IETF Logo Mail Archive

Re: [sip-clf] Vendor extensions in draft-ietf-sipclf-format-01.txt

Gonzalo Salgueiro <gsalguei@cisco.com> Thu, 17 March 2011 17:26 UTC

Return-Path: <gsalguei@cisco.com>
X-Original-To: sip-clf@core3.amsl.com
Delivered-To: sip-clf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8A8C43A69EE for <sip-clf@core3.amsl.com>; Thu, 17 Mar 2011 10:26:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.276
X-Spam-Level:
X-Spam-Status: No, score=-9.276 tagged_above=-999 required=5 tests=[AWL=-0.978, BAYES_00=-2.599, HTML_MESSAGE=0.001, MANGLED_PENIS=2.3, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q07IUbIuHvpf for <sip-clf@core3.amsl.com>; Thu, 17 Mar 2011 10:26:44 -0700 (PDT)
Received: from av-tac-rtp.cisco.com (hen.cisco.com [64.102.19.198]) by core3.amsl.com (Postfix) with ESMTP id 5F4473A69EB for <sip-clf@ietf.org>; Thu, 17 Mar 2011 10:26:44 -0700 (PDT)
X-TACSUNS: Virus Scanned
Received: from rooster.cisco.com (localhost.cisco.com [127.0.0.1]) by av-tac-rtp.cisco.com (8.13.8+Sun/8.13.8) with ESMTP id p2HHS9Gi027378; Thu, 17 Mar 2011 13:28:09 -0400 (EDT)
Received: from dhcp-64-102-211-8.cisco.com (dhcp-64-102-211-8.cisco.com [64.102.211.8]) by rooster.cisco.com (8.13.8+Sun/8.13.8) with ESMTP id p2HHS4SB014891; Thu, 17 Mar 2011 13:28:06 -0400 (EDT)
Mime-Version: 1.0 (Apple Message framework v1082)
Content-Type: multipart/alternative; boundary="Apple-Mail-76--46863264"
From: Gonzalo Salgueiro <gsalguei@cisco.com>
In-Reply-To: <AANLkTinLcJsFtNMp=egPJs_oSejiKMVYnUyYhttLwk4u@mail.gmail.com>
Date: Thu, 17 Mar 2011 13:28:03 -0400
Message-Id: <60755913-FF54-4FBC-B999-17E8A958DF83@cisco.com>
References: <AANLkTi=4NSXhgqAg75EUkWt6K0jdg4Kgcy6B37vyTMit@mail.gmail.com> <75DCC5B8-DB67-42AD-A6F2-F972FCFD5AB3@cisco.com> <AANLkTi=4d+uJ5kVXjiT-8eUzO_-5xWw3Lr23vo5cHiLH@mail.gmail.com> <E7D0A5D2-07B2-40DD-A7C8-2DF9FFC35CB4@cisco.com> <Pine.GSO.4.63.1103150805050.29330@sjc-cde-011.cisco.com> <29F0AE59-74D6-45D7-9FD0-9F3F88BA259A@cisco.com> <AANLkTinLcJsFtNMp=egPJs_oSejiKMVYnUyYhttLwk4u@mail.gmail.com>
To: Anders Nygren <anders.nygren@gmail.com>
X-Mailer: Apple Mail (2.1082)
Cc: "sip-clf@ietf.org Mailing" <sip-clf@ietf.org>
Subject: Re: [sip-clf] Vendor extensions in draft-ietf-sipclf-format-01.txt
X-BeenThere: sip-clf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: SIP Common Log File format discussion list <sip-clf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sip-clf>, <mailto:sip-clf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sip-clf>
List-Post: <mailto:sip-clf@ietf.org>
List-Help: <mailto:sip-clf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sip-clf>, <mailto:sip-clf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Mar 2011 17:26:46 -0000

I like this proposal as well. Despite the extra 5 bytes for vendor-specified optional fields, I think I prefer my proposal only from the point of view that it lines up nicely for both optional field types (and I think there is value in that). I could be easily swayed though... ;-)

My ordered preference list is:

1. My proposal with PEN=0 for pre-defined optional fields
2. Chris Lonvick's proposal of using my proposal with a newly registered/reserved PEN for pre-defined optional fields
3. This proposal

Regards,

Gonzalo


On Mar 17, 2011, at 1:04 PM, Anders Nygren wrote:

