Internet DRAFT - draft-chen-nvo3-ipid-pm
draft-chen-nvo3-ipid-pm
NVO3 Working Group H. Chen
INTERNET-DRAFT Huawei Technologies
Intended Status: Informational September 19, 2016
Expires: March 23, 2017
Using IPID for Performance Monitoring in VxLAN Network
draft-chen-nvo3-ipid-pm-01
Abstract
IP Identification(IPID)is a field in IP header primarily used to
uniquely identify the group of fragments of a single IP packet. The
value of IPID field in a packet from a specific traffic flow or
source IP address keeps increasing until wrapped-around.
This document specifies a method by carefully examining IPID value to
monitor the performance of VxLAN network. In this memo packet loss
measurement is mainly considered. This method requires no extra
hardware support, which means it is compatible with most of the
deployed routers or switches. Such a mechanism is applicable to IPv4
network and potential useful in overlay network with different data
encapsulation.
Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as
Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/1id-abstracts.html
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html
Hao Chen Expires March 23, 2017 [Page 1]
INTERNET DRAFT IPID based Performance Monitoring July 2015
Copyright and License Notice
Copyright (c) 2015 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. IPID Overview . . . . . . . . . . . . . . . . . . . . . . . . . 5
4. Packet Loss Measurement . . . . . . . . . . . . . . . . . . . . 8
5. Security Considerations . . . . . . . . . . . . . . . . . . . . 8
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 8
7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8
7.1 Normative References . . . . . . . . . . . . . . . . . . . 8
7.2 Informative References . . . . . . . . . . . . . . . . . . 8
Hao Chen Expires March 23, 2017 [Page 2]
INTERNET DRAFT IPID based Performance Monitoring July 2015
1. Introduction
Performance Monitoring(PM) is a crucial part of network OAM, which
mainly includes the packet loss and delay measurement. PM methods are
usually classified into two categories: active(involving the addition
of test traffic) or passive(no interference with normal traffic).
Both of active and passive methods have their own strengths. Active
method needs injecting test traffic from one measurement point to the
other point, which can not be guaranteed to experience the same path
with the data traffic where Equal Cost Multiple Paths(ECMP) exists.
However, in overlay network(e.g. VxLAN) ECMP is common, which means
passive method is more appropriate.
IP Identification(IPID) is a field in IP header, which can be used to
implement the passive PM method. The example IPv4 header is shown in
Figure 1. IPID is primarily used for uniquely identifying the group
of fragments of a single IP packet. The value of IPID field in a
packet from a specific traffic flow or source IP address keeps
increasing until wrapped-around.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Version| IHL |Type of Service| Total Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Identification |Flags| Fragment Offset |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Time to Live | Protocol | Header Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Destination Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Options | Padding |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 1: Example IPv4 Header
IPID is required to be unique within the maximum lifetime for all
packets with a given source address/destination address/protocol
tuple. Hence, each packet in a specific flow has a unique IPID.
Packets within a flow continuously increase the IPID value till it
reaches the maximum value. Then it wraps around and increases again.
An example Controller-based VxLAN network can be shown as Figure 2.
There is a controller connects to NVE A and NVE B. Assume there is a
flow transmitted from VM1 to VM3(VM1->NVE A->SW M->SW N->NVE B->VM3),
Hao Chen Expires March 23, 2017 [Page 3]
INTERNET DRAFT IPID based Performance Monitoring July 2015
it is necessary to implement the packet loss measurement at NVE A and
NVE B.
This document specifies a method by carefully examining IPID value to
monitor the performance of Controller-based VXLAN network. In this
memo packet loss measurement is mainly considered. The Controller
will specify which flow to be monitored. Before start monitoring, it
will send the flow information to the specific NVEs. During the
monitoring period, the Controller will collect statistical
information from the specific NVEs in order to measure t packet loss
and delay value.
***************************
* +--------------+ *
* | Controller | *
* +-|---------|--+ *
* / | | \ *
* / | | \ *
+---------+ * / | | \ * +---------+
|+---+ | * / | | \* | +---+|
||VM1| | +--/+ +-|-+ +-|-+ +-\-+ | |VM3||
|+---+ +---+NVE+---+SW +-----+SW +---+NVE+---+ +---+|
| +---+| +-A-+ +-M-+ +-N-+ +-B-+ |+---+ |
| |VM2|| * * ||VM4| |
| +---+| * VxLAN Overlay * |+---+ |
+---------+ * Network * +---------+
Tenant * * Tenant
System * * System
***************************
Figure 2: Example Controller-based VxLAN Network
This method requires no extra hardware support, which means it is
compatible with most of the deployed routers or switches. Such a
mechanism is applicable to IPv4 network and potential useful in
overlay network with different data encapsulation.
