IETF Logo Mail Archive

Re: [IPFIX] R: New AD review of draft-ietf-ipfix-flow-selection-tech-10.txt

Benoit Claise <bclaise@cisco.com> Thu, 08 November 2012 15:14 UTC

Return-Path: <bclaise@cisco.com>
X-Original-To: ipfix@ietfa.amsl.com
Delivered-To: ipfix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E329F21F8B16 for <ipfix@ietfa.amsl.com>; Thu, 8 Nov 2012 07:14:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.518
X-Spam-Level:
X-Spam-Status: No, score=-10.518 tagged_above=-999 required=5 tests=[AWL=0.080, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id frtfX+bIgeFw for <ipfix@ietfa.amsl.com>; Thu, 8 Nov 2012 07:14:51 -0800 (PST)
Received: from av-tac-rtp.cisco.com (av-tac-rtp.cisco.com [64.102.19.209]) by ietfa.amsl.com (Postfix) with ESMTP id 970C621F88F8 for <ipfix@ietf.org>; Thu, 8 Nov 2012 07:14:51 -0800 (PST)
X-TACSUNS: Virus Scanned
Received: from rooster.cisco.com (localhost.cisco.com [127.0.0.1]) by av-tac-rtp.cisco.com (8.13.8+Sun/8.13.8) with ESMTP id qA8FEoHM014148; Thu, 8 Nov 2012 10:14:50 -0500 (EST)
Received: from [10.82.236.201] (rtp-vpn5-1221.cisco.com [10.82.236.201]) by rooster.cisco.com (8.13.8+Sun/8.13.8) with ESMTP id qA8FEnJI017422; Thu, 8 Nov 2012 10:14:49 -0500 (EST)
Message-ID: <509BCC69.6020603@cisco.com>
Date: Thu, 08 Nov 2012 10:14:49 -0500
From: Benoit Claise <bclaise@cisco.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:16.0) Gecko/20121026 Thunderbird/16.0.2
MIME-Version: 1.0
To: Salvatore D'Antonio <salvatore.dantonio@uniparthenope.it>
References: <4FC74398.50805@cisco.com> <4FC89B99.40107@cisco.com> <506DA106.5060705@cisco.com> <50904E1D.7060909@cisco.com> <007301cdbb66$c58d6a10$50a83e30$@dantonio@uniparthenope.it>
In-Reply-To: <007301cdbb66$c58d6a10$50a83e30$@dantonio@uniparthenope.it>
Content-Type: multipart/alternative; boundary="------------020107030601030401000303"
Cc: draft-ietf-ipfix-flow-selection-tech@tools.ietf.org, ipfix@ietf.org, ipfix-chairs@tools.ietf.org
Subject: Re: [IPFIX] R: New AD review of draft-ietf-ipfix-flow-selection-tech-10.txt
X-BeenThere: ipfix@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IPFIX WG discussion list <ipfix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipfix>, <mailto:ipfix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipfix>
List-Post: <mailto:ipfix@ietf.org>
List-Help: <mailto:ipfix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipfix>, <mailto:ipfix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Nov 2012 15:14:56 -0000

