GENWiki

Premier IT Outsourcing and Support Services within the UK

User Tools

Site Tools


rfc:rfc8487

Internet Engineering Task Force (IETF) H. Asaeda Request for Comments: 8487 NICT Category: Standards Track K. Meyer ISSN: 2070-1721 Dell EMC

                                                           W. Lee, Ed.
                                                          October 2018
       Mtrace Version 2: Traceroute Facility for IP Multicast

Abstract

 This document describes the IP multicast traceroute facility, named
 Mtrace version 2 (Mtrace2).  Unlike unicast traceroute, Mtrace2
 requires special implementations on the part of routers.  This
 specification describes the required functionality in multicast
 routers, as well as how an Mtrace2 client invokes a Query and
 receives a Reply.

Status of This Memo

 This is an Internet Standards Track document.
 This document is a product of the Internet Engineering Task Force
 (IETF).  It represents the consensus of the IETF community.  It has
 received public review and has been approved for publication by the
 Internet Engineering Steering Group (IESG).  Further information on
 Internet Standards is available in Section 2 of RFC 7841.
 Information about the current status of this document, any errata,
 and how to provide feedback on it may be obtained at
 https://www.rfc-editor.org/info/rfc8487.

Asaeda, et al. Standards Track [Page 1] RFC 8487 Mtrace2 October 2018

Copyright Notice

 Copyright (c) 2018 IETF Trust and the persons identified as the
 document authors.  All rights reserved.
 This document is subject to BCP 78 and the IETF Trust's Legal
 Provisions Relating to IETF Documents
 (https://trustee.ietf.org/license-info) in effect on the date of
 publication of this document.  Please review these documents
 carefully, as they describe your rights and restrictions with respect
 to this document.  Code Components extracted from this document must
 include Simplified BSD License text as described in Section 4.e of
 the Trust Legal Provisions and are provided without warranty as
 described in the Simplified BSD License.
 This document may contain material from IETF Documents or IETF
 Contributions published or made publicly available before November
 10, 2008.  The person(s) controlling the copyright in some of this
 material may not have granted the IETF Trust the right to allow
 modifications of such material outside the IETF Standards Process.
 Without obtaining an adequate license from the person(s) controlling
 the copyright in such materials, this document may not be modified
 outside the IETF Standards Process, and derivative works of it may
 not be created outside the IETF Standards Process, except to format
 it for publication as an RFC or to translate it into languages other
 than English.

Asaeda, et al. Standards Track [Page 2] RFC 8487 Mtrace2 October 2018

Table of Contents

 1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   5
 2.  Terminology . . . . . . . . . . . . . . . . . . . . . . . . .   7
   2.1.  Definitions . . . . . . . . . . . . . . . . . . . . . . .   7
 3.  Packet Formats  . . . . . . . . . . . . . . . . . . . . . . .   8
   3.1.  Mtrace2 TLV Format  . . . . . . . . . . . . . . . . . . .   9
   3.2.  Defined TLVs  . . . . . . . . . . . . . . . . . . . . . .  10
     3.2.1.  Mtrace2 Query . . . . . . . . . . . . . . . . . . . .  10
     3.2.2.  Mtrace2 Request . . . . . . . . . . . . . . . . . . .  12
     3.2.3.  Mtrace2 Reply . . . . . . . . . . . . . . . . . . . .  12
     3.2.4.  IPv4 Mtrace2 Standard Response Block  . . . . . . . .  13
     3.2.5.  IPv6 Mtrace2 Standard Response Block  . . . . . . . .  18
     3.2.6.  Mtrace2 Augmented Response Block  . . . . . . . . . .  20
     3.2.7.  Mtrace2 Extended Query Block  . . . . . . . . . . . .  21
 4.  Router Behavior . . . . . . . . . . . . . . . . . . . . . . .  22
   4.1.  Receiving an Mtrace2 Query  . . . . . . . . . . . . . . .  22
     4.1.1.  Query Packet Verification . . . . . . . . . . . . . .  22
     4.1.2.  Query Normal Processing . . . . . . . . . . . . . . .  23
   4.2.  Receiving an Mtrace2 Request  . . . . . . . . . . . . . .  23
     4.2.1.  Request Packet Verification . . . . . . . . . . . . .  24
     4.2.2.  Request Normal Processing . . . . . . . . . . . . . .  24
   4.3.  Forwarding Mtrace2 Request  . . . . . . . . . . . . . . .  26
     4.3.1.  Destination Address . . . . . . . . . . . . . . . . .  26
     4.3.2.  Source Address  . . . . . . . . . . . . . . . . . . .  26
     4.3.3.  Appending Standard Response Block . . . . . . . . . .  26
   4.4.  Sending Mtrace2 Reply . . . . . . . . . . . . . . . . . .  27
     4.4.1.  Destination Address . . . . . . . . . . . . . . . . .  27
     4.4.2.  Source Address  . . . . . . . . . . . . . . . . . . .  27
     4.4.3.  Appending Standard Response Block . . . . . . . . . .  27
   4.5.  Proxying Mtrace2 Query  . . . . . . . . . . . . . . . . .  28
   4.6.  Hiding Information  . . . . . . . . . . . . . . . . . . .  28
 5.  Client Behavior . . . . . . . . . . . . . . . . . . . . . . .  29
   5.1.  Sending Mtrace2 Query . . . . . . . . . . . . . . . . . .  29
     5.1.1.  Destination Address . . . . . . . . . . . . . . . . .  29
     5.1.2.  Source Address  . . . . . . . . . . . . . . . . . . .  29
   5.2.  Determining the Path  . . . . . . . . . . . . . . . . . .  29
   5.3.  Collecting Statistics . . . . . . . . . . . . . . . . . .  29
   5.4.  Last-Hop Router (LHR) . . . . . . . . . . . . . . . . . .  30
   5.5.  First-Hop Router (FHR)  . . . . . . . . . . . . . . . . .  30
   5.6.  Broken Intermediate Router  . . . . . . . . . . . . . . .  30
   5.7.  Non-supported Router  . . . . . . . . . . . . . . . . . .  30
   5.8.  Mtrace2 Termination . . . . . . . . . . . . . . . . . . .  31
     5.8.1.  Arriving at Source  . . . . . . . . . . . . . . . . .  31
     5.8.2.  Fatal Error . . . . . . . . . . . . . . . . . . . . .  31
     5.8.3.  No Upstream Router  . . . . . . . . . . . . . . . . .  31
     5.8.4.  Reply Timeout . . . . . . . . . . . . . . . . . . . .  31
   5.9.  Continuing after an Error . . . . . . . . . . . . . . . .  31

Asaeda, et al. Standards Track [Page 3] RFC 8487 Mtrace2 October 2018

 6.  Protocol-Specific Considerations  . . . . . . . . . . . . . .  32
   6.1.  PIM-SM  . . . . . . . . . . . . . . . . . . . . . . . . .  32
   6.2.  Bidirectional PIM . . . . . . . . . . . . . . . . . . . .  32
   6.3.  PIM-DM  . . . . . . . . . . . . . . . . . . . . . . . . .  32
   6.4.  IGMP/MLD Proxy  . . . . . . . . . . . . . . . . . . . . .  33
 7.  Problem Diagnosis . . . . . . . . . . . . . . . . . . . . . .  33
   7.1.  Forwarding Inconsistencies  . . . . . . . . . . . . . . .  33
   7.2.  TTL or Hop-Limit Problems . . . . . . . . . . . . . . . .  33
   7.3.  Packet Loss . . . . . . . . . . . . . . . . . . . . . . .  33
   7.4.  Link Utilization  . . . . . . . . . . . . . . . . . . . .  34
   7.5.  Time Delay  . . . . . . . . . . . . . . . . . . . . . . .  34
 8.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .  34
   8.1.  "Mtrace2 Forwarding Codes" Registry . . . . . . . . . . .  35
   8.2.  "Mtrace2 TLV Types" Registry  . . . . . . . . . . . . . .  35
   8.3.  UDP Destination Port  . . . . . . . . . . . . . . . . . .  35
 9.  Security Considerations . . . . . . . . . . . . . . . . . . .  35
   9.1.  Addresses in Mtrace2 Header . . . . . . . . . . . . . . .  35
   9.2.  Verification of Clients and Peers . . . . . . . . . . . .  35
   9.3.  Topology Discovery  . . . . . . . . . . . . . . . . . . .  36
   9.4.  Characteristics of Multicast Channel  . . . . . . . . . .  36
   9.5.  Limiting Query/Request Rates  . . . . . . . . . . . . . .  37
   9.6.  Limiting Reply Rates  . . . . . . . . . . . . . . . . . .  37
   9.7.  Specific Security Concerns  . . . . . . . . . . . . . . .  37
     9.7.1.  Request and Response Bombardment  . . . . . . . . . .  37
     9.7.2.  Amplification Attack  . . . . . . . . . . . . . . . .  37
     9.7.3.  Leaking of Confidential Topology Details  . . . . . .  38
     9.7.4.  Delivery of False Information (Forged Reply Messages)  38
 10. References  . . . . . . . . . . . . . . . . . . . . . . . . .  39
   10.1.  Normative References . . . . . . . . . . . . . . . . . .  39
   10.2.  Informative References . . . . . . . . . . . . . . . . .  40
 Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . .  41
 Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  41

Asaeda, et al. Standards Track [Page 4] RFC 8487 Mtrace2 October 2018

1. Introduction

 Given a multicast distribution tree, tracing hop-by-hop downstream
 from a multicast source to a given multicast receiver is difficult
 because there is no efficient and deterministic way to determine the
 branch of the multicast routing tree on which that receiver lies.  On
 the other hand, walking up the tree from a receiver to a source is
 easy, as most existing multicast routing protocols know the upstream
 router for each source.  Tracing from a receiver to a source can
 involve only the routers on the direct path.
 This document specifies the multicast traceroute facility named
 Mtrace version 2 or Mtrace2, which allows the tracing of an IP
 multicast routing path.  Mtrace2 is usually initiated from an Mtrace2
 client by sending an Mtrace2 Query to a Last-Hop Router (LHR) or to a
 Rendezvous Point (RP).  The RP is a special router where sources and
 receivers meet in Protocol Independent Multicast - Sparse Mode
 (PIM-SM) [5].  From the LHR/RP receiving the Query, the tracing is
 directed towards a specified source if a source address is specified
 and a source-specific state exists on the receiving router.  If no
 source address is specified or if no source-specific state exists on
 a receiving LHR, the tracing is directed toward the RP for the
 specified group address.  Moreover, Mtrace2 provides additional
 information such as the packet rates and losses, as well as other
 diagnostic information.  Mtrace2 is primarily intended for the
 following purposes:
 o  To trace the path that a packet would take from a source to a
    receiver.
 o  To isolate packet-loss problems (e.g., congestion).
 o  To isolate configuration problems (e.g., Time to live (TTL)
    threshold).
 The following figure shows a typical case of how Mtrace2 is used.
 FHR represents the first-hop router, LHR represents the last-hop
 router, and the arrow lines represent the Mtrace2 messages that are
 sent from one node to another.  The numbers before the Mtrace2
 messages represent the sequence of the messages that would happen.
 The source, receiver, and Mtrace2 client are typically hosts.

