IP SLAs TWAMP Responder

The Two-Way Active Measurement Protocol (TWAMP) defines a flexible method for measuring round-trip IP performance between any two devices.

TWAMP enables complete IP performance measurement. TWAMP also provides a flexible choice of solutions because it supports all devices deployed in the network.

This chapter describes how to configure the Two-Way Active Measurement Protocol (TWAMP) responder on a Cisco device to measure IP performance between the Cisco device and a non-Cisco TWAMP control device on your network.


Note
IPv6 is supported for IP SLA TWAMP Responder on the RSP3 module.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to https://cfnng.cisco.com/. An account on Cisco.com is not required.

Prerequisites for IP SLAs TWAMP Responder

  • A TWAMP control-client and the session-sender must be configured in your network.

  • IP SLA server must be configured on the IP Server. Use the ip sla server twamp command to configure the sever.

  • The TWAMP server and the session reflector must be configured on the same Cisco device.

Restrictions for IP SLAs TWAMP Responder

  • Time stamping is not supported for TWAMP test packets that ingress or egress through management interfaces. Time stamping is supported only on routed interfaces and BDI interfaces.

  • TWAMP client and session sender are not supported.

  • Up to nine session-senders can be configured for one TWAMP responder.

  • Effective Cisco IOS XE Bengaluru 17.5.1 TWAMP Light mode is supported.

    TWAMP Light mode is not supported in releases pror to Cisco IOS XE Bengaluru 17.5.1 release.

  • TWAMP with NTP displays timestamp that does not match with the system clock. This is due to the hardware limitation.

  • IPv6 TWAMP test packets are sent back with a hop limit of 64 instead of the value 255.

  • IPv6 TWAMP test packets that are fragmented are not reflected back correctly.

  • Custom DSCP values are not supported on TWAMP. The DSCP values used in the control phase are populated in the TWAMP test packets irrespective of whatever may be the DSCP value in the test packets incoming to the reflector.

IP SLAs TWAMP Architecture

Two-Way Active Measurement Protocol (TWAMP)

The IETF Two-Way Active Measurement Protocol (TWAMP) defines a standard for measuring round-trip network performance between any two devices that support the TWAMP protocols. The TWAMP-Control protocol is used to set up performance measurement sessions. The TWAMP-Test protocol is used to send and receive performance measurement probes.

The TWAMP architecture is composed of the following four logical entities that are responsible for starting a monitoring session and exchanging packets:

  • The control client: It sets up, starts, and stops TWAMP test sessions.

  • The session sender: It instantiates TWAMP test packets that are sent to the session reflector.

  • The session reflector: It reflects a measurement packet upon receiving a TWAMP test packet. The session reflector does not collect packet statistics in TWAMP.

  • The TWAMP server: It is an end system that manages one or more TWAMP sessions and is also capable of configuring each session ports in the end points. The server listens on the TCP port. The session-reflector and server make up the TWAMP responder in an IP SLAs operation.

Although TWAMP defines the different entities for flexibility, it also allows for logical merging of the roles on a single device for ease of implementation. The figure below shows the interactions of four entities of the TWAMP architecture.

Figure 1. TWAMP Architecture

IP SLAs TWAMP Responder v1.0

A TWAMP responder interoperates with the control-client and session-sender on another device that supports TWAMP. In the IP SLAs TWAMP Responder v1.0 feature, the session-reflector and TWAMP server that make up the responder must be co-located on the same device.

In the figure below, there are two Cisco devices that are configured as IP SLAs TWAMP responders. Each IP SLAs TWAMP responder acts as both, a TWAMP server and a session-reflector.

Figure 2. IP SLAs TWAMP Responders in a Basic TWAMP Deployment

Note

Only software time stamping for TWAMP is supported.

Two-Way Active Measurement Protocol

The Two-Way Active Measurement Protocol (TWAMP) defines a flexible method for measuring round-trip IP performance between any two devices.

Advantages of TWAMP

  • TWAMP enables complete IP performance measurement.

  • TWAMP provides a flexible choice of solutions as it supports all devices deployed in the network.

