draft-ietf-tewg-measure-05.txt   draft-ietf-tewg-measure-06.txt 
Traffic Engineering Working Group Wai Sum Lai Traffic Engineering Working Group Wai Sum Lai
Internet Draft AT&T Labs Internet Draft AT&T Labs
Document: <draft-ietf-tewg-measure-05.txt> Document: <draft-ietf-tewg-measure-06.txt>
Category: Informational Richard W. Tibbs Category: Informational Richard W. Tibbs
Oak City Networks & Oak City Networks &
Solutions Solutions
Steven Van den Berghe Steven Van den Berghe
Ghent University/IMEC Ghent University/IMEC
Febuary 2003 July 2003
A Framework for Internet Traffic Engineering Measurement Requirements for Internet Traffic Engineering Measurement
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026. all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Internet-Drafts are draft documents valid for a maximum of Drafts. Internet-Drafts are draft documents valid for a maximum of
skipping to change at page 1, line 37 skipping to change at page 1, line 37
documents at any time. It is inappropriate to use Internet- Drafts documents at any time. It is inappropriate to use Internet- Drafts
as reference material or to cite them other than as "work in as reference material or to cite them other than as "work in
progress." progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
1. Abstract Abstract
In this document, a measurement framework for supporting the traffic In this document, we identify requirements for supporting the
engineering of IP networks is presented. Uses of traffic traffic engineering of IP networks. Requirements for traffic
measurement in service provider environments are described, and measurement in service provider environments are presented and
issues related to time scale and read-out period are discussed. justified, and related issues are discussed.
Different measurement types are classified, with each being
specified as a meaningful combination of a measurement entity and a
measurement basis.
For interoperable compatibility, uniform definitions across vendors Highlights of requirements are:
and operators must be ensured, e.g., in the distinction between 1. To aid network dimensioning, mechanisms to collect node-pair-
offered load and achieved throughput. To aid network dimensioning, based traffic data are required to facilitate the derivation of per-
mechanisms to collect node-pair-based traffic data should be service-class traffic matrix statistics.
developed to facilitate the derivation of per-service-class traffic 2. For service assurance, the use of higher-order statistics is
matrix statistics. For service assurance, there is a need for the required.
use of higher-order statistics. To preserve representative traffic 3. To preserve representative traffic detail at manageable sample
detail at manageable sample volumes, there is a need for packet- volumes, packet-sampled measurements are required.
sampled measurements. To manage large volume of measured data, use 4. To manage large volumes of measured data, use of bulk transfer
of bulk transfer and filtering/aggregation mechanisms may be and filtering/aggregation mechanisms are required.
appropriate.
Table of Contents Table of Contents
Status of this Memo................................................1 Status of this Memo................................................1
1. Abstract........................................................1 Abstract...........................................................1
2. Conventions used in this document...............................2 Conventions used in this document..................................3
3. Introduction....................................................3 1. Introduction....................................................3
4. Terminology.....................................................4 2. Conclusions and Recommendations.................................4
4.1 Active, passive measurements...................................4 3. Requirements for TE Measurement and Its Uses....................4
4.2 Route, path....................................................5 3.1 Requirements for Traffic characterization......................5
4.3 Throughput, traffic volume.....................................5 3.2 Requirements for Network monitoring............................5
5. Uses of Traffic Measurement.....................................6 3.3 Requirements for Traffic Matrix Statistics.....................6
5.1 Traffic characterization.......................................6 3.4 Requirements for Performance Monitoring........................6
5.2 Network monitoring.............................................6 3.5 Requirements for Path Characterization.........................7
5.3 Traffic control................................................7 4. Requirements Summary for TE Measurement Types...................7
6. Time Scales for Network Operations..............................7 4.1 Measurement types related to traffic or performance............8
7. Read-Out Periods................................................8 4.2 Measurement types related to resource usage....................8
7.1 Data Reduction.................................................8 5. Requirements for a TE Measurement Information Model.............9
7.2 Measurement Interval...........................................9 6. Measurement Definitions........................................11
7.3 Summarization..................................................9 6.1 Active, passive measurements..................................11
7.4 Sampling Issues................................................9 6.2 Route, path...................................................11
8. Measurement Bases..............................................10 6.3 Throughput, traffic volume....................................11
8.1 Flow-based....................................................11 APPENDICES........................................................12
8.2 Interface-based, link-based, node-based.......................12 APPENDIX A........................................................12
8.3 Node-pair-based...............................................12 A. Measurement Bases..............................................12
8.4 Path-based....................................................13 A.1 Flow-based....................................................14
9. Measurement Entities...........................................13 A.2 Interface-based, link-based, node-based.......................14
9.1 Entities related to traffic and performance...................13 A.3 Node-pair-based...............................................15
9.2 Entities related to establishment of connection or path.......16 A.4 Path-based....................................................15
10. Measurement Types.............................................16 APPENDIX B........................................................16
10.1 Measurement types related to traffic or performance..........16 B. Measurement Entities...........................................16
10.2 Measurement types related to resource usage..................17 B.1 Entities related to traffic and performance...................16
11. Traffic Matrix Statistics.....................................18 B.2 Entities related to establishment of connection or path.......18
12. Performance Monitoring........................................19 APPENDIX C........................................................18
13. Packet Sampling...............................................20 C. Packet Sampling and Estimation.................................18
14. Statistical Estimation and Information Modeling...............20 C.1 Packet Sampling...............................................19
14.1 Engineering methods for statistical estimation of measures...21 C.2 Sampling Issues...............................................19
14.2 TE Measure Information Modeling..............................21 C.3 Engineering methods for statistical estimation of measures....20
15. Conclusions and Recommendations...............................24 APPENDIX D........................................................20
16. Security Considerations.......................................24 D. Read-Out Periods...............................................20
17. References....................................................24 D.1 Data Reduction................................................21
18. Intellectual Property Statement...............................27 D.2 Measurement Interval..........................................21
19. Acknowledgments...............................................27 D.3 Summarization.................................................21
20. Author's Addresses............................................27 APPENDIX E........................................................22
Full Copyright Statement..........................................28 E. Time Scales for Network Operations.............................22
APPENDIX F........................................................23
F. Use of Traffic Measurement for Traffic control.................23
16. Security Considerations.......................................23
17. References....................................................23
18. Intellectual Property Statement...............................26
19. Acknowledgments...............................................26
20. Author's Addresses............................................26
Full Copyright Statement..........................................27
Conventions used in this document
2. Conventions used in this document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in
this document are to be interpreted as described in RFC-2119. this document are to be interpreted as described in RFC-2119.
3. Introduction 1. Introduction
This document describes a framework for Internet traffic engineering
measurement, with the objective of providing principles for the
development of a set of measurement systems to support the traffic
engineering of IP networks [1]. A major goal is to provide the
scope of measurements involved and outline a context for
establishing operator-, platform-, protocol-, and vendor-neutral
traffic measurement standards. To achieve multi-vendor inter-
operability, it is critical to minimize the possibilities of
inconsistencies arising from, e.g., differing statistical
definitions, overlapping data collection, processing at different
protocol levels, and similar inconsistencies by different vendors or
network operators.
The need for a common framework, including identification, In this document, we identify requirements for supporting IP network
principles and scope of measurements, is motivated by the needs for traffic engineering (TE) [1]. Requirements for traffic measurement
consistency, precision, and effectiveness of the overall traffic in service provider environments are presented and justified, and
engineering function. Traffic engineering includes measurements, related issues are discussed. To aid network dimensioning,
forecasting, planning, dimensioning, control, and performance mechanisms to collect node-pair-based traffic data are required to
monitoring. From this perspective, the purpose of this document is facilitate the derivation of per-service-class traffic matrix
to set principles of measurement in place that assure the quality of statistics. For service assurance, the use of higher-order
the other aspects of traffic engineering. Intended as a framework statistics is required. To preserve representative traffic detail
document, our goal is to describe the overall traffic and at manageable sample volumes, packet-sampled measurements are
performance measurement process at a high level. We point to required. To manage large volumes of measured data, use of bulk
objectives that a comprehensive set of measurement standards should transfer and filtering/aggregation mechanisms are required.
achieve. We also list brief informal definitions for most
measurements of interest, but leaving exhaustive and precise
definitions and standards to the documents cited or subsequent
documents to be developed by other working groups.
The scope of this document is limited to those aspects of Requirements for TE measurement are motivated by the needs for
measurement pertaining to intra-domain operations, i.e., within a consistency, precision, and effectiveness of the overall TE
given autonomous system. However, measurements on its boundary with function. TE includes measurements, forecasting, planning,
other domains are taken into consideration as well. The focus is dimensioning, control, and performance monitoring. TE measurement
primarily on traffic engineering in Internet service provider plays a key role to assure the quality of the other aspects of TE.
environments.
In this document, uses of traffic measurement in traffic Uses of traffic measurement in traffic characterization, network
characterization, network monitoring, and traffic control are first monitoring, and traffic control are first described. Depending on
described. Depending on the network operations to be performed in the network operations to be performed in these tasks, three
these tasks, three different time scales can be identified, ranging different time scales can be identified, ranging from months,
from months, through days or hours, to minutes or less. To support through days or hours, to minutes or less. To support these
these operations, traffic measurement must be able to capture operations, traffic measurement must be able to capture accurately,
accurately, within a given confidence interval, the traffic within a given confidence interval, the traffic variations and peaks
variations and peaks without degrading network performance and without degrading network performance and without generating an
without generating an immense amount of data. As one consequence of immense amount of data. As one consequence of the need to avoid
the need to avoid network performance degradation, specification of network performance degradation, specification of a suitable read-
a suitable read-out period for each service class for traffic out period (i.e., summarization or aggregation interval) is
summarization is essential. Other principles such as concise essential.
representation of measurements are identified as well.
Traffic measurement can be performed on the basis of flows, Traffic measurement can be performed on the basis of flows,
interfaces, links, nodes, node-pairs, or paths. Based on these interfaces, links, nodes, node-pairs, or paths. Based on these
objects, different measurement entities can be defined, such as objects, different measurement entities can be defined, such as
traffic volume, average holding time, bandwidth availability, traffic volume, average holding time, bandwidth availability,
throughput, delay, delay variation, packet loss, and resource usage. throughput, delay, delay variation, packet loss, and resource usage.
Using these measured traffic data, in conjunction with other network Using these measured traffic data, in conjunction with other network
data such as topological data and router configuration data, traffic data such as topological data and router configuration data, traffic
matrix and other relevant statistics can be derived for traffic matrix and other relevant statistics can be derived for TE purposes.
engineering purposes. Traffic load measurement also plays a key
role in network performance management.
In addition to these capabilities, functions of a measurement system
should also include data storage, data processing, statistics
generation and reporting. However, these aspects are outside the
scope of this document.
Also, IP multicast traffic measurement is not explicitly addressed IP multicast traffic measurement is not explicitly addressed in this
in this document. Nonetheless, given additional elaboration on document. Nonetheless, given additional elaboration on tree-based
tree-based measurement principles, most of the considerations for measurement principles, most of the considerations for different
different measurement types (to be discussed in Sections 8 and 9) measurement types (see Appendices A and B) could be applied to IP
could be applied to IP multicast traffic. Such elaboration may be multicast traffic. Such elaboration may be dealt with in a
dealt with in a subsequent document for specific IP multicast- subsequent document for specific IP multicast-inferred Internet
inferred Internet traffic measurement. traffic measurement.
As a framework, this document is mainly concerned with a discussion Relevant work done in measurements by other standards organizations
of various technical issues surrounding traffic measurement, will be applied or adapted, and references to them will be made.
particularly in the area of statistical traffic load estimation for These include, in particular,
traffic engineering purposes. As far as possible and to avoid
duplication of effort, relevant work done in measurements by other
standards organizations will be applied or adapted, and references
to them will be made. These include, in particular,
. IP Performance Metrics (IPPM) Working Group of the IETF: its . IP Performance Metrics (IPPM) Working Group of the IETF: its
framework document [2] and the associated documents on individual framework document [2] and the associated documents on individual
metrics [3, 4, 5, 6, 7, 8, 9, 10] metrics [3, 4, 5, 6, 7, 8, 9, 10, 11]
. ITU-T: Recommendation I.380/Y.1540 [11] and Recommendation Y.1541 . ITU-T: Recommendation I.380/Y.1540 [12] and Recommendation Y.1541
[12] [13]
4. Terminology 2. Conclusions and Recommendations
The intent of this section is not to provide definition or Requirements are given in this document for traffic metrics needed
description of terms used in this document. Rather, it is to for successful TE. Principles of best practice in traffic
highlight the difference in usage of closely related terms. characterization and performance characterization are described in
the Appendices. For interoperable compatibility and consistency,
requirements for traffic measurement recommended for standardization
include:
4.1 Active, passive measurements (1) Requirements for specific TE measurements
. Node-pair-based traffic data to derive per-service-class traffic
matrix statistics, including statistics of carried load and
offered load (Sections 3.3 and Appendix A)
. Statistics of achieved performance and throughput (Section 3.4)
. A standardized method to detect and record label binding changes
for LDP-signaled label-switched paths, at the ingress-egress pair
level (Section 3.5)
(2) Requirements for traffic data collection methods
. Standardization of measurement definitions and sampling methods,
to achieve uniformity across vendors and operators, and to
preserve sufficient traffic detail at manageable sample volumes
(Section 6 and Appendix C)
. Higher-order statistics to facilitate service assurance (Section
3.1)
. Offline bulk file transfer and standardized filtering/aggregation
mechanisms to manage large volumes of measured traffic data
(Section 5 and Appendix D)
. Linkage between policy mechanisms and TE measurement, possibly
triggered by a measurement-driven event notification (Section 5)
. Standardization of information models for TE measurement (Section
5)
3. Requirements for TE Measurement and Its Uses
TE measurement is used to collect traffic data for the following
purposes:
. Traffic characterization
. Network monitoring
. Traffic matrix Statistics
. Performance monitoring
. Path characterization
3.1 Requirements for Traffic characterization
. Requirement 1: Standardization of higher-order statistics to
facilitate service assurance.
