Internet Engineering Task Force (IETF)                        M. Linsner
Request for Comments: 7536                                 Cisco Systems
Category: Informational                                       P. Eardley
ISSN: 2070-1721                                             T. Burbridge
                                                             F. Sorensen
                                                                May 2015
Internet Engineering Task Force (IETF)                        M. Linsner
Request for Comments: 7536                                 Cisco Systems
Category: Informational                                       P. Eardley
ISSN: 2070-1721                                             T. Burbridge
                                                             F. Sorensen
                                                                May 2015

Large-Scale Broadband Measurement Use Cases




Measuring broadband performance on a large scale is important for network diagnostics by providers and users, as well as for public policy. Understanding the various scenarios and users of measuring broadband performance is essential to development of the Large-scale Measurement of Broadband Performance (LMAP) framework, information model, and protocol. This document details two use cases that can assist in developing that framework. The details of the measurement metrics themselves are beyond the scope of this document.


Status of This Memo


This document is not an Internet Standards Track specification; it is published for informational purposes.


This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Not all documents approved by the IESG are a candidate for any level of Internet Standard; see Section 2 of RFC 5741.

本文件是互联网工程任务组(IETF)的产品。它代表了IETF社区的共识。它已经接受了公众审查,并已被互联网工程指导小组(IESG)批准出版。并非IESG批准的所有文件都适用于任何级别的互联网标准;见RFC 5741第2节。

Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at


Copyright Notice


Copyright (c) 2015 IETF Trust and the persons identified as the document authors. All rights reserved.

版权所有(c)2015 IETF信托基金和确定为文件作者的人员。版权所有。

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents ( in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.

本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。从本文件中提取的代码组件必须包括信托法律条款第4.e节中所述的简化BSD许可证文本,并提供简化BSD许可证中所述的无担保。

Table of Contents


   1. Introduction ....................................................3
   2. Use Cases .......................................................3
      2.1. Internet Service Provider (ISP) Use Case ...................3
      2.2. Regulator Use Case .........................................4
   3. Details of ISP Use Case .........................................5
      3.1. Understanding the Quality Experienced by Customers .........5
      3.2. Understanding the Impact and Operation of New Devices
           and Technology .............................................6
      3.3. Design and Planning ........................................6
      3.4. Monitoring Service Level Agreements ........................7
      3.5. Identifying, Isolating, and Fixing Network Problems ........7
   4. Details of Regulator Use Case ...................................8
      4.1. Providing Transparent Performance Information ..............8
      4.2. Measuring Broadband Deployment .............................9
      4.3. Monitoring Traffic Management Practices ...................10
   5. Implementation Options .........................................10
   6. Conclusions ....................................................12
   7. Security Considerations ........................................13
   8. Informative References .........................................15
   Contributors ......................................................17
   Authors' Addresses ................................................17
   1. Introduction ....................................................3
   2. Use Cases .......................................................3
      2.1. Internet Service Provider (ISP) Use Case ...................3
      2.2. Regulator Use Case .........................................4
   3. Details of ISP Use Case .........................................5
      3.1. Understanding the Quality Experienced by Customers .........5
      3.2. Understanding the Impact and Operation of New Devices
           and Technology .............................................6
      3.3. Design and Planning ........................................6
      3.4. Monitoring Service Level Agreements ........................7
      3.5. Identifying, Isolating, and Fixing Network Problems ........7
   4. Details of Regulator Use Case ...................................8
      4.1. Providing Transparent Performance Information ..............8
      4.2. Measuring Broadband Deployment .............................9
      4.3. Monitoring Traffic Management Practices ...................10
   5. Implementation Options .........................................10
   6. Conclusions ....................................................12
   7. Security Considerations ........................................13
   8. Informative References .........................................15
   Contributors ......................................................17
   Authors' Addresses ................................................17
1. Introduction
1. 介绍

This document describes two use cases for the Large-scale Measurement of Broadband Performance (LMAP). The use cases contained in this document are (1) the Internet Service Provider Use Case and (2) the Regulator Use Case. In the first, a network operator wants to understand the performance of the network and the quality experienced by customers, while in the second, a regulator wants to provide information on the performance of the ISPs in their jurisdiction. There are other use cases that are not the focus of the initial LMAP work (for example, end users would like to use measurements to help identify problems in their home network and to monitor the performance of their broadband provider); it is expected that the same mechanisms are applicable.