2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
This document makes use of the following terms, additional terms are
defined in [RFC7348]
Hao Chen Expires March 23, 2017 [Page 4]
INTERNET DRAFT IPID based Performance Monitoring July 2015
o ECMP - Equal Cost Multiple Paths
o IPID - IP Identification
o MSB - Most Significant Bit
o OG - Observation Group
o PM - Performance Monitoring
3. IPID Overview
This document mainly considers the IPID in IPv4 header. As defined
in[RFC791], IPID field holds 16 bits. It is used together with the
source and destination address, and the protocol fields, to identify
datagram fragments for reassembly.
There used to be some experimental works using IPID field for other
purposes, such as for adding packet-tracing information to help trace
packets with spoofed source addresses[Savage_2000]. However,
[RFC6864] prohibits these kind of uses. It claims that the IPv4 ID
field MUST NOT be used for purposes other than fragmentation and
reassembly. Besides, [Chen_2004] describes that the 16-bit IPID
field carries a copy of the current value of a counter in a host's IP
stack. Current versions of Windows implement this counter as a
global counter. That is, IPID value is continuously increasing per
source IP address. On the contrary, current versions of Linux
implement this counter as a per-flow counter. That is, IPID value is
continuously increasing in a per flow fashion. The authors also did
extensive experiment to prove the incremental feature of IPID value.
To sum up, IPID field can only be set by the Tenant-system and used
as a sequence number of packets flow.
Observing IPID's incremental feature, it is possible to take one bit
in IPID field as the Criterion bit(C bit), to divide one packets flow
into several Observation Groups(OGs). By collecting the observed
packet number and starting time of each OG from the relevant NVEs,
the controller is able to measure packet loss and delay of each flow.
The VxLAN encapsulation [RFC7348] includes an outer IP header and an
inner IP header, both of which have its own IPID field - i.e., the
outer IPID and the inner IPID respectively. Because it's the inner
header that reflects the real flow info, this memo only use the inner
IPID for performance monitoring.
Theoretically, each bit of IPID field can be used as the C bit. But
selecting the Criterion bit is a little bit tricky, because high-
Hao Chen Expires March 23, 2017 [Page 5]
INTERNET DRAFT IPID based Performance Monitoring July 2015
order bit varies slowly while low-order bit varies quickly. The
selection of C bit have to take the flow rate into consideration. To
illustrate, as Figure 3 shows, if taking IPID's most significant
bit(MSB) as the C bit, then each OG contains up to 2^15 = 32,768
packets. In the real deployment in data center network, most of the
user traffic is usually lower than the rate of 1G bps. In this case,
IPID will wrap-around in approximate 0.8s. When user traffic is up
to 10G bps, the IPID will wrap-around more quickly, may be less than
80ms.
0 1
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| | | | | | | | | | | | | | | |C|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 3: Example Criterion Bit
Figure 4 is a simple example to illustrate how the C bit is used to
divide the packets flow into sequential OGs. Assuming the first
packet observed holds the IPID value 0x00FC(bit 8 = 0). The first 4
packets hold the same C bit(C = 0) while the last 4 packets hold the
same C bit(C = 1).
Index H C L
+-+
1 0 0 0 0 | 0 0 0|0|| 1 1 1 1 | 1 1 0 0 <-+
2 0 0 0 0 | 0 0 0|0|| 1 1 1 1 | 1 1 0 1 | Group 1
3 0 0 0 0 | 0 0 1|0|| 1 1 1 1 | 1 1 1 0 | (C = 0)
4 0 0 0 0 | 0 0 1|0|| 1 1 1 1 | 1 1 1 1 <-+
5 0 0 0 0 | 0 0 1|1|| 0 0 0 0 | 0 0 0 0 <-+
6 0 0 0 0 | 0 0 1|1|| 0 0 0 0 | 0 0 0 1 | Group 2
7 0 0 0 0 | 0 0 1|1|| 0 0 0 0 | 0 0 1 0 | (C = 1)
8 0 0 0 0 | 0 0 1|1|| 0 0 0 0 | 0 0 1 1 <-+
... ... +-+ ... ... Group k
Figure 4: Example C bit based OG division
To illustrate, as shown in Figure 2 VM1 initiates a communication to
VM3. The packets flow from VM1 to VM3 will go through NVE A/B and
underlay switch M/N . The Controller will send a PM command to NVE A
and NVE B simultaneously. The PM command specifies the following
information:
1. which bit in IPID field will be taken as the C bit;
2. the basic flow information, including IP address of VM1 and VM3
Hao Chen Expires March 23, 2017 [Page 6]
INTERNET DRAFT IPID based Performance Monitoring July 2015
and the the protocol type(e.g. TCP or UDP).