The TWAMP entities

The TWAMP system consists of four logical entities:

  • server -- manages one or more TWAMP sessions and also configures per-session ports in the end-points.

  • session-reflector - reflects a measurement packet as soon as it receives a TWAMP test packet.

  • control-client - initiates the start and stop of TWAMP test sessions.

  • session-sender - instantiates the TWAMP test packets sent to the session reflector.

TWAMP Message Exchange Categories

The TWAMP protocol includes three distinct message exchange categories, they are:

  • Connection set-up exchange: Messages establish a session connection between the Control-Client and the server. First the identities of the communicating peers are established via a challenge response mechanism. The server sends a randomly generated challenge, to which the Control-Client then sends a response by encrypting the challenge using a key derived from the shared secret. Once the identities are established, the next step negotiates a security mode that is binding for the subsequent TWAMP-Control commands as well as the TWAMP-Test stream packets.


    Note

    A server can accept connection requests from multiple control clients.

  • TWAMP-control exchange: The TWAMP-Control protocol runs over TCP and is used to instantiate and control measurement sessions. The sequence of commands is as follows, but unlike, the Connection setup exchanges, the TWAMP-Control commands can be sent multiple times. However, the messages cannot occur out of sequence although multiple request-session commands can be sent before a session-start command.

    • request-session

    • start-session

    • stop-session

  • TWAMP-test stream exchange: The TWAMP-Test runs over UDP and exchanges TWAMP-Test packets between Session-Sender and Session-Reflector. These packets include timestamp fields that contain the instant of packet egress and ingress. The packet also includes a Sequence Number.

TWAMP-Control and TWAMP-test stream support only unauthenticated security mode.

Configure an IP SLAs TWAMP Responder


Note

Effective Cisco IOS-XE Everest 16.6.1, time stamping for sender (T1, T4) and receiver (T3, T2) is performed by the hardware, instead of the software. This time stamping is done bythe hardware to improve the accuracy of jitter and latency measurements.


Note

Software time stamping is implemented for TWAMP IP SLA packets on the RSP3 module.

Configuring the TWAMP Server


Note

In the current implementation of IP SLAs TWAMP Responder, the TWAMP server and the session reflector must be configured on the same device.

Procedure

Step 1

enable

Example:

Device> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.

Step 3

ip sla server twamp

Example:

Device(config)#  ip sla server twamp

Configures the device as a TWAMP server and enters TWAMP server configuration mode.

Step 4

port port-number

Example:

Device(config-twamp-srvr)# port 9000

(Optional) Configures the port to be used by the TWAMP server to listen for connection and control requests.

Step 5

timer inactivity seconds

Example:

Device(config-twamp-srvr)# timer inactivity 300

(Optional) Configures the inactivity timer for a TWAMP control session.

Step 6

end

Example:

Device(config-twamp-srvr)# end

Returns to privileged EXEC mode.

Configuring the Session Reflector


Note

In the current implementation of IP SLAs TWAMP Responder, the TWAMP server and the session reflector must be configured on the same device.

Procedure

Step 1

enable

Example:

Device> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.

Step 3

ip sla responder twamp

Example:

Device(config)# ip sla responder twamp

Configures the device as a TWAMP responder and enters TWAMP reflector configuration mode.

Step 4

timeout seconds

Example:

Device(config-twamp-ref)#  timeout 300

(Optional) Configures an inactivity timer for a TWAMP test session.

Step 5

end

Example:

Device(config-twamp-ref)# end

Exits to privileged EXEC mode.

Configuration Examples for IP SLAs TWAMP Responder

Configuration Example for IP SLAs TWAMP Responder for IPv6

Configuration Example for IP SLAs TWAMP Responder for IPv6

The following example and partial output shows how to configure the TWAMP server and the session reflector on the same Cisco device. In this configuration, port 862 is the (default) port to be used by the IP SLAs TWAMP Responder v1.0

For the IP SLAs TWAMP responder to function, a control client and the session sender must be configured in your network.


