<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE rfc [
  <!ENTITY nbsp    "&#160;">
  <!ENTITY zwsp   "&#8203;">
  <!ENTITY bom    "&#65279;">
  <!ENTITY wd     "&#x2011;">
]>
<rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902"
     docName="draft-li-ippm-stamp-ecmp-pm-00"
     category="std" submissionType="IETF" consensus="true" version="3"
     xml:lang="en" tocInclude="true" sortRefs="true" symRefs="true">
  <front>
    <title abbrev="STAMP ECMP-Aware PM">Procedures for ECMP-Aware Performance Measurement with STAMP</title>
    <seriesInfo name="Internet-Draft" value="draft-li-ippm-stamp-ecmp-pm-00"/>

    <author fullname="Zhiqiang Li" initials="Z." surname="Li">
      <organization>China Mobile</organization>
      <address>
        <postal><city>Beijing</city><code>100053</code>
        <country>China</country></postal>
        <email>lizhiqiangyjy@chinamobile.com</email>
      </address>
    </author>
    <author fullname="Zongpeng Du" initials="Z." surname="Du">
      <organization>China Mobile</organization>
      <address>
        <postal><city>Beijing</city><code>100053</code>
        <country>China</country></postal>
        <email>duzongpeng@chinamobile.com</email>
      </address>
    </author>
    <author fullname="Junjie Wang" initials="J." surname="Wang">
      <organization>Centec</organization>
      <address>
        <postal><city>Shanghai</city><code>201203</code>
        <country>China</country></postal>
        <email>wangjj@centec.com</email>
      </address>
    </author>
    <author fullname="Wei Cheng" initials="W." surname="Cheng">
      <organization>Centec</organization>
      <address>
        <postal><city>Shanghai</city><code>201203</code>
        <country>China</country></postal>
        <email>chengw@centec.com</email>
      </address>
    </author>
    <author fullname="Guoying Zhang" initials="G." surname="Zhang">
      <organization>Centec</organization>
      <address>
        <postal><city>Shanghai</city><code>201203</code>
        <country>China</country></postal>
        <email>zhanggy@centec.com</email>
      </address>
    </author>
    <author fullname="Xun Sun" initials="X." surname="Sun">
      <organization>Inesa</organization>
      <address>
        <postal><city>Shanghai</city><code>200030</code>
        <country>China</country></postal>
        <email>sunxun@inesa.com</email>
      </address>
    </author>
    <author fullname="Chunhao Zhao" initials="C." surname="Zhao">
      <organization>SAIA</organization>
      <address>
        <postal><city>Shanghai</city><code>200125</code>
        <country>China</country></postal>
        <email>chunhao.zhao@sh-aia.com</email>
      </address>
    </author>

    <date year="2026" month="July" day="4"/>
    <area>TSV</area>
    <workgroup>IPPM</workgroup>
    <keyword>STAMP</keyword>
    <keyword>ECMP</keyword>
    <keyword>LAG</keyword>
    <keyword>performance measurement</keyword>
    <keyword>flow matching</keyword>
    <abstract>
      <t>This document specifies procedures for configuring Simple Two-Way Active Measurement Protocol (STAMP) sessions so that test packets traverse the same ECMP or LAG forwarding path as a specified production flow. In networks that use hash-based load distribution, the forwarding path depends on a hash over packet header fields. Standard STAMP test packets carry session-specific addresses and ports that differ from production traffic, often selecting a different forwarding path and yielding measurements that do not represent the actual service quality of the production flow. The procedures in this document specify how the Session-Sender populates test packet headers with values matching a designated production flow. The Session-Reflector identifies test packets by validating the STAMP payload structure. No changes to the STAMP packet formats defined in RFC 8762 are required.</t>
    </abstract>
  </front>

  <middle>
<section anchor="introduction" numbered="true" toc="include"><name>Introduction</name>
<t>The Simple Two-Way Active Measurement Protocol (STAMP) <xref target="RFC8762"/> measures network delay, delay variation, and packet loss by exchanging test packets between a Session-Sender and a Session-Reflector. STAMP is the successor to TWAMP <xref target="RFC5357"/> and provides a simplified architecture that separates control and test functions.</t>