Asaeda, et al. Standards Track [Page 5] RFC 8487 Mtrace2 October 2018

                2. Request                 2. Request
                  +----+                    +----+
                  |    |                    |    |
                  v    |                    v    |
 +--------+    +-----+                        +-----+    +----------+
 | Source |----| FHR |----- The Internet -----| LHR |----| Receiver |
 +--------+    +-----+            |           +-----+    +----------+
                   \              |             ^
                    \             |            /
                     \            |           /
                      \           |          /
              3. Reply \          |         / 1. Query
                        \         |        /
                         \        |       /
                          \  +---------+ /
                           v | Mtrace2 |/
                             | Client  |
                             +---------+
 When an Mtrace2 client initiates a multicast trace, it sends an
 Mtrace2 Query packet to an LHR or RP for a multicast group and,
 optionally, a source address.  The LHR/RP turns the Query packet into
 a Request.  The Request message type enables each of the upstream
 routers processing the message to apply different packet and message
 validation rules than those required for the handling of a Query
 message.  The LHR/RP then appends a Standard Response Block
 containing its interface addresses and packet statistics to the
 Request packet, then forwards the packet towards the source/RP.  The
 Request packet is either unicasted to its upstream router towards the
 source/RP or multicasted to the group if the upstream router's IP
 address is not known.  In a similar fashion, each router along the
 path to the source/RP appends a Standard Response Block to the end of
 the Request packet before forwarding it to its upstream router.  When
 the FHR receives the Request packet, it appends its own Standard
 Response Block, turns the Request packet into a Reply, and unicasts
 the Reply back to the Mtrace2 client.
 The Mtrace2 Reply may be returned before reaching the FHR under some
 circumstances.  This can happen if a Request packet is received at an
 RP or gateway, or when any of several types of error or exception
 conditions occur that prevent the sending of a Request to the next
 upstream router.
 The Mtrace2 client waits for the Mtrace2 Reply message and displays
 the results.  When not receiving an Mtrace2 Reply message due to
 network congestion, a broken router (see Section 5.6), or a non-
 responding router (see Section 5.7), the Mtrace2 client may resend
 another Mtrace2 Query with a lower hop count (see Section 3.2.1) and

Asaeda, et al. Standards Track [Page 6] RFC 8487 Mtrace2 October 2018

 repeat the process until it receives an Mtrace2 Reply message.  The
 details are specific to the Mtrace2 client and outside the scope of
 this document.
 Note that when a router's control plane and forwarding plane are out
 of sync, the Mtrace2 Requests might be forwarded based on the control
 states instead.  In this case, the traced path might not represent
 the real path the data packets would follow.
 Mtrace2 supports both IPv4 and IPv6.  Unlike the previous version of
 Mtrace, which implements its query and response as Internet Group
 Management Protocol (IGMP) messages [10], all Mtrace2 messages are
 UDP based.  Although the packet formats of IPv4 and IPv6 Mtrace2 are
 different because of the address families, the syntax between them is
 similar.
 This document describes the base specification of Mtrace2 that can
 serve as a basis for future proposals such as Mtrace2 for Automatic
 Multicast Tunneling (AMT) [16] and Mtrace2 for Multicast in MPLS/BGP
 IP VPNs (known as Multicast VPN (MVPN)) [15].  They are, therefore,
 out of the scope of this document.

2. Terminology

 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
 "OPTIONAL" in this document are to be interpreted as described in
 BCP 14 [1] [7] when, and only when, they appear in all capitals, as
 shown here.  The key words indicate requirement levels for compliant
 Mtrace2 implementations.

2.1. Definitions

 Since Mtrace2 Queries and Requests flow in the opposite direction to
 the data flow, we refer to "upstream" and "downstream" with respect
 to data, unless explicitly specified.
 Incoming Interface:
    The interface on which data is expected to arrive from the
    specified source and group.
 Outgoing Interface:
    This is one of the interfaces to which data from the source or RP
    is expected to be transmitted for the specified source and group.
    It is also the interface on which the Mtrace2 Request was
    received.

Asaeda, et al. Standards Track [Page 7] RFC 8487 Mtrace2 October 2018

 Upstream router:
    The router, connecting to the Incoming Interface of the current
    router, which is responsible for forwarding data for the specified
    source and group to the current router.
 First-Hop Router (FHR):
    The router that is directly connected to the source the Mtrace2
    Query specifies.
 Last-Hop Router (LHR):
    A router that is directly connected to a receiver.  It is also the
    router that receives the Mtrace2 Query from an Mtrace2 client.
 Group state:
    The state a shared-tree protocol, such as Protocol Independent
    Multicast - Sparse Mode (PIM-SM) [5], uses to choose the upstream
    router towards the RP for the specified group.  In this state,
    source-specific state is not available for the corresponding group
    address on the router.
 Source-specific state:
    The state that is used to choose the path towards the source for
    the specified source and group.
 ALL-[protocol]-ROUTERS group:
    Link-local multicast address for multicast routers to communicate
    with their adjacent routers that are running the same routing
    protocol.  For instance, the IPv4 'ALL-PIM-ROUTERS' group is
    '224.0.0.13', and the IPv6 'ALL-PIM-ROUTERS' group is 'ff02::d'
    [5].

3. Packet Formats

 This section describes the details of the packet formats for Mtrace2
 messages.
 All Mtrace2 messages are encoded in the Type/Length/Value (TLV)
 format (see Section 3.1).  The first TLV of a message is a message
 header TLV specifying the type of message and additional context
 information required for processing of the message and for parsing of
 subsequent TLVs in the message.  Subsequent TLVs in a message,
 referred to as Blocks, are appended after the header TLV to provide
 additional information associated with the message.  If an
 implementation receives an unknown TLV Type for any TLV in a message,
 it SHOULD ignore and silently discard the entire packet.  If the
 length of a TLV exceeds the available space in the containing packet,
 the implementation MUST ignore and silently discard the TLV and any
 remaining portion of the containing packet.

Asaeda, et al. Standards Track [Page 8] RFC 8487 Mtrace2 October 2018

 All Mtrace2 messages are UDP packets.  For IPv4, Mtrace2
 Query/Request/Reply messages MUST NOT be fragmented.  Therefore,
 Mtrace2 clients and LHRs/RPs MUST set the IP header do-not-fragment
 (DF) bit for all Mtrace2 messages.  For IPv6, the packet size for the
 Mtrace2 messages MUST NOT exceed 1280 bytes, which is the smallest
 Maximum Transmission Unit (MTU) for an IPv6 interface [8].  The
 source port is uniquely selected by the local host operating system.
 The destination port is the IANA-reserved Mtrace2 port number (see
 Section 8).  All Mtrace2 messages MUST have a valid UDP checksum.
 Additionally, Mtrace2 supports both IPv4 and IPv6, but not when
 mixed.  For example, if an Mtrace2 Query or Request message arrives
 as an IPv4 packet, all addresses specified in the Mtrace2 messages
 MUST be IPv4 as well.  The same rule applies to IPv6 Mtrace2
 messages.

3.1. Mtrace2 TLV Format

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     Type      |           Length              |   Value ....  |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 Type: 8 bits
    Describes the format of the Value field.  For all the available
    types, please see Section 3.2.
 Length: 16 bits
    Length of Type, Length, and Value fields in octets.  Minimum
    length required is 4 octets.  The length MUST be a multiple of 4
    octets.  The maximum TLV length is not defined; however, the
    entire Mtrace2 packet length MUST NOT exceed the available MTU.
 Value: variable length
    The format is based on the Type value.  The length of the Value
    field is the Length field minus 3.  All reserved fields in the
    Value field MUST be transmitted as zeros and ignored on receipt.

Asaeda, et al. Standards Track [Page 9] RFC 8487 Mtrace2 October 2018

3.2. Defined TLVs

 The following TLV Types are defined:
       Code         Type
       ====         ================================
       0x00         Reserved
       0x01         Mtrace2 Query
       0x02         Mtrace2 Request
       0x03         Mtrace2 Reply
       0x04         Mtrace2 Standard Response Block
       0x05         Mtrace2 Augmented Response Block
       0x06         Mtrace2 Extended Query Block
 Each Mtrace2 message MUST begin with either a Query, a Request, or a
 Reply TLV.  The first TLV determines the type of each Mtrace2
 message.  Following a Query TLV, there can be a sequence of optional
 Extended Query Blocks.  In the case of a Request or a Reply TLV, it
 is then followed by a sequence of Standard Response Blocks, each from
 a multicast router on the path towards the source or the RP.  In the
 case where more information is needed, a Standard Response Block can
 be followed by one or multiple Augmented Response Blocks.
 We will describe each message type in detail in the next few
 sections.