On receipt of this command, NVE A/B will count the transmitted
/received packets respectively in each OGs. The OGs are divided based
on the value of C bit. An integrated OG could be determined by two
adjacent reversal of C bit. To illustrate, as shown in Figure 4,
reversal from 0 to 1 could be seen as the start point of group 2
while reversal from 1 to 0 could be seen as the end point of group 2.
When NVE A and B start to count, firstly they have to determine the
integrated OGs. Then NVE A and NVE B will report the counting
results to the Controller.
The example counting results of NVE A is shown as below
+-------------+-------+---------+
| Group index | C bit | pkt num |
+-------------+-------+---------+
| 1 | 1 | a |
| 2 | 0 | b |
| 3 | 1 | c |
| 4 | 0 | d |
+-------------+-------+---------+
Table 1: Example counting results of NVE A
Each time an integrated OG is counted, NVE A will report the results
to the Controller. The controller will record the time on receipt of
the results as t_A.
The example counting results of NVE B is shown as below
+-------------+-------+---------+
| Group index | C bit | pkt num |
+-------------+-------+---------+
| 1 | 0 | k' |
| 2 | 1 | a' |
| 3 | 0 | b' |
| 4 | 1 | c' |
+-------------+-------+---------+
Table 2: Example counting results of NVE B
NVE B will report the counting results to the controller in the same
way as NVE A. The controller will also record the time on receipt of
the results as t_B.
In order to determine whether these two OGs are matched, the
Hao Chen Expires March 23, 2017 [Page 7]
INTERNET DRAFT IPID based Performance Monitoring July 2015
Controller has to go through the following two step
1. compare the C bit value of these two OGs,
2. compare |t_A - t_B| with the value of T, where T is the time
duration of one single OG. T is determined by the configuration of C
bit and the flow rate.
For example, OG(1) in Table 1 has C = 1 while OG(1) in Table 2 has C
= 0. These two OGs do not have the same C bit value, thus the
Controller does not consider these two OGs are matched. On the other
hand, OG(2) in Table 2 is the next immediate OG and has C = 1. These
two OGs have the same C bit value, then the Controller will go to
next step to compare |t_A - t_B| with T. If |t_A - t_B| < T, then the
Controller considers these two OGs are matched. Otherwise, the
Controller considers these two OGs are not matched and simply ignores
them. For the case these two OGs are matched, packet number counted
in these two OGs can be used to determine whether the packet loss
take place between NVE A and NVE B.
4. Packet Loss Measurement
Packet loss measurement could be done by comparing the counted packet
number between the matched OGs. In the example of Section 3, packet
loss could be computed as follows:
Pkt_Loss = |a - a'| + |b - b'| + |c - c'|.
5. Security Considerations
Security considerations are not addressed in this document.
6. IANA Considerations
No IANA action is needed for this document.
7. References
7.1 Normative References
[RFC791] Postel, J., "Internet Protocol", September 1981.
7.2 Informative References
Hao Chen Expires March 23, 2017 [Page 8]
INTERNET DRAFT IPID based Performance Monitoring July 2015
[Chen_2004] Chen, W., Huang, Y., Ribeiro, B., Suh, K., Zhang, H.,
Silva, E., Kurose, J. and D. Towsley, "Exploiting the IPID
field to infer network path and end-system
characteristics", 2004.
[RFC6864] Touch, J., "Updated Specification of the IPv4 ID Field",
February 2013.
[RFC7348] Mahalingam, M., Dutt, D., Duda, K., Agarwal, P., Kreeger,
L., Sridhar, T., Bursell, M. and C. Wright, "Virtual
eXtensible Local Area Network (VXLAN): A Framework for
Overlaying Virtualized Layer 2 Networks over Layer 3
Networks", August 2014.
[Savage_2000] Savage, S., Wetherall, D., Karlin, A. and T. Anderson,
"Practical Network Support for IP Traceback", October
2000.
Authors' Addresses
Hao Chen
Huawei Technologies
101 Software Ave., Yuhuatai Dist.
Nanjing, Jiangsu 210012
China
Phone: +86-25-56628107
EMail: philips.chenhao@huawei.com
Hao Chen Expires March 23, 2017 [Page 9]