<t>In networks that use hash-based Equal-Cost Multi-Path (ECMP) <xref target="RFC2992"/> or Link Aggregation Group (LAG) load distribution, the forwarding path depends on a hash over selected header fields, commonly the IP source and destination addresses and transport-layer port numbers. Standard STAMP test packets use session-specific addresses and port 862, which typically differ from those of production traffic. The hash function may therefore select a different forwarding path for test packets than for the production flow under observation.</t>
<t><xref target="RFC9503"/> defines techniques for probing different ECMP paths by sweeping destination addresses (e.g., within the 127/8 range) or entropy labels. Those techniques discover and measure all available ECMP paths but do not target the specific path of a given production flow. This document specifies procedures for the complementary case: measuring the path that a specific production flow takes by constructing test packets with matching header values.</t>
<section anchor="requirements-language" numbered="true" toc="include"><name>Requirements Language</name>
<t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they appear in all capitals, as shown here.</t>
</section></section>
<section anchor="terminology" numbered="true" toc="include"><name>Terminology</name>
<t>This document uses the STAMP terminology defined in <xref target="RFC8762"/> and <xref target="RFC8972"/>. The following additional terms are defined:</t>
<dl><dt>Reference Flow:</dt><dd>The production traffic flow whose forwarding path is the subject of performance measurement, identified by its header fields (e.g., source and destination IP addresses, IP protocol, source and destination port numbers).</dd>
<dt>Flow-Matching Test Packet:</dt><dd>A STAMP test packet whose network-layer and transport-layer header fields replicate those of the reference flow so that hash-based forwarding selects the same path.</dd></dl>
</section>
<section anchor="scope" numbered="true" toc="include"><name>Scope and Relationship to Existing Specifications</name>
<t>This document defines operational procedures for STAMP <xref target="RFC8762"/> sessions. It does not modify STAMP packet formats, state machines, or protocol exchanges. <xref target="RFC8972"/> defines optional STAMP TLV extensions. Flow-matching test packets are fully compatible with these extensions; in particular, the SSID TLV can aid test packet identification. <xref target="RFC9503"/> defines STAMP procedures for Segment Routing networks, including ECMP path sweeping. This document specifies procedures for measuring the path of a specific production flow, which is a distinct use case. The procedures also apply to TWAMP Light <xref target="RFC5357"/> deployments, though STAMP is preferred for new deployments.</t>
</section>
<section anchor="session-configuration" numbered="true" toc="include"><name>Session Configuration</name>
<t>An ECMP-aware STAMP session requires additional configuration parameters that describe the reference flow. These parameters are used by the Session-Sender for test packet construction and by the Session-Reflector for test packet identification.</t>
<section anchor="sender-config" numbered="true" toc="include"><name>Session-Sender Configuration</name>
<t>In addition to the standard STAMP session parameters defined in <xref target="RFC8762"/>, the following parameters MUST be configurable on the Session-Sender: Reference Source Address, Reference Destination Address, Reference Source Port, Reference Destination Port, and Reference DSCP.</t>
</section>
<section anchor="reflector-config" numbered="true" toc="include"><name>Session-Reflector Configuration</name>
<t>The Session-Reflector MUST be configured with the reference flow header parameters. Because test packets carry the same header values as production traffic, the Session-Reflector cannot rely on the default STAMP destination port (862) alone. The Session-Reflector MUST identify test packets by matching the configured reference flow headers AND validating the STAMP payload structure (sequence number, timestamp, and error estimate as defined in <xref target="RFC8762"/>).</t>
</section></section>
<section anchor="sender-procedures" numbered="true" toc="include"><name>Session-Sender Procedures</name>
