Re: [sip-clf] Vendor extensions in draft-ietf-sipclf-format-01.txt
Anders Nygren <anders.nygren@gmail.com> Wed, 16 March 2011 20:00 UTC
Return-Path: <anders.nygren@gmail.com>
X-Original-To: sip-clf@core3.amsl.com
Delivered-To: sip-clf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id EE2603A6AAC for <sip-clf@core3.amsl.com>; Wed, 16 Mar 2011 13:00:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.368
X-Spam-Level:
X-Spam-Status: No, score=-2.368 tagged_above=-999 required=5 tests=[AWL=-1.069, BAYES_00=-2.599, MANGLED_PENIS=2.3, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LfStlJ5QdTv8 for <sip-clf@core3.amsl.com>; Wed, 16 Mar 2011 13:00:47 -0700 (PDT)
Received: from mail-wy0-f172.google.com (mail-wy0-f172.google.com [74.125.82.172]) by core3.amsl.com (Postfix) with ESMTP id 851273A6AB2 for <sip-clf@ietf.org>; Wed, 16 Mar 2011 13:00:46 -0700 (PDT)
Received: by wyb42 with SMTP id 42so2230781wyb.31 for <sip-clf@ietf.org>; Wed, 16 Mar 2011 13:02:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=pl6zlHMRfYZWezjPpoURXGYJDaEOMwKFg1d9lSOJRos=; b=GE9p41LSaY0yZ1HuxdvBsFArnovvo6UIVf5xHsyIPEjIccNiNaw1lYs1dyz5PktUwZ 6QDS4wf8KFrhd59RmmEExUgFTczGipVKhOLuhBHpiNW1Pw1A8CfetaStL6X8+vq1/GBT fp5sXHC30dKqMyKCRKJgzkX7a001Vaqp4Nd50=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=q9aN0W/9bgAk+0+na7Gu2D3Qm2So0tUQDZlCbH7FOhiXCf2oJbVI5zXyATaqTVKcAk w+gXpKH3jF1hfdTNVSH2K8L3MxXpvbzlrv7tFws60XkWRC6MAGSGmfjFyByu7mVTh+dy Dh8qoVPOTL/Gf5eq0hVHiVkMoqkHd+LK2dqvU=
MIME-Version: 1.0
Received: by 10.216.145.90 with SMTP id o68mr493605wej.77.1300305732689; Wed, 16 Mar 2011 13:02:12 -0700 (PDT)
Received: by 10.216.25.17 with HTTP; Wed, 16 Mar 2011 13:02:12 -0700 (PDT)
In-Reply-To: <Pine.GSO.4.63.1103150805050.29330@sjc-cde-011.cisco.com>
References: <AANLkTi=4NSXhgqAg75EUkWt6K0jdg4Kgcy6B37vyTMit@mail.gmail.com> <75DCC5B8-DB67-42AD-A6F2-F972FCFD5AB3@cisco.com> <AANLkTi=4d+uJ5kVXjiT-8eUzO_-5xWw3Lr23vo5cHiLH@mail.gmail.com> <E7D0A5D2-07B2-40DD-A7C8-2DF9FFC35CB4@cisco.com> <Pine.GSO.4.63.1103150805050.29330@sjc-cde-011.cisco.com>
Date: Wed, 16 Mar 2011 14:02:12 -0600
Message-ID: <AANLkTikS5cOpx4L_C6pQeEqD-qGojKAo9+1gddyPKw=q@mail.gmail.com>
From: Anders Nygren <anders.nygren@gmail.com>
To: Chris Lonvick <clonvick@cisco.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: "sip-clf@ietf.org Mailing" <sip-clf@ietf.org>
Subject: Re: [sip-clf] Vendor extensions in draft-ietf-sipclf-format-01.txt
X-BeenThere: sip-clf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: SIP Common Log File format discussion list <sip-clf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sip-clf>, <mailto:sip-clf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sip-clf>
List-Post: <mailto:sip-clf@ietf.org>
List-Help: <mailto:sip-clf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sip-clf>, <mailto:sip-clf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Mar 2011 20:00:48 -0000
On Wed, Mar 16, 2011 at 1:36 PM, Chris Lonvick <clonvick@cisco.com> wrote: > Hi, > > Sorry for the delay in responding - busy with the day job. :-) > > I see where you're going with this. You could preclude the 0x2C character > from the VendorID, and you could establish a fixed length for the VendorID, > but even with that you're still going to have to do a search ahead to see if > there is a 0x40 (@) in the field to determine if it's a vendor specific > optional field, or a pre-defined optional field. As Anders says, not the > best way to quickly process. > > I also saw Anders' proposal for inserting a new 1-byte field in the Optional > Fields container. Using a full byte for two options just seems wasteful to > me, but