Dear Salvatore,

I removed the comments on which we agree, for clarity.
>
> Dear Benoit,
>
> My comments to your comments inline.
>
> *Da:*Benoit Claise [mailto:bclaise@cisco.com]
> *Inviato:* martedì 30 ottobre 2012 23:01
> *A:* ipfix@ietf.org; draft-ietf-ipfix-flow-selection-tech@tools.ietf.org
> *Cc:* ipfix-chairs@tools.ietf.org
> *Oggetto:* Re: [IPFIX] New AD review of 
> draft-ietf-ipfix-flow-selection-tech-10.txt
>
>
>
>     Intermediate Flow Selection Process: an Intermediate Process as in
>
>            [RFC6183  <http://tools.ietf.org/html/rfc6183>] that ...
>
>       
>
>     The new definition improved a lot:
>
>       * Intermediate Flow Selection Process
>
>       
>
>            An Intermediate Flow Selection Process takes Flow Records as its
>
>            input and selects a subset of this set as its output.
>
>            Intermediate Flow Selection Process is a more general concept than
>
>            Intermediate Selection Process as defined in [RFC6183  <http://tools.ietf.org/html/rfc6183>].  While an
>
>            Intermediate Selection Process selects Flow Records from a
>
>            sequence based upon criteria-evaluated Flow record values and
>
>            passes only those Flow Records that match the criteria, an
>
>            Intermediate Flow Selection Process selects Flow Records using
>
>            selection criteria applicable to a larger set of Flow
>
>            characteristics and information.
>
>     But is there a reason why this definition can't be based on
>     "intermediate Process" from RFC 6183:
>
>     Intermediate Process
>
>       
>
>            An Intermediate Process takes a record stream as its input from
>
>            Collecting Processes, Metering Processes, IPFIX File Readers,
>
>            other Intermediate Processes, or other record sources; performs
>
>            some transformations on this stream based upon the content of each
>
>            record, states maintained across multiple records, or other data
>
>            sources; and passes the transformed record stream as its output to
>
>            Exporting Processes, IPFIX File Writers, or other Intermediate
>
>            Processes in order to perform IPFIX Mediation.  Typically, an
>
>            Intermediate Process is hosted by an IPFIX Mediator.
>
>            Alternatively, an Intermediate Process may be hosted by an
>
>            Original Exporter.
>
>       
>
>     According to the definition of "Intermediate Process" from RFC 6183, such a process is typically hosted by an IPFIX Mediator. Alternatively, it may be hosted by an Original Exporter. In my view, an Intermediate Flow Selection Process could be also hosted by a Collector.
>
Sure. Then the Collector becomes a Collector that contains a mediator 
function.
I don't see the problem.

    Intermediate Process

       An Intermediate Process takes a record stream as its input from
       _Collecting Processes_, Metering Processes, IPFIX File Readers,
       other Intermediate Processes,


My concern if you use your definition is that it doesn't build on the 
framework RFC 6183
>
>       
>
>     So
>
>       * Intermediate Flow Selection Process
>
>       
>
>           _  An Intermediate Flow Selection Process is an Intermediate Process as in_
>
>     _       [_RFC6183  <http://tools.ietf.org/html/rfc6183>_] that_  takes Flow Records as its
>
>            input and selects a subset of this set as its output.
>
>            Intermediate Flow Selection Process is a more general concept than
>
>            Intermediate Selection Process as defined in [RFC6183  <http://tools.ietf.org/html/rfc6183>].  While an
>
>            Intermediate Selection Process selects Flow Records from a
>
>            sequence based upon criteria-evaluated Flow record values and
>
>            passes only those Flow Records that match the criteria, an
>
>            Intermediate Flow Selection Process selects Flow Records using
>
>            selection criteria applicable to a larger set of Flow
>
>            characteristics and information.
>
>
>
>

>
>         4.  Flow selection as a Function in the IPFIX Architecture
>
>     Thanks for your new figure 1.
>     One editorial change: change the + in the left vertical line.
>
>     Ok, will do.
>
>            +======|========================+      |
>
>            |      |  Mediator              |      |
>
>            +    +-V-------------------+    |      |
>
>            |    | Collecting Process  |    |      |
>
>            +    +---------------------+    |      |
>
>            |    | Intermediate Flow   |    |      |
>
>            |    | Selection Process   |    |      |
>
>            +    +---------------------+    |      |
>
>            |    |  Exporting Process  |    |      |
>
>            +    +-|-------------------+    |      |
>
>            +======|========================+      |
>
>            
>
>
>             5.1.  Flow Filtering
>
>                Flow Filtering is a deterministic function on the IPFIX
>             Flow Record
>                content.  If the relevant flow characteristics are
>             already observable
>                at packet level (e.g.  Flow Keys), Flow Filtering can
>             be applied
>                before aggregation at packet level.  In order to be
>             compliant with
>                this document, at least the Property Match Filtering
>             MUST be
>                implemented.
>
>         This contradicts.
>
>             In order to be compliant with this document, at
>
>             least one of the flow selection schemes MUST be implemented.
>
>     Actually, wrong cut/paste.
>     This contradicts, in section 1:
>
>         In order to be compliant with this document, at
>
>         least the Property Match Filtering MUST be implemented.
>
>     This comment is not clear to me. Both in Section 1 and in Section
>     5.1 (Flow Filtering) I used the same sentence "In order to be
>     compliant with this document, at least the Property Match
>     Filtering MUST be implemented".
>
>
>
Solved with version 12.
However, I'm wondering if the resolution is correct.
version 11:

    In order to be compliant with this document, at
    least one of the flow selection schemes MUST be implemented.
  
    ...

    In order to be compliant with this document, at
    least the Property Match Filtering MUST be implemented.


Version 12:

     In order to be compliant with this document, at
    least the Property Match Filtering MUST be implemented.


Listing all the selection techniques,

    5  <http://tools.ietf.org/html/draft-ietf-ipfix-flow-selection-tech-12#section-5>.  Flow Selection Techniques  . . . . . . . . . . . . . . . . . .10  <http://tools.ietf.org/html/draft-ietf-ipfix-flow-selection-tech-12#page-10>
      5.1  <http://tools.ietf.org/html/draft-ietf-ipfix-flow-selection-tech-12#section-5.1>.  Flow Filtering . . . . . . . . . . . . . . . . . . . . . .11  <http://tools.ietf.org/html/draft-ietf-ipfix-flow-selection-tech-12#page-11>
        5.1.1  <http://tools.ietf.org/html/draft-ietf-ipfix-flow-selection-tech-12#section-5.1.1>.  Property Match Filtering . . . . . . . . . . . . . . .11  <http://tools.ietf.org/html/draft-ietf-ipfix-flow-selection-tech-12#page-11>
        5.1.2  <http://tools.ietf.org/html/draft-ietf-ipfix-flow-selection-tech-12#section-5.1.2>.  Hash-based Flow Filtering  . . . . . . . . . . . . . .11  <http://tools.ietf.org/html/draft-ietf-ipfix-flow-selection-tech-12#page-11>
      5.2  <http://tools.ietf.org/html/draft-ietf-ipfix-flow-selection-tech-12#section-5.2>.  Flow Sampling  . . . . . . . . . . . . . . . . . . . . . .12  <http://tools.ietf.org/html/draft-ietf-ipfix-flow-selection-tech-12#page-12>
        5.2.1  <http://tools.ietf.org/html/draft-ietf-ipfix-flow-selection-tech-12#section-5.2.1>.  Systematic sampling  . . . . . . . . . . . . . . . . .12  <http://tools.ietf.org/html/draft-ietf-ipfix-flow-selection-tech-12#page-12>
        5.2.2  <http://tools.ietf.org/html/draft-ietf-ipfix-flow-selection-tech-12#section-5.2.2>.  Random Sampling  . . . . . . . . . . . . . . . . . . .12  <http://tools.ietf.org/html/draft-ietf-ipfix-flow-selection-tech-12#page-12>
      5.3  <http://tools.ietf.org/html/draft-ietf-ipfix-flow-selection-tech-12#section-5.3>.  Flow-state Dependent Flow Selection  . . . . . . . . . . .13  <http://tools.ietf.org/html/draft-ietf-ipfix-flow-selection-tech-12#page-13>
      5.4  <http://tools.ietf.org/html/draft-ietf-ipfix-flow-selection-tech-12#section-5.4>.  Flow-state Dependent Packet Selection  . . . . . . . . . .14  <http://tools.ietf.org/html/draft-ietf-ipfix-flow-selection-tech-12#page-14>


It means that a device that implements Flow Sampling was compliant with 
version 11 thanks to the sentence "In order to be compliant with this 
document, at least one of the flow selection schemes MUST be 
implemented" and is not compliant any longer with version 12
It seems like an important change to me since the WGLC, on which the WG 
must agree.

Regards, Benoit
>
>
>
>
>

v2.23.0 | Report a Bug | By Email