<t>When transmitting a test packet for an ECMP-aware session, the Session-Sender MUST populate the IP source address, IP destination address, UDP source port, and UDP destination port with the configured reference flow values. The DSCP field MUST be set to the configured reference DSCP value. The UDP payload MUST contain the STAMP Session-Sender test packet format defined in Section 4 of <xref target="RFC8762"/>, including sequence number, timestamp, error estimate, and any optional TLVs defined in <xref target="RFC8972"/>.</t>
<t>Because these header fields replicate the reference flow, hash-based forwarding nodes along the path compute the same hash and select the same output port or next hop as they would for the reference flow's production traffic.</t>
<t>Note: STAMP test packets always use IP protocol number 17 (UDP) regardless of the reference flow's transport protocol. If the network's hash function includes the IP protocol number, the test packet hash will differ from that of a TCP (protocol 6) or SCTP (protocol 132) reference flow. Operators SHOULD verify whether the hash function on the relevant nodes includes the IP protocol field and, if so, SHOULD assess whether this affects path selection for the reference flow. In practice, many implementations hash only on IP addresses and port numbers, and the protocol number does not influence path selection.</t>
</section>
<section anchor="reflector-procedures" numbered="true" toc="include"><name>Session-Reflector Procedures</name>
<t>When the Session-Reflector receives a packet whose IP addresses and UDP ports match a configured ECMP-aware session, it MUST inspect the UDP payload. If the payload conforms to the STAMP test packet format defined in <xref target="RFC8762"/>, the Session-Reflector MUST process the packet as a STAMP test packet and generate a reply.</t>
<t>The reply test packet MUST swap the source and destination IP addresses and UDP port numbers, so that hash-based forwarding on the return path selects the reverse-direction path of the reference flow. The reply payload MUST conform to the STAMP Session-Reflector format defined in <xref target="RFC8762"/>.</t>
<t>If the payload does not match the STAMP format, the Session-Reflector MUST forward the packet as regular production traffic. This ensures that the reference flow is not disrupted.</t>
</section>
<section anchor="test-packet-identification" numbered="true" toc="include"><name>Test Packet Identification</name>
<t>Because flow-matching test packets share header fields with the reference flow, the Session-Reflector relies on payload-level inspection for identification. The following criteria SHOULD be applied in combination: Header Match (IP addresses and UDP ports match the configured reference flow parameters); Payload Length (at least 44 octets unauthenticated or 112 octets authenticated); Format Validation (STAMP fields pass structural validation); SSID Discrimination (if an SSID TLV <xref target="RFC8972"/> is included, it MAY be used for additional discrimination).</t>
</section>
<section anchor="ecmp-lag" numbered="true" toc="include"><name>ECMP and LAG Considerations</name>
<t>Hash-based ECMP and LAG implementations vary in which header fields participate in the hash computation. Common hash inputs include the IP source and destination addresses and the transport-layer source and destination port numbers. Some implementations additionally include the IP protocol number, MPLS entropy labels <xref target="RFC6790"/>, IPv6 flow labels <xref target="RFC6437"/>, or inner-header fields for tunneled packets.</t>
<t>For effective ECMP-aware measurement, the reference flow header fields used in the test packet MUST cover at least the fields that the network's hash function uses for path selection. Operators SHOULD verify which fields are included in the hash on the relevant network devices. For IPv6 networks, the flow label field may influence ECMP path selection. If the Session-Sender node supports configuring an IPv6 flow label value for the test packet, the reference flow's flow label SHOULD be replicated as well.</t>
</section>
<section anchor="manageability" numbered="true" toc="include"><name>Manageability Considerations</name>
