3. OAM Functions
This subsection provides a brief summary of the common OAM functions
used in OAM-related standards. These functions are used as building
blocks in the OAM standards described in this document.
o Connectivity Verification (CV), Path Verification, and Continuity
As defined in Section 2.2.7.
o Path Discovery / Fault Localization:
This function can be used to trace the route to a destination,
i.e., to identify the nodes along the route to the destination.
When more than one route is available to a specific destination,
this function traces one of the available routes. When a failure
occurs, this function attempts to detect the location of the
Note that the term "route tracing" (or "Traceroute"), which is
used in the context of IP and MPLS, is sometimes referred to as
"path tracing" in the context of other protocols, such as TRILL.
o Performance Monitoring:
Typically refers to:
* Loss Measurement (LM) - monitors the packet loss rate.
* Delay Measurement (DM) - monitors the delay and delay variation
4. OAM Tools in the IETF - A Detailed Description
This section presents a detailed description of the sets of OAM-
related tools in each of the toolsets in Table 1.
4.1. IP Ping
Ping is a common network diagnostic application for IP networks that
use ICMP. According to [NetTerms], 'Ping' is an abbreviation for
Packet internet groper, although the term has been so commonly used
that it stands on its own. As defined in [NetTerms], it is a program
used to test reachability of destinations by sending them an ICMP
Echo request and waiting for a reply.
The ICMP Echo request/reply exchange in Ping is used as a Continuity
Check function for the Internet Protocol. The originator transmits
an ICMP Echo request packet, and the receiver replies with an Echo
reply. ICMP Ping is defined in two variants: [ICMPv4] is used for
IPv4, and [ICMPv6] is used for IPv6.
Ping can be invoked to either a unicast destination or a multicast
destination. In the latter case, all members of the multicast group
send an Echo reply back to the originator.
Ping implementations typically use ICMP messages. UDP Ping is a
variant that uses UDP messages instead of ICMP Echo messages.
Ping is a single-ended Continuity Check, i.e., it allows the
*initiator* of the Echo request to test the reachability. If it is
desirable for both ends to test the reachability, both ends have to
invoke Ping independently.
Note that since ICMP filtering is deployed in some routers and
firewalls, the usefulness of Ping is sometimes limited in the wider
Internet. This limitation is equally relevant to Traceroute.
4.2. IP Traceroute
Traceroute ([TCPIP-Tools], [NetTools]) is an application that allows
users to discover a path between an IP source and an IP destination.
The most common way to implement Traceroute [TCPIP-Tools] is
described as follows. Traceroute sends a sequence of UDP packets to
UDP port 33434 at the destination. By default, Traceroute begins by
sending three packets (the number of packets is configurable in most
Traceroute implementations), each with an IP Time-To-Live (or Hop
Limit in IPv6) value of one, to the destination. These packets
expire as soon as they reach the first router in the path.
Consequently, that router sends three ICMP Time Exceeded Messages
back to the Traceroute application. Traceroute now sends another
three UDP packets, each with the TTL value of 2. These messages
cause the second router to return ICMP messages. This process
continues, with ever-increasing values for the TTL field, until the
packets actually reach the destination. Because no application
listens to port 33434 at the destination, the destination returns
ICMP Destination Unreachable Messages indicating an unreachable port.
This event indicates to the Traceroute application that it is
finished. The Traceroute program displays the round-trip delay
associated with each of the attempts.
While Traceroute is a tool that finds *a* path from A to B, it should
be noted that traffic from A to B is often forwarded through Equal-
Cost Multipaths (ECMPs). Paris Traceroute [PARIS] is an extension to
Traceroute that attempts to discovers all the available paths from A
to B by scanning different values of header fields (such as UDP
ports) in the probe packets.
It is noted that Traceroute is an application, and not a protocol.
As such, it has various different implementations. One of the most
common ones uses UDP probe packets, as described above. Other
implementations exist that use other types of probe messages, such as
ICMP or TCP.
Note that IP routing may be asymmetric. While Traceroute discovers a
path between a source and destination, it does not reveal the reverse
A few ICMP extensions ([ICMP-MP], [ICMP-Int]) have been defined in
the context of Traceroute. These documents define several
extensions, including extensions to the ICMP Destination Unreachable
message, that can be used by Traceroute applications.
Traceroute allows path discovery to *unicast* destination addresses.
