Re: [IPFIX] ipNextHopIPv6Address reported address

Nick Brown <brownn@Brocade.com> Mon, 08 June 2015 13:07 UTC

Return-Path: <brownn@Brocade.com>
X-Original-To: ipfix@ietfa.amsl.com
Delivered-To: ipfix@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 739331A8702 for <ipfix@ietfa.amsl.com>; Mon, 8 Jun 2015 06:07:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.443
X-Spam-Level:
X-Spam-Status: No, score=0.443 tagged_above=-999 required=5 tests=[BAYES_50=0.8, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_SUBJ_BRKN_WORDNUMS=0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rVwWsGVJnpLd for <ipfix@ietfa.amsl.com>; Mon, 8 Jun 2015 06:07:52 -0700 (PDT)
Received: from mx0b-000f0801.pphosted.com (mx0b-000f0801.pphosted.com [67.231.152.113]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B4C3F1A86FD for <ipfix@ietf.org>; Mon, 8 Jun 2015 06:07:52 -0700 (PDT)
Received: from pps.filterd (m0048192.ppops.net [127.0.0.1]) by mx0b-000f0801.pphosted.com (8.14.7/8.14.7) with SMTP id t58Cplkp024205; Mon, 8 Jun 2015 06:07:51 -0700
Received: from hq1wp-exchub02.corp.brocade.com ([144.49.131.13]) by mx0b-000f0801.pphosted.com with ESMTP id 1uvfv1aw98-13 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Mon, 08 Jun 2015 06:07:51 -0700
Received: from BRMWP-EXCHUB02.corp.brocade.com (172.16.187.99) by HQ1WP-EXCHUB02.corp.brocade.com (10.70.38.101) with Microsoft SMTP Server (TLS) id 14.3.123.3; Mon, 8 Jun 2015 06:07:43 -0700
Received: from BRMWP-EXMB12.corp.brocade.com (172.16.59.130) by BRMWP-EXCHUB02.corp.brocade.com (172.16.187.99) with Microsoft SMTP Server (TLS) id 14.3.123.3; Mon, 8 Jun 2015 07:04:24 -0600
Received: from BRMWP-EXMB11.corp.brocade.com (172.16.59.77) by BRMWP-EXMB12.corp.brocade.com (172.16.59.130) with Microsoft SMTP Server (TLS) id 15.0.1044.25; Mon, 8 Jun 2015 07:04:23 -0600
Received: from BRMWP-EXMB11.corp.brocade.com ([fe80::39a0:e6f2:6a5c:18a9]) by BRMWP-EXMB11.corp.brocade.com ([fe80::39a0:e6f2:6a5c:18a9%23]) with mapi id 15.00.1044.021; Mon, 8 Jun 2015 07:04:22 -0600
From: Nick Brown <brownn@Brocade.com>
To: "ietf@trammell.ch" <ietf@trammell.ch>
Thread-Topic: [IPFIX] ipNextHopIPv6Address reported address
Thread-Index: AQHQnragxqZ09DJjskmUvYozM+6f7J2cwR2AgAY9UIA=
Date: Mon, 8 Jun 2015 13:04:21 +0000
Message-ID: <1433768661.3691.14.camel@brocade.com>
References: <1433416039.22978.70.camel@brocade.com> <F8E56235-E3CD-433F-859E-616EA7124C19@trammell.ch>
In-Reply-To: <F8E56235-E3CD-433F-859E-616EA7124C19@trammell.ch>
Accept-Language: en-GB, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.27.212.51]
Content-Type: text/plain; charset="utf-8"
Content-ID: <0D71259A7424A545B2CE86A0C606142A@brocade.local>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.14.151, 1.0.33, 0.0.0000 definitions=2015-06-08_06:2015-06-08,2015-06-08,1970-01-01 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1402240000 definitions=main-1506080216
Archived-At: <http://mailarchive.ietf.org/arch/msg/ipfix/IgmhojwlrpWXzURExy2dKmFypXI>
Cc: Derek Fawcus <dfawcus@Brocade.com>, Luca Boccassi <lboccass@Brocade.com>, Paul Atkins <patkins@Brocade.com>, "ipfix@ietf.org" <ipfix@ietf.org>, Doug Gordon <dgordon@Brocade.com>
Subject: Re: [IPFIX] ipNextHopIPv6Address reported address
X-BeenThere: ipfix@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: Nick Brown <brownn@Brocade.com>
List-Id: IPFIX WG discussion list <ipfix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipfix>, <mailto:ipfix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipfix/>
List-Post: <mailto:ipfix@ietf.org>
List-Help: <mailto:ipfix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipfix>, <mailto:ipfix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Jun 2015 13:07:58 -0000

On Thu, 2015-06-04 at 15:47 +0200, Brian Trammell wrote:
> > On 04 Jun 2015, at 13:07, Nick Brown <brownn@Brocade.com> wrote:
> > 
> > Hi All,
> > 
> > In a sentence, is it expected that ipNextHopIPv6Address should report
> > the global ipv6 address of the next hop when it has one, or may the link
> > local address be reported instead?
> > http://tools.ietf.org/html/rfc5102#section-5.7.3
> 
> First, the proper reference for the definitions of IEs in the IPFIX information model is http://www.iana.org/assignments/ipfix/ipfix.xhtml; per 7012, 5102 is no longer considered authoritative for IE definitions.
> 
> (In this case, though, this is an admittedly pedantic distinction; the content is identical).
> 
> > There are obvious cases where the next hop may only have link local
> > address, if example it's only configured that way. But in other cases
> > where it may have both a link local and global address it's often the
> > case that routing protocols may use local addresses to setup the
> > forwarding plane where traffic is being observed. Thus at the point in
> > the forwarding path that traffic is being observed this all that is
> > available, and it's not apparent that a mapping from link local address
> > to global address (where is exists) can be done.
> 
> The way I read this, if the address is not being changed as part of the packet handing (on which see the fifth point in section 2.3 of RFC 7012), the address to report is the address the packets are sent to in the context of the egress interface. If the connection between the device the MP is on and the next hop has link-local addresses only, then the link-local address is the correct one to export.

ipNextHopIPv6Address is a derived field, derived from the treatment of
the packet by the switching path that constitutes our Observation point.
While at the global network level and possibly at the configuration
level of the IPFIX Device's Metering Process the interface of the Next
Hop may have both a link local IPV6 address and global IPV6 address, the
only one readily available to the Metering Process is the link local
address used by the switching path to do it's work, so that is what we
report.

Cheers,
Nick