<t>ECMP-aware STAMP sessions are configured using the same management interfaces as standard STAMP sessions. The additional reference flow parameters (addresses, ports, DSCP) extend the per-session configuration. Implementations SHOULD expose the reference flow parameters as part of the session state visible to the management system. Because test packets are indistinguishable from production traffic at the header level, network monitoring and troubleshooting tools that capture traffic based on header fields will include these test packets in their output. Operators SHOULD document active ECMP-aware sessions so that test traffic is not mistaken for anomalous production traffic during troubleshooting.</t>
</section>
<section anchor="security-considerations" numbered="true" toc="include"><name>Security Considerations</name>
<section anchor="sec-policy" numbered="true" toc="include"><name>Security Policy Considerations</name>
<t>Flow-matching test packets share header fields with production traffic. Network security devices that filter based on header fields will apply the same policy to test and production packets. Operators MUST ensure that security policies within the measurement domain account for the presence of ECMP-aware test traffic. STAMP authenticated mode <xref target="RFC8762"/> SHOULD be used to provide payload-level integrity protection.</t>
</section>
<section anchor="source-addr" numbered="true" toc="include"><name>Source Address Considerations</name>
<t>Flow-matching test packets carry source IP addresses that belong to the reference flow's originator, not to the Session-Sender node. Ingress filtering per BCP 38 <xref target="RFC2827"/> may drop these packets. Operators MUST configure ingress filters to permit ECMP-aware test traffic from authorized Session-Sender nodes within the measurement domain.</t>
</section>
<section anchor="prod-protection" numbered="true" toc="include"><name>Production Traffic Protection</name>
<t>An incorrectly configured Session-Reflector could misidentify production traffic as test packets. Implementations MUST require successful STAMP payload validation before treating any packet as a test packet. When payload validation is ambiguous, the packet MUST be forwarded as production traffic. The rate of test packets SHOULD be limited to a negligible fraction of the reference flow's bandwidth.</t>
</section></section>
<section anchor="iana-considerations" numbered="true" toc="include"><name>IANA Considerations</name>
<t>This document has no IANA actions.</t>
</section>
  </middle>

  <back>
      <references title="Normative References">
    <reference anchor="RFC2119" target="https://www.rfc-editor.org/info/rfc2119">
      <front>
        <title>Key words for use in RFCs to Indicate Requirement Levels</title>
        <author initials="S." surname="Bradner" fullname="Scott Bradner"/>
        <date year="1997" month="March"/>
      </front>
      <seriesInfo name="BCP" value="14"/>
      <seriesInfo name="RFC" value="2119"/>
      <seriesInfo name="DOI" value="10.17487/RFC2119"/>
    </reference>
    <reference anchor="RFC8174" target="https://www.rfc-editor.org/info/rfc8174">
      <front>
        <title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</title>
        <author initials="B." surname="Leiba" fullname="Barry Leiba"/>
        <date year="2017" month="May"/>
      </front>
      <seriesInfo name="BCP" value="14"/>
      <seriesInfo name="RFC" value="8174"/>
      <seriesInfo name="DOI" value="10.17487/RFC8174"/>
    </reference>
    <reference anchor="RFC8762" target="https://www.rfc-editor.org/info/rfc8762">
      <front>
        <title>Simple Two-Way Active Measurement Protocol</title>
        <author initials="G." surname="Mirsky" fullname="Greg Mirsky"/>
        <author initials="G." surname="Jun" fullname="Guy Jun"/>
        <author initials="H." surname="Nydell" fullname="Henrik Nydell"/>
        <author initials="R." surname="Foote" fullname="Richard Foote"/>
        <date year="2020" month="March"/>
      </front>
      <seriesInfo name="RFC" value="8762"/>
      <seriesInfo name="DOI" value="10.17487/RFC8762"/>
    </reference>
    <reference anchor="RFC8972" target="https://www.rfc-editor.org/info/rfc8972">
      <front>
        <title>Simple Two-Way Active Measurement Protocol Optional Extensions</title>
        <author initials="G." surname="Mirsky" fullname="Greg Mirsky"/>
        <author initials="X." surname="Min" fullname="Xiao Min"/>
        <author initials="H." surname="Nydell" fullname="Henrik Nydell"/>
        <author initials="R." surname="Foote" fullname="Richard Foote"/>
        <author initials="A." surname="Masputra" fullname="Andres Masputra"/>
        <author initials="E." surname="Ruffini" fullname="Enrico Ruffini"/>