Large-scale measurements raise several security concerns, including privacy issues. These are summarized in Section 7 and considered in further detail in [Framework].


2. Use Cases
2. 用例

From the LMAP perspective, there is no difference between fixed service and mobile (cellular) service used for Internet access. Hence, like measurements will take place on both fixed and mobile networks. Fixed services include technologies like Digital Subscriber Line (DSL), Cable, and Carrier Ethernet. Mobile services include all those advertised as 2G, 3G, 4G, and Long Term Evolution (LTE). A metric defined to measure end-to-end services will execute similarly on all access technologies. Other metrics may be access technology specific. The LMAP architecture covers both IPv4 and IPv6 networks.


2.1. Internet Service Provider (ISP) Use Case
2.1. Internet服务提供商(ISP)用例

A network operator needs to understand the performance of their networks, the performance of the suppliers (downstream and upstream networks), the performance of Internet access services, and the impact that such performance has on the experience of their customers. Largely, the processes that ISPs operate (which are based on network measurement) include:


o Identifying, isolating, and fixing problems, which may be in the network, with the service provider, or in the end-user equipment. Such problems may be common to a point in the network topology (e.g., a single exchange), common to a vendor or equipment type (e.g., line card or home gateway), or unique to a single user line (e.g., copper access). Part of this process may also be helping

o 识别、隔离和修复网络、服务提供商或最终用户设备中可能存在的问题。此类问题可能是网络拓扑中某一点(例如,单个交换机)的常见问题,也可能是供应商或设备类型(例如,线路卡或家庭网关)的常见问题,也可能是单个用户线路的独有问题(例如,铜线接入)。这一过程的一部分可能也会有所帮助

users understand whether the problem exists in their home network or with a third-party application service instead of with their broadband (BB) product.


o Design and planning. Through monitoring the end-user experience, the ISP can design and plan their network to ensure specified levels of user experience. Services may be moved closer to end users, services upgraded, the impact of QoS assessed, or more capacity deployed at certain locations. Service Level Agreements (SLAs) may be defined at network or product boundaries.

o 设计和规划。通过监控最终用户体验,ISP可以设计和规划其网络,以确保特定级别的用户体验。服务可能会更靠近最终用户,服务可能会升级,服务质量的影响可能会评估,或者在某些位置部署更多容量。服务级别协议(SLA)可以在网络或产品边界上定义。

o Understanding the quality experienced by customers. The network operator would like to gain better insight into the end-to-end performance experienced by its customers. "End-to-end" could, for instance, incorporate home and enterprise networks, and the impact of peering, caching, and Content Delivery Networks (CDNs).

o 了解客户体验到的质量。网络运营商希望更好地了解其客户体验的端到端性能。例如,“端到端”可以结合家庭和企业网络,以及对等、缓存和内容交付网络(CDN)的影响。

o Understanding the impact and operation of new devices and technology. As a new product is deployed, or a new technology introduced into the network, it is essential that its operation and its impact are measured. This also helps to quantify the advantage that the new technology is bringing and support the business case for larger roll-out.

o 了解新设备和技术的影响和操作。在部署新产品或将新技术引入网络时,衡量其运行及其影响至关重要。这也有助于量化新技术带来的优势,并为更大规模的推广提供支持。

2.2. Regulator Use Case
2.2. 调节器用例

A regulator may want to evaluate the performance of the Internet access services offered by operators.


While each jurisdiction responds to distinct consumer, industry, and regulatory concerns, much commonality exists in the need to produce datasets that can be used to compare multiple Internet access service providers, diverse technical solutions, geographic and regional distributions, and marketed and provisioned levels and combinations of broadband Internet access services.


Regulators may want to publish performance measures of different ISPs as background information for end users. They may also want to track the growth of high-speed broadband deployment, or to monitor the traffic management practices of Internet providers.


A regulator's role in the development and enforcement of broadband Internet access service policies requires that the measurement approaches meet a high level of verifiability, accuracy, and provider-independence to support valid and meaningful comparisons of Internet access service performance. Standards can help regulators'


shared needs for scalable, cost-effective, scientifically robust solutions to the measurement and collection of broadband Internet access service performance information.


3. Details of ISP Use Case
3. ISP用例的详细信息
3.1. Understanding the Quality Experienced by Customers
3.1. 了解客户体验到的质量

Operators want to understand the quality of experience (QoE) of their broadband customers. The understanding can be gained through a "panel", i.e., measurement probes deployed to several customers. A probe is a device or piece of software that makes measurements and reports the results, under the control of the measurement system. Implementation options are discussed in Section 5. The panel needs to include a representative sample of the operator's technologies and broadband speeds. For instance, it might encompass speeds ranging from below 8 Mbps to over 100 Mbps. The operator would like the end-to-end view of the service, rather than just the access portion. This involves relating the pure network parameters to something like a 'mean opinion score' [MOS], which will be service dependent (for instance, web-browsing QoE is largely determined by latency above a few Mbps).

运营商希望了解其宽带客户的体验质量(QoE)。可以通过“面板”获得理解,即部署到多个客户的测量探头。探针是在测量系统的控制下进行测量并报告结果的设备或软件。第5节讨论了实施方案。该小组需要包括运营商技术和宽带速度的代表性样本。例如,它可能包含从8 Mbps以下到100 Mbps以上的速度。运营商希望看到服务的端到端视图,而不仅仅是访问部分。这涉及到将纯网络参数与“平均意见分数”[MOS]之类的东西相关联,这将取决于服务(例如,web浏览QoE在很大程度上取决于几Mbps以上的延迟)。

An operator will also want compound metrics such as "reliability", which might involve packet loss, DNS failures, retraining of the line, video streaming under-runs, etc.


The operator really wants to understand the end-to-end service experience. However, the home network (Ethernet, Wi-Fi, powerline) is highly variable and outside its control. To date, operators (and regulators) have instead measured performance from the home gateway. However, mobile operators clearly must include the wireless link in the measurement.


Active measurements are the most obvious approach, i.e., special measurement traffic is sent by -- and to -- the probe. In order not to degrade the service of the customer, the measurement data should only be sent when the user is silent, and it shouldn't reduce the customer's data allowance. The other approach is passive measurements on the customer's ordinary traffic; the advantage is that it measures what the customer actually does, but it creates extra variability (different traffic mixes give different results) and, in particular, it raises privacy concerns. [RFC6973] discusses privacy considerations for Internet protocols in general, while [Framework] discusses them specifically for large-scale measurement systems.


From an operator's viewpoint, understanding customer experience enables it to offer better services. Also, simple metrics can be more easily understood by senior managers who make investment decisions and by sales and marketing.


3.2. Understanding the Impact and Operation of New Devices and Technology

3.2. 了解新设备和技术的影响和操作

Another type of measurement is to test new capabilities before they are rolled out. For example, the operator may want to:


o Check whether a customer can be upgraded to a new broadband option.

o 检查客户是否可以升级到新的宽带选项。

o Understand the impact of IPv6 before it is made available to customers. Questions such as these could be assessed: Will v6 packets get through? What will the latency be to major websites? What transition mechanisms will be most appropriate?

o 在向客户提供IPv6之前,了解其影响。可以评估这样的问题:v6数据包能通过吗?主要网站的延迟是什么?什么样的过渡机制最合适?

o Check whether a new capability can be signaled using TCP options (how often it will be blocked by a middlebox -- along the lines of the experiments described in [Extend-TCP]).

o 检查是否可以使用TCP选项向新功能发送信号(它被中间盒阻塞的频率——按照[Extend TCP]中描述的实验路线)。

o Investigate a QoS mechanism (e.g., checking whether Diffserv markings are respected on some path).

o 调查QoS机制(例如,检查在某些路径上是否遵守区分服务标记)。

3.3. Design and Planning
3.3. 设计和规划

Operators can use large-scale measurements to help with their network planning -- proactive activities to improve the network.


For example, by probing from several different vantage points the operator can see that a particular group of customers has performance below that expected during peak hours, which should help with capacity planning. Naturally, operators already have tools to help with this -- a network element reports its individual utilization (and perhaps other parameters). However, making measurements across a path rather than at a point may make it easier to understand the network. There may also be parameters like bufferbloat that aren't currently reported by equipment and/or that are intrinsically path metrics.


With information gained from measurement results, capacity planning and network design can be more effective. Such planning typically uses simulations to emulate the measured performance of the current network and understand the likely impact of new capacity and potential changes to the topology. Simulations, informed by data


from a limited panel of probes, can help quantify the advantage that a new technology brings and support the business case for larger roll-out.


It may also be possible to use probes to run stress tests for risk analysis. For example, an operator could run a carefully controlled and limited experiment in which probing is used to assess the potential impact if some new application becomes popular.


3.4. Monitoring Service Level Agreements
3.4. 监控服务级别协议

Another example is that the operator may want to monitor performance where there is a Service Level Agreement (SLA). This could be with its own customers; in particular, enterprises may have an SLA. The operator can proactively spot when the service is degrading near the point of the SLA limit and get information that will enable more informed conversations with the customer at contract renewal.


An operator may also want to monitor the performance of its suppliers, to check whether they meet their SLA or to compare two suppliers if it is dual-sourcing. This could include its transit operator, CDNs, peering, video source, or local network provider for a global operator in countries where it doesn't have its own network. A virtual operator may monitor the whole underlying network.


Through a better understanding of its own network and its suppliers, the operator should be able to focus investment more effectively -- in the right place at the right time with the right technology.


3.5. Identifying, Isolating, and Fixing Network Problems
3.5. 识别、隔离和修复网络问题

Operators can use large-scale measurements to help identify a fault more rapidly and decide how to solve it.


Operators already have Test and Diagnostic tools, where a network element reports some problem or failure to a management system. However, many issues are not caused by a point failure but something wider and so will trigger too many alarms, while other issues will cause degradation rather than failure and so not trigger any alarm. Large-scale measurements can help provide a more nuanced view that helps network management to identify and fix problems more rapidly and accurately. The network management tools may use simulations to emulate the network and so help identify a fault and assess possible solutions.


An operator can obtain useful information without measuring the performance on every broadband line. By measuring a subset, the operator can identify problems that affect a group of customers. For example, the issue could be at a shared point in the network topology (such as an exchange), or common to a vendor, or equipment type; for instance, [IETF85-Plenary] describes a case where a particular home gateway upgrade had caused a (mistaken!) drop in line rate.


A more extensive deployment of the measurement capability to every broadband line would enable an operator to identify issues unique to a single customer. Overall, large-scale measurements can help an operator fix the fault more rapidly and/or allow the affected customers to be informed of what's happening. More accurate information enables the operator to reassure customers and take more rapid and effective action to cure the problem.


Often, customers experience poor broadband due to problems in the home network -- the ISP's network is fine. For example, they may have moved too far away from their wireless access point. Anecdotally, a large fraction of customer calls about fixed BB problems are due to in-home wireless issues. These issues are expensive and frustrating for an operator, as they are extremely hard to diagnose and solve. The operator would like to narrow down whether the problem is in the home (a problem with the home network, edge device, or home gateway), in the operator's network, or with an application service. The operator would like two capabilities: firstly, self-help tools that customers use to improve their own service or understand its performance better -- for example, to reposition their devices for better Wi-Fi coverage; and secondly, on-demand tests that the operator can run instantly, so that the call center person answering the phone (or e-chat) could trigger a test and get the result while the customer is still in an online session.


4. Details of Regulator Use Case
4. 调节器用例的详细信息
4.1. Providing Transparent Performance Information
4.1. 提供透明的性能信息

Some regulators publish information about the quality of the various Internet access services provided in their national market. Quality information about service offers could include speed, delay, and jitter. Such information can be published to facilitate end users' choice of service provider and offer. Regulators may check the accuracy of the marketing claims of Internet service providers and may also encourage ISPs to all use the same metrics in their service level contracts. The goal of these transparency mechanisms is to promote competition for end users and potentially also help content, application, service, and device providers develop their Internet offerings.


The published information needs to be:


o Accurate - the measurement results must be correct and not influenced by errors or side effects. The results should be reproducible and consistent over time.

o 准确-测量结果必须正确且不受误差或副作用的影响。随着时间的推移,结果应是可重复和一致的。

o Comparable - common metrics should be used across different ISPs and service offerings, and over time, so that measurement results can be compared.

o 可比性-应在不同的ISP和服务产品中使用通用的度量标准,并随着时间的推移使用,以便可以比较度量结果。

o Meaningful - the metrics used for measurements need to reflect what end users value about their broadband Internet access service.

o 有意义-用于测量的指标需要反映最终用户对其宽带互联网接入服务的价值。

o Reliable - the number and distribution of measurement agents, and the statistical processing of the raw measurement data, need to be appropriate.

o 可靠-测量代理的数量和分布以及原始测量数据的统计处理需要适当。

In practical terms, the regulators may measure network performance from users towards multiple content and application providers, including dedicated test measurement servers. Measurement probes are distributed to a 'panel' of selected end users. The panel covers all the operators and packages in the market, spread over urban, suburban, and rural areas, and often includes both fixed and mobile Internet access. Periodic tests running on the probes can, for example, measure actual speed at peak and off-peak hours, but can also measure other detailed quality metrics like delay and jitter. Collected data goes afterwards through statistical analysis, deriving estimates for the whole population. Summary information, such as a service quality index, is published regularly, perhaps alongside more detailed information.


The regulator can also facilitate end users to monitor the performance of their own broadband Internet access service. They might use this information to check that the performance meets that specified in their contract or to understand whether their current subscription is the most appropriate.


4.2. Measuring Broadband Deployment
4.2. 衡量宽带部署

Regulators may also want to monitor the improvement over time of actual broadband Internet access performance in a specific country or a region. The motivation is often to evaluate the effect of the stimulated growth over time, when government has set a strategic goal for high-speed broadband deployment, whether in absolute terms or benchmarked against other countries. An example of such an initiative is [DAE]. The actual measurements can be made in the same way as described in Section 4.1.


4.3. Monitoring Traffic Management Practices
4.3. 监察交通管理措施

A regulator may want to monitor traffic management practices or compare the performance of Internet access service with specialized services offered in parallel to, but separate from, Internet access service (for example, IPTV). A regulator could monitor for departures from application agnosticism such as blocking or throttling of traffic from specific applications, or preferential treatment of specific applications. A measurement system could send, or passively monitor, application-specific traffic and then measure in detail the transfer of the different packets. While it is relatively easy to measure port blocking, how to detect other types of differentiated treatment is a research topic in itself. The "Glasnost: Enabling End Users to Detect Traffic Differentiation" paper [M-Labs_NSDI-2010] and follow-on tool "Glasnost" [Glasnost] provide an example of work in this area.


A regulator could also monitor the performance of the broadband service over time, to try and detect if the specialized service is provided at the expense of the Internet access service. Comparison between ISPs or between different countries may also be relevant for this kind of evaluation.


The motivation for a regulator monitoring such traffic management practices is that regulatory approaches related to net neutrality and the open Internet have been introduced in some jurisdictions. Examples of such efforts are the Internet policy as outlined by the Body of European Regulators for Electronic Communications guidelines for quality of service [BEREC-Guidelines] and the US FCC's "Preserving the Open Internet" Report and Order [FCC-R&O]. Although legal challenges can change the status of policy, the take-away for LMAP purposes is that policy-makers are looking for measurement solutions to assist them in discovering biased treatment of traffic flows. The exact definitions and requirements vary from one jurisdiction to another.


5. Implementation Options
5. 实施方案

There are several ways of implementing a measurement system. The choice may be influenced by the details of the particular use case and what the most important criteria are for the regulator, ISP, or third party operating the measurement system.


One type of probe is a special hardware device that is connected directly to the home gateway. The devices are deployed to a carefully selected panel of end users, and they perform measurements according to a defined schedule. The schedule can run throughout the day, to allow continuous assessment of the network. Careful design


ensures that measurements do not detrimentally impact the home user experience or corrupt the results by testing when the user is also using the broadband line. The system is therefore tightly controlled by the operator of the measurement system. One advantage of this approach is that it is possible to get reliable benchmarks for the performance of a network with only a few devices. One disadvantage is that it would be expensive to deploy hardware devices on a mass scale sufficient to understand the performance of the network at the granularity of a single broadband user.


Another type of probe involves implementing the measurement capability as a webpage or an "app" that end users are encouraged to download onto their mobile phone or computing device. Measurements are triggered by the end user; for example, the user interface may have a button to "test my broadband now." One advantage of this approach is that the performance is measured to the end user, rather than to the home gateway, and so includes the home network. Another difference is that the system is much more loosely controlled, as the panel of end users and the schedule of tests are determined by the end users themselves rather than the measurement system. While this approach makes it easier to make measurements on a large scale, it is harder to get comparable benchmarks, as the measurements are affected by the home network; also, the population is self-selecting and so potentially biased towards those who think they have a problem. This could be alleviated by encouraging widespread downloading of the app and careful post-processing of the results to reduce biases.


There are several other possibilities. For example, as a variant on the first approach, the measurement capability could be implemented as software embedded in the home gateway, which would make it more viable to have the capability on every user line. As a variant on the second approach, the end user could initiate measurements in response to a request from the measurement system.


The operator of the measurement system should be careful to ensure that measurements do not detrimentally impact users. Potential issues include the following:


* Measurement traffic generated on a particular user's line may impact that end user's quality of experience. The danger is greater for measurements that generate a lot of traffic over a lengthy period.

* 特定用户线路上产生的测量流量可能会影响最终用户的体验质量。对于在长时间内产生大量流量的测量,危险更大。

* The measurement traffic may impact that particular user's bill or traffic cap.

* 测量流量可能会影响特定用户的账单或流量上限。

* The measurement traffic from several end users may, in combination, congest a shared link.

* 来自多个终端用户的测量流量组合起来可能会阻塞共享链路。

* The traffic associated with the control and reporting of measurements may overload the network. The danger is greater where the traffic associated with many end users is synchronized.

* 与测量控制和报告相关的流量可能会使网络过载。如果与多个最终用户关联的通信量是同步的,则危险性更大。

6. Conclusions
6. 结论

Large-scale measurements of broadband performance are useful for both network operators and regulators. Network operators would like to use measurements to help them better understand the quality experienced by their customers, identify problems in the network, and design network improvements. Regulators would like to use measurements to help promote competition between network operators, stimulate the growth of broadband access, and monitor 'net neutrality'. There are other use cases that are not the focus of the initial LMAP charter (although it is expected that the mechanisms developed would be readily applied); for example, end users would like to use measurements to help identify problems in their home network and to monitor the performance of their broadband provider.


From consideration of the various use cases, several common themes emerge, while there are also some detailed differences. These characteristics guide the development of LMAP's framework, information model, and protocol.


A measurement capability is needed across a wide number of heterogeneous environments. Tests may be needed in the home network, in the ISP's network, or beyond; they may be measuring a fixed or wireless network; they may measure just the access network or across several networks.


There is a role for both standardized and non-standardized measurements. For example, a regulator would like to publish standardized performance metrics for all network operators, while an ISP may need their own tests to understand some feature special to their network. Most use cases need active measurements, which create and measure specific test traffic, but some need passive measurements of the end user's traffic.


Regardless of the tests being operated, there needs to be a way to demand or schedule the tests. Most use cases need a regular schedule of measurements, but sometimes ad hoc testing is needed -- for example, for troubleshooting. It needs to be ensured that measurements do not affect the user experience and are not affected by user traffic (unless desired). In addition, there needs to be a


common way to collect the results. Standardization of this control and reporting functionality allows the operator of a measurement system to buy the various components from different vendors.


After the measurement results are collected, they need to be understood and analyzed. Often, it is sufficient to measure only a small subset of end users, but per-line fault diagnosis requires the ability to test every individual line. Analysis requires accurate definition and understanding of where the test points are, as well as contextual information about the topology, line, product, and the subscriber's contract. The actual analysis of results is beyond the scope of LMAP, as is the key challenge of how to integrate the measurement system into a network operator's existing tools for diagnostics and network planning.


Finally, the test data, along with any associated network, product, or subscriber contract data, is commercial or private information and needs to be protected.


7. Security Considerations
7. 安全考虑

Large-scale measurements raise several potential security, privacy (data protection) [RFC6973], and business sensitivity issues:


1. A malicious party may try to gain control of probes to launch DoS (Denial of Service) attacks at a target. A DoS attack could be targeted at a particular end user or set of end users, a certain network, or a specific service provider.

1. 恶意方可能试图控制探测器,以在目标上发起DoS(拒绝服务)攻击。DoS攻击的目标可能是特定的最终用户或一组最终用户、特定的网络或特定的服务提供商。

2. A malicious party may try to gain control of probes to create a platform for pervasive monitoring [RFC7258] or for more targeted monitoring. [RFC7258] summarizes the threats as follows: "An attack may change the content of the communication, record the content or external characteristics of the communication, or through correlation with other communication events, reveal information the parties did not intend to be revealed." For example, a malicious party could distribute to the probes a new measurement test that recorded (and later reported) information of maleficent interest. Similar concerns also arise if the measurement results are intercepted or corrupted.

2. 恶意方可能会试图控制探测,以创建一个用于普适监测[RFC7258]或更具针对性监测的平台。[RFC7258]将威胁总结如下:“攻击可能会改变通信内容,记录通信内容或外部特征,或通过与其他通信事件的关联,泄露双方不打算透露的信息。”例如,恶意方可以向探测器分发新的测量测试,该测试记录(并随后报告)恶意信息。如果测量结果被截获或损坏,也会出现类似的问题。

* From the end user's perspective, the concerns include a malicious party monitoring the traffic they send and receive, who they communicate with, the websites they visit, and such information about their behavior as when they are at home and the location of their devices. Some of the concerns may be greater when the probe is on the end user's device rather than on their home gateway.

* 从最终用户的角度来看,问题包括恶意方监控他们发送和接收的流量、他们与谁通信、他们访问的网站,以及他们在家时的行为和设备位置等信息。当探测器在最终用户的设备上而不是在他们的家庭网关上时,一些问题可能会更严重。

* From the network operator's perspective, the concerns include the leakage of commercially sensitive information about the design and operation of their network, their customers, and suppliers. Some threats are indirect; for example, the attacker could reconnoiter potential weaknesses, such as open ports and paths through the network, which enabled it to launch an attack later.

* 从网络运营商的角度来看,问题包括泄露有关其网络、客户和供应商的设计和运营的商业敏感信息。有些威胁是间接的;例如,攻击者可以侦察潜在的弱点,例如开放的端口和通过网络的路径,从而使其能够在以后发起攻击。

* From the regulator's perspective, the concerns include distortion of the measurement tests or alteration of the measurement results. Also, a malicious network operator could try to identify the broadband lines that the regulator was measuring and prioritize that traffic ("game the system").

* 从监管机构的角度来看,关注点包括测量测试的失真或测量结果的变更。此外,恶意网络运营商可能试图识别监管机构正在测量的宽带线路,并对流量进行优先级排序(“游戏系统”)。

3. Another potential issue is a measurement system that does not obtain the end user's informed consent, fails to specify a specific purpose in the consent, or uses the collected information for secondary uses beyond those specified.

3. 另一个潜在问题是测量系统未获得最终用户的知情同意,未在同意书中指定特定用途,或将收集的信息用于指定用途以外的次要用途。

4. Another potential issue is a measurement system that does not indicate who is responsible for the collection and processing of personal data and who is responsible for fulfilling the rights of users. The responsible party (often termed the "data controller") should, as good practice, consider such issues as defining:

4. 另一个潜在问题是一个计量系统,该系统没有指明谁负责收集和处理个人数据,谁负责实现用户的权利。负责方(通常被称为“数据控制器”)应作为良好的实践,考虑定义如下的问题:

o the purpose for which the data is collected and used,

o 收集和使用数据的目的,

o how the data is stored, accessed, and processed,

o 数据的存储、访问和处理方式,

o how long the data is retained, and

o 数据保留的时间,以及

o how the end user can view, update, and even delete their personal data.

o 最终用户如何查看、更新甚至删除其个人数据。

If anonymized personal data is shared with a third party, the data controller should consider the possibility that the third party can de-anonymize it by combining it with other information.


These security and privacy issues will need to be considered carefully by any measurement system. In the context of LMAP, [Framework] considers them further, along with some potential mitigations. Other LMAP documents will specify one or more protocols that enable the measurement system to instruct a probe about what measurements to make and that enable the probe to report the measurement results. Those documents will need to discuss solutions to the security and privacy issues. However, the protocol documents


will not consider the actual usage of the measurement information. Many use cases can be envisaged, and earlier in this document we described some likely ones for the network operator and regulator.


8. Informative References
8. 资料性引用

[IETF85-Plenary] Crawford, S., "Large-Scale Active Measurement of Broadband Networks", 'example' from slide 18, November 2012, < slides-85-iesg-opsandtech-7.pdf>.