A similar tool [mtrace] was defined for multicast destination
addresses; it allows tracing the route that a multicast IP packet
takes from a source to a particular receiver.
4.3. Bidirectional Forwarding Detection (BFD)
While multiple OAM tools have been defined for various protocols in
the protocol stack, Bidirectional Forwarding Detection [BFD], defined
by the IETF BFD working group, is a generic OAM tool that can be
deployed over various encapsulating protocols, and in various medium
types. The IETF has defined variants of the protocol for IP
([BFD-IP], [BFD-Multi]), for MPLS LSPs [BFD-LSP], and for pseudowires
[BFD-VCCV]. The usage of BFD in MPLS-TP is defined in [TP-CC-CV].
BFD includes two main OAM functions, using two types of BFD packets:
BFD Control packets and BFD Echo packets.
BFD operates between *systems*. The BFD protocol is run between two
or more systems after establishing a *session*.
4.3.3. BFD Control
BFD supports a bidirectional Continuity Check, using BFD Control
packets that are exchanged within a BFD session. BFD sessions
operate in one of two modes:
o Asynchronous mode (i.e., proactive): in this mode, BFD Control
packets are sent periodically. When the receiver detects that no
BFD Control packets have been received during a predetermined
period of time, a failure is reported.
o Demand mode: in this mode, BFD Control packets are sent on demand.
Upon need, a system initiates a series of BFD Control packets to
check the continuity of the session. BFD Control packets are sent
independently in each direction.
Each of the endpoints (referred to as systems) of the monitored path
maintains its own session identification, called a Discriminator;
both Discriminators are included in the BFD Control Packets that are
exchanged between the endpoints. At the time of session
establishment, the Discriminators are exchanged between the two
endpoints. In addition, the transmission (and reception) rate is
negotiated between the two endpoints, based on information included
in the control packets. These transmission rates may be renegotiated
during the session.
During normal operation of the session, i.e., when no failures have
been detected, the BFD session is in the Up state. If no BFD Control
packets are received during a period of time called the Detection
Time, the session is declared to be Down. The detection time is a
function of the pre-configured or negotiated transmission rate and a
parameter called Detect Mult. Detect Mult determines the number of
missing BFD Control packets that cause the session to be declared as
Down. This parameter is included in the BFD Control packet.
4.3.4. BFD Echo
A BFD Echo packet is sent to a peer system and is looped back to the
originator. The echo function can be used proactively or on demand.
The BFD Echo function has been defined in BFD for IPv4 and IPv6
([BFD-IP]), but it is not used in BFD for MPLS LSPs or PWs, or in BFD
4.4. MPLS OAM
The IETF MPLS working group has defined OAM for MPLS LSPs. The
requirements and framework of this effort are defined in
[MPLS-OAM-FW] and [MPLS-OAM], respectively. The corresponding OAM
tool defined, in this context, is LSP Ping [LSP-Ping]. OAM for P2MP
services is defined in [MPLS-P2MP].
BFD for MPLS [BFD-LSP] is an alternative means for detecting data-
plane failures, as described below.
4.4.1. LSP Ping
LSP Ping is modeled after the Ping/Traceroute paradigm, and thus it
may be used in one of two modes:
o "Ping" mode: In this mode, LSP Ping is used for end-to-end
Connectivity Verification between two LERs.
o "Traceroute" mode: This mode is used for hop-by-hop fault
LSP Ping is based on the ICMP Ping operation (of data-plane
Connectivity Verification) with additional functionality to verify
data-plane vs. control-plane consistency for a Forwarding Equivalence
Class (FEC) and also to identify Maximum Transmission Unit (MTU)
The Traceroute functionality may be used to isolate and localize MPLS
faults, using the Time-To-Live (TTL) indicator to incrementally
identify the sub-path of the LSP that is successfully traversed
before the faulty link or node.
The challenge in MPLS networks is that the traffic of a given LSP may
be load-balanced across Equal-Cost Multipaths (ECMPs). LSP Ping
monitors all the available paths of an LSP by monitoring its
different FECs. Note that MPLS-TP does not use ECMP, and thus does
not require OAM over multiple paths.
Another challenge is that an MPLS LSP does not necessarily have a
return path; traffic that is sent back from the egress LSR to the
ingress LSR is not necessarily sent over an MPLS LSP, but it can be
sent through a different route, such as an IP route. Thus,
responding to an LSP Ping message is not necessarily as trivial as in
IP Ping, where the responder just swaps the source and destination IP
addresses. Note that this challenge is not applicable to MPLS-TP,
where a return path is always available.