. Requirement 2: Identifying traffic patterns, particularly traffic
peak patterns, and their variations in statistical analysis; this
includes developing traffic profiles to capture daily, weekly, or
seasonal variations.
. Requirement 3: Determining traffic distributions in the network on
the basis of flows, interfaces, links, nodes, node-pairs, paths,
or destinations. (These bases are discussed in Appendix A.)
. Requirement 4: Estimation of the traffic load according to service
classes in different routers and the network.
. Requirement 5: Observing trends for traffic growth and forecasting
of traffic demands.
For example, TE can use measurements to determine the statistical
moments of a traffic flow. As suggested in [14], given the time
series of packet arrivals, a suitable parametric stochastic model
based on the mean and variance of the time series can be
constructed. This traffic model is then used in the ensuing phases
of TE, such as link dimensioning to meet service objectives.
3.2 Requirements for Network monitoring
. Requirement 1: Determining the operational state of the network,
including fault detection.
. Requirement 2: Monitoring the continuity and quality of network
services, to ensure that QoS/CoS objectives are met for various
classes of traffic, to verify the performance of delivered
services, or to serve as a means of sectionalizing performance
issues seen by a customer. [Note 1. QoS reflects the performance
perceivable by a user of a service, while CoS (class of service)
is used by a service provider for internal design and operation of
a network.] [Note 2. Mechanisms for monitoring service
continuity may be service-specific and are not discussed here.]
. Requirement 3: Evaluating the effectiveness of TE policies, or
triggering certain policy-based actions (such as alarm generation,
or path preemption) upon threshold crossing; this may be based on
the use of performance history data.
. Requirement 4: Verifying peering agreements between service
providers by monitoring/measuring the traffic flows over
interconnecting links at border routers (note that peers are in
general not willing to divulge detailed traffic picture inside
their autonomous systems); this includes the estimation of inter-
and intra-domain traffic, as well as originating, terminating, and
transit traffic that are being exchanged between peers.
An example of using TE measurements in this area might be monitoring
packet loss rates at various points in a network to detect apparent
link failure. Another example is observing traffic at peering
points to ensure that peering agreements are met.
3.3 Requirements for Traffic Matrix Statistics
Requirement 1
Standardization of node-pair-based traffic data to derive per-
service-class traffic matrix statistics, including statistics of
carried load and offered load.
An important set of data for TE is point-to-point or point-to-
multipoint demands. This data may be of significant use in the
provisioning of traffic-engineered intra-domain paths and external
peering in the existing network, as well as planning for the
placement and sizing of new links, routers, or peers.
In current practice, estimates for traffic demands are usually
determined from a combination of traffic projections, customer
prescriptions, and service level agreements. Using the facilities
of SNMP (Simple Network Management Protocol), it is not easy to
obtain network-wide traffic demands from the local interface
measurements taken by different IP routers. As explained in [15,
16], information from diverse network measurements, including flow-
based measurements, and various topological data and router
configuration files are needed to infer the traffic volume.
Some shortcomings in today's method to derive traffic matrix
statistics as above include the volume of data from flow-based
measurement, the lack of sufficient routing control information, and
the need to correlate data from a variety of sources. To avoid some
of these deficiencies and to take advantage of the routing control
offered by MPLS, node-pair-based passive measurement should be
developed.
3.4 Requirements for Performance Monitoring
Requirement 1
Standardization of statistics of achieved performance and
throughput.
Requirement 2
Performance monitoring as a means to trigger LSP restoration
activities.
A major component of performance management is performance
monitoring, i.e., continuous real-time monitoring of the quality or
health of the network and its various elements to ensure a
sustained, uninterrupted delivery of quality service.
General aspects of measurements required to support the operation,
administration, and maintenance of a network are outside the scope
of this document (see [17, 18, 19, 20] for a discussion of MPLS
OAM). However, performance monitoring is required for TE
measurement since monitoring the quality of delivered services is
essential feedback to the TE function.
This requires the use of measurement, either passively or actively,
to collect information about the operational state of the network
and to track its performance. For a discussion of passive
monitoring and the use of synthetic traffic sources in active
probing, see [21, 22].
Performance degradation can occur as a result of routing
instability, congestion, or failure of network components. Periods
of congestion may be detected when the resource usage of a network
segment consistently exceeds a certain threshold, or when the cross-
router delay is unexpectedly high. Unexpected excessive loss of
packets or throughput drops may be used as a means of fault
detection, and may result in restoration activities.
3.5 Requirements for Path Characterization
Requirement 1
Standardization of a method to detect and record label binding
changes for LDP-signaled label-switched paths, at the ingress-egress
pair level.
In the case of hop-by-hop routed label-switched paths that are
established by Label Distribution Protocol (LDP) signaling, there is
no explicit binding between path end points. This will result in
the use of different label bindings at both the ingress and egress
nodes over time as network topology changes. Although the
forwarding equivalence class (FEC) to label binding information
already exists in the MPLS FTN and LSR MIBs [23, 26], a mechanism is
needed to keep track of binding changes. An example of such a
mechanism may be the periodic exchange of FEC to label binding
information for each ingress-egress pair.
Internet utilities such as ping and traceroute have been useful to
help diagnose network problems and performance debugging. Utilities
with similar functions would be essential for path-oriented
operations like in MPLS. This would include the capability to list,
at any time, (1) for a given path, all the nodes traversed by it,
and (2) for a given node, all the paths originating from it,
transiting through it, and/or terminating on it. A proposal for
path tracing is described in [24]. A proposal to establish basic
MPLS data plane liveness is described in [25].
4. Requirements Summary for TE Measurement Types
A measurement type is a meaningful and measurable combination of a
measurement basis (Appendix A) and a measurement entity (Appendix
B). Two sets of measurement types, organized in the form of
matrices, are presented in the following two subsections.
4.1 Measurement types related to traffic or performance
The following measurement matrix summarizes the measurement types
related to traffic or performance. Potentially, there can be one
such matrix for each service class.
Bases: Flow Interface, Node Pair Path
Node
Entities: (passive) (passive) (both) (both)
Traffic Volume x(1) x x(3) x(3)
Avg. Hold. Time x x(3)
Avail. Bandwidth x x(3)
Throughput x x(4) x(4)
Delay x(2) x(4) x(4)
Delay Variation x(2) x(4) x(4)
Packet Loss x x x(5) x(5)
Notes:
(1) This measurement type can be used to derive flow size
statistics.
(2) These are 1-point measurements. For a discussion on 1-point
packet delay variation, see [12], Appendix II.
(3) As a starting point, statistics collected by passive measurement
through the MIBs useful for TE [26, 27, 28] may be used.
(4) Active measurements based on IPPM metrics are currently in use
for node-pairs; they may be developed for paths.
(5) Besides active measurements based on IPPM, path loss may
possibly be inferred from the difference between ingress and egress
traffic statistics at the two endpoints of a path. However, such
inference for the cumulative losses between a given node pair over
multiple routes may be less useful, since different routes may have
different loss characteristics.
4.2 Measurement types related to resource usage
Another measurement matrix summarizes measurement types comprising
the different usage, one for each network resource object such as
router (processor and memory), link, and buffer, by different
classes of traffic:
. control (e.g., routing control) traffic
. signaling traffic
. user traffic from different service classes
Bases: Node Link Buffer
Entities:
Control Util. x x x
Signaling Util. x x x
Service Class Util. x x x
The amount of control and signaling traffic carried by a network is
a function of many factors. To name a few, they include the size
and topology of the network, the control and signaling protocols
used, the amount of user traffic carried, the number of failure
events, etc. Also, flooding of link-state advertisement (LSA)
messages in Interior Gateway Protocols (IGP, such as OSPF or IS-IS)
may cause significant routing control traffic during events such as
an LSA storm as a result of failures due to fiber cuts or failed
power supply. The above utilization measurements for control and
signaling traffic are intended to help develop guidelines for the
proper dimensioning and apportionment of network resources so that a
given level of user traffic can be adequately supported.
5. Requirements for a TE Measurement Information Model
Requirement 1
Standardization of an information model for TE measurement.
Requirement 2
Standardization of offline bulk file transfer and standardized
filtering/aggregation mechanisms to manage large volumes of measured
traffic data (see Appendix D for further discussion).
Several approaches and options for repository technology are now
broadly discussed. Relationships between TE measure information
models on other information models (e.g., the COPS Policy Information
Base, PIB) that drive network outcomes are of particular importance.
For an example of a PIB, see [29].
Linkages should be considered between policy mechanisms and TE
measures. This is useful because, while policy-driven networking is
well-developed between the policy repositories, policy decision
points and policy enforcement points, policy content is very likely
the output of TE applications [30]. **Since TE applications are
dependent upon TE measures, it is advantageous to provide
traceability between the measures and the engineering changes made as
a consequence of them.** An example of a client application that
might be driven by TE measures through a PIB is found in [31, 32].
Measures (represented by their estimates) should be centrally stored
and collected in a logical sense. This does not preclude distributed
storage for purposes of volume management or security/survivability,
but alludes to the need for a consistent retrieval mechanism (e.g.,
NFS). Two methods are: (1) extend MIBs with new definitions for TE
measure estimates or extend PIBs with new objects and use the COPS
feedback extensions to get statistics stored at the policy
enforecement points, and (2) create data depositories through more
centralized facilities, such as relational databases or LDAP (see
[29]). Both methods have merits as collection processes for TE
measures, and are simple examples spanning a wide spectrum of
solutions. These two methods are discussed here for expository
purposes, not to exclude other solutions.
Using MIBs allows well-established SNMP protocol and related
applications to retrieve data from the network elements being
measured. This is inherently "vendor-neutral," allowing commonly
defined TE measurements to be stored for retrieval in a common MIB
definition, regardless of network element vendor, technology or other
differences.
A centralized data storage facility has the advantage that TE
applications (such as offline and online TE, or measurement-based
admission control) can be performed without invasive retrieval of
data from network-wide MIBs.
It is possible that both the distributed MIB-based and centralized
repository-based approaches (or another approach altogether) should
be considered jointly. However, this is not mandatory: TE systems
could rely solely on events from distributed measurement points,
e.g., based on threshold checking in every device. Even in this
case, a centralized storage should be in place to log these events so
to provide a linkage between the observed behavior and resulting
configuration.
Although this document focuses on the motivation for providing TE
measurement information, it is assumed that this information should
be provided to the participating devices by means of a communication
protocol that would be used between the aforementioned participating
devices and a presumably centralized entity that would aim at
storing, maintaining and updating this information, as well as
making appropriate decisions at the right time and under various
conditions.
This communication protocol should have the following
characteristics:
1. The protocol should make use of a reliable transport mode, given
the importance of configuration information.
2. The protocol architecture should provide a means for dynamically
provisioning the configuration information to the participating
devices, so that it may introduce/contribute to a high level of
automation in the actual TE measurement operation.
3. The protocol should support one or more reporting mechanisms that
may be used for statistical information retrieval. Reporting
mechanisms can be either polling-based (explicit requests) or event-
based (asynchronous reports).
4. The protocol should support the appropriate security mechanisms
to provide some guarantees as far as the preservation of the
confidentiality of the configuration information is concerned.
5. The protocol should support reporting at regular intervals, and
can optionally support asynchronous conditional reporting (e.g.,
whenever a value crosses a threshold).
6. Measurement Definitions
Requirement 1
Standardization of measurement definitions and sampling methods, to
achieve uniformity across vendors and operators and to preserve
sufficient traffic detail at manageable sample volumes.
It is critical to minimize the possibilities of inconsistencies
arising from, e.g., differing statistical definitions, overlapping
data collection, processing at different protocol levels, and
similar inconsistencies by different vendors or network operators.
Uniform measurement definitions across vendors and operators should
be enforced as far as possible.
As this is a requirements document and not a document for
measurement definitions, the intent of this section is not to
provide definition of terms used. Rather, it is to highlight the
difference in usage of closely related terms and describe terms used
herein. Nor is this section exhaustive, since needs for other
measures may arise in practice (for examples of other closely-
related metrics see [33]).
6.1 Active, passive measurements
These terms are used in the sense of [2]. In an active measurement, These terms are used in the sense of [2]. In an active measurement,
test packets, or probes, are injected into the network. Data test packets, or probes, are injected into the network. Data
collected about these packets are taken as representative of the collected about these packets are taken as representative of the
behavior of the network. Passive measurements are in-service, non- behavior of the network. Passive measurements are in-service, non-
intrusive, and so can be performed directly on the user traffic. intrusive, and so can be performed directly on the user traffic.
For a discussion of sampling issues related to both active and
passive measurements, see Appendix C.
