Re: [IPFIX] New AD review of draft-ietf-ipfix-flow-selection-tech-10.txt
Benoit Claise <bclaise@cisco.com> Thu, 04 October 2012 14:45 UTC
Return-Path: <bclaise@cisco.com>
X-Original-To: ipfix@ietfa.amsl.com
Delivered-To: ipfix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 937CB21F85AA for <ipfix@ietfa.amsl.com>; Thu, 4 Oct 2012 07:45:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.675
X-Spam-Level:
X-Spam-Status: No, score=-9.675 tagged_above=-999 required=5 tests=[AWL=2.923, BAYES_00=-2.599, GB_I_LETTER=-2, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OX25YRzjlYeO for <ipfix@ietfa.amsl.com>; Thu, 4 Oct 2012 07:45:39 -0700 (PDT)
Received: from av-tac-bru.cisco.com (weird-brew.cisco.com [144.254.15.118]) by ietfa.amsl.com (Postfix) with ESMTP id 8080921F8587 for <ipfix@ietf.org>; Thu, 4 Oct 2012 07:45:38 -0700 (PDT)
X-TACSUNS: Virus Scanned
Received: from strange-brew.cisco.com (localhost.cisco.com [127.0.0.1]) by av-tac-bru.cisco.com (8.13.8+Sun/8.13.8) with ESMTP id q94EjZE7020820; Thu, 4 Oct 2012 16:45:35 +0200 (CEST)
Received: from [10.60.67.86] (ams-bclaise-8915.cisco.com [10.60.67.86]) by strange-brew.cisco.com (8.13.8+Sun/8.13.8) with ESMTP id q94EjTfA024455; Thu, 4 Oct 2012 16:45:31 +0200 (CEST)
Message-ID: <506DA106.5060705@cisco.com>
Date: Thu, 04 Oct 2012 16:45:26 +0200
From: Benoit Claise <bclaise@cisco.com>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:15.0) Gecko/20120907 Thunderbird/15.0.1
MIME-Version: 1.0
To: "ipfix@ietf.org" <ipfix@ietf.org>, draft-ietf-ipfix-flow-selection-tech@tools.ietf.org
References: <4FC74398.50805@cisco.com> <4FC89B99.40107@cisco.com>
In-Reply-To: <4FC89B99.40107@cisco.com>
Content-Type: multipart/alternative; boundary="------------050808070406050201030604"
Cc: ipfix-chairs@tools.ietf.org
Subject: Re: [IPFIX] New AD review of draft-ietf-ipfix-flow-selection-tech-10.txt
X-BeenThere: ipfix@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IPFIX WG discussion list <ipfix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipfix>, <mailto:ipfix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipfix>
List-Post: <mailto:ipfix@ietf.org>
List-Help: <mailto:ipfix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipfix>, <mailto:ipfix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Oct 2012 14:45:40 -0000
Dear authors, The draft improved quite dramatically. Thanks for that. See in line for some more comments. I removed all unnecessary text. > Dear authors, > > I'm performing the (new) AD review of > draft-ietf-ipfix-flow-selection-tech-10.txt > Lucky you, an extra pair of eyes specifically looking at your draft > > If some points have been discussed already on the mailing list, let me > know. I have to admit that I have not been following the latest > iterations of this draft. > > IMHO, this document needs some more work... > I don't think that this document is really in line with the other > Intermediate Processes documents: > http://tools.ietf.org/html/rfc6235 > http://tools.ietf.org/html/draft-ietf-ipfix-a9n-03 > Note that I might have some more comments once all the points in this > email are addressed, as there are many ;-) > However, I'm available for a conf. call to clarify my points if you > want to > > See in-line. ... >> 8.2. Registration of Object Identifier . . . . . . . . . . . . 32 >> 9. Security Considerations . . . . . . . . . . . . . . . . . . . 32 >> 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 34 >> 11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 34 >> 11.1. Normative References . . . . . . . . . . . . . . . . . . . 34 >> 11.2. Informative References . . . . . . . . . . . . . . . . . . 34 >> Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 35 > Don't you have to include the non-normative XML in the appendix, as it > was done for RFC5102, RFC5103? >> > >> 2. Terminology >> >> This document is consistent with the terminology introduced in >> [RFC5101], [RFC5470], [RFC5475] and [RFC3917]. As in [RFC5101] and >> [RFC5476], the first letter of each IPFIX-specific and PSAMP-specific >> term is capitalized along with the flow selection specific terms >> defined here. >> >> * Packet Classification >> >> Packet Classification is a process by which packets are mapped to >> specific Flow Records based on packet properties or external >> properties (e.g. interface). The properties (e.g. header >> information, packet content, AS number) make up the Flow Key. In >> case a Flow Record for a specific Flow Key already exists the Flow >> Record is