IPFIX Protocol Draft

<draft-ietf-ipfix-protocol-00.txt>

Benoit Claise, Cisco SystemsMark Fullmer, OARnet

Reinaldo Penno, Nortel NetworksPaul Calato, Riverstone Networks

© NEC Europe Ltd., 2002Network Laboratories, Heidelberg

2

Starting Point• Updated table of content, with what we think is important to

cover. – Note that some sections are still empty

• Some sections of draft-claise-netflow-version9-02.txt have been copied over– Packet Layout– Export Packet Format:

Header, Template FlowSet, Data FlowSet Formats– Options

Options Template FlowSet and Options Data Record Formats– Template Management– The Collecting Process’ Side– Examples

© NEC Europe Ltd., 2002Network Laboratories, Heidelberg

3

Terminology Harmonization (1/2)

• The terminology sections have been copied over from:– draft-ietf-ipfix-reqs-09.txt:

Flow, Observation Point, Metering Process, Flow Record, Exporting Process and Collection Process

• And from:– draft-claise-netflow-version9-02.txt:

Observation Domain, Export Packet, Packet Header, FlowSet, FlowSet ID, Template Record, Template FlowSet, Template ID, Options Template Record, Options Template FlowSet, Options Data Record, Flow Data Record, Data FlowSet

© NEC Europe Ltd., 2002Network Laboratories, Heidelberg

4

Terminology Harmonization (2/2)

• 2 modifications:– Flow Data Record instead of Flow Record– Observation Point (notion of Observation

Domain)• The entire draft has been updated according to

this new terminology section

• Note: we still need a terminology harmonization with the other drafts

© NEC Europe Ltd., 2002Network Laboratories, Heidelberg

5

Metering Process

• Metering Process Flow expiration section copied from the draft-ietf-ipfix-reqs-10.txt– Issue: not exactly the same section as the

architecture draft

© NEC Europe Ltd., 2002Network Laboratories, Heidelberg

6

Transport Protocol

• TCP: TO BE COMPLETED, STILL EMPTY• Some text already for SCTP, to be reviewed

– Congestion Avoidance– Reliability– Exporting Process

MTU size, Source ID, Association, Template,– Collecting Process

© NEC Europe Ltd., 2002Network Laboratories, Heidelberg

7

Failover

• TO BE COMPLETED: STILL EMPTY • When to fail over?• How to fail over?• How to ensure stability of the failover

mechanism• Simple Failover based on the transport

or something else?

© NEC Europe Ltd., 2002Network Laboratories, Heidelberg

8

Variable Length Data Type

• A new section, with just the mailing list ideas• TO BE COMPLETED, including with the data

type format

© NEC Europe Ltd., 2002Network Laboratories, Heidelberg

9

Consensus: to be integrated

• Length field in the export packet header, instead of the count field

• Sub-second timestamps• Export ID to be sent to the collector.

Could be done with an Option Template• Metering process stats: for example packets/flows

dropped at the metering process due to resource exhaustion. Could be done with an Option Template

• Templates don’t need lifetimes with connection oriented protocol

• No periodic export of templates is needed with a reliable transport protocol

© NEC Europe Ltd., 2002Network Laboratories, Heidelberg

10

Open Issues

• Send regular IPFIX sync (Options Data Records) with:– Number of flow records sent– Packets and bytes sentQuestions: for each template or per

observation domain? Do we need a specific FlowSet ID?

© NEC Europe Ltd., 2002Network Laboratories, Heidelberg

11

A few extra things to add

• Extensibility, what about the reserved template ID 2-254?

• If we speak about reliability, a state diagram is needed

• Error recovery: what if the collecting process receives a message it can’t decode

© NEC Europe Ltd., 2002Network Laboratories, Heidelberg

12

IPFIX Protocol DraftWhat’s next?

• Section 1, Points of Discussion• Section 1.1 Open Issues• Section 1.2 Action Items

• Feel free to contribute …