4.2 Route, path 6.2 Route, path
A route is any unidirectional sequence of nodes and links, for A route is any unidirectional sequence of nodes and links, for
sending packets from a source node to a destination node. A path sending packets from a source node to a destination node. A path
refers to an MPLS tunnel, i.e., a label-switched path (LSP) [13], refers to an MPLS tunnel, i.e., a label-switched path (LSP) [34],
this LSP possibly being a traffic-engineered LSP. Measurements on this LSP possibly being a traffic-engineered LSP. Measurements on
non-traffic-engineered LSPs may be collected to support the possible non-traffic-engineered LSPs may be collected to support the possible
future traffic-engineering of those LSPs. (Note: What is defined future traffic-engineering of those LSPs. (Note: What is defined
as a route here is referred to as a path in [2]. The route/path as a route here is referred to as a path in [2]. The route/path
distinction is made here to facilitate applications to MPLS.) distinction is made here to facilitate applications to MPLS.)
It should be pointed out that there are also methods for creating It should be pointed out that there are also methods for creating
paths with other technologies such as frame relay or ATM. The paths with other technologies such as frame relay or ATM. The
measurement described in this document may apply to these measurement described in this document may apply to these
technologies with suitable adaptation. To simplify description, technologies with suitable adaptation. To simplify description,
reference is made to MPLS only in what follows. reference is made to MPLS only in what follows.
4.3 Throughput, traffic volume 6.3 Throughput, traffic volume
Both quantities can be applied to a network, a network segment, or Both quantities can be applied to a network, a network segment, or
an individual network element. Thus, measurement points need to be an individual network element. Thus, measurement points need to be
appropriately defined when a specific measurement is to be performed appropriately defined when a specific measurement is to be performed
(e.g., from a given ingress node to another egress or a set of (e.g., from a given ingress node to another egress or a set of
egress nodes). egress nodes).
Throughput of a network, as a measure of delivered performance, Throughput of a network, as a measure of delivered performance,
refers to the maximum sustainable rate of transferring packets refers to the maximum sustainable rate of transferring packets
successfully across the network, under given network conditions, successfully across the network, under given network conditions,
e.g., a given traffic mix, while meeting quality of service (QoS) e.g., a given traffic mix, while meeting quality of service (QoS)
objectives. This usage is consistent with the definition of objectives. This usage is consistent with the definition of
throughput for a network interconnect device as specified in [14]. throughput for a network interconnect device as specified in [35].
For real-time network control, active measurement of throughput by For real-time network control, active measurement of throughput by
probing may be used to determine the currently available capacity of probing may be used to determine the currently available capacity of
a network to carry additional traffic. (Note: Goodput is a related a network to carry additional traffic. (Note: Goodput is a related
term referring to a proportion of the traffic successfully term referring to a proportion of the traffic successfully
transmitted; similarly, badput refers to a proportion of the traffic transmitted; similarly, badput refers to a proportion of the traffic
lost or being corrupted.) lost or being corrupted.)
Traffic volume, reflecting the traffic carried, is the amount of Traffic volume, reflecting the traffic carried, is the amount of
traffic measured during a given period of time. Passive measurement traffic measured during a given period of time. Passive measurement
of the traffic volume is usually used to estimate the long-term of the traffic volume is usually used to estimate the long-term
offered traffic for the purposes of network dimensioning in the offered traffic for the purposes of network dimensioning in the
capacity-management and network-planning processes (see the Section capacity-management and network-planning processes (see Appendix E
on Time Scales for Network Operations). A network should be on Time Scales for Network Operations). A network should be
properly dimensioned so that its throughput is adequate to handle properly dimensioned so that its throughput is adequate to handle
the expected traffic volume. Hence, traffic volume measurement the expected traffic volume. Hence, traffic volume measurement
should be performed on a regular basis. should be performed on a regular basis.
Throughput at a cross-section, or specific point in the network, is Throughput at a cross-section, or specific point in the network, is
expressed in terms of number of data units per time unit. Traffic expressed in terms of number of data units per time unit. Traffic
volume is expressed in data units with reference to a read-out volume is expressed in data units with reference to a read-out
period (see the Section on Read-Out Periods). For transmission period (see Appendix D on Read-Out Periods). For transmission
systems, the data unit is usually a multiple of either bits or systems, the data unit is usually a multiple of either bits or
bytes. For processing systems, the data unit is usually a multiple bytes. For processing systems, the data unit is usually a multiple
of packets. of packets.
5. Uses of Traffic Measurement APPENDICES
Traffic measurement is used to collect traffic data for the
following purposes:
. Traffic characterization and capacity planning
. Network monitoring
. Traffic control
5.1 Traffic characterization
. Identifying traffic patterns, particularly traffic peak patterns,
and their variations in statistical analysis; this includes
developing traffic profiles to capture daily, weekly, or seasonal
variations.
. Determining traffic distributions in the network on the basis of
flows, interfaces, links, nodes, node-pairs, paths, or
destinations.
. Estimation of the traffic load according to service classes in
different routers and the network.
. Observing trends for traffic growth and forecasting of traffic
demands.
For example, traffic engineering measurements are usually used to
determine the statistical moments of a traffic flow. As suggested
in [15], given the time series of packet arrivals, a suitable
parametric stochastic model based on the mean and variance of the
time series can be constructed. This traffic model is then used in
the ensuing phases of traffic engineering, such as link dimensioning
to meet service objectives.
5.2 Network monitoring
. Determining the operational state of the network, including fault
detection.
. Monitoring the continuity and quality of network services, to
ensure that QoS/CoS objectives are met for various classes of
traffic, to verify the performance of delivered services, or to
serve as a means of sectionalizing performance issues seen by a
customer. [Note 1. QoS reflects the performance perceivable by a
user of a service, while CoS (class of service) is used by a
service provider for internal design and operation of a network.]
[Note 2. Mechanisms for monitoring service continuity may be
service-specific and are not discussed here.]
. Evaluating the effectiveness of traffic engineering policies, or
triggering certain policy-based actions (such as alarm generation,
or path preemption) upon threshold crossing; this may be based on
the use of performance history data.
. Verifying peering agreements between service providers by
monitoring/measuring the traffic flows over interconnecting links
at border routers (note that peers are in general not willing to
divulge detailed traffic picture inside their autonomous systems);
this includes the estimation of inter- and intra-domain traffic,
as well as originating, terminating, and transit traffic that are
being exchanged between peers.
An example of using traffic measurements in this area might be
monitoring packet loss rates at various points in a network to
detect apparent link failure. Another example is monitoring the QoS
at peering points to ensure that peering agreements are met.
5.3 Traffic control
. Adaptively optimizing network performance in response to network
events, e.g., rerouting to work around congestion or failures.
. Providing a feedback mechanism in the reverse flow messaging of
RSVP-TE [16] or CR-LDP [17] signaling in MPLS to report on actual
topology state information such as link bandwidth availability.
(An example of such a feedback mechanism is described in [18]. As
described therein, care should be exercised to ensure network
stability and consistency for any mechanism that makes direct
operational use of measurement (e.g., to use as feedback into path
computation). However, such issues will not be dealt with here as
this framework document is mainly concerned with the definitions
and principles of measurements, rather than their usage to
subsequently ensure other network features such as accurate
bandwidth allocation.)
. Support of measurement-based admission control, i.e., by
predicting the future demands of the aggregate of existing flows
so that admission decisions can be made on new flows.
An example of traffic engineering measurements used to effect a
traffic control mechanism is to configure policing mechanisms in
response to traffic load and performance measurements. A network
operator could selectively throttle low-priority flows to improve
near-real-time performance of higher-priority flows, and maintain
tighter QoS envelopes. Another example would be to use measurement
results for feedback into IGP routing decisions, e.g., for adjusting
the link weights based on them.
6. Time Scales for Network Operations
The information collected by traffic measurement can be provided to
the end user or application either in real time, or for record
(i.e., data retention) in non-real time, depending on the activities
to be performed and the network actions to be taken. Traffic
control will generally require real-time information. For network
planning and capacity management as described below, information may
be provided in non-real time after the processing of raw data.
Broadly speaking, the following three time scales can be classified,
according to the use of observed traffic information for network
operations [15].
Network planning
Information that changes on the order of months is used to make
traffic forecasts as a basis for network extensions and long-term
network configuration. That is, for planning the topology of the
network, planning alternative routes to survive failures or
determining where capacity must be augmented in advance of projected
traffic growth. Long-term planning includes the selection and
timing of the introduction of new architectures, technologies and
vendors, in alignment with financial forecasts and market
assessments.
Capacity management
Intermediate-scale (e.g., six months or less) capacity planning
deals with detailed implementation of the build plan, short-lead-
time activities and out-of-plan events. It typically uses a
rolling-month forecast of traffic and demand. Information that
changes on the order of days or hours is used to manage the deployed
facilities, by taking appropriate maintenance or engineering actions
to optimize utilization. For example, new MPLS paths may be set up
or existing paths modified while meeting service level agreements.
Also, load balancing may be performed, or traffic may be rerouted
for re-optimization after a failure.
Real-time network control
Information that changes on the order of minutes or less is used to
adapt to the current network conditions in near real time. Thus, to
combat localized congestion, traffic management actions may perform
temporary rerouting to redistribute the load. Upon detecting a
failure, traffic may be diverted to pre-established, secondary
routes until more optimized routes can be arranged.
7. Read-Out Periods
A measurement infrastructure must be able to scale with the size and
the speed of a network as it evolves. Hence, it is important to
minimize the amount of data to be collected, and to condense the
collected data by periodic summarization over read-out periods.
7.1 Data Reduction
Techniques to manage large volumes of measured data are needed to
prevent network performance from being adversely affected by the
unnecessarily excessive loading of router control processors, router
memories, transmission facilities, and the administrative support
systems.
For example, offline bulk file transfer may be used as a method to
manage large volumes of measured traffic data. Bulk transfer from
routers to collection devices can help reduce the packet processing
overhead experienced by using other management interfaces. Also,
data correlation or filtering rules may be set up to suppress
redundant data, or to aggregate flows into suitable classes with the
corresponding aggregation of statistics. These types of data
reduction may be used as an appropriate or acceptable means for
pruning down the overall volume of traffic data that a TE system may
ultimately have to store, maintain, and process.
7.2 Measurement Interval
A measurement interval is the time interval over which measurements
are taken. Some traffic data must be collected continuously, while
others by sampling, or on a scheduled basis. For example, peak
loads and peak periods can be identified only by continuous
measurement as traffic typically fluctuates irregularly during the
whole day. If traffic variations are regular and predictable, it
may be possible to measure the expected normal load on pre-
determined portions of the day. Such duration of peak traffic is
referred to as a busy period. Special studies on selected segments
of the network may be conducted on a scheduled basis. Occasionally
unexpected events or other decision support needs may arise that
require ad-hoc, unscheduled measurement, with the involvement of the
network operator, and in such a case measurements may be activated
manually. For instance, active throughput measurement may be used
to identify alternate routes for spreading traffic to avoid future
periods of network congestion, based on observations of current
local congestion events.
7.3 Summarization
A measurement interval consists of a sequence of consecutive read-
out periods. Summarization is usually done by integrating the raw
data over a pre-specified read-out period. The granularity of this
period must be suitably chosen. It should be short enough to
capture, with acceptable accuracy, the bursty nature of the traffic,
i.e., the traffic variations and peaks. Since measurements
represent a load for the router (if third-party measurement devices
are not employed), the read-out period should not be so short that
router performance is degraded while a voluminous quantity of data
is produced. Also, read-out may be started when the measured data
exceeds a preset threshold, or when the space allocated for
temporarily holding the data in a router is exhausted.
For a multi-service IP network, each service typically has its own
traffic characteristics and performance objectives. To ensure that
CoS-specific features are reflected in the measurement process,
different read-out periods may be needed for different classes of
service.
7.4 Sampling Issues
The concept of read-out periods applies to both active and passive APPENDIX A
measurements. This concept is consistent with the sampling issues
for a series of measurements as developed in [2], for example. See
sections 10 and 11 of that document for important distinctions
between "singletons, samples, and statistics." The procedure of
Poisson sampling, for example, may be used within a read-out period
to select a subset of total packet events that are chosen as the
sample. Then a statistic (e.g., mean or variance) can be computed
over that sample and associated with the read-out period. Although
[2] does not discuss traffic volume measures such as a traffic
matrix, the same sampling issues arise for the traffic matrix and
other passive measurements.
8. Measurement Bases A. Measurement Bases
Measurements can be classified on the basis of where, and at which Measurements can be classified on the basis of where, and at which
level of aggregation the traffic data are gathered. This is similar level of aggregation the traffic data are gathered. This is similar
to the concept of a *population of interest* as specified in ITU-T to the concept of a *population of interest* as specified in ITU-T
Recommendation I.380/Y.1540. As defined therein, this refers to a Recommendation I.380/Y.1540. As defined therein, this refers to a
set of packets, possibly relative to a particular pair of source and set of packets, possibly relative to a particular pair of source and
destination hosts, for the purposes of defining performance destination hosts, for the purposes of defining performance
parameters. However, measurement bases as used here may not have parameters. However, measurement bases as used here may not have
any association with a source-destination pair. This is to be any association with a source-destination pair. This is to be
described in more details below. Currently, the different described in more details below. Currently, the different
measurement bases to be defined below have not been explicitly measurement bases to be defined below have not been explicitly
specified in the IPPM Framework [2]. specified in the IPPM Framework [2].
