to use the network clusters partition at clustering, it is possible to use the network clusters partition at
different levels to perform the needed degree of detail. In some different levels to perform the needed degree of detail. In some
circumstances it is possible to monitor a Multipoint Network by circumstances it is possible to monitor a Multipoint Network by
analyzing the Network Clustering, without examining in depth. In analysing the Network Clustering, without examining in depth. In
case of problems (packet loss is measured or the delay is too high) case of problems (packet loss is measured or the delay is too high)
the filtering criteria could be specified more in order to perform a the filtering criteria could be specified more in order to perform a
detailed analysis by using a different combination of clusters up to detailed analysis by using a different combination of clusters up to
a per-flow measurement as described in RFC 8321 [RFC8321]. a per-flow measurement as described in RFC 8321 [RFC8321].
This approach fits very well with the Intelligent Network and This approach fits very well with the Intelligent Network and
Software Defined Network (SDN) paradigm where the SDN Orchestrator Software Defined Network (SDN) paradigm where the SDN Orchestrator
and the SDN Controllers are the brains of the network and can manage and the SDN Controllers are the brains of the network and can manage
flow control to the switches and routers and, in the same way, can flow control to the switches and routers and, in the same way, can
calibrate the performance measurements depending on the necessity. calibrate the performance measurements depending on the necessity.
An SDN Controller Application can orchestrate how deep the network An SDN Controller Application can orchestrate how deep the network
performance monitoring is setup by applying the Multipoint Alternate performance monitoring is setup by applying the Multipoint Alternate
Marking as described in this document. Marking as described in this document.
It is important to underline that, as extension of RFC 8321
[RFC8321], this is a methodology draft, so the mechanism that can be
used to transmit the counters and the timestamps is out of scope here
and the implementation is open. Several options are possible, e.g.
[I-D.zhou-ippm-enhanced-alternate-marking].
2. Correlation with RFC5644 2. Correlation with RFC5644
RFC 5644 [RFC5644] is limited to active measurements using a single RFC 5644 [RFC5644] is limited to active measurements using a single
source packet or stream, and observations of corresponding packets source packet or stream, and observations of corresponding packets
along the path (spatial), at one or more destinations (one-to-group), along the path (spatial), at one or more destinations (one-to-group),
or both. or both.
Instead, the scope of this memo is to define multiparty metrics for Instead, the scope of this memo is to define multiparty metrics for
passive and hybrid measurements in a group-to-group topology with passive and hybrid measurements in a group-to-group topology with
multiple sources and destinations. multiple sources and destinations.
skipping to change at page 7, line 4 skipping to change at page 7, line 21
+------+ \ +------+ \
+------+ \ +------+ +------+ \ +------+
---<> R2 <> <> R7 <>--- ---<> R2 <> <> R7 <>---
+------+ \ / +------+ +------+ \ / +------+
\ +------+ / \ +------+ /
<> R5 <> <> R5 <>
/ +------+ \ / +------+ \
+------+ / \ +------+ +------+ / \ +------+
---<> R3 <> <> R8 <>--- ---<> R3 <> <> R8 <>---
+------+ +------+ +------+ +------+
Figure 1: Flow classification Figure 1: Flow classification
The case of unicast flow is considered in the previous figure. The case of unicast flow is considered in the previous figure.
Anyway the anycast flow is also in scope because there is no Anyway the anycast flow is also in scope because there is no
replication and only a single node from the anycast group receives replication and only a single node from the anycast group receives
the traffic, so it can be viewed as a special case of unicast flow. the traffic, so it can be viewed as a special case of unicast flow.
While ECMP flow is in scope by definition, since it is a point-to-
multipoint unicast flow.
4. Multipoint Performance Measurement 4. Multipoint Performance Measurement
By Using the "traditional" alternate marking method only point-to- By Using the "traditional" alternate marking method only point-to-
point paths can be monitored. To have an IP (TCP/UDP) flow that point paths can be monitored. To have an IP (TCP/UDP) flow that
follows a point-to-point path we have to define, with a specific follows a point-to-point path we have to define, with a specific
value, 5 identification fields (IP Source, IP Destination, Transport value, 5 identification fields (IP Source, IP Destination, Transport
Protocol, Source Port, Destination Port). Protocol, Source Port, Destination Port).
