[IPFIX] I-D ACTION:draft-ietf-ipfix-reducing-redundancy-03.txt

A New Internet-Draft is available from the on-line Internet-Drafts 
directories.
This draft is a work item of the IP Flow Information Export Working Group of the IETF.

	Title		: Reducing Redundancy in IPFIX and PSAMP Reports
	Author(s)	: E. Boschi, et al.
	Filename	: draft-ietf-ipfix-reducing-redundancy-03.txt
	Pages		: 32
	Date		: 2007-3-1
	
This document describes a bandwidth saving method for exporting flow
   or packet information using the IP Flow Information Export (IPFIX)
   protocol.  As the PSAMP protocol is based on IPFIX, these
   considerations are valid for PSAMP exports as well.
   This method works by separating information common to several flow
   records from information specific to an individual flow record.
   Common flow information is exported only once in a data record
   defined by an option template, while the rest of the specific flow
   information is associated with the common information via a unique
   identifier.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-ipfix-reducing-redundancy-03.txt

To remove yourself from the I-D Announcement list, send a message to 
i-d-announce-request <at> ietf.org with the word unsubscribe in the body of 
the message. 
You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce 
to change your subscription settings.

[IPFIX] I-D ACTION:draft-ietf-ipfix-biflow-03.txt

A New Internet-Draft is available from the on-line Internet-Drafts 
directories.
This draft is a work item of the IP Flow Information Export Working Group of the IETF.

	Title		: Bidirectional Flow Export using IPFIX
	Author(s)	: B. Trammell, E. Boschi
	Filename	: draft-ietf-ipfix-biflow-03.txt
	Pages		: 21
	Date		: 2007-3-2
	
This document describes an efficient method for exporting
   bidirectional flow (Biflow) information using the IP Flow Information
   Export (IPFIX) protocol, representing each Biflow using a single Flow
   Record.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-ipfix-biflow-03.txt

To remove yourself from the I-D Announcement list, send a message to 
i-d-announce-request <at> ietf.org with the word unsubscribe in the body of 
the message. 
You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce 
to change your subscription settings.

Internet-Drafts are also available by anonymous FTP. Login with the 
username "anonymous" and a password of your e-mail address. After 
logging in, type "cd internet-drafts" and then 
"get draft-ietf-ipfix-biflow-03.txt".

A list of Internet-Drafts directories can be found in

Re: [IPFIX] WG Last Call for Implementation Guidelines

Greetings, all...

I have a few comments for the guidelines:

1. In Section 6.3, TCP Transport Specific Guidelines, para 4 states that
TCP Collecting Processes SHOULD use the Sequence Number to check for
missing IPFIX Messages.

Wouldn't any condition that would cause missing messages cause a TCP
connection reset? I have no problem with multi-transport implementations
doing sequence number checks on TCP because they check sequence numbers
regardless of protocol (indeed, due to layering between transport and
message decode, our own implementation does precisely this) , but I'm
not sure the guidelines should recommend a test that will always succeed.

[In tracking down this issue, I think I've found an editorial error in
protocol-24, as well. Para 2 of section 10.4.2.1 IPFIX Message Encoding
states:

   In the case of TCP, the IPFIX Message sequence number contains the
   total number of IPFIX Data Records received for the TCP connection,
   prior to the receipt of this IPFIX Message, modulo 2^32.

which is not in parallel with section 3.1's

  Sequence Number
           Incremental sequence counter modulo 2^32 of all IPFIX Data
           Records sent on this PR-SCTP stream from the current
           Observation Domain by the Exporting Process.

[IPFIX] Agenda for IETF 68 in Prague

Hi all:

Here's the agenda, version 2.  Any further changes, please let me know.

Cheers, Nevil

======================================================
Ip Flow Information Export WG (ipfix)
IETF #68, Prague
Tuesday, 20 March at 1740-1840
======================================================

Chairs:
Nevil Brownlee  <n.brownlee <at> auckland.ac.nz>
Juergen Quittek <quittek <at> netlab.nec.de>

AGENDA:

1. Agenda review WG Status                               =5 min

2. Documents from the old charter (Nevil)               =10 min
   - draft-ietf-ipfix-architecture-12.txt
   - draft-ietf-ipfix-protocol-24.txt
   - draft-ietf-ipfix-info-15.txt
   - draft-ietf-ipfix-as-11.txt

3. Drafts from the current charter ..                   =50 min
   a) Reducing Redundancy (Elisa Boschi)                   ( 8 min)
      - draft-ietf-ipfix-reducing-redundancy-02.txt

[IPFIX] RE: I-D ACTION:draft-ietf-ipfix-biflow-03.txt

My WGLC comments were addressed. 