In this document, the focus is on service providers as organizations In this document, the focus is on service providers as organizations
requiring traffic and performance measurements. (However, customer- requiring traffic and performance measurements. (However, customer-
based measurements of enterprise networks may have similar issues.) based measurements of enterprise networks may have similar issues.)
Service providers will make decisions on how to perform the Service providers will make decisions on how to perform the
measurements needed, and there are various tradeoffs involved. One measurements needed, and there are various tradeoffs involved. One
option is to obtain the measurements directly from the network option is to obtain the measurements directly from the network
elements themselves, e.g., via SNMP (Simple Network Management elements themselves, e.g., via SNMP. Collecting the measurements on
Protocol). Collecting the measurements on the operational network the operational network elements such as routers is sometimes a
elements such as routers is sometimes a performance concern. performance concern. Currently, there is a number of third-party
Currently, there is a number of third-party measurement/monitoring measurement/monitoring products available. Hence, another option is
products available. Hence, another option is to deploy such to deploy such equipment, which might have performance advantages
equipment, which might have performance advantages but also but also introduces additional cost.
introduces additional cost.
Regardless of the type of measurement source, either a network Regardless of the type of measurement source, either a network
element or a third-party product, measurements should be collected, element or a third-party product, measurements should be collected,
as far as possible, by a measurement source without requiring as far as possible, by a measurement source without requiring
coordination with other measurement sources. Thus, it is desirable coordination with other measurement sources. Thus, it is desirable
to perform those measurements that do not require the use of to perform those measurements that do not require the use of
specialized monitoring equipment connected to the network at specialized monitoring equipment connected to the network at
multiple locations. While each measurement source may act multiple locations. While each measurement source may act
autonomously with regard to taking measurements, a network operator autonomously with regard to taking measurements, a network operator
may specify some network-wide policy regarding measurement may specify some network-wide policy regarding measurement
skipping to change at page 11, line 18 skipping to change at page 13, line 48
this document, they should be explicitly addressed whenever a this document, they should be explicitly addressed whenever a
measurement campaign is to be launched, whatever its scope and its measurement campaign is to be launched, whatever its scope and its
frequency. frequency.
The following measurement bases are considered in this document: The following measurement bases are considered in this document:
. Flow-based . Flow-based
. Interface-based, link-based, node-based . Interface-based, link-based, node-based
. Node-pair-based . Node-pair-based
. Path-based . Path-based
Generally speaking, for traffic engineering purposes, passive Passive measurements are prevalent today for TE purposes. However,
measurements are mostly used. However, as to be described later in the above measurement bases may result in active or passive
the "Measurement Types" section, the above measurement bases may measurements. For example, an active measurement may be a two-point
result in active or passive measurements. For example, an active delay metric such as type-P-one-way-delay defined in [4], and
measurement may be a two-point delay metric such as type-P-one-way- obtained by time-stamping probe packets at selected ingress and
delay defined in [4], and obtained by time-stamping probe packets at egress points; a passive measurement may be to obtain packet inter-
selected ingress and egress points; a passive measurement may be to arrival times by time-stamping successive packets of the traffic at
obtain packet inter-arrival times by time-stamping successive a selected point in the network. Note that both active and passive
packets of the traffic at a selected point in the network. Note measurements are subject to the same sampling and time-source
that both active and passive measurements are subject to the same accuracy concerns.
sampling and time-source accuracy concerns.
MPLS has certain advantages when compared with conventional IP MPLS has certain advantages when compared with conventional IP
networks, from the perspective of the difficulty involved in networks, from the perspective of the difficulty involved in
obtaining unambiguous measurements. As different service providers obtaining unambiguous measurements. **As different service
will adopt different technologies, technology-neutral solutions to providers will adopt different technologies, technology-neutral
the problem of obtaining measurements are presented as far as solutions to the problem of obtaining measurements are needed as far
possible. as possible.**
Applicability of traffic measurements to the derivation of traffic Applicability of traffic measurements to the derivation of traffic
matrix statistics and performance monitoring are to be described in matrix statistics and performance monitoring has been described in
later sections. Section 3.
8.1 Flow-based A.1 Flow-based
This is conceptually similar to the call detail record (CDR) in This is conceptually similar to the call detail record (CDR) in
circuit-switched telecommunications networks. It is primarily used circuit-switched telecommunications networks. It is primarily used
on interfaces at access routers, edge routers, or aggregation on interfaces at access routers, edge routers, or aggregation
routers, rather than on backbone routers in the core network. Like routers, rather than on backbone routers in the core network. Like
CDR measurements, flow-based records are used to collect detailed CDR measurements, flow-based records are used to collect detailed
information about a flow. This includes such information as source information about a flow. This includes such information as source
and destination IP addresses/port numbers, protocol, type of and destination IP addresses/port numbers, protocol, type of
service, timestamps for the start and end of a flow, packet count, service, timestamps for the start and end of a flow, packet count,
octet count, etc. octet count, etc.
As flow is a fine-grained object, measuring every flow that passes As flow is a fine-grained object, measuring every flow that passes
through all the edge devices may not be scalable or feasible. through all the edge devices may not be scalable or feasible.
Hence, per-flow data are usually used in a special study conducted Hence, per-flow data are usually used in a special study conducted
on a non-continuous schedule and on selected routers only. Sampling on a non-continuous schedule and on selected routers only. Sampling
of flow-based measurements may also be needed to reduce both the of flow-based measurements may also be needed to reduce both the
amount of data collected and the associated overhead. amount of data collected and the associated overhead.
8.2 Interface-based, link-based, node-based A.2 Interface-based, link-based, node-based
While active measurements are often not useful at a single point, While active measurements are often not useful at a single point,
passive measurements can be taken at each network element. For passive measurements can be taken at each network element. For
example, SNMP uses passive monitoring to collect raw data on an example, SNMP uses passive monitoring to collect raw data on an
interface at an edge or backbone router. These data are stored in interface at an edge or backbone router. These data are stored in
MIBs (Management Information Bases) and include counts on packets MIBs (Management Information Bases) and include counts on packets
and octets sent/received, packet discards, errored packets. Such and octets sent/received, packet discards, errored packets. Such
measurements may have the disadvantage that the identity of each measurements may have the disadvantage that the identity of each
flow is lost. flow is lost.
To reduce the overhead in managing multiple links between the same To reduce the overhead in managing multiple links between the same
ingress and egress points, there is proposal to aggregate links for ingress and egress points, there is proposal to aggregate links for
network optimization [19]. Component links in such a *bundled link* network optimization [36]. Component links in such a bundled link
will have the same routing constraints, resource classes, and will have the same routing constraints, resource classes, and
attributes. Multiple links are treated as a single IP link. attributes. Multiple links are treated as a single IP link.
Traffic measurements, such as bandwidth availability, throughput, Traffic measurements, such as bandwidth availability, throughput,
etc., should consider the measurement implications for bundled etc., should consider the measurement implications for bundled
links, and should not inhibit link bundling. (For example, a single links, and should not inhibit link bundling. (For example, a single
IP link may presumably be referenced as a pair of IP addresses that IP link may presumably be referenced as a pair of IP addresses that
are assigned to both extremities of the link. An implicit issue are assigned to both extremities of the link. An implicit issue
that may need to be resolved relates to the exact characterization that may need to be resolved relates to the exact characterization
of the traffic that will be conveyed in each component link, since a of the traffic that will be conveyed in each component link, since a
couple of IP addresses may not be sufficient for such link-based couple of IP addresses may not be sufficient for such link-based
measurement.) Also, such measurements should be protocol measurement.) Also, such measurements should be protocol
independent and media independent to ensure portability and independent and media independent to ensure portability and
commonality in the measurements. commonality in the measurements.
8.3 Node-pair-based A.3 Node-pair-based
Active measurements by probing, as specified in the IPPM framework Active measurements by probing, as specified in the IPPM framework
for example, can be conducted between each pair of (major) routing for example, can be conducted between each pair of (major) routing
hubs for determining edge-to-edge performance of a core network. hubs for determining edge-to-edge performance of a core network.
This complements the passive measurements of the previous sub- This complements the passive measurements of the previous sub-
section, which provide local views of the performance of individual section, which provide local views of the performance of individual
network elements. network elements.
In contrast to performance statistics, traffic loading statistics In contrast to performance statistics, traffic loading statistics
require passive measurements of the actual traffic. In circuit- require passive measurements of the actual traffic. In circuit-
skipping to change at page 13, line 8 skipping to change at page 15, line 38
such as the load between a given node pair are taken directly. In such as the load between a given node pair are taken directly. In
IP networks, currently such node-pair-based measurements are IP networks, currently such node-pair-based measurements are
difficult to establish due to the dynamic and asymmetric properties difficult to establish due to the dynamic and asymmetric properties
of IP routing. However, it is possible to infer them from flow- of IP routing. However, it is possible to infer them from flow-
based passive measurements and other network information, such as based passive measurements and other network information, such as
routing table snapshots. A problem with this approach is that flow- routing table snapshots. A problem with this approach is that flow-
based measurement data are voluminous. Also, another problem that based measurement data are voluminous. Also, another problem that
must be accounted for is the routing changes among the multiple must be accounted for is the routing changes among the multiple
routes due to, e.g., a change in the configuration of intra-domain routes due to, e.g., a change in the configuration of intra-domain
routing, or a change in inter-domain policies made by another routing, or a change in inter-domain policies made by another
autonomous system. This is further discussed in the Section on autonomous system. These issues were discussed in Section 3.4 on
Traffic Matrix Statistics. Traffic Matrix Statistics.
8.4 Path-based A.4 Path-based
The ability of MPLS to use fixed preferred paths for routing The ability of MPLS to use fixed preferred paths for routing traffic
traffic, so-called "route pinning" (or "path pinning", using the gives the means to develop path-based measurements. This may enable
definitions of Section 4.2), gives the means to develop path-based the development of methodologies for such functions as admission
measurements. This may enable the development of methodologies for control and performance verification of delivered service.
such functions as admission control and performance verification of
delivered service.
Like a flow, a path is associated with a pair of nodes. However, Like a flow, a path is associated with a pair of nodes. However,
path is a more coarse-grained object than flow, as paths are usually path is a more coarse-grained object than flow, as paths are usually
used to carry aggregated traffic (from different flows). In used to carry aggregated traffic (from different flows). In
addition, when routing changes occur, the amount of traffic to be addition, when routing changes occur, the amount of traffic to be
carried by a path will either not be affected or be merged with that carried by a path will either not be affected or be merged with that
of another path. Because of these properties, path-based of another path. Because of these properties, path-based
measurements are more scalable and may be used to provide more measurements are more scalable and may be used to provide more
readily an accurate, network-wide, view of the traffic demands. For readily an accurate, network-wide, view of the traffic demands. For
example, the traffic between a given pair of nodes may be inferred example, the traffic between a given pair of nodes may be inferred
from the aggregate of the traffic carried by all paths either from the aggregate of the traffic carried by all paths either
terminated by or passed through the same node-pair. terminated by or passed through the same node-pair.
9. Measurement Entities APPENDIX B
B. Measurement Entities
A measurement entity defines what is measured: it is a quantity for A measurement entity defines what is measured: it is a quantity for
which data collection must be performed with a certain measurement. which data collection must be performed with a certain measurement.
A measurement type can be specified by a (meaningful) combination of A measurement type can be specified by a (meaningful) combination of
a measurement entity with the measurement basis described in the a measurement entity with the measurement basis described in
previous section. Appendix A.
An important issue with any measurement is measurement precision An important issue with any measurement is measurement precision
and/or accuracy. However, this issue is not dealt with here since and/or accuracy. However, this issue is not dealt with here since
each measurement type will potentially have its own unique each measurement type will potentially have its own unique
requirements. For example, see [4], Section 3.7, for a discussion requirements. For example, see [4], Section 3.7, for a discussion
on error issues for one-way delay. on error issues for one-way delay.
9.1 Entities related to traffic and performance B.1 Entities related to traffic and performance
Some of the measurement entities listed below, such as throughput, Some of the measurement entities listed below, such as throughput,
delay, delay variation, and packet loss, are related to the delay, delay variation, and packet loss, are related to the
respective IPPM performance metrics or the I.380/Y.1540 performance respective IPPM performance metrics or the I.380/Y.1540 performance
parameters. parameters.
. Traffic volume (mean and variance, in number of bits, bytes, or . Traffic volume (mean and variance, in number of bits, bytes, or
packets transferred, as counted over a given time interval), on a packets transferred, as counted over a given time interval), on a
per service class basis, at various aggregation levels (IP address per service class basis, at various aggregation levels (IP address
prefix, interface, link, node, node-pair, path, network edge, prefix, interface, link, node, node-pair, path, network edge,
customer, or autonomous system) customer, or autonomous system)
Note: (1) This is a measurement for the traffic carried by a Note: (1) This is a measurement for the traffic carried by a
network, a network segment, or an individual network element; it network, a network segment, or an individual network element; it
is used to derive the carried load or carried traffic intensity is used to derive the carried load or carried traffic intensity
[20]. When measured during the busy period, this entity is [37]. When measured during the busy period, this entity is
normally used to estimate the traffic offered. However, the normally used to estimate the traffic offered. However, the
estimation procedure should take into account such factors as estimation procedure should take into account such factors as
congestion, which may result in a decreased volume of carried congestion, which may result in a decreased volume of carried
traffic. In addition, congestion may lead to user behavior such traffic. In addition, congestion may lead to user behavior such
as reattempt or abandonment, which may affect the actual traffic as reattempt or abandonment, which may affect the actual traffic
offered. (2) To reduce uncertainty in traffic estimation, second- offered. (2) To reduce uncertainty in traffic estimation, second-
order measures may need to be developed. Beyond the use of order measures may need to be developed. Beyond the use of
variance as in current practice, further study is needed for the variance as in current practice, further study is needed for the
feasibility of other second-order techniques. (3) Measurement of feasibility of other second-order techniques. (3) Measurement of
traffic volumes over interconnecting links at border routers can traffic volumes over interconnecting links at border routers can
be used to estimate the traffic exchange between peers for be used to estimate the traffic exchange between peers for
contract verification. contract verification.
