Re: [Insipid] [dispatch] Proposed charter for work on logging
"Dawes, Peter, Vodafone Group" <Peter.Dawes@vodafone.com> Wed, 31 July 2013 12:54 UTC
Return-Path: <Peter.Dawes@vodafone.com>
X-Original-To: insipid@ietfa.amsl.com
Delivered-To: insipid@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9167F21F99CD for <insipid@ietfa.amsl.com>; Wed, 31 Jul 2013 05:54:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.542
X-Spam-Level:
X-Spam-Status: No, score=-3.542 tagged_above=-999 required=5 tests=[AWL=-0.943, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fVVHjzEchR7E for <insipid@ietfa.amsl.com>; Wed, 31 Jul 2013 05:54:12 -0700 (PDT)
Received: from mailout07.vodafone.com (mailout07.vodafone.com [195.232.224.76]) by ietfa.amsl.com (Postfix) with ESMTP id 153C821F9DA0 for <insipid@ietf.org>; Wed, 31 Jul 2013 05:54:09 -0700 (PDT)
Received: from mailint07.vodafone.com (localhost [127.0.0.1]) by mailout07.vodafone.com (Postfix) with ESMTP id D7EB422178F for <insipid@ietf.org>; Wed, 31 Jul 2013 14:54:06 +0200 (CEST)
Received: from VOEXC03W.internal.vodafone.com (voexc03w.dc-ratingen.de [145.230.101.23]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by mailint07.vodafone.com (Postfix) with ESMTPS id CAA9322173F; Wed, 31 Jul 2013 14:54:06 +0200 (CEST)
Received: from AVOEXH04W.internal.vodafone.com (145.230.15.136) by VOEXC03W.internal.vodafone.com (145.230.101.23) with Microsoft SMTP Server (TLS) id 14.3.146.2; Wed, 31 Jul 2013 14:54:06 +0200
Received: from VOEXM31W.internal.vodafone.com ([169.254.7.36]) by AVOEXH04W.internal.vodafone.com ([145.230.15.136]) with mapi id 14.03.0146.002; Wed, 31 Jul 2013 14:54:05 +0200
From: "Dawes, Peter, Vodafone Group" <Peter.Dawes@vodafone.com>
To: "Javier Martinez (mjavier)" <mjavier@cisco.com>, "Vijay K. Gurbani" <vkg@bell-labs.com>, "insipid@ietf.org" <insipid@ietf.org>
Thread-Topic: [dispatch] Proposed charter for work on logging
Thread-Index: Ac4LyOtf/7ujcRPHQoOZ6+wpJgfGIAR6wVFQEpuAXZAAEl09AAFUv0EQATHPHoAG2YcJIA==
Date: Wed, 31 Jul 2013 12:54:05 +0000
Message-ID: <4A4F136CBD0E0D44AE1EDE36C4CD9D996EE917F3@VOEXM31W.internal.vodafone.com>
References: <EDC0A1AE77C57744B664A310A0B23AE210701601FC@FRMRSSXCHMBSC3.dc-m.alcatel-lucent.com> <949EF20990823C4C85C18D59AA11AD8BF1BA@FR712WXCHMBA11.zeu.alcatel-lucent.com> <4A4F136CBD0E0D44AE1EDE36C4CD9D996EE6D673@VOEXM31W.internal.vodafone.com> <51BA382E.4040605@bell-labs.com> <4A4F136CBD0E0D44AE1EDE36C4CD9D996EE6EC89@VOEXM31W.internal.vodafone.com> <040624DCD17A4644A389FC9078A50B7541011B@xmb-rcd-x10.cisco.com>
In-Reply-To: <040624DCD17A4644A389FC9078A50B7541011B@xmb-rcd-x10.cisco.com>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [Insipid] [dispatch] Proposed charter for work on logging
X-BeenThere: insipid@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: SIP Session-ID discussion list <insipid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/insipid>, <mailto:insipid-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/insipid>
List-Post: <mailto:insipid@ietf.org>
List-Help: <mailto:insipid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/insipid>, <mailto:insipid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Jul 2013 12:54:17 -0000