Multipoint Alternate Marking enables the performance measurement for Multipoint Alternate Marking enables the performance measurement for
skipping to change at page 12, line 33 skipping to change at page 13, line 5
Obviously, by combining some Clusters in a new connected subnetwork Obviously, by combining some Clusters in a new connected subnetwork
(called Super Cluster) the Packet Loss Rule is still true. (called Super Cluster) the Packet Loss Rule is still true.
In this way in a very large network there is no need to configure In this way in a very large network there is no need to configure
detailed filter criteria to inspect the traffic. You can check detailed filter criteria to inspect the traffic. You can check
multipoint network and only in case of problems you can go deep with multipoint network and only in case of problems you can go deep with
a step-by-step cluster analysis, but only for the cluster or a step-by-step cluster analysis, but only for the cluster or
combination of clusters where the problem happens. combination of clusters where the problem happens.
The complete and mathematical analysis of the possible Algorithms for
Cluster partition, including the considerations in terms of
efficiency and a comparison between the different methods, is in the
paper [IEEE-ACM-ToN-MPNPM].
7. Timing Aspects 7. Timing Aspects
The mark switching approach based on a fixed timer is considered in It is important to consider the timing aspects, since out of order
this document. packets happen and have to be handled as well as described in RFC
8321 [RFC8321]. But, in a multi-source situation an additional issue
has to be considered.
So, if we analyze a multipoint-to-multipoint path with more than one So, if we analyse a multipoint-to-multipoint path with more than one
marking node, it is important to recognize the reference measurement marking node, it is important to recognize the reference measurement
interval. In general the measurement interval for describing the interval. In general the measurement interval for describing the
results is the interval of the marking node that is more aligned with results is the interval of the marking node that is more aligned with
the start of the measurement, as reported in the following figure. the start of the measurement, as reported in the following figure.
Note that the mark switching approach based on a fixed timer is
considered in this document.
time -> start stop time -> start stop
T(R1) |-------------| T(R1) |-------------|
T(R2) |-------------| T(R2) |-------------|
T(R3) |------------| T(R3) |------------|
Figure 4: Measurement Interval Figure 4: Measurement Interval
T(R1) is the measurement interval and this is essential in order to T(R1) is the measurement interval and this is essential in order to
be compatible and make comparison with other active/passive/hybrid be compatible and make comparison with other active/passive/hybrid
Packet Loss metrics. Packet Loss metrics.
skipping to change at page 13, line 45 skipping to change at page 14, line 21
m d | | d m m d | | d m
|<====================>| |<====================>|
available counting interval available counting interval
Figure 5: Timing Aspects for Multipoint paths Figure 5: Timing Aspects for Multipoint paths
So the misalignment between the marking source routers gives an So the misalignment between the marking source routers gives an
additional constraint and the value of m is added to d (that already additional constraint and the value of m is added to d (that already
includes clock error and network delay). includes clock error and network delay).
Therefore, three different possible constraints are considered: clock
error between network devices, network delay between measurement
points and the misalignment between the marking source routers.
In the end, the condition that must be satisfied to enable the method In the end, the condition that must be satisfied to enable the method
to function properly is that the available counting interval must be to function properly is that the available counting interval must be
> 0, and that means: L - 2m - 2d > 0 for each measurement point on > 0, and that means: L - 2m - 2d > 0 for each measurement point on
the multipoint path. Therefore, the mismatch between measurement the multipoint path. Therefore, the mismatch between measurement
intervals must satisfy this condition. intervals must satisfy this condition.
The timing considerations are valid for both packet loss and delay
measurements.
8. Multipoint Delay and Delay Variation 8. Multipoint Delay and Delay Variation
The same line of reasoning can be applied to Delay and Delay The same line of reasoning can be applied to Delay and Delay
Variation. It is important to highlight that both delay and delay Variation. Similarly to the delay measurements defined in RFC 8321
variation measurements make sense in a multipoint path. The Delay [RFC8321], the marking batches anchor the samples to a particular
Variation is calculated by considering the same packets selected for period and this is the time reference that can be used. It is
measuring the Delay. important to highlight that both delay and delay variation
measurements make sense in a multipoint path. The Delay Variation is
calculated by considering the same packets selected for measuring the
Delay.