. Average holding time (e.g., flow duration or lifetime, duration of . Average holding time (e.g., flow duration or lifetime, duration of
an MPLS path), on a per service class basis an MPLS path), on a per service class basis
Note: (1) When MPLS traffic engineering is used, this is similar Note: (1) When MPLS TE is used, this is similar to call holding
to call holding time in telecommunications networks. Call time in telecommunications networks. Call attempts, usage, and
attempts, usage, and call holding time are three busy-hour call holding time are three busy-hour entities that should be
entities that should be independently measured for both call- independently measured for both call-dependent and load-dependent
dependent and load-dependent engineering. This is important engineering. This is important especially when the call busy hour
especially when the call busy hour and the load busy hour during a and the load busy hour during a day are non-coincident, due to the
day are non-coincident, due to the hour-to-hour variation of call hour-to-hour variation of call holding times. (2) The holding
holding times. (2) The holding time statistics of long-living time statistics of long-living static paths reflect the effect of
static paths reflect the effect of network equipment failures, network equipment failures, link outages, or scheduled
link outages, or scheduled maintenance, and hence may be used to maintenance, and hence may be used to derive information about up-
derive information about up-time or service availability. (3) It time or service availability. (3) It is desirable to be able to
is desirable to be able to gather, by passive means, the up-time gather, by passive means, the up-time durations for each pair of
durations for each pair of label bindings in the label-forwarding label bindings in the label-forwarding information base for labels
information base for labels distributed by different protocols distributed by different protocols (such as LDP, RSVP-TE, MP-BGP,
(such as LDP, RSVP-TE, MP-BGP, or BGP). Then, the derivation of or BGP). Then, the derivation of LSP average holding time does
LSP average holding time does not need to be finely correlated not need to be finely correlated with network events such as
with network events such as link/node failures. link/node failures. (Note that routers measure only the holding
times, with their averages being typically computed offline.)
. Available bandwidth of a link or path - useful for load balancing, . Available bandwidth of a link or path - useful for load balancing,
measurement-based admission control to determine the feasibility measurement-based admission control to determine the feasibility
of creating a new MPLS tunnel (real-time information can be used of creating a new MPLS tunnel (real-time information can be used
for dynamic establishment) for dynamic establishment)
For more information on available bandwidth see [38].
. Throughput (in bits per second, bytes per second, or packets per . Throughput (in bits per second, bytes per second, or packets per
second) second)
Note: (1) This is the rate at which a given amount of traffic Note: (1) This is the rate at which a given amount of traffic
excluding lost, misdelivered, or errored packets, that passes excluding lost, misdelivered, or errored packets, that passes
between a set of end points, where end points can be logically or between a set of end points, where end points can be logically or
physically defined. The condition of the network, e.g., normal or physically defined. The condition of the network, e.g., normal or
high load, under which the measurement is taken should be noted. high load, under which the measurement is taken should be noted.
(2) The protocol level at which a throughput measurement is taken (2) The protocol level at which a throughput measurement is taken
must be specified, as the packet payload and packet overheads are must be specified, as the packet payload and packet overheads are
skipping to change at page 15, line 48 skipping to change at page 18, line 26
former is a result of user violation of service contract and the former is a result of user violation of service contract and the
network operator should not be penalized for it. The latter, network operator should not be penalized for it. The latter,
whether intentional or unintentional, is caused by network whether intentional or unintentional, is caused by network
conditions such as buffer overflow, router forwarding process conditions such as buffer overflow, router forwarding process
busy, and may not be the user's fault. When policing is done by a busy, and may not be the user's fault. When policing is done by a
network, measurement of non-conforming packets at the edge network, measurement of non-conforming packets at the edge
provides an indication on the extent to which the network is provides an indication on the extent to which the network is
carrying this type of packets (which can potentially be dropped if carrying this type of packets (which can potentially be dropped if
network gets congested). Loss due to congestion of any packets, network gets congested). Loss due to congestion of any packets,
including loss of non-conforming packets, is a useful measure in including loss of non-conforming packets, is a useful measure in
traffic engineering to account for resource management. (3) Long- TE to account for resource management. (3) Long-term averages can
term averages can be measured by the I.380/Y.1540 IP packet loss be measured by the I.380/Y.1540 IP packet loss ratio or by the
ratio or by the IPPM Poisson sampling of one-way loss. However, IPPM Poisson sampling of one-way loss. However, during the
during the convergence times associated with routing updating, the convergence times associated with routing updating, the loss may
loss may be high enough as to cause service unavailability. This be high enough as to cause service unavailability. This effect
effect needs to be captured and statistics such as loss patterns, needs to be captured and statistics such as loss patterns, burst
burst loss, or severe loss ratio may be useful. loss, or severe loss ratio may be useful.
. Resource usage, such as link/router utilization, buffer occupancy . Resource usage, such as link/router utilization, buffer occupancy
(e.g., fraction of arriving packets finding the buffer above a (e.g., fraction of arriving packets finding the buffer above a
given set of thresholds) given set of thresholds)
Note: (1) Depending on the architecture of a router, router Note: (1) Depending on the architecture of a router, router
utilization measurements may include processor and memory (e.g., utilization measurements may include processor and memory (e.g.,
forwarding tables) utilization for each of the line cards and/or forwarding tables) utilization for each of the line cards and/or
the central unit. (2) Trigger points may be set when resource the central unit. (2) Trigger points may be set when resource
usage consistently exceeds a certain threshold. usage consistently exceeds a certain threshold.
9.2 Entities related to establishment of connection or path B.2 Entities related to establishment of connection or path
Where connection admission control is used, a measurement entity for Where connection admission control is used, a measurement entity for
monitoring network performance may be the proportion of connections monitoring network performance may be the proportion of connections
denied admission. Also, it may be useful to score the requested denied admission. Also, it may be useful to score the requested
bandwidth within the traffic parameters for the setup request. bandwidth within the traffic parameters for the setup request.
Corresponding to the number of call attempts (i.e., peg count) in Corresponding to the number of call attempts (i.e., peg count) in
telecommunications networks, the number of connection requests, the telecommunications networks, the number of connection requests, the
number of flows, etc., may be measured in given read-out periods to number of flows, etc., may be measured in given read-out periods to
characterize the traffic. characterize the traffic.
To characterize paths for MPLS traffic engineering, the following APPENDIX C
measurement entities may possibly be defined: path setup delay, path
setup error probability, path setup denial (blocking) probability,
path release delay, path disconnect probability, path restoration
time. However, note that path establishment may be dependent on
routing and signaling protocols, in particular, whether preemption
or fast-reroute restoration capability is used or not. Hence,
further investigation is needed to determine if and how these
measurement entities are to be defined.
10. Measurement Types
A measurement matrix can be defined wherein each column represents a
measurement basis and each row represents a measurement entity. An
entry in this measurement matrix, corresponding to a meaningful and
measurable combination of an entity and a basis, defines a
particular measurement type. For each measurement type, there
should be a set of measurement points specified to bound the network
segment for the purposes of taking measurement. A measurement point
may be the physical boundary between a node and an adjacent link, or
the logical interface between two protocol layers in a protocol
stack.
10.1 Measurement types related to traffic or performance
The following measurement matrix illustrates some of the measurement
types related to traffic or performance. Potentially, there can be
one such matrix for each service class. Since this table is for
illustration purposes, it is not necessary for a service provider to
implement all the measurement types below.
Bases: Flow Interface, Node Pair Path
Node
Entities: (passive) (passive) (both) (both)
Traffic Volume x(1) x x(3) x(3)
Avg. Hold. Time x x(3)
Avail. Bandwidth x x(3)
Throughput x(4) x(4)
Delay x(2) x(4) x(4)
Delay Variation x(2) x(4) x(4)
Packet Loss x x(5) x(5)
Notes:
(1) This measurement type can be used to derive flow size
statistics.
(2) These are 1-point measurements. For a discussion on 1-point
packet delay variation, see [11], Appendix II.
(3) As a starting point, statistics collected by passive measurement
through the MIBs useful for traffic engineering [21, 22, 23] may be
used.
(4) Active measurements based on IPPM metrics are currently in use
for node-pairs; they may be developed for paths.
(5) Besides active measurements based on IPPM, path loss may
possibly be inferred from the difference between ingress and egress
traffic statistics at the two endpoints of a path. However, such
inference for the cumulative losses between a given node pair over
multiple routes may be less useful, since different routes may have
different loss characteristics.
10.2 Measurement types related to resource usage
Another measurement matrix can be constructed for resource
consumption. This leads to a set of measurement types comprising
the different usage, one for each network resource object such as
router (processor and memory), link, and buffer, by different
classes of traffic:
. control (e.g., routing control) traffic
. signaling traffic
. user traffic from different service classes
Bases: Node Link Buffer
Entities:
Control Util. x x x
Signaling Util. x x x
Service Class Util. x x x
The amount of control and signaling traffic carried by a network is
a function of many factors. To name a few, they include the size
and topology of the network, the control and signaling protocols
used, the amount of user traffic carried, the number of failure
events, etc. Also, flooding of link-state advertisement (LSA)
messages in Interior Gateway Protocols (IGP, such as OSPF or IS-IS)
may cause significant routing control traffic during events such as
an LSA storm as a result of failures due to fiber cuts or failed
power supply. The above utilization measurements for control and
signaling traffic are intended to help develop guidelines for the
proper dimensioning and apportionment of network resources so that a
given level of user traffic can be adequately supported. As the
primary focus here is on user traffic measurements, the additional
needs and properties of control and signaling traffic measurements
are beyond the scope of this document.
11. Traffic Matrix Statistics
An important set of data for traffic engineering is point-to-point
or point-to-multipoint demands. This data may be of significant use
in the provisioning of traffic-engineered intra-domain paths and
external peering in the existing network, as well as planning for
the placement and sizing of new links, routers, or peers.
In current practice, estimates for traffic demands are usually
determined from a combination of traffic projections, customer
prescriptions, and service level agreements. Under existing mode of
operation, it is not easy to obtain network-wide traffic demands
from the local interface measurements taken by different IP routers.
As explained in [24, 25], information from diverse network
measurements and various configuration files are needed to infer the
traffic volume. Besides raw measurement data, additional
information such as topological data and router configuration data
are required to obtain a network view. Furthermore, destination-
based IP routing and forwarding provides a network operator with
primitive and limited control over the routing of traffic flows.
This necessitates the association of a time sequence of forwarding
tables from different routers to reconstruct the different routes
used by the network over time. By using this auxiliary information,
together with flow-based measurements, the above-cited references
describe how to determine the traffic volume from an ingress link to
a set of egress links by validating and joining various data sets
together.
As described in Section 8.3, some shortcomings in today's method to
derive traffic matrix statistics as above include the volume of data
from flow-based measurement, the lack of sufficient routing control
information, and the need to correlate data from a variety of
sources. The routing control offered by MPLS can be used to avoid
some of these deficiencies. To take advantage of this capability,
path-based passive measurement should be developed. Furthermore, as
explained in Section 8.4 (Path-based Measurement Bases), by
aggregating the appropriate set of path-based traffic data, the
corresponding node-pair-based traffic data can be obtained. This
will facilitate the derivation of traffic matrix statistics,
possibly on a per service class basis. Note that in the case of
hop-by-hop routed label-switched paths that are established by Label
Distribution Protocol (LDP) signaling, there is no explicit binding
between path end points. This will result in the use of different
label bindings at both the ingress and egress nodes over time as
network topology changes. Although the forwarding equivalence class
(FEC) to label binding information already exists in the MPLS FTN
and LSR MIBs [26, 21], a mechanism is needed to keep track of
binding changes. An example of such a mechanism may be the periodic
exchange of FEC to label binding information for each ingress-egress
pair.
Besides traffic engineering, a major application of MPLS is the
support of network-based virtual private networks (VPNs). A VPN can
be an enterprise network or a carrier's carrier network. It is not
the purpose of this document to discuss VPNs. However, it is
relevant to highlight the use of traffic measurements to maintain
proper engineering and performance of MPLS tunnels in the support of
VPNs between VPN sites. This would include also the support for
MPLS-based pseudo-wire connections as developed by the PWE3 Working
Group [27]. For example, path-based measurement by a network
operator on behalf of the VPN customers facilitates the estimation
of the traffic offered by these VPNs.
12. Performance Monitoring
General aspects of measurements required to support the operation,
administration, and maintenance of a network are outside the scope
of this document (see [28, 29, 30] for a discussion of MPLS OAM).
The focus of the measurements here is only on operations related to
traffic engineering and network performance management.