Hi Javier, I am replying on the insipid mailing list as discussion has moved here from dispatch. The scenario you describe is what motivated the requirements draft and it would be very helpful to hear your views as discussion progresses. Regards, Peter -----Original Message----- From: Javier Martinez (mjavier) [mailto:mjavier@cisco.com] Sent: 26 June 2013 19:56 To: Dawes, Peter, Vodafone Group; Vijay K. Gurbani; dispatch@ietf.org Subject: RE: [dispatch] Proposed charter for work on logging Hi Peter, I agree with the utility of the marker proposal. In large SIP network deployments it is a challenge collecting logs and debug traces during trouble shooting sessions, even with a single vendor deployments. In most situations you end up with large amounts of data to sort through to extract the sessions, or files of interest from multiple boxes, in others you end up missing pieces of information. There is a need for an automated way to extract the specific logs of interest in multi-vendor deployments. This proposal is also a great complement to the "End-to-End Session Id" proposal. I would be glad to help in any way to get an implementation proposal going, Regards Javier -----Original Message----- From: dispatch-bounces@ietf.org [mailto:dispatch-bounces@ietf.org] On Behalf Of Dawes, Peter, Vodafone Group Sent: Thursday, June 20, 2013 8:05 AM To: Vijay K. Gurbani; dispatch@ietf.org Subject: Re: [dispatch] Proposed charter for work on logging Hi Vijay, The utility of a marker is that currently there is no SIP protocol mechanism to indicate that signalling is of interest to logging, so it is not a logging format issue but an issue of making regression testing and troubleshooting scaleable by not having to log everything. Thanks for the pointer to RFC 6872, I will take a look at it. Regards, Peter -----Original Message----- From: dispatch-bounces@ietf.org [mailto:dispatch-bounces@ietf.org] On Behalf Of Vijay K. Gurbani Sent: 13 June 2013 22:23 To: dispatch@ietf.org Subject: Re: [dispatch] Proposed charter for work on logging On 06/13/2013 06:17 AM, Dawes, Peter, Vodafone Group wrote: > Hello All, Following on from the comments at IETF#86 > (http://www.ietf.org/proceedings/86/minutes/minutes-86-dispatch), > where there was mild support for working on logging, I have updated > the log me requirements draft with 3 potential solutions (in clause > 7) which can meet the requirements > (http://www.ietf.org/internet-drafts/draft-dawes-dispatch-logme-reqs-02.txt). > Opinions and comments on these or any other potential solutions would > be very welcome. Peter: I am not being a contrarian, just being curious. What is the utility of a log-me marker if all traffic is logged through a mechanism such as SIP CLF? > It was commented at IETF#86 that a security analysis is needed so I > would like to understand if any scenarios exist with potential > security threats in order to add them to requirements. In many cases, > a network simply logs the signalling that passes through it so no new > security issues are created. Collecting end-to-end logging for > signalling that crosses multiple networks must not compromise security > or privacy, but I would expect networks to remove any security > sensitive fields before forwarding signalling regardless of whether > that signalling is of interest to logging. We went through discussions related to all of the above points during the SIP CLF work. See the Security Consideration section of [1]; it may provide you some answers. [1] http://tools.ietf.org/html/rfc6872 Thanks, - vijay -- Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent 1960 Lucent Lane, Rm. 9C-533, Naperville, Illinois 60563 (USA) Email: vkg@{bell-labs.com,acm.org} / vijay.gurbani@alcatel-lucent.com Web: http://ect.bell-labs.com/who/vkg/ | Calendar: http://goo.gl/x3Ogq _______________________________________________ dispatch mailing list dispatch@ietf.org https://www.ietf.org/mailman/listinfo/dispatch _______________________________________________ dispatch mailing list dispatch@ietf.org https://www.ietf.org/mailman/listinfo/dispatch
- Re: [Insipid] [dispatch] Proposed charter for wor… Dawes, Peter, Vodafone Group