IETF Logo Mail Archive

Re: [IPFIX] New WG Last Call for draft-ietf-ipfix-flow-selection-tech-06.txt

Brian Trammell <trammell@tik.ee.ethz.ch> Fri, 27 May 2011 13:41 UTC

Return-Path: <trammell@tik.ee.ethz.ch>
X-Original-To: ipfix@ietfa.amsl.com
Delivered-To: ipfix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F15F0E07EC for <ipfix@ietfa.amsl.com>; Fri, 27 May 2011 06:41:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VcW512DGq600 for <ipfix@ietfa.amsl.com>; Fri, 27 May 2011 06:41:38 -0700 (PDT)
Received: from smtp.ee.ethz.ch (smtp.ee.ethz.ch [129.132.2.219]) by ietfa.amsl.com (Postfix) with ESMTP id B34C0E06CE for <ipfix@ietf.org>; Fri, 27 May 2011 06:41:37 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by smtp.ee.ethz.ch (Postfix) with ESMTP id ADD4BD9309 for <ipfix@ietf.org>; Fri, 27 May 2011 15:41:38 +0200 (MEST)
X-Virus-Scanned: by amavisd-new on smtp.ee.ethz.ch
Received: from smtp.ee.ethz.ch ([127.0.0.1]) by localhost (.ee.ethz.ch [127.0.0.1]) (amavisd-new, port 10024) with LMTP id rnf632F-nDjO for <ipfix@ietf.org>; Fri, 27 May 2011 15:41:38 +0200 (MEST)
Received: from pb-10243.ethz.ch (pb-10243.ethz.ch [82.130.102.152]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: briant) by smtp.ee.ethz.ch (Postfix) with ESMTPSA id 6AEB3D9307 for <ipfix@ietf.org>; Fri, 27 May 2011 15:41:38 +0200 (MEST)
Content-Type: text/plain; charset="iso-8859-1"
Mime-Version: 1.0 (Apple Message framework v1084)
From: Brian Trammell <trammell@tik.ee.ethz.ch>
In-Reply-To: <1E3C6A6E-83BC-4ABC-861E-EF46FC3F0624@tik.ee.ethz.ch>
Date: Fri, 27 May 2011 15:41:36 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <FAE7D0F5-4B75-4ABE-AC3D-07AE763AB1A2@tik.ee.ethz.ch>
References: <20110523092128.18082.9981.idtracker@ietfa.amsl.com> <804B13F8F3D94A4AB18B9B01ACB68FA1044F55B0@EXCHSRV.fokus.fraunhofer.de> <4DDC22C7.6070704@auckland.ac.nz> <1E3C6A6E-83BC-4ABC-861E-EF46FC3F0624@tik.ee.ethz.ch>
To: IPFIX Working Group <ipfix@ietf.org>
X-Mailer: Apple Mail (2.1084)
Subject: Re: [IPFIX] New WG Last Call for draft-ietf-ipfix-flow-selection-tech-06.txt
X-BeenThere: ipfix@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IPFIX WG discussion list <ipfix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipfix>, <mailto:ipfix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipfix>
List-Post: <mailto:ipfix@ietf.org>
List-Help: <mailto:ipfix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipfix>, <mailto:ipfix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 May 2011 13:41:39 -0000

Hi, all,

The following are the balance of my WGLC comments on the flow selection draft.

Summary: The document has made _significant_ progress in the right direction, in my opinion, but requires at least one more revision before it is ready for the IESG. The issues are as follows:

1. As Benoit said, and in refinement of my earlier message, the model which the document uses should be based on an Intermediate (Flow) Selection Process (IFSP) as in RFC 6183, instead of adding new concepts to 5470. The case in section 4.1 is a bit of a special one, to address an uncommon requirement; in addition, it isn't really a flow selection process at all, but rather a packet selection process that selects packets on the same criteria that by which packets are separated into flows by the flow key. Therefore it can be noted here, I think, that the _function_ run within an IFSP can run _as a packet selection process_ before flow generation within an MP without having to hack new processes into the 5470 model. Section 6 will have to be updated a bit to fit this change as well.

2. The document should use a different term for "aggregation" (of packets into flows) to avoid collision with terminology related to aggregation in RFCs 5982 and 6183.

3. The document should use a different term for "classification" to avoid confusion with the use of this term with respect to "flow classification" and labeling. I realize 5470 uses the verb "classify" to refer to this process; I really wish it didn't. 

Aggregation and classification _together_ comprise the "assignment" of packets to flows, and flow "generation". I'm afraid I don't have any better suggestions at this time.

4. Terminology based on terminology borrowed by analogy or reference to the packet selection techniques draft is a good idea; however, these terms should be defined in section . Additionally, terminology through the entire document should be reviewed for proper capitalization.

5. Within section 6, it is not clear how to apply this configuration data model. Should this be harmonized with ipfix-configuration-model?

6. In section 7, I would suggest unifying Paul and Benoit's comments on the subject of fsFlowRecordTotalCount; additionally, the IE should be named flowDeltaCount to keep parallel with IEs 1 and 2. Consider renaming the IEs in general to drop the "fs" prefix. perhaps "postSelection" or something similar (as with the pre/post IEs). Review other IEs to ensure they are not covered by existing IEs (especially those "pre-selection", as with IE 3)

7. What is a Flow Entry? Should this be defined in this document, or referenced as terminology from another? If this is what I think it is (reporting flow cache size inline), I'm not certain it belongs here in flow selection (perhaps in a document on metering process monitoring?).

