Tech-invite3GPPspaceIETF RFCsSIP
in Index   Prev   Next

RFC 5740

NACK-Oriented Reliable Multicast (NORM) Transport Protocol

Pages: 96
Proposed Standard
Obsoletes:  3940
Part 4 of 4 – Pages 65 to 96
First   Prev   None

Top   ToC   RFC5740 - Page 65   prevText

5.5. Additional Protocol Mechanisms

In addition to the principal function of data content transmission and repair, there are some other protocol mechanisms to help NORM to adapt to network conditions and play fairly with other coexistent protocols.

5.5.1. Group Round-Trip Time (GRTT) Collection

For NORM receivers to appropriately scale backoff timeouts and the senders to use proper corresponding timeouts, the participants need
Top   ToC   RFC5740 - Page 66
   to use a common timeout basis.  Each NORM sender monitors the round-
   trip time of active receivers and determines the greatest group
   round-trip time.  The sender advertises this GRTT estimate in every
   message it transmits so receivers have this value available for
   scaling their timers.  To measure the current GRTT, the sender
   periodically sends NORM_CMD(CC) messages containing a locally
   generated timestamp.  Receivers are expected to record this timestamp
   along with the time the NORM_CMD(CC) message is received.  Then, when
   the receivers generate feedback messages to the sender, an adjusted
   version of the sender timestamp is embedded in the feedback message
   (NORM_NACK or NORM_ACK).  The adjustment adds the amount of time the
   receiver held the timestamp before generating its response.  Upon
   receipt of this adjusted timestamp, the sender is able to calculate
   the round-trip time to that receiver.

   The round-trip time for each receiver is fed into an algorithm that
   assigns weights and smoothes the values for a conservative estimate
   of the GRTT.  The algorithm and methodology are described in the
   Multicast NACK Building Block [RFC5401] document in the section
   entitled "One-to-Many Sender GRTT Measurement".  A conservative
   estimate helps guarantee feedback suppression at a small cost in
   overall protocol repair delay.  The sender's current estimate of GRTT
   is advertised in the "grtt" field found in all NORM sender messages.
   The advertised GRTT is also limited to a minimum of the nominal
   inter-packet transmission time given the sender's current
   transmission rate and system clock granularity.  The reason for this
   additional limit is to keep the receiver somewhat event-driven by
   making sure the sender has had adequate time to generate any response
   to repair requests from receivers given transmit rate limitations due
   to congestion control or configuration.

   When the NORM-CC Rate header extension is present in NORM_CMD(CC)
   messages, the receivers respond to NORM_CMD(CC) messages as described
   in Section 5.5.2, "NORM Congestion Control Operation".  The
   NORM_CMD(CC) messages are periodically generated by the sender as
   described for congestion control operation.  This provides for
   proactive, but controlled, feedback from the group in the form of
   NORM_ACK messages.  This provides for GRTT feedback even if no
   NORM_NACK messages are being sent.  If operating without congestion
   control in a closed network, the NORM_CMD(CC) messages MAY be sent
   periodically without the NORM-CC Rate header extension.  In this
   case, receivers will only provide GRTT measurement feedback when
   NORM_NACK messages are generated since no NORM_ACK messages are
   generated.  In this case, the NORM_CMD(CC) messages MAY be sent less
   frequently, perhaps as little as once per minute, to conserve network
   capacity.  Note the NORM-CC Rate header extension MAY also be used to
   proactively solicit RTT feedback from the receiver group per
   congestion control operation even when the sender is not conducting
Top   ToC   RFC5740 - Page 67
   congestion control rate adjustment.  NORM operation without
   congestion control SHOULD be considered only in closed networks.

5.5.2. NORM Congestion Control Operation

This section describes baseline congestion control operation for the NORM protocol (NORM-CC). The supporting NORM message formats and approach described here are an adaptation of the equation-based TCP- Friendly Multicast Congestion Control (TFMCC) approach [RFC4654]. This congestion control scheme is REQUIRED for operation within the general Internet unless the NORM implementation is adapted to use another IETF-sanctioned reliable multicast congestion control mechanism. With this TFMCC-based approach, the transmissions of NORM senders are controlled in a rate-based manner as opposed to window- based congestion control algorithms as in TCP. However, it is possible the NORM protocol message set MAY alternatively be used to support a window-based multicast congestion control scheme such as PGMCC. The details of such an alternative MAY be described separately or in a future revision of this document. In either case (rate-based TFMCC or window-based PGMCC), successful control of sender transmission depends upon collection of sender-to-receiver packet loss estimates and RTTs to identify the congestion control bottleneck path(s) within the multicast topology and adjust the sender rate accordingly. The receiver with loss and RTT estimates corresponding to the lowest resulting calculated transmission rate is identified as the "current limiting receiver" (CLR). In the case of a tie (where candidate CLRs are within 10% of the same calculated rate), the receiver with the largest RTT value SHOULD be designated as the CLR. As described in [TcpModel], a steady-state sender transmission rate, to be "friendly" with competing TCP flows, can be calculated as: S Rsender = ---------------------------------------------------------- T_rtt*(sqrt((2/3)*p) + 12*sqrt((3/8)*p) * p * (1 + 32*(p^2))) where S = nominal transmitted packet size. (In NORM, the "nominal" packet size can be determined by the sender as an exponentially weighted moving average (EWMA) of transmitted packet sizes to account for variable message sizes). T_rtt = RTT estimate of the current "current limiting receiver" (CLR). p = loss event fraction of the CLR.
Top   ToC   RFC5740 - Page 68
   To support congestion control feedback collection and operation, the
   NORM sender periodically transmits NORM_CMD(CC) command messages.
   NORM_CMD(CC) messages are multiplexed with NORM data and repair
   transmissions and serve several purposes, they:

   1.  Stimulate explicit feedback from the general receiver set to
       collect congestion control information.

   2.  Communicate state to the receiver set on the sender's current
       congestion control status including details of the CLR.

   3.  Initiate rapid (immediate) feedback from the CLR in order to
       closely track the dynamics of congestion control for the current
       worst path in the group multicast topology.

   The format of the NORM_CMD(CC) message is described in Section 4.2.3
   of this document.  The NORM_CMD(CC) message contains information to
   allow measurement of RTTs, to inform the group of the congestion
   control CLR, and to provide feedback of individual RTT measurements
   to the receivers in the group.  The NORM_CMD(CC) also provides for
   exciting feedback from OPTIONAL "potential limiting receiver" (PLR)
   nodes that might be determined administratively or possibly
   algorithmically based upon congestion control feedback.  PLR nodes
   are receivers that have been identified to have potential for
   (perhaps soon) becoming the CLR and thus immediate, up-to-date
   feedback is beneficial for congestion control performance.  The PLR
   list MAY be populated with a small number of receivers the sender
   identifies as approaching the CLR loss and delay conditions based on
   feedback from the group. NORM_CMD(CC) Transmission
The NORM_CMD(CC) message is transmitted periodically by the sender along with its normal data transmission. Note the repeated transmission of NORM_CMD(CC) messages MAY be initiated some time before transmission of user data content at session startup. This can be done to collect some estimation of the current state of the multicast topology with respect to group and individual RTT and congestion control state. A NORM_CMD(CC) message is immediately transmitted at sender startup. The interval of subsequent NORM_CMD(CC) message transmission is determined as follows: 1. By default, the interval is set according to the current sender GRTT estimate. A startup initial value of GRTT_sender = 0.5 seconds is RECOMMENDED when no feedback has yet been received from the group.
Top   ToC   RFC5740 - Page 69
   2.  Until a CLR has been identified (based on previous receiver
       feedback) or when no data transmission is pending, the
       NORM_CMD(CC) interval is doubled up from its current interval to
       a maximum of once per 30 seconds.  This results in a low duty
       cycle for NORM_CMD(CC) probing when no CLR is identified or there
       is no pending data to transmit.

