[IPFIX] R: New AD review of draft-ietf-ipfix-flow-selection-tech-10.txt
"Salvatore D'Antonio" <salvatore.dantonio@uniparthenope.it> Mon, 05 November 2012 15:04 UTC
Return-Path: <salvatore.dantonio@uniparthenope.it>
X-Original-To: ipfix@ietfa.amsl.com
Delivered-To: ipfix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A10A021F849C for <ipfix@ietfa.amsl.com>; Mon, 5 Nov 2012 07:04:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.269
X-Spam-Level:
X-Spam-Status: No, score=-1.269 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, GB_I_LETTER=-2, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245, HTML_MESSAGE=0.001, MSGID_MULTIPLE_AT=1.449]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Sokxd2x5Lw+U for <ipfix@ietfa.amsl.com>; Mon, 5 Nov 2012 07:04:03 -0800 (PST)
Received: from mail.uniparthenope.it (mail.uniparthenope.it [192.167.9.244]) by ietfa.amsl.com (Postfix) with ESMTP id 6DB5121F849A for <ipfix@ietf.org>; Mon, 5 Nov 2012 07:04:02 -0800 (PST)
Received: from mail2.uniparthenope.it (unknown [10.1.2.108]) by mail.uniparthenope.it (Postfix) with SMTP id 36D8215B45; Mon, 5 Nov 2012 15:04:00 +0000 (UTC)
Received: from (unknown [192.168.241.108]) by mail2.uniparthenope.it with smtp id 1d8b_072de1ac_275a_11e2_9101_001372515a5c; Mon, 05 Nov 2012 16:03:58 +0100
Received: from spamk.uniparthenope.it (localhost [127.0.0.1]) by spamk.uniparthenope.it (Postfix) with ESMTP id 6F041C42EE; Mon, 5 Nov 2012 16:03:50 +0100 (CET)
Received: by spamk.uniparthenope.it (Postfix, from userid 500) id 6C0B8C432A; Mon, 5 Nov 2012 16:03:50 +0100 (CET)
Received: from mail.uniparthenope.it (mail.uniparthenope.it [192.167.9.244]) by spamk.uniparthenope.it (Postfix) with ESMTP id 65B03C4328; Mon, 5 Nov 2012 16:03:44 +0100 (CET)
Received: from saldantoPC (unknown [10.100.9.102]) (Authenticated sender: salvatore.dantonio@uniparthenope.it) by mail.uniparthenope.it (Postfix) with ESMTPA id 3234215C79; Mon, 5 Nov 2012 16:03:53 +0100 (CET)
From: Salvatore D'Antonio <salvatore.dantonio@uniparthenope.it>
To: 'Benoit Claise' <bclaise@cisco.com>, ipfix@ietf.org, draft-ietf-ipfix-flow-selection-tech@tools.ietf.org
References: <4FC74398.50805@cisco.com> <4FC89B99.40107@cisco.com> <506DA106.5060705@cisco.com> <50904E1D.7060909@cisco.com>
In-Reply-To: <50904E1D.7060909@cisco.com>
Date: Mon, 05 Nov 2012 16:03:53 +0100
MIME-Version: 1.0
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: Ac227+sEZJvYKDxAS/GY4C/oLok6KAEbv9AA
Content-Language: it
Message-ID: <007301cdbb66$c58d6a10$50a83e30$@dantonio>
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0074_01CDBB6F.2751D210"
X-Anti-Virus: Kaspersky Anti-Virus for Linux Mail Server 5.6.42/RELEASE, bases: 20121105 #8315384, check: 20121105 clean
Cc: ipfix-chairs@tools.ietf.org
Subject: [IPFIX] R: New AD review of draft-ietf-ipfix-flow-selection-tech-10.txt
X-BeenThere: ipfix@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IPFIX WG discussion list <ipfix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipfix>, <mailto:ipfix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipfix>
List-Post: <mailto:ipfix@ietf.org>
List-Help: <mailto:ipfix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipfix>, <mailto:ipfix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Nov 2012 15:04:09 -0000
Dear Benoit, My comments to your comments inline. Da: Benoit Claise [mailto:bclaise@cisco.com] Inviato: martedì 30 ottobre 2012 23:01 A: ipfix@ietf.org; draft-ietf-ipfix-flow-selection-tech@tools.ietf.org Cc: ipfix-chairs@tools.ietf.org Oggetto: Re: [IPFIX] New AD review of draft-ietf-ipfix-flow-selection-tech-10.txt Dear draft-ietf-ipfix-flow-selection-tech authors, I was expecting a quick discussion on the very few remaining issues... That has not happened. The draft status is: AD evaluation, Revised ID Needed. Regards, Benoit Dear authors, The draft improved quite dramatically. Thanks for that. See in line for some more comments. I removed all unnecessary text. Dear authors, I'm performing the (new) AD review