Re: [BEHAVE] New Version Notification for draft-sivakumar-behave-nat-logging-04.txt
Senthil Sivakumar <ssenthil@cisco.com> Fri, 15 June 2012 18:52 UTC
Return-Path: <ssenthil@cisco.com>
X-Original-To: behave@ietfa.amsl.com
Delivered-To: behave@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4278811E8097 for <behave@ietfa.amsl.com>; Fri, 15 Jun 2012 11:52:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0aKmBUut-IZG for <behave@ietfa.amsl.com>; Fri, 15 Jun 2012 11:52:35 -0700 (PDT)
Received: from rcdn-iport-4.cisco.com (rcdn-iport-4.cisco.com [173.37.86.75]) by ietfa.amsl.com (Postfix) with ESMTP id 50DA511E8091 for <behave@ietf.org>; Fri, 15 Jun 2012 11:52:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=ssenthil@cisco.com; l=1867; q=dns/txt; s=iport; t=1339786355; x=1340995955; h=date:subject:from:to:message-id:in-reply-to:mime-version: content-transfer-encoding; bh=U8fXuscJCkGyTXoooXGDVReEfo3iFV04uHgN7fxjRNU=; b=MLk69tX6NEfNWYYTdTxVhum0sb8u4yzGSYnxhPyqG/GLh+TybBPDwb4Z PCok/AvgmKkM6T9GZGJRJn9A3oOw+Dyse5+Oioh8wWGiXr9n1Ri9j9eHh 2679Ttp58jW+ScAirtoyxpsEw7qJRdlm9xljXk1QwAWVuo9Dw0bT3zKXd 4=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Ak0JAMGD20+tJV2d/2dsb2JhbAA7CrQjBIEtgQeCHxIBJwIBKhAVCIEdBhMJGYdpC5gpgSigH4s/By6COIMbA5UkgRKEQohDgWaCfIE6
X-IronPort-AV: E=Sophos;i="4.75,779,1330905600"; d="scan'208";a="92915779"
Received: from rcdn-core-6.cisco.com ([173.37.93.157]) by rcdn-iport-4.cisco.com with ESMTP; 15 Jun 2012 18:52:32 +0000
Received: from [10.150.26.7] ([10.150.26.7]) by rcdn-core-6.cisco.com (8.14.5/8.14.5) with ESMTP id q5FIqT9N018085 for <behave@ietf.org>; Fri, 15 Jun 2012 18:52:30 GMT
User-Agent: Microsoft-MacOutlook/14.2.2.120421
Date: Fri, 15 Jun 2012 14:52:28 -0400
From: Senthil Sivakumar <ssenthil@cisco.com>
To: behave@ietf.org
Message-ID: <CBFF8018.21370%ssenthil@cisco.com>
Thread-Topic: New Version Notification for draft-sivakumar-behave-nat-logging-04.txt
In-Reply-To: <20120614154451.20816.50744.idtracker@ietfa.amsl.com>
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
Subject: Re: [BEHAVE] New Version Notification for draft-sivakumar-behave-nat-logging-04.txt
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 Jun 2012 18:52:36 -0000
A new version of the logging draft is posted that is focused towards using IPFIX Information Elements for NAT logging. Please review and provide feedback. Senthil On 6/14/12 11:44 AM, "internet-drafts@ietf.org" <internet-drafts@ietf.org> wrote: > >A new version of I-D, draft-sivakumar-behave-nat-logging-04.txt >has been successfully submitted by Senthil Sivakumar and posted to the >IETF repository. > >Filename: draft-sivakumar-behave-nat-logging >Revision: 04 >Title: IPFIX Information Elements for logging NAT Events >Creation date: 2012-06-14 >WG ID: Individual Submission >Number of pages: 14 >URL: >http://www.ietf.org/internet-drafts/draft-sivakumar-behave-nat-logging-04. >txt >Status: >http://datatracker.ietf.org/doc/draft-sivakumar-behave-nat-logging >Htmlized: >http://tools.ietf.org/html/draft-sivakumar-behave-nat-logging-04 >Diff: >http://tools.ietf.org/rfcdiff?url2=draft-sivakumar-behave-nat-logging-04 > >Abstract: > Carrier grade NAT (CGN) devices are required to log events like > creation and deletion of translations and information about the > resources it is managing. The logs are required in many cases to > identify an attacker or a host that was used to launch malicious > attacks and/or for various other purposes of accounting. Since there > is no standard way of logging this information, different NAT devices > behave differently and hence it is difficult to expect a consistent > behavior. The lack of a consistent way makes it difficult to write > the collector applications that would receive this data and process > it to present useful information. This document describes the > information that is required to be logged by the NAT devices. > > > > > >The IETF Secretariat
- Re: [BEHAVE] New Version Notification for draft-s… Senthil Sivakumar
- Re: [BEHAVE] New Version Notification for draft-s… Simon Perreault
- Re: [BEHAVE] New Version Notification for draft-s… Senthil Sivakumar