Note

The following example is for non-VRF scenarios (default):

 
Device> enable
Device# configure terminal
Router(config)# ip sla serv twamp
Router(config-twamp-srvr)# port 9000
Router(config-twamp-srvr)# timer inactivity 1200
Router(config-twamp-srvr)# exit
Router(config)# ip sla responder tw
Router(config)# ip sla responder twamp
Router(config-twamp-ref)# resp
Router(config-twamp-ref)# time
Router(config-twamp-ref)# timeout 2000
Router(config-twamp-ref)# exit
twamp_RTR2#show ip sla twamp connection detail 
Connection Id:          3
  Client IP Address:    2001:16::F
  Client Port:          54015
  Client VRF:           default
  Mode:                 Unauthenticated
  Connection State:     Connected
  Control State:        Active
  Number of Test Requests - 0:1

twamp_RTR2#show ip sla twamp session 
IP SLAs Responder TWAMP is: Enabled
Recvr Addr: 2001:16::1
Recvr Port: 9
Sender Addr: 2001:16::8
Sender Port: 7
Sender VRF: default
Session Id: 0.0.0.8:16217652433068140527:DC98A400
Connection Id: 2A

twamp_RTR2#show ip sla twamp session 
IP SLAs Responder TWAMP is: Enabled
Recvr Addr: 2001:16::1
Recvr Port: 9
Sender Addr: 2001:16::8
Sender Port: 7
Sender VRF: default
Session Id: 0.0.0.8:16217652433068140527:DC98A400
Connection Id: 2A

twamp_RTR2#show ip sla twamp session source-ip 2001:16::8 source-port 7
IP SLAs Responder TWAMP is: Enabled
Recvr Addr: 2001:16::1
Recvr Port: 9
Sender Addr: 2001:16::8
Sender Port: 7
Sender VRF: default
Session Id: 0.0.0.8:16217652433068140527:DC98A400
Connection Id: 2A
Mode: UnAuthorized
DSCP: 0
Pad Length: 128
Number of Packets Received: 81004

Configuration Example for IP SLAs TWAMP Responder

The following example and partial output shows how to configure the TWAMP server and the session reflector on the same Cisco device. In this configuration, port 862 is the (default) port to be used by the TWAMP server to listen for connection and control requests. The port for the server listener is the RFC-specified port and if required, can be reconfigured.


Note

For the IP SLAs TWAMP responder to function, a control client and the session sender must be configured in your network.

The following examples are for non-VRF scenarios (default): 

Device> enable
Device# configure terminal
Router(config)# ip sla serv twamp
Router(config-twamp-srvr)# port 12000
Router(config-twamp-srvr)# timer inactivity 1200
Router(config-twamp-srvr)# exit
Router(config)# ip sla responder tw
Router(config)# ip sla responder twamp
Router(config-twamp-ref)# resp
Router(config-twamp-ref)# time
Router(config-twamp-ref)# timeout 2000
Router(config-twamp-ref)# exit

Router# show ip sla twamp connection requests
    Connection-Id     Client Address   Client Port      Client VRF
          A3              100.1.0.1         59807         default

Router# show ip sla twamp connection detail
Connection Id:          A3
  Client IP Address:    100.1.0.1
  Client Port:          59807
  Client VRF:           intf2
  Mode:                 Unauthenticated
  Connection State:     Connected
  Control State:        Active
  Number of Test Requests - 0:1

Router# show ip sla twamp session
IP SLAs Responder TWAMP is: Enabled
Recvr Addr: 100.1.0.2
Recvr Port: 7
Sender Addr: 100.1.0.1
Sender Port: 34608
Sender VRF: default
Session Id: 100.1.0.2:15833604877498391199:6D496912
Connection Id: 101

Router# sh running-config | b twamp
ip sla responder twamp
 timeout 2000
ip sla responder
ip sla enable reaction-alerts
ip sla server twamp
 port 12000
 timer inactivity 1200
!
!