   3.  When a CLR has been identified (based on receiver feedback) and
       data transmission is pending, the probing interval is set to the
       RTT between the sender and the CLR (RTT_clr).

   4.  Additionally, when the data transmission rate is low with respect
       to the RTT_clr interval used for probing, the implementation
       SHOULD ensure no more than one NORM_CMD(CC) message is sent per
       NORM_DATA message when there is data pending transmission.  This
       ensures the transmission of this control message is not done to
       the exclusion of user data transmission.

   The NORM_CMD(CC) "cc_sequence" field is incremented with each
   transmission of a NORM_CMD(CC) command.  The greatest "cc_sequence"
   recently received by receivers is included in their feedback to the
   sender.  This allows the sender to determine the age of feedback to
   assist in congestion avoidance.

   The NORM-CC Rate Header Extension is applied to the NORM_CMD(CC)
   message and the sender advertises its current transmission rate in
   the "send_rate" field.  The rate information is used by receivers to
   initialize loss estimation during congestion control startup or

   The "cc_node_list" contains a list of entries identifying receivers
   and their current congestion control state (status "flags", "rtt",
   and "loss" estimates).  The list will be empty if the sender has not
   yet received any feedback from the group.  If the sender has received
   feedback, the list will minimally contain an entry identifying the
   CLR.  A NORM_FLAG_CC_CLR flag value is provided for the "cc_flags"
   field to identify the CLR entry.  It is RECOMMENDED the CLR entry be
   the first in the list for implementation efficiency.  Additional
   entries in the list are used to provide sender-measured individual
   RTT estimates to receivers in the group.  The number of additional
   entries in this list is dependent upon the percentage of control
   traffic the sender application is willing to send with respect to
   user data message transmissions.  More entries in the list will allow
   the sender to be more responsive to congestion control dynamics.  The
   length of the list can be dynamically determined according to the
   current transmission rate and scheduling of NORM_CMD(CC) messages.
   The maximum length of the list corresponds to the sender's
   NormSegmentSize parameter for the session.  The inclusion of
Top   ToC   RFC5740 - Page 70
   additional entries in the list based on receiver feedback is
   prioritized with the following rules:

   1.  Receivers that have not yet been provided an RTT measurement get
       first priority.  Of these, those with the greatest loss fraction
       receive precedence for list inclusion.

   2.  Secondly, receivers that have previously been provided an RTT
       measurement are included with receivers yielding the lowest
       calculated congestion rate getting precedence.

   There are "cc_flag" values in addition to NORM_FLAG_CC_CLR used for
   other congestion control functions.  The NORM_FLAG_CC_PLR flag value
   is used to mark additional receivers from which the sender would like
   to have immediate, non-suppressed feedback.  These can be receivers
   the sender algorithmically identified as potential future CLRs or
   have been pre-configured as potential congestion control points in
   the network.  The NORM_FLAG_CC_RTT indicates the validity of the
   "cc_rtt" field for the associated receiver node.  Normally, this flag
   will be set since the receivers in the list will typically be
   receivers from which the sender has received feedback.  However, in
   the case the NORM sender has been pre-configured with a set of PLR
   nodes, feedback from those receivers might not have yet been
   collected and thus the "cc_rtt" field does not contain a valid value
   when this flag is not set.  Similarly, a value of ZERO for the
   "cc_rate" field here MUST be treated as an invalid value and be
   ignored for the purposes of feedback suppression, etc. NORM_CMD(CC) Feedback Response
Receivers explicitly respond to NORM_CMD(CC) messages in the form of a NORM_ACK(RTT) message. The goal of the congestion control feedback is to determine the receivers with the lowest congestion control rates. Receivers marked as CLR or PLR nodes in the NORM_CMD(CC) "cc_node_list" immediately provide feedback in the form of a NORM_ACK to this message. When a NORM_CMD(CC) is received, non-CLR or non-PLR nodes initiate random feedback backoff timeouts similar to those used when the receiver initiates a repair cycle (see Section 5.3) in response to detection of data loss. The backoff timeout for the congestion control response is generated as follows: T_backoff = RandomBackoff(K_backoff * GRTT_sender, GSIZE_sender) The RandomBackoff() algorithm provides a truncated exponentially distributed random number and is described in the Multicast NACK Building Block [RFC5401] document. The same backoff factor, K_backoff = K_sender, as used with NORM_NACK suppression is generally RECOMMENDED. However, in cases where the application purposefully
Top   ToC   RFC5740 - Page 71
   specifies a very small K_sender backoff factor to minimize the NACK
   repair process latency (trading off group size scalability), it is
   RECOMMENDED a larger backoff factor for congestion control feedback
   be maintained, since there can be a larger volume of congestion
   control feedback than NACKs in many cases and some congestion control
   feedback latency might be tolerable where reliable delivery latency
   is not.  As previously noted, a backoff factor value of K_sender = 4
   is generally RECOMMENDED for ASM operation and K_sender = 6 for SSM
   operation.  A receiver SHALL cancel the backoff timeout and thus its
   pending transmission of a NORM_ACK(RTT) message under the following

   1.  The receiver generates another feedback message (NORM_NACK or
       other NORM_ACK) before the congestion control feedback timeout
       expires (these messages will convey the current congestion
       control feedback information).

   2.  A NORM_CMD(CC) or other receiver feedback with an ordinally
       greater "cc_sequence" field value is received before the
       congestion control feedback timeout expires (this is similar to
       the TFMCC feedback round number).

   3.  When the T_backoff is greater than 1*GRTT_sender.  This prevents
       NACK implosion in the event of sender or network failure.

   4.  "Suppressing" congestion control feedback is heard from another
       receiver (in a NORM_ACK or NORM_NACK) or via a
       NORM_CMD(REPAIR_ADV) message from the sender.  The local
       receiver's feedback is "suppressed" if the rate of the competing
       feedback (Rfb) is sufficiently close to or less than the local
       receiver's calculated rate (Rcalc).  The local receiver's
       feedback is canceled when Rcalc > (0.9 * Rfb).  Also, note
       receivers that have not yet received an RTT measurement from the
       sender are suppressed only by other receivers that have not yet
       measured RTT.  Additionally, receivers whose RTT estimate has
       aged considerably (i.e., they haven't been included in the
       NORM_CMD(CC) "cc_node_list" in a long time) might wish to compete
       as a receiver with no prior RTT measurement after some long-term
       expiration period.

   When the backoff timer expires, the receiver SHALL generate a
   NORM_ACK(RTT) message to provide feedback to the sender and group.
   This message MAY be multicast to the group for most effective
   suppression in ASM topologies or unicast to the sender depending upon
   how the NORM protocol is deployed and configured.

   Whenever any feedback is generated (including this NORM_ACK(RTT)
   message), receivers include an adjusted version of the sender
Top   ToC   RFC5740 - Page 72
   timestamp from the most recently received NORM_CMD(CC) message and
   its "cc_sequence" value in the corresponding NORM_ACK or NORM_NACK
   message fields.  For NORM-CC operation, any generated feedback
   message SHALL also contain the NORM-CC Feedback header extension.
   The receiver provides its current "cc_rate" estimate, "cc_loss"
   estimate, "cc_rtt" if known, and any applicable "cc_flags" via this
   header extension.

   During slow start (when the receiver has not yet detected loss from
   the sender), the receiver uses a value equal to two times its
   measured rate from the sender in the "cc_rate" field.  For steady-
   state congestion control operation, the receiver "cc_rate" value is
   from the equation-based value using its current loss event estimate
   and sender<->receiver RTT information.  (The GRTT_sender is used when
   the receiver has not yet measured its individual RTT.)