A major component of performance management is performance
monitoring, i.e., continuous real-time monitoring of the quality or
health of the network and its various elements to ensure a
sustained, uninterrupted delivery of quality service. This requires
the use of measurement, either passively or actively, to collect
information about the operational state of the network and to track
its performance. For a discussion of passive monitoring and the use
of synthetic traffic sources in active probing, see [31]. Alarms
may be generated when the state of a network element exceeds
prescribed thresholds.
Performance degradation can occur as a result of routing
instability, congestion, or failure of network components. Periods
of congestion may be detected when the resource usage of a network
segment consistently exceeds a certain threshold, or when the cross-
router delay is unexpectedly high. Unexpected excessive loss of
packets or throughput drops may be used as a means of fault
detection, and may result in restoration activities.
Internet utilities such as ping and traceroute have been useful to C. Packet Sampling and Estimation
help diagnose network problems and performance debugging. Utilities
with similar functions would be essential for path-oriented
operations like in MPLS. This would include the capability to list,
at any time, (1) for a given path, all the nodes traversed by it,
and (2) for a given node, all the paths originating from it,
transiting through it, and/or terminating on it. A proposal for
path tracing is described in [32]. A proposal to establish basic
MPLS data plane liveness is described in [33].
13. Packet Sampling C.1 Packet Sampling
A wide spectrum of operational applications can be built on traffic A wide spectrum of operational applications can be built on traffic
measurement. However, different applications usually require measurement. However, different applications usually require
traffic measurements at different levels of temporal and spatial traffic measurements at different levels of temporal and spatial
granularity. To achieve an effective tradeoff between granularity. To achieve an effective tradeoff between
implementation complexity and the range of operational tasks to be implementation complexity and the range of operational tasks to be
enabled, a passive measurement framework based on packet sampling is enabled, a passive measurement framework based on packet sampling is
proposed in [34]. proposed in [39].
The use of packet sampling has two motivations. First, the enormous The use of packet sampling has two motivations. First, the enormous
volumes of traffic require that some form of data reduction to be volumes of traffic require that some form of data reduction to be
used. Second, simple data reduction by aggregation at the used. Second, simple data reduction by aggregation at the
measurement point will not provide sufficiently detailed views for measurement point will not provide sufficiently detailed views for
all network management applications or exploratory studies. For all network management applications or exploratory studies. For
this reason, packet sampling is proposed as a means to reduce data this reason, packet sampling is proposed as a means to reduce data
volume while still retaining representative detail. volume while still retaining representative detail.
The primary aim of the proposal [34] is to define a minimal set of The primary aim of the proposal [39] is to define a minimal set of
primitive packet selection operations out of which all sampling primitive packet selection operations out of which all sampling
operations that are necessary to support measurement-based operations that are necessary to support measurement-based
applications can be composed. Operations currently under applications can be composed. Operations currently under
consideration include filtering and statistical sampling, and also consideration include filtering and statistical sampling, and also
hash-based packet selection, a method that can be used to support hash-based packet selection, a method that can be used to support
the determination of spatial traffic flows across a domain [35]. the determination of spatial traffic flows across a domain [40].
Whichever method is used, the interpretation of the stream of Whichever method is used, the interpretation of the stream of
measurements arising from sampled packets must be both transparent measurements arising from sampled packets must be both transparent
and standard. Other goals are to specify a means to format and and standard. Other goals are to specify a means to format and
export measurements, and a means to manage the configuration of the export measurements, and a means to manage the configuration of the
sampling and export operations. sampling and export operations.
The proposal positions these functions to provide a basic packet The proposal positions these functions to provide a basic packet
sampled measurement service to higher level "consumers." A typical sampled measurement service to higher level "consumers." A typical
consumer is a network management application that sits behind a consumer is a network management application that sits behind a
remote measurement collector. Such measurements can support remote measurement collector. Such measurements can support
applications for a number of tasks: troubleshooting, demand applications for a number of tasks: troubleshooting, demand
characterization, scenario evaluation and what-ifs. Another type of characterization, scenario evaluation and what-ifs. Another type of
consumer is a higher level on-router measurement application. One consumer is a higher level on-router measurement application. One
potential class of examples is composite measurements (e.g., inter- potential class of examples is composite measurements (e.g., inter-
packet delay statistics) formed from a number of individual packet packet delay statistics) formed from a number of individual packet
measurements. Another class is network security applications, e.g., measurements. Another class is network security applications, e.g.,
IP traceback [36]. For some applications, the ability to have low IP traceback [41]. For some applications, the ability to have low
latency between packet measurement and reporting will be latency between packet measurement and reporting will be
particularly useful. particularly useful.
14. Statistical Estimation and Information Modeling C.2 Sampling Issues
This section deals with engineering methods in statistical The concept of read-out periods applies to both active and passive
estimation, as well as the need for an information model and measurements. This concept is consistent with the sampling issues
associated repository schema for the measurements. for a series of measurements as developed in [2], for example. See
sections 10 and 11 of that document for important distinctions
between "singletons, samples, and statistics." The procedure of
Poisson sampling, for example, may be used within a read-out period
to select a subset of total packet events that are chosen as the
sample. Then a statistic (e.g., mean or variance) can be computed
over that sample and associated with the read-out period. Although
[2] does not discuss traffic volume measures such as a traffic
matrix, the same sampling issues arise for the traffic matrix and
other passive measurements.
14.1 Engineering methods for statistical estimation of measures C.3 Engineering methods for statistical estimation of measures
The use of the well-established methods of optimal estimation [37, The use of the well-established methods of optimal estimation [42,
38, 39, 40] to obtain estimates of the measures for TE is 43, 44, 45] to obtain estimates of the measures for TE is
recommended. This draws upon several facts: recommended. This draws upon several facts:
. Internet traffic is inherently band-limited, but non-stationary; . Internet traffic is inherently band-limited, but non-stationary;
. Internet traffic may be heavy-tailed and possess strong short-term . Internet traffic may be heavy-tailed and possess strong short-term
correlations; correlations;
. A stationary, band-limited process can be approximated arbitrarily . A stationary, band-limited process can be approximated arbitrarily
closely by optimal estimation methods based on a finite number of closely by optimal estimation methods based on a finite number of
past samples. past samples.
Standard procedures for de-trending the raw data to provide "trend + Standard procedures for de-trending the raw data to provide "trend +
skipping to change at page 21, line 35 skipping to change at page 20, line 42
estimates of the measures defined herein. As the original raw estimates of the measures defined herein. As the original raw
process may be any of the measurements discussed in this document, process may be any of the measurements discussed in this document,
the above procedure may be applied without loss of generality to the above procedure may be applied without loss of generality to
measures of delay, loss, or complex measures of network state such as measures of delay, loss, or complex measures of network state such as
path characteristics, etc. path characteristics, etc.
In addition, these methods need to be applied across multiple time- In addition, these methods need to be applied across multiple time-
scales, so that TE applications can work with measures related to: scales, so that TE applications can work with measures related to:
. long-term trends over days, weeks, and months; . long-term trends over days, weeks, and months;
. busy-hour characterizations; and . busy-hour characterizations; and
. statistics and correlation properties on the order of seconds [41]. . statistics and correlation properties on the order of seconds [46].
The above estimation procedures apply equally to traffic workload, The above estimation procedures apply equally to traffic workload,
traffic performance, or other estimates of network state, such as the traffic performance, or other estimates of network state, such as the
state of routes. state of routes.
14.2 TE Measure Information Modeling APPENDIX D
An information model is valuable for organizing data generated D. Read-Out Periods
through the estimation process. Measures must be associated with a
large, and sometimes complicated set of attributes (e.g., as simple
as an IP address of a measurement point, or as complex as the path of
a round-trip measurement). Information models exist that richly
describe network elements and their configuration [42]. These models
have been extended to include policy mechanisms [43]. Specifications
for flows have been developed for network resource allocation
purposes [44]. No centralized information model exists that can
completely describe many of the TE measures defined herein.
Therefore, necessary integrating information models that make maximal
reuse of pre-existing work may need to be developed for TE measures.
As a brief example of the limitations of existing information models, A measurement infrastructure must be able to scale with the size and
consider RFC 1363 [44] as a model for a traffic flow. It can be the speed of a network as it evolves. Hence, it is important to
described as collection of attributes defining traffic offered load, minimize the amount of data to be collected, and to condense the
performance to be delivered (a goal), and the assurance level (risk) collected data by periodic summarization over read-out periods.
associated with the actual performance obtained. The traffic offered
load is specified via an envelope described by a token bucket concept
(token bucket rate, bucket size) and a maximum transmission rate.
This model, while clearly intended for description of what a network D.1 Data Reduction
will tolerate of a flow, could also be used to describe a flow in a
TE measure sense, e.g., "a flow that lives within the token rate x
and size y with probability 0.999." Note that a probability
statement must be added to complete the characterization. This type
of specification is known as (sigma, rho) in the literature. Also,
note that adopting such an information model for flows lacks any
flexibility to specify time scale, or more detailed second-order
statistics.
Similar limitations exist with respect to delivered performance Techniques to manage large volumes of measured data are needed to
specification in RFC1363, and the text of the RFC is quick to point prevent network performance from being adversely affected by the
out, for example, that the "loss model is crude." For these reasons, unnecessarily excessive loading of router control processors, router
and others, an appropriate information model is needed for TE memories, transmission facilities, and the administrative support
measures that can support uniformity of data definition in subsequent systems.
TE applications.
Several approaches and options for repository technology are now For example, offline bulk file transfer may be used as a method to
broadly discussed. Relationships between TE measure information manage large volumes of measured traffic data. Bulk transfer from
models on other information models (e.g., the COPS Policy Information routers to collection devices can help reduce the packet processing
Base, PIB) that drive network outcomes are of particular importance. overhead experienced by using other management interfaces. Also,
For an example of a PIB, see [45]. data correlation or filtering rules may be set up to suppress
redundant data, or to aggregate flows into suitable classes with the
corresponding aggregation of statistics. These types of data
reduction may be used as an appropriate or acceptable means for
pruning down the overall volume of traffic data that a TE system may
ultimately have to store, maintain, and process.
Linkages may need to be considered between policy mechanisms and TE D.2 Measurement Interval
measures. This is useful because, while policy-driven networking is
well-developed between the policy repositories, policy decision
points and policy enforcement points, policy content is very likely
the output of TE applications [46]. Since TE applications are
dependent upon TE measures, it is advantageous to provide
traceability between the measures and the engineering changes made as
a consequence of them. An example of a client application that might
be driven by TE measures through a PIB is found in [47, 48].
Measures (represented by their estimates) should be centrally stored A measurement interval is the time interval over which measurements
and collected in a logical sense. This does not preclude distributed are taken. Some traffic data must be collected continuously, while
storage for purposes of volume management or security/survivability, others by sampling, or on a scheduled basis. For example, peak
but alludes to the need for a consistent retrieval mechanism (e.g., loads and peak periods can be identified only by continuous
NFS). Two methods are: (1) extend MIBs with new definitions for TE measurement as traffic typically fluctuates irregularly during the
measure estimates, and (2) create data depositories through more whole day. If traffic variations are regular and predictable, it
centralized facilities, such as PIB repositories that can be accessed may be possible to measure the expected normal load on pre-
via LDAP (see [45]). Both methods have merits as collection determined portions of the day. Such duration of peak traffic is
processes for TE measures, and are simple examples spanning a wide referred to as a busy period. Special studies on selected segments
spectrum of solutions. These two methods are discussed here for of the network may be conducted on a scheduled basis. Occasionally
expository purposes, not to exclude other solutions. unexpected events or other decision support needs may arise that
require ad-hoc, unscheduled measurement, with the involvement of the
network operator, and in such a case measurements may be activated
manually. For instance, active throughput measurement may be used
to identify alternate routes for spreading traffic to avoid future
periods of network congestion, based on observations of current
local congestion events.
Using MIBs allows well-established SNMP protocol and related D.3 Summarization
applications to retrieve data from the network elements being
measured. This is inherently "vendor-neutral," allowing commonly
defined TE measurements to be stored for retrieval in a common MIB
definition, regardless of network element vendor, technology or other
differences. Measurements from individual network elements
(interfaces, routers, etc.) can be obtained "locally," if measures
from a single network element are sufficient for a given TE
application. However, if a network-wide view of the measurements is
desired, the drawback of a MIB-based approach is that the data must
be retrieved from each element over the network. As experience
attests, this approach sometimes generates significant SNMP traffic,
and during periods of high congestion (when measurements may be quite
important) SNMP may not reliably fetch the measurement data. Finally,
a MIB-based approach may be difficult to implement for various two-
point measurements, such as end-to-end, or round-trip delay and delay
variation. Such measurements are not related to a single network
element, and somewhat heuristic practices (e.g., storing end-to-end
delay measurements in MIBs located on source address elements, etc.)
are required.
An LDAP repository approach centralizes the data storage. This has A measurement interval consists of a sequence of consecutive read-
the advantage that TE applications (such as offline and online TE, or out periods. Summarization is usually done by integrating the raw
measurement-based admission control) can be performed, and policy data over a pre-specified read-out period. The granularity of this
database content can be updated without invasive retrieval of data period must be suitably chosen. It should be short enough to
from network-wide MIBs. Further, traceability can be established capture, with acceptable accuracy, the bursty nature of the traffic,
between the TE measurements in an LDAP repository, and the associated i.e., the traffic variations and peaks. Since measurements
policy content derived from them. represent a load for the router (if third-party measurement devices
are not employed), the read-out period should not be so short that
router performance is degraded while a voluminous quantity of data
is produced. Also, read-out may be started when the measured data
exceeds a preset threshold, or when the space allocated for
temporarily holding the data in a router is exhausted.
