RE: [ipfix] Mailing list digest, Friday 8 March
"Kevin Zhang" <kevin.zhang@xacct.com> Mon, 11 March 2002 18:57 UTC
Received: from mil.doit.wisc.edu (mil.doit.wisc.edu [128.104.31.31]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA19288 for <ipfix-archive@lists.ietf.org>; Mon, 11 Mar 2002 13:57:34 -0500 (EST)
Received: from majordomo by mil.doit.wisc.edu with local (Exim 3.13 #1) id 16kUeO-0002hw-00 for ipfix-list@mil.doit.wisc.edu; Mon, 11 Mar 2002 12:36:00 -0600
Received: from mailhub.xacct.com ([204.253.100.25]) by mil.doit.wisc.edu with smtp (Exim 3.13 #1) id 16kUeK-0002hH-00 for ipfix@net.doit.wisc.edu; Mon, 11 Mar 2002 12:35:56 -0600
Received: (qmail 22460 invoked from network); 11 Mar 2002 18:35:22 -0000
Received: from unknown (HELO usmail.xacct.com) (204.253.100.12) by mailhub.us.xacct.com with SMTP; 11 Mar 2002 18:35:22 -0000
Received: from Kevinz (1Cust95.tnt15.dca5.da.uu.net [63.10.143.95]) by usmail.xacct.com (8.11.2/8.11.2) with SMTP id g2BIZGm02256; Mon, 11 Mar 2002 10:35:17 -0800
Reply-To: kevin.zhang@xacct.com
From: Kevin Zhang <kevin.zhang@xacct.com>
To: ipfix@net.doit.wisc.edu
Cc: n.brownlee@auckland.ac.nz, calato@riverstonenet.com
Subject: RE: [ipfix] Mailing list digest, Friday 8 March
Date: Mon, 11 Mar 2002 13:34:55 -0500
Message-ID: <OPEMIKCMGFPBJOGILIMOEEPHDGAA.kevin.zhang@us.xacct.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
In-Reply-To: <3C8CE567.861AE644@riverstonenet.com>
Precedence: bulk
Sender: majordomo listserver <majordomo@mil.doit.wisc.edu>
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from base64 to 8bit by ietf.org id NAA19288
Hi Paul, I have to disagree with you, please see my comments. Thanks, Kevin > -----Original Message----- > From: majordomo listserver [mailto:majordomo@mil.doit.wisc.edu]On Behalf > Of calato@riverstonenet.com > Sent: Monday, March 11, 2002 12:12 PM > To: n.brownlee@auckland.ac.nz > Cc: ipfix@net.doit.wisc.edu > Subject: Re: [ipfix] Mailing list digest, Friday 8 March > > > n.brownlee@auckland.ac.nz wrote: > > > > IPFIX Co-chairs list of IPFIX issues > > > > Nevil Brownlee & Dave Plonka, Fri 8 Mar 02 > > > > ++ marks each issue > > ** WG co-chairs comment > > - Mailing list discussion items > > > > Contributors names are listed in full following the list of issues > > > > ++ Congestion-aware protocols > > ** Need to reach consensus on two major points: > > a. We know we need reliable transport. Do we > > also need unreliable? > > b. Given consesnus on (a), how do we provide > > congestion awareness? > > - Nevil, 4 Mar: Note setting out IESG / WH chair position on > > this issue. In brief, if IPFIX doesn't mandate congestion- > > aware transport, the WG RFCs won't get approved. > > > I believe there are a large number of real world deployment > cases where IPFIX is not going over the Internet. In fact, > it is likely to be the majority of deployment cases. Is there > disagreement on this point? > > If not, we ought to decide the best way to solve the problem > first, then decide what that means for us as an IETF group; > not the other way around. > > I believe CRANE protocol (http://search.ietf.org/internet-drafts/draft-kzhang-crane-protocol-02.txt) is considered as a candidate for IPFIX. We have several deployments with tier one carriers, which the exporter and collectors communicate through WAN. Furthermore, potential IPFIX exporting devices may be routers, probes, and mid-boxes as outlined in our charter; I do not agree that the need of high-speed router (may have limited on-device flow processing capability) should over-ride all the other needs. > > > > > ++ Collector Failover > > ** We need a control session handling keepalives. > > Much of this discussion hinges on the TCP vs UDP debate! > > - Paul, 27 Feb: Need to handle 'lost data' no matter what! > > - Mark, 25 Feb: UDP with retransmits as an alternative to TCP > > or SCTP. A TCP for keepalives could be enough? > > - Paul/Ganesh, 25 Feb: Not convinced that UDP can be ruled out; > > TCP on its own doesn't provide 'application level reliability.' > > - Peter, 25 Feb: 'Reliable' transport is better and simpler. "Any > > data delivery method that avoids reliability simply pushes > things on > > to another part of the system." Use SCTP or TCP; data ACKs > > are enough, don;t need keepalives as well. > > - Mark, 23 Feb: Suggestions: use mandatory TCP control connection, > > require collector to send periodic ACKS to exporter. > > - Peter, 23 Feb: TCP keepalive not enough for exporter to detect > > crash of collector. Need to either use SCTP or have