   The "cc_loss" field value reflects the receiver's current loss event
   estimate with respect to the sender in question.

   When the receiver has a valid individual RTT measurement, it SHALL
   include this value in the "cc_rtt" field.  The NORM_FLAG_CC_RTT MUST
   be set when the "cc_rtt" field is valid.

   After a congestion control feedback message is generated or when the
   feedback is suppressed, a non-CLR receiver begins a "holdoff" timeout
   period during which it will restrain itself from providing congestion
   control feedback, even if NORM_CMD(CC) messages are received from the
   sender (unless the receive becomes marked as a CLR or PLR node).  The
   value of this holdoff timeout (T_ccHoldoff) period is:

                   T_ccHoldoff = (K_sender * GRTT_sender)

   Thus, non-CLR receivers are constrained to providing explicit
   congestion control feedback once per K_sender*GRTT_sender intervals.
   However, as the session progresses, different receivers will be
   responding to different NORM_CMD(CC) messages and there will be
   relatively continuous feedback of congestion control information
   while the sender is active. Congestion Control Rate Adjustment
During steady-state operation, the sender will directly adjust its transmission rate to the rate indicated by the feedback from its currently selected CLR. As noted in [TfmccPaper], the estimation of parameters (loss and RTT) for the CLR will generally constrain the rate changes possible within acceptable bounds. For rate increases, the sender SHALL observe a maximum rate of increase of one packet per RTT at all times during steady-state operation.
Top   ToC   RFC5740 - Page 73
   The sender processes congestion control feedback from the receivers
   and selects the CLR based on the lowest rate receiver.  Receiver
   rates are determined either directly from the slow start "cc_rate"
   provided by the receiver in the NORM-CC Feedback header extension or
   by performing the equation-based calculation using individual RTT and
   loss estimates ("cc_loss") as feedback is received.

   The sender can calculate a current RTT for a receiver (RTT_rcvrNew)
   using the "grtt_response" timestamp included in feedback messages.
   When the "cc_rtt" value in a response is not valid, the sender simply
   uses this RTT_rcvrNew value as the receiver's current RTT (RTT_rcvr).
   For non-CLR and non-PLR receivers, the sender SHOULD use the "cc_rtt"
   provided in the NORM-CC Feedback header extension as the receiver's
   previous RTT measurement (RTT_rcvrPrev) averaged with the current
   measurement ("RTT_rcvrNew") as the receiver's RTT value:

             RTT_rcvr = 0.5 * RTT_rcvrPrev + 0.5 * RTT_rcvrNew

   For CLR receivers where feedback is received more regularly, the
   sender SHOULD maintain a more smoothed RTT estimate upon new feedback
   from the CLR where:

                 RTT_clr = 0.9 * RTT_clr + 0.1 * RTT_clrNew

   RTT_clrNew is the new RTT calculated from the timestamp in the
   feedback message received from the CLR.  The RTT_clr is initialized
   to RTT_clrNew on the first feedback message received.  Note that the
   same procedure is observed by the sender for PLR receivers, and if a
   PLR is "promoted" to CLR status, the smoothed estimate can be

   There are some additional periods besides steady-state operation to
   be considered in NORM-CC operation.  These periods are:

   1.  during session startup,

   2.  when no feedback is received from the CLR, and

   3.  when the sender has a break in data transmission.

   During session startup, the congestion control operation SHALL
   observe a "slow-start" procedure to quickly approach its fair
   bandwidth share.  An initial sender startup rate is assumed where:

    Rinit = MIN(NormSegmentSize/GRTT_sender, NormSegmentSize) bytes/sec

   The rate is increased only when feedback is received from the
   receiver set.  The "slow start" phase proceeds until any receiver
Top   ToC   RFC5740 - Page 74
   provides feedback indicating loss has occurred.  Rate increase during
   slow start is applied as:
                              Rnew = Rrecv_min

   where Rrecv_min is the minimum reported receiver rate in the
   "cc_rate" field of congestion control feedback messages received from
   the group.  Note during slow start, receivers use two times their
   measured rate from the sender in the "cc_rate" field of their
   feedback.  Rate increase adjustment is limited to once per GRTT
   during slow start.

   If the CLR or any receiver intends to leave the group, it will set
   the NORM_FLAG_CC_LEAVE in its congestion control feedback message as
   an indication the sender SHOULD NOT select it as the CLR.  When the
   CLR changes to a lower rate receiver, the sender SHOULD immediately
   adjust to the new lower rate.  The sender is limited to increasing
   its rate at one additional packet per RTT towards any new, higher CLR

   The sender SHOULD also track the age of the feedback it has received
   from the CLR by comparing its current "cc_sequence" value
   (Seq_sender) to the last "cc_sequence" value received from the CLR
   (Seq_clr).  As the age of the CLR feedback increases with no new
   feedback, the sender SHALL begin reducing its rate once per RTT_clr
   as a congestion avoidance measure.  The following algorithm is used
   to determine the decrease in sender rate (Rsender bytes/sec) as the
   CLR feedback, unexpectedly, excessively ages:

                   Age = Seq_sender - Seq_clr;
                   if (Age > 4) Rsender = Rsender * 0.5;

   This rate reduction is limited to the lower bound on NORM
   transmission rates.  After NORM_ROBUST_FACTOR consecutive
   NORM_CMD(CC) rounds without any feedback from the CLR, the sender
   SHOULD assume the CLR has left the group and pick the receiver with
   the next lowest rate as the new CLR.  Note this assumes the sender
   does not have explicit knowledge the CLR intentionally left the
   group.  If no receiver feedback is received, the sender MAY wish to
   withhold further transmissions of NORM_DATA segments and maintain
   NORM_CMD(CC) transmissions only until feedback is detected.  After
   such a CLR timeout, the sender will be transmitting with a minimal
   rate and SHOULD return to slow start as described here for a break in
   data transmission.

   When the sender has a break in its data transmission, it can continue
   to probe the group with NORM_CMD(CC) messages to maintain RTT
   collection from the group.  This will enable the sender to quickly
   determine an appropriate CLR upon data transmission restart.
Top   ToC   RFC5740 - Page 75
   However, the sender SHOULD exponentially reduce its target rate to be
   used for transmission restart as time since the break elapses.  The
   target rate SHOULD be recalculated once per RTT_clr as:

                          Rsender = Rsender * 0.5;

   If the minimum NORM rate is reached, the sender SHOULD set the
   NORM_FLAG_START flag in its NORM_CMD(CC) messages upon restart and
   the group SHOULD observe slow-start congestion control procedures
   until any receiver experiences a new loss event.