that's probably just me. :-) Since this is a text format I assumed it was the right thing to to. (And if we should start worrying about one byte, I think there are some commas "," that we could remove instead.) But an alternative could be tag 0x0000-0x7FFF standard tag 0x8000-0xFFFF vendor Or as Bill Gates almost said "Nobody needs more than 32K tags" :) /Anders > A good option for that is to tell the > IANA that the field currently has two options ("s" and "v") but may be > expanded at a later time. In SSH we usually carved out three options: > standard, vendor, and experimental. For experimental, we said that if you > come up with something new and want others to try it out (without having to > use a single PEN [sort'a]) then have everone agree upon a value in the > experimental range. See the last bullet in section 5.1 of RFC 4254 for an > example. > > Regards, > Chris > > On Tue, 15 Mar 2011, Gonzalo Salgueiro wrote: > >> Anders - >> >> You are absolutely right, I did misunderstand your point the first time >> around. I thought you were saying '001' was the Vendor-ID, when in fact you >> were saying that "0001,FFFF,@<PEN>" is the Vendor-ID. Since the name in >> front of the '@' is only restricted in the following way: >> >> - MUST be printable US-ASCII strings >> - MUST NOT contain an at-sign ('@', ABNF %d64), an equal-sign ('=', ABNF >> %d61), a closing brace (']', ABNF %d93), a quote-character ('"', ABNF %d34), >> whitespace, or control characters. >> >> it indeed means your example is a valid Vendor-ID and could cause >> confusion. While this would be very unlikely to happen in practice [I can't >> imagine an implementer intentionally doing this], it is undesired. I think >> this fact makes your original proposal that much more elegant than the >> existing one. >> >> Regards, >> >> Gonzalo >> >> >> On Mar 15, 2011, at 10:38 AM, Anders Nygren wrote: >> >>> On Tue, Mar 15, 2011 at 12:19 AM, Gonzalo Salgueiro <gsalguei@cisco.com> >>> wrote: >>>> >>>> Thanks for raising your concerns Anders. >>>> As you know, this draft was just published today and its principal >>>> intent >>>> was to formulate an initial solution for SIP CLF extensibility. >>>> A little history: >>>> The current proposal for Vendor-specific extensions using a Syslog-like >>>> approach (i.e. name@<private enterprise number>) was something proposed >>>> over >>>> email and decided at the last SIPCLF Interim meeting in January. So this >>>> really is a first pass at implementing vendor-specificied optional >>>> fields. >>>> That said, I'll comment inline to your points >>>> >>>> On Mar 14, 2011, at 10:53 PM, Anders Nygren wrote: >>>> >>>> Hi >>>> I must say that I really dislike the proposed format for vendor specific >>>> fields. >>>> Having a variable length "tag" before the length field means that it >>>> is necessary >>>> to scan the tag looking for the ',' just to find the length field. >>>> >>>> You make a valid point. I'd like others to weigh in here and comment on >>>> whether they think this is a serious performance limitation. I'll >>>> propose >>>> this as a discussion point for the upcoming meeting in Prague. The >>>> reason >>>> for the variable length tag is that it is based on the SD-ID format from >>>> Syslog, which is variable in length (i.e. the unrestricted name before >>>> the >>>> '@'). I think using a Vendor-ID based on a PEN is common sense, so I'd >>>> like >>>> to stick with that if possible. We could decide on a fixed length name >>>> (or >>>> number to parallel the tag from the Pre-Defined Optional Fields) >>>> followed by >>>> four byte PEN. >>>> >>>> There is no simple