[IPFIX] R: New AD review of draft-ietf-ipfix-flow-selection-tech-10.txt

"Salvatore D'Antonio" <salvatore.dantonio@uniparthenope.it> Mon, 05 November 2012 15:04 UTC

Return-Path: <salvatore.dantonio@uniparthenope.it>
X-Original-To: ipfix@ietfa.amsl.com
Delivered-To: ipfix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A10A021F849C for <ipfix@ietfa.amsl.com>; Mon, 5 Nov 2012 07:04:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.269
X-Spam-Level:
X-Spam-Status: No, score=-1.269 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, GB_I_LETTER=-2, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245, HTML_MESSAGE=0.001, MSGID_MULTIPLE_AT=1.449]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Sokxd2x5Lw+U for <ipfix@ietfa.amsl.com>; Mon, 5 Nov 2012 07:04:03 -0800 (PST)
Received: from mail.uniparthenope.it (mail.uniparthenope.it [192.167.9.244]) by ietfa.amsl.com (Postfix) with ESMTP id 6DB5121F849A for <ipfix@ietf.org>; Mon, 5 Nov 2012 07:04:02 -0800 (PST)
Received: from mail2.uniparthenope.it (unknown [10.1.2.108]) by mail.uniparthenope.it (Postfix) with SMTP id 36D8215B45; Mon, 5 Nov 2012 15:04:00 +0000 (UTC)
Received: from (unknown [192.168.241.108]) by mail2.uniparthenope.it with smtp id 1d8b_072de1ac_275a_11e2_9101_001372515a5c; Mon, 05 Nov 2012 16:03:58 +0100
Received: from spamk.uniparthenope.it (localhost [127.0.0.1]) by spamk.uniparthenope.it (Postfix) with ESMTP id 6F041C42EE; Mon, 5 Nov 2012 16:03:50 +0100 (CET)
Received: by spamk.uniparthenope.it (Postfix, from userid 500) id 6C0B8C432A; Mon, 5 Nov 2012 16:03:50 +0100 (CET)
Received: from mail.uniparthenope.it (mail.uniparthenope.it [192.167.9.244]) by spamk.uniparthenope.it (Postfix) with ESMTP id 65B03C4328; Mon, 5 Nov 2012 16:03:44 +0100 (CET)
Received: from saldantoPC (unknown [10.100.9.102]) (Authenticated sender: salvatore.dantonio@uniparthenope.it) by mail.uniparthenope.it (Postfix) with ESMTPA id 3234215C79; Mon, 5 Nov 2012 16:03:53 +0100 (CET)
From: Salvatore D'Antonio <salvatore.dantonio@uniparthenope.it>
To: 'Benoit Claise' <bclaise@cisco.com>, ipfix@ietf.org, draft-ietf-ipfix-flow-selection-tech@tools.ietf.org
References: <4FC74398.50805@cisco.com> <4FC89B99.40107@cisco.com> <506DA106.5060705@cisco.com> <50904E1D.7060909@cisco.com>
In-Reply-To: <50904E1D.7060909@cisco.com>
Date: Mon, 05 Nov 2012 16:03:53 +0100
MIME-Version: 1.0
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: Ac227+sEZJvYKDxAS/GY4C/oLok6KAEbv9AA
Content-Language: it
Message-ID: <007301cdbb66$c58d6a10$50a83e30$@dantonio>
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0074_01CDBB6F.2751D210"
X-Anti-Virus: Kaspersky Anti-Virus for Linux Mail Server 5.6.42/RELEASE, bases: 20121105 #8315384, check: 20121105 clean
Cc: ipfix-chairs@tools.ietf.org
Subject: [IPFIX] R: New AD review of draft-ietf-ipfix-flow-selection-tech-10.txt
X-BeenThere: ipfix@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IPFIX WG discussion list <ipfix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipfix>, <mailto:ipfix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipfix>
List-Post: <mailto:ipfix@ietf.org>
List-Help: <mailto:ipfix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipfix>, <mailto:ipfix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Nov 2012 15:04:09 -0000

Dear Benoit,

 

My comments to your comments inline.