5.5.3. NORM Positive Acknowledgment Procedure

NORM provides options for the source application to request positive acknowledgment (ACK) of NORM_CMD(FLUSH) and NORM_CMD(ACK_REQ) messages from members of the group. There are some specific acknowledgment requests defined for the NORM protocol and a range of acknowledgment request types left to be defined by the application. One predefined acknowledgment type is the NORM_ACK(FLUSH) type. This acknowledgment is used to determine if receivers have achieved completion of reliable reception up through a specific logical transmission point with respect to the sender's sequence of transmission. The NORM_ACK(FLUSH) acknowledgment MAY be used to assist in application flow control when the sender has information on a portion of the receiver set. Another predefined acknowledgment type is NORM_ACK(CC) used to explicitly provide congestion control feedback in response to NORM_CMD(CC) messages transmitted by the sender for NORM-CC operation. Note the NORM_ACK(CC) response does NOT follow the positive acknowledgment procedure described here. The NORM_CMD(ACK_REQ) and NORM_ACK messages contain an "ack_type" field to identify the type of acknowledgment requested and provided. A range of "ack_type" values is provided for application-defined use. While the application is responsible for initiating the acknowledgment request and interprets application-defined "ack_type" values, the acknowledgment procedure SHOULD be conducted within the protocol implementation to take advantage of timing and transmission scheduling information available to the NORM transport. The NORM Positive Acknowledgment Procedure uses polling by the sender to query the receiver group for response. Note this polling procedure is not intended to scale to very large receiver groups, but could be used in a large group setting to query a critical subset of the group. Either the NORM_CMD(ACK_REQ), or when applicable, the NORM_CMD(FLUSH) message is used for polling and contains a list of NormNodeIds of the receivers expected to respond to the command. The list of receivers providing acknowledgment is determined by the source application with a priori knowledge of participating nodes or via some other application-level mechanism.
Top   ToC   RFC5740 - Page 76
   The ACK process is initiated by the sender generating NORM_CMD(FLUSH)
   or NORM_CMD(ACK_REQ) messages in periodic rounds.  For
   NORM_ACK(FLUSH) requests, the NORM_CMD(FLUSH) contains a
   "object_transport_id" and "fec_payload_id" denoting the watermark
   transmission point for which acknowledgment is requested.  This
   watermark transmission point is echoed in the corresponding fields of
   the NORM_ACK(FLUSH) message sent by the receiver in response.
   NORM_CMD(ACK_REQ) messages contain an "ack_id" field that is
   similarly echoed in response so the sender can match the response to
   the appropriate request.

   In response to the NORM_CMD(ACK_REQ), the listed receivers randomly,
   with a uniform distribution, transmit NORM_ACK messages over a time
   window of (1*GRTT_sender).  These NORM_ACK messages are typically
   unicast to the sender.  (Note NORM_ACK(CC) messages SHALL be
   multicast or unicast in the same manner as NORM_NACK messages.)

   The ACK process is self-limiting and avoids ACK implosion because:

   1.  Only a single NORM_CMD(ACK_REQ) message is generated once per
       (2*GRTT_sender), and

   2.  The size of the "acking_node_list" of NormNodeIds from which
       acknowledgment is requested is limited to a maximum of the sender
       NormSegmentSize setting per round of the positive acknowledgment

   Because the size of the included list is limited to the sender's
   NormSegmentSize setting, multiple NORM_CMD(ACK_REQ) rounds will
   sometimes be necessary to achieve responses from all receivers
   specified.  The content of the attached NormNodeId list will be
   dynamically updated as this process progresses and NORM_ACK responses
   are received from the specified receiver set.  As the sender receives
   valid responses (i.e., matching watermark point or "ack_id") from
   receivers, it SHALL eliminate those receivers from the subsequent
   NORM_CMD(ACK_REQ) message "acking_node_list" and add in any pending
   receiver NormNodeIds while keeping within the NormSegmentSize
   limitation of the list size.  Each receiver is queried a maximum
   number of times (NORM_ROBUST_FACTOR, by default).  Receivers not
   responding within this number of repeated requests are removed from
   the payload list to make room for other potential receivers pending
   acknowledgment.  The transmission of the NORM_CMD(ACK_REQ) is
   repeated until no further responses are needed or until the repeat
   threshold is exceeded for all pending receivers.  The transmission of
   NORM_CMD(ACK_REQ) or NORM_CMD(FLUSH) messages to conduct the positive
   acknowledgment process is multiplexed with ongoing sender data
   transmissions.  However, the NORM_CMD(FLUSH) positive acknowledgment
   process MAY be interrupted in response to negative acknowledgment
Top   ToC   RFC5740 - Page 77
   repair requests (NACKs) received from receivers during the
   acknowledgment period.  The NORM_CMD(FLUSH) positive acknowledgment
   process is restarted for receivers pending acknowledgment once any
   the repairs have been transmitted.

   In the case of NORM_CMD(FLUSH) commands with an attached
   "acking_node_list", receivers will not ACK until they have received
   complete transmission of all data up to and including the given
   watermark transmission point.  All receivers SHALL interpret the
   watermark point provided in the request NACK for repairs if needed as
   for NORM_CMD(FLUSH) commands with no attached "acking_node_list".

5.5.4. Group Size Estimate

NORM sender messages contain a "gsize" field that is a representation of the group size and that is used in scaling random backoff timer ranges. The use of the group size estimate within the NORM protocol does not demand a precise estimation and works reasonably well if the estimate is within an order of magnitude of the actual group size. By default, the NORM sender group size estimate MAY be administratively configured. Also, given the expected scalability of the NORM protocol for general use, a default value of 10,000 is RECOMMENDED for use as the group size estimate. It is also possible the group size MAY be algorithmically approximated from the volume of congestion control feedback messages based on the exponentially weighted random backoff. However, the specification of such an algorithm is currently beyond the scope of this document.

6. Configurable Elements

The NORM protocol supports a modest number of configurable parameters that control operation. Most of these need only be set at NORM sender(s) and the configuration information is communicated to the receiver set in NORM header and/or header extension fields. A notable exception to this is the NORM_ROBUST_FACTOR that is presumed to be a common value preset among senders and receivers for a given NORM session. The following table summarizes these configurable elements:
Top   ToC   RFC5740 - Page 78
   | Configurable       | Purpose                                      |
   | Element            |                                              |
   | Sender initial     | Sender's initial estimate of greatest group  |
   | GRTT Estimate      | round-trip time.  Affects timing of feedback |
   | (GRTT_sender)      | suppression and sender command transmissions |
   |                    | at sender startup.                           |
   | Backoff Factor     | Sender's scaling factor used for timer-based |
   | (K_sender)         | feedback suppression.                        |
   | Group Size         | Sender's rough estimate of receiver group    |
   | Estimate           | size used in generation of random feedback   |
   | (GSIZE_sender)     | backoff timeout.                             |
   | NORM_ROBUST_FACTOR | Integer factor determining how persistently  |
   |                    | (i.e., robust) senders transmit repeated     |
   |                    | control messages and receivers self-initiate |
   |                    | timeout-based NACKing in the absence of      |
   |                    | sender activity.                             |
   | FEC Type           | Sender FEC encoding type.                    |
   | ("fec_id")         |                                              |
   | Sender segment     | Maximum size (in bytes) of the payload       |
   | size               | portion of NORM_DATA and other messages.     |
   | (NormSegmentSize)  |                                              |
   | NormNodeId         | Unique identifiers pre-assigned to all NORM  |
   |                    | session participants.                        |

   The sender-controlled GRTT estimate (referred to as GRTT_sender in
   this document) is used to set and scale various timers associated
   with NORM protocol operation.  During steady-state operation, the
   sender probes the receiver set, adapts to the group round-trip timing
   state, and advertises its estimate to the receiver set in the "grtt"
   field of relevant NORM protocol messages.  However, an initial value
   must be assumed at sender startup.  A large initial estimate is
   conservative and safer with regard to preventing feedback implosion
   and starting up congestion control operation, but requires the sender
   and receivers to allocate more buffering resources for a given
   transmission rate (i.e., larger effective delay*bandwidth product) to
   maintain efficient operation.  A default initial value of GRTT_sender
   = 0.5 seconds is RECOMMENDED.

   The sender-controlled Backoff Factor (referred to a K_sender in this
   document) is used to scale protocol timers and contributes to the
   generation of the random backoff timeout value that facilitates
   timer-based feedback suppression.  The sender advertises its
   configured Backoff Factor to the receiver set in the "backoff" field
   of applicable NORM messages and thus no receiver configuration is
   necessary.  For ASM operation, a default value of K_sender = 4 is
Top   ToC   RFC5740 - Page 79
   RECOMMENDED; for SSM operation, a default value of K_sender = 6 is

   The sender estimate of session Group Size (referred to as
   GSIZE_sender in this document) also plays a role in the random
   selection of feedback suppression timeout values.  The sender
   advertises its configured Group Size estimate to the receiver set in
   the "gsize" field of applicable NORM messages; thus, no receiver
   configuration is necessary.  Only a rough estimate (i.e., "order-of-
   magnitude") is needed for effective feedback suppression and a
   default value of GSIZE_sender = 10,000 is RECOMMENDED as a
   conservative estimate for most uses.