It is possible that both the MIB-based and LDAP-based (or another For a multi-service IP network, each service typically has its own
approach altogether) should be considered jointly. traffic characteristics and performance objectives. To ensure that
CoS-specific features are reflected in the measurement process,
different read-out periods may be needed for different classes of
service.
Although this document focuses on the motivation for providing APPENDIX E
traffic measurement information, it is assumed that this information
should be provided to the participating devices by means of a
communication protocol that would be used between the aforementioned
participating devices and a presumably centralized entity that would
aim at storing, maintaining and updating this information, as well
as making appropriate decisions at the right time and under various
conditions.
This communication protocol should have the following E. Time Scales for Network Operations
characteristics:
1. The protocol should make use of a reliable transport mode, given The information collected by traffic measurement can be provided to
the importance of configuration information. the end user or application either in real time, or for record
2. The protocol architecture should provide a means for dynamically (i.e., data retention) in non-real time, depending on the activities
provisioning the configuration information to the participating to be performed and the network actions to be taken. Traffic
devices, so that it may introduce/contribute to a high level of control will generally require real-time information. For network
automation in the actual traffic measurement operation. planning and capacity management as described below, information may
3. The protocol should support a reporting mechanism that may be be provided in non-real time after the processing of raw data.
used for statistical information retrieval.
4. The protocol should support the appropriate security mechanisms Broadly speaking, the following three time scales can be classified,
to provide some guarantees as far as the preservation of the according to the use of observed traffic information for network
confidentiality of the configuration information is concerned. operations [14].
15. Conclusions and Recommendations Network planning
Information that changes on the order of months is used to make
traffic forecasts as a basis for network extensions and long-term
network configuration. That is, for planning the topology of the
network, planning alternative routes to survive failures or
determining where capacity must be augmented in advance of projected
traffic growth. Long-term planning includes the selection and
timing of the introduction of new architectures, technologies and
vendors, in alignment with financial forecasts and market
assessments.
This document is intended as a framework for traffic metrics needed Capacity management
for successful TE. Principles of best practice in traffic Intermediate-scale (e.g., six months or less) capacity planning
characterization and performance characterization are described. deals with detailed implementation of the build plan, short-lead-
For interoperable compatibility, basic areas of traffic measurement time activities and out-of-plan events. It typically uses a
recommended for standardization include: rolling-month forecast of traffic and demand. Information that
changes on the order of days or hours is used to manage the deployed
facilities, by taking appropriate maintenance or engineering actions
to optimize utilization. For example, new MPLS paths may be set up
or existing paths modified while meeting service level agreements.
Also, load balancing may be performed, or traffic may be rerouted
for re-optimization after a failure.
(1) Specific TE measurements Real-time network control
Information that changes on the order of minutes or less is used to
adapt to the current network conditions in near real time. Thus, to
combat localized congestion, traffic management actions may perform
temporary rerouting to redistribute the load. Upon detecting a
failure, traffic may be diverted to pre-established, secondary
routes until more optimized routes can be arranged.
. Use of node-pair-based traffic data to derive per-service-class APPENDIX F
traffic matrix statistics
. Statistics of carried load versus performance
. A standardized mechanism to detect and record label binding
changes for LDP-signaled label-switched paths, to facilitate the
collection of node-pair-based traffic data
(2) Traffic data collection methods F. Use of Traffic Measurement for Traffic control
. Need for uniform measurement definitions across vendors and Destination-based per-hop IP routing and forwarding provides a
operators network operator with primitive and limited control over the routing
. Distinction between traffic offered load versus achieved of traffic flows. The routing control offered by MPLS can be used
throughput to avoid some of the deficiencies of IP routing. In this context, a
. Need for higher-order statistics for service assurance primary use of traffic measurement is to engineer the use of label-
. Need for packet-sampled measurements that preserve representative switched paths to achieve service goals for the network.
traffic detail at manageable sample volumes
. Need for offline bulk file transfer and standardized Examples of traffic control are:
filtering/aggregation mechanisms to manage large volumes of . Adaptively optimizing network performance in response to network
measured traffic data events, e.g., rerouting to work around congestion or failures.
. Providing a feedback mechanism in the reverse flow messaging of
RSVP-TE [47] or CR-LDP [48] signaling in MPLS to report on actual
topology state information such as link bandwidth availability.
(An example of such a feedback mechanism is described in [49];
however, care should be exercised to ensure network stability and
consistency for any mechanism that makes direct operational use of
measurement.)
. Support of measurement-based admission control, adaptive resource
management, or other techniques, e.g., by predicting the future
demands of the aggregate of existing flows so that admission
decisions can be made on new flows.
An example of TE measurements used to enable a traffic control
mechanism is to configure policing mechanisms in response to traffic
load and performance measurements. A network operator could
selectively throttle low-priority flows to improve near-real-time
performance of higher-priority flows, and maintain tighter QoS
envelopes. Another example would be to use measurement results for
feedback into IGP routing decisions, e.g., for adjusting the link
weights based on them.
16. Security Considerations 16. Security Considerations
The principles and concepts related to Internet traffic measurement The principles and concepts related to Internet traffic measurement
as discussed in this document do not by themselves affect the as discussed in this document do not by themselves affect the
security of the Internet. However, it is assumed that any security of the Internet. However, it is assumed that any
measurement systems that are developed or deployed by a service measurement systems that are developed or deployed by a service
provider are responsible for providing sufficient data integrity provider are responsible for providing sufficient data integrity
(e.g., to prevent forgery of measurement records) and (e.g., to prevent forgery of measurement records) and
confidentiality (e.g., by restricting attention only to the packet confidentiality (e.g., by restricting attention only to the packet
skipping to change at page 24, line 55 skipping to change at page 24, line 4
provider are responsible for providing sufficient data integrity provider are responsible for providing sufficient data integrity
(e.g., to prevent forgery of measurement records) and (e.g., to prevent forgery of measurement records) and
confidentiality (e.g., by restricting attention only to the packet confidentiality (e.g., by restricting attention only to the packet
headers of interest). It is also assumed that a service provider headers of interest). It is also assumed that a service provider
will take proper precautions to ensure that access to its will take proper precautions to ensure that access to its
measurement systems and all associated data is secure by using measurement systems and all associated data is secure by using
appropriate authentication techniques. Methods to achieve these appropriate authentication techniques. Methods to achieve these
security considerations are not addressed in this document. security considerations are not addressed in this document.
17. References 17. References
Normative References Normative References
References 1, 2, and 13 below are considered normative.
References 1, 2, and 34 below are considered normative.
Informative References Informative References
1 D.O. Awduche, A. Chiu, A. Elwalid, I. Widjaja, and X. Xiao, 1 D.O. Awduche, A. Chiu, A. Elwalid, I. Widjaja, and X. Xiao,
"Overview and Principles of Internet Traffic Engineering," RFC "Overview and Principles of Internet Traffic Engineering," RFC
3272, May 2002. 3272, May 2002.
2 V. Paxson, G. Almes, J. Mahdavi, and M. Mathis, "Framework for IP 2 V. Paxson, G. Almes, J. Mahdavi, and M. Mathis, "Framework for IP
Performance Metrics," RFC 2330, May 1998. Performance Metrics," RFC 2330, May 1998.
3 J. Mahdavi and V. Paxson, "IPPM Metrics for Measuring 3 J. Mahdavi and V. Paxson, "IPPM Metrics for Measuring
Connectivity," RFC 2678, September 1999. Connectivity," RFC 2678, September 1999.
skipping to change at page 25, line 29 skipping to change at page 24, line 31
6 G. Almes, S. Kalidindi, and M. Zekauskas, "A Round-trip Delay 6 G. Almes, S. Kalidindi, and M. Zekauskas, "A Round-trip Delay
Metric for IPPM," RFC 2681, September 1999. Metric for IPPM," RFC 2681, September 1999.
7 M. Mathis and M. Allman, "A Framework for Defining Empirical Bulk 7 M. Mathis and M. Allman, "A Framework for Defining Empirical Bulk
Transfer Capacity Metrics," RFC 3148, July 2001. Transfer Capacity Metrics," RFC 3148, July 2001.
8 R. Koodli and R. Ravikanth, "One-way Loss Pattern Sample 8 R. Koodli and R. Ravikanth, "One-way Loss Pattern Sample
Metrics," RFC 3357, August 2002. Metrics," RFC 3357, August 2002.
9 C. Demichelis and P. Chimento, "IP Packet Delay Variation Metric 9 C. Demichelis and P. Chimento, "IP Packet Delay Variation Metric
for IP Performance Metrics (IPPM)," RFC 3393, November 2002. for IP Performance Metrics (IPPM)," RFC 3393, November 2002.
10 V. Raisanen, G. Grotefeld, and A. Morton, "Network performance 10 V. Raisanen, G. Grotefeld, and A. Morton, "Network performance
measurement with periodic streams," RFC 3432, November 2002. measurement with periodic streams," RFC 3432, November 2002.
11 ITU-T Recommendation I.380/Y.1540, "Internet Protocol Data 11 H. Uijterwaal and M. Kaeo, "One-way Metric Applicability
Statement," Internet-Draft, Work in Progress, November 2002.
12 ITU-T Recommendation I.380/Y.1540, "Internet Protocol Data
Communication Service -- IP Packet Transfer and Availability Communication Service -- IP Packet Transfer and Availability
Performance Parameters," First Issued February 1999, Revised Performance Parameters," First Issued February 1999, Revised
December 2002. December 2002.
12 ITU-T Recommendation Y.1541, "Network Performance Objectives for 13 ITU-T Recommendation Y.1541, "Network Performance Objectives for
IP-Based Services," May 2002. IP-Based Services," May 2002.
13 E. Rosen, A. Viswanathan, and R. Callon, "Multiprotocol Label 14 G. Ash, "Traffic Engineering & QoS Methods for IP-, ATM-, & TDM-
Switching Architecture," RFC 3031, January 2001.
14 S. Bradner (Editor), "Benchmarking Terminology for Network
Interconnection Devices," RFC 1242, July 1991.
15 G. Ash, "Traffic Engineering & QoS Methods for IP-, ATM-, & TDM-
Based Multiservice Networks," Internet-Draft, Work in Progress, Based Multiservice Networks," Internet-Draft, Work in Progress,
October 2001. October 2001.
16 D. Awduche, L. Berger, D. Gan, T. Li, V. Srinivasan, and G. 15 A. Feldmann, A. Greenberg, C. Lund, N. Reingold, J. Rexford, and
Swallow, "RSVP-TE: Extensions to RSVP for LSP Tunnels," RFC 3209,
December 2001.
17 B. Jamoussi (Editor), "Constraint-Based LSP Setup using LDP," RFC
3212, January 2002.
18 P. Ashwood-Smith, B. Jamoussi, D. Fedyk, and D. Skalecki,
"Improving Topology Data Base Accuracy with Label Switched Path
Feedback in Constraint Based Label Distribution Protocol,"
Internet-Draft, Work in Progress, November 2002.
19 K. Kompella, Y. Rekhter, and L. Berger, "Link Bundling in MPLS
Traffic Engineering," Internet-Draft, Work in Progress, February
2001.
20 W.S. Lai, "Traffic Measurement for Dimensioning and Control of IP
Networks," Internet Performance and Control of Network Systems II
Conference, SPIE Proceedings, Vol. 4523, Denver, Colorado, 21-22
August 2001, pp. 359-367.
21 C. Srinivasan, A. Viswanathan, and T.D. Nadeau, "Multiprotocol
Label Switching (MPLS) Label Switch Router (LSR) Management
Information Base," Internet-Draft, Work in Progress, January
2002.
22 C. Srinivasan, A. Viswanathan, and T.D. Nadeau, "Multiprotocol
Label Switching (MPLS) Traffic Engineering Management Information
Base," Internet-Draft, Work in Progress, January 2002.
23 K. Kompella, "A Traffic Engineering MIB," Internet-Draft, Work in
Progress, September 2002.
24 A. Feldmann, A. Greenberg, C. Lund, N. Reingold, J. Rexford, and
F. True, "Deriving Traffic Demands for Operational IP Networks: F. True, "Deriving Traffic Demands for Operational IP Networks:
Methodology and Experience," Proc. ACM SIGCOMM 2000, Stockholm, Methodology and Experience," Proc. ACM SIGCOMM 2000, Stockholm,
Swedan. Swedan.
25 A. Feldmann, A. Greenberg, C. Lund, N. Reingold, and J. Rexford, 16 A. Feldmann, A. Greenberg, C. Lund, N. Reingold, and J. Rexford,
"NetScope: Traffic Engineering for IP Networks," IEEE Network, "NetScope: Traffic Engineering for IP Networks," IEEE Network,
March/April 2000. March/April 2000.
26 T.D. Nadeau, C. Srinivasan, and A. Viswanathan, "Multiprotocol 17 T.D. Nadeau, M. Morrow, G. Swallow, and D. Allan, " OAM
Label Switching (MPLS) FEC-To-NHLFE (FTN) Management Information Requirements for MPLS Networks," Internet-Draft, Work in
Base," Internet-Draft, Work in Progress, January 2002. Progress.