3.2.1. Mtrace2 Query

 An Mtrace2 Query is originated by an Mtrace2 client, which sends an
 Mtrace2 Query message to the LHR.  The LHR modifies only the Type
 field of the Query TLV (to turn it into a "Request") before appending
 a Standard Response Block and forwarding it upstream.  The LHR and
 intermediate routers handling the Mtrace2 message when tracing
 upstream MUST NOT modify any other fields within the Query/Request
 TLV.  Additionally, intermediate routers handling the message after
 the LHR has converted the Query into a Request MUST NOT modify the
 Type field of the Request TLV.  If the actual number of hops is not
 known, an Mtrace2 client could send an initial Query message with a
 large # Hops (e.g., 0xff), in order to try to trace the full path.

Asaeda, et al. Standards Track [Page 10] RFC 8487 Mtrace2 October 2018

 An Mtrace2 Query message is shown as follows:
    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     Type      |           Length              |    # Hops     |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                                                               |
   |                      Multicast Address                        |
   |                                                               |
   +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
   |                                                               |
   |                        Source Address                         |
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                                                               |
   |                    Mtrace2 Client Address                     |
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |            Query ID           |         Client Port #         |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 Length: 16 bits
    The Length field MUST be either 20 (i.e., 8 + 3 * 4 (IPv4
    addresses)) or 56 (i.e., 8 + 3 * 16 (IPv6 addresses)); if the
    length is 20, then IPv4 addresses MUST be assumed, and if the
    length is 56, then IPv6 addresses MUST be assumed.
 # Hops: 8 bits
    This field specifies the maximum number of hops that the Mtrace2
    client wants to trace.  If there are some error conditions in the
    middle of the path that prevent an Mtrace2 Reply from being
    received by the client, the client MAY issue another Mtrace2 Query
    with a lower number of hops until it receives a Reply.
 Multicast Address: 32 bits or 128 bits
    This field specifies an IPv4 or IPv6 address, which can be either:
    m-1:  a multicast group address to be traced or
    m-2:  all ones in case of IPv4 or the unspecified address (::) in
          case of IPv6 if no group-specific information is desired.

Asaeda, et al. Standards Track [Page 11] RFC 8487 Mtrace2 October 2018

 Source Address: 32 bits or 128 bits
    This field specifies an IPv4 or IPv6 address, which can be either:
    s-1:  a unicast address of the source to be traced or
    s-2:  all ones in case of IPv4 or the unspecified address (::) in
          case of IPv6 if no source-specific information is desired.
          For example, the client is tracing a (*,g) group state.
    Note that it is invalid to have a source-group combination of
    (s-2, m-2).  If a router receives such combination in an Mtrace2
    Query, it MUST silently discard the Query.
 Mtrace2 Client Address: 32 bits or 128 bits
    This field specifies the Mtrace2 client's IPv4 address or IPv6
    global address.  This address MUST be a valid unicast address;
    therefore, it MUST NOT be all ones or an unspecified address.  The
    Mtrace2 Reply will be sent to this address.
 Query ID: 16 bits
    This field is used as a unique identifier for this Mtrace2 Query
    so that duplicate or delayed Reply messages may be detected.
 Client Port #: 16 bits
    This field specifies the destination UDP port number for receiving
    the Mtrace2 Reply packet.

3.2.2. Mtrace2 Request

 The Mtrace2 Request TLV is exactly the same as an Mtrace2 Query
 except for identifying the Type field of 0x02.
 When an LHR receives an Mtrace2 Query message, it turns the Query
 into a Request by changing the Type field of the Query from 0x01 to
 0x02.  The LHR then appends an Mtrace2 Standard Response Block (see
 Section 3.2.4) of its own to the Request message before sending it
 upstream.  The upstream routers do the same without changing the Type
 field until one of them is ready to send a Reply.

3.2.3. Mtrace2 Reply

 The Mtrace2 Reply TLV is exactly the same as an Mtrace2 Query except
 for identifying the Type field of 0x03.
 When an FHR or an RP receives an Mtrace2 Request message that is
 destined to itself, it appends an Mtrace2 Standard Response Block
 (see Section 3.2.4) of its own to the Request message.  Next, it
 turns the Request message into a Reply by changing the Type field of

Asaeda, et al. Standards Track [Page 12] RFC 8487 Mtrace2 October 2018

 the Request from 0x02 to 0x03 and by changing the UDP destination
 port to the port number specified in the Client Port Number field in
 the Request.  It then unicasts the Reply message to the Mtrace2
 client specified in the Mtrace2 Client Address field.
 There are a number of cases in which an intermediate router might
 return a Reply before a Request reaches the FHR or the RP.  See
 Sections 4.1.1, 4.2.2, 4.3.3, and 4.5 for more details.

3.2.4. IPv4 Mtrace2 Standard Response Block

 This section describes the message format of an IPv4 Mtrace2 Standard
 Response Block.  The Type field is 0x04.
    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     Type      |           Length              |      MBZ      |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                      Query Arrival Time                       |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                  Incoming Interface Address                   |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                  Outgoing Interface Address                   |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                   Upstream Router Address                     |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                                                               |
   .           Input packet count on Incoming Interface            .
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                                                               |
   .           Output packet count on Outgoing Interface           .
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                                                               |
   .      Total number of packets for this source-group pair       .
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |          Rtg Protocol         |    Multicast Rtg Protocol     |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |    Fwd TTL    |      MBZ      |S|   Src Mask  |Forwarding Code|
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 MBZ: 8 bits
    This field MUST be zeroed on transmission and ignored on
    reception.

Asaeda, et al. Standards Track [Page 13] RFC 8487 Mtrace2 October 2018

 Query Arrival Time: 32 bits
    The Query Arrival Time is a 32-bit Network Time Protocol (NTP)
    timestamp specifying the arrival time of the Mtrace2 Query or
    Request packet at this router.  The 32-bit form of an NTP
    timestamp consists of the middle 32 bits of the full 64-bit form;
    that is, the low 16 bits of the integer part and the high 16 bits
    of the fractional part.
    The following formula converts from a timespec (fractional part in
    nanoseconds) to a 32-bit NTP timestamp:
       query_arrival_time
       = ((tv.tv_sec + 32384) << 16) + ((tv.tv_nsec << 7) / 1953125)
    The constant 32384 is the number of seconds from Jan 1, 1900 to
    Jan 1, 1970 truncated to 16 bits.  ((tv.tv_nsec << 7) / 1953125)
    is a reduction of ((tv.tv_nsec / 1000000000) << 16), where "<<"
    denotes a logical left shift.
    Note that synchronized clocks are required on the traced routers
    to estimate propagation and queuing delays between successive
    hops.  Nevertheless, even without this synchronization, an
    application can still estimate an upper bound on cumulative one-
    way latency by measuring the time between sending a Query and
    receiving a Reply.
    Additionally, Query Arrival Time is useful for measuring the
    packet rate.  For example, suppose that a client issues two
    Queries, and the corresponding Requests R1 and R2 arrive at router
    X at time T1 and T2, then the client would be able to compute the
    packet rate on router X by using the packet-count information
    stored in the R1 and R2 and using the time T1 and T2.
 Incoming Interface Address: 32 bits
    This field specifies the address of the interface on which packets
    from the source or the RP are expected to arrive, or 0 if unknown
    or unnumbered.
 Outgoing Interface Address: 32 bits
    This field specifies the address of the interface on which packets
    from the source or the RP are expected to transmit towards the
    receiver, or 0 if unknown or unnumbered.  This is also the address
    of the interface on which the Mtrace2 Query or Request arrives.

Asaeda, et al. Standards Track [Page 14] RFC 8487 Mtrace2 October 2018

 Upstream Router Address: 32 bits
    This field specifies the address of the upstream router from which
    this router expects packets from this source.  This MAY be a
    multicast group (e.g., ALL-[protocol]-ROUTERS group) if the
    upstream router is not known because of the workings of the
    multicast routing protocol.  However, it MUST be 0 if the Incoming
    Interface address is unknown or unnumbered.
 Input packet count on Incoming Interface: 64 bits
    This field contains the number of multicast packets received for
    all groups and sources on the Incoming Interface, or all ones if
    no count can be reported.  This counter may have the same value as
    ifHCInMulticastPkts from the Interfaces Group MIB (IF-MIB) [9] for
    this interface.
 Output packet count on Outgoing Interface: 64 bits
    This field contains the number of multicast packets that have been
    transmitted or queued for transmission for all groups and sources
    on the Outgoing Interface, or all ones if no count can be
    reported.  This counter may have the same value as
    ifHCOutMulticastPkts from the IF-MIB [9] for this interface.
 Total number of packets for this source-group pair: 64 bits
    This field counts the number of packets from the specified source
    forwarded by the router to the specified group, or all ones if no
    count can be reported.  If the S bit is set (see below), the count
    is for the source network, as specified by the Src Mask field (see
    below).  If the S bit is set and the Src Mask field is 127,
    indicating no source-specific state, the count is for all sources
    sending to this group.  This counter should have the same value as
    ipMcastRoutePkts from the IP Multicast MIB [14] for this
    forwarding entry.
 Rtg Protocol: 16 bits
    This field describes the unicast routing protocol running between
    this router and the upstream router, and it is used to determine
    the Reverse Path Forwarding (RPF) interface for the specified
    source or RP.  This value should have the same value as
    ipMcastRouteRtProtocol from the IP Multicast MIB [14] for this
    entry.  If the router is not able to obtain this value, all 0's
    must be specified.
 Multicast Rtg Protocol: 16 bits
    This field describes the multicast routing protocol in use between
    the router and the upstream router.  This value should have the
    same value as ipMcastRouteProtocol from the IP Multicast MIB [14]
    for this entry.  If the router cannot obtain this value, all 0's
    must be specified.

