Re: [OPSAWG] [GROW] WG LC for draft-ietf-opsawg-ipfix-bgp-community

[li zhenqiang <li_zhenqiang@hotmail.com>]

Hi Jeffrey Haas and Paolo Lucente,

Thank you very much for your comments and opinions. Sorry for the late response due to Chinese new year holiday.

For the first concern of Paolo, at present I have no need to know the full as path related to a traffic flow. What I want to collect is the communities related to a traffic flow, which represent the the geographical and topological related information in finer granularity than the ASes.

When the working group called adoption of this doc, IPFIX doctor, PJ Aitken's opinion answered your second concern.  He said " Per section 6 of RFC7012, new IPFIX Information Elements can be added by direct application to IANA; there's no need for a draft or RFC. However, the introduction and examples may be valuable, especially for BGP experts who are less familiar with IPFIX. I've no objection to adopting the draft."

And I totally agree with Mr. Jeffrey Haas, running BGP is not trivial for all the IPFIX collectors. BGP is heavy and it runs well in the exporters, i.e. routers. If the collector can get the needed BGP information, it can do statistics and analysis directly.

Best Regards,
Zhenqiang Li from China Mobile Research Institute
________________________________
li_zhenqiang@hotmail.com

From: Jeffrey Haas<mailto:jhaas@pfrc.org>
Date: 2018-02-22 01:52
To: Paolo Lucente<mailto:paolo@ntt.net>
CC: Tianran Zhou<mailto:zhoutianran@huawei.com>; grow@ietf.org<mailto:grow@ietf.org>; draft-ietf-opsawg-ipfix-bgp-community.all@ietf.org<mailto:draft-ietf-opsawg-ipfix-bgp-community.all@ietf.org>; opsawg<mailto:opsawg@ietf.org>
Subject: Re: [GROW] WG LC for draft-ietf-opsawg-ipfix-bgp-community
Paolo,

I don't speak for the authors here, just my opinion.

On Wed, Feb 21, 2018 at 05:37:59PM +0100, Paolo Lucente wrote:
> One concern is that this looks a very isolated effort, ie. why communities
> and not as-path? I remember the story of this draft, it comes from field
> needs and that is in short the answer to the cherry-picking.

Partly, the usual information that people want from flow for AS information
(origin or peer AS) is already available.  The full path, no.  One certainly
could make the argument that the full path could be sent.

Since flow analyzers mostly want the active route's properties, having the
communities to go along with it is helpful.

> The second concern, the one going the opposite direction than the previous
> one, is that in future it could be tempting for somebody to repeat the
> story of this draft and add support for as-paths and/or other BGP
> attributes in IPFIX: here i see a mix-up among the original intent to
> report on data plane information with the reporting on control-plane (BGP)
> information: in other words, is (potentially) encapsulating (all) BGP
> attributes for every sampled packet/flow a valid idea? For example, is not
> BGP/BMP peering at the IPFIX collector itself much more efficient instead
> of moving control-plane info over and over again? At this propo, the
> motivation that roughly 20 years ago it was decided to make source and
> destination ASNs part of NetFlow v5 (and few years later BGP next-hop was
> added as part of NetFlow v9) is a bit weak, IMO; maybe there is more to
> it, and i’d be happy to hear about it.

Analyzers still find it handy to have source and destination AS.  This in
some cases avoids lag issues due to propagation of sniffed BGP (via iBGP
peering or BMP) for the sampling router.  Additionally, a lot of useful data
can be gathered without having BGP at all at the analyzer.

I do understand the concern, but personally find it unlikely that this is
the feared "slippery slope". [1]

-- Jeff

[1] https://en.wikipedia.org/wiki/Slippery_slope