It should be noted that LSP Ping supports unique identification of
the LSP within an addressing domain. The identification is checked
using the full FEC identification. LSP Ping is extensible to include
additional information needed to support new functionality, by use of
Type-Length-Value (TLV) constructs. The usage of TLVs is typically
handled by the control plane, as it is not easy to implement in
LSP Ping supports both asynchronous and on-demand activation.
4.4.2. BFD for MPLS
BFD [BFD-LSP] can be used to detect MPLS LSP data-plane failures.
A BFD session is established for each MPLS LSP that is being
monitored. BFD Control packets must be sent along the same path as
the monitored LSP. If the LSP is associated with multiple FECs, a
BFD session is established for each FEC.
While LSP Ping can be used for detecting MPLS data-plane failures and
for verifying the MPLS LSP data plane against the control plane, BFD
can only be used for the former. BFD can be used in conjunction with
LSP Ping, as is the case in MPLS-TP (see Section 4.5.4).
4.4.3. OAM for Virtual Private Networks (VPNs) over MPLS
The IETF has defined two classes of VPNs: Layer 2 VPNs (L2VPNs) and
Layer 3 VPNs (L3VPNs). [L2VPN-OAM] provides the requirements and
framework for OAM in the context of L2VPNs, and specifically it also
defines the OAM layering of L2VPNs over MPLS. [L3VPN-OAM] provides a
framework for the operation and management of L3VPNs.
4.5. MPLS-TP OAM
The MPLS working group has defined the OAM toolset that fulfills the
requirements for MPLS-TP OAM. The full set of requirements for
MPLS-TP OAM are defined in [MPLS-TP-OAM] and include both general
requirements for the behavior of the OAM tools and a set of
operations that should be supported by the OAM toolset. The set of
mechanisms required are further elaborated in [TP-OAM-FW], which
describes the general architecture of the OAM system and also gives
overviews of the functionality of the OAM toolset.
Some of the basic requirements for the OAM toolset for MPLS-TP are:
o MPLS-TP OAM must be able to support both an IP-based environment
and a non-IP-based environment. If the network is IP based, i.e.,
IP routing and forwarding are available, then the MPLS-TP OAM
toolset should rely on the IP routing and forwarding capabilities.
On the other hand, in environments where IP functionality is not
available, the OAM tools must still be able to operate without
dependence on IP forwarding and routing.
o OAM packets and the user traffic are required to be congruent
(i.e., OAM packets are transmitted in-band), and there is a need
to differentiate OAM packets from ordinary user packets in the
data plane. Inherent in this requirement is the principle that
MPLS-TP OAM be independent of any existing control plane, although
it should not preclude use of the control-plane functionality.
OAM packets are identified by the Generic Associated Channel Label
(GAL), which is a reserved MPLS label value (13).
Maintenance Entity (ME)
The MPLS-TP OAM tools are designed to monitor and manage a
Maintenance Entity (ME). An ME, as defined in [TP-OAM-FW],
defines a relationship between two points of a transport path to
which maintenance and monitoring operations apply.
The term "Maintenance Entity (ME)" is used in ITU-T
Recommendations (e.g., [ITU-T-Y1731]), as well as in the MPLS-TP
Maintenance Entity Group (MEG)
The collection of one or more MEs that belong to the same
transport path and that are maintained and monitored as a group
are known as a Maintenance Entity Group (based on [TP-OAM-FW]).
Maintenance Point (MP)
A Maintenance Point (MP) is a functional entity that is defined at
a node in the network and can initiate and/or react to OAM
messages. This document focuses on the data-plane functionality
of MPs, while MPs interact with the control plane and with the
management plane as well.
The term "MP" is used in IEEE 802.1ag and was similarly adopted in
MEG End Point (MEP)
A MEG End Point (MEP) is one of the endpoints of an ME, and can
initiate OAM messages and respond to them (based on [TP-OAM-FW]).
MEG Intermediate Point (MIP)
In between MEPs, there are zero or more intermediate points,
called MEG Intermediate Points (based on [TP-OAM-FW]).