Asaeda, et al. Standards Track [Page 15] RFC 8487 Mtrace2 October 2018

 Fwd TTL: 8 bits
    This field contains the configured multicast TTL threshold, if
    any, of the Outgoing Interface.
 S: 1 bit
    If this bit is set, it indicates that the packet count for the
    source-group pair is for the source network, as determined by
    masking the source address with the Src Mask field.
 Src Mask: 7 bits
    This field contains the number of 1's in the netmask the router
    has for the source (i.e., a value of 24 means the netmask is
    0xffffff00).  If the router is forwarding solely on group state,
    this field is set to 127 (0x7f).
 Forwarding Code: 8 bits
    This field contains a forwarding information/error code.  Values
    with the high-order bit set (0x80-0xff) are intended for use with
    conditions that are transitory or automatically recovered.  Other
    Forwarding Code values indicate a need to fix a problem in the
    Query or a need to redirect the Query.  Sections 4.1 and 4.2
    explain how and when the Forwarding Code is filled.  Defined
    values are as follows:

Asaeda, et al. Standards Track [Page 16] RFC 8487 Mtrace2 October 2018

 Value  Name            Description
 -----  --------------  ----------------------------------------------
 0x00   NO_ERROR        No error.
 0x01   WRONG_IF        Mtrace2 Request arrived on an interface
                        for which this router does not perform
                        forwarding for the specified group to the
                        source or RP.
 0x02   PRUNE_SENT      This router has sent a prune upstream that
                        applies to the source and group in the
                        Mtrace2 Request.
 0x03   PRUNE_RCVD      This router has stopped forwarding for this
                        source and group in response to a Request
                        from the downstream router.
 0x04   SCOPED          The group is subject to administrative
                        scoping at this router.
 0x05   NO_ROUTE        This router has no route for the source or
                        group and no way to determine a potential
                        route.
 0x06   WRONG_LAST_HOP  This router is not the proper LHR.
 0x07   NOT_FORWARDING  This router is not forwarding this source and
                        group out the Outgoing Interface for an
                        unspecified reason.
 0x08   REACHED_RP      Reached the Rendezvous Point.
 0x09   RPF_IF          Mtrace2 Request arrived on the expected
                        RPF interface for this source and group.
 0x0A   NO_MULTICAST    Mtrace2 Request arrived on an interface
                        that is not enabled for multicast.
 0x0B   INFO_HIDDEN     One or more hops have been hidden from this
                        trace.
 0x0C   REACHED_GW      Mtrace2 Request arrived on a gateway (e.g.,
                        a NAT or firewall) that hides the
                        information between this router and the
                        Mtrace2 client.
 0x0D   UNKNOWN_QUERY   A non-transitive Extended Query Type was
                        received by a router that does not support
                        the type.
 0x80   FATAL_ERROR     A fatal error is one where the router may
                        know the upstream router but cannot forward
                        the message to it.
 0x81   NO_SPACE        There was not enough room to insert another
                        Standard Response Block in the packet.
 0x83   ADMIN_PROHIB    Mtrace2 is administratively prohibited.

Asaeda, et al. Standards Track [Page 17] RFC 8487 Mtrace2 October 2018

3.2.5. IPv6 Mtrace2 Standard Response Block

 This section describes the message format of an IPv6 Mtrace2 Standard
 Response Block.  The Type field is also 0x04.
    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     Type      |           Length              |      MBZ      |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                      Query Arrival Time                       |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                     Incoming Interface ID                     |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                     Outgoing Interface ID                     |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                                                               |
   *                         Local Address                         *
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                                                               |
   *                         Remote Address                        *
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                                                               |
   .           Input packet count on Incoming Interface            .
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                                                               |
   .           Output packet count on Outgoing Interface           .
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                                                               |
   .      Total number of packets for this source-group pair       .
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |          Rtg Protocol         |    Multicast Rtg Protocol     |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |              MBZ 2          |S|Src Prefix Len |Forwarding Code|
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 MBZ: 8 bits
    This field MUST be zeroed on transmission and ignored on
    reception.
 Query Arrival Time: 32 bits
    Same definition as in IPv4.

Asaeda, et al. Standards Track [Page 18] RFC 8487 Mtrace2 October 2018

 Incoming Interface ID: 32 bits
    This field specifies the interface ID on which packets from the
    source or RP are expected to arrive, or 0 if unknown.  This ID
    should be the value taken from InterfaceIndex of the IF-MIB [9]
    for this interface.
 Outgoing Interface ID: 32 bits
    This field specifies the interface ID to which packets from the
    source or RP are expected to transmit, or 0 if unknown.  This ID
    should be the value taken from InterfaceIndex of the IF-MIB [9]
    for this interface.
 Local Address: 128 bits
    This field specifies a global IPv6 address that uniquely
    identifies the router.  A unique local unicast address [12] SHOULD
    NOT be used unless the router is only assigned link-local and
    unique local addresses.  If the router is only assigned link-local
    addresses, its link-local address can be specified in this field.
 Remote Address: 128 bits
    This field specifies the address of the upstream router, which, in
    most cases, is a link-local unicast address for the upstream
    router.
    Although a link-local address does not have enough information to
    identify a node, it is possible to detect the upstream router with
    the assistance of the Incoming Interface ID and the current router
    address (i.e., Local Address).
    Note that this may be a multicast group (e.g., ALL-[protocol]-
    ROUTERS group) if the upstream router is not known because of the
    workings of a multicast routing protocol.  However, it should be
    the unspecified address (::) if the Incoming Interface address is
    unknown.
 Input packet count on Incoming Interface: 64 bits
    Same definition as in IPv4.
 Output packet count on Outgoing Interface: 64 bits
    Same definition as in IPv4.
 Total number of packets for this source-group pair: 64 bits
    Same definition as in IPv4, except if the S bit is set (see
    below), the count is for the source network, as specified by the
    Src Prefix Len field.  If the S bit is set and the Src Prefix Len
    field is 255, indicating no source-specific state, the count is

Asaeda, et al. Standards Track [Page 19] RFC 8487 Mtrace2 October 2018

    for all sources sending to this group.  This counter should have
    the same value as ipMcastRoutePkts from the IP Multicast MIB [14]
    for this forwarding entry.
 Rtg Protocol: 16 bits
    Same definition as in IPv4.
 Multicast Rtg Protocol: 16 bits
    Same definition as in IPv4.
 MBZ 2: 15 bits
    This field MUST be zeroed on transmission and ignored on
    reception.
 S: 1 bit
    Same definition as in IPv4, except the Src Prefix Len field is
    used to mask the source address.
 Src Prefix Len: 8 bits
    This field contains the prefix length this router has for the
    source.  If the router is forwarding solely on group state, this
    field is set to 255 (0xff).
 Forwarding Code: 8 bits
    Same definition as in IPv4.

3.2.6. Mtrace2 Augmented Response Block

 In addition to the Standard Response Block, a multicast router on the
 traced path can optionally add one or multiple Augmented Response
 Blocks before sending the Request to its upstream router.
 The Augmented Response Block is flexible for various purposes such as
 providing diagnosis information (see Section 7) and protocol
 verification.  Its Type field is 0x05, and its format is as follows:
    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     Type      |           Length              |      MBZ      |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |    Augmented Response Type    |           Value ....          |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 MBZ: 8 bits
    This field MUST be zeroed on transmission and ignored on
    reception.

Asaeda, et al. Standards Track [Page 20] RFC 8487 Mtrace2 October 2018

 Augmented Response Type: 16 bits
    This field specifies the type of various responses from a
    multicast router that might need to communicate back to the
    Mtrace2 client as well as the multicast routers on the traced
    path.
    The Augmented Response Type is defined as follows:
       Code      Type
       ======    ==============================================
       0x0001    # of the returned Standard Response Blocks
    When the NO_SPACE error occurs on a router, the router should send
    the original Mtrace2 Request received from the downstream router
    as a Reply back to the Mtrace2 client and continue with a new
    Mtrace2 Request.  In the new Request, the router adds a Standard
    Response Block followed by an Augmented Response Block with 0x01
    as the Augmented Response Type, and the number of the returned
    Mtrace2 Standard Response Blocks as the Value.
    Each upstream router recognizes the total number of hops the
    Request has traced so far by adding this number and the number of
    the Standard Response Block in the current Request message.
    This document only defines one Augmented Response Type in the
    Augmented Response Block.  The description on how to provide
    diagnosis information using the Augmented Response Block is out of
    the scope of this document and will be addressed in separate
    documents.
 Value: variable length
    The format is based on the Augmented Response Type value.  The
    length of the Value field is Length field minus 6.

3.2.7. Mtrace2 Extended Query Block

 There may be a sequence of optional Extended Query Blocks that follow
 an Mtrace2 Query to further specify any information needed for the
 Query.  For example, an Mtrace2 client might be interested in tracing
 the path the specified source and group would take based on a certain
 topology.  In this case, the client can pass in the multi-topology ID
 as the value for an Extended Query Type (see below).  The Extended
 Query Type is extensible, and the behavior of the new types will be
 addressed by separate documents.

Asaeda, et al. Standards Track [Page 21] RFC 8487 Mtrace2 October 2018

 The Mtrace2 Extended Query Block's Type field is 0x06 and is
 formatted as follows:
    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     Type      |           Length              |      MBZ    |T|
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |      Extended Query Type      |           Value ....          |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 MBZ: 7 bits
    This field MUST be zeroed on transmission and ignored on
    reception.
 T-bit (Transitive Attribute): 1 bit
    If the TLV Type is unrecognized by the receiving router, then this
    TLV is either discarded or forwarded along with the Query,
    depending on the value of this bit.  If this bit is set, then the
    router MUST forward this TLV.  If this bit is clear, the router
    MUST send an Mtrace2 Reply with an UNKNOWN_QUERY error.
 Extended Query Type: 16 bits
    This field specifies the type of the Extended Query Block.
 Value: 16 bits
    This field specifies the value of this Extended Query.

4. Router Behavior

 This section describes the router behavior in the context of Mtrace2
 in detail.

4.1. Receiving an Mtrace2 Query

 An Mtrace2 Query message is an Mtrace2 message with no response
 blocks filled in and uses a TLV Type of 0x01.