 

Da: Benoit Claise [mailto:bclaise@cisco.com] 
Inviato: martedì 30 ottobre 2012 23:01
A: ipfix@ietf.org; draft-ietf-ipfix-flow-selection-tech@tools.ietf.org
Cc: ipfix-chairs@tools.ietf.org
Oggetto: Re: [IPFIX] New AD review of
draft-ietf-ipfix-flow-selection-tech-10.txt

 

Dear draft-ietf-ipfix-flow-selection-tech authors,

I was expecting a quick discussion on the very few remaining issues...
That has not happened.
The draft status is: AD evaluation, Revised ID Needed.

Regards, Benoit

Dear authors,

The draft improved quite dramatically. 
Thanks for that.
See in line for some more comments. I removed all unnecessary text.

Dear authors,

I'm performing the (new) AD review of
draft-ietf-ipfix-flow-selection-tech-10.txt
Lucky you, an extra pair of eyes specifically looking at your draft 

If some points have been discussed already on the mailing list, let me know.
I have to admit that I have not been following the latest iterations of this
draft.

IMHO, this document needs some more work... 
I don't think that this document is really in line with the other
Intermediate Processes documents: 
    http://tools.ietf.org/html/rfc6235
    http://tools.ietf.org/html/draft-ietf-ipfix-a9n-03
Note that I might have some more comments once all the points in this email
are addressed, as there are many ;-)
However, I'm available for a conf. call to clarify my points if you want to 

See in-line. 

...



     8.2.  Registration of Object Identifier  . . . . . . . . . . . . 32 
   9.  Security Considerations  . . . . . . . . . . . . . . . . . . . 32 
   10. Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . . 34 
   11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 34 
     11.1. Normative References . . . . . . . . . . . . . . . . . . . 34 
     11.2. Informative References . . . . . . . . . . . . . . . . . . 34 
   Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 35 

Don't you have to include the non-normative XML in the appendix, as it was
done for RFC5102, RFC5103? 

 

I will do in the next version of the ID. 



2.  Terminology 

   This document is consistent with the terminology introduced in 
   [RFC5101], [RFC5470], [RFC5475] and [RFC3917].  As in [RFC5101] and 
   [RFC5476], the first letter of each IPFIX-specific and PSAMP-specific 
   term is capitalized along with the flow selection specific terms 
   defined here. 


   * Packet Classification 

      Packet Classification is a process by which packets are mapped to 
      specific Flow Records based on packet properties or external 
      properties (e.g. interface).  The properties (e.g. header 
      information, packet content, AS number) make up the Flow Key. In 
      case a Flow Record for a specific Flow Key already exists the Flow 
      Record is updated, otherwise a new Flow Record is created. 


How is this different that the Metering Process (RFC5101)?

   Metering Process
 
      The Metering Process generates Flow Records.  Inputs to the
      process are packet headers and characteristics observed at an
      Observation Point, and packet treatment at the Observation Point
      (for example, the selected output interface).
 
      The Metering Process consists of a set of functions that includes
      packet header capturing, timestamping, sampling, classifying, and
      maintaining Flow Records.
 
      The maintenance of Flow Records may include creating new records,
      updating existing ones, computing Flow statistics, deriving
      further Flow properties, detecting Flow expiration, passing Flow
      Records to the Exporting Process, and deleting Flow Records.

What is the connection with the Metering Process?
Figure 1 seems to suggest that Packet Classification is a subset of the
Metering Process...

not sure that one was answered.

Yes. I already answered. Packet Classification is a function of the Metering
process. Your interpretation is correct.







   * Packet Aggregation Process 

      In the IPFIX Metering Process the Packet Aggregation Process 
      aggregates packet data into flow data and forms the Flow Records. 

How is this different from the Metering Process?

the "Packet Aggregation Process" is not used in the document. Why do we need
it?



I agree with you. We do not need such definition. I will remove it in the
new version of the ID. 





      After the aggregation step only the aggregated flow information is 
      available.  Information about individual packets is lost. 




Intermediate Flow Selection Process: an Intermediate Process as in
      [RFC6183 <http://tools.ietf.org/html/rfc6183> ] that ...
 

 

The new definition improved a lot:

 * Intermediate Flow Selection Process
 
      An Intermediate Flow Selection Process takes Flow Records as its
      input and selects a subset of this set as its output.
      Intermediate Flow Selection Process is a more general concept than
      Intermediate Selection Process as defined in [RFC6183
<http://tools.ietf.org/html/rfc6183> ].  While an
      Intermediate Selection Process selects Flow Records from a
      sequence based upon criteria-evaluated Flow record values and
      passes only those Flow Records that match the criteria, an
      Intermediate Flow Selection Process selects Flow Records using
      selection criteria applicable to a larger set of Flow
      characteristics and information.

But is there a reason why this definition can't be based on "intermediate
Process" from RFC 6183:

Intermediate Process
 
      An Intermediate Process takes a record stream as its input from
      Collecting Processes, Metering Processes, IPFIX File Readers,
      other Intermediate Processes, or other record sources; performs
      some transformations on this stream based upon the content of each
      record, states maintained across multiple records, or other data
      sources; and passes the transformed record stream as its output to
      Exporting Processes, IPFIX File Writers, or other Intermediate
      Processes in order to perform IPFIX Mediation.  Typically, an
      Intermediate Process is hosted by an IPFIX Mediator.
      Alternatively, an Intermediate Process may be hosted by an
      Original Exporter.
 
According to the definition of “Intermediate Process” from RFC 6183, such a
process is typically hosted by an IPFIX Mediator. Alternatively, it may be
hosted by an Original Exporter. In my view, an Intermediate Flow Selection
Process could be also hosted by a Collector.
 

So 

 * Intermediate Flow Selection Process
 
      An Intermediate Flow Selection Process is an Intermediate Process as
in
      [RFC6183 <http://tools.ietf.org/html/rfc6183> ] that takes Flow
Records as its
      input and selects a subset of this set as its output.
      Intermediate Flow Selection Process is a more general concept than
      Intermediate Selection Process as defined in [RFC6183
<http://tools.ietf.org/html/rfc6183> ].  While an
      Intermediate Selection Process selects Flow Records from a
      sequence based upon criteria-evaluated Flow record values and
      passes only those Flow Records that match the criteria, an
      Intermediate Flow Selection Process selects Flow Records using
      selection criteria applicable to a larger set of Flow
      characteristics and information.





  


Regarding terminology, I still some instances of "observation point". Should
be "Observation Point"



I will fix them.


...





4.  Flow selection as a Function in the IPFIX Architecture 
   

Thanks for your new figure 1.
One editorial change: change the + in the left vertical line.

Ok, will do.

      +======|========================+      |
      |      |  Mediator              |      |
      +    +-V-------------------+    |      |
      |    | Collecting Process  |    |      |
      +    +---------------------+    |      |
      |    | Intermediate Flow   |    |      |
      |    | Selection Process   |    |      |
      +    +---------------------+    |      |
      |    |  Exporting Process  |    |      |
      +    +-|-------------------+    |      |
      +======|========================+      |
      


5.1.  Flow Filtering 

   Flow Filtering is a deterministic function on the IPFIX Flow Record 
   content.  If the relevant flow characteristics are already observable 
   at packet level (e.g.  Flow Keys), Flow Filtering can be applied 
   before aggregation at packet level.  In order to be compliant with 
   this document, at least the Property Match Filtering MUST be 
   implemented. 

This contradicts.

   In order to be compliant with this document, at
   least one of the flow selection schemes MUST be implemented.

Actually, wrong cut/paste.
This contradicts, in section 1:

   In order to be compliant with this document, at
   least the Property Match Filtering MUST be implemented.

 

This comment is not clear to me. Both in Section 1 and in Section 5.1 (Flow
Filtering) I used the same sentence “In order to be compliant with this
document, at least the Property Match Filtering MUST be implemented”.







8.  IANA Considerations 

8.1.  Registration of Information Elements 


Table 3: Information Elements to be registered, you can't put the value 1,
2, 3, 
You need TBD1, TBD2, etc...
And you must add
"IANA Note: please replace TBD1, TBD2, ... with the assigned values,
throughout the document."



Thanks. I will fix this point.







8.2.  Registration of Object Identifier 


RFC 5815 is obsoleted by RFC 6615 <http://tools.ietf.org/html/rfc6615> 

What you want is an extra in http://www.iana.org/assignments/smi-numbers,
pointing to this RFC:

Sub-registry Name: IPFIX-SELECTOR-MIB Functions
Reference: [RFC6615]
Registration Procedures: Expert Review 
Prefix:
iso.org.dod.internet.mgmt.mib-2.ipfixSelectorMIB.ipfixSelectorObjects.ipfixS
electorFunctions 
(1.3.6.1.2.1.194.1.1)
 
Decimal Name                  Description                       Reference
------- --------------------- --------------------------------- ---------
1       ipfixFuncSelectAll    Select everything                 [RFC6615]
2       psampSampCountBased   Systematic Count-based Sampling   [RFC6727]
3       psampSampTimeBased    Systematic Time-based Sampling    [RFC6727]
4       psampSampRandOutOfN   Random n-out-of-N Sampling        [RFC6727]
5       psampSampUniProb      Universal Probabilistic Sampling  [RFC6727]
6       psampFiltPropMatch    Property Match Filtering          [RFC6727]
7       psampFiltHash         Hash-based Filtering              [RFC6727]

So you need TBDx

Ok.

   +---------+-----------------------+---------------------+-----------+
   | Decimal | Name                  | Description         | Reference |
   +---------+-----------------------+---------------------+-----------+
   |  TBDx   | flowSelectorAlgorithm | This Object         | [RFCyyyy] |
   |         |                       | Identifier          |           |
   |         |                       | identifies the Flow |           |
   |         |                       | selection technique |           |
   |         |                       | (e.g., Filtering,   |           |
   |         |                       | Sampling) that is   |           |
   |         |                       | applied by the Flow |           |
   |         |                       | Selection Process   |           |
   +---------+-----------------------+---------------------+-----------+
 
               Table 4: Object Identifiers to be registered


"IANA Note: please replace TBDx with the assigned value, throughout the
document."

Btw, there is a mismatch between the IANA registry and the table in section
7.1:

   +----+------------------------+--------------------------+
   | ID |        Technique         |      Parameters          |
   +----+------------------------+--------------------------+
   | 1  | Systematic count-based | flowSamplingInterval     |
   |    | Sampling               | flowSamplingSpacing      |
   +----+------------------------+--------------------------+
   | 2  | Systematic time-based  | flowSamplingTimeInterval |
   |    | Sampling               | flowSamplingTimeSpacing  |
   +----+------------------------+--------------------------+
   | 3  | Random n-out-of-N      | samplingSize             |
   |    | Sampling               | samplingPopulation       |
   +----+------------------------+--------------------------+
   | 4  | Uniform probabilistic  | samplingProbability      |
   |    | Sampling               |                          |
   +----+------------------------+--------------------------+
   | 5  | Property Match         | Information Element      |
   |    | Filtering              | Value Range              |
   +----+------------------------+--------------------------+
   |   Hash-based Filtering      | hashInitialiserValue     |
   +----+------------------------+ hashFlowDomain           |
   | 6  | using BOB              | hashSelectedRangeMin     |
   +----+------------------------+ hashSelectedRangeMax     |
   | 7  | using IPSX             | hashOutputRangeMin       |
   +----+------------------------+ hashOutputRangeMax       |
   | 8  | using CRC              |                          |
   +----+------------------------+--------------------------+
   | 9  | Flow-state Dependent   | No agreed Parameters     |
   |    | Flow Selection         |                          |
   +----+------------------------+--------------------------+
 
Also, in this table above, you need "TBDx" instead of 9
 
Ok.
 

- I see "Flow Selection", but this term is not defined.



I will replace “Flow Selection” with “Intermediate Flow Selection Process”. 


Thanks.


Regards, Benoit.

 

 

Thanks a lot.

 

Kind regards,

 

Salvatore







_______________________________________________
IPFIX mailing list
IPFIX@ietf.org
https://www.ietf.org/mailman/listinfo/ipfix

 

  _____  

Nessun virus nel messaggio.
Controllato da AVG - www.avg.com
Versione: 2012.0.2221 / Database dei virus: 2441/5364 - Data di rilascio:
30/10/2012