a failure > > detection mechanism. > > > > ------------------------------------------------------------- > > > > ++ Counter wrapping, long-running flows > > ** Support for both absolute counts (counters) and deltas, no clear > > consensus. > > - Benoit, 22 Feb: Close flow and export it when it nears > counter wrap, > > restart as a new flow. > > - Ganesh, 21 Feb: Export flow records when counters go past > a threshold, > > Keep IEs for absolute counts or delta counts, whichever is needed. > > - Peter, 21 Feb: In our experience, it's better to output > deltas. Absolute > > values are needed only if you have an unreliable data exporter. > > - KC, 21 Feb: Ability to send a flow record at any interval due to a > > counter rollover needs to be a selection criteria. > > - Reinaldo, 19 Feb: Could someone elaborate on this? > > > > ++ Configuration: protocol > > ** Out of scope, i.e. WG should not consider this until we have > > the Arch and Data drafts well under way. > > - KC, 20 Feb: not doing that, trying to select best of > existing protocols > > - Randy, 20 Feb: reminder, out of scope > > - Reinaldo, 20 Feb, IPFIX config protocol needed, MIB OK as well > > - Fred, 20 Feb: NetFlow v9: good summary posting > > 'bi-directional config' = collector can ask exporter for > reqd flows > > Fred doesn't think it would be useful, lots of IOS development, > > implications for reliability, security, etc. > > Config via an 'IPFIX Configuration MIB' would be better. > > - Juergen/Reinaldo/Paul/Benoit/Ram, 14 Feb: 'Not trying to > standardise > > meter, therefore don't specify how to configure one.' > > - Mike, 13 Feb: Configuration and MIBs: "A MIB module is a > concise guide > > to implementors in their design of a configuration > interface (CLI, XML, > > XYZ, whatever) to manage a given techology" > > - Mark, 12 Feb: Comments on exporter-collector session management, > > session IDs. > > - Will, 11 Feb: Doesn't want 'SHOULD support in-band configuration.' > > > > ++ Configuration: Content Negotiation > > - Christian/Peter/Juergen, ~19 Feb: Collector should be able > to request > > a subset of all available flow attributes, exporter should indicate > > which attributes it can send. > > - Benoit, 19 Feb: This is pure configuration. You tell the exporter > > which fields to export by defining a template. > > > > ++ Configuration: In-band Configuration > > - Christian/Peter/Juergen: This is the ability for a collector to > > ask an exporter for a particular set of flows > > > > ++ Applicability document > > ** Material currently in Arch draft. Discuss at Minneapolis meeting. > > Charter mentions it to support Architecture draft, so its > > OK to start work on this, but don't let it distract from other > > WG drafts! Use ipfix-app list alias for discussion. > > - Carter, 20 Feb: OK, but don't go too far off topic > > - KC, 20 Feb: Renaldo, Kevin & Tanja contributed most of > this material > > in Arch, they'd be good editors > > - Tanja, Feb 19: 'Applicability' contents proposal > > - Proposed by KC, support from Benoit > > > > ++ Middleboxes document > > *** Not in scope, material currently in Arch draft. > > Do we need a separate document? Or put it in > Applicability draft? > > > > ++ Selecting a Flow Info Export protocol > > ** Our charter says we'll select a protocol, however we'll probably > > need to look (small) improvements to an existing protocol > > - 19 Feb: KC had intended to list 'overview' descriptions of existing > > protocols in Arch draft. Paul thinks this is premature, > we should list > > 'selection criteria' there instead. KC agrees, meantime (so as not > > to loose the contributed text from B/G and Kevin) we'll > shift it into > > appendices. > > - Randy, 18 Feb: realistically, i think you will have to > modify any of > > the existing protocols to meet robust needs. and yes, i think > > security should be a consideration. [ note that snmpv3 control and > > tcp export over ipsec may meet some of the more difficult > issues you > > raise ] > > - David, 18 Feb: Selection criteria are needed for this! > > > > ++ Defining a flow > > - Paul, 19 Feb: Selection process chooses packets to consider, > > flow definition rules determine which unique flows to export, > > i.e. flow definition rules may define sub-flows. Collector may > > wish to know the selection cfriteria. > > - Reinaldo, 19 Feb: Is a subset of a flow (i.e. one formed by adding > > another filter function) not 'just another' flow? > > > > ++ Overload conditions > > - KC/Robert, 13 Feb: Should exporter or collector be allowed