   The NORM_ROBUST_FACTOR is an integer parameter that determines how
   persistently NORM senders transmit control messages (NORM_CMD
   messages) such as end-of-transmission flushing, OPTIONAL positive
   acknowledgment requests, etc.  Additionally, the receivers use their
   knowledge of NORM_ROBUST_FACTOR to determine when to consider a NORM
   sender inactive and MAY use the factor in determining how
   persistently to self-initiate repeated NACK repair requests upon such
   timeouts.  This parameter is NOT communicated in NORM protocol
   message headers and is presumed to be preset to a consistent value
   among sender and receivers for a given NORM session.  A default value

   Another NORM sender configuration element is the FEC type used to
   encode NORM_DATA message content.  The FEC type is communicated from
   the sender to the receiver set in the "fec_id" field of relevant NORM
   message headers.  The "fec_id" value corresponds to an IANA-assigned
   value identifying the FEC encoding type as described in the FEC
   Building Block [RFC5052] document.  Typically, a sender SHOULD use a
   consistent FEC encoding for its participation in a session to
   simplify receiver state allocation and maintenance, but its
   implementations MAY vary the FEC encoding type on a per-object basis
   if necessary.

   The sender NormSegmentSize setting determines the maximum size of the
   payload portion of NORM_DATA and other messages that the sender
   transmits.  Additionally, the payload size of feedback messages from
   receivers to a given sender is limited to that sender's
   NormSegmentSize.  The NormSegmentSize SHOULD be configured to be
   compatible with expected network MTU limitations, given the added
   overhead of NORM, UDP, and IP protocol message headers.
   Additionally, MTU Discovery MAY be employed by the sender to
   determine an appropriate NormSegmentSize.  The NormSegmentSize for a
   given sender can be determined by receivers from the FEC Object
   Transmission Information (FTI) provided either in applied EXT_FTI
   header extensions or pre-configured session information.
Top   ToC   RFC5740 - Page 80
   Although it is not technically a configurable element, the receivers
   MUST have FEC Object Transmission Information for transmitted
   NormObjects to properly buffer, decode, and reassemble the original
   content.  For loosely organized NORM protocol sessions, the sender
   MAY apply the EXT_FTI Header Extension to NORM_DATA and NORM_INFO (if
   applicable) messages so that receivers can get this information
   without prior coordination.  An implementation MAY also apply the
   EXT_FTI only to NORM_INFO messages for reduced overhead.  Finally,
   applications MAY also provide the FTI out-of-band prior to sender

   Each participant in a NORM protocol session MUST be configured with a
   unique NormNodeId value.  The NormNodeId value is used by receivers
   to identify the sender to which their NACK or other feedback messages
   are addressed, and senders use the NormNodeId to differentiate
   receivers for purposes of congestion control and OPTIONAL positive
   acknowledgment collection.  Assignment of unique NormNodeId values
   can be done via a priori coordination and/or use of a deconfliction
   mechanism external to the NORM protocol itself.  The values of
   NORM_NODE_NONE = 0x00000000 and NORM_NODE_ANY = 0xffffffff are
   reserved and MUST NOT be assigned to NORM participants.

7. Security Considerations

The same security considerations that apply to the Multicast NACK [RFC5401], TFMCC [RFC4654], and FEC [RFC5052] Building Blocks also apply to the NORM protocol. In addition to the vulnerabilities to which any IP and IP multicast protocol implementation is subject, malicious hosts might engage in excessive NACKing in an attempt to prevent the NORM sender(s) from making forward progress in reliable transmission. Receiver "join" and "service" policy enforcement as described in Section 5.2 can be applied if such activity is detected. The use of cryptographic peer authentication, integrity checks, and/or confidentiality mechanisms can be used to provide a more effective degree of protection from objectionable transmissions from unauthorized hosts. But in some cases, even with authentication and integrity checks, the NACK-based feedback of NORM can be exploited by replay attacks forcing the NORM sender to unnecessarily transmit repair information. This MAY be addressed in part with network-layer IP security implementations that guard against this potential security exploitation or alternatively with a security mechanism using the EXT_AUTH header extension for similar purposes. Such security mechanisms SHOULD be deployed and used when available. Use of security mechanisms will impose additional "a priori" configuration upon the NORM deployment depending upon the techniques used. The NORM protocol is compatible with the use of IP security (IPsec)
Top   ToC   RFC5740 - Page 81
   [RFC4301], and the IPsec Encapsulating Security Payload (ESP)
   protocol or Authentication Header (AH) extension can be used to
   secure IP packets transmitted by NORM participants.  A baseline
   approach to secure NORM operation using IPsec is described below.
   Compliant implementations of this specification are REQUIRED to be
   compatible with IPsec usage as described in Section 7.1.  IPsec can
   be used to provide peer authentication, integrity protection, and/or
   encryption of packets containing NORM messages.

   Additionally, the EXT_AUTH header extension (HET = 1) is reserved for
   use by security mechanisms to provide alternatives to IPsec for the
   security of NORM messages.  The format of this header extension and
   its processing is outside the scope of this document and is to be
   communicated out-of-band as part of the session description.  It is
   possible an EXT_AUTH implementation MAY also provide for encryption
   of NORM message payloads as well as peer authentication and integrity
   protection.  The use of this approach as compared to IPsec can allow
   for header compression techniques to be applied jointly to IP and
   NORM protocol headers.  In cases where security analysis deems
   encryption of NORM protocol header content to be beneficial or
   necessary, the aforementioned use of IPsec ESP might be more
   appropriate.  Additionally, the EXT_AUTH header extension can be
   utilized when NORM is implemented in a network with Network Address
   Translation (NAT) systems that are incompatible with use of the IPsec
   AH extension.  If EXT_AUTH is present, whatever packet authentication
   or integrity checks that can be performed immediately upon reception
   of the packet MUST be performed before accepting the packet and
   performing any congestion-control-related action on it.  Some packet
   authentication schemes impose a delay of several seconds between when
   a packet is received and when the packet can be fully authenticated.
   Any appropriate congestion control related action MUST NOT be
   postponed by any such packet security mechanism (i.e., security
   mechanisms MUST NOT result in poor congestion control behavior).

   Consideration MUST also be given to the potential for replay-attacks
   that would transplant authenticated packets from one NORM session to
   another to disrupt service.  To avoid this potential, unique keys
   SHOULD be assigned on a per-session basis or NORM sender nodes SHOULD
   be configured to use unique "instance_id" identifiers managed as part
   of the security association for the sessions.

   Note NORM implementations can use the "sequence" field from the NORM
   common message header to detect replay attacks.  This can be
   accomplished if the NORM sender maintains state on actively NACKing
   receivers.  A cache of such receiver state can be used to provide
   protection against NACK replay attacks.  NORM receivers MUST also
   maintain similar state for protection against possible replay of
   other receiver messages in ASM operation as well.  For example, a
Top   ToC   RFC5740 - Page 82
   receiver could be suppressed from providing NACK or congestion
   control feedback by replay of certain receiver messages.  For these
   reasons, authentication of NORM messages (e.g., via IPsec) SHOULD be
   applied for protection against similar attacks that use fabricated
   messages.  Also, encryption of messages to provide confidentiality of
   application data and protect privacy of users MAY also be applied
   using IPsec or similar mechanisms.

   When applicable security measures are used, automated key management
   mechanisms such as those described in the Group Domain of
   Interpretation (GDOI) [RFC3547], Multimedia Internet KEYing (MIKEY)
   [RFC3830], or Group Secure Association Key Management Protocol
   (GSAKMP) [RFC4535] specifications SHOULD be applied.