4.1.1. Query Packet Verification

 Upon receiving an Mtrace2 Query message, a router MUST examine
 whether the Multicast Address and the Source Address are a valid
 combination as specified in Section 3.2.1, and whether the Mtrace2
 Client Address is a valid IP unicast address.  If either one is
 invalid, the Query MUST be silently ignored.

Asaeda, et al. Standards Track [Page 22] RFC 8487 Mtrace2 October 2018

 Mtrace2 supports a non-local client to the LHR/RP.  A router MUST,
 however, support a mechanism to drop Queries from clients beyond a
 specified administrative boundary.  The potential approaches are
 described in Section 9.2.
 In the case where a local LHR client is required, the router must
 then examine the Query to see if it is the proper LHR/RP for the
 destination address in the packet.  It is the proper local LHR if it
 has a multicast-capable interface on the same subnet as the Mtrace2
 Client Address and is the router that would forward traffic from the
 given (S,G) or (*,G) onto that subnet.  It is the proper RP if the
 multicast group address specified in the Query is 0 and if the IP
 header destination address is a valid RP address on this router.
 If the router determines that it is not the proper LHR/RP, or it
 cannot make that determination, it does one of two things depending
 on whether the Query was received via multicast or unicast.  If the
 Query was received via multicast, then it MUST be silently discarded.
 If it was received via unicast, the router turns the Query into a
 Reply message by changing the TLV Type to 0x03 and appending a
 Standard Response Block with a Forwarding Code of WRONG_LAST_HOP.
 The rest of the fields in the Standard Response Block MUST be zeroed.
 The router then sends the Reply message to the Mtrace2 Client Address
 on the Client Port # as specified in the Mtrace2 Query.
 Duplicate Query messages as identified by the tuple (Mtrace2 Client
 Address, Query ID) SHOULD be ignored.  This MAY be implemented using
 a cache of previously processed Queries keyed by the Mtrace2 Client
 Address and Query ID pair.  The duration of the cached entries is
 implementation specific.  Duplicate Request messages MUST NOT be
 ignored in this manner.

4.1.2. Query Normal Processing

 When a router receives an Mtrace2 Query and it determines that it is
 the proper LHR/RP, it turns the Query to a Request by changing the
 TLV Type from 0x01 to 0x02, and it performs the steps listed in
 Section 4.2.

4.2. Receiving an Mtrace2 Request

 An Mtrace2 Request is an Mtrace2 message that uses the TLV Type of
 0x02.  With the exception of the LHR, whose Request was just
 converted from a Query, each Request received by a router should have
 at least one Standard Response Block filled in.

Asaeda, et al. Standards Track [Page 23] RFC 8487 Mtrace2 October 2018

4.2.1. Request Packet Verification

 If the Mtrace2 Request does not come from an adjacent router, or if
 the Request is not addressed to this router, or if the Request is
 addressed to a multicast group that is not a link-scoped group (i.e.,
 224.0.0.0/24 for IPv4 and FFx2::/16 for IPv6 [2]), it MUST be
 silently ignored.  The Generalized TTL Security Mechanism (GTSM) [13]
 SHOULD be used by the router to determine whether the router is
 adjacent or not.  Source verification specified in Section 9.2 is
 also considered.
 If the sum of the number of the Standard Response Blocks in the
 received Mtrace2 Request and the value of the Augmented Response Type
 of 0x01, if any, is equal or more than the # Hops in the Mtrace2
 Request, it MUST be silently ignored.

4.2.2. Request Normal Processing

 When a router receives an Mtrace2 Request message, it performs the
 following steps.  Note that it is possible to have multiple
 situations covered by the Forwarding Codes.  The first one
 encountered is the one that is reported, i.e., all "note Forwarding
 Code N" should be interpreted as "if Forwarding Code is not already
 set, set Forwarding Code to N".  Note that in the steps described
 below, the "Outgoing Interface" is the one on which the Mtrace2
 Request message arrives.
 1.   Prepare a Standard Response Block to be appended to the packet,
      setting all fields to an initial default value of zero.
 2.   If Mtrace2 is administratively prohibited, note the Forwarding
      Code of ADMIN_PROHIB and skip to step 4.
 3.   In the Standard Response Block, fill in the Query Arrival Time,
      Outgoing Interface Address (for IPv4) or Outgoing Interface ID
      (for IPv6), Output Packet Count, and Fwd TTL (for IPv4).
 4.   Attempt to determine the forwarding information for the
      specified source and group, using the same mechanisms as would
      be used when a packet is received from the source destined for
      the group.  A state need not be instantiated, it can be a
      "phantom" state created only for the purpose of the trace, such
      as "dry-run".
      If using a shared-tree protocol and there is no source-specific
      state, or if no source-specific information is desired (i.e.,
      all ones for IPv4 or an unspecified address (::) for IPv6),
      group state should be used.  If there is no group state or no

Asaeda, et al. Standards Track [Page 24] RFC 8487 Mtrace2 October 2018

      group-specific information is desired, potential source state
      (i.e., the path that would be followed for a source-specific
      "join") should be used.
 5.   If no forwarding information can be determined, the router notes
      a Forwarding Code of NO_ROUTE, sets the remaining fields that
      have not yet been filled in to zero, and then sends an Mtrace2
      Reply back to the Mtrace2 client.
 6.   If a Forwarding Code of ADMIN_PROHIB has been set, skip to step
      7.  Otherwise, fill in the Incoming Interface Address (or
      Incoming Interface ID and Local Address for IPv6), Upstream
      Router Address (or Remote Address for IPv6), Input Packet Count,
      Total Number of Packets, Routing Protocol, S, and Src Mask (or
      Src Prefix Len for IPv6) using the forwarding information
      determined in step 4.
 7.   If the Outgoing Interface is not enabled for multicast, note
      Forwarding Code of NO_MULTICAST.  If the Outgoing Interface is
      the interface from which the router would expect data to arrive
      from the source, note Forwarding Code RPF_IF.  If the Outgoing
      Interface is not one to which the router would forward data from
      the source or RP to the group, a Forwarding Code of WRONG_IF is
      noted.  In the above three cases, the router will return an
      Mtrace2 Reply and terminate the trace.
 8.   If the group is subject to administrative scoping on either the
      Outgoing or Incoming Interfaces, a Forwarding Code of SCOPED is
      noted.
 9.   If this router is the RP for the group for a non-source-specific
      Query, note a Forwarding Code of REACHED_RP.  The router will
      send an Mtrace2 Reply and terminate the trace.
 10.  If this router is directly connected to the specified source or
      source network on the Incoming Interface, it sets the Upstream
      Router Address (for IPv4) or the Remote Address (for IPv6) of
      the response block to zero.  The router will send an Mtrace2
      Reply and terminate the trace.
 11.  If this router has sent a prune upstream that applies to the
      source and group in the Mtrace2 Request, it notes a Forwarding
      Code of PRUNE_SENT.  If the router has stopped forwarding
      downstream in response to a prune sent by the downstream router,
      it notes a Forwarding Code of PRUNE_RCVD.  If the router should
      normally forward traffic downstream for this source and group
      but is not, it notes a Forwarding Code of NOT_FORWARDING.

Asaeda, et al. Standards Track [Page 25] RFC 8487 Mtrace2 October 2018

 12.  If this router is a gateway (e.g., a NAT or firewall) that hides
      the information between this router and the Mtrace2 client, it
      notes a Forwarding Code of REACHED_GW.  The router continues the
      processing as described in Section 4.5.
 13.  If the total number of the Standard Response Blocks, including
      the newly prepared one, and the value of the Augmented Response
      Type of 0x01, if any, is less than the # Hops in the Request,
      the packet is then forwarded to the upstream router as described
      in Section 4.3; otherwise, the packet is sent as an Mtrace2
      Reply to the Mtrace2 client as described in Section 4.4.

4.3. Forwarding Mtrace2 Request

 This section describes how an Mtrace2 Request should be forwarded.

4.3.1. Destination Address

 If the upstream router for the Mtrace2 Request is known for this
 Request, the Mtrace2 Request is sent to that router.  If the Incoming
 Interface is known but the upstream router is not, the Mtrace2
 Request is sent to an appropriate multicast address on the Incoming
 Interface.  The multicast address SHOULD depend on the multicast
 routing protocol in use, such as ALL-[protocol]-ROUTERS group.  It
 MUST be a link-scoped group (i.e., 224.0.0.0/24 for IPv4 and
 FF02::/16 for IPv6) and MUST NOT be the all-systems multicast group
 (224.0.0.1) for IPv4 and All Nodes Address (FF02::1) for IPv6.  It
 MAY also be the all-routers multicast group (224.0.0.2) for IPv4 or
 All Routers Address (FF02::2) for IPv6 if the routing protocol in use
 does not define a more appropriate multicast address.

4.3.2. Source Address

 An Mtrace2 Request should be sent with the address of the Incoming
 Interface.  However, if the Incoming Interface is unnumbered, the
 router can use one of its numbered interface addresses as the source
 address.

4.3.3. Appending Standard Response Block

 An Mtrace2 Request MUST be sent upstream towards the source or the RP
 after appending a Standard Response Block to the end of the received
 Mtrace2 Request.  The Standard Response Block includes the multicast
 states and statistics information of the router described in
 Section 3.2.4.

Asaeda, et al. Standards Track [Page 26] RFC 8487 Mtrace2 October 2018

 If appending the Standard Response Block would make the Mtrace2
 Request packet longer than the MTU of the Incoming Interface, or, in
 the case of IPv6, longer than 1280 bytes, the router MUST change the
 Forwarding Code in the last Standard Response Block of the received
 Mtrace2 Request into NO_SPACE.  The router then turns the Request
 into a Reply and sends the Reply as described in Section 4.4.
 The router will continue with a new Request by copying the old
 Request, excluding all the response blocks, followed by the
 previously prepared Standard Response Block and an Augmented Response
 Block with 0x01 as the Augmented Response Type, and the number of the
 returned Standard Response Blocks as the Value.

