IETF Logo Mail Archive

Re: [BEHAVE] four data models: SYSLOG, IPFIX, SNMP, RADIUS

Hannes Tschofenig <hannes.tschofenig@gmx.net> Mon, 16 July 2012 18:03 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: behave@ietfa.amsl.com
Delivered-To: behave@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB4EC21F86B3 for <behave@ietfa.amsl.com>; Mon, 16 Jul 2012 11:03:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.627
X-Spam-Level:
X-Spam-Status: No, score=-102.627 tagged_above=-999 required=5 tests=[AWL=-0.028, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tZ45EeYQuQ0Y for <behave@ietfa.amsl.com>; Mon, 16 Jul 2012 11:03:59 -0700 (PDT)
Received: from mailout-de.gmx.net (mailout-de.gmx.net [213.165.64.23]) by ietfa.amsl.com (Postfix) with SMTP id E167021F8680 for <behave@ietf.org>; Mon, 16 Jul 2012 11:03:58 -0700 (PDT)
Received: (qmail invoked by alias); 16 Jul 2012 18:04:24 -0000
Received: from a88-115-216-191.elisa-laajakaista.fi (EHLO [192.168.100.102]) [88.115.216.191] by mail.gmx.net (mp019) with SMTP; 16 Jul 2012 20:04:24 +0200
X-Authenticated: #29516787
X-Provags-ID: V01U2FsdGVkX199v+oHp4F9N6vawZzFufqO8Qd480EMt6r2KdvjM3 NlfFF4vaudF30c
Mime-Version: 1.0 (Apple Message framework v1084)
Content-Type: text/plain; charset="us-ascii"
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
In-Reply-To: <035801cd637c$34df33f0$9e9d9bd0$@com>
Date: Mon, 16 Jul 2012 21:04:22 +0300
Content-Transfer-Encoding: quoted-printable
Message-Id: <0971ABA3-9A9A-46FB-BE12-7A1F27F255D7@gmx.net>
References: <035801cd637c$34df33f0$9e9d9bd0$@com>
To: Dan Wing <dwing@cisco.com>
X-Mailer: Apple Mail (2.1084)
X-Y-GMX-Trusted: 0
Cc: behave@ietf.org
Subject: Re: [BEHAVE] four data models: SYSLOG, IPFIX, SNMP, RADIUS
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Jul 2012 18:04:00 -0000

You of course forgot Diameter: 
http://tools.ietf.org/html/draft-ietf-dime-nat-control-17

Operators deploy different protocols for different purposes. 
The world would be great if everyone could agree to use only one protocol, like in the voice over IP world (for example)...

On Jul 16, 2012, at 8:55 PM, Dan Wing wrote:

> As an individual, I have been worried about the possibility of disparate
> data models for NATs.  We currently have four ways to report information
> about a NAT or other address-sharing device,
> 
> SYSLOG, http://tools.ietf.org/html/draft-zhou-behave-syslog-nat-logging-00
> IPFIX, http://tools.ietf.org/html/draft-sivakumar-behave-nat-logging-05 
> SNMP, http://tools.ietf.org/html/draft-perreault-sunset4-cgn-mib
> RADIUS,
> http://tools.ietf.org/html/draft-cheng-behave-cgn-cfg-radius-ext-03#section-
> 4.2
> 
> My concern is that operators may find it necessary to deploy all four
> protocols (IPFIX, SYSLOG, SNMP, and RADIUS) to get their needed logging and.
> This seems undesirable.  Imagine, for example, that only one of those
> protocols supported pseudo-random port assignment but only one other
> protocol provided alarms for when a subscriber consumed all their ports (and
> thus might open a support case with the operator that "the Internet is
> down").
> 
> Are my concerns misplaced?
> 
> -d
> 
> 
> _______________________________________________
> Behave mailing list
> Behave@ietf.org
> https://www.ietf.org/mailman/listinfo/behave

v2.23.0 | Report a Bug | By Email