In general, it is possible to perform delay and delay variation In general, it is possible to perform delay and delay variation
measurements on multipoint paths basis or on single packets basis: measurements on multipoint paths basis or on single packets basis:
o Delay measurements on multipoint paths basis means that the delay o Delay measurements on multipoint paths basis means that the delay
value is representative of an entire multipoint path (e.g. whole value is representative of an entire multipoint path (e.g. whole
multipoint network, a cluster or a combination of clusters). multipoint network, a cluster or a combination of clusters).
o Delay measurements on single packets basis means that you can use o Delay measurements on single packets basis means that you can use
multipoint path just to easily couple packets between inputs and multipoint path just to easily couple packets between inputs and
skipping to change at page 15, line 12 skipping to change at page 15, line 46
measurement would only give information about the delay of a measurement would only give information about the delay of a
single path. However, by repeating the measurement multiple single path. However, by repeating the measurement multiple
times, it is possible to get information about all the paths in times, it is possible to get information about all the paths in
the multipoint flow. This can be done in case of point-to- the multipoint flow. This can be done in case of point-to-
multipoint path but it is more difficult to achieve in case of multipoint path but it is more difficult to achieve in case of
multipoint-to-multipoint path because of the multiple source multipoint-to-multipoint path because of the multiple source
routers. routers.
if we would perform a delay measurement for more than one picked if we would perform a delay measurement for more than one picked
packet in the same marking period and, especially, if we want to get packet in the same marking period and, especially, if we want to get
delay mesurements on multipoint-to-multipoint basis, both single and delay measurements on multipoint-to-multipoint basis, both single and
double marking method are not useful in the Multipoint scenario, double marking method are not useful in the Multipoint scenario,
since they would not be representative of the entire flow. The since they would not be representative of the entire flow. The
packets can follow different paths with various delays and in general packets can follow different paths with various delays and in general
it can be very difficult to recognize marked packets in a multipoint- it can be very difficult to recognize marked packets in a multipoint-
to-multipoint path especially in case they are more than one per to-multipoint path especially in case they are more than one per
period. period.
A desirable option is to monitor simultaneously all the paths of a A desirable option is to monitor simultaneously all the paths of a
multipoint path in the same marking period and, for this purpose, multipoint path in the same marking period and, for this purpose,
hashing can be used as reported in the next Section. hashing can be used as reported in the next Section.
skipping to change at page 15, line 51 skipping to change at page 16, line 36
the challenges of the basic approach is that the frequency of the the challenges of the basic approach is that the frequency of the
sampled packets may vary considerably. For this reason the dynamic sampled packets may vary considerably. For this reason the dynamic
approach has been introduced for point-to-point flow in order to have approach has been introduced for point-to-point flow in order to have
the desired and almost fixed number of samples for each measurement the desired and almost fixed number of samples for each measurement
period. In the hash-based sampling, alternate marking is used to period. In the hash-based sampling, alternate marking is used to
create periods, so that hash-based samples are divided into batches, create periods, so that hash-based samples are divided into batches,
allowing to anchor the selected samples to their period. Moreover in allowing to anchor the selected samples to their period. Moreover in
the dynamic hash-based sampling, by dynamically adapting the length the dynamic hash-based sampling, by dynamically adapting the length
of the hash value, the number of samples is bounded in each marking of the hash value, the number of samples is bounded in each marking
period. This can be realized by choosing the maximum number of period. This can be realized by choosing the maximum number of
samples (NMAX) to be catched in a marking period. The algorithm samples (NMAX) to be caught in a marking period. The algorithm
starts with only few hash bits, that permit to select a greater starts with only few hash bits, that permit to select a greater
percentage of packets (e.g. with 0 bit of hash all the packets are percentage of packets (e.g. with 0 bit of hash all the packets are
sampled, with 1 bit of hash half of the packets are sampled, and so sampled, with 1 bit of hash half of the packets are sampled, and so
on). When the number of selected packets reaches NMAX, a hashing bit on). When the number of selected packets reaches NMAX, a hashing bit
is added. As a consequence, the sampling proceeds at half of the is added. As a consequence, the sampling proceeds at half of the
original rate and also the packets already selected that don't match original rate and also the packets already selected that don't match
the new hash are discarded. This step can be repeated iteratively. the new hash are discarded. This step can be repeated iteratively.