way to tell he difference between a sip-clf >>>> optional field and >>>> a vendor specific optional field. So it will always be necessary to scan >>>> the >>>> record looking for the ',' . >>>> Actually looking at RFC 5424 ch 4.3.2 it looks like this would be a >>>> legal >>>> ID, "0001,FFFF,@12345" which would be difficult to differentiate from a >>>> standard optional field without a lot of work. >>>> >>>> Remember that that this draft restricts the scope of the syntax to the >>>> 2nd >>>> format definition of SD-IDs in RFC5424. Thus, the above wouldn't be a >>>> legal >>>> vendor-specified optional field since "0001" doesn't contain an '@', >>>> which >>>> is mandatory for a Vendor-ID as defined in the draft. So there should be >>>> no >>>> confusion there as the Vendor-ID from the vendor-specified optional >>>> fields >>>> and the Tag from the pre-defined optional fields can never be the same. >>>> >>> >>> I think that You did not understand the point I was trying to make. >>> As I understand the specification in the 2nd format definition of SD-IDs >>> in >>> RFC5424, comma "," is allowed in the name part. So >>> "0001,FFFF,@<Vendor-ID>" would be a legal tag, that would be very >>> difficult to >>> differentiate from a standard optional field with tag="0001", >>> length="FFFF" and >>> a value starting with "@<Vendor-ID>" >>> >>>> I think a better way to do this would be similar to diameter RFC3588, ch >>>> 4.1. >>>> Then we could have just one format for standard optional fields and >>>> vendor >>>> specific fields >>>> >>>> byte 1 0x09 >>>> byte 2-5 Tag (Hex) >>>> byte 6-9 VendorId >>>> byte 10 0x2C >>>> byte 11-14 Length (Hex) >>>> byte 15 0x2C >>>> byte 16-.. Value (variable length) >>>> >>>> Where VendorId is the IANA assigned "SMI Network Management Private >>>> Enterprise Codes" [ASSIGNNO] value. >>>> VendorId=0 is used a for the standard optional fields defined in >>>> SIP-CLF. >>>> >>>> I know that PEN = 0 is a Reserved value and if it is confirmed that it >>>> can >>>> be used in this way (as apparently DIAMETER did), then I think this >>>> proposal >>>> is very reasonable. This unifies both optional field types into a single >>>> seamless representation. I'll let others, like Chris Lonvick, more >>>> knowledgeable than I weigh in on this as well to confirm my thoughts. >>>> Regards, >>>> Gonzalo >>>> >>>> /Anders >>>> _______________________________________________ >>>> sip-clf mailing list >>>> sip-clf@ietf.org >>>> https://www.ietf.org/mailman/listinfo/sip-clf >>>> >>>> >> >> >
- Re: [sip-clf] Vendor extensions in draft-ietf-sip… Anders Nygren
- [sip-clf] Vendor extensions in draft-ietf-sipclf-… Anders Nygren
- Re: [sip-clf] Vendor extensions in draft-ietf-sip… Gonzalo Salgueiro
- Re: [sip-clf] Vendor extensions in draft-ietf-sip… Gonzalo Salgueiro
- Re: [sip-clf] Vendor extensions in draft-ietf-sip… Anders Nygren
- Re: [sip-clf] Vendor extensions in draft-ietf-sip… Gonzalo Salgueiro
- Re: [sip-clf] Vendor extensions in draft-ietf-sip… Anders Nygren
- Re: [sip-clf] Vendor extensions in draft-ietf-sip… Gonzalo Salgueiro
- Re: [sip-clf] Vendor extensions in draft-ietf-sip… Chris Lonvick
- Re: [sip-clf] Vendor extensions in draft-ietf-sip… Anders Nygren
- Re: [sip-clf] Vendor extensions in draft-ietf-sip… Gonzalo Salgueiro
- Re: [sip-clf] Vendor extensions in draft-ietf-sip… Chris Lonvick
- Re: [sip-clf] Vendor extensions in draft-ietf-sip… Anders Nygren
- Re: [sip-clf] Vendor extensions in draft-ietf-sip… Gonzalo Salgueiro
- Re: [sip-clf] Vendor extensions in draft-ietf-sip… Anders Nygren
- Re: [sip-clf] Vendor extensions in draft-ietf-sip… Chris Lonvick