   While NORM does leverage FEC-based repair for scalability, this alone
   does not guarantee integrity of received data.  Application-level
   integrity-checking of received data content is highly RECOMMENDED.
   This recommendation also applies when the IPsec security approach
   described below is used for added assurance in data content integrity
   given the shared use of IPsec Security Association information among
   the group.

7.1. Baseline Secure NORM Operation

This section describes a baseline mode of secure NORM protocol operation based on application of the IPsec security protocol. This approach is documented here to provide a baseline interoperable secure mode of operation. This particular approach represents one possible trade-off in the level of assurance that can be achieved and the scalability of multicast group-size given current IPsec mechanisms and the state required to support them. For example, this baseline approach specifies the use of a Security Association that is shared among the receiver set for feedback messages to the sender. This model requires that the receiver membership receiving the session keys is trusted and only provides protection from attacks that are external to the NORM group membership. More stateful and complex IPsec approaches and key management schemes may be applied for higher levels of assurance, but those are beyond the scope of this transport protocol specification. Additional approaches to NORM security, including other forms of IPsec application, MAY be specified in the future. For example, the use of the EXT_AUTH header extension could enable NORM-specific authentication or security encapsulation headers similar to those of IPsec to be specified and inserted into the NORM protocol message headers. This would allow header compression techniques to be applied to IP and NORM protocol headers when needed in a similar fashion to RTP [RFC3550] and as preserved in the specification for Secure Real Time Protocol (SRTP) [RFC3711].
Top   ToC   RFC5740 - Page 83
   The baseline approach described is applicable to NORM operation
   configured for SSM (or SSM-like) operation where there is a single
   sender and the receivers are providing unicast feedback.  This form
   of NORM operation allows for IPsec to be used with a manageable
   number of security associations (SA).

7.1.1. IPsec Approach

For NORM one-to-many SSM operation with unicast feedback from receivers, each node SHALL be configured with two transport mode IPsec security associations and corresponding Security Policy Database (SPD) entries. One entry will be used for sender-to-group multicast packet authentication and optionally encryption while the other entry will be used to provide security for the unicast feedback messaging from the receiver(s) to the sender. Note that this single SA for NORM receiver feedback messages is shared to protect traffic from possibly multiple receivers to the single sender. For each NormSession, the NORM sender SHALL use an IPsec SA configured for ESP protocol [RFC4303] operation with the option for data origin authentication enabled. It is also RECOMMENDED this IPsec ESP SA be also configured to provide confidentiality protection for IP packets containing NORM protocol messages. This is suggested to make the realization of complex replay attacks much more difficult. The encryption key for this SA SHALL be preplaced at the sender and receiver(s) prior to NORM protocol operation. Use of automated key management is RECOMMENDED as a rekey SHALL be REQUIRED prior to expiration of the sequence space for the SA. This is necessary so receivers can use the built-in IPsec replay attack protection possible for an IPsec SA with a single source (the NORM sender). Thus, the receivers SHALL enable replay attack protection for this SA used to secure NORM sender traffic. An IPsec SPD entry MUST be configured to process outbound packets to the session (destination) address and UDP port number of the applicable (NormSession). The NORM receiver(s) MUST be configured with the SA and SPD entry to properly process the IPsec-secured packets from the sender. The NORM receiver(s) SHALL also use a common, second IPsec SA (common Security Parameter Index (SPI) and encryption key) configured for ESP operation with the option for data origination authentication enabled. Similar to the NORM sender, is RECOMMENDED this IPsec ESP SA be also configured to provide confidentiality protection for IP packets containing NORM protocol messages. The receivers MUST have an IPsec SPD entry configured to process outbound NORM/UDP packets directed to the NORM sender source address and port number using this second SA. To support NORM unicast feedback, the sender's transmission port number SHOULD be selected to be distinct from the
Top   ToC   RFC5740 - Page 84
   multicast session port number to allow discrimination between unicast
   and multicast feedback messages when access to the IP destination
   address is not possible (e.g., a user-space NORM implementation).
   For processing of packets from receivers, the NORM sender SHALL be
   configured with this common, second SA (and the corresponding SPD
   entry needed) in order to properly process messages from the

   Multiple receivers using a common IPsec SA for traffic directed to
   the NORM sender (i.e., many-to-one) typically prevents the use of
   built-in IPsec replay attack protection by the NORM sender with
   current IPsec implementations.  Thus the built-in IPsec replay attack
   protection for this second SA at the sender MUST be disabled unless
   the particular IPsec implementation manages its replay protection on
   a per-source basis (which is not typical of existing IPsec
   implementations).  So, to support a fully secure mode of operation,
   the NORM sender implementation MUST provide replay attack protection
   based upon the "sequence" field of NORM protocol messages from
   receivers.  This can be accomplished with a high assurance of
   security, even with the limited size (16-bits) of this field,

   1.  NORM receiver NACK and non-CLR ACK feedback messages are sparse.

   2.  The more frequent NORM_ACK feedback from CLR or PLR nodes is only
       a small set of receivers for which the sender needs to keep more
       persistent replay attack state.

   3.  NORM_NACK feedback messages preceding the sender's current repair
       window do not significantly impact protocol operation (generation
       of NORM_CMD(SQUELCH) is limited) and could be in fact ignored.
       This means the sender can prune any replay attack state that
       precedes the current repair window.

   4.  NORM_ACK messages correspond to either a specific sender
       "ack_id", the sender "cc_sequence" for ACKs sent in response to
       NORM_CMD(CC), or the sender's current repair window in the case
       of ACKs sent in response to NORM_CMD(FLUSH).  Thus, the sender
       can prune any replay attack state for receivers that precede the
       current applicable sequence or repair window space.

   The use of ESP confidentiality for secure NORM protocol operation
   makes it more difficult for adversaries to conduct any form of replay
   attacks.  Additionally, a NORM sender implementation with access to
   the full ESP protocol header could also use the ESP sequence
   information to make replay attack protection even more robust by
   maintaining the per-source ESP sequence state that existing IPsec
   implementations typically do not provide.  The design of this
Top   ToC   RFC5740 - Page 85
   baseline security approach for NORM intentionally places any more
   complex processing state or processing (e.g., replay attack
   protection given multiple receivers) at the NORM sender since NORM
   receiver implementations might often need to be less complex.

   This baseline approach can be used for NORM protocol sessions with
   multiple senders if the SA pairs described are established for each
   sender.  For small-sized groups, it is even possible many-to-many
   (ASM) IPsec configuration could be achieved where each participant
   uses a unique SA (with a unique SPI).  In this case, the sender(s)
   would maintain an SA for each other participant rather than a single,
   shared SA for receiver feedback messages.  This does not scale to
   larger group sizes given the complex set of SA and SPD entries each
   participant would need to maintain.

   It is anticipated in early deployments of this baseline approach to
   NORM security that key management will be conducted out-of-band with
   respect to NORM protocol operation.  In the case of one-to-many NORM
   operation, it is possible receivers will retrieve keying information
   from a central server as needed or otherwise conduct group key
   updates with a similar centralized approach.  Alternatively, it is
   possible with some key management schemes for rekey messages to be
   transmitted to the group as a message or transport object within the
   NORM reliable transfer session.  Similarly, for group-wise
   communication sessions, it is possible for potential group
   participants to request keying and/or rekeying as part of NORM
   communications.  Additional specification is necessary to define an
   in-band key management scheme for NORM sessions perhaps using the
   mechanisms of the automated group key management specifications cited
   in this document.  Additional specification outside of the scope of
   this document would be needed to provide an interoperable approach
   for key management in-band of a NORM reliable transport session.