Best regards,

Brian

On May 26, 2011, at 4:20 PM, Brian Trammell wrote:

> Hi, Nevil, all,
> 
> The following is intended as a WGLC comment on flow-selection-tech. It will not be my only one; however, it identifies an issue I've seen in a cursory review of the document which I believe could benefit from some discussion:
> 
> Is this document intended to update RFC 5470? I'm not convinced this is necessary; e.g. RFC 6235 defines a flow-modifying intermediate process, and shows how it could be integrated into various stages within the IPFIX Architecture, without introducing a new model of how data is handled in the architecture. If each additional intermediate process definition updates the architecture, the architecture becomes confusing, and subsequently useless.
> 
> If the authors and the WG believe it is necessary to update 5470 to support flow selection, I would _strongly_ suggest reviewing all new terminology, as the proposed terms collide with existing terms of art in network measurement. Specifically, there are two serious problems here. First, I'm not aware of any use of the word "classification" with respect to the associating of packets with flows; classification instead seems primarily to be used when associating a label with a packet of a flow (e.g., application classification). Second, while packets are indeed aggregated into flows, the word "aggregation" in this draft is used in a completely different way than in either -ipfix-a9n or in RFCs 5982 or 6183. This could lead to confusion.
> 
> More detailed comments to follow.
> 
> Best regards,
> 
> Brian
> 
> On May 24, 2011, at 11:27 PM, Nevil Brownlee wrote:
> 
>> 
>> Hi all:
>> 
>> Thanks very much to all the authors of the flow-selection draft,
>> it does indeed look much better.  Since there's so much new material
>> in it, we need to run a new WG LC on it - that start's today, and
>> will finish on Friday, 10 June.  Do please read it anew, and send
>> comments to the list.  Brief comments such as "yes, this looks fine
>> now" are welcome, of course!
>> 
>> Cheers, Nevil
>> 
>> 
>> On 23/05/11 9:30 PM, Zseby, Tanja wrote:
>>> Hi all,
>>> 
>>> we worked on a major revision of the flow selection draft and just submitted a new version (see below). Among other changes we now provide a much improved classification of methods, which is more consistent with the PSAMP packet selection documents.
>>> Many thanks to all who provided comments.
>>> 
>>> Changes:
>>> - Flow recording process removed
>>> - Clarification of difference between flow selection and packet selection
>>> - Distinguished flow filtering and flow sampling similar to PSAMP
>>> - Flow selection in the metering process either before aggregation or after aggregation
>>> - Integrated Flow-state dependent packet selection
>>> - Supporting arbitrary  key space subsets with property match flow filtering
>>> - Removed timestamp IEs for reporting
>>> - Mediator integrated in first picture
>>> - Configuration parameters and IEs redefined and re-named
>>> - Many rewording, shortened several paragraphs to improve readability
>>> 
>>> Kind regards
>>> Tanja
>>> 
>>> 
>>> -----Ursprüngliche Nachricht-----
>>> Von: ipfix-bounces@ietf.org [mailto:ipfix-bounces@ietf.org] Im Auftrag von internet-drafts@ietf.org
>>> Gesendet: Montag, 23. Mai 2011 11:21
>>> An: i-d-announce@ietf.org
>>> Cc: ipfix@ietf.org
>>> Betreff: [IPFIX] I-D Action: draft-ietf-ipfix-flow-selection-tech-06.txt
>>> 
>>> A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the IP Flow Information Export Working Group of the IETF.
>>> 
>>> 	Title           : Flow Selection Techniques
>>> 	Author(s)       : Salvatore D&#39;Antonio
>>>                          Tanja Zseby
>>>                          Christian Henke
>>>                          Lorenzo Peluso
>>> 	Filename        : draft-ietf-ipfix-flow-selection-tech-06.txt
>>> 	Pages           : 25
>>> 	Date            : 2011-05-23
>>> 
>>>   Flow selection is the process of selecting a subset of flows from all
>>>   flows observed at an observation point.  Flow selection reduces the
>>>   effort of post-processing flow data and transferring flow records.
>>>   This document describes motivations for flow selection and presents
>>>   flow selection techniques.  It provides an information model for
>>>   configuring flow selection techniques and discusses what information
>>>   about a flow selection process should be exported.
>>> 
>>> 
>>> 
>>> A URL for this Internet-Draft is:
>>> http://www.ietf.org/internet-drafts/draft-ietf-ipfix-flow-selection-tech-06.txt
>>> 
>>> Internet-Drafts are also available by anonymous FTP at:
>>> ftp://ftp.ietf.org/internet-drafts/
>>> 
>>> This Internet-Draft can be retrieved at:
>>> ftp://ftp.ietf.org/internet-drafts/draft-ietf-ipfix-flow-selection-tech-06.txt
>>> _______________________________________________
>>> IPFIX mailing list
>>> IPFIX@ietf.org
>>> https://www.ietf.org/mailman/listinfo/ipfix
>>> _______________________________________________
>>> IPFIX mailing list
>>> IPFIX@ietf.org
>>> https://www.ietf.org/mailman/listinfo/ipfix
>> 
>> 
>> -- 
>> ---------------------------------------------------------------------
>> Nevil Brownlee                    Computer Science Department | ITS
>> Phone: +64 9 373 7599 x88941             The University of Auckland
>> FAX: +64 9 373 7453   Private Bag 92019, Auckland 1142, New Zealand
>> _______________________________________________
>> IPFIX mailing list
>> IPFIX@ietf.org
>> https://www.ietf.org/mailman/listinfo/ipfix
> 
> _______________________________________________
> IPFIX mailing list
> IPFIX@ietf.org
> https://www.ietf.org/mailman/listinfo/ipfix

v2.23.0 | Report a Bug | By Email