4.4. Sending Mtrace2 Reply

 An Mtrace2 Reply MUST be returned to the client by a router if any of
 the following conditions occur:
 1.  The total number of the traced routers are equal to the # Hops in
     the Request (including the one just added) plus the number of the
     returned blocks, if any.
 2.  Appending the Standard Response Block would make the Mtrace2
     Request packet longer than the MTU of the Incoming Interface.
     (In case of IPv6, not more than 1280 bytes; see Section 4.3.3 for
     additional details on the handling of this case.)
 3.  The Request has reached the RP for a non-source-specific Query or
     has reached the first-hop router for a source-specific Query (see
     Section 4.2.2, items 9 and 10, for additional details).

4.4.1. Destination Address

 An Mtrace2 Reply MUST be sent to the address specified in the Mtrace2
 Client Address field in the Mtrace2 Request.

4.4.2. Source Address

 An Mtrace2 Reply SHOULD be sent with the address of the router's
 Outgoing Interface.  However, if the Outgoing Interface address is
 unnumbered, the router can use one of its numbered interface
 addresses as the source address.

4.4.3. Appending Standard Response Block

 An Mtrace2 Reply MUST be sent with the prepared Standard Response
 Block appended at the end of the received Mtrace2 Request except in
 the case of NO_SPACE Forwarding Code.

Asaeda, et al. Standards Track [Page 27] RFC 8487 Mtrace2 October 2018

4.5. Proxying Mtrace2 Query

 When a gateway (e.g., a NAT or firewall), which needs to block
 unicast packets to the Mtrace2 client, or hide information between
 the gateway and the Mtrace2 client, receives an Mtrace2 Query from an
 adjacent host or Mtrace2 Request from an adjacent router, it appends
 a Standard Response Block with REACHED_GW as the Forwarding Code.  It
 turns the Query or Request into a Reply and sends the Reply back to
 the client.
 At the same time, the gateway originates a new Mtrace2 Query message
 by copying the original Mtrace2 header (the Query or Request without
 any of the response blocks) and making the following changes:
 o  setting the RPF interface's address as the Mtrace2 Client Address;
 o  using its own port number as the Client Port #; and,
 o  decreasing # Hops by ((number of the Standard Response Blocks that
    were just returned in a Reply) - 1).  The "- 1" in this expression
    accounts for the additional Standard Response Block appended by
    the gateway router.
 The new Mtrace2 Query message is then sent to the upstream router or
 to an appropriate multicast address on the RPF interface.
 When the gateway receives an Mtrace2 Reply whose Query ID matches the
 one in the original Mtrace2 header, it MUST relay the Mtrace2 Reply
 back to the Mtrace2 client by replacing the Reply's header with the
 original Mtrace2 header.  If the gateway does not receive the
 corresponding Mtrace2 Reply within the [Mtrace Reply Timeout] period
 (see Section 5.8.4), then it silently discards the original Mtrace2
 Query or Request message and terminates the trace.

4.6. Hiding Information

 Information about a domain's topology and connectivity may be hidden
 from Mtrace2 Requests.  The Forwarding Code of INFO_HIDDEN may be
 used to note that.  For example, the Incoming Interface address and
 packet count on the ingress router of a domain, and the Outgoing
 Interface address and packet count on the egress router of the
 domain, can be specified as all ones.  Additionally, the source-group
 packet count (see Sections 3.2.4 and 3.2.5) within the domain may be
 all ones if it is hidden.

Asaeda, et al. Standards Track [Page 28] RFC 8487 Mtrace2 October 2018

5. Client Behavior

 This section describes the behavior of an Mtrace2 client in detail.

5.1. Sending Mtrace2 Query

 An Mtrace2 client initiates an Mtrace2 Query by sending the Query to
 the LHR of interest.

5.1.1. Destination Address

 If an Mtrace2 client knows the proper LHR, it unicasts an Mtrace2
 Query packet to that router; otherwise, it MAY send the Mtrace2 Query
 packet to the all-routers multicast group (224.0.0.2) for IPv4 or All
 Routers Address (FF02::2) for IPv6.  This will ensure that the packet
 is received by the LHR on the subnet.
 See also Section 5.4 on determining the LHR.

5.1.2. Source Address

 An Mtrace2 Query MUST be sent with the client's interface address,
 which is the Mtrace2 Client Address.

5.2. Determining the Path

 An Mtrace2 client could send an initial Query message with a large #
 Hops, in order to try to trace the full path.  If this attempt fails,
 one strategy is to perform a linear search (as the traditional
 unicast traceroute program does); set the # Hops field to 1 and try
 to get a Reply, then 2, and so on.  If no Reply is received at a
 certain hop, this hop is identified as the probable cause of
 forwarding failures on the path.  Nevertheless, the sender may
 attempt to continue tracing past the non-responding hop by further
 increasing the hop count in the hope that further hops may respond.
 Each of these attempts MUST NOT be initiated before the previous
 attempt has terminated either because of successful reception of a
 Reply or because the [Mtrace Reply Timeout] timeout has occurred.
 See also Section 5.6 on receiving the results of a trace.

5.3. Collecting Statistics

 After a client has determined that it has traced the whole path or as
 much as it can expect to (see Section 5.8), it might collect
 statistics by waiting a short time and performing a second trace.  If
 the path is the same in the two traces, statistics can be displayed
 as described in Sections 7.3 and 7.4.

Asaeda, et al. Standards Track [Page 29] RFC 8487 Mtrace2 October 2018

5.4. Last-Hop Router (LHR)

 The Mtrace2 client may not know which is the last-hop router, or that
 router may be behind a firewall that blocks unicast packets but
 passes multicast packets.  In these cases, the Mtrace2 Request should
 be multicasted to the all-routers multicast group (224.0.0.2) for
 IPv4 or All Routers Address (FF02::2) for IPv6.  All routers except
 the correct last-hop router SHOULD ignore any Mtrace2 Request
 received via multicast.

5.5. First-Hop Router (FHR)

 The IANA assigned 224.0.1.32 as the default multicast group for old
 IPv4 mtrace (v1) responses, in order to support mtrace clients that
 are not unicast reachable from the first-hop router.  Mtrace2,
 however, does not require any IPv4/IPv6 multicast addresses for the
 Mtrace2 Replies.  Every Mtrace2 Reply is sent to the unicast address
 specified in the Mtrace2 Client Address field of the Mtrace2 Reply.

5.6. Broken Intermediate Router

 A broken intermediate router might simply not understand Mtrace2
 packets and drop them.  The Mtrace2 client will get no Reply at all
 as a result.  It should then perform a hop-by-hop search by setting
 the # Hops field until it gets an Mtrace2 Reply.  The client may use
 linear or binary search; however, the latter is likely to be slower
 because a failure requires waiting for the [Mtrace Reply Timeout]
 period.

5.7. Non-supported Router

 When a non-supported router receives an Mtrace2 Query or Request
 message whose destination address is a multicast address, the router
 will silently discard the message.
 When the router receives an Mtrace2 Query that is destined to itself,
 the router returns an Internet Control Message Protocol (ICMP) port
 unreachable to the Mtrace2 client.  On the other hand, when the
 router receives an Mtrace2 Request that is destined to itself, the
 router returns an ICMP port unreachable to its adjacent router from
 which the Request receives.  Therefore, the Mtrace2 client needs to
 terminate the trace when the [Mtrace Reply Timeout] timeout has
 occurred, and it may then issue another Query with a lower number of
 # Hops.

Asaeda, et al. Standards Track [Page 30] RFC 8487 Mtrace2 October 2018

5.8. Mtrace2 Termination

 When performing an expanding hop-by-hop trace, it is necessary to
 determine when to stop expanding.

5.8.1. Arriving at Source

 A trace can be determined to have arrived at the source if the
 Incoming Interface of the last router in the trace is non-zero, but
 the upstream router is zero.

5.8.2. Fatal Error

 A trace has encountered a fatal error if the last Forwarding Error in
 the trace has the 0x80 bit set.

5.8.3. No Upstream Router

 A trace cannot continue if the last upstream router in the trace is
 set to 0.

5.8.4. Reply Timeout

 This document defines the [Mtrace Reply Timeout] value, which is used
 to time out an Mtrace2 Reply as seen in Sections 4.5, 5.2, and 5.7.
 The default [Mtrace Reply Timeout] value is 10 (seconds) and can be
 manually changed on the Mtrace2 client and routers.

5.9. Continuing after an Error

 When the NO_SPACE error occurs, as described in Section 4.2, a router
 will send back an Mtrace2 Reply to the Mtrace2 client and continue
 with a new Request (see Section 4.3.3).  In this case, the Mtrace2
 client may receive multiple Mtrace2 Replies from different routers
 along the path.  When this happens, the client MUST treat them as a
 single Mtrace2 Reply message by collating the Augmented Response
 Blocks of subsequent Replies sharing the same Query ID, sequencing
 each cluster of Augmented Response Blocks based on the order in which
 they are received.
 If a trace times out, it is very likely that a router in the middle
 of the path does not support Mtrace2.  That router's address will be
 in the Upstream Router field of the last Standard Response Block in
 the last received Reply.  A client may be able to determine a list of
 neighbors of the non-responding router (e.g., by using the Simple
 Network Management Protocol (SNMP) [12] [14]).  The neighbors
 obtained in this way could then be probed (via the multicast MIB
 [14]) to determine which one is the upstream neighbor (i.e., an RPF

Asaeda, et al. Standards Track [Page 31] RFC 8487 Mtrace2 October 2018

 neighbor) of the non-responding router.  This algorithm can identify
 the upstream neighbor because, even though there may be multiple
 neighbors, the non-responding router should only have sent a "join"
 to the one neighbor corresponding to its selected RPF path.  Because
 of this, only the RPF neighbor should contain the non-responding
 router as a multicast next hop in its MIB output list for the
 affected multicast route.

6. Protocol-Specific Considerations

 This section describes the Mtrace2 behavior with the presence of
 different multicast protocols.