7.1.2. IPsec Requirements

In order to implement this secure mode of NORM protocol operation, the following IPsec capabilities are REQUIRED. Selectors
The implementation MUST be able to use the source address, destination address, protocol (UDP), and UDP port numbers as selectors in the SPD. Mode
IPsec in transport mode MUST be supported. The use of IPsec [RFC4301] processing for secure NORM traffic MUST be configured such
Top   ToC   RFC5740 - Page 86
   that unauthenticated packets are not received by the NORM protocol
   implementation. Key Management
An automated key management scheme for group key distribution and rekeying such as GDOI [RFC3547], GSAKMP [RFC4535], or MIKEY [RFC3830] is RECOMMENDED for use. Note it is possible for key update messages (e.g., the GDOI GROUPKEY-PUSH message) to be included as part of the NORM application reliable data transmission if appropriate interfaces are available between the NORM application and the key management daemon. Relatively short-lived NORM sessions MAY be able to use Manual Keying with a single, preplaced key, particularly if Extended Sequence Numbering (ESN) [RFC4303] is available in the IPsec implementation used. When manual keys are used, it is important that cryptographic algorithms suitable for manual key use are selected. Security Policy
Receivers MUST accept protocol messages only from the designated, authorized sender(s). Appropriate key management will provide authentication, integrity and/or encryption keys only to receivers authorized to participate in a designated session. The approach outlined here allows receiver sets to be controlled on a per-sender basis. Authentication and Encryption
Large NORM group sizes will necessitate some form of key management that does rely upon shared secrets. The GDOI and GSAKMP protocols mentioned here allow for certificate-based authentication. It is RECOMMENDED these certificates use IP addresses for authentication. Availability
The IPsec requirements profile outlined here is commonly available on many potential NORM hosts. Configuration and operation of IPsec typically requires privileged user authorization. Automated key management implementations are typically configured with the privileges necessary to affect system IPsec configuration.

8. IANA Considerations

Values of NORM Header Extension Types, Stream Control Codes, and NORM_CMD message sub-types are subject to IANA registration. They are in the registry named "Reliable Multicast Transport (RMT) NORM Protocol Parameters" available from
Top   ToC   RFC5740 - Page 87
   Note the reliable multicast building block components used by this
   specification also have their respective IANA considerations, and
   those documents SHOULD be consulted accordingly.  In particular, the
   FEC Building Block used by NORM does REQUIRE IANA registration of the
   FEC codecs used.  The registration instructions for FEC codecs are
   provided in RFC 5052.  It is possible additional extensions of the
   NORM protocol might be specified in the future (e.g., additional NORM
   message types) and additional registries be established at that time
   with appropriate IETF standards action.

8.1. Explicit IANA Assignment Guidelines

This document introduces three registries for the NORM Header Extension Types, Stream Control Codes, and NORM_CMD Message sub- types. This section describes explicit IANA assignment guidelines for each of these.

8.1.1. NORM Header Extension Types

This document defines a registry for NORM Header Extensions named "NORM Header Extension Types". The NORM Header Extension Type field is an 8-bit value. The values of this field identify extended header content allowing the protocol functionality to be expanded to include additional features and operating modes. The values that can be assigned within the "NORM Header Extensions" registry are numeric indexes in the range {0, 255}, boundaries included. Values in the range {0,127} indicate variable-length extended header fields while values in the range {128,255} indicate extensions of a fixed 4-byte length. This specification registers the following NORM Header Extension Types: +-------+----------+--------------------+ | Value | Name | Reference | +-------+----------+--------------------+ | 1 | EXT_AUTH | This specification | | 3 | EXT_CC | This specification | | 64 | EXT_FTI | This specification | | 128 | EXT_RATE | This specification | +-------+----------+--------------------+ Requests for assignment of additional NORM Header Extension Type values are granted on a "Specification Required" basis as defined by IANA Guidelines [RFC5226]. Any such header extension specifications MUST include a description of protocol actions to be taken when the extension type is encountered by a protocol implementation not supporting that specific option. For example, it is often possible for protocol implementations to ignore unknown header extensions.
Top   ToC   RFC5740 - Page 88

8.1.2. NORM Stream Control Codes

This document defines a registry for NORM Stream Control Codes named "NORM Stream Control Codes". NORM Stream Control Codes are 16-bit values that can be inserted within a NORM_OBJECT_STREAM delivery object to convey sequenced, out- of-band (with respect to the stream data) control signaling applicable to the referenced stream object. These control codes are to be delivered to the application or protocol implementation with reliable delivery, in-order with respect to the their inserted position within the stream. This specification registers the following NORM Stream Control Code: +-------+-----------------+--------------------+ | Value | Name | Reference | +-------+-----------------+--------------------+ | 0 | NORM_STREAM_END | This specification | +-------+-----------------+--------------------+ Additional NORM Stream Control Code value assignment requests are granted on a "Specification Required" basis as defined by IANA Guidelines [RFC5226]. The full 16-bit space outside of the value assigned in this specification are available for future assignment. In addition to describing the control code's expected interpretation, such specifications MUST include a description of protocol actions to be taken when the control code is encountered by a protocol implementation not supporting that specific option.

8.1.3. NORM_CMD Message Sub-Types

This document defines a registry for NORM_CMD message sub-types named "NORM Command Message Sub-types". The NORM_CMD message "sub-type" field is an 8-bit value with valid values in the range of 1-255. Note the value 0 is reserved to indicate an invalid NORM_CMD message sub-type. The current specification defines a number of NORM_CMD message sub-types senders can use to signal the receivers in various aspects of NORM protocol operation. This specification registers the following NORM_CMD Message Sub-types:
Top   ToC   RFC5740 - Page 89
          | Value | Name                  | Reference          |
          | 0     | reserved              | This specification |
          | 1     | NORM_CMD(FLUSH)       | This specification |
          | 2     | NORM_CMD(EOT)         | This specification |
          | 3     | NORM_CMD(SQUELCH)     | This specification |
          | 4     | NORM_CMD(CC)          | This specification |
          | 5     | NORM_CMD(REPAIR_ADV)  | This specification |
          | 6     | NORM_CMD(ACK_REQ)     | This specification |
          | 7     | NORM_CMD(APPLICATION) | This specification |

   Future specifications extending NORM MAY define additional NORM_CMD
   messages to enhance protocol functionality.  NORM_CMD message sub-
   type value assignment requests are granted on a "Specification
   Required" basis as defined by IANA Guidelines [RFC5226].  In addition
   to describing the command sub-type's expected interpretation,
   specifications MUST include a description of protocol actions to be
   taken when the command is encountered by a protocol implementation
   not supporting that specific option.

   This specification already defines an "application-defined" NORM_CMD
   message sub-type for use at the discretion of individual applications
   using NORM for transport.  These "application-defined" commands are
   suitable for many application-specific purposes and do not involve
   standards action.  In any case, such additional messages SHALL be
   subject to the same congestion control constraints as the existing
   NORM sender message set.

9. Suggested Use

The present NORM protocol is seen as a useful tool for the reliable data transfer over generic IP multicast services. It is not the intention of the authors to suggest it is suitable for supporting all envisioned multicast reliability requirements. NORM provides a simple and flexible framework for multicast applications with a degree of concern for network traffic implosion and protocol overhead efficiency. NORM-like protocols have been successfully demonstrated within the MBone for bulk data dissemination applications, including weather satellite compressed imagery updates servicing a large group of receivers and a generic web content reliable "push" application. In addition, this framework approach has some design features making it attractive for bulk transfer in asymmetric and wireless internetwork applications. NORM is capable of successfully operating independent of network structure and in environments with high packet loss, delay, and out-of-order delivery. Hybrid proactive/reactive
Top   ToC   RFC5740 - Page 90
   FEC-based repairing improve protocol performance in some multicast
   scenarios.  A sender-only repair approach often makes additional
   engineering sense in asymmetric networks.  NORM's unicast feedback
   capability is suitable for use in asymmetric networks or in networks
   where only unidirectional multicast routing/delivery service exists.
   Asymmetric architectures supporting multicast delivery are likely to
   make up an important portion of the future Internet structure (e.g.,
   direct broadcast satellite (DBS) or cable and public-switched
   telephone network (PSTN) hybrids, etc.) and efficient, reliable bulk
   data transfer will be an important capability for servicing large
   groups of subscribed receivers.