A MEG Intermediate Point (MIP) is an intermediate point that does
not generally initiate OAM frames (one exception to this is the
use of AIS notifications) but is able to respond to OAM frames
that are destined to it. A MIP in MPLS-TP identifies OAM packets
destined to it by the expiration of the TTL field in the OAM
packet. The term "Maintenance Point" is a general term for MEPs
Up and Down MEPs
IEEE 802.1ag [IEEE802.1Q] defines a distinction between Up MEPs
and Down MEPs. A MEP monitors traffic in either the direction
facing the network or the direction facing the bridge. A Down MEP
is a MEP that receives OAM packets from and transmits them to the
direction of the network. An Up MEP receives OAM packets from and
transmits them to the direction of the bridging entity. MPLS-TP
([TP-OAM-FW]) uses a similar distinction on the placement of the
MEP -- at either the ingress, egress, or forwarding function of
the node (Down / Up MEPs). This placement is important for
localization of a failure.
Note that the terms "Up MEP" and "Down MEP" are entirely unrelated
to the conventional "Up"/"Down" terminology, where "Down" means
faulty and "Up" means not faulty.
The distinction between Up and Down MEPs was defined in
[TP-OAM-FW], but has not been used in other MPLS-TP RFCs, as of
the writing of this document.
4.5.3. Generic Associated Channel
In order to address the requirement for in-band transmission of
MPLS-TP OAM traffic, MPLS-TP uses a Generic Associated Channel
(G-ACh), defined in [G-ACh] for LSP-based OAM traffic. This
mechanism is based on the same concepts as the PWE3 ACH [PW-ACH] and
VCCV [VCCV] mechanisms. However, to address the needs of LSPs as
differentiated from PW, the following concepts were defined for
o An Associated Channel Header (ACH), which uses a format similar to
the PW Control Word [PW-ACH], is a 4-byte header that is prepended
to OAM packets.
o A Generic Associated Channel Label (GAL). The GAL is a reserved
MPLS label value (13) that indicates that the packet is an ACH
packet and the payload follows immediately after the label stack.
It should be noted that while the G-ACh was defined as part of the
MPLS-TP definition effort, the G-ACh is a generic tool that can be
used in MPLS in general, and not only in MPLS-TP.
4.5.4. MPLS-TP OAM Toolset
To address the functionality that is required of the OAM toolset, the
MPLS WG conducted an analysis of the existing IETF and ITU-T OAM
tools and their ability to fulfill the required functionality. The
conclusions of this analysis are documented in [OAM-Analys]. MPLS-TP
uses a mixture of OAM tools that are based on previous standards and
adapted to the requirements of [MPLS-TP-OAM]. Some of the main
building blocks of this solution are based on:
o Bidirectional Forwarding Detection ([BFD], [BFD-LSP]) for
proactive Continuity Check and Connectivity Verification.
o LSP Ping as defined in [LSP-Ping] for on-demand Connectivity
o New protocol packets, using G-ACH, to address different
o Performance measurement protocols.
The following subsections describe the OAM tools defined for MPLS-TP
as described in [TP-OAM-FW].
126.96.36.199. Continuity Check and Connectivity Verification
Continuity Checks and Connectivity Verification are presented in
Section 2.2.7 of this document. As presented there, these tools may
be used either proactively or on demand. When using these tools
proactively, they are generally used in tandem.
For MPLS-TP there are two distinct tools: the proactive tool is
defined in [TP-CC-CV], while the on-demand tool is defined in
[OnDemand-CV]. In on-demand mode, this function should support
monitoring between the MEPs and, in addition, between a MEP and MIP.
[TP-OAM-FW] highlights, when performing Connectivity Verification,
the need for the CC-V messages to include unique identification of
the MEG that is being monitored and the MEP that originated the
The proactive tool [TP-CC-CV] is based on extensions to BFD (see
Section 4.3) with the additional limitation that the transmission and
receiving rates are based on configuration by the operator. The
on-demand tool [OnDemand-CV] is an adaptation of LSP Ping (see
Section 4.4.1) for the required behavior of MPLS-TP.
188.8.131.52. Route Tracing
[MPLS-TP-OAM] defines that there is a need for functionality that
would allow a path endpoint to identify the intermediate and
endpoints of the path. This function would be used in on-demand
mode. Normally, this path will be used for bidirectional PW, LSP,
and Sections; however, unidirectional paths may be supported only if
a return path exists. The tool for this is based on the LSP Ping
(see Section 4.4.1) functionality and is described in [OnDemand-CV].