Thank you. 

Dan

> -----Original Message-----
> From: Internet-Drafts <at> ietf.org [mailto:Internet-Drafts <at> ietf.org] 
> Sent: Friday, March 02, 2007 10:50 PM
> To: i-d-announce <at> ietf.org
> Cc: ipfix <at> ietf.org
> Subject: I-D ACTION:draft-ietf-ipfix-biflow-03.txt 
> 
> A New Internet-Draft is available from the on-line 
> Internet-Drafts directories.
> This draft is a work item of the IP Flow Information Export 
> Working Group of the IETF.
> 
> 	Title		: Bidirectional Flow Export using IPFIX
> 	Author(s)	: B. Trammell, E. Boschi
> 	Filename	: draft-ietf-ipfix-biflow-03.txt

_______________________________________________
IPFIX mailing list
IPFIX <at> ietf.org
https://www1.ietf.org/mailman/listinfo/ipfix

[IPFIX] announcing draft-trammell-ipfix-file-03

A New Internet-Draft is available from the on-line Internet-Drafts
directories.

	Title		: An IPFIX-Based File Format
	Author(s)	: B. Trammell, et al.
	Filename	: draft-trammell-ipfix-file-03.txt
	Pages		: 26
	Date		: 2007-3-5
	
This document describes a file format for the storage of flow data
   based upon the IPFIX message format.  It proposes a set of
   requirements for flat-file, binary flow data file formats, evaluates
   flow storage systems presently in use for their conformance to these
   requirements, then applies the IPFIX message format to these
   requirements to build a new file format.  This IPFIX-based file
   format is designed to facilitate interoperability and reusability
   among a wide variety of flow storage, processing, and analysis tools.

This revision includes a complete proposed specification for semantic
typing of vendor-specific information elements in sections 6.1 and 6.2,
clarification of file reader and file writer requirements, a few new
identified open issues, and general language improvement.

Regards,

Brian

_______________________________________________

Re: [IPFIX] WG Last Call for Implementation Guidelines

_______________________________________________
IPFIX mailing list
IPFIX <at> ietf.org
https://www1.ietf.org/mailman/listinfo/ipfix

Re: [IPFIX] WG Last Call for Implementation Guidelines

Boschi, Elisa wrote:
> Brian, all,
> 
>>
>>
>>I have a few comments for the guidelines:
>>
>>
>>1. In Section 6.3, TCP Transport Specific Guidelines, para 4 states that
>>TCP Collecting Processes SHOULD use the Sequence Number to check for
>>missing IPFIX Messages.
>>
>>Wouldn't any condition that would cause missing messages cause a TCP
>>connection reset? I have no problem with multi-transport implementations
>>doing sequence number checks on TCP because they check sequence numbers
>>regardless of protocol (indeed, due to layering between transport and
>>message decode, our own implementation does precisely this) , but I'm
>>not sure the guidelines should recommend a test that will always succeed.
>>
> 
> 
> What about:
> 
>    The Collecting Process may check whether IPFIX Messages are lost by
>    checking the Sequence Number in the IPFIX header.
> 

yep, sounds good... We don't want to preclude the CP from checking
sequence numbers in a transport-independent way (and out of sequence
messages over TCP should be logged anyway, as an indication that the
remote EP is broken), but it's not a requirement as with SCTP-PR and UDP.