> On Wed, Mar 16, 2011 at 2:24 PM, Gonzalo Salgueiro <gsalguei@cisco.com> wrote:
>> Chris -
>> Thanks for the response. One very simple proposal I was offering that would
>> clean up the convoluted syntax and avoid having to look ahead for the '@' is
>> :
>> - A single format for both pre-defined and vendor-specified optional fields
>> based on TLV format
>> - This single format is based on syslog-like tag@PEN is used is used as the
>> "Tag" in TLV and where PEN=0 if it is not vendor-specified.
>> This eliminates any need for a V bit to specify standard, vendor,
>> experimental. Can you confirm that using the Reserved PEN=0 in this manner
>> is valid?
>> This seems to me a simple and elegant solution to this problem. Thoughts?
>> Regards,
>> Gonzalo
>> 
> 
> Yes, that is fine with me.
> Or to expand it and still keeping in line with syslog, (using a variants of
> both formats in RFC5424 ch 6.3.2. SD-ID, and not just the second format),
> and my previous proposals but avoids the vendor flag.
> It is still easy to parse, (if byte 5="," it is a standard field and
> if byte 5="@"
> it is a vendor extension), and it saves 5 bytes per optional field.
> And You don't have to worry about if PEN = 0 is allowed or not.
> 
> In ABNF
> 
> optional    = standard | vendor
> tag           = 4HEXDIG
> vendorID   = 4HEXDIG
> length      = 4HEXDIG
> standard   = tag "," length "," value
> vendor      = tag "@" vendorID ","  length "," value
> 
> /Anders
> 
>> 
>> On Mar 16, 2011, at 3:36 PM, Chris Lonvick wrote:
>> 
>> Hi,
>> 
>> Sorry for the delay in responding - busy with the day job.  :-)
>> 
>> I see where you're going with this.  You could preclude the 0x2C character
>> from the VendorID, and you could establish a fixed length for the VendorID,
>> but even with that you're still going to have to do a search ahead to see if
>> there is a 0x40 (@) in the field to determine if it's a vendor specific
>> optional field, or a pre-defined optional field.  As Anders says, not the
>> best way to quickly process.
>> 
>> I also saw Anders' proposal for inserting a new 1-byte field in the Optional
>> Fields container.  Using a full byte for two options just seems wasteful to
>> me, but that's probably just me.  :-)  A good option for that is to tell the
>> IANA that the field currently has two options ("s" and "v") but may be
>> expanded at a later time.  In SSH we usually carved out three options:
>> standard, vendor, and experimental.  For experimental, we said that if you
>> come up with something new and want others to try it out (without having to
>> use a single PEN [sort'a]) then have everone agree upon a value in the
>> experimental range.  See the last bullet in section 5.1 of RFC 4254 for an
>> example.
>> 
>> Regards,
>> Chris
>> 
>> On Tue, 15 Mar 2011, Gonzalo Salgueiro wrote:
>> 
>> Anders -
>> 
>> You are absolutely right, I did misunderstand your point the first time
>> around. I thought you were saying '001' was the Vendor-ID, when in fact you
>> were saying that "0001,FFFF,@<PEN>" is the Vendor-ID. Since the name in
>> front of the '@' is only restricted in the following way:
>> 
>> - MUST be printable US-ASCII strings
>> 
>> - MUST NOT contain an at-sign ('@', ABNF %d64), an equal-sign ('=', ABNF
>> %d61), a closing brace (']', ABNF %d93), a quote-character ('"', ABNF %d34),
>> whitespace, or control characters.
>> 
>> it indeed means your example is a valid Vendor-ID and could cause confusion.
>> While this would be very unlikely to happen in practice [I can't imagine an
>> implementer intentionally doing this], it is undesired. I think this fact
>> makes your original proposal that much more elegant than the existing one.
>> 
>> Regards,
>> 
>> Gonzalo
>> 
>> 
>> On Mar 15, 2011, at 10:38 AM, Anders Nygren wrote:
>> 
>> On Tue, Mar 15, 2011 at 12:19 AM, Gonzalo Salgueiro <gsalguei@cisco.com>
>> wrote:
>> 
>> Thanks for raising your concerns Anders.
>> 
>> As you know, this draft was just published today and its principal intent
>> 
>> was to formulate an initial solution for SIP CLF extensibility.
