Re: [BEHAVE] NAT logging drafts
"Zhouqian (Cathy)" <cathy.zhou@huawei.com> Mon, 21 January 2013 06:01 UTC
Return-Path: <cathy.zhou@huawei.com>
X-Original-To: behave@ietfa.amsl.com
Delivered-To: behave@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1D9F821F8820 for <behave@ietfa.amsl.com>; Sun, 20 Jan 2013 22:01:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.598
X-Spam-Level:
X-Spam-Status: No, score=-6.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NEtmFoM45gRQ for <behave@ietfa.amsl.com>; Sun, 20 Jan 2013 22:01:51 -0800 (PST)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) by ietfa.amsl.com (Postfix) with ESMTP id 7298E21F86FF for <behave@ietf.org>; Sun, 20 Jan 2013 22:01:50 -0800 (PST)
Received: from 172.18.7.190 (EHLO lhreml203-edg.china.huawei.com) ([172.18.7.190]) by lhrrg01-dlp.huawei.com (MOS 4.3.5-GA FastPath queued) with ESMTP id AOY63086; Mon, 21 Jan 2013 06:01:47 +0000 (GMT)
Received: from LHREML402-HUB.china.huawei.com (10.201.5.241) by lhreml203-edg.huawei.com (172.18.7.221) with Microsoft SMTP Server (TLS) id 14.1.323.7; Mon, 21 Jan 2013 06:01:39 +0000
Received: from SZXEML453-HUB.china.huawei.com (10.82.67.196) by lhreml402-hub.china.huawei.com (10.201.5.241) with Microsoft SMTP Server (TLS) id 14.1.323.7; Mon, 21 Jan 2013 06:01:45 +0000
Received: from SZXEML527-MBX.china.huawei.com ([169.254.3.141]) by SZXEML453-HUB.china.huawei.com ([10.82.67.196]) with mapi id 14.01.0323.007; Mon, 21 Jan 2013 14:01:38 +0800
From: "Zhouqian (Cathy)" <cathy.zhou@huawei.com>
To: "Senthil Sivakumar (ssenthil)" <ssenthil@cisco.com>, Dave Thaler <dthaler@microsoft.com>, "behave@ietf.org" <behave@ietf.org>
Thread-Topic: [BEHAVE] NAT logging drafts
Thread-Index: Ac311HcfR1GOEr0gTyyHDptnpCHF+gAjLJCAAE6iD2A=
Date: Mon, 21 Jan 2013 06:01:38 +0000
Message-ID: <A6A061BEE5DDC94A9692D9D81AF776DF2D562F6A@szxeml527-mbx.china.huawei.com>
References: <341064315C6D0D498193B256F238CF972E8CBD@TK5EX14MBXW603.wingroup.windeploy.ntdev.microsoft.com> <CB1B483277FEC94E9B58357040EE5D0232384FCF@xmb-rcd-x15.cisco.com>
In-Reply-To: <CB1B483277FEC94E9B58357040EE5D0232384FCF@xmb-rcd-x15.cisco.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.66.77.118]
Content-Type: multipart/alternative; boundary="_000_A6A061BEE5DDC94A9692D9D81AF776DF2D562F6Aszxeml527mbxchi_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Subject: Re: [BEHAVE] NAT logging drafts
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Jan 2013 06:01:53 -0000
From: behave-bounces@ietf.org [mailto:behave-bounces@ietf.org] On Behalf Of Senthil Sivakumar (ssenthil) Sent: Saturday, January 19, 2013 11:22 PM To: Dave Thaler; behave@ietf.org Subject: Re: [BEHAVE] NAT logging drafts From: Dave Thaler <dthaler@microsoft.com<mailto:dthaler@microsoft.com>> Date: Friday, January 18, 2013 6:47 PM To: "behave@ietf.org<mailto:behave@ietf.org>" <behave@ietf.org<mailto:behave@ietf.org>> Subject: [BEHAVE] NAT logging drafts We have two individual drafts under discussion: * draft-sivakumar-behave-nat-logging (using IPFIX) * draft-zhou-behave-syslog-nat-logging (using SYSLOG) Based on the WG discussion to date, we as chairs are fine adopting both documents as WG documents (so the next rev can be draft-ietf-behave-...-00) with the following constraints... The two documents appear to target the same scenario but expose different information. Our expectation is that the two mechanisms will either be consistent (as much as allowed by the underlying protocols) or else they will motivate why their scenarios are inherently different. This is a requirement before going to WGLC. [Senthil] One of the key differences is that draft-sivakumar is broader in scope including both CGN and non-CGN logging. Even with CGN logging, the destination address/ports may be a requirement In some deployments that the draft-zhou does not seem to address. The other events like address exhaustion and other resource exhaustion is not addressed in draft-zhou. [Cathy] The essential difference between the two drafts is just the protocol used: IPFIX vs. SYSLOG. In doing the SYSLOG draft, we took a conservative approach because we had been warned in prior discussion that every operator had its own requirements. We are quite happy to add any additional information that the Working Group sees as desirable. At next IETF, we would like to see a presentation on the differences in the data/events exposed by the two drafts, where the authors of both drafts agree on what the differences are. We can then use the meeting to discuss what the right way to address each difference is. [Senthil] Ok. [Cathy]Ok. Best Regards, Cathy Thanks Senthil -Dave and Dan
- [BEHAVE] NAT logging drafts Dave Thaler
- Re: [BEHAVE] NAT logging drafts Senthil Sivakumar (ssenthil)
- Re: [BEHAVE] NAT logging drafts Zhouqian (Cathy)