updated, otherwise a new Flow Record is created. > > How is this different that the Metering Process (RFC5101)? > Metering Process > > The Metering Process generates Flow Records. Inputs to the > process are packet headers and characteristics observed at an > Observation Point, and packet treatment at the Observation Point > (for example, the selected output interface). > > The Metering Process consists of a set of functions that includes > packet header capturing, timestamping, sampling, classifying, and > maintaining Flow Records. > > The maintenance of Flow Records may include creating new records, > updating existing ones, computing Flow statistics, deriving > further Flow properties, detecting Flow expiration, passing Flow > Records to the Exporting Process, and deleting Flow Records. > What is the connection with the Metering Process? > Figure 1 seems to suggest that Packet Classification is a subset of > the Metering Process... not sure that one was answered. > > >> >> * Packet Aggregation Process >> >> In the IPFIX Metering Process the Packet Aggregation Process >> aggregates packet data into flow data and forms the Flow Records. > How is this different from the Metering Process? the "Packet Aggregation Process" is not used in the document. Why do we need it? >> After the aggregation step only the aggregated flow information is >> available. Information about individual packets is lost. >> >> >> > Intermediate Flow Selection Process: an Intermediate Process as in > [RFC6183 <http://tools.ietf.org/html/rfc6183>] that ... > > The new definition improved a lot: * Intermediate Flow Selection Process An Intermediate Flow Selection Process takes Flow Records as its input and selects a subset of this set as its output. Intermediate Flow Selection Process is a more general concept than Intermediate Selection Process as defined in [RFC6183 <http://tools.ietf.org/html/rfc6183>]. While an Intermediate Selection Process selects Flow Records from a sequence based upon criteria-evaluated Flow record values and passes only those Flow Records that match the criteria, an Intermediate Flow Selection Process selects Flow Records using selection criteria applicable to a larger set of Flow characteristics and information. But is there a reason why this definition can't be based on "intermediate Process" from RFC 6183: Intermediate Process An Intermediate Process takes a record stream as its input from Collecting Processes, Metering Processes, IPFIX File Readers, other Intermediate Processes, or other record sources; performs some transformations on this stream based upon the content of each record, states maintained across multiple records, or other data sources; and passes the transformed record stream as its output to Exporting Processes, IPFIX File Writers, or other Intermediate Processes in order to perform IPFIX Mediation. Typically, an Intermediate Process is hosted by an IPFIX Mediator. Alternatively, an Intermediate Process may be hosted by an Original Exporter. So * Intermediate Flow Selection Process _ An Intermediate Flow Selection Process is__an Intermediate Process as in [_RFC6183 <http://tools.ietf.org/html/rfc6183>_] that_ takes Flow Records as its input and selects a subset of this set as its output. Intermediate Flow Selection Process is a more general concept than Intermediate Selection Process as defined in [RFC6183 <http://tools.ietf.org/html/rfc6183>]. While an Intermediate Selection Process selects Flow Records from a sequence based upon criteria-evaluated Flow record values and passes only those Flow Records that match the criteria, an Intermediate Flow Selection Process selects Flow Records using selection criteria applicable to a larger set of Flow characteristics and information. >> Regarding terminology, I still some instances of "observation point". Should be "Observation Point" ... >> >> 4. Flow selection as a Function in the IPFIX Architecture >> Thanks for your new figure 1. One editorial change: change the + in the left vertical line. +======|========================+ | | | Mediator | | + +-V-------------------+ | | | | Collecting Process | | | + +---------------------+ | | | | Intermediate Flow | | | | | Selection Process | | | + +---------------------+ | | | | Exporting Process | | | + +-|-------------------+ | | +======|========================+ | >> >> 5.1. Flow Filtering >> >> Flow Filtering is a deterministic function on the IPFIX Flow Record >> content. If the relevant flow characteristics are already observable >> at packet level (e.g. Flow Keys), Flow Filtering can be applied >> before aggregation at packet level. In order to be compliant with >> this document, at least the Property Match Filtering MUST be >> implemented. > This contradicts. > In order to be compliant with this document, at > least one of the flow selection schemes MUST be implemented. Actually, wrong cut/paste. This contradicts, in section 1: In order to be compliant with this document, at least the Property Match Filtering MUST be implemented. >> >> 8. IANA Considerations >> >> 8.1. Registration of Information Elements Table 3: Information Elements to be registered, you can't put the value 1, 2, 3, You need TBD1, TBD2, etc... And you must add "IANA Note: please replace TBD1, TBD2, ... with the assigned values, throughout the document." >> >> >> 8.2. Registration of Object Identifier >> RFC 5815 is obsoleted by RFC 6615 <http://tools.ietf.org/html/rfc6615> What you want is an extra in http://www.iana.org/assignments/smi-numbers, pointing to this RFC: Sub-registry Name: IPFIX-SELECTOR-MIB Functions Reference: [RFC6615] Registration Procedures: Expert Review Prefix: iso.org.dod.internet.mgmt.mib-2.ipfixSelectorMIB.ipfixSelectorObjects.ipfixSelectorFunctions (1.3.6.1.2.1.194.1.1) Decimal Name Description Reference ------- --------------------- --------------------------------- --------- 1 ipfixFuncSelectAll Select everything [RFC6615] 2 psampSampCountBased Systematic Count-based Sampling [RFC6727] 3 psampSampTimeBased Systematic Time-based Sampling [RFC6727] 4 psampSampRandOutOfN Random n-out-of-N Sampling [RFC6727] 5 psampSampUniProb Universal Probabilistic Sampling [RFC6727] 6 psampFiltPropMatch Property Match Filtering [RFC6727] 7 psampFiltHash Hash-based Filtering [RFC6727] So you need TBDx +---------+-----------------------+---------------------+-----------+ | Decimal | Name | Description | Reference | +---------+-----------------------+---------------------+-----------+ | TBDx | flowSelectorAlgorithm | This Object | [RFCyyyy] | | | | Identifier | | | | | identifies the Flow | | | | | selection technique | | | | | (e.g., Filtering, | | | | | Sampling) that is | | | | | applied by the Flow | | | | | Selection Process | | +---------+-----------------------+---------------------+-----------+ Table 4: Object Identifiers to be registered "IANA Note: please replace TBDx with the assigned value, throughout the document." Btw, there is a mismatch between the IANA registry and the table in section 7.1: +----+------------------------+--------------------------+ | ID | Technique | Parameters | +----+------------------------+--------------------------+ | 1 | Systematic count-based | flowSamplingInterval | | | Sampling | flowSamplingSpacing | +----+------------------------+--------------------------+ | 2 | Systematic time-based | flowSamplingTimeInterval | | | Sampling | flowSamplingTimeSpacing | +----+------------------------+--------------------------+ | 3 | Random n-out-of-N | samplingSize | | | Sampling | samplingPopulation | +----+------------------------+--------------------------+ | 4 | Uniform probabilistic | samplingProbability | | | Sampling | | +----+------------------------+--------------------------+ | 5 | Property Match | Information Element | | | Filtering | Value Range | +----+------------------------+--------------------------+ | Hash-based Filtering | hashInitialiserValue | +----+------------------------+ hashFlowDomain | | 6 | using BOB | hashSelectedRangeMin | +----+------------------------+ hashSelectedRangeMax | | 7 | using IPSX | hashOutputRangeMin | +----+------------------------+ hashOutputRangeMax | | 8 | using CRC | | +----+------------------------+--------------------------+ | 9 | Flow-state Dependent | No agreed Parameters | | | Flow Selection | | +----+------------------------+--------------------------+ Also, in this table above, you need "TBDx" instead of 9 - I see "Flow Selection", but this term is not defined. Thanks. Regards, Benoit.
- [IPFIX] New AD review of draft-ietf-ipfix-flow-se… Benoit Claise
- [IPFIX] R: New AD review of draft-ietf-ipfix-flow… Salvatore D'Antonio
- Re: [IPFIX] New AD review of draft-ietf-ipfix-flo… Benoit Claise
- Re: [IPFIX] New AD review of draft-ietf-ipfix-flo… Benoit Claise
- [IPFIX] R: New AD review of draft-ietf-ipfix-flow… Salvatore D'Antonio
- Re: [IPFIX] R: New AD review of draft-ietf-ipfix-… Benoit Claise
- [IPFIX] R: R: New AD review of draft-ietf-ipfix-f… Salvatore D'Antonio
- Re: [IPFIX] R: R: New AD review of draft-ietf-ipf… Benoit Claise