27 P. Pate, X. Xiao, T. So, A. Malis, T. Nadeau, S. Bryant, C. 18 N. Harrison, P. Willis, S. Davari, E. Cuevas, B. Mack-Crane, E.
White, K. Kompella, and T. Johnson, "Framework for Pseudo Wire
Emulation Edge-to-Edge (PWE3)," Internet-Draft, Work in Progress,
June 2002.
28 N. Harrison, P. Willis, S. Davari, E. Cuevas, B. Mack-Crane, E.
Franze, H. Ohta, T. So, S. Goldfless, and F. Chen, "Requirements Franze, H. Ohta, T. So, S. Goldfless, and F. Chen, "Requirements
for OAM in MPLS Networks," Internet-Draft, Work in Progress, May for OAM in MPLS Networks," Internet-Draft, Work in Progress, May
2001. 2001.
29 ITU-T Draft Recommendation Y.1710, "Requirements for OAM
19 ITU-T Draft Recommendation Y.1710, "Requirements for OAM
Functionality for MPLS Networks," May 2001. Functionality for MPLS Networks," May 2001.
30 ITU-T Draft Recommendation Y.1711, "OAM Mechanisms for MPLS 20 ITU-T Draft Recommendation Y.1711, "OAM Mechanisms for MPLS
Networks," May 2001. Networks," May 2001.
31 R.G. Cole, R. Dietz, C. Kalbfleisch, and D. Romascanu, "A 21 S. Waldbusser, R.G. Cole, C. Kalbfleisch, and D. Romascanu, "An
Framework for Synthetic Sources for Performance Monitoring," Introduction to the RMON Family of MIB Modules," Internet-Draft,
Internet-Draft, Work in Progress, May 2001. Work in Progress, Jan 2003.
32 R. Bonica, K. Kompella, and D. Meyer, "Tracing Requirements for 22 C. Kalbfleisch, R.G. Cole, and D. Romascanu, "Definition of
Managed Objects for Synthetic Sources for Performance Monitoring
Algorithms," Internet-Draft, Work in Progress, Sept 2002.
23 T.D. Nadeau, C. Srinivasan, and A. Viswanathan, "Multiprotocol
Label Switching (MPLS) FEC-To-NHLFE (FTN) Management Information
Base," Internet-Draft, Work in Progress, January 2002.
24 R. Bonica, K. Kompella, and D. Meyer, "Tracing Requirements for
Generic Tunnels," Internet-Draft, Work in Progress, August 2002. Generic Tunnels," Internet-Draft, Work in Progress, August 2002.
33 K. Kompella, P. Pan, N. Sheth, D. Cooper, G. Swallow, S. Wadhwa, 25 K. Kompella, P. Pan, N. Sheth, D. Cooper, G. Swallow, S. Wadhwa,
and R. Bonica, "Detecting MPLS Data Plane Liveness," Internet- and R. Bonica, "Detecting MPLS Data Plane Liveness," Internet-
Draft, Work in Progress, October 2002. Draft, Work in Progress, October 2002.
34 N.G. Duffield (Editor), "A Framework for Passive Packet 26 C. Srinivasan, A. Viswanathan, and T.D. Nadeau, "Multiprotocol
Label Switching (MPLS) Label Switch Router (LSR) Management
Information Base," Internet-Draft, Work in Progress, January
2002.
27 C. Srinivasan, A. Viswanathan, and T.D. Nadeau, "Multiprotocol
Label Switching (MPLS) Traffic Engineering Management Information
Base," Internet-Draft, Work in Progress, January 2002.
28 K. Kompella, "A Traffic Engineering MIB," Internet-Draft, Work in
Progress, September 2002.
29 R. Yavatkar, D. Pendarakis, and R. Guerin, "A Framework for
Policy-based Admission Control," RFC 2753, January 2000.
30 D. Rawlins, A. Kulkarni, M. Bokaemper, and K.H. Chan, "Framework
for Policy Usage Feedback for Common Open Policy Service with
Policy Provisioning (COPS-PR)," Internet-Draft, Work in Progress,
December 2002.
31 C. Jacquenet, "An IP Forwarding Policy Information Base,"
Internet-Draft, Work in Progress, January 2003.
32 C. Jacquenet, "A COPS client-type for IP traffic engineering,"
Internet-Draft, Work in Progress, January 2003.
33 S. Sen and J. Wang, "Analyzing Peer-to-Peer traffic Across Large
Networks," Internnet Measurement Workshop, 2002.
34 E. Rosen, A. Viswanathan, and R. Callon, "Multiprotocol Label
Switching Architecture," RFC 3031, January 2001.
35 S. Bradner (Editor), "Benchmarking Terminology for Network
Interconnection Devices," RFC 1242, July 1991.
36 K. Kompella, Y. Rekhter, and L. Berger, "Link Bundling in MPLS
Traffic Engineering," Internet-Draft, Work in Progress, February
2001.
37 W.S. Lai, "Traffic Measurement for Dimensioning and Control of IP
Networks," Internet Performance and Control of Network Systems II
Conference, SPIE Proceedings, Vol. 4523, Denver, Colorado, 21-22
August 2001, pp. 359-367.
38 M. Jain and C. Dovrolis, "End-to-End Available Bandwidth:
Measurement Methodology, Dynamics, and Relation with TCP
Throughput," Proc. ACM SIGCOMM'2002, August 19-23, 2002,
Pittsburgh, Pennsylvania.
39 N.G. Duffield (Editor), "A Framework for Passive Packet
Measurement," Internet-Draft, Work in Progress, September 2002. Measurement," Internet-Draft, Work in Progress, September 2002.
35 N.G. Duffield and M. Grossglauser, "Trajectory Sampling for 40 N.G. Duffield and M. Grossglauser, "Trajectory Sampling for
Direct Traffic Observation," IEEE/ACM Trans. on Networking, 9(3), Direct Traffic Observation," IEEE/ACM Trans. on Networking, 9(3),
pp. 280-292, June 2001. pp. 280-292, June 2001.
36 C. Partridge, C. Jones, D. Waitzman, and A. Snoeren, "New 41 C. Partridge, C. Jones, D. Waitzman, and A. Snoeren, "New
Protocols to Support Internet Traceback," Internet-Draft, Work in Protocols to Support Internet Traceback," Internet-Draft, Work in
Progress, November 2001. Progress, November 2001.
37 S. Haykin, Ed., "Kalman Filtering and Neural Networks," Wiley 42 S. Haykin, Ed., "Kalman Filtering and Neural Networks," Wiley
Interscience, 2001. Interscience, 2001.
43 A. Papoulis, "Probability, Random Variables and Stochastic
38 A. Papoulis, "Probability, Random Variables and Stochastic
Processes," 3rd Ed., McGraw-Hill, 1991. Processes," 3rd Ed., McGraw-Hill, 1991.
39 A. Gelb, Ed., "Applied Optimal Estimation," MIT Press, 1974. 44 A. Gelb, Ed., "Applied Optimal Estimation," MIT Press, 1974.
40 I. R. Petersen, V. A. Ugrinovskii, A. V. Savkin, "Robust Control 45 I. R. Petersen, V. A. Ugrinovskii, A. V. Savkin, "Robust Control
Design Using H<\infinity> Methods," Springer, 2000. Design Using H<\infinity> Methods," Springer, 2000.
41 V. Bolotin, J. Coombs-Reyes, D. Heyman, Y. Levy, and D. Liu, "IP 46 V. Bolotin, J. Coombs-Reyes, D. Heyman, Y. Levy, and D. Liu, "IP
Traffic Characterization for Planning and Control," Proc. ITC16, Traffic Characterization for Planning and Control," Proc. ITC16,
Edinburgh, Scotland, June 1999. Edinburgh, Scotland, June 1999.
42 Distributed Management Task Force (DMTF) Common Information Model 47 D. Awduche, L. Berger, D. Gan, T. Li, V. Srinivasan, and G.
(CIM), www.dmtf.org Swallow, "RSVP-TE: Extensions to RSVP for LSP Tunnels," RFC 3209,
43 B. Moore, E. Ellesson, and J. Strassner, "Policy Core Information December 2001.
Model -- Version 1 Specification," RFC 3060, February 2001. 48 B. Jamoussi (Editor), "Constraint-Based LSP Setup using LDP," RFC
44 C. Partridge, "A Proposed Flow Specification," RFC 1363, 3212, January 2002.
September 1992. 49 P. Ashwood-Smith, B. Jamoussi, D. Fedyk, and D. Skalecki,
45 R. Yavatkar, D. Pendarakis, and R. Guerin, "A Framework for "Improving Topology Data Base Accuracy with Label Switched Path
Policy-based Admission Control," RFC 2753, January 2000. Feedback in Constraint Based Label Distribution Protocol,"
46 D. Rawlins, A. Kulkarni, M. Bokaemper, and K.H. Chan, "Framework Internet-Draft, Work in Progress, November 2002.
for Policy Usage Feedback for Common Open Policy Service with
Policy Provisioning (COPS-PR)," Internet-Draft, Work in Progress,
December 2002.
47 C. Jacquenet, "An IP Forwarding Policy Information Base,"
Internet-Draft, Work in Progress, January 2003.
48 C. Jacquenet, "A COPS client-type for IP traffic engineering,"
Internet-Draft, Work in Progress, January 2003.
18. Intellectual Property Statement 18. Intellectual Property Statement
AT&T Corp. may own intellectual property applicable to packet AT&T Corp. may own intellectual property applicable to packet
sampling as presented in references [34, 35] and summarized in sampling as presented in references [39, 40] and summarized in
Section 13. AT&T is currently reviewing its licensing intent Appendix C.1. AT&T is currently reviewing its licensing intent
relative to the Intellectual Property and will notify the IETF when relative to the Intellectual Property and will notify the IETF when
AT&T has made a determination of that intent. AT&T has made a determination of that intent.
19. Acknowledgments 19. Acknowledgments
Thanks to the inputs from Gerald Ash, Jim Boyle, Robert Cole, Thanks to the inputs from Gerald Ash, Jim Boyle, Robert Cole,
Enrique Cuevas, Christian Jacquenet, Merike Kaeo, Ed Kern, Spyros Enrique Cuevas, Ruediger Geib, Christian Jacquenet, Merike Kaeo, Ed
Kontogiorgis, Alfred Morton, Thomas Nadeau, Dimitri Papadimitriou, Kern, Spyros Kontogiorgis, Alfred Morton, Thomas Nadeau, Dimitri
Moshe Segal, Jing Shen, Bert Wijnen, Raymond Zhang, and the Tequila Papadimitriou, Moshe Segal, Jing Shen, Bert Wijnen, Raymond Zhang,
project. Special thanks to Blaine Christian for starting this work and the Scampi and Tequila projects. Special thanks to Blaine
and contributing to the initial versions. Nick Duffield provided Christian for starting this work and contributing to the initial
section 13 on packet sampling. versions. Nick Duffield provided Appendix C.1 on packet sampling.
20. Author's Addresses 20. Author's Addresses
Wai Sum Lai Wai Sum Lai
AT&T Labs AT&T Labs
Room D5-3D18 Room D5-3D18
200 Laurel Avenue 200 Laurel Avenue
Middletown, NJ 07748, USA Middletown, NJ 07748, USA
Phone: +1 732-420-3712 Phone: +1 732-420-3712
Email: wlai@att.com Email: wlai@att.com
Richard W. Tibbs Richard W. Tibbs
Oak City Networks & Solutions Oak City Networks & Solutions
304 Harvey St. 304 Harvey St.
Radford, VA 24141, USA Radford, VA 24141, USA
Phone: +1 540 639 2145 Phone: +1 540 639 2145
Email: drtibbs@oakcitysolutions.com Email: drtibbs@oakcitysolutions.com
Steven Van den Berghe Steven Van den Berghe
Ghent University/IMEC Ghent University/IMEC
St. Pietersnieuwsstraat 41 St. Pietersnieuwsstraat 41
skipping to change at page 28, line 15 skipping to change at page 27, line 23
Oak City Networks & Solutions Oak City Networks & Solutions
304 Harvey St. 304 Harvey St.
Radford, VA 24141, USA Radford, VA 24141, USA
Phone: +1 540 639 2145 Phone: +1 540 639 2145
Email: drtibbs@oakcitysolutions.com Email: drtibbs@oakcitysolutions.com
Steven Van den Berghe Steven Van den Berghe
Ghent University/IMEC Ghent University/IMEC
St. Pietersnieuwsstraat 41 St. Pietersnieuwsstraat 41
B-9000 Ghent, Belgium B-9000 Ghent, Belgium
Phone: ++32 9 267 35 86 Phone: ++32 9 264 99 86
E-mail: steven.vandenberghe@intec.rug.ac.be E-mail: steven.vandenberghe@intec.ugent.be
Full Copyright Statement Full Copyright Statement
"Copyright (C) The Internet Society (date). All Rights Reserved. "Copyright (C) The Internet Society (date). All Rights Reserved.
This document and translations of it may be copied and furnished to This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph kind, provided that the above copyright notice and this paragraph
are included on all such copies and derivative works. However, this are included on all such copies and derivative works. However, this
 End of changes. 

This html diff was produced by rfcdiff 1.25, available from http://www.levkowetz.com/ietf/tools/rfcdiff/