It is assumed that each sample includes the timestamp (used for delay It is assumed that each sample includes the timestamp (used for delay
measurement) and the hash value, allowing the management system to measurement) and the hash value, allowing the management system to
match the samples received from the two measurement points. The match the samples received from the two measurement points. The
skipping to change at page 16, line 35 skipping to change at page 17, line 21
The management system receives the samples including the timestamps The management system receives the samples including the timestamps
and the hash value from all the MPs, and this happens both for point- and the hash value from all the MPs, and this happens both for point-
to-point and for multipoint-to-multipoint flow. Then the longest to-point and for multipoint-to-multipoint flow. Then the longest
hash used by MPs is deduced and it is applied to couple timestamps of hash used by MPs is deduced and it is applied to couple timestamps of
same packets of 2 MPs of a point-to-point path or of input and output same packets of 2 MPs of a point-to-point path or of input and output
MPs of a Cluster (or a Super Cluster or the entire network). But MPs of a Cluster (or a Super Cluster or the entire network). But
some considerations are needed: if there isn't packet loss the set of some considerations are needed: if there isn't packet loss the set of
input samples is always equal to the set of output samples. In case input samples is always equal to the set of output samples. In case
of packet loss the set of output samples can be a subset of input of packet loss the set of output samples can be a subset of input
samples but the method still works because, at the end, it is easy to samples but the method still works because, at the end, it is easy to
couple the input and output timestamps of each catched packet using couple the input and output timestamps of each caught packet using
the hash (in particular the "unused part of the hash" that should be the hash (in particular the "unused part of the hash" that should be
different for each packet). different for each packet).
In summary, the basic hash is logically similar to the double marking In summary, the basic hash is logically similar to the double marking
method, and in case of point-to-point path double marking and basic method, and in case of point-to-point path double marking and basic
hash selection are equivalent. The dynamic approach scales the hash selection are equivalent. The dynamic approach scales the
number of measurements per interval, and it would seem that double number of measurements per interval, and it would seem that double
marking would also work well if we reduced the interval length, but marking would also work well if we reduced the interval length, but
this can be done only for point-to-point path and not for multipoint this can be done only for point-to-point path and not for multipoint
path, where we cannot couple the picked packets in a multipoint path, where we cannot couple the picked packets in a multipoint
paths. So, in general, if we want to get delay mesurements on paths. So, in general, if we want to get delay measurements on
multipoint-to-multipoint path basis and want to select more than one multipoint-to-multipoint path basis and want to select more than one
packet per period, double marking cannot be used because we could not packet per period, double marking cannot be used because we could not
be able to couple the picked packets between input and output nodes. be able to couple the picked packets between input and output nodes.
On the other hand we can do that by using hashing selection. On the other hand we can do that by using hashing selection.
9. An Intelligent Performance Management approach 9. An Intelligent Performance Management approach
The Multipoint Alternate Marking framework that is introduced in this The Multipoint Alternate Marking framework that is introduced in this
document adds flexibility to PM because it can reduce the order of document adds flexibility to PM because it can reduce the order of
magnitude of the packet counters. This allows an SDN Orchestrator to magnitude of the packet counters. This allows an SDN Orchestrator to
supervise, control and manage PM in large networks. supervise, control and manage PM in large networks.
The monitoring network can be considered as a whole or can be split The monitoring network can be considered as a whole or can be split
in Clusters, that are the smallest subnetworks (group-to-group in Clusters, that are the smallest subnetworks (group-to-group
segments), maintaining the packet loss property for each subnetwork. segments), maintaining the packet loss property for each subnetwork.
They can also be combined in new connected subnetworks at different They can also be combined in new connected subnetworks at different
levels depending on the detail we want to achieve. levels depending on the detail we want to achieve.
An SDN Controller can calibrate Performance Measurements. It can An SDN Controller can calibrate Performance Measurements since it is
start without examining in depth. In case of necessity (packet loss aware of the network topology. It can start without examining in
is measured or the delay is too high), the filtering criteria could depth. In case of necessity (packet loss is measured or the delay is
be immediately specified more in order to perform a partition of the too high), the filtering criteria could be immediately specified more
network by using Clusters and/or different combinations of Clusters. in order to perform a partition of the network by using Clusters and/
In this way the problem can be localized in a specific Cluster or in or different combinations of Clusters. In this way the problem can
a single combination of Clusters and a more detailed analysis can be be localized in a specific Cluster or in a single combination of
performed step-by-step by successive approximation up to a point-to- Clusters and a more detailed analysis can be performed step-by-step
point flow detailed analysis. by successive approximation up to a point-to-point flow detailed
analysis.