6.1. PIM-SM

 When an Mtrace2 reaches a PIM-SM RP, and the RP does not forward the
 trace on, it means that the RP has not performed a source-specific
 join, so there is no more state to trace.  However, the path that
 traffic would use if the RP did perform a source-specific join can be
 traced by setting the trace destination to the RP, the trace source
 to the traffic source, and the trace group to 0.  This Mtrace2 Query
 may be unicasted to the RP, and the RP takes the same actions as an
 LHR.

6.2. Bidirectional PIM

 Bidirectional PIM [4] is a variant of PIM-SM that builds
 bidirectional shared trees that connect multicast sources and
 receivers.  Along the bidirectional shared trees, multicast data is
 natively forwarded from the sources to the Rendezvous Point Link
 (RPL), and from which, to receivers without requiring source-specific
 state.  In contrast to PIM-SM, Bidirectional PIM always has the state
 to trace.
 A Designated Forwarder (DF) for a given Rendezvous Point Address
 (RPA) is in charge of forwarding downstream traffic onto its link and
 forwarding upstream traffic from its link towards the RPL that the
 RPA belongs to.  Hence, Mtrace2 Reply reports DF addresses or RPA
 along the path.

6.3. PIM-DM

 Routers running PIM - Dense Mode (PIM-DM) [11] do not know the path
 packets would take unless traffic is flowing.  Without some extra
 protocol mechanism, this means that in an environment with multiple
 possible paths with branch points on shared media, Mtrace2 can only
 trace existing paths, not potential paths.  When there are multiple

Asaeda, et al. Standards Track [Page 32] RFC 8487 Mtrace2 October 2018

 possible paths but the branch points are not on shared media, the
 upstream router is known, but the LHR may not know that it is the
 appropriate last hop.
 When traffic is flowing, PIM-DM routers know whether or not they are
 the LHR for the link (because they won or lost an Assert battle) and
 know who the upstream router is (because it won an Assert battle).
 Therefore, Mtrace2 is always able to follow the proper path when
 traffic is flowing.

6.4. IGMP/MLD Proxy

 When an IGMP or Multicast Listener Discovery (MLD) Proxy [3] receives
 an Mtrace2 Query packet on an Incoming Interface, it notes a WRONG_IF
 in the Forwarding Code of the last Standard Response Block (see
 Section 3.2.4) and sends the Mtrace2 Reply back to the Mtrace2
 client.  On the other hand, when an Mtrace2 Query packet reaches an
 Outgoing Interface of the IGMP/MLD proxy, it is forwarded onto its
 Incoming Interface towards the upstream router.

7. Problem Diagnosis

 This section describes different scenarios in which Mtrace2 can be
 used to diagnose the multicast problems.

7.1. Forwarding Inconsistencies

 The Forwarding Error code can tell if a group is unexpectedly pruned
 or administratively scoped.

7.2. TTL or Hop-Limit Problems

 By taking the maximum of hops from the source and forwarding the TTL
 threshold over all hops, it is possible to discover the TTL or hop
 limit required for the source to reach the destination.

7.3. Packet Loss

 By taking multiple traces, it is possible to find packet-loss
 information by tracking the difference between the output packet
 count for the specified source-group address pair at a given upstream
 router and the input packet count on the next-hop downstream router.
 On a point-to-point link, any steadily increasing difference in these
 counts implies packet loss.  Although the packet counts will differ
 due to Mtrace2 Request propagation delay, the difference should
 remain essentially constant (except for jitter caused by differences
 in propagation time among the trace iterations).  However, this
 difference will display a steady increase if packet loss is

Asaeda, et al. Standards Track [Page 33] RFC 8487 Mtrace2 October 2018

 occurring.  On a shared link, the count of input packets can be
 larger than the number of output packets at the previous hop, due to
 other routers or hosts on the link injecting packets.  This appears
 as "negative loss", which may mask real packet loss.
 In addition to the counts of input and output packets for all
 multicast traffic on the interfaces, the Standard Response Block
 includes a count of the packets forwarded by a node for the specified
 source-group pair.  Taking the difference in this count between two
 traces and then comparing those differences between two hops gives a
 measure of packet loss just for traffic from the specified source to
 the specified receiver via the specified group.  This measure is not
 affected by shared links.
 On a point-to-point link that is a multicast tunnel, packet loss is
 usually due to congestion in unicast routers along the path of that
 tunnel.  On native multicast links, loss is more likely in the output
 queue of one hop, perhaps due to priority dropping, or in the input
 queue at the next hop.  The counters in the Standard Response Block
 do not allow these cases to be distinguished.  Differences in packet
 counts between the Incoming and Outgoing Interfaces on one node
 cannot generally be used to measure queue overflow in the node.

7.4. Link Utilization

 Again, with two traces, you can divide the difference in the input or
 output packet counts at some hop by the difference in timestamps from
 the same hop to obtain the packet rate over the link.  If the average
 packet size is known, then the link utilization can also be estimated
 to see whether packet loss may be due to the rate limit or the
 physical capacity on a particular link being exceeded.

7.5. Time Delay

 If the routers have synchronized clocks, it is possible to estimate
 propagation and queuing delay from the differences between the
 timestamps at successive hops.  However, this delay includes control
 processing overhead, so is not necessarily indicative of the delay
 that data traffic would experience.

8. IANA Considerations

 The following registries have been created and are maintained under
 the "Specification Required" registry policy as specified in [6].

Asaeda, et al. Standards Track [Page 34] RFC 8487 Mtrace2 October 2018

8.1. "Mtrace2 Forwarding Codes" Registry

 This registry holds integers in the range 0-255.  Assignment of a
 Forwarding Code requires specification of a value and a name for the
 Forwarding Code.  Initial values for the Forwarding Codes are given
 in the table at the end of Section 3.2.4.  Additional values
 (specific to IPv6) may also be specified at the end of Section 3.2.5.
 Any additions to this registry are required to fully describe the
 conditions under which the new Forwarding Code is used.

8.2. "Mtrace2 TLV Types" Registry

 Assignment of a TLV Type requires specification of an integer value
 "Code" in the range 0-255 and a name ("Type").  Initial values for
 the TLV Types are given in the table at the beginning of Section 3.2.

8.3. UDP Destination Port

 IANA has assigned UDP user port 33435 (mtrace) for use by this
 protocol as the Mtrace2 UDP destination port.

9. Security Considerations

 This section addresses some of the security considerations related to
 Mtrace2.

9.1. Addresses in Mtrace2 Header

 An Mtrace2 header includes three addresses: a source address, a
 multicast address, and an Mtrace2 Client Address.  These addresses
 MUST be congruent with the definition defined in Section 3.2.1, and
 forwarding Mtrace2 messages that have invalid addresses MUST be
 prohibited.  For instance, if the Mtrace2 Client Address specified in
 an Mtrace2 header is a multicast address, then a router that receives
 the Mtrace2 message MUST silently discard it.

9.2. Verification of Clients and Peers

 A router providing Mtrace2 functionality MUST support a source-
 verification mechanism to drop Queries from clients and Requests from
 peer router or client addresses that are unauthorized or that are
 beyond a specified administrative boundary.  This verification could,
 for example, be specified via a list of allowed/disallowed clients
 and peer addresses or subnets for a given Mtrace2 message type sent
 to the Mtrace2 protocol port.  If a Query or Request is received from
 an unauthorized address or one beyond the specified administrative
 boundary, the Query/Request MUST NOT be processed.  The router MAY,
 however, perform rate-limited logging of such events.

Asaeda, et al. Standards Track [Page 35] RFC 8487 Mtrace2 October 2018

 The required use of source verification on the participating routers
 minimizes the possible methods for introduction of spoofed Query/
 Request packets that would otherwise enable DoS amplification attacks
 targeting an authorized "query" host.  The source verification
 mechanisms provide this protection by allowing Query messages from an
 authorized host address to be received only by the router(s)
 connected to that host and only on the interface to which that host
 is attached.  For protection against spoofed Request messages, the
 source-verification mechanisms allow Request messages only from a
 directly connected routing peer and allow these messages to be
 received only on the interface to which that peer is attached.
 Note that the following vulnerabilities cannot be covered by the
 source verification methods described here.  These methods can,
 nevertheless, prevent attacks launched from outside the boundaries of
 a given network as well as from any hosts within the network that are
 not on the same LAN as an intended authorized query client.
 o  A server/router "B" other than the server/router "A" that actually
    "owns" a given IP address could, if it is connected to the same
    LAN, send an Mtrace2 Query or Request with the source address set
    to the address for server/router "A".  This is not a significant
    threat, however, if only trusted servers and routers are connected
    to that LAN.
 o  A malicious application running on a trusted server or router
    could send packets that might cause an amplification problem.  It
    is beyond the scope of this document to protect against a DoS
    attack launched from the same host that is the target of the
    attack or from another "on path" host, but this is not a likely
    threat scenario.  In addition, routers on the path MAY rate-limit
    the packets as specified in Sections 9.5 and 9.6.

9.3. Topology Discovery

 Mtrace2 can be used to discover any actively used topology.  If your
 network topology is a secret, Mtrace2 may be restricted at the border
 of your domain, using the ADMIN_PROHIB Forwarding Code.

9.4. Characteristics of Multicast Channel

 Mtrace2 can be used to discover what sources are sending to what
 groups and at what rates.  If this information is a secret, Mtrace2
 may be restricted at the border of your domain, using the
 ADMIN_PROHIB Forwarding Code.

Asaeda, et al. Standards Track [Page 36] RFC 8487 Mtrace2 October 2018

9.5. Limiting Query/Request Rates

 A router may limit Mtrace2 Queries and Requests by ignoring some of
 the consecutive messages.  The router MAY randomly ignore the
 received messages to minimize the processing overhead, i.e., to keep
 fairness in processing Queries or prevent traffic amplification.  The
 rate limit is left to the router's implementation.

9.6. Limiting Reply Rates

 The proxying and NO_SPACE behaviors may result in one Query returning
 multiple Reply messages.  In order to prevent abuse, the routers in
 the traced path MAY need to rate-limit the Replies.  The rate-limit
 function is left to the router's implementation.