>> 
>> A little history:
>> 
>> The current proposal for Vendor-specific extensions using a Syslog-like
>> 
>> approach (i.e. name@<private enterprise number>) was something proposed over
>> 
>> email and decided at the last SIPCLF Interim meeting in January. So this
>> 
>> really is a first pass at implementing vendor-specificied optional fields.
>> 
>> That said, I'll comment inline to your points
>> 
>> On Mar 14, 2011, at 10:53 PM, Anders Nygren wrote:
>> 
>> Hi
>> 
>> I must say that I really dislike the proposed format for vendor specific
>> 
>> fields.
>> 
>> Having a variable length "tag" before the length field means that it
>> 
>> is necessary
>> 
>> to scan the tag looking for the ',' just to find the length field.
>> 
>> You make a valid point. I'd like others to weigh in here and comment on
>> 
>> whether they think this is a serious performance limitation. I'll propose
>> 
>> this as a discussion point for the upcoming meeting in Prague. The reason
>> 
>> for the variable length tag is that it is based on the SD-ID format from
>> 
>> Syslog, which is variable in length (i.e. the unrestricted name before the
>> 
>> '@').  I think using a Vendor-ID based on a PEN is common sense, so I'd like
>> 
>> to stick with that if possible. We could decide on a fixed length name (or
>> 
>> number to parallel the tag from the Pre-Defined Optional Fields) followed by
>> 
>> four byte PEN.
>> 
>> There is no simple way to tell he difference between a sip-clf
>> 
>> optional field and
>> 
>> a vendor specific optional field. So it will always be necessary to scan the
>> 
>> record looking for the ',' .
>> 
>> Actually looking at RFC 5424 ch 4.3.2 it looks like this would be a legal
>> 
>> ID, "0001,FFFF,@12345" which would be difficult to differentiate from a
>> 
>> standard optional field without a lot of work.
>> 
>> Remember that that this draft restricts the scope of the syntax to the 2nd
>> 
>> format definition of SD-IDs in RFC5424. Thus, the above wouldn't be a legal
>> 
>> vendor-specified optional field since "0001" doesn't contain an '@', which
>> 
>> is mandatory for a Vendor-ID as defined in the draft. So there should be no
>> 
>> confusion there as the Vendor-ID from the vendor-specified optional fields
>> 
>> and the Tag from the pre-defined optional fields can never be the same.
>> 
>> 
>> I think that You did not understand the point I was trying to make.
>> 
>> As I understand the specification in the 2nd format definition of SD-IDs in
>> 
>> RFC5424, comma "," is allowed in the name part. So
>> 
>> "0001,FFFF,@<Vendor-ID>" would be a legal tag, that would be very difficult
>> to
>> 
>> differentiate from a standard optional field with tag="0001", length="FFFF"
>> and
>> 
>> a value starting with "@<Vendor-ID>"
>> 
>> I think a better way to do this would be similar to diameter RFC3588, ch
>> 
>> 4.1.
>> 
>> Then we could have just one format for standard optional fields and vendor
>> 
>> specific fields
>> 
>> byte 1  0x09
>> 
>> byte 2-5 Tag (Hex)
>> 
>> byte 6-9 VendorId
>> 
>> byte 10 0x2C
>> 
>> byte 11-14 Length (Hex)
>> 
>> byte 15 0x2C
>> 
>> byte 16-.. Value (variable length)
>> 
>> Where VendorId is the IANA assigned "SMI Network Management Private
>> 
>> Enterprise Codes"  [ASSIGNNO] value.
>> 
>> VendorId=0 is used a for the standard optional fields defined in SIP-CLF.
>> 
>> I know that PEN = 0 is a Reserved value and if it is confirmed that it can
>> 
>> be used in this way (as apparently DIAMETER did), then I think this proposal
>> 
>> is very reasonable. This unifies both optional field types into a single
>> 
>> seamless representation. I'll let others, like Chris Lonvick, more
>> 
>> knowledgeable than I weigh in on this as well to confirm my thoughts.
>> 
>> Regards,
>> 
>> Gonzalo
>> 
>> /Anders
>> 
>> _______________________________________________
>> 
>> sip-clf mailing list
>> 
>> sip-clf@ietf.org
>> 
>> https://www.ietf.org/mailman/listinfo/sip-clf
>> 
>> 
>> 
>> 
>> 
>>

v2.23.0 | Report a Bug | By Email