This approach can be called Network Zooming and can be performed in This approach can be called Network Zooming and can be performed in
two different ways: two different ways:
1) change the traffic filter and select more detailed flows; 1) change the traffic filter and select more detailed flows;
2) activate new measurement points by defining more specified 2) activate new measurement points by defining more specified
clusters. clusters.
[I-D.zhou-ippm-enhanced-alternate-marking] defines an architecture The Network Zooming approach implies that the some filters or rules
where the centralized Data Collector and Network Management can apply are changed and there is a transient time to wait once the new
the intelligent and flexible Alternate Marking algorithm as network configuration takes effect and it can be determined by the
previously described. Network Orchestrator/Controller, based on the network conditions.
[I-D.song-opsawg-ifit-framework] defines an architecture where the
centralized Data Collector and Network Management can apply the
intelligent and flexible Alternate Marking algorithm as previously
described.
As for RFC 8321 [RFC8321], it is possible to classify the traffic and
mark a portion of the total traffic. For each period the packet rate
and bandwidth are calculated from the number of packets. In this way
the Network Orchestrator becomes aware if the traffic rate overcomes
limits. In addition more precision can be obtained by reducing the
marking period, indeed some implementations use a marking period of 1
sec and less.
In addition an SDN Controller could also collect the measurement In addition an SDN Controller could also collect the measurement
history. history.
It is important to mention that the Multipoint Alternate Marking It is important to mention that the Multipoint Alternate Marking
framework also helps Traffic Visualization. Indeed this methodology framework also helps Traffic Visualization. Indeed this methodology
is very useful to identify which path or which cluster is crossed by is very useful to identify which path or which cluster is crossed by
the flow. the flow.
10. Examples of application 10. Examples of application
There are three application fields where it may be useful to take There are application fields where it may be useful to take into
into consideration the Multipoint Alternate Marking: consideration the Multipoint Alternate Marking:
o VPN: The IP traffic is selected on IP source basis in both o VPN: The IP traffic is selected on IP source basis in both
directions. At the end point WAN interface all the output traffic directions. At the end point WAN interface all the output traffic
is counted in a single flow. The input traffic is composed by all is counted in a single flow. The input traffic is composed by all
the other flows aggregated for source address. So, by considering the other flows aggregated for source address. So, by considering
n end-points, the monitored flows are n (each flow with 1 ingress n end-points, the monitored flows are n (each flow with 1 ingress
point and (n-1) egress points) instead of n*(n-1) flows (each point and (n-1) egress points) instead of n*(n-1) flows (each
flow, with 1 ingress point and 1 egress point); flow, with 1 ingress point and 1 egress point);
o Mobile Backhaul: LTE traffic is selected, in the Up direction, by o Mobile Backhaul: LTE traffic is selected, in the Up direction, by
skipping to change at page 18, line 31 skipping to change at page 19, line 26
Packet Core to the EnodeB. So the monitored flow is only one per Packet Core to the EnodeB. So the monitored flow is only one per
EnodeB in both directions; EnodeB in both directions;
o OTT(Over The Top) services: The traffic is selected, in the Down o OTT(Over The Top) services: The traffic is selected, in the Down
direction by the source addresses of the packets sent by OTT direction by the source addresses of the packets sent by OTT
Servers. In the opposite direction (Up) by the destination IP Servers. In the opposite direction (Up) by the destination IP
addresses of the same Servers. So the monitoring is based on a addresses of the same Servers. So the monitoring is based on a
single flow per OTT Servers in both directions. single flow per OTT Servers in both directions.
o Enterprise SD-WAN: SD-WAN allows to connect remote branch offices o Enterprise SD-WAN: SD-WAN allows to connect remote branch offices
to data centers and build higher-performance WANs. A centralized to Data Centers and build higher-performance WANs. A centralized
controller is used to set policies and prioritize traffic. The controller is used to set policies and prioritize traffic. The
SD-WAN takes into account these policies and the availability of SD-WAN takes into account these policies and the availability of
network bandwidth to route traffic. This helps ensure that network bandwidth to route traffic. This helps ensure that
application performance meets service level agreements (SLAs). application performance meets service level agreements (SLAs).