9.7. Specific Security Concerns

9.7.1. Request and Response Bombardment

 A malicious sender could generate invalid and undesirable Mtrace2
 traffic to hosts and/or routers on a network by eliciting responses
 to spoofed or multicast client addresses.  This could be done via
 forged or multicast client/source addresses in Mtrace2 Query or
 Request messages.  The recommended protections against this type of
 attack are described in Sections 9.1, 9.2, 9.5, and 9.6.

9.7.2. Amplification Attack

 Because an Mtrace2 Query results in Mtrace2 Request and Mtrace2 Reply
 messages that are larger than the original message, the potential
 exists for an amplification attack from a malicious sender.  This
 threat is minimized by restricting the set of addresses from which
 Mtrace2 messages can be received on a given router as specified in
 Section 9.2.
 In addition, for a router running a PIM protocol (PIM-SM, PIM-DM, PIM
 - Source-Specific Multicast (PIM-SSM), or Bidirectional PIM), the
 router SHOULD drop any Mtrace2 Request or Reply message that is
 received from an IP address that does not correspond to an
 authenticated PIM neighbor on the interface from which the packet is
 received.  The intent of this text is to prevent non-router endpoints
 from injecting Request messages.  Implementations of non-PIM
 protocols SHOULD employ some other mechanism to prevent this attack.

Asaeda, et al. Standards Track [Page 37] RFC 8487 Mtrace2 October 2018

9.7.3. Leaking of Confidential Topology Details

 Mtrace2 Queries are a potential mechanism for obtaining confidential
 topology information for a targeted network.  Sections 9.2 and 9.4
 describe required and optional methods for ensuring that information
 delivered with Mtrace2 messages is not disseminated to unauthorized
 hosts.

9.7.4. Delivery of False Information (Forged Reply Messages)

 Forged Reply messages could potentially provide a host with invalid
 or incorrect topology information.  They could also provide invalid
 or incorrect information regarding multicast traffic statistics,
 multicast stream propagation delay between hops, multicast and
 unicast protocols in use between hops and other information used for
 analyzing multicast traffic patterns, and troubleshooting multicast
 traffic problems.  This threat is mitigated by the following factors:
 o  The required source verification of permissible source addresses
    specified in Section 9.2 eliminates the origination of forged
    Replies from addresses that have not been authorized to send
    Mtrace2 messages to routers on a given network.  This mechanism
    can block forged Reply messages sent from any "off path" source.
 o  To forge a Reply, the sender would need to somehow know (or guess)
    the associated 2-byte Query ID for an extant Query and the
    dynamically allocated source port number.  Because "off path"
    sources can be blocked by a source verification mechanism, the
    scope of this threat is limited to "on path" attackers.
 o  The required use of source verification (Section 9.2) and
    recommended use of PIM neighbor authentication (Section 9.7.2) for
    messages that are only valid when sent by a multicast routing peer
    (Request and Reply messages) eliminate the possibility of
    reception of a forged Reply from an authorized host address that
    does not belong to a multicast peer router.
 o  The use of encryption between the source of a Query and the
    endpoint of the trace would provide a method to protect the values
    of the Query ID and the dynamically allocated client (source) port
    (see Section 3.2.1).  These are the values needed to create a
    forged Reply message that would pass validity checks at the
    querying client.  This type of cryptographic protection is not
    practical, however, because the primary reason for executing an
    Mtrace2 is that the destination endpoint (and path to that
    endpoint) are not known by the querying client.  While it is not
    practical to provide cryptographic protection between a client and
    the Mtrace2 endpoints (destinations), it may be possible to

Asaeda, et al. Standards Track [Page 38] RFC 8487 Mtrace2 October 2018

    prevent forged responses from "off path" nodes attached to any
    Mtrace2 transit LAN by devising a scheme to encrypt the critical
    portions of an Mtrace2 message between each valid sender/receiver
    pair at each hop to be used for multicast/Mtrace2 transit.  The
    use of encryption protection between nodes is, however, out of the
    scope of this document.

10. References

10.1. Normative References

 [1]   Bradner, S., "Key words for use in RFCs to Indicate Requirement
       Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997,
       <https://www.rfc-editor.org/info/rfc2119>.
 [2]   Hinden, R. and S. Deering, "IP Version 6 Addressing
       Architecture", RFC 4291, DOI 10.17487/RFC4291, February 2006,
       <https://www.rfc-editor.org/info/rfc4291>.
 [3]   Fenner, B., He, H., Haberman, B., and H. Sandick, "Internet
       Group Management Protocol (IGMP) / Multicast Listener Discovery
       (MLD)-Based Multicast Forwarding ("IGMP/MLD Proxying")",
       RFC 4605, DOI 10.17487/RFC4605, August 2006,
       <https://www.rfc-editor.org/info/rfc4605>.
 [4]   Handley, M., Kouvelas, I., Speakman, T., and L. Vicisano,
       "Bidirectional Protocol Independent Multicast (BIDIR- PIM)",
       RFC 5015, DOI 10.17487/RFC5015, October 2007,
       <https://www.rfc-editor.org/info/rfc5015>.
 [5]   Fenner, B., Handley, M., Holbrook, H., Kouvelas, I., Parekh,
       R., Zhang, Z., and L. Zheng, "Protocol Independent Multicast -
       Sparse Mode (PIM-SM): Protocol Specification (Revised)",
       STD 83, RFC 7761, DOI 10.17487/RFC7761, March 2016,
       <https://www.rfc-editor.org/info/rfc7761>.
 [6]   Cotton, M., Leiba, B., and T. Narten, "Guidelines for Writing
       an IANA Considerations Section in RFCs", BCP 26, RFC 8126,
       DOI 10.17487/RFC8126, June 2017,
       <https://www.rfc-editor.org/info/rfc8126>.
 [7]   Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key
       Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017,
       <https://www.rfc-editor.org/info/rfc8174>.
 [8]   Deering, S. and R. Hinden, "Internet Protocol, Version 6 (IPv6)
       Specification", STD 86, RFC 8200, DOI 10.17487/RFC8200, July
       2017, <https://www.rfc-editor.org/info/rfc8200>.

Asaeda, et al. Standards Track [Page 39] RFC 8487 Mtrace2 October 2018

10.2. Informative References

 [9]   McCloghrie, K. and F. Kastenholz, "The Interfaces Group MIB",
       RFC 2863, DOI 10.17487/RFC2863, June 2000,
       <https://www.rfc-editor.org/info/rfc2863>.
 [10]  Cain, B., Deering, S., Kouvelas, I., Fenner, B., and A.
       Thyagarajan, "Internet Group Management Protocol, Version 3",
       RFC 3376, DOI 10.17487/RFC3376, October 2002,
       <https://www.rfc-editor.org/info/rfc3376>.
 [11]  Adams, A., Nicholas, J., and W. Siadak, "Protocol Independent
       Multicast - Dense Mode (PIM-DM): Protocol Specification
       (Revised)", RFC 3973, DOI 10.17487/RFC3973, January 2005,
       <https://www.rfc-editor.org/info/rfc3973>.
 [12]  Draves, R. and D. Thaler, "Default Router Preferences and
       More-Specific Routes", RFC 4191, DOI 10.17487/RFC4191, November
       2005, <https://www.rfc-editor.org/info/rfc4191>.
 [13]  Gill, V., Heasley, J., Meyer, D., Savola, P., Ed., and C.
       Pignataro, "The Generalized TTL Security Mechanism (GTSM)",
       RFC 5082, DOI 10.17487/RFC5082, October 2007,
       <https://www.rfc-editor.org/info/rfc5082>.
 [14]  McWalter, D., Thaler, D., and A. Kessler, "IP Multicast MIB",
       RFC 5132, DOI 10.17487/RFC5132, December 2007,
       <https://www.rfc-editor.org/info/rfc5132>.
 [15]  Rosen, E., Ed. and R. Aggarwal, Ed., "Multicast in MPLS/ BGP IP
       VPNs", RFC 6513, DOI 10.17487/RFC6513, February 2012,
       <https://www.rfc-editor.org/info/rfc6513>.
 [16]  Bumgardner, G., "Automatic Multicast Tunneling", RFC 7450,
       DOI 10.17487/RFC7450, February 2015,
       <https://www.rfc-editor.org/info/rfc7450>.

Asaeda, et al. Standards Track [Page 40] RFC 8487 Mtrace2 October 2018

Acknowledgements

 This specification started largely as a transcription of Van
 Jacobson's slides from the 30th IETF meeting and the implementation
 in mrouted 3.3 by Ajit Thyagarajan.  Van's original slides credit
 Steve Casner, Steve Deering, Dino Farinacci, and Deb Agrawal.  The
 original multicast traceroute client, mtrace (version 1), has been
 implemented by Ajit Thyagarajan, Steve Casner, and Bill Fenner.  The
 idea of the S bit to allow statistics for a source subnet is due to
 Tom Pusateri.
 For the Mtrace version 2 specification, the authors would like to
 give special thanks to Tatsuya Jinmei, Bill Fenner, and Steve Casner.
 Also, extensive comments were received from David L. Black, Ronald
 Bonica, Yiqun Cai, Liu Hui, Bharat Joshi, Robert Kebler, John
 Kristoff, Mankamana Mishra, Heidi Ou, Eric Rescorla, Pekka Savola,
 Shinsuke Suzuki, Dave Thaler, Achmad Husni Thamrin, Stig Venaas, Cao
 Wei, and the MBONED Working Group members.

Authors' Addresses

 Hitoshi Asaeda
 National Institute of Information and Communications Technology
 4-2-1 Nukui-Kitamachi
 Koganei, Tokyo  184-8795
 Japan
 Email: asaeda@nict.go.jp
 Kerry Meyer
 Dell EMC
 176 South Street
 Hopkinton, MA  01748
 United States
 Email: kerry.meyer@me.com
 WeeSan Lee (editor)
 Email: weesan@weesan.com

Asaeda, et al. Standards Track [Page 41]

/data/webs/external/dokuwiki/data/pages/rfc/rfc8487.txt · Last modified: 2018/10/29 05:07 by 127.0.0.1

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki