[BEHAVE] NAT logging drafts
Dave Thaler <dthaler@microsoft.com> Fri, 18 January 2013 23:48 UTC
Return-Path: <dthaler@microsoft.com>
X-Original-To: behave@ietfa.amsl.com
Delivered-To: behave@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7151521F84B6 for <behave@ietfa.amsl.com>; Fri, 18 Jan 2013 15:48:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.598
X-Spam-Level:
X-Spam-Status: No, score=-102.598 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yegZVeBCoKMd for <behave@ietfa.amsl.com>; Fri, 18 Jan 2013 15:47:59 -0800 (PST)
Received: from na01-by2-obe.outbound.protection.outlook.com (na01-by2-obe.ptr.protection.outlook.com [207.46.100.32]) by ietfa.amsl.com (Postfix) with ESMTP id BFD1E21F8495 for <behave@ietf.org>; Fri, 18 Jan 2013 15:47:56 -0800 (PST)
Received: from BL2FFO11FD004.protection.gbl (10.173.161.203) by BL2FFO11HUB038.protection.gbl (10.173.160.242) with Microsoft SMTP Server (TLS) id 15.0.596.13; Fri, 18 Jan 2013 23:47:54 +0000
Received: from TK5EX14HUBC106.redmond.corp.microsoft.com (131.107.125.37) by BL2FFO11FD004.mail.protection.outlook.com (10.173.160.104) with Microsoft SMTP Server (TLS) id 15.0.596.13 via Frontend Transport; Fri, 18 Jan 2013 23:47:54 +0000
Received: from TK5EX14MLTW652.wingroup.windeploy.ntdev.microsoft.com (157.54.71.68) by TK5EX14HUBC106.redmond.corp.microsoft.com (157.54.80.61) with Microsoft SMTP Server (TLS) id 14.2.318.3; Fri, 18 Jan 2013 23:47:28 +0000
Received: from TK5EX14MBXW603.wingroup.windeploy.ntdev.microsoft.com ([169.254.3.35]) by TK5EX14MLTW652.wingroup.windeploy.ntdev.microsoft.com ([157.54.71.68]) with mapi id 14.02.0328.011; Fri, 18 Jan 2013 15:47:28 -0800
From: Dave Thaler <dthaler@microsoft.com>
To: "behave@ietf.org" <behave@ietf.org>
Thread-Topic: NAT logging drafts
Thread-Index: Ac311HcfR1GOEr0gTyyHDptnpCHF+g==
Date: Fri, 18 Jan 2013 23:47:27 +0000
Message-ID: <341064315C6D0D498193B256F238CF972E8CBD@TK5EX14MBXW603.wingroup.windeploy.ntdev.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.90]
Content-Type: multipart/alternative; boundary="_000_341064315C6D0D498193B256F238CF972E8CBDTK5EX14MBXW603win_"
MIME-Version: 1.0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(47736001)(44976002)(46102001)(59766001)(56816002)(74502001)(31966008)(4396001)(15202345001)(53806001)(77982001)(54356001)(56776001)(47446002)(51856001)(5343655001)(50986001)(74662001)(16406001)(16236675001)(49866001)(54316002)(55846006)(79102001)(512954001)(33656001)(76482001)(47976001)(5343635001); DIR:OUT; SFP:; SCL:1; SRVR:BL2FFO11HUB038; H:TK5EX14HUBC106.redmond.corp.microsoft.com; LANG:en;
X-OriginatorOrg: microsoft.onmicrosoft.com
X-Forefront-PRVS: 0730093765
Subject: [BEHAVE] NAT logging drafts
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Jan 2013 23:48:00 -0000
We have two individual drafts under discussion: * draft-sivakumar-behave-nat-logging (using IPFIX) * draft-zhou-behave-syslog-nat-logging (using SYSLOG) Based on the WG discussion to date, we as chairs are fine adopting both documents as WG documents (so the next rev can be draft-ietf-behave-...-00) with the following constraints... The two documents appear to target the same scenario but expose different information. Our expectation is that the two mechanisms will either be consistent (as much as allowed by the underlying protocols) or else they will motivate why their scenarios are inherently different. This is a requirement before going to WGLC. At next IETF, we would like to see a presentation on the differences in the data/events exposed by the two drafts, where the authors of both drafts agree on what the differences are. We can then use the meeting to discuss what the right way to address each difference is. -Dave and Dan
- [BEHAVE] NAT logging drafts Dave Thaler
- Re: [BEHAVE] NAT logging drafts Senthil Sivakumar (ssenthil)
- Re: [BEHAVE] NAT logging drafts Zhouqian (Cathy)