to hanle > > overload by changing sampling rate? Or is it better to loose > > packets instead? > > > > ++ Security Considerations > > - Cliff, 12 Feb: text for Arch draft > > > > B/G = Benoit & Ganesh > > > > Benoit Calise, Cisco > > Carter Bullard, QOSient > > Christian Gilby, Nortel > > Cliff Wang, SmartPipes > > David Harrington, Enterasys > > Fred True, AT&T Research > > Ganesh Sadavisan, Cisco > > Jean-christophe Martin, Sun > > Juergen Quittek, NEC > > KC Norseth, Enterasys > > Kevin Zhang, Xacct > > Man M Li, Nokia > > Mark Fullmer, OARnet > > Paul Calato, Riverstone > > Peter Ludemann, Xacct > > Ram Gopal, Nokia > > Randy Bush (AD), AT&T > > Reinaldo Penno, Nortel > > Sebastian Zander, Fraunhofer Institute FOKUS > > Simon Leinen, Switch > > Tanja Zseby, Fraunhofer Institute FOKUS > > Venkatraman G, Infosys Technologies > > Will Eatherton, Cisco > > > > ++Other comments > > > > Robert Lowe <robert.h.lowe@lawrence.edu>, 15 Feb: > > The lurker opinion poll (no vote)... ;-) > > In-band configuration -- not now. > > Negotiation -- limited (but that discussion is promised to follow). > > Benoit, I think this was a very perceptive comment. It seems we are > > at times confusing the two. > > > > Peter Phaal <Peter_Phaal@inmon.com>, 13 Feb: > > The IPFIX charter doesn't address the algorithms used by the flow > > collector, but there are system-wide issues that should be explored. > > Design choices made in the IPFIX protocol specification can have a > > fundamental effect on the capabilities of traffic management systems > > collecting IPFIX data (scalability, latency, accuracy, multi-point > > correlation, etc.) > > > > ----------------------------------------------------------------------- > > Nevil Brownlee Director, Technology Development > > Phone: +64 9 373 7599 x8941 ITSS, The University of Auckland > > FAX: +64 9 373 7021 Private Bag 92019, Auckland, New Zealand > > > > -- > > Help mailto:majordomo@net.doit.wisc.edu and say "help" > in message body > > Unsubscribe mailto:majordomo@net.doit.wisc.edu and say > > "unsubscribe ipfix" in message body > > Archive http://ipfix.doit.wisc.edu/archive/ > > -- > Help mailto:majordomo@net.doit.wisc.edu and say "help" in > message body > Unsubscribe mailto:majordomo@net.doit.wisc.edu and say > "unsubscribe ipfix" in message body > Archive http://ipfix.doit.wisc.edu/archive/ > > > ÿñÞ[hþf£¢·hçzßÝ¢+ÿÂ+ýçnjwlk/ázZÿy²Æ yºÉIì¹»®&Þ¨¥¶æj:+v¨þwýÚ"·ü"±ÏÞvæ§vƲþéì¹»®&ÞâÇø§ë,j¡ÜÈb½èm¶ÿþ*_Ý¢+ÿÂ+ýçnýªÜ+Þ
- [ipfix] Mailing list digest, Friday 8 March n.brownlee
- RE: [ipfix] Mailing list digest, Friday 8 March Reinaldo Penno
- RE: [ipfix] Mailing list digest, Friday 8 March Kevin Zhang
- Re: [ipfix] Mailing list digest, Friday 8 March Ganesh Sadasivan
- Re: [ipfix] Mailing list digest, Friday 8 March calato
- Re: [ipfix] Mailing list digest, Friday 8 March n.brownlee
- RE: [ipfix] Mailing list digest, Friday 8 March Kevin Zhang
- Re: [ipfix] Mailing list digest, Friday 8 March calato
- Re: [ipfix] Mailing list digest, Friday 8 March calato
- RE: [ipfix] Mailing list digest, Friday 8 March Norseth, KC
- RE: [ipfix] Mailing list digest, Friday 8 March Peter Ludemann
- Re: [ipfix] Mailing list digest, Friday 8 March calato
- Congestion awareness, reliability (was: RE: [ipfi… Peter Ludemann
- Re: Congestion awareness, reliability (was: RE: [… Fred True
- Re: [ipfix] Mailing list digest, Friday 8 March Benoit Claise
- RE: Congestion awareness, reliability (was: RE: [… Peter Ludemann
- RE: [ipfix] Mailing list digest, Friday 8 March Kevin Zhang
- RE: Congestion awareness, reliability (was: RE: [… Fred True
- Re: [ipfix] Mailing list digest, Friday 8 March Michael MacFaden
- RE: [ipfix] Mailing list digest, Friday 8 March Will Eatherton
- RE: [ipfix] Mailing list digest, Friday 8 March Peter Phaal
- Re: [ipfix] Mailing list digest, Friday 8 March Peram Marimuthu
- [ipfix] Re: congestion awareness, reliability n.brownlee
- RE: [ipfix] Re: congestion awareness, reliability Peter Ludemann
- Re: Congestion awareness, reliability (was: RE: [… calato
- Re: Congestion awareness, reliability (was: RE: [… calato
- Re: [ipfix] Re: congestion awareness, reliability calato
- Re: [ipfix] Re: congestion awareness, reliability Peram Marimuthu
- Re: [ipfix] Re: congestion awareness, reliability calato
- Re: [ipfix] Re: congestion awareness, reliability Peram Marimuthu
- RE: Congestion awareness, reliability (was: RE: [… Peter Ludemann
- Re: [ipfix] Re: congestion awareness, reliability Michael MacFaden
- Re: [ipfix] Re: congestion awareness, reliability Ganesh Sadasivan