[IETF85全体会议]Crawford,S.,“宽带网络的大规模主动测量”,幻灯片18中的“示例”,2012年11月< 幻灯片-85-iesg-opsandtech-7.pdf>。

[Extend-TCP] Honda, M., Nishida, Y., Raiciu, C., Greenhalgh, A., Handley, M., and H. Tokuda, "Is it Still Possible to Extend TCP?", Proceedings of IETF 82, November 2011, <>.

[扩展TCP]本田,M.,西田,Y.,雷丘,C.,格林哈勒,A.,汉德利,M.,和H.德田,“仍然有可能扩展TCP吗?”,IETF 82会议记录,2011年11月<>.

[Framework] Eardley, P., Morton, A., Bagnulo, M., Burbridge, T., Aitken, P., and A. Akhter, "A framework for Large-Scale Measurement of Broadband Performance (LMAP)", Work in Progress, draft-ietf-lmap-framework-14, April 2015.


[RFC6973] Cooper, A., Tschofenig, H., Aboba, B., Peterson, J., Morris, J., Hansen, M., and R. Smith, "Privacy Considerations for Internet Protocols", RFC 6973, July 2013, <>.

[RFC6973]Cooper,A.,Tschofenig,H.,Aboba,B.,Peterson,J.,Morris,J.,Hansen,M.,和R.Smith,“互联网协议的隐私考虑”,RFC 69732013年7月<>.

[RFC7258] Farrell, S. and H. Tschofenig, "Pervasive Monitoring Is an Attack", BCP 188, RFC 7258, May 2014, <>.

[RFC7258]Farrell,S.和H.Tschofenig,“普遍监控是一种攻击”,BCP 188,RFC 7258,2014年5月<>.

[FCC-R&O] United States Federal Communications Commission, "Preserving the Open Internet; Broadband Industries Practices: Report and Order", FCC 10-201, December 2010, < FCC-10-201A1.pdf>.

[FCC-R&O]美国联邦通信委员会,“保护开放互联网;宽带行业实践:报告和命令”,FCC 10-201,2010年12月< FCC-10-201A1.pdf>。

[BEREC-Guidelines] Body of European Regulators for Electronic Communications, "BEREC Guidelines for quality of service in the scope of net neutrality", < document_register/subject_matter/berec/download/0/ 1101-berec-guidelines-for-quality-of-service-_0.pdf>.

[BEREC指南]欧洲电子通信监管机构,“网络中立范围内的BEREC服务质量指南”< 文件\u register/subject\u matter/berec/download/0/1101 berec服务质量指南-\u 0.pdf>。

              M-Lab, "Glasnost: Enabling End Users to Detect Traffic
              Differentiation", <
              M-Lab, "Glasnost: Enabling End Users to Detect Traffic
              Differentiation", <

[Glasnost] M-Lab tool "Glasnost", < tools/glasnost>.

[Glasnost]M-Lab工具“Glasnost”< 工具/glasnost>。

[MOS] Wikipedia, "Mean Opinion Score", January 2015, < title=Mean_opinion_score&oldid=644494161>.

[MOS]维基百科,“平均意见分数”,2015年1月< title=Mean\u opinion\u score&oldid=644494161>。

[DAE] Digital Agenda for Europe, COM(2010)245 final, "Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions", < PDF/?uri=CELEX:52010DC0245&from=EN>.

[DAE]欧洲数字议程,COM(2010)245最终版,“委员会向欧洲议会、理事会、欧洲经济社会委员会和区域委员会的通报”< PDF/?uri=CELEX:52010DC0245&from=EN>。



The information in this document is partially derived from text written by the following contributors:


James Miller


Rachel Huang


Authors' Addresses


Marc Linsner Cisco Systems, Inc. Marco Island, FL United States

Marc Linsner思科系统公司,美国佛罗里达州马可岛


Philip Eardley BT B54 Room 77, Adastral Park, Martlesham Ipswich, IP5 3RE United Kingdom

Philip Eardley BT B54英国IP5 IP5伊普斯威奇市Martlesham Ipswich Adastral公园77室


Trevor Burbridge BT B54 Room 70, Adastral Park, Martlesham Ipswich, IP5 3RE United Kingdom

Trevor Burbridge BT B54英国IP5区伊普斯威奇市马特勒沙姆阿达斯特拉尔公园70室


Frode Sorensen Norwegian Communications Authority (Nkom) Lillesand Norway