10. Changes from RFC 3940

This section lists the changes between the Experimental version of this specification, RFC 3940, and this version: 1. Removal of the NORM_FLAG_MSG_START for NORM_OBJECT_STREAM, replacing it with the "payload_msg_start" field in the FEC- encoded preamble of the NORM_OBJECT_STREAM NORM_DATA payload. 2. Definition of IANA registry for header extension and other assignments. 3. Removal of file blocking scheme description now specified in the FEC Building Block document [RFC5052]. 4. Removal of restriction of NORM receiver feedback message rate to local NORM sender rate (this caused congestion control failures in high speed operation. The extremely low feedback rate of the NORM protocol as compared to TCP avoids any resultant impact to the network as shown in [Mdpcc].) 5. Correction of errors in some message format descriptions. 6. Correction of inconsistency in specification of the inactivity timeout. 7. Addition of IPsec secure mode description with IPsec requirements. 8. Addition of the EXT_AUTH header extension definition. 9. Clarification of interpretation of "Source Block Length" when FEC codes are arbitrarily shortened by the sender.
Top   ToC   RFC5740 - Page 91

11. Acknowledgments

(and these are not Negative) The authors would like to thank Rick Jones, Vincent Roca, Rod Walsh, Toni Paila, Michael Luby, and Joerg Widmer for their valuable input and comments on this document. The authors would also like to thank the RMT working group chairs, Roger Kermode and Lorenzo Vicisano, for their support in development of this specification, and Sally Floyd for her early input into this document.

12. References

12.1. Normative References

[RFC1112] Deering, S., "Host extensions for IP multicasting", STD 5, RFC 1112, August 1989. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC4301] Kent, S. and K. Seo, "Security Architecture for the Internet Protocol", RFC 4301, December 2005. [RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)", RFC 4303, December 2005. [RFC4607] Holbrook, H. and B. Cain, "Source-Specific Multicast for IP", RFC 4607, August 2006. [RFC4654] Widmer, J. and M. Handley, "TCP-Friendly Multicast Congestion Control (TFMCC): Protocol Specification", RFC 4654, August 2006. [RFC5052] Watson, M., Luby, M., and L. Vicisano, "Forward Error Correction (FEC) Building Block", RFC 5052, August 2007. [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 5226, May 2008. [RFC5401] Adamson, B., Bormann, C., Handley, M., and J. Macker, "Multicast Negative-Acknowledgment (NACK) Building Blocks", RFC 5401, November 2008.
Top   ToC   RFC5740 - Page 92

12.2. Informative References

[FecHybrid] Gossink, D. and J. Macker, "Reliable Multicast and Integrated Parity Retransmission with Channel Estimation", IEEE GLOBECOMM, 1998. [McastFeedback] Nonnenmacher, J. and E. Biersack, "Optimal Multicast Feedback", IEEE INFOCOM, p. 964, March/April 1998. [MdpToolkit] Macker, J. and B. Adamson, "The Multicast Dissemination Protocol (MDP) Toolkit", Proc. IEEE MILCOM, October 1999. [Mdpcc] Adamson, B. and J. Macker, "A TCP-Friendly, Rate- based Mechanism for NACK-Oriented Reliable Multicast Congestion Control", Proc. IEEE GLOBECOMM, November 2001. [NormFeedback] Adamson, B. and J. Macker, "Quantitative Prediction of NACK-Oriented Reliable Multicast (NORM) Feedback", IEEE MILCOM, October 2002. [PgmccPaper] Rizzo, L., "pgmcc: A TCP-Friendly Single-Rate Multicast Congestion Control Scheme", ACM SIGCOMM, August 2000. [RFC2357] Mankin, A., Romanov, A., Bradner, S., and V. Paxson, "IETF Criteria for Evaluating Reliable Multicast Transport and Application Protocols", RFC 2357, June 1998. [RFC2974] Handley, M., Perkins, C., and E. Whelan, "Session Announcement Protocol", RFC 2974, October 2000. [RFC3048] Whetten, B., Vicisano, L., Kermode, R., Handley, M., Floyd, S., and M. Luby, "Reliable Multicast Transport Building Blocks for One-to-Many Bulk-Data Transfer", RFC 3048, January 2001. [RFC3269] Kermode, R. and L. Vicisano, "Author Guidelines for Reliable Multicast Transport (RMT) Building Blocks and Protocol Instantiation documents", RFC 3269, April 2002. [RFC3453] Luby, M., Vicisano, L., Gemmell, J., Rizzo, L., Handley, M., and J. Crowcroft, "The Use of Forward Error Correction (FEC) in Reliable Multicast", RFC 3453, December 2002.
Top   ToC   RFC5740 - Page 93
   [RFC3547]        Baugher, M., Weis, B., Hardjono, T., and H. Harney,
                    "The Group Domain of Interpretation", RFC 3547,
                    July 2003.

   [RFC3550]        Schulzrinne, H., Casner, S., Frederick, R., and V.
                    Jacobson, "RTP: A Transport Protocol for Real-Time
                    Applications", STD 64, RFC 3550, July 2003.

   [RFC3711]        Baugher, M., McGrew, D., Naslund, M., Carrara, E.,
                    and K. Norrman, "The Secure Real-time Transport
                    Protocol (SRTP)", RFC 3711, March 2004.

   [RFC3830]        Arkko, J., Carrara, E., Lindholm, F., Naslund, M.,
                    and K. Norrman, "MIKEY: Multimedia Internet KEYing",
                    RFC 3830, August 2004.

   [RFC3940]        Adamson, B., Bormann, C., Handley, M., and J.
                    Macker, "Negative-acknowledgment (NACK)-Oriented
                    Reliable Multicast (NORM) Protocol", RFC 3940,
                    November 2004.

   [RFC4535]        Harney, H., Meth, U., Colegrove, A., and G. Gross,
                    "GSAKMP: Group Secure Association Key Management
                    Protocol", RFC 4535, June 2006.

   [RFC4566]        Handley, M., Jacobson, V., and C. Perkins, "SDP:
                    Session Description Protocol", RFC 4566, July 2006.

   [RFC5445]        Watson, M., "Basic Forward Error Correction (FEC)
                    Schemes", RFC 5445, March 2009.

   [RmComparison]   Pingali, S., Towsley, D., and J. Kurose, "A
                    Comparison of Sender-Initiated and Receiver-
                    Initiated Reliable Multicast Protocols", Proc.
                    INFOCOMM, San Francisco CA, October 1993.

   [TcpModel]       Padhye,  J., Firoiu, V., Towsley, D., and J. Kurose,
                    "Modeling TCP Throughput: A Simple Model and its
                    Empirical Validation", ACM SIGCOMM, 1998.

   [TfmccPaper]     Widmer, J. and M. Handley, "Extending Equation-Based
                    Congestion Control to Multicast Applications",
                    ACM SIGCOMM, August 2001.
Top   ToC   RFC5740 - Page 94

Authors' Addresses

Brian Adamson Naval Research Laboratory Washington, DC 20375 USA EMail: Carsten Bormann Universitaet Bremen TZI Postfach 330440 D-28334 Bremen Germany EMail: Mark Handley University College London Gower Street London WC1E 6BT UK EMail: Joe Macker Naval Research Laboratory Washington, DC 20375 USA EMail: