IETF Logo Mail Archive

Re: [IPFIX] review of draft-ietf-ipfix-a9n-04

Paul Aitken <paitken@cisco.com> Fri, 02 November 2012 10:12 UTC

Return-Path: <paitken@cisco.com>
X-Original-To: ipfix@ietfa.amsl.com
Delivered-To: ipfix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 65AFB21F99B3 for <ipfix@ietfa.amsl.com>; Fri, 2 Nov 2012 03:12:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.509
X-Spam-Level:
X-Spam-Status: No, score=-10.509 tagged_above=-999 required=5 tests=[AWL=0.090, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ue2YvwhJjDo5 for <ipfix@ietfa.amsl.com>; Fri, 2 Nov 2012 03:12:17 -0700 (PDT)
Received: from ams-iport-1.cisco.com (ams-iport-1.cisco.com [144.254.224.140]) by ietfa.amsl.com (Postfix) with ESMTP id 8889221F99B8 for <ipfix@ietf.org>; Fri, 2 Nov 2012 03:12:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2952; q=dns/txt; s=iport; t=1351851138; x=1353060738; h=message-id:date:from:mime-version:to:cc:subject: references:in-reply-to:content-transfer-encoding; bh=+GiNceZWR1kf+KpopcpppXkWihR5LsXSYpKB7cD4j1I=; b=K+JzQqYEjT7NEM2wBqF6Om1YVs6oZoX5NoDJycPrWATpkyz787WQ4S/O 5KlfHYUHirW/qtXUuSwZxDIoUjKSBpVOZGxDssXFZFZuIer+mNRjVx1QZ /FyrU4c7UQ5lBKRmBS0T8VMAjQ7J79wDLg7BeV0DZy5qQBDBz9qun5I5Z M=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Ah4FACibk1CQ/khN/2dsb2JhbABEgyzAC4EIgh4BAQEDARIBJUABBQsLIQwKDwkDAgECAUUGDQEHAQEXB4diBptwoAaMAYMLgzADlXmFa4hugWuCb4Fk
X-IronPort-AV: E=Sophos;i="4.80,697,1344211200"; d="scan'208";a="146185207"
Received: from ams-core-4.cisco.com ([144.254.72.77]) by ams-iport-1.cisco.com with ESMTP; 02 Nov 2012 10:12:16 +0000
Received: from [10.61.102.64] (dhcp-10-61-102-64.cisco.com [10.61.102.64]) by ams-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id qA2ACFd8025181; Fri, 2 Nov 2012 10:12:15 GMT
Message-ID: <50939C80.5020708@cisco.com>
Date: Fri, 02 Nov 2012 10:12:16 +0000
From: Paul Aitken <paitken@cisco.com>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:15.0) Gecko/20120912 Thunderbird/15.0.1
MIME-Version: 1.0
To: Brian Trammell <trammell@tik.ee.ethz.ch>
References: <500039DE.5050706@cisco.com> <071B9C0F-B58F-489A-99E1-A3A4A4D25382@tik.ee.ethz.ch> <5092E68B.8070902@cisco.com> <2FE57FE3-6F59-46B8-9AB5-CE2E64807D92@tik.ee.ethz.ch>
In-Reply-To: <2FE57FE3-6F59-46B8-9AB5-CE2E64807D92@tik.ee.ethz.ch>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: draft-ietf-ipfix-a9n@tools.ietf.org, IETF IPFIX Working Group <ipfix@ietf.org>
Subject: Re: [IPFIX] review of draft-ietf-ipfix-a9n-04
X-BeenThere: ipfix@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IPFIX WG discussion list <ipfix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipfix>, <mailto:ipfix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipfix>
List-Post: <mailto:ipfix@ietf.org>
List-Help: <mailto:ipfix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipfix>, <mailto:ipfix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Nov 2012 10:12:18 -0000

Brian,

> I wondered this myself, and I suspect you can't find the LC announcement for this document because you may not be searching far enough in the past.

Not so. I searched both my email and the IPFIX WG archive back to 
-a9n-00 on October 31st 2011.


> WGLC on -a9n began on 5 February 2012, nearly nine months ago (!!!), following a Christmas delay on top of an indication of WGLC readiness at the Taipei IETF meeting.
>
> Since that time, -04 was published in response to WGLC comments, -05 was published in response to comments you sent on an outdated individual version of the draft, -06 in response to your -04 review comments, and -07 in response to Benoit's AD review.

Then it has been well reviewed :-)


>>> BTW, the case of a collector or mediator aggregating received flows presents another possibility: the flow could be received late (eg, delayed export), so rather than re-opening an old start / mid / end aggregation, the flow is simply included in the "current" aggregation. ie, real time aggregation, regardless of the flow timestamps.
>>> A good point; however, this is already covered in section 6.2:
>>>
>>>     In certain circumstances, additional delay at the original Exporter
>>>     may cause an IAP to close an interval before the last Original
>>>     Flow(s) accountable to the interval arrives; in this case the IAP
>>>     SHOULD drop the late Original Flow(s).  Accounting of flows lost at
>>>     an Intermediate Process due to such issues is covered in
>>>     [I-D.ietf-ipfix-mediation-protocol].
>>>
>>> Would you suggest loosening the language to allow an IAP to fake timestamps to avoid drops in delay-intolerant situations?
>> So there are several options:
>>
>> 1. drop the late flows. In this case the late traffic is utterly lost, which may be quite undesirable.
>>
>> 2. re-open the appropriate aggregation to correctly account the late flows.
>> 2a. don't close aggregations immediately, but wait for some period and accept late flows.
>>
>> 3. account the late flows in the current (though wrong) aggregation.
>>
>> I'd prefer that the doc discussed the options or gave reasons rather than simply advising "SHOULD drop".
> The real solution IMO is wait and make sure you've got everything, and treat exceptions as just that. 2a. is just a variant of that solution with two different kinds of waiting. 3. is for when it's more important to be conservative than to be correct, when waiting all the time isn't possible. But this is getting very deeply into implementation choices and application-specific requirements, so I'm inclined to leave it as is. The intention here, again, is to give recommendations for non-corner cases while allowing implementation flexibility.

What you say seems to be contrary to the "SHOULD drop" recommendation. 
Perhaps that should be downgraded to "MAY drop", which seems to give 
permission rather than a recommendation.

P.

v2.23.0 | Report a Bug | By Email