        <date year="2021" month="January"/>
      </front>
      <seriesInfo name="RFC" value="8972"/>
      <seriesInfo name="DOI" value="10.17487/RFC8972"/>
    </reference>
    <reference anchor="RFC2827" target="https://www.rfc-editor.org/info/rfc2827">
      <front>
        <title>Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing</title>
        <author initials="P." surname="Ferguson" fullname="Paul Ferguson"/>
        <author initials="D." surname="Senie" fullname="Daniel Senie"/>
        <date year="2000" month="May"/>
      </front>
      <seriesInfo name="BCP" value="38"/>
      <seriesInfo name="RFC" value="2827"/>
      <seriesInfo name="DOI" value="10.17487/RFC2827"/>
    </reference>
      </references>
      <references title="Informative References">
    <reference anchor="RFC2992" target="https://www.rfc-editor.org/info/rfc2992">
      <front>
        <title>Analysis of an Equal-Cost Multi-Path Algorithm</title>
        <author initials="C." surname="Hopps" fullname="Christian Hopps"/>
        <date year="2000" month="November"/>
      </front>
      <seriesInfo name="RFC" value="2992"/>
      <seriesInfo name="DOI" value="10.17487/RFC2992"/>
    </reference>
    <reference anchor="RFC5357" target="https://www.rfc-editor.org/info/rfc5357">
      <front>
        <title>A Two-Way Active Measurement Protocol (TWAMP)</title>
        <author initials="K." surname="Hedayat" fullname="Kaynam Hedayat"/>
        <author initials="R." surname="Krzanowski" fullname="Radoslaw Krzanowski"/>
        <author initials="A." surname="Morton" fullname="Al Morton"/>
        <author initials="K." surname="Yum" fullname="Kaan Yum"/>
        <author initials="J." surname="Babiarz" fullname="Joel Babiarz"/>
        <date year="2008" month="October"/>
      </front>
      <seriesInfo name="RFC" value="5357"/>
      <seriesInfo name="DOI" value="10.17487/RFC5357"/>
    </reference>
    <reference anchor="RFC6437" target="https://www.rfc-editor.org/info/rfc6437">
      <front>
        <title>IPv6 Flow Label Specification</title>
        <author initials="S." surname="Amante" fullname="Shane Amante"/>
        <author initials="B." surname="Carpenter" fullname="Brian Carpenter"/>
        <author initials="S." surname="Jiang" fullname="Sheng Jiang"/>
        <author initials="J." surname="Rajahalme" fullname="Jarno Rajahalme"/>
        <date year="2011" month="November"/>
      </front>
      <seriesInfo name="RFC" value="6437"/>
      <seriesInfo name="DOI" value="10.17487/RFC6437"/>
    </reference>
    <reference anchor="RFC6790" target="https://www.rfc-editor.org/info/rfc6790">
      <front>
        <title>The Use of Entropy Labels in MPLS Forwarding</title>
        <author initials="K." surname="Kompella" fullname="Kireeti Kompella"/>
        <author initials="J." surname="Drake" fullname="John Drake"/>
        <author initials="S." surname="Amante" fullname="Shane Amante"/>
        <author initials="W." surname="Henderickx" fullname="Wim Henderickx"/>
        <author initials="L." surname="Yong" fullname="Luc Yong"/>
        <date year="2012" month="November"/>
      </front>
      <seriesInfo name="RFC" value="6790"/>
      <seriesInfo name="DOI" value="10.17487/RFC6790"/>
    </reference>
    <reference anchor="RFC9503" target="https://www.rfc-editor.org/info/rfc9503">
      <front>
        <title>Simple Two-Way Active Measurement Protocol (STAMP) Extensions for Segment Routing Networks</title>
        <author initials="R." surname="Gandhi" fullname="Rakesh Gandhi, Ed."/>
        <author initials="C." surname="Filsfils" fullname="Clarence Filsfils"/>
        <author initials="D." surname="Voyer" fullname="Daniel Voyer"/>
        <author initials="M." surname="Chen" fullname="Mach Chen"/>
        <author initials="B." surname="Janssens" fullname="Bruno Janssens"/>
        <date year="2023" month="October"/>
      </front>
      <seriesInfo name="RFC" value="9503"/>
      <seriesInfo name="DOI" value="10.17487/RFC9503"/>
    </reference>
      </references>
      <section anchor="acknowledgements" numbered="false" toc="include">
        <name>Acknowledgements</name>
        <t>The authors would like to thank the members of the IPPM Working Group. The STAMP protocol suite, particularly RFC 8762, RFC 8972, and RFC 9503, provided the protocol foundation for this document.</t>
      </section>
  </back>
</rfc>