of draft-ietf-ipfix-flow-selection-tech-10.txt Lucky you, an extra pair of eyes specifically looking at your draft If some points have been discussed already on the mailing list, let me know. I have to admit that I have not been following the latest iterations of this draft. IMHO, this document needs some more work... I don't think that this document is really in line with the other Intermediate Processes documents: http://tools.ietf.org/html/rfc6235 http://tools.ietf.org/html/draft-ietf-ipfix-a9n-03 Note that I might have some more comments once all the points in this email are addressed, as there are many ;-) However, I'm available for a conf. call to clarify my points if you want to See in-line. ... 8.2. Registration of Object Identifier . . . . . . . . . . . . 32 9. Security Considerations . . . . . . . . . . . . . . . . . . . 32 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 34 11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 34 11.1. Normative References . . . . . . . . . . . . . . . . . . . 34 11.2. Informative References . . . . . . . . . . . . . . . . . . 34 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 35 Don't you have to include the non-normative XML in the appendix, as it was done for RFC5102, RFC5103? I will do in the next version of the ID. 2. Terminology This document is consistent with the terminology introduced in [RFC5101], [RFC5470], [RFC5475] and [RFC3917]. As in [RFC5101] and [RFC5476], the first letter of each IPFIX-specific and PSAMP-specific term is capitalized along with the flow selection specific terms defined here. * Packet Classification Packet Classification is a process by which packets are mapped to specific Flow Records based on packet properties or external properties (e.g. interface). The properties (e.g. header information, packet content, AS number) make up the Flow Key. In case a Flow Record for a specific Flow Key already exists the Flow Record is updated, otherwise a new Flow Record is created. How is this different that the Metering Process (RFC5101)? Metering Process The Metering Process generates Flow Records. Inputs to the process are packet headers and characteristics observed at an Observation Point, and packet treatment at the Observation Point (for example, the selected output interface). The Metering Process consists of a set of functions that includes packet header capturing, timestamping, sampling, classifying, and maintaining Flow Records. The maintenance of Flow Records may include creating new records, updating existing ones, computing Flow statistics, deriving further Flow properties, detecting Flow expiration, passing Flow Records to the Exporting Process, and deleting Flow Records. What is the connection with the Metering Process? Figure 1 seems to suggest that Packet Classification is a subset of the Metering Process... not sure that one was answered. Yes. I already answered. Packet Classification is a function of the Metering process. Your interpretation is correct. * Packet Aggregation Process In the IPFIX Metering Process the Packet Aggregation Process aggregates packet data into flow data and forms the Flow Records. How is this different from the Metering Process? the "Packet Aggregation Process" is not used in the document. Why do we need it? I agree with you. We do not need such definition. I will remove it in the new version of the ID. After the aggregation step only the aggregated flow information is available. Information about individual packets is lost. Intermediate Flow Selection Process: an Intermediate Process as in [RFC6183 <http://tools.ietf.org/html/rfc6183> ] that ... The new definition improved a lot: * Intermediate Flow Selection Process An Intermediate Flow Selection Process takes Flow Records as its input and selects a subset of this set as its output. Intermediate Flow Selection Process is a more general concept than Intermediate Selection Process as defined in [RFC6183 <http://tools.ietf.org/html/rfc6183> ]. While an Intermediate Selection Process selects Flow Records from a sequence based upon criteria-evaluated Flow record values and passes only those Flow Records that match the criteria, an Intermediate Flow Selection Process selects Flow Records using selection criteria applicable to a larger set of Flow characteristics and information. But is there a reason why this definition can't be based on "intermediate Process" from RFC 6183: Intermediate Process An Intermediate Process takes a record stream as its input from Collecting Processes, Metering Processes, IPFIX File Readers, other Intermediate Processes, or other record sources; performs some transformations on this stream based upon the content of each record, states maintained across multiple records, or other data sources; and passes the transformed record stream as its output to Exporting Processes, IPFIX File Writers, or other Intermediate Processes in order to perform IPFIX Mediation. Typically, an Intermediate Process is hosted by an IPFIX Mediator. Alternatively, an Intermediate Process may be hosted by an Original Exporter. According to the definition of Intermediate Process from RFC 6183, such a process is typically hosted by an IPFIX Mediator. Alternatively, it may be hosted by an Original Exporter. In my view, an Intermediate Flow Selection Process could be also hosted by a Collector. So * Intermediate Flow Selection Process An Intermediate Flow Selection Process is an Intermediate Process as in [RFC6183 <http://tools.ietf.org/html/rfc6183> ] that takes Flow Records as its input and selects a subset of this set as its output. Intermediate Flow Selection Process is a more general concept than Intermediate Selection Process as defined in [RFC6183 <http://tools.ietf.org/html/rfc6183> ]. While an Intermediate Selection Process selects Flow Records from a sequence based upon criteria-evaluated Flow record values and passes only those Flow Records that match the criteria, an Intermediate Flow Selection Process selects Flow Records using selection criteria applicable to a larger set of Flow characteristics and information. Regarding terminology, I still some instances of "observation point". Should be "Observation Point" I will fix them. ... 4. Flow selection as a Function in the IPFIX Architecture Thanks for your new figure 1. One editorial change: change the + in the left vertical line. Ok, will do. +======|========================+ | | | Mediator | | + +-V-------------------+ | | | | Collecting Process | | | + +---------------------+ | | | | Intermediate Flow | | | | | Selection Process | | | + +---------------------+ | | | | Exporting Process | | | + +-|-------------------+ | | +======|========================+ | 5.1. Flow Filtering Flow Filtering is a deterministic function on the IPFIX Flow Record content. If the relevant flow characteristics are already observable at packet level (e.g. Flow Keys), Flow Filtering can be applied before aggregation at packet level. In order to be compliant with this document, at least the Property Match Filtering MUST be implemented. This contradicts. In order to be compliant with this document, at least one of the flow selection schemes MUST be implemented. Actually, wrong cut/paste. This contradicts, in section 1: In order to be compliant with this document, at least the Property Match Filtering MUST be implemented. This comment is not clear to me. Both in Section 1 and in Section 5.1 (Flow Filtering) I used the same sentence In order to be compliant with this document, at least the Property Match Filtering MUST be implemented. 8. IANA Considerations 8.1. Registration of Information Elements Table 3: Information Elements to be registered, you can't put the value 1, 2, 3, You need TBD1, TBD2, etc... And you must add "IANA Note: please replace TBD1, TBD2, ... with the assigned values, throughout the document." Thanks. I will fix this point. 8.2. Registration of Object Identifier RFC 5815 is obsoleted by RFC 6615 <http://tools.ietf.org/html/rfc6615> What you want is an extra in http://www.iana.org/assignments/smi-numbers, pointing to this RFC: Sub-registry Name: IPFIX-SELECTOR-MIB Functions Reference: [RFC6615] Registration Procedures: Expert Review Prefix: iso.org.dod.internet.mgmt.mib-2.ipfixSelectorMIB.ipfixSelectorObjects.ipfixS electorFunctions (1.3.6.1.2.1.194.1.1) Decimal Name Description Reference ------- --------------------- --------------------------------- --------- 1 ipfixFuncSelectAll Select everything [RFC6615] 2 psampSampCountBased Systematic Count-based Sampling [RFC6727] 3 psampSampTimeBased Systematic Time-based Sampling [RFC6727] 4 psampSampRandOutOfN Random n-out-of-N Sampling [RFC6727] 5 psampSampUniProb Universal Probabilistic Sampling [RFC6727] 6 psampFiltPropMatch Property Match Filtering [RFC6727] 7 psampFiltHash Hash-based Filtering [RFC6727] So you need TBDx Ok. +---------+-----------------------+---------------------+-----------+ | Decimal | Name | Description | Reference | +---------+-----------------------+---------------------+-----------+ | TBDx | flowSelectorAlgorithm | This Object | [RFCyyyy] | | | | Identifier | | | | | identifies the Flow | | | | | selection technique | | | | | (e.g., Filtering, | | | | | Sampling) that is | | | | | applied by the Flow | | | | | Selection Process | | +---------+-----------------------+---------------------+-----------+ Table 4: Object Identifiers to be registered "IANA Note: please replace TBDx with the assigned value, throughout the document." Btw, there is a mismatch between the IANA registry and the table in section 7.1: +----+------------------------+--------------------------+ | ID | Technique | Parameters | +----+------------------------+--------------------------+ | 1 | Systematic count-based | flowSamplingInterval | | | Sampling | flowSamplingSpacing | +----+------------------------+--------------------------+ | 2 | Systematic time-based | flowSamplingTimeInterval | | | Sampling | flowSamplingTimeSpacing | +----+------------------------+--------------------------+ | 3 | Random n-out-of-N | samplingSize | | | Sampling | samplingPopulation | +----+------------------------+--------------------------+ | 4 | Uniform probabilistic | samplingProbability | | | Sampling | | +----+------------------------+--------------------------+ | 5 | Property Match | Information Element | | | Filtering | Value Range | +----+------------------------+--------------------------+ | Hash-based Filtering | hashInitialiserValue | +----+------------------------+ hashFlowDomain | | 6 | using BOB | hashSelectedRangeMin | +----+------------------------+ hashSelectedRangeMax | | 7 | using IPSX | hashOutputRangeMin | +----+------------------------+ hashOutputRangeMax | | 8 | using CRC | | +----+------------------------+--------------------------+ | 9 | Flow-state Dependent | No agreed Parameters | | | Flow Selection | | +----+------------------------+--------------------------+ Also, in this table above, you need "TBDx" instead of 9 Ok. - I see "Flow Selection", but this term is not defined. I will replace Flow Selection with Intermediate Flow Selection Process. Thanks. Regards, Benoit. Thanks a lot. Kind regards, Salvatore _______________________________________________ IPFIX mailing list IPFIX@ietf.org https://www.ietf.org/mailman/listinfo/ipfix _____ Nessun virus nel messaggio. Controllato da AVG - www.avg.com Versione: 2012.0.2221 / Database dei virus: 2441/5364 - Data di rilascio: 30/10/2012
- [IPFIX] New AD review of draft-ietf-ipfix-flow-se… Benoit Claise
- [IPFIX] R: New AD review of draft-ietf-ipfix-flow… Salvatore D'Antonio
- Re: [IPFIX] New AD review of draft-ietf-ipfix-flo… Benoit Claise
- Re: [IPFIX] New AD review of draft-ietf-ipfix-flo… Benoit Claise
- [IPFIX] R: New AD review of draft-ietf-ipfix-flow… Salvatore D'Antonio
- Re: [IPFIX] R: New AD review of draft-ietf-ipfix-… Benoit Claise
- [IPFIX] R: R: New AD review of draft-ietf-ipfix-f… Salvatore D'Antonio
- Re: [IPFIX] R: R: New AD review of draft-ietf-ipf… Benoit Claise