This methodology can also help the path selection for the WAN This methodology can also help the path selection for the WAN
connection based on per Cluster and per flow performance. connection based on per Cluster and per flow performance.
11. Security Considerations 11. Security Considerations
This document specifies a method to perform measurements that does This document specifies a method to perform measurements that does
skipping to change at page 19, line 40 skipping to change at page 20, line 36
[I-D.amf-ippm-route] [I-D.amf-ippm-route]
Alvarez-Hamelin, J., Morton, A., and J. Fabini, "Advanced Alvarez-Hamelin, J., Morton, A., and J. Fabini, "Advanced
Unidirectional Route Assessment", draft-amf-ippm-route-01 Unidirectional Route Assessment", draft-amf-ippm-route-01
(work in progress), October 2017. (work in progress), October 2017.
[I-D.mizrahi-ippm-compact-alternate-marking] [I-D.mizrahi-ippm-compact-alternate-marking]
Mizrahi, T., Arad, C., Fioccola, G., Cociglio, M., Chen, Mizrahi, T., Arad, C., Fioccola, G., Cociglio, M., Chen,
M., Zheng, L., and G. Mirsky, "Compact Alternate Marking M., Zheng, L., and G. Mirsky, "Compact Alternate Marking
Methods for Passive and Hybrid Performance Monitoring", Methods for Passive and Hybrid Performance Monitoring",
draft-mizrahi-ippm-compact-alternate-marking-04 (work in draft-mizrahi-ippm-compact-alternate-marking-05 (work in
progress), April 2019. progress), July 2019.
[I-D.song-opsawg-ifit-framework]
Song, H., Li, Z., Zhou, T., Qin, F., Chen, H., Jin, J.,
and J. Shin, "In-situ Flow Information Telemetry", draft-
song-opsawg-ifit-framework-06 (work in progress), October
2019.
[I-D.zhou-ippm-enhanced-alternate-marking] [I-D.zhou-ippm-enhanced-alternate-marking]
Zhou, T., Fioccola, G., Li, Z., Lee, S., Cociglio, M., and Zhou, T., Fioccola, G., Li, Z., Lee, S., and M. Cociglio,
Z. Li, "Enhanced Alternate Marking Method", draft-zhou- "Enhanced Alternate Marking Method", draft-zhou-ippm-
ippm-enhanced-alternate-marking-02 (work in progress), enhanced-alternate-marking-04 (work in progress), October
June 2019. 2019.
[IEEE-ACM-ToN-MPNPM]
IEEE/ACM TRANSACTION ON NETWORKING, "Multipoint Passive
Monitoring in Packet Networks", DOI to appear, 2019.
[IEEE-Network-PNPM]
IEEE Network, "AM-PM: Efficient Network Telemetry using
Alternate Marking", DOI 10.1109/MNET.2019.1800152, 2019.
[RFC5474] Duffield, N., Ed., Chiou, D., Claise, B., Greenberg, A., [RFC5474] Duffield, N., Ed., Chiou, D., Claise, B., Greenberg, A.,
Grossglauser, M., and J. Rexford, "A Framework for Packet Grossglauser, M., and J. Rexford, "A Framework for Packet
Selection and Reporting", RFC 5474, DOI 10.17487/RFC5474, Selection and Reporting", RFC 5474, DOI 10.17487/RFC5474,
March 2009, <https://www.rfc-editor.org/info/rfc5474>. March 2009, <https://www.rfc-editor.org/info/rfc5474>.
[RFC5475] Zseby, T., Molina, M., Duffield, N., Niccolini, S., and F. [RFC5475] Zseby, T., Molina, M., Duffield, N., Niccolini, S., and F.
Raspall, "Sampling and Filtering Techniques for IP Packet Raspall, "Sampling and Filtering Techniques for IP Packet
Selection", RFC 5475, DOI 10.17487/RFC5475, March 2009, Selection", RFC 5475, DOI 10.17487/RFC5475, March 2009,
<https://www.rfc-editor.org/info/rfc5475>. <https://www.rfc-editor.org/info/rfc5475>.
 End of changes. 34 change blocks. 
62 lines changed or deleted 128 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/