>>2. The document is in sections 4.1 and 6.2 not particularly clear about
>>template retransmission and expiration delays, and their
>>configurability. From protocol-24 section 10.3.7, we have a guideline
>>for Collector expiry delay to be set to at least three times Exporter
>>retransmission delay; from protocol-24 10.3.6 and guidelines-02 6.2 we
>>have a recommended retransmission delay of 10 minutes. So, I'd suggest
>>the following:
>>
>> - Change the language in section 4.1 para 2 "If no template becomes
>>available within 30 minutes...) to note that this is the expiry delay,
>>and is configurable.
>>
>>
>> - Change the language in the last paragraph of section 6.2 to recommend
>>a 30 minute expiry time, instead of 60 minutes, in line with the 3x
>>guideline noted above
>>
>>(This is a relatively straightforward change, but has been a point of
>>much discussion for the protocol document)
>>
> 
> 
> what about changing the second paragraph of 4.1 to:
> 
> "A Data Set received with an unknown Set ID MAY be stored pending the
> arrival of the corresponding Template (cf. section 9 of  [IPFIX-INFO]).
> If no Template becomes available, the event should be logged and the
> Transport Session reset, which will cause the Templates to be resent.
> The amount of time the Collecting Process waits for a Template before
> resetting SHOULD be configurable.
> We recommend a default of 30 minutes. Note that when using UDP as the
> transport protocol, this delay SHOULD be bound, when possible, by the
> Template Retransmit and the Template Expiry times (cf. Section 6.2)."

Also good... this makes it clear that this storage (and associated
delay) is transport-independent.

Thanks,

Brian

_______________________________________________
IPFIX mailing list
IPFIX <at> ietf.org
https://www1.ietf.org/mailman/listinfo/ipfix

[IPFIX] Forward: I-D ACTION:draft-irino-ipfix-ie-order-01.txt

Deal all, 
I updated my draft about order of Information Elements.
I changed the rule of the order a little simply than 00 draft.

regards,
Hitoshi Irino

From: Deal all, I updated my draft about order of Information Elements. I changed the rule of the order a little simply than 00 draft. regards, Hitoshi Irino <Internet-Drafts <at> ietf.org>
Subject: I-D ACTION:draft-irino-ipfix-ie-order-01.txt
Date: 2007-03-06 20:50:03 GMT

A New Internet-Draft is available from the on-line Internet-Drafts 
directories.

	Title		: Order of Information Elements
	Author(s)	: H. Irino
	Filename	: draft-irino-ipfix-ie-order-01.txt
	Pages		: 33
	Date		: 2007-3-6
	
This draft describes guidelines for the order of Information Elements
   of the IPFIX protocol for the creation of Templates.  It aims to
   improve the efficiency of the Collecting Process on the assumption
   that multiple Exporting Processes send Flow Records containing the
   same Information Elements to a Collecting Process.  Exporters can
   make (almost) the same Template from the same combination of
   Information Elements by applying the order rule defined in this
   draft.  Furthermore, some Templates will have a suitable data
   structure for hardware processing if the rule is applied because the
   rule defines that fixed-length Information Elements and other
   Information Elements are separated in position.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-irino-ipfix-ie-order-01.txt

To remove yourself from the I-D Announcement list, send a message to 
i-d-announce-request <at> ietf.org with the word unsubscribe in the body of 
the message. 
You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce 
to change your subscription settings.

Internet-Drafts are also available by anonymous FTP. Login with the 
username "anonymous" and a password of your e-mail address. After 
logging in, type "cd internet-drafts" and then 
"get draft-irino-ipfix-ie-order-01.txt".

A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html 
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt

Internet-Drafts can also be obtained by e-mail.

Send a message to:
	mailserv <at> ietf.org.
In the body type:
	"FILE /internet-drafts/draft-irino-ipfix-ie-order-01.txt".
	
NOTE:	The mail server at ietf.org can return the document in
	MIME-encoded form by using the "mpack" utility.  To use this
	feature, insert the command "ENCODING mime" before the "FILE"
	command.  To decode the response(s), you will need "munpack" or
	a MIME-compliant mail reader.  Different MIME-compliant mail readers
	exhibit different behavior, especially when dealing with
	"multipart" MIME messages (i.e. documents which have been split
	up into multiple messages), so check your local documentation on
	how to manipulate these messages.

Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.

_______________________________________________
I-D-Announce mailing list
I-D-Announce <at> ietf.org
https://www1.ietf.org/mailman/listinfo/i-d-announce

_______________________________________________
IPFIX mailing list
IPFIX <at> ietf.org
https://www1.ietf.org/mailman/listinfo/ipfix

[IPFIX] RE: please review the IPFIX Implementation Guidelines

_______________________________________________
IPFIX mailing list
IPFIX <at> ietf.org
https://www1.ietf.org/mailman/listinfo/ipfix