The following examples are for VRF scenarios: 

Router# show ip sla twamp session
IP SLAs Responder TWAMP is: Enabled
Recvr Addr: 100.1.0.2
Recvr Port: 7
Sender Addr: 100.1.0.1
Sender Port: 51486
Sender VRF: intf1
Session Id: 100.1.0.2:9487538053959619969:73D5EDEA
Connection Id: D0

Router# show ip sla twamp connection detail
Connection Id:          A3
  Client IP Address:    100.1.0.1
  Client Port:          52249
  Client VRF:           intf2
  Mode:                 Unauthenticated
  Connection State:     Connected
  Control State:        Active
  Number of Test Requests - 0:1

Router# show ip sla twamp connection requests
  Connection-Id    Client Address   Client Port    Client VRF
             A3       100.1.0.1       52249          intf2
 Total number of current connections: 1

Note
The default port for IP SLA server is 862.

IP SLAs TWAMP Light

TWAMP Light is a light-weight model of TWAMP, which eliminates the need for a TWAMP control session. The test session parameters exchanged over the control session in TWAMP preconfigured at both endpoints of the TWAMP Light test session. This reduces the overhead of configuring a control session and eliminates the need for a TWAMP server that is maintained at the reflector end.

Table 1. Feature History

Feature Name

Release Information

Feature Description

TWAMP Light

 Cisco IOS XE Bengaluru 17.5.1

This feature enables you to configure a TWAMP Light session using the ip sla responder twamp-light test-session command on the Cisco RSP2 module.

Restrictions for IP SLAs TWAMP Light

  • UDP port configured on IP SLA Permanent Port cannot be configured on TWAMP Light session.

  • TWAMP Light Responder and TWAMP Responder cannot be enabled simultaneously on the same UDP port.

  • If a TWAMP test session is in progress, a TWAMP-Light session cannot be configured on the same port.

  • If a request test session message is received from the TWAMP control client for the same port number that is used by the TWAMP Light test session, then the message will not be accepted.

  • You can configure a maximum of 100 TWAMP Light sessions as allowed by the Control Plane.

  • Custom DSCP values are not supported on TWAMP Light sessions. The DSCP value of the incoming packet is not used to mark the reflected packet. The default DSCP best effort value is marked in the reflected packets.

Configuring TWAMP Light

Procedure

  Command or Action Purpose

Step 1

enable

Example:

Device> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

Example:

Device# configure terminal

Enters global configuration mode.

Step 3

ip sla responder twamp-light test-session 1 local-ip 10.0.0.1 local-port 1234 remote-ip 2.2.2.2 remote-port 3456

Example:

Device(config)#ip sla responder twamp-light test-session 1 
local-ip 10.0.0.1 local-port 1234 remote-ip 2.2.2.2 remote-port 3456

Device(config)#show run | sec twamp-light
ip sla responder twamp-light test-session 1 
local-ip 10.0.0.1 local-port 1234 remote-ip 2.2.2.2 remote-port 3456

Configures the TWAMP Light test session on the Cisco router.

Step 4

end

Example:

Device(config)# end

Returns to privileged EXEC mode.

Verifying TWAMP Light

The show ip sla twamp-light session command displays the TWAMP Light statistics 

Device#show ip sla twamp-light session
Session ID: 1
Status: Active
Mode: Unauthenticated
Local Addr:10.0.0.1
Local Port: 15001
Remote Addr:1.1.1.2
Remote Port: 15002
Test packet received: 100
Test packet sent: 100

Feature Information for IP SLAs TWAMP Responder

The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

Table 2. Feature Information for IP SLAs TWAMP Responder

Feature Name

Releases

Feature Information

IP SLAs TWAMP Responder v1.0

Cisco IOS XE Everest 16.5.1

This feature was introduced on the Cisco ASR 900 Series Aggregation Services Router.

Additional References

Related Documents

Related Topic

Document Title

Cisco IOS commands

Cisco IOS Master Commands List, All Releases

IP SLAs commands

Cisco IOS IP SLAs Command Reference

Standards and RFCs

Standard/RFC

Title

RFC 5357

Two-Way Active Measurement Protocol (TWAMP)

RFC 4656

One-way Active Measurement Protocol (OWAMP)

Technical Assistance

Description

Link

The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

http://www.cisco.com/cisco/web/support/index.html