184.108.40.206. Lock Instruct
The Lock Instruct function [Lock-Loop] is used to notify a transport-
path endpoint of an administrative need to disable the transport
path. This functionality will generally be used in conjunction with
some intrusive OAM function, e.g., performance measurement or
diagnostic testing, to minimize the side-effect on user data traffic.
220.127.116.11. Lock Reporting
Lock Reporting is a function used by an endpoint of a path to report
to its far-end endpoint that a lock condition has been affected on
18.104.22.168. Alarm Reporting
Alarm reporting [TP-Fault] provides the means to suppress alarms
following detection of defect conditions at the server sub-layer.
Alarm reporting is used by an intermediate point of a path, that
becomes aware of a fault on the path, to report to the endpoints of
the path. [TP-OAM-FW] states that this may occur as a result of a
defect condition discovered at a server sub-layer. This generates an
Alarm Indication Signal (AIS) that continues until the fault is
cleared. The consequent action of this function is detailed in
22.214.171.124. Remote Defect Indication
Remote Defect Indication (RDI) is used proactively by a path endpoint
to report to its peer endpoint that a defect is detected on a
bidirectional connection between them. [MPLS-TP-OAM] points out that
this function may be applied to a unidirectional LSP only if a return
path exists. [TP-OAM-FW] points out that this function is associated
with the proactive CC-V function.
126.96.36.199. Client Failure Indication
Client Failure Indication (CFI) is defined in [MPLS-TP-OAM] to allow
the propagation information from one edge of the network to the
other. The information concerns a defect to a client, in the case
that the client does not support alarm notification.
188.8.131.52. Performance Monitoring
The definition of MPLS performance monitoring was motivated by the
MPLS-TP requirements [MPLS-TP-OAM] but was defined generically for
MPLS in [MPLS-LM-DM]. An additional document [TP-LM-DM] defines a
performance monitoring profile for MPLS-TP.
184.108.40.206.1. Packet Loss Measurement (LM)
Packet Loss Measurement is a function used to verify the quality of
the service. Packet loss, as defined in [IPPM-1LM] and
[MPLS-TP-OAM], indicates the ratio of the number of user packets lost
to the total number of user packets sent during a defined time
There are two possible ways of determining this measurement:
o Using OAM packets, it is possible to compute the statistics based
on a series of OAM packets. This, however, has the disadvantage
of being artificial and may not be representative since part of
the packet loss may be dependent upon packet sizes and upon the
implementation of the MEPs that take part in the protocol.
o Delimiting messages can be sent at the start and end of a
measurement period during which the source and sink of the path
count the packets transmitted and received. After the end
delimiter, the ratio would be calculated by the path OAM entity.
220.127.116.11.2. Packet Delay Measurement (DM)
Packet Delay Measurement is a function that is used to measure one-
way or two-way delay of a packet transmission between a pair of the
endpoints of a path (PW, LSP, or Section). Where:
o One-way packet delay, as defined in [IPPM-1DM], is the time
elapsed from the start of transmission of the first bit of the
packet by a source node until the reception of the last bit of
that packet by the destination node. Note that one-way delay
measurement requires the clocks of the two endpoints to be
o Two-way packet delay, as defined in [IPPM-2DM], is the time
elapsed from the start of transmission of the first bit of the
packet by a source node until the reception of the last bit of the
looped-back packet by the same source node, when the loopback is
performed at the packet's destination node. Note that due to
possible path asymmetry, the one-way packet delay from one
endpoint to another is not necessarily equal to half of the
two-way packet delay. As opposed to one-way delay measurement,
two-way delay measurement does not require the two endpoints to be
For each of these two metrics, the DM function allows the MEP to
measure the delay, as well as the delay variation. Delay
measurement is performed by exchanging timestamped OAM packets
between the participating MEPs.
4.6. Pseudowire OAM
4.6.1. Pseudowire OAM Using Virtual Circuit Connectivity Verification
VCCV, as defined in [VCCV], provides a means for end-to-end fault
detection and diagnostic tools to be used for PWs (regardless of the
underlying tunneling technology). The VCCV switching function
provides a Control Channel associated with each PW. [VCCV] defines
three Control Channel (CC) types, i.e., three possible methods for
transmitting and identifying OAM messages:
o Control Channel Type 1: In-band VCCV, as described in [VCCV], is
also referred to as "PWE3 Control Word with 0001b as first
nibble". It uses the PW Associated Channel Header [PW-ACH].
o Control Channel Type 2: Out-of-band VCCV, as described in [VCCV],
is also referred to as "MPLS Router Alert Label". In this case,
the Control Channel is created by using the MPLS router alert
label [MPLS-ENCAPS] immediately above the PW label.
o Control Channel Type 3: TTL expiry VCCV, as described in [VCCV],
is also referred to as "MPLS PW Label with TTL == 1", i.e., the
Control Channel is identified when the value of the TTL field in
the PW label is set to 1.
VCCV currently supports the following OAM tools: ICMP Ping, LSP Ping,
and BFD. ICMP and LSP Ping are IP encapsulated before being sent
over the PW ACH. BFD for VCCV [BFD-VCCV] supports two modes of
encapsulation -- either IP/UDP encapsulated (with IP/UDP header) or
PW-ACH encapsulated (with no IP/UDP header) -- and provides support
to signal the AC status. The use of the VCCV Control Channel
provides the context, based on the MPLS-PW label, required to bind
and bootstrap the BFD session to a particular pseudowire (FEC),
eliminating the need to exchange Discriminator values.
VCCV consists of two components: (1) the signaled component to
communicate VCCV capabilities as part of the VC label, and (2) the
switching component to cause the PW payload to be treated as a
VCCV is not directly dependent upon the presence of a control plane.
The VCCV capability advertisement may be performed as part of the PW
signaling when LDP is used. In case of manual configuration of the
PW, it is the responsibility of the operator to set consistent
options at both ends. The manual option was created specifically to
handle MPLS-TP use cases where no control plane was a requirement.
However, new use cases such as pure mobile backhaul find this
functionality useful too.
The PWE3 working group has conducted an implementation survey of VCCV
[VCCV-SURVEY] that analyzes which VCCV mechanisms are used in
4.6.2. Pseudowire OAM Using G-ACh
As mentioned above, VCCV enables OAM for PWs by using a Control
Channel for OAM packets. When PWs are used in MPLS-TP networks,
rather than the Control Channels defined in VCCV, the G-ACh can be
used as an alternative Control Channel. The usage of the G-ACh for
PWs is defined in [PW-G-ACh].
4.6.3. Attachment Circuit - Pseudowire Mapping
The PWE3 working group has defined a mapping and notification of
defect states between a pseudowire (PW) and the Attachment Circuits
(ACs) of the end-to-end emulated service. This mapping is of key
importance to the end-to-end functionality. Specifically, the
mapping is provided by [PW-MAP], by [L2TP-EC] for L2TPv3 pseudowires,
and by Section 5.3 of [ATM-L2] for ATM.
[L2VPN-OAM] provides the requirements and framework for OAM in the
context of Layer 2 Virtual Private Networks (L2VPNs), and
specifically it also defines the OAM layering of L2VPNs over
The mapping defined in [Eth-Int] allows an end-to-end emulated
Ethernet service over pseudowires.
4.7. OWAMP and TWAMP
The IPPM working group in the IETF defines common criteria and
metrics for measuring performance of IP traffic ([IPPM-FW]). Some of
the key RFCs published by this working group have defined metrics for
measuring connectivity [IPPM-Con], delay ([IPPM-1DM], [IPPM-2DM]),
and packet loss [IPPM-1LM]. It should be noted that the work of the
IETF in the context of performance metrics is not limited to IP
networks; [PM-CONS] presents general guidelines for considering new
The IPPM working group has defined not only metrics for performance
measurement but also protocols that define how the measurement is
carried out. The One-Way Active Measurement Protocol [OWAMP] and the
Two-Way Active Measurement Protocol [TWAMP] each define a method and
protocol for measuring performance metrics in IP networks.
OWAMP [OWAMP] enables measurement of one-way characteristics of IP
networks, such as one-way packet loss and one-way delay. For its
proper operation, OWAMP requires accurate time-of-day setting at its
TWAMP [TWAMP] is a similar protocol that enables measurement of both
one-way and two-way (round-trip) characteristics.
OWAMP and TWAMP are each comprised of two separate protocols:
o OWAMP-Control/TWAMP-Control: used to initiate, start, and stop
test sessions and to fetch their results. Continuity Check and
Connectivity Verification are tested and confirmed by establishing
the OWAMP/TWAMP Control Protocol TCP connection.
o OWAMP-Test/TWAMP-Test: used to exchange test packets between two
measurement nodes. Enables the loss and delay measurement
functions, as well as detection of other anomalies, such as packet
duplication and packet reordering.
It should be noted that while [OWAMP] and [TWAMP] define tools for
performance measurement, they do not define the accuracy of these
tools. The accuracy depends on scale, implementation, and network
Alternative protocols for performance monitoring are defined, for
example, in MPLS-TP OAM ([MPLS-LM-DM], [TP-LM-DM]) and in Ethernet
4.7.2. Control and Test Protocols
OWAMP and TWAMP control protocols run over TCP, while the test
protocols run over UDP. The purpose of the control protocols is to
initiate, start, and stop test sessions, and for OWAMP to fetch
results. The test protocols introduce test packets (which contain
sequence numbers and timestamps) along the IP path under test
according to a schedule, and they record statistics of packet
arrival. Multiple sessions may be simultaneously defined, each with
a session identifier, and defining the number of packets to be sent,
the amount of padding to be added (and thus the packet size), the
start time, and the send schedule (which can be either a constant
time between test packets or exponentially distributed
pseudorandomly). Statistics recorded conform to the relevant IPPM
From a security perspective, OWAMP and TWAMP test packets are hard to
detect because they are simply UDP streams between negotiated port
numbers, with potentially nothing static in the packets. OWAMP and
TWAMP also include optional authentication and encryption for both
control and test packets.
OWAMP defines the following logical roles: Session-Sender,
Session-Receiver, Server, Control-Client, and Fetch-Client. The
Session-Sender originates test traffic that is received by the
Session-Receiver. The Server configures and manages the session, as
well as returning the results. The Control-Client initiates requests
for test sessions, triggers their start, and may trigger their
termination. The Fetch-Client requests the results of a completed
session. Multiple roles may be combined in a single host -- for
example, one host may play the roles of Control-Client, Fetch-Client,
and Session-Sender, and a second may play the roles of Server and
In a typical OWAMP session, the Control-Client establishes a TCP
connection to port 861 of the Server, which responds with a Server
greeting message indicating supported security/integrity modes. The
Control-Client responds with the chosen communications mode, and the
Server accepts the mode. The Control-Client then requests and fully
describes a test session to which the Server responds with its
acceptance and supporting information. More than one test session
may be requested with additional messages. The Control-Client then
starts a test session; the Server acknowledges and then instructs the
Session-Sender to start the test. The Session-Sender then sends test
packets with pseudorandom padding to the Session-Receiver until the
session is complete or until the Control-Client stops the session.
Once finished, the Session-Sender reports to the Server, which
recovers data from the Session-Receiver. The Fetch-Client can then
send a fetch request to the Server, which responds with an
acknowledgement and, immediately thereafter, the result data.
TWAMP defines the following logical roles: Session-Sender,
Session-Reflector, Server, and Control-Client. These are similar to
the OWAMP roles, except that the Session-Reflector does not collect
any packet information, and there is no need for a Fetch-Client.
In a typical TWAMP session, the Control-Client establishes a TCP
connection to port 862 of the Server, and the mode is negotiated as
in OWAMP. The Control-Client then requests sessions and starts them.
The Session-Sender sends test packets with pseudorandom padding to
the Session-Reflector, which returns them with timestamps inserted.
The requirements of OAM in TRILL are defined in [TRILL-OAM]. The
challenge in TRILL OAM, much like in MPLS networks, is that traffic
between RBridges RB1 and RB2 may be forwarded through more than one
path. Thus, an OAM protocol between RBridges RB1 and RB2 must be
able to monitor all the available paths between the two RBridges.
During the writing of this document, the detailed definition of the
TRILL OAM tools is still work in progress. This subsection presents
the main requirements of TRILL OAM.
The main requirements defined in [TRILL-OAM] are:
o Continuity Checking (CC) - the TRILL OAM protocol must support a
function for CC between any two RBridges RB1 and RB2.
o Connectivity Verification (CV) - connectivity between two RBridges
RB1 and RB2 can be verified on a per-flow basis.
o Path Tracing - allows an RBridge to trace all the available paths
to a peer RBridge.
o Performance monitoring - allows an RBridge to monitor the packet
loss and packet delay to a peer RBridge.